January 2011 - Devel - libvirt List Archives

[libvirt] [PATCH] docs: add new conversion heading to the apps listing
by Justin Clift 18 Jan '11

18 Jan '11

--- docs/apps.html.in | 43 +++++++++++++++++++++++++++++++++++++++---- 1 files changed, 39 insertions(+), 4 deletions(-) diff --git a/docs/apps.html.in b/docs/apps.html.in index 9a8ffc0..153584c 100644 --- a/docs/apps.html.in +++ b/docs/apps.html.in @@ -93,6 +93,40 @@ </dd> </dl> + <h2><a name="conversion">Conversion</a></h2> + + <dl> + <dt><a href="https://rwmj.wordpress.com/2009/10/13/poor-mans-p2v/">Poor mans p2v</a></dt> + <dd> + A simple approach for converting a physical machine to a virtual + machine, using a rescue CD. + </dd> + <dt><a href="http://et.redhat.com/~rjones/virt-p2v/">virt-p2v</a></dt> + <dd> + An older tool for converting a physical machine into a virtual + machine. It is a LiveCD which is booted on the machine to be + converted. It collects a little information from the user, then + copies the disks over to a remote machine and defines the XML for a + domain to run the guest. + </dd> + <dt><a href="http://git.fedorahosted.org/git/?p=virt-v2v.git;a=summary">virt-v2v</a></dt> + <dd> + virt-v2v converts guests from a foreign hypervisor to run on KVM, + managed by libvirt. It can currently convert Red Hat Enterprise + Linux (RHEL) and Fedora guests running on Xen and VMware ESX. It + will enable VirtIO drivers in the converted guest if possible. + </dd> + <dd> + For RHEL customers of Red Hat, conversion of Windows guests is also + possible. This conversion requires some Microsoft signed pieces, + that Red Hat can provide. + </dd> + <dt><a href="http://bazaar.launchpad.net/~ubuntu-virt/virt-goodies/trunk/annotate/head:/…">vmware2libvirt</a></dt> + <dd> + A Python script for migrating a vmware image to libvirt. + </dd> + </dl> + <h2><a name="desktop">Desktop applications</a></h2> <dl> @@ -134,10 +168,11 @@ <dl> <dt><a href="http://et.redhat.com/~rjones/virt-p2v/">virt-p2v</a></dt> <dd> - A tool for converting a physical machine into a virtual machine. It - is a LiveCD which is booted on the machine to be converted. It collects - a little information from the user, then copies the disks over to - a remote machine and defines the XML for a domain to run the guest. + An older tool for converting a physical machine into a virtual + machine. It is a LiveCD which is booted on the machine to be + converted. It collects a little information from the user, then + copies the disks over to a remote machine and defines the XML for a + domain to run the guest. </dd> </dl> -- 1.7.3.5

2 2

[libvirt] [PATCH] Fix startup with VNC password expiry on old QEMU
by Daniel P. Berrange 18 Jan '11

18 Jan '11

The code which set VNC passwords correctly had fallback for the set_password command, but was lacking it for the expire_password command. This made it impossible to start a guest. It also failed to check whether QEMU was still running after the initial 'set_password' command completed * src/qemu/qemu_hotplug.c: Fix error handling when password expiry fails * src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_text.c: Fix return code for missing expire_password command --- src/qemu/qemu_hotplug.c | 12 ++++++++++++ src/qemu/qemu_monitor_json.c | 10 +++++++++- src/qemu/qemu_monitor_text.c | 4 ++-- 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index 7abdd0f..125d9b5 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -1869,6 +1869,15 @@ qemuDomainChangeGraphicsPasswords(struct qemud_driver *driver, auth->passwd ? auth->passwd : defaultPasswd); } } + if (ret != 0) + goto cleanup; + + if (!virDomainObjIsActive(vm)) { + ret = -1; + qemuReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("guest unexpectedly quit")); + goto cleanup; + } if (auth->expires) { time_t lifetime = auth->validTo - now; @@ -1888,9 +1897,12 @@ qemuDomainChangeGraphicsPasswords(struct qemud_driver *driver, qemuReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Expiry of passwords is not supported")); ret = -1; + } else { + ret = 0; } } +cleanup: qemuDomainObjExitMonitorWithDriver(driver, vm); return ret; diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index 7387089..2e159c7 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -1298,6 +1298,7 @@ cleanup: return ret; } +/* Returns -1 on error, -2 if not supported */ int qemuMonitorJSONExpirePassword(qemuMonitorPtr mon, const char *protocol, const char *expire_time) @@ -1313,9 +1314,16 @@ int qemuMonitorJSONExpirePassword(qemuMonitorPtr mon, ret = qemuMonitorJSONCommand(mon, cmd, &reply); - if (ret == 0) + if (ret == 0) { + if (qemuMonitorJSONHasError(reply, "CommandNotFound")) { + ret = -2; + goto cleanup; + } + ret = qemuMonitorJSONCheckError(cmd, reply); + } +cleanup: virJSONValueFree(cmd); virJSONValueFree(reply); return ret; diff --git a/src/qemu/qemu_monitor_text.c b/src/qemu/qemu_monitor_text.c index 291d958..4cf87fe 100644 --- a/src/qemu/qemu_monitor_text.c +++ b/src/qemu/qemu_monitor_text.c @@ -803,6 +803,7 @@ cleanup: return ret; } +/* Returns -1 on error, -2 if not supported */ int qemuMonitorTextExpirePassword(qemuMonitorPtr mon, const char *protocol, const char *expire_time) @@ -824,8 +825,7 @@ int qemuMonitorTextExpirePassword(qemuMonitorPtr mon, } if (strstr(reply, "unknown command:")) { - qemuReportError(VIR_ERR_NO_SUPPORT, - _("expiring password not supported by this qemu: %s"), reply); + ret = -2; goto cleanup; } -- 1.7.3.4

2 1

[libvirt] Libvirt Windows 0.8.7 installer available
by Justin Clift 18 Jan '11

18 Jan '11

Hi all, The Libvirt 0.8.7 installer for Windows is now available online: http://libvirt.org/sources/win32_experimental/Libvirt-0.8.7-2.exe Changes for this release include: + VirtualBox support on Windows, as added to the main Libvirt 0.8.7 release. I haven't personally tested this yet, so if someone has the time to test and report/confirm it's working, that would be really helpful. + There is now an option to update the system PATH with the libvirt binaries location, so they don't have to be copied around if you're using the .dlls elsewhere. + The README text has been tweaked to be less confusing for vSphere ESX users reading about TLS certificates All thoughts and feedback are welcome. :) Regards and best wishes, Justin Clift

1 0

[libvirt] [PATCH] docs: updated windows page for new 0.8.7 installer
by Justin Clift 18 Jan '11

18 Jan '11

--- docs/windows.html.in | 31 +++++++++++++++---------------- 1 files changed, 15 insertions(+), 16 deletions(-) diff --git a/docs/windows.html.in b/docs/windows.html.in index 9acf67d..4850a54 100644 --- a/docs/windows.html.in +++ b/docs/windows.html.in @@ -18,7 +18,7 @@ version is available here: </p> - <a href="http://libvirt.org/sources/win32_experimental/Libvirt-0.8.6-2.exe">http://libvirt.org/sources/win32_experimental/Libvirt-0.8.6-2.exe</a> + <a href="http://libvirt.org/sources/win32_experimental/Libvirt-0.8.7-2.exe">http://libvirt.org/sources/win32_experimental/Libvirt-0.8.7-2.exe</a> <p> <b>It is not production ready.</b> @@ -77,15 +77,6 @@ <br /><br /> </li> - <li> - Libvirt dll files should be added to path - <br /><br /> - At the moment, anything that needs to use the libvirt dll files - (i.e. the C# bindings) won't automatically find them. This can be - worked around by copying the dll files into the same directory as - whatever needs them, but is probably not an optimal approach. - There might be a better way and needs to be investigated. - </li> </ul> <h2><a name="conntypes">Connection types</h2> @@ -119,6 +110,12 @@ </p> <p> + <b>Special note</b> - Support for VirtualBox *on windows* was added in + libvirt 0.8.7, so reports on success and failure if you're using that + would be really helpful and appreciated. + </p> + + <p> <b>WARNING - The qemu+tcp:// connection type passes all traffic without encryption. This is a security hazard, and should <i>not</i> be used in security sensitive environments.</b> @@ -127,8 +124,9 @@ <h2><a name="esx">Connecting to VMware ESX/vSphere</h2> <p> - Details on the capabilities and connection string syntax used for - connecting to VMware ESX and vSphere can be found online here:<br /> + Details on the capabilities, certificates, and connection string + syntax used for connecting to VMware ESX and vSphere can be found + online here:<br /> </p> <a href="http://libvirt.org/drvesx.html">http://libvirt.org/drvesx.html</a> @@ -136,8 +134,9 @@ <h2><a name="tlscerts">TLS Certificates</h2> <p> - TLS certificates are needed prior to connecting to either QEMU - instances with TLS, or connecting to VMware ESX/vSphere. + TLS certificates need to have been created and placed in the correct + locations, before you will be able to connect to QEMU servers over + TLS. </p> <p> @@ -154,8 +153,8 @@ </p> <p> - The locations of the TLS certificates and key file are hard coded, - rather than being configurable. + The locations of the TLS certificates and key file on Windows are hard + coded, rather than being configurable. </p> <p> -- 1.7.3.5

2 2

[libvirt] [PATCH] Fix error reporting when machine type probe fails
by Daniel P. Berrange 18 Jan '11

18 Jan '11

Avoid overwriting the real error message with a generic OOM failure message, when machine type probe fails * src/qemu/qemu_driver.c: Don't overwrite error --- src/qemu/qemu_driver.c | 4 +--- 1 files changed, 1 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index a1b9d2a..90429e5 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -6322,10 +6322,8 @@ qemudCanonicalizeMachineDirect(virDomainDefPtr def, char **canonical) virCapsGuestMachinePtr *machines = NULL; int i, nmachines = 0; - if (qemuCapsProbeMachineTypes(def->emulator, &machines, &nmachines) < 0) { - virReportOOMError(); + if (qemuCapsProbeMachineTypes(def->emulator, &machines, &nmachines) < 0) return -1; - } for (i = 0; i < nmachines; i++) { if (!machines[i]->canonical) -- 1.7.3.4

2 1

[libvirt] Libvirt 0.8.7 installer ready for testing
by Justin Clift 18 Jan '11

18 Jan '11

Hi guys, Created the windows libvirt 0.8.7 installer using Matthias's updated scripting: http://libvirt.org/sources/win32_experimental/Libvirt-0.8.7-0.exe Does someone have time to test and confirm it's ok, before we point to it from the website? Arnaud, this version of the installer adds the virsh bin directory to the system PATH variable. So I'm thinking don't need to copy the libvirt dll's around, when using your C# bindings. If you've have time to test that, it would be great. Could then update the web page with that info. :) Regards and best wishes, Justin Clift

3 4

[libvirt] [PATCH] Avoid crash in security driver if model is NULL
by Daniel P. Berrange 18 Jan '11

18 Jan '11

If the XML security model is NULL, it is assumed that the current model will be used with dynamic labelling. The verify step is meaningless and potentially crashes if dereferencing NULL * src/security/security_manager.c: Skip NULL model on verify --- src/security/security_manager.c | 7 +++++++ 1 files changed, 7 insertions(+), 0 deletions(-) diff --git a/src/security/security_manager.c b/src/security/security_manager.c index 66cffb5..1bc0ebb 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -309,6 +309,13 @@ int virSecurityManagerSetProcessLabel(virSecurityManagerPtr mgr, int virSecurityManagerVerify(virSecurityManagerPtr mgr, virDomainDefPtr def) { + /* NULL model == dynamic labelling, with whatever drive + * is active, so we can short circuit verify check to + * avoid drivers dereferencing NULLs by accident + */ + if (!secdef->model) + return 0; + if (mgr->drv->domainSecurityVerify) return mgr->drv->domainSecurityVerify(mgr, def); -- 1.7.3.4

2 1

[libvirt] [PATCH 0/3] Misc fixes/cleanups to libvirt API entry points
by Daniel P. Berrange 18 Jan '11

18 Jan '11

Just some misc fixes/cleanups i have queued against src/libvirt.c

2 6

[libvirt] [PATCH] handle DNS over IPv6
by Paweł Krześniak 18 Jan '11

18 Jan '11

Firstly: Add ip6tables rules to allow DNS over IPv6 in network. Secondly: start dnsmasq with --interface option instead of --listen-address. Dnsmasq currently uses "--listen-address IPv4_address" option, which restricts DNS service to one IPv4 address only. We could append --listen-address for every IPv[46] address defined on interface, but it's cleaner to use "--interface brname". There were some problems in the past with --interface option. Dnsmasq version 2.46 and earlier exited with error when tired to bind() to IPv6 addresses on just brought up interfaces, because DAD (Duplicate Address Detection) takes some time to finish and bind() returns EADDRNOTAVAIL which caused dnsmasq to exit. Dnsmasq version 2.47 (released on 05-Feb-2009) fixed this issue by retrying bind() after getting EADDRNOTAVAIL error (as described in http://www.thekelleys.org.uk/dnsmasq/CHANGELOG; loop itself is defined in dnsmasq-2.47/src/network.c:404) * Using --interface option causes longer network startup: $ time virsh -c qemu:///system net-start isolated1 Network isolated1 started real 0m0.112s user 0m0.013s sys 0m0.009s $ time virsh -c qemu:///system net-start isolated1 Network isolated1 started real 0m2.101s user 0m0.011s sys 0m0.011s * Dnsmasq exits after DAD complets which guarantees that radvd will no more produces following warnings: Dec 28 19:42:11 nemo radvd[14652]: sendmsg: Invalid argument --- src/network/bridge_driver.c | 32 +++++++++++++++++++++++++------- 1 files changed, 25 insertions(+), 7 deletions(-) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 7d43ef5..a689c9f 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -469,16 +469,13 @@ networkBuildDnsmasqArgv(virNetworkObjPtr network, virCommandAddArgList(cmd, "--conf-file=", "", NULL); /* - * XXX does not actually work, due to some kind of - * race condition setting up ipv6 addresses on the - * interface. A sleep(10) makes it work, but that's - * clearly not practical + * It's safe to use --interface option for dnsmasq 2.47 and later. + * With earlier versions we had to use --listen-address option. * - * virCommandAddArg(cmd, "--interface"); - * virCommandAddArg(cmd, ipdef->bridge); + * virCommandAddArgList(cmd, "--listen-address", bridgeaddr); */ virCommandAddArgList(cmd, - "--listen-address", bridgeaddr, + "--interface", network->def->bridge, "--except-interface", "lo", NULL); @@ -1157,9 +1154,30 @@ networkAddGeneralIptablesRules(struct network_driver *driver, goto err9; } + /* allow DNS over IPv6 requests through to dnsmasq */ + if (iptablesAddTcpInput(driver->iptables, AF_INET6, + network->def->bridge, 53) < 0) { + networkReportError(VIR_ERR_SYSTEM_ERROR, + _("failed to add ip6tables rule to allow DNS requests from '%s'"), + network->def->bridge); + goto err10; + } + + if (iptablesAddUdpInput(driver->iptables, AF_INET6, + network->def->bridge, 53) < 0) { + networkReportError(VIR_ERR_SYSTEM_ERROR, + _("failed to add ip6tables rule to allow DNS requests from '%s'"), + network->def->bridge); + goto err11; + } + return 0; /* unwind in reverse order from the point of failure */ +err11: + iptablesRemoveTcpInput(driver->iptables, AF_INET6, network->def->bridge, 53); +err10: + networkRemoveGeneralIp6tablesRules(driver, network); err9: iptablesRemoveForwardAllowCross(driver->iptables, AF_INET, network->def->bridge); err8:

4 9

[libvirt] [PATCH 0/7] patch queue cleanup
by Eric Blake 17 Jan '11

17 Jan '11

I've been building up several (unrelated) patches that haven't been reviewed yet; here they are in no particular order except that 6 depends on 5, and that 4 depends on 3. Eric Blake (6): datatypes: avoid redundant __FUNCTION__ maint: improve sc_prohibit_strncmp syntax check build: let xgettext see strings in libvirt-guests qemu: use -incoming fd:n to avoid qemu holding fd indefinitely qemu: use lighter-weight fd:n on incoming tunneled migration qemu: improve efficiency of dd during snapshots Laurent Léonard (1): libvirt-guests: remove bashisms .gnulib | 2 +- .x-sc_prohibit_strcmp | 1 - .x-sc_prohibit_strncmp | 1 - Makefile.am | 2 - cfg.mk | 7 +- po/POTFILES.in | 1 + src/datatypes.c | 129 +++++++++++++++----- src/qemu/qemu_command.c | 82 ++++++++----- src/qemu/qemu_command.h | 1 + src/qemu/qemu_driver.c | 56 +++------ src/qemu/qemu_monitor_json.c | 5 +- src/qemu/qemu_monitor_text.c | 5 +- .../qemuxml2argv-restore-v2-fd.args | 1 + .../qemuxml2argv-restore-v2-fd.xml | 25 ++++ tests/qemuxml2argvtest.c | 30 +++-- tools/Makefile.am | 13 ++- ...bvirt-guests.init.in => libvirt-guests.init.sh} | 72 +++++++----- 17 files changed, 279 insertions(+), 154 deletions(-) delete mode 100644 .x-sc_prohibit_strcmp delete mode 100644 .x-sc_prohibit_strncmp create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-restore-v2-fd.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-restore-v2-fd.xml rename tools/{libvirt-guests.init.in => libvirt-guests.init.sh} (76%) -- 1.7.3.4

3 17