Re: [libvirt] [RFC] Image Fleecing for Libvirt (BZ 955734, 905125)

On Mon, Jul 15, 2013 at 05:57:12PM +0800, Fam Zheng wrote: > Hi all, > > QEMU-KVM BZ 955734, and libvirt BZ 905125 are about feature "Read-only > point-in-time throwaway snapshot". The development is ongoing on > upstream, which implements the core functionality by QMP command > drive-backup. I want to demonstrate the HMP/QMP commands here for image > fleecing tasks (again) and make sure this interface looks ready and > satisfying from Libvirt point of view. >

> Hi all, > > QEMU-KVM BZ 955734, and libvirt BZ 905125 are about feature "Read-only > point-in-time throwaway snapshot". The development is ongoing on > upstream, which implements the core functionality by QMP command > drive-backup. I want to demonstrate the HMP/QMP commands here for image > fleecing tasks (again) and make sure this interface looks ready and > satisfying from Libvirt point of view. And since we are at it, here is a possible libvirt API to expose this functionality (cut-and-paste from an old email). If needed, VDSM can provide a similar API and proxy the libvirt API. Would something like this work? int virDomainBlockPeekStart (virDomainPtr dom, const char ** disks, unsigned int flags); Make it possible to use virDomainBlockPeek on the given disks with the new VIR_DOMAIN_BLOCK_PEEK_IMAGE flag. It is okay to create multiple "snapshot groups", i.e. to invoke the function multiple times with VIR_DOMAIN_BLOCK_PEEK_SNAPSHOT. It is however not okay to specify the same disk multiple times unless all of them are _without_ VIR_DOMAIN_BLOCK_PEEK_SNAPSHOT. flags: VIR_DOMAIN_BLOCK_PEEK_SNAPSHOT Make an atomic point-in-time snapshot of all the disks included in the list of strings "disks", and expose the snapshot via virDomainBlockPeek Note: if the virtual machine is running, this will use nbd-server-start/add/end. If the virtual machine is paused, this will use qemu-nbd. Libvirt should be able to switch transparently from one method to the other. int virDomainBlockPeekStop (virDomainPtr dom); Stop communication with qemu-nbd or the hypervisor. VIR_DOMAIN_BLOCK_PEEK_IMAGE A new flag for virDomainBlockPeek. If specified, virDomainBlockPeek will access the disk image, not the "raw" file (i.e. it will read data as seen by the guest). This is only valid if virDomainBlockPeekStart has been called before for this disk. Because libvirt would use a local (Unix) socket to communicate with QEMU and pass the file descriptor, there is no need to authenticate the NBD connection. There is no need for ticketing, though if necessary we can make QEMU only accept connections from libvirtd's pid. libvirt and VDSM already do authentication and/or encryption. Paolo