[libvirt] [PATCH 1/8] Add new API virDomain{Set, Get}BlockIoTune
by Lei Li
This patch add new pulic API virDomainSetBlockIoTune and
virDomainGetBlockIoTune.
Signed-off-by: Zhi Yong Wu <wuzhy(a)linux.vnet.ibm.com>
Signed-off-by: Lei Li <lilei(a)linux.vnet.ibm.com>
---
include/libvirt/libvirt.h.in | 26 +++++++++
src/driver.h | 19 +++++++
src/libvirt.c | 115 ++++++++++++++++++++++++++++++++++++++++++
src/libvirt_public.syms | 2 +
4 files changed, 162 insertions(+), 0 deletions(-)
diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in
index aa320b6..a79c35e 100644
--- a/include/libvirt/libvirt.h.in
+++ b/include/libvirt/libvirt.h.in
@@ -1640,6 +1640,32 @@ int virDomainBlockJobSetSpeed(virDomainPtr dom, const char *path,
int virDomainBlockPull(virDomainPtr dom, const char *path,
unsigned long bandwidth, unsigned int flags);
+/*
+ * Block I/O throttling support
+ */
+
+typedef struct _virDomainBlockIoTuneInfo virDomainBlockIoTuneInfo;
+struct _virDomainBlockIoTuneInfo {
+ unsigned long long total_bytes_sec;
+ unsigned long long read_bytes_sec;
+ unsigned long long write_bytes_sec;
+ unsigned long long total_iops_sec;
+ unsigned long long read_iops_sec;
+ unsigned long long write_iops_sec;
+};
+typedef virDomainBlockIoTuneInfo *virDomainBlockIoTuneInfoPtr;
+
+int
+virDomainSetBlockIoTune(virDomainPtr dom,
+ const char *disk,
+ virDomainBlockIoTuneInfoPtr info,
+ unsigned int flags);
+int
+virDomainGetBlockIoTune(virDomainPtr dom,
+ const char *disk,
+ virDomainBlockIoTuneInfoPtr reply,
+ unsigned int flags);
+
/*
* NUMA support
diff --git a/src/driver.h b/src/driver.h
index 4c14aaa..9628ad7 100644
--- a/src/driver.h
+++ b/src/driver.h
@@ -741,6 +741,23 @@ typedef int
unsigned long bandwidth, unsigned int flags);
+/*
+ * Block I/O throttling support
+ */
+
+typedef int
+ (*virDrvDomainSetBlockIoTune)(virDomainPtr dom,
+ const char *disk,
+ virDomainBlockIoTuneInfoPtr info,
+ unsigned int flags);
+
+typedef int
+ (*virDrvDomainGetBlockIoTune)(virDomainPtr dom,
+ const char *disk,
+ virDomainBlockIoTuneInfoPtr reply,
+ unsigned int flags);
+
+
/**
* _virDriver:
*
@@ -899,6 +916,8 @@ struct _virDriver {
virDrvDomainGetBlockJobInfo domainGetBlockJobInfo;
virDrvDomainBlockJobSetSpeed domainBlockJobSetSpeed;
virDrvDomainBlockPull domainBlockPull;
+ virDrvDomainSetBlockIoTune domainSetBlockIoTune;
+ virDrvDomainGetBlockIoTune domainGetBlockIoTune;
};
typedef int
diff --git a/src/libvirt.c b/src/libvirt.c
index b0d1e01..79ac84d 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -17083,3 +17083,118 @@ error:
virDispatchError(dom->conn);
return -1;
}
+
+/**
+ * virDomainSetBlockIoTune:
+ * @dom: pointer to domain object
+ * @disk: Fully-qualified disk name
+ * @info: Specify block I/O limits in bytes
+ * @flags: An OR'ed set of virDomainModificationImpact
+ *
+ * This function is mainly to enable Block I/O throttling function in libvirt.
+ * It is used to change the block I/O throttling setting for specified domain.
+ *
+ * Returns 0 if the operation has started, -1 on failure.
+ */
+int virDomainSetBlockIoTune(virDomainPtr dom,
+ const char *disk,
+ virDomainBlockIoTuneInfoPtr info,
+ unsigned int flags)
+{
+ virConnectPtr conn;
+
+ VIR_DOMAIN_DEBUG(dom, "disk=%p, info=%p, flags=%x",
+ disk, info, flags);
+
+ virResetLastError();
+
+ if (!VIR_IS_CONNECTED_DOMAIN (dom)) {
+ virLibDomainError(VIR_ERR_INVALID_DOMAIN, __FUNCTION__);
+ virDispatchError(NULL);
+ return -1;
+ }
+ conn = dom->conn;
+
+ if (dom->conn->flags & VIR_CONNECT_RO) {
+ virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ goto error;
+ }
+
+ if (!disk) {
+ virLibDomainError(VIR_ERR_INVALID_ARG, __FUNCTION__);
+ goto error;
+ }
+
+ if (!info) {
+ virLibDomainError(VIR_ERR_INVALID_ARG, __FUNCTION__);
+ goto error;
+ }
+
+ if (conn->driver->domainSetBlockIoTune) {
+ int ret;
+ ret = conn->driver->domainSetBlockIoTune(dom, disk, info, flags);
+ if (ret < 0)
+ goto error;
+ return ret;
+ }
+
+ virLibDomainError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
+
+error:
+ virDispatchError(dom->conn);
+ return -1;
+}
+
+/**
+ * virDomainGetBlockIoTune:
+ * @dom: pointer to domain object
+ * @disk: Fully-qualified disk name
+ * @reply: Specify block I/O info in bytes
+ * @flags: An OR'ed set of virDomainModificationImpact
+ *
+ * This function is mainly to enable Block I/O throttling function in libvirt.
+ * It is used to get the block I/O throttling setting for specified domain.
+ *
+ * Returns 0 if the operation has started, -1 on failure.
+ */
+
+int virDomainGetBlockIoTune(virDomainPtr dom,
+ const char *disk,
+ virDomainBlockIoTuneInfoPtr reply,
+ unsigned int flags)
+{
+ virConnectPtr conn;
+
+ VIR_DOMAIN_DEBUG(dom, "disk=%p, reply=%p, flags=%x",
+ disk, reply, flags);
+
+ virResetLastError();
+
+ if (!VIR_IS_CONNECTED_DOMAIN (dom)) {
+ virLibDomainError(VIR_ERR_INVALID_DOMAIN, __FUNCTION__);
+ virDispatchError(NULL);
+ return -1;
+ }
+ conn = dom->conn;
+
+ if (!disk) {
+ virLibDomainError(VIR_ERR_INVALID_ARG, __FUNCTION__);
+ goto error;
+ }
+
+ if (conn->driver->domainGetBlockIoTune) {
+ int ret;
+ ret = conn->driver->domainGetBlockIoTune(dom, disk, reply, flags);
+ if (ret < 0)
+ goto error;
+ return ret;
+ }
+
+ virLibDomainError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
+
+error:
+ virDispatchError(dom->conn);
+ return -1;
+
+}
+
diff --git a/src/libvirt_public.syms b/src/libvirt_public.syms
index bcefb10..4808891 100644
--- a/src/libvirt_public.syms
+++ b/src/libvirt_public.syms
@@ -496,6 +496,8 @@ LIBVIRT_0.9.7 {
virDomainSnapshotGetParent;
virDomainSnapshotListChildrenNames;
virDomainSnapshotNumChildren;
+ virDomainSetBlockIoTune;
+ virDomainGetBlockIoTune;
} LIBVIRT_0.9.5;
# .... define new API here using predicted next version number ....
--
1.7.1
13 years, 5 months
[libvirt] qemu: Remove code instantiating filters on direct interfaces
by Stefan Berger
Remove code that instantiates network filters on direct type
of interfaces. The parser already does not accept filters on
those type of interfaces.
---
src/qemu/qemu_command.c | 26 +-------------------------
src/qemu/qemu_command.h | 1 -
src/qemu/qemu_hotplug.c | 2 +-
3 files changed, 2 insertions(+), 27 deletions(-)
Index: libvirt-acl/src/qemu/qemu_command.c
===================================================================
--- libvirt-acl.orig/src/qemu/qemu_command.c
+++ libvirt-acl/src/qemu/qemu_command.c
@@ -135,7 +135,6 @@ uname_normalize (struct utsname *ut)
*/
int
qemuPhysIfaceConnect(virDomainDefPtr def,
- virConnectPtr conn,
struct qemud_driver *driver,
virDomainNetDefPtr net,
virBitmapPtr qemuCaps,
@@ -145,7 +144,6 @@ qemuPhysIfaceConnect(virDomainDefPtr def
#if WITH_MACVTAP
char *res_ifname = NULL;
int vnet_hdr = 0;
- int err;
if (qemuCapsGet(qemuCaps, QEMU_CAPS_VNET_HDR) &&
net->model && STREQ(net->model, "virtio"))
@@ -165,28 +163,6 @@ qemuPhysIfaceConnect(virDomainDefPtr def
net->ifname = res_ifname;
}
- if (rc >=0 && driver->macFilter) {
- if ((err = networkAllowMacOnPort(driver, net->ifname,
net->mac))) {
- virReportSystemError(err,
- _("failed to add ebtables rule to allow MAC address on
'%s'"),
- net->ifname);
- }
- }
-
- if (rc >= 0) {
- if ((net->filter) && (net->ifname)) {
- err = virDomainConfNWFilterInstantiate(conn, net);
- if (err) {
- VIR_FORCE_CLOSE(rc);
- delMacvtap(net->ifname, net->mac,
- virDomainNetGetActualDirectDev(net),
- virDomainNetGetActualDirectMode(net),
-
virDomainNetGetActualDirectVirtPortProfile(net),
- driver->stateDir);
- VIR_FREE(net->ifname);
- }
- }
- }
#else
(void)def;
(void)conn;
@@ -4173,7 +4149,7 @@ qemuBuildCommandLine(virConnectPtr conn,
tapfd) >= sizeof(tapfd_name))
goto no_memory;
} else if (actualType == VIR_DOMAIN_NET_TYPE_DIRECT) {
- int tapfd = qemuPhysIfaceConnect(def, conn, driver,
net,
+ int tapfd = qemuPhysIfaceConnect(def, driver, net,
qemuCaps, vmop);
if (tapfd < 0)
goto error;
Index: libvirt-acl/src/qemu/qemu_command.h
===================================================================
--- libvirt-acl.orig/src/qemu/qemu_command.h
+++ libvirt-acl/src/qemu/qemu_command.h
@@ -132,7 +132,6 @@ int qemuNetworkIfaceConnect(virDomainDef
ATTRIBUTE_NONNULL(2);
int qemuPhysIfaceConnect(virDomainDefPtr def,
- virConnectPtr conn,
struct qemud_driver *driver,
virDomainNetDefPtr net,
virBitmapPtr qemuCaps,
Index: libvirt-acl/src/qemu/qemu_hotplug.c
===================================================================
--- libvirt-acl.orig/src/qemu/qemu_hotplug.c
+++ libvirt-acl/src/qemu/qemu_hotplug.c
@@ -676,7 +676,7 @@ int qemuDomainAttachNetDevice(virConnect
if (qemuOpenVhostNet(vm->def, net, priv->qemuCaps, &vhostfd) <
0)
goto cleanup;
} else if (actualType == VIR_DOMAIN_NET_TYPE_DIRECT) {
- if ((tapfd = qemuPhysIfaceConnect(vm->def, conn, driver, net,
+ if ((tapfd = qemuPhysIfaceConnect(vm->def, driver, net,
priv->qemuCaps,
VIR_VM_OP_CREATE)) < 0)
goto cleanup;
13 years, 5 months
[libvirt] [PATCH 0/4] Support macvlan devices for LXC containers
by Daniel P. Berrange
This series does the bare minimum required to support the network
inteface type=direct for LXC containers, using macvlan devices
as the implementation. There is a slight complication though...
For bridged container NICs we create a veth pair of devices. One
of the devices lives host side, and is enslaved in a bridge. The
other veth device gets moved to the container namespace to form
the eth0. So we both both a host & container side device visible.
For direct container NICS we create a macvlan device, which is
moved to the container namespace. There is no host side interface
that is dedicated for the container - only the general ethernet
device the macvlan is bound to. Since there is no host side
interface for the container we are unable to create network
filter rules, or network bandwidth controls. In addition while
we could perform the 8021.Qb{gh} association during container
startup, before moving the macvlan device to the container namespace,
we can't perform any disassociation on container shutdown. By the
time we see the container has shutdown, the macvlan device has
already been killed off.
The inability to setup iptables/tc rules against devices that
are only visible in the container namespace is arguably a flaw
in the Linux kernel's namespace code support for iptables/tc.
There ought to be a syntax for iptables/tc to write rules which
affect NICs in other namespaces
13 years, 5 months
[libvirt] [PATCH] Disable numactl on ARM architectures too
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Pushed under trivial rule - a backport from the Fedora spec
* libvirt.spec.in: Disable numactl on ARM
---
libvirt.spec.in | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 10280f0..d4e3e17 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -92,8 +92,8 @@
%define with_libxl 0
%endif
-# Numactl is not available on s390[x]
-%ifarch s390 s390x
+# Numactl is not available on s390[x] and ARM
+%ifarch s390 s390x %{arm}
%define with_numactl 0
%endif
--
1.7.6.4
13 years, 5 months
[libvirt] [PATCH] Add libvirt confdir to files section in mingw32 spec
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Pushed under the trivial rule - this fix pulled back from Fedora
* mingw32-libvirt.spec.in: Ensure we own the confdir
---
mingw32-libvirt.spec.in | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/mingw32-libvirt.spec.in b/mingw32-libvirt.spec.in
index c2690f3..89d1d7f 100644
--- a/mingw32-libvirt.spec.in
+++ b/mingw32-libvirt.spec.in
@@ -126,6 +126,7 @@ rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
+%dir %{_mingw32_sysconfdir}/libvirt/
%config(noreplace) %{_mingw32_sysconfdir}/libvirt/libvirt.conf
%{_mingw32_bindir}/libvirt-0.dll
--
1.7.6.4
13 years, 5 months
[libvirt] nwfilter - limit VM traffic to specific mac address
by Shahar Havivi
Hi,
I want to limit VM traffic to a specific MAC address, ie VMs cannot
traffic each other other then a specific gateway.
I am using custom nwfilter name: isolatedprivatevlan-vdsm.xml
located in /etc/libvirt/nwfilter/:
<filter name='isolatedprivatevlan-vdsm' chain='root'>
<filterref filter='clean-traffic'/>
<rule action='drop' direction='out' priority='500'>
<mac match='no' dstmacaddr='$GATEWAY_MAC'/>
</rule>
</filter>
VM1 domian xml portion:
<interface type="bridge">
<mac address="00:1a:4a:16:01:53"/>
<model type="virtio"/>
<source bridge="red"/>
<filterref filter="isolatedprivatevlan-vdsm">
<parameter name="GATEWAY_MAC" value="00:00:0c:07:ac:00"/>
</filterref>
</interface>
VM2 domian xml portion:
<interface type="bridge">
<mac address="00:1a:4a:16:01:52"/>
<model type="virtio"/>
<source bridge="red"/>
<filterref filter="isolatedprivatevlan-vdsm">
<parameter name="GATEWAY_MAC" value="00:00:0c:07:ac:00"/>
</filterref>
</interface>
in each VM (Fedora 15 LiveCD) I assign ip:
# ifconfig eth0 10.35.1.240 netmask 255.255.254.0
# route add default gw 10.35.1.1
vm2:
# ifconfig eth0 10.35.1.241 netmask 255.255.254.0
# route add default gw 10.35.1.1
but the filter is not working,
I can ping the VMs from each other,
Am I missing something?
Thanks,
Shahar Havivi.
13 years, 5 months
Re: [libvirt] [PATCH] fix crash when starting network
by lvroyce
tested-by: Wen Ruo Lv<lvroyce(a)linux.vnet.ibm.com>
tested
1.net-start cmd with bridge mac specified (failed)
2.attach-device cmd with a hot plug nic(ok)
My network is as below:
<network>
<name>default</name>
<uuid>361441af-e1f0-472d-a503-dfcbbefa03fb</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0' />
<mac address='00:16:3E:5D:C7:9E'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254' />
</dhcp>
</ip>
</network>
It fails at brSetInterfaceMac-->return ioctl(ctl->fd, SIOCSIFHWADDR, &ifr)
but SIOCGIFHWADDR succeed.
error msg is:
cannot create dummy tap device 'virbr0-nic' to set mac address on bridge
'virbr0':no such device
13 years, 5 months
[libvirt] [test-API][PATCH 1/3] add new "clean" keyword to clean environment after each testcase
by Guannan Ren
testcase1
option1
avalue
option2
bvalue
clean
testcase2
option1
cvalue
option2
dvalue
clean
---
generator.py | 44 ++++++++++++++++++++++++++++++++------------
1 files changed, 32 insertions(+), 12 deletions(-)
diff --git a/generator.py b/generator.py
index 5a3a2ab..2d59353 100644
--- a/generator.py
+++ b/generator.py
@@ -41,6 +41,7 @@ class FuncGen(object):
self.lockfile = lockfile
self.bugstxt = bugstxt
self.loglevel = loglevel
+ self.testcase_number = 0
self.fmt = format.Format(logfile)
self.log_xml_parser = log_xml_parser
@@ -49,19 +50,21 @@ class FuncGen(object):
self.__case_info_save(activity, testrunid)
mapper_obj = mapper.Mapper(activity)
- pkg_tripped_cases = mapper_obj.get_package_tripped()
+ pkg_casename_func = mapper_obj.package_casename_func_map()
- for test_procedure in pkg_tripped_cases:
+ for test_procedure in pkg_casename_func:
log_xml_parser.add_testprocedure_xml(testrunid,
testid,
test_procedure)
self.cases_ref_names = []
- for case in pkg_tripped_cases:
+ for case in pkg_casename_func:
case_ref_name = case.keys()[0]
+ if case_ref_name[-6:] != "_clean":
+ self.testcase_number += 1
self.cases_ref_names.append(case_ref_name)
self.cases_params_list = []
- for case in pkg_tripped_cases:
+ for case in pkg_casename_func:
case_params = case.values()[0]
self.cases_params_list.append(case_params)
@@ -101,7 +104,7 @@ class FuncGen(object):
envlog = log.EnvLog(self.logfile, self.loglevel)
logger = envlog.env_log()
- testcase_number = len(self.cases_ref_names)
+ loop_number = len(self.cases_ref_names)
start_time = time.strftime("%Y-%m-%d %H:%M:%S")
logger.info("Checking Testing Environment... ")
@@ -111,7 +114,7 @@ class FuncGen(object):
sys.exit(1)
else:
logger.info("\nStart Testing:")
- logger.info(" Case Count: %s" % testcase_number)
+ logger.info(" Case Count: %s" % self.testcase_number)
logger.info(" Log File: %s\n" % self.logfile)
del envlog
@@ -119,21 +122,31 @@ class FuncGen(object):
logger = caselog.case_log()
retflag = 0
- for i in range(testcase_number):
+ for i in range(loop_number):
case_ref_name = self.cases_ref_names[i]
- self.fmt.printf('start', case_ref_name)
+ pkg_casename = case_ref_name.rpartition(":")[0]
+ funcname = case_ref_name.rpartition(":")[-1]
+
+ cleanoper = 0 if "_clean" not in funcname else 1
+
+ if not cleanoper:
+ self.fmt.printf('start', pkg_casename)
+ else:
+ self.fmt.printf('string', 12*" " + "Cleaning...")
+
case_params = self.cases_params_list[i]
case_start_time = time.strftime("%Y-%m-%d %H:%M:%S")
ret = -1
+ clean_ret = -1
try:
try:
if case_ref_name != 'sleep':
case_params['logger'] = logger
- existed_bug_list = self.bug_check(case_ref_name)
+ existed_bug_list = self.bug_check(pkg_casename)
if len(existed_bug_list) == 0:
if case_ref_name == 'sleep':
@@ -143,13 +156,16 @@ class FuncGen(object):
ret = 0
else:
ret = self.cases_func_ref_dict[case_ref_name](case_params)
+ if cleanoper:
+ clean_ret = ret
+ ret = 0
else:
logger.info("about the testcase , bug existed:")
for existed_bug in existed_bug_list:
logger.info("%s" % existed_bug)
ret = 100
- self.fmt.printf('end', case_ref_name, ret)
+ self.fmt.printf('end', pkg_casename, ret)
continue
except Exception, e:
logger.error(traceback.format_exc())
@@ -163,7 +179,11 @@ class FuncGen(object):
else:
pass
retflag += ret
- self.fmt.printf('end', case_ref_name, ret)
+
+ if not cleanoper:
+ self.fmt.printf('end', pkg_casename, ret)
+ else:
+ self.fmt.printf('string', 21*" " + "Done" if clean_ret < 1 else 21*" " + "Fail")
end_time = time.strftime("%Y-%m-%d %H:%M:%S")
del caselog
@@ -172,7 +192,7 @@ class FuncGen(object):
logger = envlog.env_log()
logger.info("\nSummary:")
logger.info(" Total:%s [Pass:%s Fail:%s]" % \
- (testcase_number, (testcase_number - retflag), retflag))
+ (self.testcase_number, (self.testcase_number - retflag), retflag))
del envlog
result = (retflag and "FAIL") or "PASS"
--
1.7.1
13 years, 5 months
[libvirt] [PATCH 0/2] fix nwfilter when /tmp is mounted noexec
by Eric Blake
https://bugzilla.redhat.com/show_bug.cgi?id=752254 points out that
libvirt cannot support nwfilter on a system with /tmp mounted
noexec (which is a very common setup in security-conscious setups),
all because we were trying to directly invoke a temporary script
instead of invoking a shell to read the script.
I've split this patch into 2 parts, on the off-chance that patch
2 would run afoul of command line length limits (if the total
size of the generated nwfilter commands could possibly cause
E2BIG, then we have to go through a temporary file). But my
recollection is that modern Linux kernels support unlimited
command-line length (that is, ARG_MAX is not a concern on Linux),
and that nwfilter_ebiptables_driver only compiles on Linux, so
my preference would be to squash these into a single commit, if
others agree that we don't have to worry about length limits.
At any rate, I'm quite impressed at the number of lines of code
I was able to remove in order to fix a bug!
Eric Blake (2):
nwfilter: avoid failure with noexec /tmp
nwfilter: simplify execution of ebiptables scripts
src/nwfilter/nwfilter_ebiptables_driver.c | 134 ++--------------------------
1 files changed, 10 insertions(+), 124 deletions(-)
--
1.7.4.4
13 years, 5 months
