[libvirt] [PATCH] Fix compile error for stable 1.2.9
by Yang hongyang
Seems a backport miss. An extra member is passed to struct
virLXCBasicMountInfo.
Signed-off-by: Yang hongyang <hongyang.yang(a)easystack.cn>
---
src/lxc/lxc_container.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 28dabec..1c65fa9 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -760,7 +760,7 @@ typedef struct {
static const virLXCBasicMountInfo lxcBasicMounts[] = {
{ "proc", "/proc", "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, false, false },
- { "/proc/sys", "/proc/sys", NULL, MS_BIND|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, false, false, false },
+ { "/proc/sys", "/proc/sys", NULL, MS_BIND|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, false, false },
{ "sysfs", "/sys", "sysfs", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, false, false },
{ "securityfs", "/sys/kernel/security", "securityfs", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, true, true },
#if WITH_SELINUX
--
1.7.1
1 year
[libvirt] Supporting vhost-net and macvtap in libvirt for QEMU
by Anthony Liguori
Disclaimer: I am neither an SR-IOV nor a vhost-net expert, but I've CC'd
people that are who can throw tomatoes at me for getting bits wrong :-)
I wanted to start a discussion about supporting vhost-net in libvirt.
vhost-net has not yet been merged into qemu but I expect it will be soon
so it's a good time to start this discussion.
There are two modes worth supporting for vhost-net in libvirt. The
first mode is where vhost-net backs to a tun/tap device. This is
behaves in very much the same way that -net tap behaves in qemu today.
Basically, the difference is that the virtio backend is in the kernel
instead of in qemu so there should be some performance improvement.
Current, libvirt invokes qemu with -net tap,fd=X where X is an already
open fd to a tun/tap device. I suspect that after we merge vhost-net,
libvirt could support vhost-net in this mode by just doing -net
vhost,fd=X. I think the only real question for libvirt is whether to
provide a user visible switch to use vhost or to just always use vhost
when it's available and it makes sense. Personally, I think the later
makes sense.
The more interesting invocation of vhost-net though is one where the
vhost-net device backs directly to a physical network card. In this
mode, vhost should get considerably better performance than the current
implementation. I don't know the syntax yet, but I think it's
reasonable to assume that it will look something like -net
tap,dev=eth0. The effect will be that eth0 is dedicated to the guest.
On most modern systems, there is a small number of network devices so
this model is not all that useful except when dealing with SR-IOV
adapters. In that case, each physical device can be exposed as many
virtual devices (VFs). There are a few restrictions here though. The
biggest is that currently, you can only change the number of VFs by
reloading a kernel module so it's really a parameter that must be set at
startup time.
I think there are a few ways libvirt could support vhost-net in this
second mode. The simplest would be to introduce a new tag similar to
<source network='br0'>. In fact, if you probed the device type for the
network parameter, you could probably do something like <source
network='eth0'> and have it Just Work.
Another model would be to have libvirt see an SR-IOV adapter as a
network pool whereas it handled all of the VF management. Considering
how inflexible SR-IOV is today, I'm not sure whether this is the best model.
Has anyone put any more thought into this problem or how this should be
modeled in libvirt? Michael, could you share your current thinking for
-net syntax?
--
Regards,
Anthony Liguori
1 year
[libvirt] [PATCH 0/2] qemu_cgroup: allow access to /dev/dri/render*
by Ján Tomko
Technically a v2, but v1 is already pushed.
This version is based on the <gl enable> in <spice> instead
of accel3d="yes" in <video><model type="virtio".
It also only allows access to the render* devices, instead of all of them.
https://bugzilla.redhat.com/show_bug.cgi?id=1337290
Ján Tomko (2):
Revert "qemu_cgroup: allow access to /dev/dri for virtio-vga"
qemu_cgroup: allow access to /dev/dri/render*
src/qemu/qemu_cgroup.c | 71 ++++++++++++++++++++++++++++++++++++++++----------
1 file changed, 57 insertions(+), 14 deletions(-)
--
2.7.3
7 years, 11 months
[libvirt] RFC: add recreate option to domain events conf
by Nikolay Shirokovskiy
Hi, all.
Does it make sense to anybody else that rebooting and resetting
a persistent domain from outside or from inside should bring upon
pending configuration changes? For this purpose we can add another
option to on_reboot and other events, say 'recreate'. From technical
POV qemu has enough capabilities, namely -no-reboot option.
Nikolay
7 years, 11 months
Re: [libvirt] question about rdma migration
by Michael R. Hines
Hi Roy,
On 02/09/2016 03:57 AM, Roy Shterman wrote:
> Hi,
>
> I tried to understand the rdma-migration in qemu code and i have two
> questions about it:
>
> 1. I'm working with qemu-kvm using libvirt and i'm getting
>
> MEMLOCK max locked-in-memory address space 65536 65536 bytes
>
> in qemu process so I don't understand how can you use rdma-pin-all
> with such low MEMLOCK.
>
> I found a solution in libvirt to lock all vm memory in advance and to
> enlarge MEMLOCK.
> It uses memoryBacking locking and memory tuning hard_limit of vm
> memory but I couldn't find a usage of this in rdma-migration code.
>
You're absolutey right, the RDMA migration code itself doesn't set this
lock limit explicitly because there are system-wide restrictions in both
appArmour,
/etc/security, as well as SELINUX that restrict applications from
arbitrarily setting their maximum memory lock limits.
The other problem is CGROUPS: If someone sets a cgroup control for
maximum memory and forgets about that mlock() limits, then
there will be a conflict.
So, libvirt must have a policy to deal with all of these possibilities,
not just handle a special case for RDMA migration.
The only way "simple" way (without patching the problems above) to apply
a higher lock limit to QEMU is to set the ulimit for libvirt
(or for QEMU if starting QEMU manually) in your environment or the
command line with $ ulimit # before attempting the migration,
then the RDMA subsystem will be able to lock the memory successfully.
The other option is to use /etc/security/limits.conf and set the option
for a specific libvirt process user and make sure your libvirt/qemu
are not running as root.
QEMU itself also has a "mlock" option built into the command line, but
it also suffers from the same problem --- you have to find
a way (currently) to increase the limit before using the option.
> 2. Do you have any comparison of IOPS and bandwidth between TCP
> migration and rdma migration?
>
Yes, lots of comparisons.
http://wiki.qemu.org/Features/RDMALiveMigration
http://www.canturkisci.com/ETC/papers/IBMJRD2011/preprint.pdf
> Regards,
> Roy
>
>
8 years
[libvirt] Qemu: create empty cdrom
by Gromak Yuriy
Hello.
Qemu is latest from master branch.
Tryingto start a domain, which is connected toa blankcdrom:
<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<target dev='sdb' bus='scsi'/>
<readonly/>
<address type='drive' controller='0' target='1' bus='0'
unit='0'/>
</disk>
But I get an error:
qemu-system-x86_64: -drive
if=none,id=drive-scsi0-0-1-0,readonly=on,format=raw: Can't use 'raw' as
a block driver for the protocol level.
8 years, 1 month
[libvirt] [PATCH 0/3] add option to keep nvram file on undefine
by Nikolay Shirokovskiy
There is already a patch [1] on this topic with a different approach - keep
nvram file by default. There is also some discussion there. To sum up keeping
nvram on undefine could be useful in some usecases so there should be an option
to do it. On the other hand there is a danger of leaving domain assets after
its undefine and unsing them unintentionally on defining domain with the same
name.
AFAIU keeping nvram by default was motivated by domain disks behaviour.
I think there is a difference as libvirt never create disks for domain as
opposed to nvram and managed save and without disks domain will not start so
user is quite aware of disks files. On the other hand one can start using nvram
file solely putting <nvram> in config and managed save is created on daemon
shutdown. So user is much less aware of nvram and managed save existence. Thus
one can easily mess up by unaware define $name/using/undefine/define $name again
usecase. Thus I vote for keeping said assets only if it is specified explicitly
so user knows what he is doing.
Adding option to undefine is best solution I come up with. The other options
are add checks on define or start and both are impossible. Such a check should
be done without any extra flags for it to be useful but this way we break
existing users.
As this a proof of concept this series does not add extra flag for managed save.
[1] https://www.redhat.com/archives/libvir-list/2015-February/msg00915.html
Nikolay Shirokovskiy (3):
api: add VIR_DOMAIN_UNDEFINE_KEEP_NVRAM flag
qemu: add VIR_DOMAIN_UNDEFINE_KEEP_NVRAM support
virsh: add --keep-nvram option to undefine command
include/libvirt/libvirt-domain.h | 1 +
src/qemu/qemu_driver.c | 26 +++++++++++++++++---------
tools/virsh-domain.c | 8 ++++++++
tools/virsh.pod | 6 +++---
4 files changed, 29 insertions(+), 12 deletions(-)
--
1.8.3.1
8 years, 2 months
[libvirt] [libvirt-glib/libvirt-gconfig 00/17] Graphics: Introduce the new Remote and Local classes (and also implement a few missing methods).
by Fabiano Fidêncio
While trying to use libvirt-gobject and libvirt-gconfig for accessing VMs
and looking at their config, instead of using libvirt and parsing XML
directly, I found out that a few methods have been missing and that
libvirt-gconfig is not exactly thought for the "reading their config" use
case (see more explanations on the 10th and 14th commits.
This series, unfortunately, introduces an ABI breakage.
Fabiano Fidêncio (17):
gconfig: Implement gvir_config_domain_graphics_vnc_get_autoport()
gconfig: Implement gvir_config_domain_graphics_spice_get_autoport()
gconfig: Implement gvir_config_domain_graphics_rdp_get_autoport()
gconfig: Implement gvir_config_domain_graphics_sdl_get_display()
gconfig: Implement gvir_config_domain_graphics_sdl_get_fullscreen()
gconfig: Implement gvir_config_domain_graphics_spice_get_tls_port()
gconfig: Implement gvir_config_domain_graphics_spice_{get,set}_host()
gconfig: Implement gvir_config_domain_graphics_vnc_{get,set}_host()
gconfig: Implement gvir_config_domain_graphics_rdp_{get,set}_host()
gconfig: Add GVirCofigDomainGraphicsRemote class
gconfig: Adapt GVirConfigDomainGraphicsSpice to
GVirConfigDomainGraphicsRemote
gconfig: Adapt GVirConfigDomainGraphicsRdp to
GVirConfigDomainGraphicsRemote
gconfig: Adapt GVirConfigDomainGraphicsVnc to
GVirConfigDomainGraphicsRemote
gconfig: Add GVirCofigDomainGraphicsLocal class
gconfig: Adapt GVirConfigDomainGraphicsSdl to
GVirConfigDomainGraphicsLocal
gconfig: Adapt GVirConfigDomainGraphicsDesktop to
GVirConfigDomainGraphicsLocal
gconfig,graphics: Avoid crash when gvir_config_object_new_from_xml()
returns NULL
libvirt-gconfig/Makefile.am | 4 +
.../libvirt-gconfig-domain-graphics-desktop.c | 14 ++-
.../libvirt-gconfig-domain-graphics-desktop.h | 4 +-
.../libvirt-gconfig-domain-graphics-local.c | 97 +++++++++++++++++++
.../libvirt-gconfig-domain-graphics-local.h | 68 ++++++++++++++
.../libvirt-gconfig-domain-graphics-rdp.c | 32 ++++++-
.../libvirt-gconfig-domain-graphics-rdp.h | 9 +-
.../libvirt-gconfig-domain-graphics-remote.c | 103 +++++++++++++++++++++
.../libvirt-gconfig-domain-graphics-remote.h | 70 ++++++++++++++
.../libvirt-gconfig-domain-graphics-sdl.c | 19 +++-
.../libvirt-gconfig-domain-graphics-sdl.h | 6 +-
.../libvirt-gconfig-domain-graphics-spice.c | 40 +++++++-
.../libvirt-gconfig-domain-graphics-spice.h | 10 +-
.../libvirt-gconfig-domain-graphics-vnc.c | 32 ++++++-
.../libvirt-gconfig-domain-graphics-vnc.h | 9 +-
libvirt-gconfig/libvirt-gconfig.h | 2 +
libvirt-gconfig/libvirt-gconfig.sym | 20 ++++
po/POTFILES.in | 2 +
18 files changed, 513 insertions(+), 28 deletions(-)
create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-graphics-local.c
create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-graphics-local.h
create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-graphics-remote.c
create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-graphics-remote.h
--
2.5.0
8 years, 2 months
[libvirt] [PATCH v2] qemu: neglect cur_balloon in supplied xml
by Nikolay Shirokovskiy
cur_balloon value can change in between preparing external config and
using it in operations like save and migrate. As a resutl operation will
fail for ABI inconsistency. cur_balloon changes can not be predicted
generally and thus operations will fail from time to time.
Skip checking cur_balloon if domain lock can not be hold between
preparing external config outside of libvirt and checking it against active
config. Instead update cur_balloon value in external config from active config.
This way it is protected from forges and is keeped up to date too.
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy(a)virtuozzo.com>
---
src/conf/domain_conf.c | 14 +++++++++++---
src/conf/domain_conf.h | 9 +++++++++
src/libvirt_private.syms | 1 +
src/qemu/qemu_domain.c | 29 ++++++++++++++++++++---------
src/qemu/qemu_domain.h | 6 +++---
src/qemu/qemu_driver.c | 5 +++--
src/qemu/qemu_migration.c | 4 ++--
7 files changed, 49 insertions(+), 19 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 85f6e31..f1cf87f 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -18493,8 +18493,9 @@ virDomainDefVcpuCheckAbiStability(virDomainDefPtr src,
* validation of custom XML config passed in during migration
*/
bool
-virDomainDefCheckABIStability(virDomainDefPtr src,
- virDomainDefPtr dst)
+virDomainDefCheckABIStabilityFlags(virDomainDefPtr src,
+ virDomainDefPtr dst,
+ unsigned int flags)
{
size_t i;
virErrorPtr err;
@@ -18538,7 +18539,8 @@ virDomainDefCheckABIStability(virDomainDefPtr src,
virDomainDefGetMemoryInitial(src));
goto error;
}
- if (src->mem.cur_balloon != dst->mem.cur_balloon) {
+ if (!(flags & VIR_DOMAIN_DEF_ABI_CHECK_SKIP_VOLATILE) &&
+ src->mem.cur_balloon != dst->mem.cur_balloon) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Target domain current memory %lld does not match source %lld"),
dst->mem.cur_balloon, src->mem.cur_balloon);
@@ -18963,6 +18965,12 @@ virDomainDefCheckABIStability(virDomainDefPtr src,
return false;
}
+bool
+virDomainDefCheckABIStability(virDomainDefPtr src,
+ virDomainDefPtr dst)
+{
+ return virDomainDefCheckABIStabilityFlags(src, dst, 0);
+}
static int
virDomainDefAddDiskControllersForType(virDomainDefPtr def,
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 3792562..cd7b966 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2623,6 +2623,11 @@ typedef enum {
VIR_DOMAIN_DEF_FORMAT_CLOCK_ADJUST = 1 << 9,
} virDomainDefFormatFlags;
+typedef enum {
+ /* skip checking values like cur_balloon that can be changed meanwhile */
+ VIR_DOMAIN_DEF_ABI_CHECK_SKIP_VOLATILE = 1 << 0,
+} virDomainDefABICheckFlags;
+
virDomainDeviceDefPtr virDomainDeviceDefParse(const char *xmlStr,
const virDomainDef *def,
virCapsPtr caps,
@@ -2658,6 +2663,10 @@ virDomainObjPtr virDomainObjParseFile(const char *filename,
bool virDomainDefCheckABIStability(virDomainDefPtr src,
virDomainDefPtr dst);
+bool virDomainDefCheckABIStabilityFlags(virDomainDefPtr src,
+ virDomainDefPtr dst,
+ unsigned int flags);
+
int virDomainDefAddImplicitDevices(virDomainDefPtr def);
virDomainIOThreadIDDefPtr virDomainIOThreadIDFind(const virDomainDef *def,
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 42f664c..4e7840c 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -208,6 +208,7 @@ virDomainDefAddController;
virDomainDefAddImplicitDevices;
virDomainDefAddUSBController;
virDomainDefCheckABIStability;
+virDomainDefCheckABIStabilityFlags;
virDomainDefClearCCWAddresses;
virDomainDefClearDeviceAliases;
virDomainDefClearPCIAddresses;
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index d1f8175..4b45caf 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -4620,21 +4620,32 @@ qemuDomainUpdateMemoryDeviceInfo(virQEMUDriverPtr driver,
}
-bool
-qemuDomainDefCheckABIStability(virQEMUDriverPtr driver,
- virDomainDefPtr src,
- virDomainDefPtr dst)
+int
+qemuDomainDefUpdateVolatile(virQEMUDriverPtr driver,
+ virDomainDefPtr src,
+ virDomainDefPtr dst)
{
virDomainDefPtr migratableDefSrc = NULL;
virDomainDefPtr migratableDefDst = NULL;
- const int flags = VIR_DOMAIN_XML_SECURE | VIR_DOMAIN_XML_UPDATE_CPU | VIR_DOMAIN_XML_MIGRATABLE;
- bool ret = false;
+ const unsigned int copy_flags = VIR_DOMAIN_XML_SECURE |
+ VIR_DOMAIN_XML_UPDATE_CPU |
+ VIR_DOMAIN_XML_MIGRATABLE;
+ const unsigned int check_flags = VIR_DOMAIN_DEF_ABI_CHECK_SKIP_VOLATILE;
+ int ret = -1;
- if (!(migratableDefSrc = qemuDomainDefCopy(driver, src, flags)) ||
- !(migratableDefDst = qemuDomainDefCopy(driver, dst, flags)))
+
+ if (!(migratableDefSrc = qemuDomainDefCopy(driver, src, copy_flags)) ||
+ !(migratableDefDst = qemuDomainDefCopy(driver, dst, copy_flags)))
+ goto cleanup;
+
+ if (!virDomainDefCheckABIStabilityFlags(migratableDefSrc,
+ migratableDefDst,
+ check_flags))
goto cleanup;
- ret = virDomainDefCheckABIStability(migratableDefSrc, migratableDefDst);
+ dst->mem.cur_balloon = src->mem.cur_balloon;
+
+ ret = 0;
cleanup:
virDomainDefFree(migratableDefSrc);
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 2443e97..7581fff 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -578,9 +578,9 @@ int qemuDomainUpdateMemoryDeviceInfo(virQEMUDriverPtr driver,
virDomainObjPtr vm,
int asyncJob);
-bool qemuDomainDefCheckABIStability(virQEMUDriverPtr driver,
- virDomainDefPtr src,
- virDomainDefPtr dst);
+int qemuDomainDefUpdateVolatile(virQEMUDriverPtr driver,
+ virDomainDefPtr src,
+ virDomainDefPtr dst);
bool qemuDomainAgentAvailable(virDomainObjPtr vm,
bool reportError);
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index e70d3ce..a819f53 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -3244,7 +3244,7 @@ qemuDomainSaveInternal(virQEMUDriverPtr driver, virDomainPtr dom,
VIR_DOMAIN_DEF_PARSE_SKIP_VALIDATE))) {
goto endjob;
}
- if (!qemuDomainDefCheckABIStability(driver, vm->def, def)) {
+ if (qemuDomainDefUpdateVolatile(driver, vm->def, def) < 0) {
virDomainDefFree(def);
goto endjob;
}
@@ -15103,7 +15103,8 @@ qemuDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
/* Transitions 5, 6, 8, 9 */
/* Check for ABI compatibility. We need to do this check against
* the migratable XML or it will always fail otherwise */
- if (config && !qemuDomainDefCheckABIStability(driver, vm->def, config)) {
+ if (config
+ && qemuDomainDefUpdateVolatile(driver, vm->def, config) < 0) {
virErrorPtr err = virGetLastError();
if (!(flags & VIR_DOMAIN_SNAPSHOT_REVERT_FORCE)) {
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 89350c8..38f471b 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -3237,7 +3237,7 @@ qemuMigrationBeginPhase(virQEMUDriverPtr driver,
VIR_DOMAIN_DEF_PARSE_SKIP_VALIDATE)))
goto cleanup;
- if (!qemuDomainDefCheckABIStability(driver, vm->def, def))
+ if (qemuDomainDefUpdateVolatile(driver, vm->def, def) < 0)
goto cleanup;
rv = qemuDomainDefFormatLive(driver, def, false, true);
@@ -3582,7 +3582,7 @@ qemuMigrationPrepareAny(virQEMUDriverPtr driver,
if (!newdef)
goto cleanup;
- if (!qemuDomainDefCheckABIStability(driver, *def, newdef)) {
+ if (qemuDomainDefUpdateVolatile(driver, *def, newdef) < 0) {
virDomainDefFree(newdef);
goto cleanup;
}
--
1.8.3.1
8 years, 2 months
