[libvirt] Debug the username/passwords
by Bryan Kearney
Hopefully this is the last question I have on the Java drivers. I am
trying to debug the callback from openAuth(). I am passing back what I
think is valid information, but I see in /var/log/messages the following:
Jul 28 16:21:24 localhost libvirtd: sasl step failed -20 (SASL(-13):
user not found: no secret in database)
Is there a way to output what I have passed back in the credential
responses? Setting the following in the /etc/libvirt/libvirtd.conf file
does not seem to increase the logging:
log_level=1
log_outputs="1:stderr 1:syslog:bk 1:file:virsh.log"
and setting LIBVIRT_DEBUG=1,and launching libvirtd from the command line
does not spit out the info.
-- bk
15 years, 3 months
[libvirt] ANNOUNCE: New release virt-manager 0.8.0
by Cole Robinson
I'm happy to announce a new virt-manager release, version 0.8.0. The
release can be downloaded from:
http://virt-manager.org/download.html
The direct download link is:
http://virt-manager.org/download/sources/virt-manager/virt-manager-0.8.0....
This release includes:
- New 'Clone VM' Wizard
- Improved UI, including an overhaul of the main 'manager' view
- System tray icon for easy VM access (start, stop, view console/details)
- Wizard for adding serial, parallel, and video devices to existing VMs.
- CPU pinning support (Michal Novotny)
- Ability to view and change VM security (sVirt) settings (Dan Walsh)
- Many bug fixes and improvements
Thanks to everyone who has contributed to this release through testing,
bug reporting, submitting patches, and otherwise sending in feedback!
Thanks,
Cole
15 years, 3 months
[libvirt] PATCH: Fix remote domain events deadlock
by Daniel P. Berrange
There is a deadlock in the remote driver's dispatch code for domain events.
If your callback triggers a API call that does an RPC call, then the driver
will deadlock. The fix is the same as we did in the QEMU driver. We releae
the lock & re-aquire it, with some extreme cleverness to protect against
people deleting callbacks during the course of dispatch
Daniel
commit e2e6f795dd1832227c7d5c7832596be3642fe6e4
Author: Daniel P. Berrange <berrange(a)redhat.com>
Date: Tue Jul 28 17:45:19 2009 +0100
Fix deadlock in remote driver domain events
* src/remote_internal.c: Release driver lock when dispatching events
to callbacks
diff --git a/src/remote_internal.c b/src/remote_internal.c
index f20ed6e..a58b768 100644
--- a/src/remote_internal.c
+++ b/src/remote_internal.c
@@ -167,6 +167,8 @@ struct private_data {
virDomainEventQueuePtr domainEvents;
/* Timer for flushing domainEvents queue */
int eventFlushTimer;
+ /* Flag if we're in process of dispatching */
+ int domainEventDispatching;
/* Self-pipe to wakeup threads waiting in poll() */
int wakeupSendFD;
@@ -6288,18 +6290,26 @@ static int remoteDomainEventDeregister (virConnectPtr conn,
remoteDriverLock(priv);
- if (virDomainEventCallbackListRemove(conn, priv->callbackList,
- callback) < 0) {
- error (conn, VIR_ERR_RPC, _("removing cb fron list"));
- goto done;
- }
-
- if ( priv->callbackList->count == 0 ) {
- /* Tell the server when we are the last callback deregistering */
- if (call (conn, priv, 0, REMOTE_PROC_DOMAIN_EVENTS_DEREGISTER,
- (xdrproc_t) xdr_void, (char *) NULL,
- (xdrproc_t) xdr_void, (char *) NULL) == -1)
+ if (priv->domainEventDispatching) {
+ if (virDomainEventCallbackListMarkDelete(conn, priv->callbackList,
+ callback) < 0) {
+ error (conn, VIR_ERR_RPC, _("marking cb for deletion"));
goto done;
+ }
+ } else {
+ if (virDomainEventCallbackListRemove(conn, priv->callbackList,
+ callback) < 0) {
+ error (conn, VIR_ERR_RPC, _("removing cb from list"));
+ goto done;
+ }
+
+ if ( priv->callbackList->count == 0 ) {
+ /* Tell the server when we are the last callback deregistering */
+ if (call (conn, priv, 0, REMOTE_PROC_DOMAIN_EVENTS_DEREGISTER,
+ (xdrproc_t) xdr_void, (char *) NULL,
+ (xdrproc_t) xdr_void, (char *) NULL) == -1)
+ goto done;
+ }
}
rv = 0;
@@ -7309,18 +7319,54 @@ done:
remoteDriverUnlock(priv);
}
+static void remoteDomainEventDispatchFunc(virConnectPtr conn,
+ virDomainEventPtr event,
+ virConnectDomainEventCallback cb,
+ void *cbopaque,
+ void *opaque)
+{
+ struct private_data *priv = opaque;
+
+ /* Drop the lock whle dispatching, for sake of re-entrancy */
+ remoteDriverUnlock(priv);
+ virDomainEventDispatchDefaultFunc(conn, event, cb, cbopaque, NULL);
+ remoteDriverLock(priv);
+}
+
void
remoteDomainEventQueueFlush(int timer ATTRIBUTE_UNUSED, void *opaque)
{
virConnectPtr conn = opaque;
struct private_data *priv = conn->privateData;
+ virDomainEventQueue tempQueue;
remoteDriverLock(priv);
- virDomainEventQueueDispatch(priv->domainEvents, priv->callbackList,
- virDomainEventDispatchDefaultFunc, NULL);
+ priv->domainEventDispatching = 1;
+
+ /* Copy the queue, so we're reentrant safe */
+ tempQueue.count = priv->domainEvents->count;
+ tempQueue.events = priv->domainEvents->events;
+ priv->domainEvents->count = 0;
+ priv->domainEvents->events = NULL;
+
+ virDomainEventQueueDispatch(&tempQueue, priv->callbackList,
+ remoteDomainEventDispatchFunc, priv);
virEventUpdateTimeout(priv->eventFlushTimer, -1);
+ /* Purge any deleted callbacks */
+ virDomainEventCallbackListPurgeMarked(priv->callbackList);
+
+ if ( priv->callbackList->count == 0 ) {
+ /* Tell the server when we are the last callback deregistering */
+ if (call (conn, priv, 0, REMOTE_PROC_DOMAIN_EVENTS_DEREGISTER,
+ (xdrproc_t) xdr_void, (char *) NULL,
+ (xdrproc_t) xdr_void, (char *) NULL) == -1)
+ VIR_WARN0("Failed to de-register events");
+ }
+
+ priv->domainEventDispatching = 0;
+
remoteDriverUnlock(priv);
}
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 3 months
[libvirt] [PATCH 00/14] Clean up spec files mess
by Mark McLoughlin
Hey,
I get treated like a war criminal when I make a change in the
Fedora spec file and don't send it upstream, yet there are a whole
heap of changes which haven't been pushed upstream ... only one of
which is mine ... two changes less than DV himself :-)
The following series of patches pulls in the changes from
Fedora which make sense. Some of them I'm not 100% sure of:
- defaulting to policy kit - is there some reason we don't
want that upstream?
- The python cruft thing, not sure its needed
- Converting NEWS to UTF-8 could probably be done upstream
- Requiring libselinux is dubious, doesn't autorequires handle
that?
My final contention is that maintaining these spec files in
the upstream repo actually makes it harder to maintain the Fedora
spec file and helps nobody. Because of half-assed attempts to keep
the two in sync, I ended up having to fix a bunch of stuff and
re-instate another bunch of stuff in Fedora:
- Enable netcf support
- Pass --with-qemu-user=qemu etc. to configure
- Move various requires to the libvirt-client sub-package
- Sync some trivial cleanups from upstream spec file
- Remove explicit libxml2 requires, again
- Build with --without-capng if capng support is disabled
- Remove explicit dir creating in makeinstall, replaced by attr in files
- Set perms on /var/{run,lib,cache}/libvirt/qemu
I really think we should kill these off and just point people
at the Fedora spec file if they're looking for a reference spec file.
I need some very strong rationale before I ever go wasting my
time (2 hours) on this again.
Cheers,
Mark.
15 years, 3 months
[libvirt] [PATCH] Remove MAX_TAP_ID
by Aron Griffis
As far as I can tell, there's no reason to format the device string in
brAddTap(). Delegate the job to TUNSETIFF, thereby removing the loop
and the MAX_TAP_ID artificial limit. This patch allows me to get
421 guests running before hitting other limits.
Signed-off-by: Aron Griffis <aron.griffis(a)hp.com>
---
src/bridge.c | 94 +++++++++++++++++++++-------------------------------------
1 files changed, 34 insertions(+), 60 deletions(-)
diff --git a/.gnulib b/.gnulib
deleted file mode 160000
index b653eda..0000000
--- a/.gnulib
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit b653eda3ac4864de205419d9f41eec267cb89eeb
diff --git a/src/bridge.c b/src/bridge.c
index 0509afd..ec37192 100644
--- a/src/bridge.c
+++ b/src/bridge.c
@@ -49,8 +49,6 @@
#include "util.h"
#include "logging.h"
-#define MAX_TAP_ID 256
-
#define JIFFIES_TO_MS(j) (((j)*1000)/HZ)
#define MS_TO_JIFFIES(ms) (((ms)*HZ)/1000)
@@ -466,76 +464,52 @@ brAddTap(brControl *ctl,
int vnet_hdr,
int *tapfd)
{
- int id, subst, fd;
+ int fd, len;
+ struct ifreq ifr = {0};
if (!ctl || !ctl->fd || !bridge || !ifname)
return EINVAL;
- subst = id = 0;
-
- if (strstr(*ifname, "%d"))
- subst = 1;
-
if ((fd = open("/dev/net/tun", O_RDWR)) < 0)
return errno;
- if (vnet_hdr)
- vnet_hdr = brProbeVnetHdr(fd);
+ ifr.ifr_flags = IFF_TAP|IFF_NO_PI;
- do {
- struct ifreq try;
- int len;
+#ifdef IFF_VNET_HDR
+ if (vnet_hdr && brProbeVnetHdr(fd))
+ ifr.ifr_flags |= IFF_VNET_HDR;
+#endif
- memset(&try, 0, sizeof(struct ifreq));
+ strncpy(ifr.ifr_name, *ifname, IFNAMSIZ-1);
- try.ifr_flags = IFF_TAP|IFF_NO_PI;
+ if (ioctl(fd, TUNSETIFF, &ifr) < 0)
+ goto error;
-#ifdef IFF_VNET_HDR
- if (vnet_hdr)
- try.ifr_flags |= IFF_VNET_HDR;
-#endif
+ len = strlen(ifr.ifr_name);
+ if (len >= BR_IFNAME_MAXLEN - 1) {
+ errno = EINVAL;
+ goto error;
+ }
- if (subst) {
- len = snprintf(try.ifr_name, BR_IFNAME_MAXLEN, *ifname, id);
- if (len >= BR_IFNAME_MAXLEN) {
- errno = EADDRINUSE;
- goto error;
- }
- } else {
- len = strlen(*ifname);
- if (len >= BR_IFNAME_MAXLEN - 1) {
- errno = EINVAL;
- goto error;
- }
-
- strncpy(try.ifr_name, *ifname, len);
- try.ifr_name[len] = '\0';
- }
-
- if (ioctl(fd, TUNSETIFF, &try) == 0) {
- /* We need to set the interface MTU before adding it
- * to the bridge, because the bridge will have its
- * MTU adjusted automatically when we add the new interface.
- */
- if ((errno = brSetInterfaceMtu(ctl, bridge, try.ifr_name)))
- goto error;
- if ((errno = brAddInterface(ctl, bridge, try.ifr_name)))
- goto error;
- if ((errno = brSetInterfaceUp(ctl, try.ifr_name, 1)))
- goto error;
- if (!tapfd &&
- (errno = ioctl(fd, TUNSETPERSIST, 1)))
- goto error;
- VIR_FREE(*ifname);
- if (!(*ifname = strdup(try.ifr_name)))
- goto error;
- if (tapfd)
- *tapfd = fd;
- return 0;
- }
-
- id++;
- } while (subst && id <= MAX_TAP_ID);
+ /* We need to set the interface MTU before adding it
+ * to the bridge, because the bridge will have its
+ * MTU adjusted automatically when we add the new interface.
+ */
+ if ((errno = brSetInterfaceMtu(ctl, bridge, ifr.ifr_name)))
+ goto error;
+ if ((errno = brAddInterface(ctl, bridge, ifr.ifr_name)))
+ goto error;
+ if ((errno = brSetInterfaceUp(ctl, ifr.ifr_name, 1)))
+ goto error;
+ if (!tapfd &&
+ (errno = ioctl(fd, TUNSETPERSIST, 1)))
+ goto error;
+ VIR_FREE(*ifname);
+ if (!(*ifname = strdup(ifr.ifr_name)))
+ goto error;
+ if (tapfd)
+ *tapfd = fd;
+ return 0;
error:
close(fd);
15 years, 3 months
[libvirt] ANNOUNCE: New release virtinst 0.500.0
by Cole Robinson
I'm happy to announce a new virtinst release, version 0.500.0. The
release can be downloaded from:
http://virt-manager.org/download.html
The direct download link is:
http://virt-manager.org/download/sources/virtinst/virtinst-0.500.0.tar.gz
This release includes:
- New virt-install device options --serial, --parallel, and --video
- Allow various auth types for libvirt connections (PolicyKit, SASL, ...)
- New virt-clone option --auto-clone: generates all needed input.
- Option to specify network device model via virt-install --network
(Guido Gunther)
- New virt-install option --virt-type for specifying hypervisor type
(kvm, qemu). --accelerate is now the default behavior: To provision a
plain qemu VM on a KVM enabled host, use '--virt-type qemu'
- OVF input support for virt-convert
- Many bug fixes and improvements
Thanks to everyone who has contributed to this release through testing,
bug reporting, submitting patches, and otherwise sending in feedback!
Thanks,
Cole
15 years, 3 months
[libvirt] [PATCH] qemu: fix missing ifname in qemu argument
by Ryota Ozaki
Hi,
This patch adds missing ifname, which is a tap name for network/bridge
configuration, in qemu argument of -net. Without this patch, a specified
tap name, e.g., <target dev='tap01'/>, in a domain XML will be ignored.
Thanks,
ozaki-r
>From feeca4f2cecf5c6836f7aec6e004585f3b855bed Mon Sep 17 00:00:00 2001
From: Ryota Ozaki <ozaki.ryota(a)gmail.com>
Date: Tue, 28 Jul 2009 23:46:12 +0900
Subject: [PATCH] qemu: fix missing ifname in qemu argument
---
src/qemu_conf.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/qemu_conf.c b/src/qemu_conf.c
index 4fe4e39..48bf928 100644
--- a/src/qemu_conf.c
+++ b/src/qemu_conf.c
@@ -1187,11 +1187,13 @@ qemuBuildHostNetStr(virConnectPtr conn,
switch (net->type) {
case VIR_DOMAIN_NET_TYPE_NETWORK:
case VIR_DOMAIN_NET_TYPE_BRIDGE:
- if (virAsprintf(str, "%stap%cfd=%s,vlan=%d%s%s",
+ if (virAsprintf(str, "%stap%cfd=%s,vlan=%d%s%s%s%s",
prefix ? prefix : "",
type_sep, tapfd, vlan,
(net->hostnet_name ? ",name=" : ""),
- (net->hostnet_name ? net->hostnet_name : "")) < 0) {
+ (net->hostnet_name ? net->hostnet_name : ""),
+ (net->ifname ? ",ifname=" : ""),
+ (net->ifname ? net->ifname : "")) < 0) {
virReportOOMError(conn);
return -1;
}
--
1.6.0.6
15 years, 4 months
Re: [libvirt] VMware support and libcurl on rhel-u1
by Shahar Klein
apperantly I needed to unset CURLOPT_SSL_VERIFYHOST as well
patched that and it is working now
10x
Shahar
________________________________
From: Tom Hughes <tom(a)compton.nu>
To: Shahar Klein <shaharklein(a)yahoo.com>
Sent: Monday, July 27, 2009 2:36:32 PM
Subject: Re: [libvirt] VMware support and libcurl on rhel-u1
On 27/07/09 12:33, Shahar Klein wrote:
> this is what I thought but it doesn't work for me:
>
> [root@rain8 libvirt]# virsh -c esx://rain3?transport=http
> Enter username for rain3 [root]:
> Enter root password for rain3:
> error: internal error curl_easy_perform() returned an error: SSL peer
> certificate was not ok (51)
> error: failed to connect to the hypervisor
>
> maybe because I'm using curl 7.15?
That looks like it is still checking the certificate. Are you sure you're not still running the unpatched one somehow?
I'm running curl 7.19.4 which isn't that different - does the curl_easy_setopt manual page mention the CURLOPT_SSL_VERIFYPEER option?
Tom
-- Tom Hughes (tom(a)compton.nu)
http://www.compton.nu/
15 years, 4 months
