[libvirt] [PATCH v2] esx: Support VLAN tags in virtual network port groups
by Matthias Bolte
---
v2: Use network level VLAN config if there is no portgroup specific VLAN
config given.
src/esx/esx_network_driver.c | 65 ++++++++++++++++++++++++++++++++++++++---
1 files changed, 60 insertions(+), 5 deletions(-)
diff --git a/src/esx/esx_network_driver.c b/src/esx/esx_network_driver.c
index 09d46d3..7b529ee 100644
--- a/src/esx/esx_network_driver.c
+++ b/src/esx/esx_network_driver.c
@@ -489,7 +489,40 @@ esxNetworkDefineXML(virConnectPtr conn, const char *xml)
goto cleanup;
}
- hostPortGroupSpec->vlanId->value = 0;
+ if (def->portGroups[i].vlan.trunk) {
+ /* FIXME: Change this once tag-less trunk-mode is supported */
+ if (def->portGroups[i].vlan.nTags != 1 ||
+ *def->portGroups[i].vlan.tag != 4095) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("VLAN tag has to be 4095 in trunk mode"));
+ goto cleanup;
+ }
+
+ hostPortGroupSpec->vlanId->value = 4095;
+ } else if (def->portGroups[i].vlan.nTags == 1) {
+ hostPortGroupSpec->vlanId->value = *def->portGroups[i].vlan.tag;
+ } else if (def->portGroups[i].vlan.nTags > 1) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Can apply one VLAN tag per port group only"));
+ goto cleanup;
+ } else if (def->vlan.trunk) {
+ /* FIXME: Change this once tag-less trunk-mode is supported */
+ if (def->vlan.nTags != 1 || *def->vlan.tag != 4095) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("VLAN tag has to be 4095 in trunk mode"));
+ goto cleanup;
+ }
+
+ hostPortGroupSpec->vlanId->value = 4095;
+ } else if (def->vlan.nTags == 1) {
+ hostPortGroupSpec->vlanId->value = *def->vlan.tag;
+ } else if (def->vlan.nTags > 1) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Can apply one VLAN tag per port group only"));
+ goto cleanup;
+ } else {
+ hostPortGroupSpec->vlanId->value = 0;
+ }
if (def->portGroups[i].bandwidth != NULL) {
if (esxBandwidthToShapingPolicy
@@ -519,6 +552,8 @@ esxNetworkDefineXML(virConnectPtr conn, const char *xml)
network = virGetNetwork(conn, hostVirtualSwitch->name, md5);
cleanup:
+ /* FIXME: need to remove virtual switch if adding port groups failed */
+
virNetworkDefFree(def);
esxVI_HostVirtualSwitch_Free(&hostVirtualSwitch);
esxVI_HostPortGroup_Free(&hostPortGroupList);
@@ -695,6 +730,7 @@ esxNetworkGetXMLDesc(virNetworkPtr network_, unsigned int flags)
esxVI_String *hostPortGroupKey = NULL;
esxVI_String *networkName = NULL;
virNetworkDefPtr def;
+ virPortGroupDefPtr portGroup;
if (esxVI_EnsureSession(priv->primary) < 0) {
return NULL;
@@ -824,9 +860,12 @@ esxNetworkGetXMLDesc(virNetworkPtr network_, unsigned int flags)
for (networkName = networkNameList; networkName != NULL;
networkName = networkName->_next) {
if (STREQ(networkName->value, hostPortGroup->spec->name)) {
- def->portGroups[def->nPortGroups].name = strdup(networkName->value);
+ portGroup = &def->portGroups[def->nPortGroups];
+ ++def->nPortGroups;
- if (def->portGroups[def->nPortGroups].name == NULL) {
+ portGroup->name = strdup(networkName->value);
+
+ if (portGroup->name == NULL) {
virReportOOMError();
goto cleanup;
}
@@ -834,13 +873,29 @@ esxNetworkGetXMLDesc(virNetworkPtr network_, unsigned int flags)
if (hostPortGroup->spec->policy != NULL) {
if (esxShapingPolicyToBandwidth
(hostPortGroup->spec->policy->shapingPolicy,
- &def->portGroups[def->nPortGroups].bandwidth) < 0) {
+ &portGroup->bandwidth) < 0) {
++def->nPortGroups;
goto cleanup;
}
}
- ++def->nPortGroups;
+ if (hostPortGroup->spec->vlanId->value > 0) {
+ if (hostPortGroup->spec->vlanId->value == 4095) {
+ portGroup->vlan.trunk = true;
+ }
+
+ /* FIXME: Remove this once tag-less trunk-mode is supported */
+ portGroup->vlan.nTags = 1;
+
+ if (VIR_ALLOC_N(portGroup->vlan.tag, 1) < 0) {
+ virReportOOMError();
+ goto cleanup;
+ }
+
+ *portGroup->vlan.tag =
+ hostPortGroup->spec->vlanId->value;
+ }
+
break;
}
}
--
1.7.4.1
12 years, 3 months
[libvirt] [PATCH] esx: Support VLAN tags in virtual network port groups
by Matthias Bolte
---
src/esx/esx_network_driver.c | 38 +++++++++++++++++++++++++++++++++-----
1 files changed, 33 insertions(+), 5 deletions(-)
diff --git a/src/esx/esx_network_driver.c b/src/esx/esx_network_driver.c
index 09d46d3..2f5f1ab 100644
--- a/src/esx/esx_network_driver.c
+++ b/src/esx/esx_network_driver.c
@@ -489,7 +489,16 @@ esxNetworkDefineXML(virConnectPtr conn, const char *xml)
goto cleanup;
}
- hostPortGroupSpec->vlanId->value = 0;
+ if (def->portGroups[i].vlan.trunk) {
+ hostPortGroupSpec->vlanId->value = 4095;
+ } else if (def->portGroups[i].vlan.nTags == 1) {
+ hostPortGroupSpec->vlanId->value = *def->portGroups[i].vlan.tag;
+ } else if (def->portGroups[i].vlan.nTags > 1) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Can apply one VLAN tag per port group only"));
+ } else {
+ hostPortGroupSpec->vlanId->value = 0;
+ }
if (def->portGroups[i].bandwidth != NULL) {
if (esxBandwidthToShapingPolicy
@@ -695,6 +704,7 @@ esxNetworkGetXMLDesc(virNetworkPtr network_, unsigned int flags)
esxVI_String *hostPortGroupKey = NULL;
esxVI_String *networkName = NULL;
virNetworkDefPtr def;
+ virPortGroupDefPtr portGroup = NULL;
if (esxVI_EnsureSession(priv->primary) < 0) {
return NULL;
@@ -824,9 +834,12 @@ esxNetworkGetXMLDesc(virNetworkPtr network_, unsigned int flags)
for (networkName = networkNameList; networkName != NULL;
networkName = networkName->_next) {
if (STREQ(networkName->value, hostPortGroup->spec->name)) {
- def->portGroups[def->nPortGroups].name = strdup(networkName->value);
+ portGroup = &def->portGroups[def->nPortGroups];
+ ++def->nPortGroups;
+
+ portGroup->name = strdup(networkName->value);
- if (def->portGroups[def->nPortGroups].name == NULL) {
+ if (portGroup->name == NULL) {
virReportOOMError();
goto cleanup;
}
@@ -834,13 +847,28 @@ esxNetworkGetXMLDesc(virNetworkPtr network_, unsigned int flags)
if (hostPortGroup->spec->policy != NULL) {
if (esxShapingPolicyToBandwidth
(hostPortGroup->spec->policy->shapingPolicy,
- &def->portGroups[def->nPortGroups].bandwidth) < 0) {
+ &portGroup->bandwidth) < 0) {
++def->nPortGroups;
goto cleanup;
}
}
- ++def->nPortGroups;
+ if (hostPortGroup->spec->vlanId->value > 0) {
+ if (hostPortGroup->spec->vlanId->value == 4095) {
+ portGroup->vlan.trunk = true;
+ }
+
+ portGroup->vlan.nTags = 1;
+
+ if (VIR_ALLOC_N(portGroup->vlan.tag, 1) < 0) {
+ virReportOOMError();
+ goto cleanup;
+ }
+
+ *portGroup->vlan.tag =
+ hostPortGroup->spec->vlanId->value;
+ }
+
break;
}
}
--
1.7.4.1
12 years, 3 months
[libvirt] switching both libvirt and netcf packages to use libnl3 instead of libnl-1.1
by Laine Stump
Both libvirt and the netcf library it links to use libnl for doing
things with netlink sockets. libnl comes in a couple of different and
API-incompatible flavors, namely libnl-1.1 and libnl-3. For a long time
Fedora had just libnl-1.1, and libvirt only supported libnl-1.1
Awhile back Fedora gained support for using libnl-3 instead of
libnl-1.1, and did so in a way that allows both libraries (both runtime
and -devel) to still exist on the system at the same time, and programs
can pick which one they want to use.
Even more recently libvirt and netcf got patches to support building
with libnl-3 rather than libnl-1.1 (preferring libnl-3 if both are
available).
Since development (and even bugfixes) of libnl-1.1 is basically dead, I
want to switch over the F18 and later builds of libvirt to use libnl-3,
but this will take careful timing (and some restrictions in the libvirt
specfile) because attempting to run a libnl3-linked libvirt with a
netcf.so that was linked with libnl-1.1 (or vice versa) results in a segv.
Other than the basic use of a Requires: line in the libvirt specfile to
make the newly-libnl3-enabled build of libvirt require a
similarly-enabled build of netcf, does anyone have any recommendations
on making this transition as painless as possible (and as soon as
possible - I obviously want to do this before F18 is released).
12 years, 3 months
[libvirt] [PATCHv2 0/3] split snapshot conf out of domain conf
by Eric Blake
Rebased version from v1 [1], only changes are catering to
other changes in domain_conf in the meantime, and (temporarily)
dropping the XML changes of the original patch 4 until I have
code that can actually use the XML in 0.10.1. I'm hoping these
three patches still qualify for 0.10.0.
[1] https://www.redhat.com/archives/libvir-list/2012-August/msg01250.html
Eric Blake (3):
snapshot: make virDomainSnapshotObjList opaque
snapshot: split snapshot conf code into own file
snapshot: rename an enum
po/POTFILES.in | 1 +
src/Makefile.am | 3 +-
src/conf/domain_conf.c | 933 +-------------------------------------------
src/conf/domain_conf.h | 143 +------
src/conf/snapshot_conf.c | 972 ++++++++++++++++++++++++++++++++++++++++++++++
src/conf/snapshot_conf.h | 157 ++++++++
src/esx/esx_driver.c | 1 +
src/libvirt_private.syms | 5 +-
src/qemu/qemu_command.c | 1 +
src/qemu/qemu_domain.c | 7 +-
src/qemu/qemu_domain.h | 3 +-
src/qemu/qemu_driver.c | 69 ++--
src/qemu/qemu_migration.c | 2 +-
src/vbox/vbox_tmpl.c | 1 +
14 files changed, 1209 insertions(+), 1089 deletions(-)
create mode 100644 src/conf/snapshot_conf.c
create mode 100644 src/conf/snapshot_conf.h
--
1.7.11.4
12 years, 3 months
[libvirt] [PATCH] xen-xs: fix uuid of renamed domain
by Philipp Hahn
When the XenStore tdb lives persistently and is not cleared between host
reboots, Xend (version 3.4 and 4.1) re-creates the domain information
located in XenStore below /vm/$UUID. (According to the xen-3.2-commit
hg265950e3df69 to fix a problem when locally migrating a domain to the
host itself.)
When doing so a version number is added to the UUID separated by one
dash, which confuses xenStoreDomainIntroduced(): It iterates over all
domains and tries to lookup all inactive domains using
xenStoreDomainGetUUID(), which fails if the running domain is renamed:
virUUIDParse() fails to parse the versioned UUID and the domain is
flagged as missing. When this happens the function delays .2s and
re-tries 20 times again, multiplied by the number of renamed VMs.
14:48:38.878: 4285: debug : xenStoreDomainIntroduced:1354 : Some domains were missing, trying again
This adds a significant delay:
# time virsh list >/dev/null
real 0m6.529s
# xenstore-list /vm
00000000-0000-0000-0000-000000000000
00000000-0000-0000-0000-000000000000-1
00000000-0000-0000-0000-000000000000-2
00000000-0000-0000-0000-000000000000-3
00000000-0000-0000-0000-000000000000-4
00000000-0000-0000-0000-000000000000-5
7c06121e-90c3-93d4-0126-50481d485cca
00000000-0000-0000-0000-000000000000-6
00000000-0000-0000-0000-000000000000-7
144ad19d-dfb4-2f80-8045-09196bb8784f
00000000-0000-0000-0000-000000000000-8
144ad19d-dfb4-2f80-8045-09196bb8784f-1
00000000-0000-0000-0000-000000000000-9
00000000-0000-0000-0000-000000000000-10
00000000-0000-0000-0000-000000000000-11
00000000-0000-0000-0000-000000000000-12
00000000-0000-0000-0000-000000000000-13
00000000-0000-0000-0000-000000000000-14
144ad19d-dfb4-2f80-8045-09196bb8784f-2
00000000-0000-0000-0000-000000000000-15
144ad19d-dfb4-2f80-8045-09196bb8784f-3
00000000-0000-0000-0000-000000000000-16
The patch adds truncation of the UUID as read from the XenStore path
before passing it to virUUIDParse().
The same issue is reported at
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666135>
Signed-off-by: Philipp Hahn <hahn(a)univention.de>
---
src/xen/xs_internal.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/src/xen/xs_internal.c b/src/xen/xs_internal.c
index e56d1a4..cdaef17 100644
--- a/src/xen/xs_internal.c
+++ b/src/xen/xs_internal.c
@@ -1115,8 +1115,11 @@ int xenStoreDomainGetUUID(virConnectPtr conn,
snprintf(prop, 199, "/local/domain/%d/vm", id);
prop[199] = 0;
/* This will return something like
- * /vm/00000000-0000-0000-0000-000000000000 */
+ * /vm/00000000-0000-0000-0000-000000000000[-*] */
uuidstr = xs_read(priv->xshandle, 0, prop, &len);
+ /* Strip optional version suffix when VM was renamed */
+ if (len > 40) /* strlen('/vm/') + VIR_UUID_STRING_BUFLEN - sizeof('\0') */
+ uuidstr[40] = '\0';
/* remove "/vm/" */
ret = virUUIDParse(uuidstr + 4, uuid);
--
1.7.1
12 years, 3 months
[libvirt] [PATCH 1/2] security: Add DAC to security_drivers
by Michal Privoznik
Currently, if users set 'security_driver="dac"' in qemu.conf libvirtd
fails to initialize as DAC driver is not found because it is missing
in our security drivers array.
---
src/security/security_driver.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/src/security/security_driver.c b/src/security/security_driver.c
index f450a94..e6da220 100644
--- a/src/security/security_driver.c
+++ b/src/security/security_driver.c
@@ -35,6 +35,7 @@
# include "security_apparmor.h"
#endif
+#include "security_dac.h"
#include "security_nop.h"
#define VIR_FROM_THIS VIR_FROM_SECURITY
@@ -46,6 +47,7 @@ static virSecurityDriverPtr security_drivers[] = {
#ifdef WITH_SECDRIVER_APPARMOR
&virAppArmorSecurityDriver,
#endif
+ &virSecurityDriverDAC,
&virSecurityDriverNop, /* Must always be last, since it will always probe */
};
--
1.7.8.6
12 years, 3 months
[libvirt] [PATCH] libssh2_transport: Add docs to remote.html
by Peter Krempa
Describe the existence of the transport driver and document the
configurable options.
---
docs/remote.html.in | 52 +++++++++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 47 insertions(+), 5 deletions(-)
diff --git a/docs/remote.html.in b/docs/remote.html.in
index e6af4c2..40696b9 100644
--- a/docs/remote.html.in
+++ b/docs/remote.html.in
@@ -136,8 +136,14 @@ Remote libvirt supports a range of transports:
<dd> Unencrypted TCP/IP socket. Not recommended for production
use, this is normally disabled, but an administrator can enable
it for testing or use over a trusted network.
- The standard port is 16509.
- </dd>
+ The standard port is 16509. </dd>
+ <dt> libssh2 </dt>
+ <dd> Transport over the SSH protocol using
+ <a href="http://libssh2.org/" title="libssh2 homepage">libssh2</a> instead
+of the OpenSSH binary. This transport uses the libvirt authentication callback for
+all ssh authentication calls and therefore supports keyboard-interactive authentication
+even with graphical management applications. As with the classic ssh transport
+netcat is required on the remote side.</dd>
</dl>
<p>
The default transport, if no other is specified, is <code>tls</code>.
@@ -182,6 +188,9 @@ Connect to a libvirtd daemon offering unencrypted TCP/IP connections
on localhost port 5000 and use the test driver with default
settings.
</li>
+<li><code>qemu+libssh2://user@host/system?known_hosts=/home/user/.ssh/known_hosts</code><br/> —
+Connect to a remote host using a ssh connection with the libssh2 driver
+and use a different known_hosts file.</li>
</ul>
<h4>
<a name="Remote_URI_parameters">Extra parameters</a>
@@ -237,7 +246,7 @@ Note that parameter values must be
<td>
<code>socket</code>
</td>
- <td> unix, ssh </td>
+ <td> unix, ssh, libssh2 </td>
<td>
The path to the Unix domain socket, which overrides the
compiled-in default. For ssh transport, this is passed to
@@ -252,7 +261,7 @@ Note that parameter values must be
<td>
<code>netcat</code>
</td>
- <td> ssh </td>
+ <td> ssh, libssh2 </td>
<td>
The name of the netcat command on the remote machine.
The default is <code>nc</code>. For ssh transport, libvirt
@@ -277,7 +286,7 @@ Note that parameter values must be
<td>
<code>keyfile</code>
</td>
- <td> ssh </td>
+ <td> ssh, libssh2 </td>
<td>
The name of the private key file to use to authentication to the remote
machine. If this option is not used the default keys are used.
@@ -341,6 +350,39 @@ Note that parameter values must be
<td colspan="2"/>
<td> Example: <code>pkipath=/tmp/pki/client</code> </td>
</tr>
+ <tr>
+ <td>
+ <code>known_hosts</code>
+ </td>
+ <td> libssh2 </td>
+ <td>
+ Path to the known_hosts file to verify the host key agains. LibSSH2
+ supports OpenSSH-style known_hosts files, although it does not support
+ all key types, so using files created by the OpenSSH binary may result
+ into truncating the known_hosts file. It's recommended to use the default
+ known_hosts file is located in libvirt's client local configuration
+ directory e.g.: ~/.config/libvirt/known_hosts. Note: Use absolute paths.
+</td>
+ </tr>
+ <tr>
+ <td colspan="2"/>
+ <td> Example: <code>known_hosts=/root/.ssh/known_hosts</code> </td>
+ </tr>
+ <tr>
+ <td>
+ <code>sshauth</code>
+ </td>
+ <td> libssh2 </td>
+ <td>
+ A comma separated list of authentication methods to use. Default (is
+ "agent,privkey,keyboard-interactive". The order of the methods is perserved.
+ Some methods may require additional parameters.
+</td>
+ </tr>
+ <tr>
+ <td colspan="2"/>
+ <td> Example: <code>sshauth=privkey,agent</code> </td>
+ </tr>
</table>
<h3>
<a name="Remote_certificates">Generating TLS certificates</a>
--
1.7.12
12 years, 3 months
[libvirt] How to solve this problem---libvirtError: this function is not supported by the connection driver: virNWFilterDefineXML
by Zhihong Wang
Dear all:
I am trying to deploy openstack on xen hypervisor.Since XenSever or XCP is
not available on our customized virtulization platform. We decide to use
libvirt on xen as a middleware operating the xen hypervisor. But when I try
to boot a instance , xen failed to response and I find the error in my
nova.log as follows:
2012-08-24 09:17:25 ERROR nova.compute.manager
[req-4b60e9a9-680c-457b-bf93-b71fb6230245 562096602c5e41748dd568d5db0f7553
6bd4a2580bcd4bef890d7ba4da82e925] [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] Instance failed to spawn
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] Traceback (most recent call last):
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] File
"/usr/lib/python2.6/site-packages/nova-2012.1-py2.6.egg/nova/compute/manager.py",
line 592, in _spawn
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4]
self._legacy_nw_info(network_info), block_device_info)
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] File
"/usr/lib/python2.6/site-packages/nova-2012.1-py2.6.egg/nova/exception.py",
line 114, in wrapped
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] return f(*args, **kw)
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] File
"/usr/lib/python2.6/site-packages/nova-2012.1-py2.6.egg/nova/virt/libvirt/connection.py",
line 899, in spawn
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4]
self.firewall_driver.setup_basic_filtering(instance, network_info)
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] File
"/usr/lib/python2.6/site-packages/nova-2012.1-py2.6.egg/nova/virt/libvirt/firewall.py",
line 231, in setup_basic_filtering
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4]
self.nwfilter.setup_basic_filtering(instance, network_info)
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] File
"/usr/lib/python2.6/site-packages/nova-2012.1-py2.6.egg/nova/virt/libvirt/firewall.py",
line 102, in setup_basic_filtering
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] self._ensure_static_filters()
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] File
"/usr/lib/python2.6/site-packages/nova-2012.1-py2.6.egg/nova/virt/libvirt/firewall.py",
line 130, in _ensure_static_filters
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] 'allow-dhcp-server']))
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] File
"/usr/lib/python2.6/site-packages/nova-2012.1-py2.6.egg/nova/virt/libvirt/firewall.py",
line 150, in _define_filter
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4]
tpool.execute(self._conn.nwfilterDefineXML, xml)
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] File
"/usr/lib/python2.6/site-packages/eventlet/tpool.py", line 76, in tworker
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] rv = meth(*args,**kwargs)
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] File
"/usr/lib64/python2.6/site-packages/libvirt.py", line 2628, in
nwfilterDefineXML
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] if ret is None:raise
libvirtError('virNWFilterDefineXML() failed', conn=self)
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4] libvirtError: this function is not
supported by the connection driver: virNWFilterDefineXML
2012-08-24 09:17:25 TRACE nova.compute.manager [instance:
3645be21-9b5b-4718-9c9f-f6ba3588f7b4]
It seems that libvirt doesn't support virNWFilterDefineXML on xen,Is there
any good solutions? Or how much work should be done to add this function
to libvirt?
I would take it into consideration seriously if I could fix this problem
12 years, 3 months
[libvirt] [PATCH] openvz: check the exitstatus of vzlist
by Laine Stump
I noticed this while auditing all calls to virCommandRun that request
an exit status from virCommandRun. Two functions in the openvz driver
openvzDomainGetBarrierLimit
openvzDomainSetBarrierLimit
request an exit status from virCommandRun (thus assuring that
virCommandRun won't log any errors just due to a non-0 exit status),
but then fail to examine that exit status. This could result in the
functions believing that the call to "vzlist" was successful, even
though it may have encountered an error.
---
src/openvz/openvz_driver.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/openvz/openvz_driver.c b/src/openvz/openvz_driver.c
index 8257ed5..a1d3b42 100644
--- a/src/openvz/openvz_driver.c
+++ b/src/openvz/openvz_driver.c
@@ -1707,7 +1707,7 @@ openvzDomainGetBarrierLimit(virDomainPtr domain,
virCommandSetOutputBuffer(cmd, &output);
virCommandAddArgFormat(cmd, "-o%s.b,%s.l", param, param);
virCommandAddArg(cmd, domain->name);
- if (virCommandRun(cmd, &status)) {
+ if (virCommandRun(cmd, &status) < 0 || status != 0) {
virReportError(VIR_ERR_OPERATION_FAILED,
_("Failed to get %s for %s: %d"), param, domain->name,
status);
@@ -1758,7 +1758,7 @@ openvzDomainSetBarrierLimit(virDomainPtr domain,
virCommandAddArgFormat(cmd, "--%s", param);
virCommandAddArgFormat(cmd, "%llu:%llu", barrier, limit);
virCommandAddArg(cmd, "--save");
- if (virCommandRun(cmd, &status)) {
+ if (virCommandRun(cmd, &status) < 0 || status != 0) {
virReportError(VIR_ERR_OPERATION_FAILED,
_("Failed to set %s for %s: %d"), param, domain->name,
status);
--
1.7.11.4
12 years, 3 months
[libvirt] [PATCH] nwfilter: don't log error if firewalld is disabled
by Laine Stump
The original patch to support firewalld in nwfilter wasn't personally
checking the exit status of firewall-cmd, but was instead sending NULL
in the *exitstatus arg, which meant that virCommandWait would log an
error just for the exit status being non-0 (and a "more scary than
useful" error at that).
We don't want to treat this as an error, though, just as a reason to
use standard (ip|eb)tables commands instead of firewall-cmd.
This patch modifies the virCommandRun in the nwfilter code to request
status back from the caller. This avoids virCommandWait logging an
error message, and allows the caller to do as it likes after examining
the status.
---
src/nwfilter/nwfilter_ebiptables_driver.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c
index b008879..8f7a453 100644
--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -4140,6 +4140,7 @@ ebiptablesDriverInitWithFirewallD(void)
virBuffer buf = VIR_BUFFER_INITIALIZER;
char *firewall_cmd_path;
char *output = NULL;
+ int status;
int ret = -1;
if (!virNWFilterDriverIsWatchingFirewallD())
@@ -4155,8 +4156,8 @@ ebiptablesDriverInitWithFirewallD(void)
"%s",
CMD_STOPONERR(1));
- if (ebiptablesExecCLI(&buf, NULL, &output) == 0 &&
- strlen(output) == 0) {
+ if (ebiptablesExecCLI(&buf, &status, &output) == 0 &&
+ status == 0) {
VIR_DEBUG("Using firewall-cmd in nwfilter_ebiptables_driver.");
ignore_value(virAsprintf(&ebtables_cmd_path,
--
1.7.11.4
12 years, 3 months
