[libvirt] [PATCH] add nwfilter functions to virsh man page
by Stefan Berger
Unfortunately after the 0.8.0 release, but here's a beginning of the
documentation of the nwfilter functionality.
Signed-off-by; Stefan Berger <stefanb(a)us.ibm.com>
---
tools/virsh.pod | 53
+++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 53 insertions(+)
Index: libvirt-acl/tools/virsh.pod
===================================================================
--- libvirt-acl.orig/tools/virsh.pod
+++ libvirt-acl/tools/virsh.pod
@@ -840,6 +840,59 @@ children of this snapshot.
=back
+=head1 NWFILTER COMMMANDS
+
+The following commands manipulate network filters. Network filters
allow
+to filter the network traffic comming from and going to virtual
machines.
+Individual network traffic filters are written in XML, may contain
+references to other network filters, describe traffic filtering rules,
+or contain both. Network filters are referenced by virtual machines
+from within their interface description. A network filter may be
referenced
+by multiple virtual machines' interfaces.
+
+=over 4
+
+=item B<nwfilter-define> I<xmlfile>
+
+Make a new network filter known to libvirt. If a network filter with
+the same name already exists, it will be replaced with the new XML.
+Any running virtual machine referencing this network filter will have
+its network traffic rules adapted. If for any reason the network
traffic
+filtering rules cannot be instantiated by any of the running virtual
+machines, then the new XML will be rejected.
+
+=item B<nwfilter-undefine> I<nwfilter-name>
+
+Delete a network filter. The deletion will fail if any running virtual
+machine is currently using this network filter.
+
+=item B<nwfilter-list>
+
+List all of the available network filters.
+
+=item B<nwfilter-dumpxml> I<nwfilter-name>
+
+Output the network filter XML.
+
+=item B<nwfilter-edit> I<nwfilter-name>
+
+Edit the XML of a network filter.
+
+This is equivalent to:
+
+ virsh nwfilter-dumpxml myfilter > myfilter.xml
+ edit myfilter.xml
+ virsh nwfilter-define myfilter.xml
+
+except that it does some error checking.
+The new network filter may be rejected due to the same reason as
+mention in I<nwfilter-define>.
+
+The editor used can be supplied by the C<$VISUAL> or C<$EDITOR>
environment
+variables, and defaults to C<vi>.
+
+=back
+
=head1 ENVIRONMENT
The following environment variables can be set to alter the behaviour
14 years, 7 months
[libvirt] cannot start a qemu64 model on an Intel host
by Dan Kenigsberg
If I specify
<cpu match="exact">
<model>qemu64</model>
</cpu>
according to the new cpu schema, I get
error: internal error guest CPU is not compatible with host CPU
because qemu64 supports svm, and my host does not.
However, the error remains when I explicitly ask to disable svm with
<feature policy="disable" name="svm"/>
I am not sure if this is a bug or an intended feature, but I'd expect
cpu_disable taken into account when doing
x86ModelCompare(host_model, cpu_require)
Regards,
Dan.
14 years, 7 months
[libvirt] Release of libvirt-0.8.0
by Daniel Veillard
After heroic efforts in the last couple of weeks it is out !
That's by large the release packed with most new features ever, and the
changelog is simply huge. I hope we didn't introduce too many bugs,
but we certainly fixed a very large amount in the first place !
Tarball is available as usual from
ftp://libvirt.org/libvirt/
And I won't try to sumarize the following !
Features:
- esx: Add domain snapshot support (Matthias Bolte)
- Snapshot API framework. (Chris Lalancette)
- Add managed save API entry points (Daniel Veillard)
- timer subselection for domain clock (Laine Stump)
- Add hook utilities (Daniel Veillard)
- cpuUpdate() for updating guest CPU according to host CPU (Jiri Denemark)
- Network filtering API (Stefan Berger)
- Introduce a new virDomainUpdateDeviceFlags public API (Daniel P. Berrange)
- Introduce a new public API for domain events (Daniel P. Berrange)
- Public virDomainMigrateSetMaxDowntime API (Jiri Denemark)
- Add public API for volume wiping (David Allan)
- xenapi: Initial commit of the new driver (Sharadha Prabhakar)
Documentation:
- Add documentation for synchronous hooks (Daniel Veillard)
- Small fixes to virsh man page (Luiz Capitulino)
- Avoid using multicast addresses for Ethernet MAC examples (redshift)
- Fix unterminated B<...> in virsh man page (Jiri Denemark)
- Document all options of virsh dumpxml (Jiri Denemark)
- virsh: improve documentation (Eric Blake)
- Document snapshot virsh commands in the man page. (Chris Lalancette)
- Website documentation for the snapshot XML. (Chris Lalancette)
- website: Add archive link for libvirt-users list (Matthias Bolte)
- virsh: improve man page (Eric Blake)
- Mention direct device support since 0.7.7 in docs (Stefan Berger)
- esx: Improve documentation about remote URIs (Matthias Bolte)
- doc: fix typos in hacking.html.in; mark HACKING as read-only (Jim Meyering)
- doc: fix more typos in HACKING (Jim Meyering)
- hacking: add a section on preprocessor conventions (Eric Blake)
- hacking: fix typos (Eric Blake)
- Update hacking.html.in (David Allan)
Portability:
- Fix Win32 portability problems (Daniel P. Berrange)
- This patch fixes some compilation issues for the RHEL5 build (Stefan Berger)
- util: Add stubs for some functions on Windows (Matthias Bolte)
- Add HAVE_PTHREAD_H guard for pthread_sigmask (Matthias Bolte)
- bootstrap: Enable copy-mode for MinGW builds (Matthias Bolte)
- util: Handle lack of (f)chmod and (f)chown on Windows (Matthias Bolte)
- bootstrap: Remove rsync from buildreq list (Matthias Bolte)
- Make sure virtTestCaptureProgramOutput has a body on Windows (Matthias Bolte)
- Fix export of virConnectAuthPtrDefault for MinGW builds (Matthias Bolte)
- Make sure uid_t and gid_t are available (Matthias Bolte)
Bug Fixes:
- nwfilter: Fix memory leak on daemon init and shutdown (Stefan Berger)
- More event callback fixes (Daniel P. Berrange)
- Fix error in nwfilter test driver (Stefan Berger)
- qemu: catch cdrom change error (Ryan Harper)
- nwfilter: fix for directionality of ICMP traffic (Stefan Berger)
- Fix CPU comparison for x86 arch (Jiri Denemark)
- Don't ignore guest CPU selection when unsupported by HV (Jiri Denemark)
- domain_event.c: don't deref NULL on an OOM error path (Jim Meyering)
- nwfiler: fix due to non-symmetric src mac address match in iptables (Stefan Berger)
- qemu_driver.c: don't close an arbitrary file descriptor (Jim Meyering)
- Add VIR_DOMAIN_XML_INACTIVE flag when parsing domain XML (Jamie Strandboge)
- virt-aa-helper should not fail if profile was removed (Jamie Strandboge)
- Do nor clear caps when invoking virt-aa-helper (Jamie Strandboge)
- virterror.c: avoid erroneous case "fall-through" (Jim Meyering)
- Increase the number of available VNC ports. (Chris Lalancette)
- Only assign newDef when we have a new def. (Chris Lalancette)
- nwfilter: Fix random index in virNWFilterRuleDefDetailsFormat (Matthias Bolte)
- xenapi: Fix uninitialized variable warning (Matthias Bolte)
- Add a missing break statement to nwfilter errors. (Chris Lalancette)
- VBox: Fix use of uninitialized value (Jiri Denemark)
- Allow domain disk images on root-squash NFS to coexist with security driver. (Laine Stump)
- Don't use virFileReadLimFD in qemuDomainRestore. (Chris Lalancette)
- nwfilter's XML parser bug fixes (Stefan Berger)
- ESX test case needs '/' in interface name (Stefan Berger)
- Fix linker errors in proxy (Matthias Bolte)
- virConnectGetLibVersion: Avoid error message on success. (Paolo Smiraglia)
- Fix daemon hook script initialization (Daniel Veillard)
- Fix QEMU cpu affinity at startup to include all threads (Daniel P. Berrange)
- Fix "make check" run requesting authentication (Stefan Berger)
- Don't replace persistent domain config with migrated config (Jiri Denemark)
- Fix build break (David Allan)
- esx: Make the conf parser compare names case insensitive in VMX mode (Matthias Bolte)
- vbox: Fix segfault on empty device source (Matthias Bolte)
- python example: poll(-0.001) does not sleep forever (Philipp Hahn)
- Fix error reporting when parsing CPU XML strings (Jiri Denemark)
- virDiskNameToIndex: ignore trailing digits (Jim Meyering)
- esx: Fix potential memory leak in esxVI_BuildFullTraversalSpecItem (Matthias Bolte)
- Avoid libvirtd crash when cgroups is not configured on host (Jim Fehlig)
- security: selinux: Fix crash when releasing non-existent label (Cole Robinson)
- Don't crash without a security driver (Guido Günther)
- qemu: Fix FD leak in qemudStartVMDaemon (Matthias Bolte)
- util: ensure virMutexInit is not recursive (Eric Blake)
- Fix logroate rpm build breakage (Daniel Veillard)
- Fix LSB compliance of init script (Daniel Veillard)
- python: Fix networkLookupByUUID (Philip Hahn)
- Fix make dist with XenAPI changes (Cole Robinson)
- xenapi: Don't leak url and caps in case of error (Matthias Bolte)
- xenapi: Check for NULL before accessing the scheme (Matthias Bolte)
- xenapi: Request a username if there is non in the URI (Matthias Bolte)
- xenapi: Check for valid private data in xenapiSessionErrorHandle (Matthias Bolte)
- Use fsync() at the end of file allocation instead of O_DSYNC (Jiri Denemark)
- security: Set permissions for kernel/initrd (Cole Robinson)
- qemu: Fix USB by product with security enabled (Cole Robinson)
- Make nodeGetInfo report the correct number of NUMA nodes. (Chris Lalancette)
- Fix crash in virsh after bogus command (Chris Lalancette)
- Fix virsh command 'cd' (Chris Lalancette)
- Fix hang in qemudDomainCoreDump. (Chris Lalancette)
- Make sure qemudDomainSetVcpus doesn't hang. (Chris Lalancette)
- Fix a JSON CPU information bug. (Chris Lalancette)
- Free resources on error in udev startup (David Allan)
- Fix up nodeinfo parsing code. (Chris Lalancette)
- Wipe nodeinfo structure before filling it (Jiri Denemark)
- macvtap build detection fix (Stefan Berger)
- Fix virDomainGetXMLDesc cache settings output (Soren Hansen)
- Fix locking in qemudDomainMemoryStats (Adam Litke)
- qemu restore: don't let corrupt input provoke unwarranted OOM (Jim Meyering)
- virFileReadLimFD: diagnose maxlen <= 0, rather than passing it on... (Jim Meyering)
- xen: don't let bogus packets trigger over-allocation and segfault (Jim Meyering)
Improvements:
- Rename virsh "revert-to-snapshot" to "snapshot-revert" (Chris Lalancette)
- nwfilter: Process DHCP option to determine whether packet is a DHCP_OFFER (Stefan Berger)
- Add enospace option to qemu disk error policy (David Allan)
- nwfilter: More XML parser test cases (Stefan Berger)
- remote: Replace some virRaiseError with remoteError (Matthias Bolte)
- Generate libvirt.def from libvirt.syms (Matthias Bolte)
- Fix up python bindings for new event callbacks (Daniel P. Berrange)
- esx: Allow 'lsisas1068' as SCSI controller type (Matthias Bolte)
- esx: Report an error for invalid arguments in esxList(Defined)Domains (Matthias Bolte)
- nwfilter: Support for learning a VM's IP address (Stefan Berger)
- Properly advertise cpuselection guest capability (Jiri Denemark)
- Update of the apparmor regression tests (Jamie Strandboge)
- Improve the apparmor example (Jamie Strandboge)
- Improve virt-aa-helper to handle SDL graphics and cleanups (Jamie Strandboge)
- Adjust virt-aa-helper to handle pci devices (Jamie Strandboge)
- Add backingstore support to apparmor (Jamie Strandboge)
- build: avoid autogen on 'make clean' (Eric Blake)
- Add filter schema for nwfilter XML, extend domain XML schema (Stefan Berger)
- Add filter schema for nwfilter XML, extend domain XML schema (Stefan Berger)
- nwfilter: Fix instantiated layer 2 rules for 'inout' direction (Stefan Berger)
- Better error reporting in virsh. (Chris Lalancette)
- Snapshot virsh implementation. (Chris Lalancette)
- Snapshots for VBox (Jiri Denemark)
- Snapshot QEMU driver. (Chris Lalancette)
- Snapshot internal methods. (Chris Lalancette)
- xenapi: Add managedsave entries to the driver struct (Matthias Bolte)
- Add a managedsave command to virsh (Daniel Veillard)
- Implement managed save operations for qemu driver (Daniel Veillard)
- Implement remote protocol for managed save (Daniel Veillard)
- build: improve check for out-of-date .gnulib submodule (Eric Blake)
- optimizes the validation of the name of an interface (Stefan Berger)
- adds a couple of test cases for the XML parsing test suite (Stefan Berger)
- build: import latest gnulib (Eric Blake)
- Changes to clock timer XML to match final design. (Laine Stump)
- Keep build quiet for generated file (Daniel P. Berrange)
- Keep track of guest paused state after disk IO / watchdog events (Daniel P. Berrange)
- virsh: add 'exit' as an alias for 'quit' (Eric Blake)
- maint: mark xenapiSessionErrorHandler messages for translation (Jim Meyering)
- Blank out invalid interface names with escaped letters etc. (Stefan Berger)
- esx: Generate most SOAP mapping and improve inheritance handling (Matthias Bolte)
- Distribute nwfilter xml files and add them to rpm (Daniel Veillard)
- Make sure nwfilter headers are part of distribution (Daniel Veillard)
- maint: show which compiler warning triggered (Eric Blake)
- build: automate the rerun of autogen.sh (Eric Blake)
- makes the entries in the int-2-string maps more readable (Stefan Berger)
- Add ip6tables support for IPv6 filtering (Stefan Berger)
- Add support for so-far missing protocols for iptables filtering (Stefan Berger)
- Implement the qemu-kvm backend of clock timer elements (Laine Stump)
- Add flags to indicate presence of timekeeping-related qemu options (Laine Stump)
- Add timer element to domain schema (Laine Stump)
- virsh: support VISUAL, and allow metacharacters in EDITOR (Eric Blake)
- Add dummy nwfilter driver to test driver (Stefan Berger)
- Add script hook support to the LXC driver (Daniel Veillard)
- Add script hook support to the QEmu driver (Daniel Veillard)
- Add the script hook support to the libvirt daemon (Daniel Veillard)
- Add an error module and message for the hooks subsystem (Daniel Veillard)
- Export virPipeReadUntilEOF internally (Daniel Veillard)
- Introduce UPDATE_CPU flag for virDomainGetXMLDesc (Jiri Denemark)
- Helper function for making a copy of virCPUDefPtr (Jiri Denemark)
- filter new files through cppi, so syntax-check passes once again (Jim Meyering)
- Add disk error policy to domain XML (David Allan)
- build: don't lose prior configure args on autogen.sh (Eric Blake)
- build: update gnulib (Eric Blake)
- Add some examples filters (Stefan Berger)
- Extensions for iptables rules (Stefan Berger)
- Add IPv6 support for the ebtables layer (Stefan Berger)
- Add qemu support (Stefan Berger)
- Core driver implementation with ebtables support (Stefan Berger)
- Add XML parser extensions for network filtering (Stefan Berger)
- Add virsh support for new CLI commands (Stefan Berger)
- Definition of the wire format, RPC client & server (Stefan Berger)
- Add Network filtering internal API (Stefan Berger)
- Add Network filtering public API (Stefan Berger)
- Add recursive locks (Stefan Berger)
- Implement VNC password change in QEMU (Daniel P. Berrange)
- Allow parsing <graphics> in device XML (Daniel P. Berrange)
- Introduce a update-device command in virsh (Daniel P. Berrange)
- Implement virDomainUpdateDeviceFlags API in all drivers with media change (Daniel P. Berrange)
- Remote protocol impl for virDomainUpdateDeviceFlags (Daniel P. Berrange)
- Add domain events for graphics network clients (Daniel P. Berrange)
- Add support for an explicit IO error event (Daniel P. Berrange)
- Add support for an explicit watchdog event (Daniel P. Berrange)
- Add support for an explicit RTC change event (Daniel P. Berrange)
- Add support for an explicit guest reboot event (Daniel P. Berrange)
- Rename domain lifecycle event message (Daniel P. Berrange)
- Convert domain events example to new API (Daniel P. Berrange)
- Remote driver & daemon impl of new event API (Daniel P. Berrange)
- Support new event register/deregister APis in all drivers except remote (Daniel P. Berrange)
- Add new internal domain events APIs for handling other event types (Daniel P. Berrange)
- Refactor domain events to handle multiple event types (Daniel P. Berrange)
- Make internal domain events struct definitions private (Daniel P. Berrange)
- tests: teach syntax-check that virDomainDefFree has free-like semantics (Jim Meyering)
- Add entry point logging for cpu functions (Jiri Denemark)
- build: suppress distracting build output (Jim Meyering)
- maint: add syntax-check rule to prohibit use of test's -a operator (Jim Meyering)
- tests: shell script portability and clean-up (Jim Meyering)
- tests: Don't add extra padding if counter mod 40 is 0 (Matthias Bolte)
- Use common XML parsing functions (Jiri Denemark)
- Introduce XML parsing utility functions (Jiri Denemark)
- virDomainDiskDefAssignAddress: return int, not void (Jim Meyering)
- tests: do not use the ":disk" suffix in sample xml input (Jim Meyering)
- util: Make some conditional symbols unconditional (Matthias Bolte)
- Export conditional state driver symbols only when they are defined (Matthias Bolte)
- esx: Add esxVI_LookupVirtualMachineByName (Matthias Bolte)
- esx: Generate method mappings via macros (Matthias Bolte)
- Add migrate-setmaxdowntime command to virsh (Jiri Denemark)
- Implement virDomainMigrateSetMaxDowntime in qemu driver (Jiri Denemark)
- Implement virDomainMigrateSetMaxDowntime in remote driver (Jiri Denemark)
- Wire protocol and dispatcher for virDomainMigrateSetMaxDowntime (Jiri Denemark)
- Internal driver API for virDomainMigrateSetMaxDowntime (Jiri Denemark)
- Virsh support for vol wiping (David Allan)
- Simplified version of volume wiping based on feedback from the list. (David Allan)
- Implement remote bits for vol wiping (David Allan)
- Implement the public API for vol wiping (David Allan)
- Define the internal driver API for vol wiping (David Allan)
- Support vhost-net mode at qemu startup for virtio network devices (Laine Stump)
- maint: enforce recent N_ usage (Eric Blake)
- Allow suspend during live migration (Jiri Denemark)
- do not require two ./autogen.sh runs to permit "make" (Jim Meyering)
- esx: Move username and password helper functions to authhelper.c (Matthias Bolte)
- Use WARN_CFLAGS when compiling virsh.c (Jiri Denemark)
- qemu: Add some debugging at domain startup (Cole Robinson)
- qemu: pass the information when disks are read-only (Daniel Veillard)
- macvtap: Only export symbols if support is enabled (Matthias Bolte)
- Only use the numa functions when they are available. (Chris Lalancette)
- Allow devices without a parent (Ed Swierk)
- build: change to gnulib module list should rerun bootstrap (Eric Blake)
- build: enforce preprocessor indentation (Eric Blake)
- build: update gnulib submodule to newer (but not latest) (Jim Meyering)
- Make virsh reconnect when losing connection (Daniel Veillard)
- Change logrotate to be per-hypervisor logs (Daniel Veillard)
- build: consistently indent preprocessor directives (Eric Blake)
- virsh: use N_ rather than gettext_noop (Eric Blake)
- virsh: fix existing N_ uses (Eric Blake)
- Get thread and socket information in virsh nodeinfo. (Chris Lalancette)
- Eliminate large stack buffer in doTunnelSendAll (Laine Stump)
- build: consistently use C99 varargs macros (Eric Blake)
Cleanups:
- Fix some cppi prepocessor indentation issues (Daniel Veillard)
- Cleanup the msg_gen_function list in cfg.mk (Matthias Bolte)
- remote: Remove virConnectPtr from error/errorf (Matthias Bolte)
- Remove undefined symbols from symbols file (Matthias Bolte)
- Add missing nwfilter_learnipaddr.c to POTFILES.in (Daniel P. Berrange)
- Avoid searching for windres when not building for Windows (Diego Elio Pettenò)
- Executable does not belong into repository. (Stefan Berger)
- xenXMDomainDefineXML: remove dead store and useless/leaky virGetDomain (Jim Meyering)
- createRawFileOpHook: avoid dead stores (Jim Meyering)
- qemudDomainGetSecurityLabel: avoid dead store to "type" (Jim Meyering)
- Cleanup x86Compute() (Jiri Denemark)
- qemuDomainSnapshotLoad: avoid dead store (Jim Meyering)
- maint: s/initialis/initializ/ (Eric Blake)
- Fix 'avialable' typo (Matthias Bolte)
- macvtap: Remove virConnectPtr from ReportError (Matthias Bolte)
- phyp: Remove virConnectPtr from PHYP_ERROR (Matthias Bolte)
- esx: Mark error messages for translation (Matthias Bolte)
- vbox: Mark all error messages for translation (Matthias Bolte)
- Clarify an error message in setmem. (Chris Lalancette)
- Fix up comments for isEncrypted, isSecure, domainIsActive, and domainIsPersistent. (Chris Lalancette)
- Fix compiler warning about unused conn parameter (Matthias Bolte)
- openvz: Remove virConnectPtr from openvzError (Matthias Bolte)
- one: Remove virConnectPtr from oneError (Matthias Bolte)
- uml: Remove virConnectPtr from umlReportError (Matthias Bolte)
- Remove virConnectPtr from eventReportError (Matthias Bolte)
- Remove virConnectPtr from virLibConnError (Matthias Bolte)
- xen: Remove virConnectPtr from xenUnifiedError (Matthias Bolte)
- Remove virConnectPtr from nodeReportError (Matthias Bolte)
- netcf: Remove virConnectPtr from interfaceReportError (Matthias Bolte)
- xen: Remove virConnectPtr from virXenInotifyError (Matthias Bolte)
- xen: Remove virConnectPtr from virXenStoreError (Matthias Bolte)
- xen: Remove virConnectPtr from virXenError/virXenErrorFunc (Matthias Bolte)
- xen: Remove virConnectPtr from virXMError (Matthias Bolte)
- xen: Remove virConnectPtr from virXendError (Matthias Bolte)
- proxy: Remove virConnectPtr from virProxyError (Matthias Bolte)
- vbox: Remove virConnectPtr from vboxError (Matthias Bolte)
- test: Remove virConnectPtr from testError (Matthias Bolte)
- Remove unnecessary trailing \n in log messages (Matthias Bolte)
- Fix compiler warning about non-literal format string (Matthias Bolte)
- removes the virConnectPtr parameter where not necessary (Stefan Berger)
- Clarified error message (David Allan)
- Eliminate compiler warning about non-const format string (Laine Stump)
- Get rid of the regular expressions (Stefan Berger)
- Use the virStrToLong_ui() function rather than virStrToLong_i() (Stefan Berger)
- Make virDomainLoadConfig static. (Chris Lalancette)
- Eliminate compile warnings in nwfilter error log calls (Laine Stump)
- Only parse 'CPU XML' in virCPUDefParseXML() (Jim Fehlig)
- Replace sscanf in PCI device address parsing (Matthias Bolte)
- xen: Use virStrToLong_i instead of sscanf for XenD port parsing (Matthias Bolte)
- xenapi: Use virStrToLong_i instead of sscanf for CPU map parsing (Matthias Bolte)
- openvz: Use strtok_r instead of sscanf for VPS UUID parsing (Matthias Bolte)
- xen: Use virParseMacAddr instead of sscanf (Matthias Bolte)
- vbox: Replace atoi with virStrToLong_i (Matthias Bolte)
- cgroup: Replace sscanf with virStrToLong_ll (Matthias Bolte)
- Refactor major.minor.micro version parsing into a function (Matthias Bolte)
- Replace sscanf in nwfilter rule parsing (Matthias Bolte)
- Replace sscanf in legacy device address parsing (Matthias Bolte)
- build: more fallout from test -a (Eric Blake)
- Fix apibuild.py warning about virNWFilterLookupByUUIDString (Matthias Bolte)
- maint: remove redundant tests after virStrToLong (Eric Blake)
- maint: update AUTHORS (Eric Blake)
- maint: fix cpp indentation syntax-check failure (Jim Meyering)
- Add virt-aa-helper and secaatest to .gitignore (Matthias Bolte)
- esx: Remove redundant semicolons (Matthias Bolte)
- Use libvirt's existing ipv6/ipv4 parser/printer (Stefan Berger)
- Remove driver dependency from nwfilter_conf.c (Stefan Berger)
- Fix a merge error leftover (Daniel Veillard)
- Use enum of virDomainNetType (Stefan Berger)
- Silence cppi syntax-check warning (Daniel Veillard)
- maint: update syntax-check rule to also catch test's -o operator (Eric Blake)
- build: don't use "test cond1 -o cond2": it's not portable (Eric Blake)
- build: don't use "test cond1 -a cond2" in configure: it's not portable (Jim Meyering)
- Remove interfaceRegister from libvirt_private.syms (Matthias Bolte)
- esx: Cleanup file header comments (Matthias Bolte)
- maint: enforce recent copyright style (Eric Blake)
- maint: make Red Hat copyright notices consistent (Eric Blake)
- maint: fix typo (Eric Blake)
- docs: <pre> cannot be nested in <p> (Matthias Bolte)
- .gitignore: Ignore generated daemon/libvirtd.logrotate (Cole Robinson)
- phyp: Use virRequestUsername and virRequestPassword (Matthias Bolte)
- fix two "make syntax check" failures (Jim Meyering)
- Fix syntax-check errors (Jiri Denemark)
- Fix error messages in qemu text monitor (Jiri Denemark)
- Fix compiler warnings in virsh.c (Laine Stump)
- Silence compiler complaints about non-literal format strings (Laine Stump)
- Remove qemudDomainSetMaxMemory. (Chris Lalancette)
- Fix copy&paste typos in virProcessInfoGetAffinity (Jiri Denemark)
- AUTHORS: add recent contributors (Eric Blake)
- Fix format string warnings (Laine Stump)
- ebtablesAddRemoveRule: avoid dead store (Jim Meyering)
- virInterfaceDefParseBond: avoid dead stores (Jim Meyering)
- xenXMDomainConfigParse: avoid dead store (Jim Meyering)
- qemuMonitorTextGetMemoryStats: decrease risk of false positive in parsing (Jim Meyering)
A lot of people helped for this release, including a number of new
contributors, so let's all enjoy before the bugs start to pop up :-) !
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
14 years, 7 months
[libvirt] Documentation for synchronous hooks
by Daniel Veillard
Was still missing from main commits and would be needed for 0.8.0
Add documentation for synchronous hooks
* docs/sitemap.html.in: add in navigation under
Documentation/Deployment/Hooks
* docs/hooks.html.in: new doc describing current support for 0.8.0
diff --git a/docs/hooks.html.in b/docs/hooks.html.in
new file mode 100644
index 0000000..4ebeec3
--- /dev/null
+++ b/docs/hooks.html.in
@@ -0,0 +1,71 @@
+<?xml version="1.0"?>
+<html>
+ <body>
+ <h1>Hooks for specific system management</h1>
+ <p>Libvirt includes synchronous hooks starting from version 0.8.0,
+ this is a way to tie specific tailored system actions at specific
+ time. This is based on scripts being called on the Host where the
+ hypervisor is running, if the script is present when the libvirtd
+ daemon is doing some significant actions.</p>
+ <p>The scripts are expected to execute quickly, return a zero exit
+ status if all conditions are set for the daemon to continue the
+ action (non zero will be considered a failure which may
+ be ignored but in general will stops the ongoing operation).
+ The script also should not call back into libvirt as the daemon
+ is waiting for the script exit and deadlock is likely to occur
+ otherwise.</p>
+ <p>The scripts are stored in the directory <code>/etc/libvirt/hooks/</code>
+ when using a standard installation path
+ (<code>$SYSCONF_DIR/libvirt/hook/</code> in general).</p>
+ <p>The scripts gets arguments as parameter on their command line:</p>
+ <ul>
+ <li> the first argument is the name of the object involved in the
+ operation or '-' if there is none.
+ <li> the second argument is the name of the operation.
+ <li> the third argument is a suboperation indication like 'start'
+ 'end' or '-' if there is none.
+ <li> the last argument is an extra argument string or '-' if there
+ is none.
+ </ul>
+ <p>There is currently scripts for 3 domains of operation:
+ <ul>
+ <li><p><code>/etc/libvirt/hooks/daemon</code> script if
+ present is called at 3 points in time:</p>
+ <p>at daemon startup, typically started with the following
+ arguments:</p>
+ <pre>/etc/libvirt/hooks/daemon - start - start</pre>
+ <p>at daemon shutdown when it is about to exit, with the following
+ arguments:</p>
+ <pre>/etc/libvirt/hooks/daemon - shutdown - shutdown</pre>
+ <p>When the daemon is asked to reload its driver state when
+ receiving the SIGHUP signal, arguments are:</p>
+ <pre>/etc/libvirt/hooks/daemon - reload begin SIGHUP</pre>
+ </li>
+ <li><p><code>/etc/libvirt/hooks/qemu</code> script and <br/>
+ <code>/etc/libvirt/hooks/lxc</code> to associate hooks for domain
+ operation on the respective QEmu/KVM and LXC drivers.</p>
+ <p> The domain related hooks also receive the full XML description
+ for the concerned domain on their stdin, which allows to get
+ all the informations from the domain, including UUID or storage
+ if that is needed for the script operation.</p>
+ <p> Currently only domain startup and domain end operations
+ involve the hook, the first one just before the domain gets
+ created.
+ For example if starting a QEmu domain named <code>test</code>
+ the following script will get called:</p>
+ <pre>/etc/libvirt/hooks/qemu test start begin -</pre>
+ <p> note that a non-zero return value from the script will abort the
+ domain startup operation, and if an error string is passed on
+ stderr by the hook script, it will be provided back to the user
+ at the libvirt API level.</p>
+ <p> For domain shutdown, the script will be called just after the
+ domain has finished execution, and the script will get:</p>
+ <pre>/etc/libvirt/hooks/qemu test stopped end -</pre>
+ <p> It is expected that other operation will be associated to hooks
+ but at the time of 0.8.0 only those 2 are associated to domains
+ lifecycle</p>
+ </li>
+ </ul>
+ <p></p>
+ </body>
+</html>
diff --git a/docs/sitemap.html.in b/docs/sitemap.html.in
index 0c3f0c3..0117c8d 100644
--- a/docs/sitemap.html.in
+++ b/docs/sitemap.html.in
@@ -50,6 +50,10 @@
<a href="logging.html">Logging</a>
<span>The library and the daemon logging support</span>
</li>
+ <li>
+ <a href="hooks.html">Hooks</a>
+ <span>Hooks for system specific management</span>
+ </li>
</ul>
</li>
<li>
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
14 years, 7 months
[libvirt] [PATCH v1 0/2] Add missing protocol filters for IPv4 and add IPv6 support
by Stefan Berger
The first one of the following two patches adds support for filtering
of ah, esp and udplite protocols. The 2nd one adds support for filtering
of IPv6 traffic. With this now nearly all protocols of IPv4 and IPv6
(except mh) as supported by iptables/ip6tables are reachable via the
filtering XML. Some features of those protocols still need support
in data structures and XML attributes, though.
Another thing that's missing is support for filtering of IPv6's NDP traffic
(IPv6 equivalent of ARP) but there's no support for this in ebtables.
Regards,
Stefan
14 years, 7 months
[libvirt] migration flags
by Kenneth Nagin
Could someone explain the usage of the following migration flags:
--p2p
--direct
--tunneled
--persistent
Kenneth Nagin
14 years, 7 months
[libvirt] creating domain with same name and different UUID
by Nikola Ciprich
Hello,
I have small problem with libvirt, which I'm trying to solve...
I'm using defineXML function to create KVM machines.
from time to time, I need to delete the domain, and create new one with the same name.
every newly created domain has new UUID.
and this is where the problem starts, defineXML function documentation
tells that previous definition domain would be overriden if it already exists,
but it ends up with following error:
libvir: Domain Config error : operation failed: domain 'vmnci01' already exists with uuid 8d9795b3-461e-11df-9882-00304834195b
Traceback (most recent call last):
File "/usr/libexec/vm2.py", line 173, in ?
vm.start()
File "/usr/libexec/vmmain2.py", line 433, in start
self.dom = self.svconn.defineXML(self.xmldef.vm.domain.xml())
File "/usr/lib64/python2.4/site-packages/libvirt.py", line 1120, in defineXML
if ret is None:raise libvirtError('virDomainDefineXML() failed', conn=self)
libvirt.libvirtError: operation failed: domain 'vmnci01' already exists with uuid 8d9795b3-461e-11df-9882-00304834195b
If I try to undefine domain first, it still seems to behave weirdly:
[root@vbox1 libexec]# vm __start__ vmnci01
undefining domain...
Starting HVM guest vmnci01
libvir: QEMU error : Domain not found: no domain with matching uuid '8d9795b3-461e-11df-9882-00304834195b'
Traceback (most recent call last):
File "/usr/libexec/vm2.py", line 173, in ?
vm.start()
File "/usr/libexec/vmmain2.py", line 436, in start
self.dom.create()
File "/usr/lib64/python2.4/site-packages/libvirt.py", line 300, in create
if ret == -1: raise libvirtError ('virDomainCreate() failed', dom=self)
libvirt.libvirtError: Domain not found: no domain with matching uuid '8d9795b3-461e-11df-9882-00304834195b'
Could anybody help me with this? Am I doing something wrong?
Currently, I'm using libvirt-0.7.6
Thanks a lot in advance!
with best regards
nik
A
--
-------------------------------------
Ing. Nikola CIPRICH
LinuxBox.cz, s.r.o.
28. rijna 168, 709 01 Ostrava
tel.: +420 596 603 142
fax: +420 596 621 273
mobil: +420 777 093 799
www.linuxbox.cz
mobil servis: +420 737 238 656
email servis: servis(a)linuxbox.cz
-------------------------------------
14 years, 7 months
[libvirt] question about libvirt-tck/libivrt-perl
by Gerhard Stenzel
Hi, I have a small libvirt-TCK script, which fails in a for me
unexpected way:
##########################################################
use strict;
use warnings;
use Term::ReadKey;
use Test::More tests => 4;
use Sys::Virt::TCK;
my $tck = Sys::Virt::TCK->new();
my $conn = eval { $tck->setup(); };
BAIL_OUT "failed to setup test harness: $@" if $@;
END { $tck->cleanup if $tck; }
# first domain
my $xml = $tck->generic_domain("tck")->as_xml;
my $dom;
ok_domain(sub { $dom = $conn->create_domain($xml) }, "defined domain
config");
my $uuid = $dom->get_uuid_string();
diag $uuid;
$xml = $dom->get_xml_description;
diag "Starting inactive domain config";
ok($dom->get_id() > 0, "running domain has an ID > 0");
$dom->destroy;
# new domain
my $newxml = $tck->generic_domain("tck")->as_xml;
my $newdom;
ok_domain(sub { $newdom = $conn->create_domain($newxml) }, "defined
domain config");
my $newuuid = $newdom->get_uuid_string();
diag $newuuid;
$newxml = $newdom->get_xml_description();
ok($newdom->get_id() > 0, "running domain has an ID > 0");
$newdom->destroy;
##########################################################
scripts/network/001-prepare-image.t ..
1..4
ok 1 - defined domain config
# 4317db52-00bb-3cac-5639-91cdce05a717
# Starting inactive domain config
ok 2 - running domain has an ID > 0
ok 3 - defined domain config
# 4317db52-00bb-3cac-5639-91cdce05a717
libvirt error code: 42, message: Domain not found: no domain with
matching uuid '4317db52-00bb-3cac-5639-91cdce05a717'
# Looks like you planned 4 tests but ran 3.
# Looks like your test exited with 255 just after 3.
Dubious, test returned 255 (wstat 65280, 0xff00)
Failed 1/4 subtests
Test Summary Report
-------------------
scripts/network/001-prepare-image.t (Wstat: 65280 Tests: 3 Failed: 0)
Non-zero exit status: 255
Parse errors: Bad plan. You planned 4 tests but ran 3.
Files=1, Tests=3, 1 wallclock secs ( 0.02 usr 0.01 sys + 0.19 cusr
0.04 csys = 0.26 CPU)
Result: FAIL
##########################################################
If I change
my $newxml = $tck->generic_domain("tck")->as_xml;
to
my $newxml = $tck->generic_domain("tck2")->as_xml;
the script works as expected.
I am wondering if this is a problem in the libvirt-perl wrapper or
working as designed and my expectation is simply wrong?
Thanks in advance...
--
Best regards,
Gerhard Stenzel,
-----------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
14 years, 7 months
[libvirt] [PATCH 0/1] enospace disk error policy
by David Allan
Dan Kenigsberg requested that we add an option to explicitly request enospace as the disk error policy.
David Allan (1):
Add enospace option to qemu disk error policy
docs/schemas/domain.rng | 1 +
src/conf/domain_conf.c | 3 +-
src/conf/domain_conf.h | 1 +
src/qemu/qemu_conf.c | 2 +
tests/qemuargv2xmltest.c | 3 ++
...uxml2argv-disk-drive-error-policy-enospace.args | 1 +
...muxml2argv-disk-drive-error-policy-enospace.xml | 32 ++++++++++++++++++++
7 files changed, 42 insertions(+), 1 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-error-policy-enospace.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-error-policy-enospace.xml
14 years, 7 months
[libvirt] libvirt: C++ or Java?
by Ganesh Pagade
Hello,
I am planning to develop a management application for managing Redhat Xen
and Redhat KVM hypervisors. I am evaluating the Java bindings versus the C++
version of libvirt. As part of evaluation, I could not find meaningful
answers to the questions below. Hence, I thought that people on this mailing
list would be the most appropriate to comment on them. Can you please let me
know your views?
1. Are all functions that are available in C API available in Java?
2. Are Java bindings added along with every enhancement to C API?
3. If answer to above question is negative, typically how long does it takes
for the addition of Java bindings for the enhancement?
4. Most of libvirt based third party management applications use which of
Java bindings or C API?
5. What are your good/bad experiences while using either of C API or Java
bindings?
6. What is your concluding personal recommendation?
And finally, since libvirt is a Redhat Emerging Technology project, does
Redhat or any other third party service providers provide paid assistance,
support?
Appreciate your time. Thanks.
Regards,
Ganesh
14 years, 7 months
