[libvirt] libvirt use of dnsmasq to provide dhcp-ipv6 service
by Gene Czarcinski
Since around the 2.61 dnsmasq supports providing dhcp-ipv6 services.
Yes, I am aware that F17, F18, and rawhide all currently have dnsmasq
2.59 ... I am currently running dnsmasq-2.63.
What are the plans for supporting dhcp-ipv6 from dnsmasq?
I noticed that if you plug in a dhcp range specification under an ipv6
definition in the xml configuration file that virsh net-edit does not
complain about it ... it just makes it disappear!
Is the code there but not enabled because you need to support earlier
versions of dnsmasq? If the code is there, what is the "magic switch"
to turn it on? I understand that if I do that I may well be on my own.
Gene
12 years, 3 months
[libvirt] RFC: take two on live update of network configuration
by Laine Stump
We need a way to update the elements of a <network> without being
required to restart the network before the changes take effect. I had
previously thought I could just use a new virNetworkDefineXMLFlags with
an optional flag set to mean "take effect immediately", but have been
discouraged from that approach.
Instead, I'm considering something similar to
virDomain(Attach|Update|Detach)DeviceFlags, but this could be more
complicated because I would like to be able to update *anything* within
the network definition hierarchy, not just the direct subelements of one
level in the hierarchy (as is the case for those existing functions).
Here's an example of an existing network (note that this isn't a legal
network - you can't have an <ip> element and an interface pool (or a
bridge name and an interface pool) in the same network; this is just so
I can use a single example), and some of the things we might want to do
with it:
<network>
<name>test1</name>
<uuid>2d39a0ba-ac4b-6097-114c-50f8bccc277c</uuid>
<forward mode='bridge'/>
<bridge name='virbr5' stp='on' delay='0' />
<mac address='52:54:00:38:81:4D'/>
<domain name='example.com'/>
<forward mode='private'/>
<interface dev="eth20"/>
<interface dev="eth21"/>
<interface dev="eth22"/>
<interface dev="eth23"/>
<interface dev="eth24"/>
</forward>
<portgroup name='engineering' default='yes'>
<virtualport type='802.1Qbh'>
<parameters profileid='test'/>
</virtualport>
<bandwidth>
<inbound average='1000' peak='5000' burst='5120'/>
<outbound average='1000' peak='5000' burst='5120'/>
</bandwidth>
</portgroup></b>
<portgroup name='sales'>
<virtualport type='802.1Qbh'>
<parameters profileid='salestest'/>
</virtualport>
<bandwidth>
<inbound average='500' peak='2000' burst='2560'/>
<outbound average='128' peak='256' burst='256'/>
</bandwidth>
</portgroup></b>
<dns>
<txt name="example" value="example value" />
<srv service='name' protocol='tcp' domain='test-domain-name' target='.' port='1024' priority='10' weight='10'/>
<host ip='192.168.122.2'>
<hostname>myhost</hostname>
<hostname>myhostalias</hostname>
</host>
</dns>
<ip address='10.24.75.1' netmask='255.255.255.0'>
<dhcp>
<range start='10.24.75.128' end='10.24.75.254' />
<host mac='52:54:3e:77:e2:ed' name='X.example.com' ip='10.24.75.10' />
<host mac='52:54:3e:77:e2:ef' name='Y.example.com' ip='10.24.75.11' />
<host mac='52:54:34:77:e2:f0' name='Z.example.com' ip='10.24.75.12' />
<host mac='52:54:3e:77:e2:f1' name='A.example.com' ip='10.24.75.13' />
</dhcp>
</ip>
<ip address='192.168.4.1' netmask='255.255.255.0'/>
</network>
Some things we might want to do to this (the first three have already
been requested):
1) add or remove an interface from the interface pool, i.e. a particular
<interface> sub-element of the (one and only) <forward> element.
2) add/remove/modify a portgroup entry (i.e. a specific sub-element of
<network>)
3) add/remove/modify a static host entry from the <dhcp> section of a
particular <ip> (so, a particular <host> sub-element of a particular
<ip> element)
Some others:
4) add/modify/remove a <host> (or a <txt> or an <srv> in the <dns> section
4) add/modify/remove the <domain>
5) add/modify/remove an entire <ip> element
6) turn stp on/off in the <bridge> element
I can see three possible methods of providing this functionality:
===========
OPTION 1) Have a single API:
virNetworkUpdate(virNetworkPtr network,
const char *xml, unsigned, int flags)
This function would take an entire <network> specification as an arg,
and replace the entire existing config. This would allow changing
anything, but would also require reading the entire config beforehand.
===========
OPTION 2) have a separate API for each different type of element we may want to
change, e.g.:
virNetworkUpdateForwardInterface(virNetworkPtr network,
const char *xml,
unsigned int flags);
virNetworkUpdatePortgroup(virNetworkPtr network,
const char *xml,
unsigned int flags);
virNetworkUpdateIpDhcpHost(virNetworkPtr network,
const char *xml,
unsigned int flags);
virNetworkUpdateDnsEntry(virNetworkPtr network,
const char *xml,
unsigned int flags);
/* The name of this one may confuse... */
virNetworkUpdateDomain(virNetworkPtr network,
const char *xml,
unsigned int flags);
virNetworkUpdateBridge(virNetworkPtr network,
const char *xml,
unsigned int flags);
virNetworkUpdateIpDnsHost(virNetworkPtr network,
const char *xml,
unsigned int flags);
etc. (etc. etc.)
"flags" would include:
/* force add if object with matching key doesn't exist */
VIR_NETWORK_UPDATE_ADD
/* delete existing object(s) that matches the xml */
VIR_NETWORK_UPDATE_DELETE
/* take effect immediately */
VIR_NETWORK_UPDATE_LIVE
/* persistent change */
VIR_NETWORK_UPDATE_CONFIG
This method could be problematic, e.g., for something like
virNetworkUpdateIpDhcpHost() - although currently only a single <ip>
element can have a <dhcp> entries, in the future we could allow any/all
of them to have dhcp entries. Another downside is that we would need to
add an new function for each new element we decide we want to be able to
update.
===========
OPTION 3) Again, a single API, but with an added "nodespec" arg which would
be used to describe the parent node you of the node you want added/updated to:
int virNetworkUpdate(virNetworkPtr network,
const char *nodeSpec,
const char *xml,
unsigned int flags);
For example, if you wanted to add a new <host> entry to <ip
address='10.24.75.1' ...>'s dhcp element, you would do this:
/* nodespec obviously uses an XPath expression */
virNetworkUpdate("/ip[address='10.24.75.1']/dhcp",
/* full text of <host> element to add */
"<host mac='00:16:3e:77:e2:ed' "
"name='X.example.com' ip='10.24.75.10'/>"
VIR_NETWORK_UPDATE_ADD | VIR_NETWORK_UPDATE_LIVE
| VIR_NETWORK_UPDATE_CONFIG);
Or, to change the contents of the exiting portgroup "engineering" you
would use:
virNetworkUpdate("/",
/* full text of portgroup */,
"<portgroup name='engineering'> ..... </portgroup>"
VIR_NETWORK_UPDATE_LIVE|VIR_NETWORK_UPDATE_CONFIG);
To delete a static dhcp host entry, you would use this:
virNetworkUpdate("/ip[address='10.24.75.1']/dhcp",
/* just enough to match existing entry */
"<host mac='00:16:3e:77:e2:ed'/>",
VIR_NETWORK_UPDATE_DELETE | VIR_NETWORK_UPDATE_LIVE
| VIR_NETWORK_UPDATE_CONFIG);
or if you preferred:
virNetworkUpdate("/ip[address='10.24.75.1']/dhcp",
/* again, just enough to match */
"<host ip='10.24.75.10'/>",
VIR_NETWORK_UPDATE_DELETE |VIR_NETWORK_UPDATE_LIVE
| VIR_NETWORK_UPDATE_CONFIG);
To remove an interface from the interface pool:
virNetworkUpdate("/forward",
"<interface dev='eth20'/>",
VIR_NETWORK_UPDATE_DELETE | VIR_NETWORK_UPDATE_LIVE
| VIR_NETWORK_UPDATE_CONFIG)
(adding an interface would be identical, except the flag).
(An alternate implementation would be to have nodeSpec specify the node
that is being updated/removed rather than its parent. This may make more
logical sense, (although not for ADD) and would even make the rest of
the code simpler for update/remove (we wouldn't have to do a manual
search within the node).
The positive side of this is that the one API function allows you to modify
*anything* (even stuff not yet invented, so it's future-proof). The negative
side is that the code that implements it would need to go to quite a bit of
extra trouble to determine what has been changed (basically, it would
a) generate XML for the current state of the network,
b) parse that into an xmlNode,
c) perform the operation on xmlNode using nodeset to figure out where,
and adding in the new xml (or removing any nodes matching it),
d) convert modified xmlNode back to xml text,
e) parse the xml text into a virNetworkDef,
f) compare it to the original virNetworkDef to determine what to do.
==========
Which OPTION? 1, 2, or 3?
=========================
I'm discounting option (1) for now. Here's the scorecard for (2) vs. (3):
2) Pros: easier to understand, more exactly defined.
Cons: requires a new API each time we find a different node we want
to be able to update
3) Pros: one API covers everything, should never need any new API
Cons: more complex for user to understand, me to implement. Possibly
more trouble to do fine grained access control (e.g. if you want
to allow adding dhcp static hosts, but not allow changing the
domain name or interface pool)
(actually, in practice, I guess it shouldn't be any more trouble to do
fine grained access control, as long as you can make the decision of
whether or not to allow later on in the function that implements the API
(at step (6) above), rather than at the top level when the API is first
called).
I'm leaning towards (3). If it raises a technical boundary, or people
don't like the idea of having an arg in the public API that takes an
XPath expression, then maybe I could switch to (2).
Any opinions on which direction I should take? Some way different from
what I'm suggesting?
Specific questions:
1) Does having a single public API that is used to update many different
parts of the object raise any hurdles wrt. fine grained access control?
(knowing that there will be "some point" in that code that we know
exactly what the user is attempting to change).
2) any problems / reservations about accepting XPatch expressions in the
args of a public API?
3) Can you think of a situation where this wouldn't work?
12 years, 3 months
[libvirt] A bug or a "feature"
by Gene Czarcinski
I recently updated libvirt* on my test system and found out something
interesting. Although libvirtd is restarted , the dnsmasq
instantiations it has are not restarted.
In fact, if you remove virtualization from the system, the dnsmasq
instantiations are still running.
In fact, you have to manually kill them or reboot the system to remove them.
If you are updated libvirt*, then you can do a
"virsh net-destroy <whatever>"
AND THEN A
"virsh net-start <whatever>"
OK, is this a bug (which I will report) or simply a "feature" that I do
not like?
Gene
12 years, 3 months
[libvirt] [PATCHv2 0/2] interface driver build cleanup and udev backend addition
by Doug Goldstein
Refactored the cross use of netcf and interface for the interface driver into
only interface driver references. Made netcf the primary backend provider for
the interface driver. Added a udev based read-only interface driver backend to
be used when netcf support is not built in.
Change from v1:
* rebased against master
* Fixed copyright header
* Added libvirt.spec.in modification
* Changed virsh -V output
Untested:
* udev: Devices that are part of a bond.
* libvirt.spec: Need some feedback from DV and the RH guys on how they want it packaged
Unknown:
* Should virInterfaceGetXMLDesc() be implemented for the udev backend?
It will as a result contain a lot less info than the netcf based backend
would for the same device (e.g. does the device start on boot).
Doug Goldstein (2):
build: define WITH_INTERFACE for the driver
interface: add udev based backend for virInterface
.gnulib | 2 +-
configure.ac | 37 ++-
daemon/Makefile.am | 2 +-
daemon/libvirtd.c | 8 +-
libvirt.spec.in | 13 +-
src/Makefile.am | 34 ++-
.../{netcf_driver.c => interface_backend_netcf.c} | 2 +-
src/interface/interface_backend_udev.c | 395 ++++++++++++++++++++
.../{netcf_driver.h => interface_driver.h} | 0
tests/virdrivermoduletest.c | 2 +-
tools/virsh.c | 8 +-
11 files changed, 480 insertions(+), 23 deletions(-)
rename src/interface/{netcf_driver.c => interface_backend_netcf.c} (99%)
create mode 100644 src/interface/interface_backend_udev.c
rename src/interface/{netcf_driver.h => interface_driver.h} (100%)
--
1.7.8.6
12 years, 3 months
[libvirt] [PATCH] docs: point out git send-email location, be more stern about make check
by Laine Stump
An email came to libvir-list wondering why the git send-email command
was missing in spite of having git installed; this is due to the
send-email command being in a sub-package of the main git package.
While touching the hacking file, I thought it would be useful to 1)
indicate the location of the source (docs/hacking.html.in) in the
message at the top of HACKING, and also to make the note about running
"make check" and "make syntax-check" a bit more stern.
---
HACKING | 22 ++++++++++++++--------
docs/hacking.html.in | 29 ++++++++++++++++++-----------
docs/hacking2.xsl | 3 ++-
3 files changed, 34 insertions(+), 20 deletions(-)
diff --git a/HACKING b/HACKING
index 804d54c..ab1a329 100644
--- a/HACKING
+++ b/HACKING
@@ -1,5 +1,6 @@
-*- buffer-read-only: t -*- vi: set ro:
-DO NOT EDIT THIS FILE! IT IS GENERATED AUTOMATICALLY!
+DO NOT EDIT THIS FILE! IT IS GENERATED AUTOMATICALLY
+from docs/hacking.html.in!
@@ -32,11 +33,14 @@ Then, when you want to post your patches:
git pull --rebase
(fix any conflicts)
- git send-email --cover-letter --no-chain-reply-to --annotate --to=libvir-list(a)redhat.com master
+ git send-email --cover-letter --no-chain-reply-to --annotate \
+ --to=libvir-list(a)redhat.com master
-For a single patch you can omit "--cover-letter", but series of a two or more
-patches needs a cover letter. If you get tired of typing
-"--to=libvir-list(a)redhat.com" designation you can set it in git config:
+(Note that the "git send-email" subcommand is usually not in the main git
+package, but part of a sub-package called "git-email".) For a single patch you
+can omit "--cover-letter", but series of a two or more patches needs a cover
+letter. If you get tired of typing "--to=libvir-list(a)redhat.com" designation
+you can set it in git config:
git config sendemail.to libvir-list(a)redhat.com
@@ -56,9 +60,11 @@ though).
(3) Split large changes into a series of smaller patches, self-contained if
possible, with an explanation of each patch and an explanation of how the
sequence of patches fits together. Moreover, please keep in mind that it's
-required to be able to compile cleanly after each patch. A feature does not
-have to work until the end of a series, as long as intermediate patches don't
-cause test-suite failures.
+required to be able to compile cleanly (*including* "make check" and "make
+syntax-check") after each patch. A feature does not have to work until the end
+of a series, but intermediate patches must compile and not cause test-suite
+failures (this is to preserve the usefulness of "git bisect", among other
+things).
diff --git a/docs/hacking.html.in b/docs/hacking.html.in
index ca02669..1917b78 100644
--- a/docs/hacking.html.in
+++ b/docs/hacking.html.in
@@ -31,11 +31,15 @@
<pre>
git pull --rebase
(fix any conflicts)
- git send-email --cover-letter --no-chain-reply-to --annotate --to=libvir-list(a)redhat.com master
-</pre>
- <p>For a single patch you can omit <code>--cover-letter</code>, but
- series of a two or more patches needs a cover letter. If you get tired
- of typing <code>--to=libvir-list(a)redhat.com</code> designation you can
+ git send-email --cover-letter --no-chain-reply-to --annotate \
+ --to=libvir-list(a)redhat.com master
+</pre>
+ <p>(Note that the "git send-email" subcommand is usually not
+ in the main git package, but part of a sub-package called
+ "git-email".) For a single patch you can omit
+ <code>--cover-letter</code>, but series of a two or more
+ patches needs a cover letter. If you get tired of typing
+ <code>--to=libvir-list(a)redhat.com</code> designation you can
set it in git config:</p>
<pre>
git config sendemail.to libvir-list(a)redhat.com
@@ -55,12 +59,15 @@
</li>
<li><p>Split large changes into a series of smaller patches,
- self-contained if possible, with an explanation of each patch and an
- explanation of how the sequence of patches fits together. Moreover,
- please keep in mind that it's required to be able to compile cleanly
- after each patch. A feature does not have to work until the end of a
- series, as long as intermediate patches don't cause test-suite
- failures.</p>
+ self-contained if possible, with an explanation of each patch
+ and an explanation of how the sequence of patches fits
+ together. Moreover, please keep in mind that it's required to
+ be able to compile cleanly (<b>including</b> <code>make
+ check</code> and <code>make syntax-check</code>) after each
+ patch. A feature does not have to work until the end of a
+ series, but intermediate patches must compile and not cause
+ test-suite failures (this is to preserve the usefulness
+ of <code>git bisect</code>, among other things).</p>
</li>
<li>Make sure your patches apply against libvirt GIT. Developers
diff --git a/docs/hacking2.xsl b/docs/hacking2.xsl
index 89e777b..cd1712c 100644
--- a/docs/hacking2.xsl
+++ b/docs/hacking2.xsl
@@ -18,7 +18,8 @@
<xsl:template match="/">
<xsl:text>-*- buffer-read-only: t -*- vi: set ro:
-DO NOT EDIT THIS FILE! IT IS GENERATED AUTOMATICALLY!
+DO NOT EDIT THIS FILE! IT IS GENERATED AUTOMATICALLY
+from docs/hacking.html.in!
--
1.7.11.4
12 years, 3 months
[libvirt] [PATCH] Fix unwanted closing of libvirt client connection
by Christophe Fergeau
e5a1bee07 introduced a regression in Boxes: when Boxes is left idle
(it's still doing some libvirt calls in the background), the
libvirt connection gets closed after a few minutes. What happens is
that this code in virNetClientIOHandleOutput gets triggered:
if (!thecall)
return -1; /* Shouldn't happen, but you never know... */
and after the changes in e5a1bee07, this causes the libvirt connection
to be closed.
Upon further investigation, what happens is that
virNetClientIOHandleOutput is called from gvir_event_handle_dispatch
in libvirt-glib, which is triggered because the client fd became
writable. However, between the times gvir_event_handle_dispatch
is called, and the time the client lock is grabbed and
virNetClientIOHandleOutput is called, another thread runs and
completes the current call. 'thecall' is then NULL when the first
thread gets to run virNetClientIOHandleOutput.
After describing this situation on IRC, danpb suggested this:
11:37 < danpb> In that case I think the correct thing would be to change
'return -1' above to 'return 0' since that's not actually an
error - its a rare, but expected event
which is what this patch is doing. I've tested it against master
libvirt, and I didn't get disconnected in ~10 minutes while this
happens in less than 5 minutes without this patch.
---
src/rpc/virnetclient.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
index 43a9814..727ed67 100644
--- a/src/rpc/virnetclient.c
+++ b/src/rpc/virnetclient.c
@@ -1205,7 +1205,10 @@ virNetClientIOHandleOutput(virNetClientPtr client)
thecall = thecall->next;
if (!thecall)
- return -1; /* Shouldn't happen, but you never know... */
+ return 0; /* This can happen if another thread raced with us and
+ * completed the call between the time this thread woke
+ * up from poll()ing and the time we locked the client
+ */
while (thecall) {
ssize_t ret = virNetClientIOWriteMessage(client, thecall);
--
1.7.11.4
12 years, 3 months
[libvirt] [libvirt-glib 1/4] config: Allow NULL node name to gvir_config_object_set_content
by Christophe Fergeau
This is useful when you want to set the content of the current node.
---
libvirt-gconfig/libvirt-gconfig-object.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/libvirt-gconfig/libvirt-gconfig-object.c b/libvirt-gconfig/libvirt-gconfig-object.c
index a7352a5..ac0545c 100644
--- a/libvirt-gconfig/libvirt-gconfig-object.c
+++ b/libvirt-gconfig/libvirt-gconfig-object.c
@@ -534,7 +534,6 @@ gvir_config_object_set_node_content(GVirConfigObject *object,
GVirConfigObject *node;
g_return_if_fail(GVIR_CONFIG_IS_OBJECT(object));
- g_return_if_fail(node_name != NULL);
if (value == NULL) {
gvir_config_object_delete_child(object, node_name, NULL);
@@ -542,8 +541,12 @@ gvir_config_object_set_node_content(GVirConfigObject *object,
return;
}
- node = gvir_config_object_replace_child(object, node_name);
- g_return_if_fail(node != NULL);
+ if (node_name != NULL) {
+ node = gvir_config_object_replace_child(object, node_name);
+ g_return_if_fail(node != NULL);
+ } else {
+ node = g_object_ref(G_OBJECT(object));
+ }
encoded_data = xmlEncodeEntitiesReentrant(node->priv->node->doc,
(xmlChar *)value);
xmlNodeSetContent(node->priv->node, encoded_data);
@@ -559,7 +562,6 @@ gvir_config_object_set_node_content_uint64(GVirConfigObject *object,
char *str;
g_return_if_fail(GVIR_CONFIG_IS_OBJECT(object));
- g_return_if_fail(node_name != NULL);
str = g_strdup_printf("%"G_GUINT64_FORMAT, value);
gvir_config_object_set_node_content(object, node_name, str);
--
1.7.11.4
12 years, 3 months
[libvirt] [PATCH] qemu: Remove limit enforcing when setting processor count
by Peter Krempa
When setting processor count for a domain using the API libvirt enforced
a maximum processor count that was determined using an IOCTL on
/dev/kvm. Unfortunately this value isn't representative enough and qemu
happily accepts and starts with values greater than the reported value.
This patch removes the check so that users are able to use full
potential of their big boxes also when setting processor counts with the
API not just in XML.
---
src/qemu/qemu_driver.c | 16 +++-------------
1 file changed, 3 insertions(+), 13 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 8e8e00c..6be3e5f 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -3595,7 +3595,6 @@ qemuDomainSetVcpusFlags(virDomainPtr dom, unsigned int nvcpus,
virDomainObjPtr vm;
virDomainDefPtr persistentDef;
const char * type;
- int max;
int ret = -1;
bool maximum;
@@ -3645,20 +3644,11 @@ qemuDomainSetVcpusFlags(virDomainPtr dom, unsigned int nvcpus,
goto endjob;
}
- if ((max = qemudGetMaxVCPUs(NULL, type)) < 0) {
- virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("could not determine max vcpus for the domain"));
- goto endjob;
- }
-
- if (!maximum && vm->def->maxvcpus < max) {
- max = vm->def->maxvcpus;
- }
-
- if (nvcpus > max) {
+ if (!maximum && nvcpus > vm->def->maxvcpus) {
virReportError(VIR_ERR_INVALID_ARG,
_("requested vcpus is greater than max allowable"
- " vcpus for the domain: %d > %d"), nvcpus, max);
+ " vcpus for the domain: %d > %d"),
+ nvcpus, vm->def->maxvcpus);
goto endjob;
}
--
1.7.12
12 years, 3 months
[libvirt] [libvirt-designer][PATCH 0/4] Basic disk & interface support
by Michal Privoznik
with small example called virtxml
Michal Privoznik (4):
Load osinfo DB on init
domain: Introduce disk support
examples: Create an example of usage program
domain: Introduce interface support
.gitignore | 1 +
Makefile.am | 2 +-
configure.ac | 6 +-
examples/Makefile.am | 23 ++
examples/virtxml.c | 406 ++++++++++++++++++++++++++
libvirt-designer/Makefile.am | 1 +
libvirt-designer/libvirt-designer-domain.c | 302 +++++++++++++++++++-
libvirt-designer/libvirt-designer-domain.h | 12 +-
libvirt-designer/libvirt-designer-internal.h | 30 ++
libvirt-designer/libvirt-designer-main.c | 17 +-
libvirt-designer/libvirt-designer.sym | 4 +
11 files changed, 799 insertions(+), 5 deletions(-)
create mode 100644 examples/Makefile.am
create mode 100644 examples/virtxml.c
create mode 100644 libvirt-designer/libvirt-designer-internal.h
--
1.7.8.6
12 years, 3 months