October 2013 - Devel - libvirt List Archives

[libvirt] [PATCH 0/3] Misc LXC errore reporting improvements
by Daniel P. Berrange 14 Oct '13

14 Oct '13

From: "Daniel P. Berrange" <berrange(a)redhat.com> A few more LXC fixes to improve error reporting Instead of # virsh -c lxc:/// start shell error: Failed to start domain shell error: internal error: guest failed to start: PATH=/bin:/sbin TERM=linux container=lxc-libvirt container_uuid=95449419-f969-d649-d996-2566ec42af7d LIBVIRT_LXC_UUID=95449419-f969-d649-d996-2566ec42af7d LIBVIRT_LXC_NAME=shell /bin/sh error receiving signal from container: Input/output error we now get # virsh -c lxc:/// start shell error: Failed to start domain shell error: internal error: guest failed to start: Failed to access '/mnt/btr/does/not/exist': No such file or directory Daniel P. Berrange (3): Ensure lxcContainerMain reports errors on stderr Ensure lxcContainerResolveSymlinks reports errors Improve log filtering in virLXCProcessReadLogOutputData src/lxc/lxc_container.c | 18 ++++++++++++++---- src/lxc/lxc_process.c | 16 +++++++++++++++- 2 files changed, 29 insertions(+), 5 deletions(-) -- 1.8.3.1

2 6

[libvirt] [PATCHv2 0/2] Enable compression of external snapshots and managed save images
by Peter Krempa 14 Oct '13

14 Oct '13

Version 2 treats save images and managed save images as same, using the same config option. Peter Krempa (2): qemu: managedsave: Add support for compressing managed save images qemu: snapshot: Add support for compressing external snapshot memory src/qemu/qemu.conf | 12 +++++++++--- src/qemu/qemu_conf.c | 2 ++ src/qemu/qemu_conf.h | 1 + src/qemu/qemu_driver.c | 46 ++++++++++++++++++++++++++++++++++++++++++---- 4 files changed, 54 insertions(+), 7 deletions(-) -- 1.8.3.2

2 6

[libvirt] [PATCH]virsh: support readonly in attach-disk command
by Chen Hanxiao 14 Oct '13

14 Oct '13

From: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com> support readonly in attach-disk virsh command with option --readonly Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com> --- tools/virsh-domain.c | 7 +++++++ tools/virsh.pod | 5 +++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index 3479a1c..d334ebe 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -315,6 +315,10 @@ static const vshCmdOptDef opts_attach_disk[] = { .type = VSH_OT_BOOL, .help = N_("shareable between domains") }, + {.name = "readonly", + .type = VSH_OT_BOOL, + .help = N_("allow guest read-only access to disk") + }, {.name = "rawio", .type = VSH_OT_BOOL, .help = N_("needs rawio capability") @@ -612,6 +616,9 @@ cmdAttachDisk(vshControl *ctl, const vshCmd *cmd) if (vshCommandOptBool(cmd, "shareable")) virBufferAddLit(&buf, " <shareable/>\n"); + if (vshCommandOptBool(cmd, "readonly")) + virBufferAddLit(&buf, " <readonly/>\n"); + if (straddr) { if (str2DiskAddress(straddr, &diskAddr) != 0) { vshError(ctl, _("Invalid address.")); diff --git a/tools/virsh.pod b/tools/virsh.pod index 0ae5178..91b4429 100644 --- a/tools/virsh.pod +++ b/tools/virsh.pod @@ -1908,8 +1908,8 @@ expected. [[[I<--live>] [I<--config>] | [I<--current>]] | [I<--persistent>]] [I<--driver driver>] [I<--subdriver subdriver>] [I<--cache cache>] [I<--type type>] [I<--mode mode>] [I<--config>] [I<--sourcetype soucetype>] -[I<--serial serial>] [I<--wwn wwn>] [I<--shareable>] [I<--rawio>] -[I<--address address>] [I<--multifunction>] [I<--print-xml>] +[I<--serial serial>] [I<--wwn wwn>] [I<--shareable>] [I<--readonly>] +[I<--rawio>] [I<--address address>] [I<--multifunction>] [I<--print-xml>] Attach a new disk device to the domain. I<source> is path for the files and devices. I<target> controls the bus or @@ -1931,6 +1931,7 @@ I<cache> can be one of "default", "none", "writethrough", "writeback", "directsync" or "unsafe". I<serial> is the serial of disk device. I<wwn> is the wwn of disk device. I<shareable> indicates the disk device is shareable between domains. +I<readonly> indicates the disk device is read-only. I<rawio> indicates the disk needs rawio capability. I<address> is the address of disk device in the form of pci:domain.bus.slot.function, scsi:controller.bus.unit or ide:controller.bus.unit. -- 1.8.2.1

3 5

Re: [libvirt] [Users] Migration issues with ovirt 3.3
by Dan Kenigsberg 14 Oct '13

14 Oct '13

On Wed, Oct 09, 2013 at 02:42:22PM +0200, Gianluca Cecchi wrote: > On Tue, Oct 8, 2013 at 10:40 AM, Dan Kenigsberg wrote: > > > > >> > >> But migration still fails > >> > > > > It seems like an unrelated failure. I do not know what's blocking > > migration traffic. Could you see if libvirtd.log and qemu logs at source > > and destinaiton have clues? > > > > It seems that on VM.log under qemu of desdt host I have: > ... > -incoming tcp:[::]:49153: Failed to bind socket: Address already in use Is that port really taken (`ss -ntp` should tell by whom)? > > > See all: > - In libvirtd.log of source host > 2013-10-07 23:20:54.471+0000: 1209: debug : > qemuMonitorOpenInternal:751 : QEMU_MONITOR_NEW: mon=0x7fc66412e820 > refs=2 fd=30 > 2013-10-07 23:20:54.472+0000: 1209: warning : > qemuDomainObjEnterMonitorInternal:1136 : This thread seems to be the > async job owner; entering monitor without asking for a nested job is > dangerous > 2013-10-07 23:20:54.472+0000: 1209: debug : > qemuMonitorSetCapabilities:1145 : mon=0x7fc66412e820 > 2013-10-07 23:20:54.472+0000: 1209: debug : qemuMonitorSend:887 : > QEMU_MONITOR_SEND_MSG: mon=0x7fc66412e820 > msg={"execute":"qmp_capabilities","id":"libvirt-1"} > fd=-1 > 2013-10-07 23:20:54.769+0000: 1199: error : qemuMonitorIORead:505 : > Unable to read from monitor: Connection reset by peer > 2013-10-07 23:20:54.769+0000: 1199: debug : qemuMonitorIO:638 : Error > on monitor Unable to read from monitor: Connection reset by peer > 2013-10-07 23:20:54.769+0000: 1199: debug : qemuMonitorIO:672 : > Triggering error callback > 2013-10-07 23:20:54.769+0000: 1199: debug : > qemuProcessHandleMonitorError:351 : Received error on 0x7fc664124fb0 > 'c8again32' > 2013-10-07 23:20:54.769+0000: 1209: debug : qemuMonitorSend:899 : Send > command resulted in error Unable to read from monitor: Connection > reset by peer > 2013-10-07 23:20:54.770+0000: 1199: debug : qemuMonitorIO:638 : Error > on monitor Unable to read from monitor: Connection reset by peer > 2013-10-07 23:20:54.770+0000: 1209: debug : virFileMakePathHelper:1283 > : path=/var/run/libvirt/qemu mode=0777 > 2013-10-07 23:20:54.770+0000: 1199: debug : qemuMonitorIO:661 : > Triggering EOF callback > 2013-10-07 23:20:54.770+0000: 1199: debug : > qemuProcessHandleMonitorEOF:294 : Received EOF on 0x7fc664124fb0 > 'c8again32' > 2013-10-07 23:20:54.770+0000: 1209: debug : qemuProcessStop:3992 : > Shutting down VM 'c8again32' pid=18053 flags=0 > 2013-10-07 23:20:54.771+0000: 1209: error : > virNWFilterDHCPSnoopEnd:2135 : internal error ifname "vnet0" not in > key map > 2013-10-07 23:20:54.782+0000: 1209: debug : virCommandRunAsync:2251 : > About to run /bin/sh -c 'IPT="/usr/sbin/iptables" > $IPT -D libvirt-out -m physdev --physdev-is-bridged --physdev-out > vnet0 -g FO-vnet0 > $IPT -D libvirt-out -m physdev --physdev-out vnet0 -g FO-vnet0 > $IPT -D libvirt-in -m physdev --physdev-in vnet0 -g FI-vnet0 > $IPT -D libvirt-host-in -m physdev --physdev-in vnet0 -g HI-vnet0 > $IPT -D libvirt-in-post -m physdev --physdev-in vnet0 -j ACCEPT > $IPT -F FO-vnet0 > $IPT -X FO-vnet0 > $IPT -F FI-vnet0 > $IPT -X FI-vnet0 > $IPT -F HI-vnet0 > $IPT -X HI-vnet0 > IPT="/usr/sbin/ip6tables" > $IPT -D libvirt-out -m physdev --physdev-is-bridged --physdev-out > vnet0 -g FO-vnet0 > $IPT -D libvirt-out -m physdev --physdev-out vnet0 -g FO-vnet0 > $IPT -D libvirt-in -m physdev --physdev-in vnet0 -g FI-vnet0 > $IPT -D libvirt-host-in -m physdev --physdev-in vnet0 -g HI-vnet0 > $IPT -D libvirt-in-post -m physdev --physdev-in vnet0 -j ACCEPT > $IPT -F FO-vnet0 > $IPT -X FO-vnet0 > $IPT -F FI-vnet0 > $IPT -X FI-vnet0 > $IPT -F HI-vnet0 > $IPT -X HI-vnet0 > EBT="/usr/sbin/ebtables" > $EBT -t nat -D PREROUTING -i vnet0 -j libvirt-I-vnet0 > $EBT -t nat -D POSTROUTING -o vnet0 -j libvirt-O-vnet0 > EBT="/usr/sbin/ebtables" > collect_chains() > { > for tmp2 in $*; do > for tmp in $($EBT -t nat -L $tmp2 | \ > sed -n "/Bridge chain/,\$ s/.*-j \$[IO]-.*\$/\\1/p"); > do > echo $tmp > collect_chains $tmp > done > done > } > rm_chains() > { > for tmp in $*; do $EBT -t nat -F $tmp; done > for tmp in $*; do $EBT -t nat -X $tmp; done > } > tmp='\'' > '\'' > IFS='\'' '\'''\'' '\''$tmp > chains="$(collect_chains libvirt-I-vnet0 libvirt-O-vnet0)" > $EBT -t nat -F libvirt-I-vnet0 > $EBT -t nat -F libvirt-O-vnet0 > rm_chains $chains > $EBT -t nat -F libvirt-I-vnet0 > $EBT -t nat -X libvirt-I-vnet0 > $EBT -t nat -F libvirt-O-vnet0 > $EBT -t nat -X libvirt-O-vnet0 > ' > 2013-10-07 23:20:54.784+0000: 1209: debug : virCommandRunAsync:2256 : > Command result 0, with PID 18076 > 2013-10-07 23:20:54.863+0000: 1209: debug : virCommandRun:2125 : > Result exit status 255, stdout: '' stderr: 'iptables v1.4.18: goto > 'FO-vnet0' is not a chain > > Try `iptables -h' or 'iptables --help' for more information. > iptables v1.4.18: goto 'FO-vnet0' is not a chain > > Try `iptables -h' or 'iptables --help' for more information. > iptables v1.4.18: goto 'FI-vnet0' is not a chain > Try `iptables -h' or 'iptables --help' for more information. > iptables v1.4.18: goto 'HI-vnet0' is not a chain > > Try `iptables -h' or 'iptables --help' for more information. > iptables: Bad rule (does a matching rule exist in that chain?). > iptables: No chain/target/match by that name. > iptables: No chain/target/match by that name. > iptables: No chain/target/match by that name. > iptables: No chain/target/match by that name. > iptables: No chain/target/match by that name. > iptables: No chain/target/match by that name. > ip6tables v1.4.18: goto 'FO-vnet0' is not a chain > > Try `ip6tables -h' or 'ip6tables --help' for more information. > ip6tables v1.4.18: goto 'FO-vnet0' is not a chain > > Try `ip6tables -h' or 'ip6tables --help' for more information. > ip6tables v1.4.18: goto 'FI-vnet0' is not a chain > > Try `ip6tables -h' or 'ip6tables --help' for more information. > ip6tables v1.4.18: goto 'HI-vnet0' is not a chain > > Try `ip6tables -h' or 'ip6tables --help' for more information. > ip6tables: Bad rule (does a matching rule exist in that chain?). > ip6tables: No chain/target/match by that name. > ip6tables: No chain/target/match by that name. > ip6tables: No chain/target/match by that name. > ip6tables: No chain/target/match by that name. > ip6tables: No chain/target/match by that name. > ip6tables: No chain/target/match by that name. > Illegal target name 'libvirt-O-vnet0'. > Chain 'libvirt-O-vnet0' doesn't exist. > Chain 'libvirt-O-vnet0' doesn't exist. > Chain 'libvirt-O-vnet0' doesn't exist. > Chain 'libvirt-O-vnet0' doesn't exist. > ' > 2013-10-07 23:20:54.863+0000: 1209: debug : qemuMonitorClose:821 : > QEMU_MONITOR_CLOSE: mon=0x7fc66412e820 refs=2 > 2013-10-07 23:20:54.863+0000: 1209: debug : qemuProcessKill:3951 : > vm=c8again32 pid=18053 flags=5 > 2013-10-07 23:20:54.863+0000: 1209: debug : > virProcessKillPainfully:269 : vpid=18053 force=1 > 2013-10-07 23:20:54.863+0000: 1209: debug : qemuDomainCleanupRun:2132 > : driver=0x7fc664024cd0, vm=c8again32 > 2013-10-07 23:20:54.863+0000: 1209: debug : > qemuProcessAutoDestroyRemove:4504 : vm=c8again32 > 2013-10-07 23:20:54.863+0000: 1209: debug : > virQEMUCloseCallbacksUnset:744 : vm=c8again32, > uuid=d54660a2-45ed-41ae-ab99-a6f93ebbdbb1, cb=0x7fc66b6fe570 > 2013-10-07 23:20:54.864+0000: 1209: error : > virPortAllocatorRelease:174 : port 0 must be in range (5900, 65535) > 2013-10-07 23:20:54.865+0000: 1209: debug : qemuDomainObjEndJob:1070 : > Stopping job: none (async=migration in) > 2013-10-07 23:20:54.865+0000: 1209: debug : > qemuDomainObjEndAsyncJob:1088 : Stopping async job: migration in > 2013-10-07 23:20:54.865+0000: 1199: debug : > qemuProcessHandleMonitorEOF:306 : Domain 0x7fc664124fb0 is not active, > ignoring EOF > Caught Segmentation violation dumping internal log buffer: This line one seems ominous. Can libvir-list help with it?

4 8

[libvirt] [PATCH]lxc: fix an improper comment in lxc_process
by Chen Hanxiao 14 Oct '13

14 Oct '13

From: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com> Fix an improper comment when libvirt has released all resources for lxc. Then original comment says "stopped" rather than "released". Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com> --- src/lxc/lxc_process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index d07ff13..7746c9b 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -217,7 +217,7 @@ static void virLXCProcessCleanup(virLXCDriverPtr driver, virSystemdTerminateMachine(vm->def->name, "lxc", true); - /* now that we know it's stopped call the hook if present */ + /* The "release" hook cleans up additional resources */ if (virHookPresent(VIR_HOOK_DRIVER_LXC)) { char *xml = virDomainDefFormat(vm->def, 0); -- 1.8.2.1

2 3

[libvirt] Guide to view the libvirt source.
by cooldharma06 14 Oct '13

14 Oct '13

hi all, i am new to this libvirt. Any guide or reference is available to know more things libvirt (individual programs). because it will give me some idea to get about the libvirt and its corresponding programs. If there is available means please guide and share me. i want to give my contribution to this community. Lot of thanks in advance. Regards, cooldharma06.

3 2

[libvirt] [PATCH 0/3] Improve LXC startup error reporting
by Daniel P. Berrange 14 Oct '13

14 Oct '13

From: "Daniel P. Berrange" <berrange(a)redhat.com> LXC has long suffered from pretty poor error reporting of failures at startup. This series addresses those problems. Daniel P. Berrange (3): Fix exit status of lxc controller Improve error reporting with LXC controller Don't ignore all dbus connection errors src/lxc/lxc_controller.c | 2 +- src/lxc/lxc_process.c | 31 +++++++++++++++++++++++++------ src/nwfilter/nwfilter_driver.c | 5 +++-- src/util/virdbus.c | 22 +++++++++++++++++++--- src/util/virsystemd.c | 6 ++++-- 5 files changed, 52 insertions(+), 14 deletions(-) -- 1.8.3.1

3 7

[libvirt] [PATCH] rpc: Retrieve peer PID via new getsockopt() for Mac
by Doug Goldstein 13 Oct '13

13 Oct '13

While LOCAL_PEERCRED on the BSDs does not return the pid information of the peer, Mac OS X 10.8 added LOCAL_PEERPID to retrieve the pid so we should use that when its available to get that information. --- src/rpc/virnetsocket.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index e8cdfa6..09a0a12 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -1195,12 +1195,26 @@ int virNetSocketGetUNIXIdentity(virNetSocketPtr sock, return -1; } - /* PID and process creation time are not supported on BSDs */ + /* PID and process creation time are not supported on BSDs by + * LOCAL_PEERCRED. + */ *pid = -1; *timestamp = -1; *uid = cr.cr_uid; *gid = cr.cr_gid; +# ifdef LOCAL_PEERPID + /* Exists on Mac OS X 10.8 for retrieving the peer's PID */ + cr_len = sizeof(*pid); + + if (getsockopt(sock->fd, VIR_SOL_PEERCRED, LOCAL_PEERPID, pid, &cr_len) < 0) { + virReportSystemError(errno, "%s", + _("Failed to get client socket PID")); + virObjectUnlock(sock); + return -1; + } +# endif + virObjectUnlock(sock); return 0; } -- 1.8.1.5

2 2

[libvirt] PATCH: better error checking for LOCAL_PEERCRED
by Brian Candler 12 Oct '13

12 Oct '13

I was debugging libvirt with OSX today, and got as far as finding the problem with LOCAL_PEERCRED, then googled this only to find that Ryota Ozaki had fixed the problems a few days ago! However you still may find the following patch useful. It tightens up the checking in the LOCAL_PEERCRED block, and in particular fixes the unlocking of the socket in the error return path for invalid groups, by using the same logic from SO_PEERCRED - have a 'goto cleanup' in all return paths. (Detail: I found that when getsockopt was being called with SOL_SOCKET, cr_ngroups was typically <0, probably because it was uninitialised. However once the check for this was tightened, it hung because the socket wasn't being unlocked on return. So better to (a) initialise it to a negative value anyway, and (b) fix the return path) However I have not checked that NGROUPS is defined on other BSD-like systems. Regards, Brian Candler. --- src/rpc/virnetsocket.c.orig 2013-10-10 22:37:49.000000000 +0100 +++ src/rpc/virnetsocket.c 2013-10-12 22:51:57.000000000 +0100 @@ -1157,8 +1157,10 @@ { struct xucred cr; socklen_t cr_len = sizeof(cr); + int ret = -1; virObjectLock(sock); + cr.cr_ngroups = -1; # if defined(__APPLE__) if (getsockopt(sock->fd, SOL_LOCAL, LOCAL_PEERCRED, &cr, &cr_len) < 0) { # else @@ -1166,20 +1168,19 @@ # endif virReportSystemError(errno, "%s", _("Failed to get client socket identity")); - virObjectUnlock(sock); - return -1; + goto cleanup; } if (cr.cr_version != XUCRED_VERSION) { virReportError(VIR_ERR_SYSTEM_ERROR, "%s", _("Failed to get valid client socket identity")); - return -1; + goto cleanup; } - if (cr.cr_ngroups == 0) { + if (cr.cr_ngroups <= 0 || cr.cr_ngroups > NGROUPS) { virReportError(VIR_ERR_SYSTEM_ERROR, "%s", _("Failed to get valid client socket identity groups")); - return -1; + goto cleanup; } /* PID and process creation time are not supported on BSDs */ @@ -1188,8 +1189,11 @@ *uid = cr.cr_uid; *gid = cr.cr_gid; + ret = 0; + +cleanup: virObjectUnlock(sock); - return 0; + return ret; } #else int virNetSocketGetUNIXIdentity(virNetSocketPtr sock ATTRIBUTE_UNUSED,

1 0

[libvirt] QEMU GSoC featured on Google Open Source Blog
by Stefan Hajnoczi 12 Oct '13

12 Oct '13

Stephanie Taylor at the Google Open Source Blog has helped us publish a post that features two projects from this year's Google Summer of Code: http://google-opensource.blogspot.de/2013/10/google-summer-of-code-veteran-… Mike and Osier contributed summaries of the "QEMU Integrated Copy/Paste" and "Libvirt API to query IP addresses for given domain" projects. Stefan

1 0