April 2014 - Devel - libvirt List Archives

[libvirt] [PATCH] Device{Attach,Detach}: Document S4 limitations
by Michal Privoznik 30 Apr '14

30 Apr '14

https://bugzilla.redhat.com/show_bug.cgi?id=808463 Well, libvirt doesn't distinguish between domain poweroff and hibernation (S4). It's hard to differentiate these two on a real machine anyway. As a result, any device that is hot(un-)plugged is lost (appears again) when domain is started again as from our POV it is a fresh cold boot. Instead of doing anything wise here, we should just document this as known limitation. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- src/libvirt.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/libvirt.c b/src/libvirt.c index b6c99c5..20297eb 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -10319,6 +10319,9 @@ virNodeGetSecurityModel(virConnectPtr conn, virSecurityModelPtr secmodel) * in an existing CDROM/Floppy device, however, applications are * recommended to use the virDomainUpdateDeviceFlag method instead. * + * Be aware that a device that is hotplugged may disappear if + * domain resumes from the S4 state (also known as hibernation). + * * Returns 0 in case of success, -1 in case of failure. */ int @@ -10374,6 +10377,9 @@ virDomainAttachDevice(virDomainPtr domain, const char *xml) * in an existing CDROM/Floppy device, however, applications are * recommended to use the virDomainUpdateDeviceFlag method instead. * + * Be aware that a device that is hotplugged may disappear if + * domain resumes from the S4 state (also known as hibernation). + * * Returns 0 in case of success, -1 in case of failure. */ int @@ -10416,6 +10422,9 @@ virDomainAttachDeviceFlags(virDomainPtr domain, * Destroy a virtual device attachment to backend. This function, * having hot-unplug semantics, is only allowed on an active domain. * + * Be aware that a device that was unplugged may appear again + * if domain resumes from the S4 state (also known as hibernation). + * * Returns 0 in case of success, -1 in case of failure. */ int @@ -10487,6 +10496,9 @@ virDomainDetachDevice(virDomainPtr domain, const char *xml) * a synchronous removal. In other words, this API may wait a bit for the * removal to complete in case it was not synchronous. * + * Be aware that a device that was unplugged may appear again + * if domain resumes from the S4 state (also known as hibernation). + * * Returns 0 in case of success, -1 in case of failure. */ int -- 1.9.0

2 3

[libvirt] [PATCH] nwfilter: Tear down temp. filters when tearing all filters
by Stefan Berger 30 Apr '14

30 Apr '14

From: Stefan Berger <stefanb(a)linux.vnet.ibm.com> Refactor the ebiptablesTearNewRules function so that the teardown of temporary filters can also be called by the ebiptablesAllTeardown function. This fixes a problem that leaves temporary filters behind when a VM shuts down while its filters are modified. Signed-off-by: Stefan Berger <stefanb(a)linux.vnet.ibm.com> --- src/nwfilter/nwfilter_ebiptables_driver.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c index de07faa..307c153 100644 --- a/src/nwfilter/nwfilter_ebiptables_driver.c +++ b/src/nwfilter/nwfilter_ebiptables_driver.c @@ -3544,14 +3544,9 @@ ebiptablesApplyNewRules(const char *ifname, } -static int -ebiptablesTearNewRules(const char *ifname) +static void +ebiptablesTearNewRulesFW(virFirewallPtr fw, const char *ifname) { - virFirewallPtr fw = virFirewallNew(); - int ret = -1; - - virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS); - iptablesUnlinkTmpRootChainsFW(fw, VIR_FIREWALL_LAYER_IPV4, ifname); iptablesRemoveTmpRootChainsFW(fw, VIR_FIREWALL_LAYER_IPV4, ifname); @@ -3563,13 +3558,24 @@ ebiptablesTearNewRules(const char *ifname) ebtablesRemoveTmpSubChainsFW(fw, ifname); ebtablesRemoveTmpRootChainFW(fw, true, ifname); ebtablesRemoveTmpRootChainFW(fw, false, ifname); +} + + +static int +ebiptablesTearNewRules(const char *ifname) +{ + virFirewallPtr fw = virFirewallNew(); + int ret = -1; + + virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS); + + ebiptablesTearNewRulesFW(fw, ifname); ret = virFirewallApply(fw); virFirewallFree(fw); return ret; } - static int ebiptablesTearOldRules(const char *ifname) { @@ -3616,6 +3622,8 @@ ebiptablesAllTeardown(const char *ifname) virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS); + ebiptablesTearNewRulesFW(fw, ifname); + iptablesUnlinkRootChainsFW(fw, VIR_FIREWALL_LAYER_IPV4, ifname); iptablesClearVirtInPostFW(fw, VIR_FIREWALL_LAYER_IPV4, ifname); iptablesRemoveRootChainsFW(fw, VIR_FIREWALL_LAYER_IPV4, ifname); -- 1.8.1.4

2 2

[libvirt] [PATCH] Set mknod permission in device ACL for LXC USB devices
by Daniel P. Berrange 30 Apr '14

30 Apr '14

The LXC controller itself needs to mknod the USB device node in /dev/bus/usb, so we can't block mknod permission from the cgroup. Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com> --- src/lxc/lxc_cgroup.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c index 1ae3906..c641132 100644 --- a/src/lxc/lxc_cgroup.c +++ b/src/lxc/lxc_cgroup.c @@ -325,7 +325,7 @@ virLXCSetupHostUSBDeviceCgroup(virUSBDevicePtr dev ATTRIBUTE_UNUSED, VIR_DEBUG("Process path '%s' for USB device", path); if (virCgroupAllowDevicePath(cgroup, path, - VIR_CGROUP_DEVICE_RW) < 0) + VIR_CGROUP_DEVICE_RWM) < 0) return -1; return 0; @@ -341,7 +341,7 @@ virLXCTeardownHostUSBDeviceCgroup(virUSBDevicePtr dev ATTRIBUTE_UNUSED, VIR_DEBUG("Process path '%s' for USB device", path); if (virCgroupDenyDevicePath(cgroup, path, - VIR_CGROUP_DEVICE_RW) < 0) + VIR_CGROUP_DEVICE_RWM) < 0) return -1; return 0; -- 1.9.0

3 2

[libvirt] [PATCH v2] nwfilter: Validate rule after parsing
by Stefan Berger 30 Apr '14

30 Apr '14

From: Stefan Berger <stefanb(a)linux.vnet.ibm.com> An IP or IPv6 rule with port specification but without protocol specification cannot be instantiated by ebtables. The documentation points to 'protocol' being required but implementation does not enforce it to be given. Implement a rule validation function that checks whether the rule is valid when it is defined. This for example prevents the definition of rules like: <ip dstportstart='53'> where a protocol attribute would be required for it to be valid and for ebtables to be able to instantiate it. A valid rule then is: <ip protocol='udp' dstportstart='53'> Signed-off-by: Stefan Berger <stefanb(a)linux.vnet.ibm.com> Changes: v1->v2: - fixed access to ipv6 structures --- src/conf/nwfilter_conf.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/src/conf/nwfilter_conf.c b/src/conf/nwfilter_conf.c index f5a75e4..69b1d97 100644 --- a/src/conf/nwfilter_conf.c +++ b/src/conf/nwfilter_conf.c @@ -2093,6 +2093,66 @@ virNWFilterRuleDefFixupIPSet(ipHdrDataDefPtr ipHdr) } } + +/* + * virNWFilterRuleValidate + * + * Perform some basic rule validation to prevent rules from being + * defined that cannot be instantiated. + */ +static int +virNWFilterRuleValidate(virNWFilterRuleDefPtr rule) +{ + int ret = 0; + portDataDefPtr portData = NULL; + nwItemDescPtr dataProtocolID; + const char *protocol; + + switch (rule->prtclType) { + case VIR_NWFILTER_RULE_PROTOCOL_IP: + portData = &rule->p.ipHdrFilter.portData; + protocol = "IP"; + dataProtocolID = &rule->p.ipHdrFilter.ipHdr.dataProtocolID; + /* fall through */ + case VIR_NWFILTER_RULE_PROTOCOL_IPV6: + if (portData == NULL) { + portData = &rule->p.ipv6HdrFilter.portData; + protocol = "IPv6"; + dataProtocolID = &rule->p.ipv6HdrFilter.ipHdr.dataProtocolID; + } + if (HAS_ENTRY_ITEM(&portData->dataSrcPortStart) || + HAS_ENTRY_ITEM(&portData->dataDstPortStart) || + HAS_ENTRY_ITEM(&portData->dataSrcPortEnd) || + HAS_ENTRY_ITEM(&portData->dataDstPortEnd)) { + if (HAS_ENTRY_ITEM(dataProtocolID)) { + switch (dataProtocolID->u.u8) { + case 6: /* tcp */ + case 17: /* udp */ + case 33: /* dccp */ + case 132: /* sctp */ + break; + default: + ret = -1; + } + } else { + ret = -1; + } + if (ret < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("%s rule with port specification requires " + "protocol specification with protocol to be " + "either one of tcp(6), udp(17), dccp(33), or " + "sctp(132)"), protocol); + } + } + break; + default: + break; + } + + return ret; +} + static void virNWFilterRuleDefFixup(virNWFilterRuleDefPtr rule) { @@ -2389,6 +2449,8 @@ virNWFilterRuleParse(xmlNodePtr node) virAttr[i].att) < 0) { goto err_exit; } + if (virNWFilterRuleValidate(ret) < 0) + goto err_exit; break; } if (!found) { -- 1.8.1.4

3 3

[libvirt] [PATCH] bhyve: implement domainGetCPUStats
by Roman Bogorodskiy 30 Apr '14

30 Apr '14

For per CPU stats, implement virBhyveGetDomainPercpuStats() that uses bhyvectl tool to obtain the guest's vcpu stats. For total CPU stats, add virBhyveGetDomainTotalCpuStats() that gets the hypervisor process CPU stats using kvm (kernel memory interface). --- configure.ac | 7 +++ src/bhyve/bhyve_driver.c | 38 +++++++++++++ src/bhyve/bhyve_process.c | 136 ++++++++++++++++++++++++++++++++++++++++++++++ src/bhyve/bhyve_process.h | 10 ++++ 4 files changed, 191 insertions(+) diff --git a/configure.ac b/configure.ac index ea85851..dbfada2 100644 --- a/configure.ac +++ b/configure.ac @@ -2678,6 +2678,13 @@ AC_CHECK_DECLS([cpuset_getaffinity], #include <sys/cpuset.h> ]) +# Check for BSD kvm (kernel memory interface) +if test $with_freebsd = yes; then + AC_CHECK_LIB([kvm], [kvm_getprocs], [], + [AC_MSG_ERROR([BSD kernel memory interface library is required to build on FreeBSD])] + ) +fi + # Check if we need to look for ifconfig if test "$want_ifconfig" = "yes"; then AC_PATH_PROG([IFCONFIG_PATH], [ifconfig]) diff --git a/src/bhyve/bhyve_driver.c b/src/bhyve/bhyve_driver.c index 0cafe4c..25b0dce 100644 --- a/src/bhyve/bhyve_driver.c +++ b/src/bhyve/bhyve_driver.c @@ -930,6 +930,43 @@ bhyveDomainGetMetadata(virDomainPtr dom, } static int +bhyveDomainGetCPUStats(virDomainPtr dom, + virTypedParameterPtr params ATTRIBUTE_UNUSED, + unsigned int nparams, + int start_cpu, + unsigned int ncpus, + unsigned int flags) +{ + virDomainObjPtr vm = NULL; + int ret = -1; + + virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1); + + if (!(vm = bhyveDomObjFromDomain(dom))) + return ret; + + if (virDomainGetCPUStatsEnsureACL(dom->conn, vm->def) < 0) + goto cleanup; + + if (!virDomainObjIsActive(vm)) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("domain is not running")); + goto cleanup; + } + + if (start_cpu == -1) + ret = virBhyveGetDomainTotalCpuStats(vm, params, nparams); + else + ret = virBhyveGetDomainPercpuStats(vm, params, nparams, + start_cpu, ncpus); + + cleanup: + if (vm) + virObjectUnlock(vm); + return ret; +} + +static int bhyveNodeGetCPUStats(virConnectPtr conn, int cpuNum, virNodeCPUStatsPtr params, @@ -1198,6 +1235,7 @@ static virDriver bhyveDriver = { .domainOpenConsole = bhyveDomainOpenConsole, /* 1.2.4 */ .domainSetMetadata = bhyveDomainSetMetadata, /* 1.2.4 */ .domainGetMetadata = bhyveDomainGetMetadata, /* 1.2.4 */ + .domainGetCPUStats = bhyveDomainGetCPUStats, /* 1.2.4 */ .nodeGetCPUStats = bhyveNodeGetCPUStats, /* 1.2.2 */ .nodeGetMemoryStats = bhyveNodeGetMemoryStats, /* 1.2.2 */ .nodeGetInfo = bhyveNodeGetInfo, /* 1.2.3 */ diff --git a/src/bhyve/bhyve_process.c b/src/bhyve/bhyve_process.c index a557bc5..e1f4324 100644 --- a/src/bhyve/bhyve_process.c +++ b/src/bhyve/bhyve_process.c @@ -22,7 +22,11 @@ #include <config.h> #include <fcntl.h> +#include <kvm.h> +#include <sys/param.h> #include <sys/types.h> +#include <sys/sysctl.h> +#include <sys/user.h> #include <sys/ioctl.h> #include <net/if.h> #include <net/if_tap.h> @@ -41,11 +45,15 @@ #include "virnetdev.h" #include "virnetdevbridge.h" #include "virnetdevtap.h" +#include "virtypedparam.h" #define VIR_FROM_THIS VIR_FROM_BHYVE VIR_LOG_INIT("bhyve.bhyve_process"); +#define BHYVE_TOTAL_CPU_STAT_PARAM 1 +#define BHYVE_PER_CPU_STAT_PARAM 1 + static virDomainObjPtr bhyveProcessAutoDestroy(virDomainObjPtr vm, virConnectPtr conn ATTRIBUTE_UNUSED, @@ -246,3 +254,131 @@ virBhyveProcessStop(bhyveConnPtr driver, virCommandFree(cmd); return ret; } + +static int +virBhyveExtractCpuTotal(char **const groups, + void *opaque) +{ + return virStrToLong_ull(groups[0], NULL, 10, opaque); +} + +int +virBhyveGetDomainTotalCpuStats(virDomainObjPtr vm, + virTypedParameterPtr params ATTRIBUTE_UNUSED, + unsigned int nparams) +{ + struct kinfo_proc* kp; + kvm_t* kd; + char errbuf[_POSIX2_LINE_MAX]; + int nprocs; + int ret = -1; + + if (nparams == 0) + return BHYVE_TOTAL_CPU_STAT_PARAM; + + if ((kd = kvm_openfiles(NULL, NULL, NULL, O_RDONLY, errbuf)) == NULL) { + virReportError(VIR_ERR_SYSTEM_ERROR, + _("Unable to get kvm descriptor: %s"), + errbuf); + return -1; + + } + + kp = kvm_getprocs(kd, KERN_PROC_PID, vm->pid, &nprocs); + if (kp == NULL || nprocs != 1) { + virReportError(VIR_ERR_SYSTEM_ERROR, + _("Unable to obtain information about pid: %d"), + (int)vm->pid); + goto cleanup; + } + + if (virTypedParameterAssign(&params[0], VIR_DOMAIN_CPU_STATS_CPUTIME, + VIR_TYPED_PARAM_ULLONG, + kp->ki_runtime * 1000ul) < 0) + goto cleanup; + + ret = nparams; + + cleanup: + kvm_close(kd); + + return ret; +} + +#define TSC_TO_NSEC(x) (unsigned long long)((double)x * (1000.0 * 1000.0 * 1000.0 / (double)tsc_freq)) + +int +virBhyveGetDomainPercpuStats(virDomainObjPtr vm, + virTypedParameterPtr params, + unsigned int nparams, + int start_cpu, + unsigned int ncpus) +{ + virCommandPtr cmd = NULL; + int need_cpus, ret = -1; + size_t i, tsc_freq_size; + unsigned long long tsc_freq; + + if (nparams == 0 && ncpus != 0) + return BHYVE_PER_CPU_STAT_PARAM; + + if (ncpus == 0) + return vm->def->vcpus; + + if (start_cpu >= vm->def->vcpus) { + virReportError(VIR_ERR_INVALID_ARG, + _("start_cpu %d larger than maximum of %d"), + start_cpu, vm->def->vcpus - 1); + goto cleanup; + } + + need_cpus = MIN(vm->def->vcpus, start_cpu + ncpus); + + tsc_freq_size = sizeof(tsc_freq); + if (sysctlbyname("machdep.tsc_freq", &tsc_freq, &tsc_freq_size, NULL, 0) < 0) { + virReportSystemError(errno, + _("sysctl failed for '%s'"), + "machdep.tsc_freq"); + return -1; + } + + for (i = start_cpu; i < need_cpus; i++) { + unsigned long long cpu_stats; + + const char *regexes[] = { + "^vcpu total runtime\\s+([0-9]+)$" + }; + int vars[] = { + 1, + }; + + cmd = virCommandNew(BHYVECTL); + virCommandAddArgPair(cmd, "--vm", vm->def->name); + virCommandAddArg(cmd, "--get-stats"); + virCommandAddArgFormat(cmd, "--cpu=%zu", i); + + if (virCommandRunRegex(cmd, + 1, + regexes, + vars, + virBhyveExtractCpuTotal, + &cpu_stats, + NULL) < 0) + goto cleanup; + + if (virTypedParameterAssign(&params[(i - start_cpu) * nparams], + VIR_DOMAIN_CPU_STATS_VCPUTIME, + VIR_TYPED_PARAM_ULLONG, + TSC_TO_NSEC(cpu_stats)) < 0) + goto cleanup; + + virCommandFree(cmd); + cmd = NULL; + } + + ret = nparams; + + cleanup: + virCommandFree(cmd); + return ret; +} diff --git a/src/bhyve/bhyve_process.h b/src/bhyve/bhyve_process.h index f91504e..2cc577a 100644 --- a/src/bhyve/bhyve_process.h +++ b/src/bhyve/bhyve_process.h @@ -34,6 +34,16 @@ int virBhyveProcessStop(bhyveConnPtr driver, virDomainObjPtr vm, virDomainShutoffReason reason); +int virBhyveGetDomainTotalCpuStats(virDomainObjPtr vm, + virTypedParameterPtr params, + unsigned int nparams); + +int virBhyveGetDomainPercpuStats(virDomainObjPtr vm, + virTypedParameterPtr params, + unsigned int nparams, + int start_cpu, + unsigned int ncpus); + typedef enum { VIR_BHYVE_PROCESS_START_AUTODESTROY = 1 << 0, } bhyveProcessStartFlags; -- 1.9.0

3 10

[libvirt] [PATCH V5] libxl: add migration support
by Jim Fehlig 30 Apr '14

30 Apr '14

This patch adds initial migration support to the libxl driver, using the VIR_DRV_FEATURE_MIGRATION_PARAMS family of migration functions. Signed-off-by: Jim Fehlig <jfehlig(a)suse.com> --- V4 here https://www.redhat.com/archives/libvir-list/2014-April/msg01070.html In V5: Use libvirt's V3 migration protocol for handshake and control instead of duplicating that in the libxl driver. po/POTFILES.in | 1 + src/Makefile.am | 3 +- src/libxl/libxl_conf.h | 6 + src/libxl/libxl_domain.h | 1 + src/libxl/libxl_driver.c | 235 +++++++++++++++++++ src/libxl/libxl_migration.c | 544 ++++++++++++++++++++++++++++++++++++++++++++ src/libxl/libxl_migration.h | 78 +++++++ 7 files changed, 867 insertions(+), 1 deletion(-) diff --git a/po/POTFILES.in b/po/POTFILES.in index e35eb82..a72dc1e 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -73,6 +73,7 @@ src/lxc/lxc_process.c src/libxl/libxl_domain.c src/libxl/libxl_driver.c src/libxl/libxl_conf.c +src/libxl/libxl_migration.c src/network/bridge_driver.c src/network/bridge_driver_linux.c src/node_device/node_device_driver.c diff --git a/src/Makefile.am b/src/Makefile.am index e9dc9e0..0dbda7f 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -706,7 +706,8 @@ XENAPI_DRIVER_SOURCES = \ LIBXL_DRIVER_SOURCES = \ libxl/libxl_conf.c libxl/libxl_conf.h \ libxl/libxl_domain.c libxl/libxl_domain.h \ - libxl/libxl_driver.c libxl/libxl_driver.h + libxl/libxl_driver.c libxl/libxl_driver.h \ + libxl/libxl_migration.c libxl/libxl_migration.h UML_DRIVER_SOURCES = \ uml/uml_conf.c uml/uml_conf.h \ diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h index 24e1720..b798567 100644 --- a/src/libxl/libxl_conf.h +++ b/src/libxl/libxl_conf.h @@ -43,6 +43,9 @@ # define LIBXL_VNC_PORT_MIN 5900 # define LIBXL_VNC_PORT_MAX 65535 +# define LIBXL_MIGRATION_PORT_MIN 49152 +# define LIBXL_MIGRATION_PORT_MAX 49216 + # define LIBXL_CONFIG_DIR SYSCONFDIR "/libvirt/libxl" # define LIBXL_AUTOSTART_DIR LIBXL_CONFIG_DIR "/autostart" # define LIBXL_STATE_DIR LOCALSTATEDIR "/run/libvirt/libxl" @@ -115,6 +118,9 @@ struct _libxlDriverPrivate { /* Immutable pointer, self-locking APIs */ virPortAllocatorPtr reservedVNCPorts; + /* Immutable pointer, self-locking APIs */ + virPortAllocatorPtr migrationPorts; + /* Immutable pointer, lockless APIs*/ virSysinfoDefPtr hostsysinfo; }; diff --git a/src/libxl/libxl_domain.h b/src/libxl/libxl_domain.h index 979ce2a..9d48049 100644 --- a/src/libxl/libxl_domain.h +++ b/src/libxl/libxl_domain.h @@ -69,6 +69,7 @@ struct _libxlDomainObjPrivate { virChrdevsPtr devs; libxl_evgen_domain_death *deathW; libxlDriverPrivatePtr driver; + unsigned short migrationPort; struct libxlDomainJobObj job; }; diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c index dcc3ac2..77f860c 100644 --- a/src/libxl/libxl_driver.c +++ b/src/libxl/libxl_driver.c @@ -45,6 +45,7 @@ #include "libxl_domain.h" #include "libxl_driver.h" #include "libxl_conf.h" +#include "libxl_migration.h" #include "xen_xm.h" #include "xen_sxpr.h" #include "virtypedparam.h" @@ -209,6 +210,7 @@ libxlStateCleanup(void) virObjectUnref(libxl_driver->xmlopt); virObjectUnref(libxl_driver->domains); virObjectUnref(libxl_driver->reservedVNCPorts); + virObjectUnref(libxl_driver->migrationPorts); virObjectEventStateFree(libxl_driver->domainEventState); virSysinfoDefFree(libxl_driver->hostsysinfo); @@ -301,6 +303,13 @@ libxlStateInitialize(bool privileged, LIBXL_VNC_PORT_MAX))) goto error; + /* Allocate bitmap for migration port reservation */ + if (!(libxl_driver->migrationPorts = + virPortAllocatorNew(_("migration"), + LIBXL_MIGRATION_PORT_MIN, + LIBXL_MIGRATION_PORT_MAX))) + goto error; + if (!(libxl_driver->domains = virDomainObjListNew())) goto error; @@ -4131,6 +4140,7 @@ libxlConnectSupportsFeature(virConnectPtr conn, int feature) switch (feature) { case VIR_DRV_FEATURE_TYPED_PARAM_STRING: + case VIR_DRV_FEATURE_MIGRATION_PARAMS: return 1; default: return 0; @@ -4309,6 +4319,226 @@ libxlNodeDeviceReset(virNodeDevicePtr dev) return ret; } +static char * +libxlDomainMigrateBegin3Params(virDomainPtr domain, + virTypedParameterPtr params, + int nparams, + char **cookieout ATTRIBUTE_UNUSED, + int *cookieoutlen ATTRIBUTE_UNUSED, + unsigned int flags) +{ + const char *xmlin = NULL; + virDomainObjPtr vm = NULL; + + virCheckFlags(LIBXL_MIGRATION_FLAGS, NULL); + if (virTypedParamsValidate(params, nparams, LIBXL_MIGRATION_PARAMETERS) < 0) + return NULL; + + if (virTypedParamsGetString(params, nparams, + VIR_MIGRATE_PARAM_DEST_XML, + &xmlin) < 0) + return NULL; + + if (!(vm = libxlDomObjFromDomain(domain))) + return NULL; + + if (virDomainMigrateBegin3ParamsEnsureACL(domain->conn, vm->def) < 0) { + virObjectUnlock(vm); + return NULL; + } + + if (!virDomainObjIsActive(vm)) { + virReportError(VIR_ERR_OPERATION_INVALID, + "%s", _("domain is not running")); + virObjectUnlock(vm); + return NULL; + } + + return libxlDomainMigrationBegin(domain->conn, vm, xmlin); +} + +static int +libxlDomainMigratePrepare3Params(virConnectPtr dconn, + virTypedParameterPtr params, + int nparams, + const char *cookiein ATTRIBUTE_UNUSED, + int cookieinlen ATTRIBUTE_UNUSED, + char **cookieout ATTRIBUTE_UNUSED, + int *cookieoutlen ATTRIBUTE_UNUSED, + char **uri_out, + unsigned int flags) +{ + libxlDriverPrivatePtr driver = dconn->privateData; + virDomainDefPtr def = NULL; + const char *dom_xml = NULL; + const char *dname = NULL; + const char *uri_in = NULL; + + virCheckFlags(LIBXL_MIGRATION_FLAGS, -1); + if (virTypedParamsValidate(params, nparams, LIBXL_MIGRATION_PARAMETERS) < 0) + goto error; + + if (virTypedParamsGetString(params, nparams, + VIR_MIGRATE_PARAM_DEST_XML, + &dom_xml) < 0 || + virTypedParamsGetString(params, nparams, + VIR_MIGRATE_PARAM_DEST_NAME, + &dname) < 0 || + virTypedParamsGetString(params, nparams, + VIR_MIGRATE_PARAM_URI, + &uri_in) < 0) + + goto error; + + if (!(def = libxlDomainMigrationPrepareDef(driver, dom_xml, dname))) + goto error; + + if (virDomainMigratePrepare3ParamsEnsureACL(dconn, def) < 0) + goto error; + + if (libxlDomainMigrationPrepare(dconn, def, uri_in, uri_out) < 0) + goto error; + + return 0; + + error: + virDomainDefFree(def); + return -1; +} + +static int +libxlDomainMigratePerform3Params(virDomainPtr dom, + const char *dconnuri, + virTypedParameterPtr params, + int nparams, + const char *cookiein ATTRIBUTE_UNUSED, + int cookieinlen ATTRIBUTE_UNUSED, + char **cookieout ATTRIBUTE_UNUSED, + int *cookieoutlen ATTRIBUTE_UNUSED, + unsigned int flags) +{ + libxlDriverPrivatePtr driver = dom->conn->privateData; + virDomainObjPtr vm = NULL; + const char *dom_xml = NULL; + const char *dname = NULL; + const char *uri = NULL; + int ret = -1; + + virCheckFlags(LIBXL_MIGRATION_FLAGS, -1); + if (virTypedParamsValidate(params, nparams, LIBXL_MIGRATION_PARAMETERS) < 0) + goto cleanup; + + if (virTypedParamsGetString(params, nparams, + VIR_MIGRATE_PARAM_DEST_XML, + &dom_xml) < 0 || + virTypedParamsGetString(params, nparams, + VIR_MIGRATE_PARAM_DEST_NAME, + &dname) < 0 || + virTypedParamsGetString(params, nparams, + VIR_MIGRATE_PARAM_URI, + &uri) < 0) + + goto cleanup; + + if (!(vm = libxlDomObjFromDomain(dom))) + goto cleanup; + + if (virDomainMigratePerform3ParamsEnsureACL(dom->conn, vm->def) < 0) + goto cleanup; + + if (libxlDomainMigrationPerform(driver, vm, dom_xml, dconnuri, + uri, dname, flags) < 0) { + /* Job terminated and vm unlocked if MigrationPerform failed */ + vm = NULL; + goto cleanup; + } + + ret = 0; + + cleanup: + if (vm) + virObjectUnlock(vm); + return ret; +} + +static virDomainPtr +libxlDomainMigrateFinish3Params(virConnectPtr dconn, + virTypedParameterPtr params, + int nparams, + const char *cookiein ATTRIBUTE_UNUSED, + int cookieinlen ATTRIBUTE_UNUSED, + char **cookieout ATTRIBUTE_UNUSED, + int *cookieoutlen ATTRIBUTE_UNUSED, + unsigned int flags, + int cancelled) +{ + libxlDriverPrivatePtr driver = dconn->privateData; + virDomainObjPtr vm = NULL; + const char *dname = NULL; + + virCheckFlags(LIBXL_MIGRATION_FLAGS, NULL); + if (virTypedParamsValidate(params, nparams, LIBXL_MIGRATION_PARAMETERS) < 0) + return NULL; + + if (virTypedParamsGetString(params, nparams, + VIR_MIGRATE_PARAM_DEST_NAME, + &dname) < 0) + return NULL; + + if (!dname || + !(vm = virDomainObjListFindByName(driver->domains, dname))) { + /* Migration obviously failed if the domain doesn't exist */ + virReportError(VIR_ERR_OPERATION_FAILED, + _("Migration failed. No domain on destination host " + "with matching name '%s'"), + NULLSTR(dname)); + return NULL; + } + + if (virDomainMigrateFinish3ParamsEnsureACL(dconn, vm->def) < 0) { + virObjectUnlock(vm); + return NULL; + } + + if (!virDomainObjIsActive(vm)) { + /* Migration failed if domain is inactive */ + virReportError(VIR_ERR_OPERATION_FAILED, + "%s", _("Migration failed. Domain is not running " + "on destination host")); + virObjectUnlock(vm); + return NULL; + } + + return libxlDomainMigrationFinish(dconn, vm, flags, cancelled); +} + +static int +libxlDomainMigrateConfirm3Params(virDomainPtr domain, + virTypedParameterPtr params, + int nparams, + const char *cookiein ATTRIBUTE_UNUSED, + int cookieinlen ATTRIBUTE_UNUSED, + unsigned int flags, + int cancelled) +{ + libxlDriverPrivatePtr driver = domain->conn->privateData; + virDomainObjPtr vm = NULL; + + virCheckFlags(LIBXL_MIGRATION_FLAGS, -1); + if (virTypedParamsValidate(params, nparams, LIBXL_MIGRATION_PARAMETERS) < 0) + return -1; + + if (!(vm = libxlDomObjFromDomain(domain))) + return -1; + + if (virDomainMigrateConfirm3ParamsEnsureACL(domain->conn, vm->def) < 0) { + virObjectUnlock(vm); + return -1; + } + + return libxlDomainMigrationConfirm(driver, vm, flags, cancelled); +} + static virDriver libxlDriver = { .no = VIR_DRV_LIBXL, @@ -4399,6 +4629,11 @@ static virDriver libxlDriver = { .nodeDeviceDetachFlags = libxlNodeDeviceDetachFlags, /* 1.2.3 */ .nodeDeviceReAttach = libxlNodeDeviceReAttach, /* 1.2.3 */ .nodeDeviceReset = libxlNodeDeviceReset, /* 1.2.3 */ + .domainMigrateBegin3Params = libxlDomainMigrateBegin3Params, /* 1.2.3 */ + .domainMigratePrepare3Params = libxlDomainMigratePrepare3Params, /* 1.2.3 */ + .domainMigratePerform3Params = libxlDomainMigratePerform3Params, /* 1.2.3 */ + .domainMigrateFinish3Params = libxlDomainMigrateFinish3Params, /* 1.2.3 */ + .domainMigrateConfirm3Params = libxlDomainMigrateConfirm3Params, /* 1.2.3 */ }; static virStateDriver libxlStateDriver = { diff --git a/src/libxl/libxl_migration.c b/src/libxl/libxl_migration.c new file mode 100644 index 0000000..04ae48d --- /dev/null +++ b/src/libxl/libxl_migration.c @@ -0,0 +1,544 @@ +/* + * libxl_migration.c: methods for handling migration with libxenlight + * + * Copyright (C) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + * + * Authors: + * Jim Fehlig <jfehlig(a)suse.com> + * Chunyan Liu <cyliu(a)suse.com> + */ + +#include <config.h> + +#include "internal.h" +#include "virlog.h" +#include "virerror.h" +#include "virconf.h" +#include "datatypes.h" +#include "virfile.h" +#include "viralloc.h" +#include "viruuid.h" +#include "vircommand.h" +#include "virstring.h" +#include "rpc/virnetsocket.h" +#include "libxl_domain.h" +#include "libxl_driver.h" +#include "libxl_conf.h" +#include "libxl_migration.h" + +#define VIR_FROM_THIS VIR_FROM_LIBXL + +VIR_LOG_INIT("libxl.libxl_migration"); + +typedef struct _libxlMigrateReceiveArgs { + virConnectPtr conn; + virDomainObjPtr vm; + + /* for freeing listen sockets */ + virNetSocketPtr *socks; + size_t nsocks; +} libxlMigrateReceiveArgs; + + +static void +libxlDoMigrateReceive(virNetSocketPtr sock, + int events ATTRIBUTE_UNUSED, + void *opaque) +{ + libxlMigrateReceiveArgs *data = opaque; + virConnectPtr conn = data->conn; + virDomainObjPtr vm = data->vm; + virNetSocketPtr *socks = data->socks; + size_t nsocks = data->nsocks; + libxlDriverPrivatePtr driver = conn->privateData; + virNetSocketPtr client_sock; + int recvfd; + size_t i; + int ret; + + virNetSocketAccept(sock, &client_sock); + if (client_sock == NULL) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("Fail to accept migration connection")); + goto cleanup; + } + VIR_DEBUG("Accepted migration connection\n"); + recvfd = virNetSocketDupFD(client_sock, true); + virObjectUnref(client_sock); + + virObjectLock(vm); + ret = libxlDomainStart(driver, vm, false, recvfd); + virObjectUnlock(vm); + + if (ret < 0 && !vm->persistent) + virDomainObjListRemove(driver->domains, vm); + + cleanup: + /* Remove all listen socks from event handler, and close them. */ + for (i = 0; i < nsocks; i++) { + virNetSocketUpdateIOCallback(socks[i], 0); + virNetSocketRemoveIOCallback(socks[i]); + virNetSocketClose(socks[i]); + virObjectUnref(socks[i]); + } + VIR_FREE(socks); + + VIR_FORCE_CLOSE(recvfd); + VIR_FREE(opaque); + return; +} + +static int +libxlDoMigrateSend(libxlDriverPrivatePtr driver, + virDomainObjPtr vm, + unsigned long flags, + int sockfd) +{ + libxlDomainObjPrivatePtr priv; + libxlDriverConfigPtr cfg = libxlDriverConfigGet(driver); + virObjectEventPtr event = NULL; + int xl_flags = 0; + int ret; + + if (flags & VIR_MIGRATE_LIVE) + xl_flags = LIBXL_SUSPEND_LIVE; + + priv = vm->privateData; + ret = libxl_domain_suspend(priv->ctx, vm->def->id, sockfd, + xl_flags, NULL); + if (ret != 0) { + /* attempt to resume the domain on failure */ + if (libxl_domain_resume(priv->ctx, vm->def->id, 0, 0) != 0) { + VIR_DEBUG("Failed to resume domain following failed migration"); + virDomainObjSetState(vm, VIR_DOMAIN_PAUSED, + VIR_DOMAIN_PAUSED_MIGRATION); + event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_SUSPENDED, + VIR_DOMAIN_EVENT_SUSPENDED_MIGRATED); + ignore_value(virDomainSaveStatus(driver->xmlopt, cfg->stateDir, vm)); + } + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Failed to send migration data to destination host")); + ret = -1; + goto cleanup; + } + + cleanup: + if (event) + libxlDomainEventQueue(driver, event); + virObjectUnref(cfg); + return ret; +} + +static bool +libxlDomainMigrationIsAllowed(virDomainDefPtr def) +{ + /* Migration is not allowed if definition contains any hostdevs */ + if (def->nhostdevs > 0) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("domain has assigned host devices")); + return false; + } + + return true; +} + +char * +libxlDomainMigrationBegin(virConnectPtr conn, + virDomainObjPtr vm, + const char *xmlin) +{ + libxlDriverPrivatePtr driver = conn->privateData; + libxlDriverConfigPtr cfg = libxlDriverConfigGet(driver); + virDomainDefPtr tmpdef = NULL; + virDomainDefPtr def; + char *xml = NULL; + + if (libxlDomainObjBeginJob(driver, vm, LIBXL_JOB_MODIFY) < 0) + goto cleanup; + + if (xmlin) { + if (!(tmpdef = virDomainDefParseString(xmlin, cfg->caps, + driver->xmlopt, + 1 << VIR_DOMAIN_VIRT_XEN, + VIR_DOMAIN_XML_INACTIVE))) + goto endjob; + + def = tmpdef; + } else { + def = vm->def; + } + + if (!libxlDomainMigrationIsAllowed(def)) + goto endjob; + + xml = virDomainDefFormat(def, VIR_DOMAIN_XML_SECURE); + + cleanup: + if (vm) + virObjectUnlock(vm); + + virDomainDefFree(tmpdef); + virObjectUnref(cfg); + return xml; + + endjob: + if (!libxlDomainObjEndJob(driver, vm)) + vm = NULL; + goto cleanup; +} + +virDomainDefPtr +libxlDomainMigrationPrepareDef(libxlDriverPrivatePtr driver, + const char *dom_xml, + const char *dname) +{ + libxlDriverConfigPtr cfg = libxlDriverConfigGet(driver); + virDomainDefPtr def; + char *name = NULL; + + if (!dom_xml) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("no domain XML passed")); + return NULL; + } + + if (!(def = virDomainDefParseString(dom_xml, cfg->caps, driver->xmlopt, + 1 << VIR_DOMAIN_VIRT_XEN, + VIR_DOMAIN_XML_INACTIVE))) + goto cleanup; + + if (dname) { + name = def->name; + if (VIR_STRDUP(def->name, dname) < 0) { + virDomainDefFree(def); + def = NULL; + } + } + + cleanup: + virObjectUnref(cfg); + VIR_FREE(name); + return def; +} + +int +libxlDomainMigrationPrepare(virConnectPtr dconn, + virDomainDefPtr def, + const char *uri_in, + char **uri_out) +{ + libxlDriverPrivatePtr driver = dconn->privateData; + virDomainObjPtr vm = NULL; + char *hostname = NULL; + unsigned short port; + char portstr[100]; + virURIPtr uri = NULL; + virNetSocketPtr *socks = NULL; + size_t nsocks = 0; + int nsocks_listen = 0; + libxlMigrateReceiveArgs *args; + size_t i; + int ret = -1; + + if (!(vm = virDomainObjListAdd(driver->domains, def, + driver->xmlopt, + VIR_DOMAIN_OBJ_LIST_ADD_LIVE | + VIR_DOMAIN_OBJ_LIST_ADD_CHECK_LIVE, + NULL))) + goto cleanup; + + /* Create socket connection to receive migration data */ + if (!uri_in) { + if ((hostname = virGetHostname()) == NULL) + goto cleanup; + + if (STRPREFIX(hostname, "localhost")) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("hostname on destination resolved to localhost," + " but migration requires an FQDN")); + goto cleanup; + } + + if (virPortAllocatorAcquire(driver->migrationPorts, &port) < 0) + goto cleanup; + + if (virAsprintf(uri_out, "tcp://%s:%d", hostname, port) < 0) + goto cleanup; + } else { + if (!(STRPREFIX(uri_in, "tcp://"))) { + /* not full URI, add prefix tcp:// */ + char *tmp; + if (virAsprintf(&tmp, "tcp://%s", uri_in) < 0) + goto cleanup; + uri = virURIParse(tmp); + VIR_FREE(tmp); + } else { + uri = virURIParse(uri_in); + } + + if (uri == NULL) { + virReportError(VIR_ERR_INVALID_ARG, + _("unable to parse URI: %s"), + uri_in); + goto cleanup; + } + + if (uri->server == NULL) { + virReportError(VIR_ERR_INVALID_ARG, + _("missing host in migration URI: %s"), + uri_in); + goto cleanup; + } else { + hostname = uri->server; + } + + if (uri->port == 0) { + if (virPortAllocatorAcquire(driver->migrationPorts, &port) < 0) + goto cleanup; + + } else { + port = uri->port; + } + + if (virAsprintf(uri_out, "tcp://%s:%d", hostname, port) < 0) + goto cleanup; + } + + snprintf(portstr, sizeof(portstr), "%d", port); + + if (virNetSocketNewListenTCP(hostname, portstr, &socks, &nsocks) < 0) { + virReportError(VIR_ERR_OPERATION_FAILED, "%s", + _("Fail to create socket for incoming migration")); + goto cleanup; + } + + if (VIR_ALLOC(args) < 0) + goto cleanup; + + args->conn = dconn; + args->vm = vm; + args->socks = socks; + args->nsocks = nsocks; + + for (i = 0; i < nsocks; i++) { + if (virNetSocketSetBlocking(socks[i], true) < 0) + continue; + + if (virNetSocketListen(socks[i], 1) < 0) + continue; + + if (virNetSocketAddIOCallback(socks[i], + 0, + libxlDoMigrateReceive, + args, + NULL) < 0) { + continue; + } + + virNetSocketUpdateIOCallback(socks[i], VIR_EVENT_HANDLE_READABLE); + nsocks_listen++; + } + + if (!nsocks_listen) + goto cleanup; + + ret = 0; + goto done; + + cleanup: + for (i = 0; i < nsocks; i++) { + virNetSocketClose(socks[i]); + virObjectUnref(socks[i]); + } + VIR_FREE(socks); + + done: + virURIFree(uri); + if (vm) + virObjectUnlock(vm); + return ret; +} + +int +libxlDomainMigrationPerform(libxlDriverPrivatePtr driver, + virDomainObjPtr vm, + const char *dom_xml ATTRIBUTE_UNUSED, + const char *dconnuri ATTRIBUTE_UNUSED, + const char *uri_str, + const char *dname ATTRIBUTE_UNUSED, + unsigned int flags) +{ + char *hostname = NULL; + unsigned short port = 0; + char portstr[100]; + virURIPtr uri = NULL; + virNetSocketPtr sock; + int sockfd = -1; + int saved_errno = EINVAL; + int ret = -1; + + /* parse dst host:port from uri */ + uri = virURIParse(uri_str); + if (uri == NULL || uri->server == NULL || uri->port == 0) + goto cleanup; + + hostname = uri->server; + port = uri->port; + snprintf(portstr, sizeof(portstr), "%d", port); + + /* socket connect to dst host:port */ + if (virNetSocketNewConnectTCP(hostname, portstr, &sock) < 0) { + virReportSystemError(saved_errno, + _("unable to connect to '%s:%s'"), + hostname, portstr); + goto cleanup; + } + + if (virNetSocketSetBlocking(sock, true) < 0) { + virObjectUnref(sock); + goto cleanup; + } + + sockfd = virNetSocketDupFD(sock, true); + virObjectUnref(sock); + + /* suspend vm and send saved data to dst through socket fd */ + virObjectUnlock(vm); + ret = libxlDoMigrateSend(driver, vm, flags, sockfd); + virObjectLock(vm); + + cleanup: + /* If failure, terminate the job started in MigrationBegin */ + if (ret == -1) { + if (libxlDomainObjEndJob(driver, vm)) + virObjectUnlock(vm); + } + VIR_FORCE_CLOSE(sockfd); + virURIFree(uri); + return ret; +} + +virDomainPtr +libxlDomainMigrationFinish(virConnectPtr dconn, + virDomainObjPtr vm, + unsigned int flags, + int cancelled) +{ + libxlDriverPrivatePtr driver = dconn->privateData; + libxlDriverConfigPtr cfg = libxlDriverConfigGet(driver); + libxlDomainObjPrivatePtr priv = vm->privateData; + virObjectEventPtr event = NULL; + virDomainPtr dom = NULL; + + virPortAllocatorRelease(driver->migrationPorts, priv->migrationPort); + priv->migrationPort = 0; + + if (cancelled) + goto cleanup; + + if (!(flags & VIR_MIGRATE_PAUSED)) { + if (libxl_domain_unpause(priv->ctx, vm->def->id) != 0) { + virReportError(VIR_ERR_OPERATION_FAILED, "%s", + _("Failed to unpause domain")); + goto cleanup; + } + + virDomainObjSetState(vm, VIR_DOMAIN_RUNNING, + VIR_DOMAIN_RUNNING_MIGRATED); + event = virDomainEventLifecycleNewFromObj(vm, + VIR_DOMAIN_EVENT_RESUMED, + VIR_DOMAIN_EVENT_RESUMED_MIGRATED); + } else { + virDomainObjSetState(vm, VIR_DOMAIN_PAUSED, VIR_DOMAIN_PAUSED_USER); + event = virDomainEventLifecycleNewFromObj(vm, + VIR_DOMAIN_EVENT_SUSPENDED, + VIR_DOMAIN_EVENT_SUSPENDED_PAUSED); + } + + if (virDomainSaveStatus(driver->xmlopt, cfg->stateDir, vm) < 0) + goto cleanup; + + dom = virGetDomain(dconn, vm->def->name, vm->def->uuid); + + if (dom == NULL) { + libxl_domain_destroy(priv->ctx, vm->def->id, NULL); + libxlDomainCleanup(driver, vm, VIR_DOMAIN_SHUTOFF_FAILED); + event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, + VIR_DOMAIN_EVENT_STOPPED_FAILED); + libxlDomainEventQueue(driver, event); + } + + cleanup: + if (event) + libxlDomainEventQueue(driver, event); + if (vm) + virObjectUnlock(vm); + virObjectUnref(cfg); + return dom; +} + +int +libxlDomainMigrationConfirm(libxlDriverPrivatePtr driver, + virDomainObjPtr vm, + unsigned int flags, + int cancelled) +{ + libxlDriverConfigPtr cfg = libxlDriverConfigGet(driver); + libxlDomainObjPrivatePtr priv = vm->privateData; + virObjectEventPtr event = NULL; + int ret = -1; + + if (cancelled) { + if (libxl_domain_resume(priv->ctx, vm->def->id, 1, 0) == 0) { + ret = 0; + } else { + VIR_DEBUG("Unable to resume domain '%s' after failed migration", + vm->def->name); + virDomainObjSetState(vm, VIR_DOMAIN_PAUSED, + VIR_DOMAIN_PAUSED_MIGRATION); + event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_SUSPENDED, + VIR_DOMAIN_EVENT_SUSPENDED_MIGRATED); + ignore_value(virDomainSaveStatus(driver->xmlopt, cfg->stateDir, vm)); + } + goto cleanup; + } + + libxl_domain_destroy(priv->ctx, vm->def->id, NULL); + libxlDomainCleanup(driver, vm, VIR_DOMAIN_SHUTOFF_MIGRATED); + event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, + VIR_DOMAIN_EVENT_STOPPED_MIGRATED); + + VIR_DEBUG("Domain '%s' successfully migrated", vm->def->name); + + if (flags & VIR_MIGRATE_UNDEFINE_SOURCE) + virDomainDeleteConfig(cfg->configDir, cfg->autostartDir, vm); + + if (!vm->persistent || (flags & VIR_MIGRATE_UNDEFINE_SOURCE)) + virDomainObjListRemove(driver->domains, vm); + + ret = 0; + + cleanup: + if (!libxlDomainObjEndJob(driver, vm)) + vm = NULL; + if (event) + libxlDomainEventQueue(driver, event); + if (vm) + virObjectUnlock(vm); + virObjectUnref(cfg); + return ret; +} diff --git a/src/libxl/libxl_migration.h b/src/libxl/libxl_migration.h new file mode 100644 index 0000000..63d8bdc --- /dev/null +++ b/src/libxl/libxl_migration.h @@ -0,0 +1,78 @@ +/* + * libxl_migration.h: methods for handling migration with libxenlight + * + * Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + * + * Authors: + * Jim Fehlig <jfehlig(a)suse.com> + */ + +#ifndef LIBXL_MIGRATION_H +# define LIBXL_MIGRATION_H + +# include "libxl_conf.h" + +# define LIBXL_MIGRATION_FLAGS \ + (VIR_MIGRATE_LIVE | \ + VIR_MIGRATE_UNDEFINE_SOURCE | \ + VIR_MIGRATE_PAUSED) + +/* All supported migration parameters and their types. */ +# define LIBXL_MIGRATION_PARAMETERS \ + VIR_MIGRATE_PARAM_URI, VIR_TYPED_PARAM_STRING, \ + VIR_MIGRATE_PARAM_DEST_NAME, VIR_TYPED_PARAM_STRING, \ + VIR_MIGRATE_PARAM_DEST_XML, VIR_TYPED_PARAM_STRING, \ + NULL + +char * +libxlDomainMigrationBegin(virConnectPtr conn, + virDomainObjPtr vm, + const char *xmlin); + +virDomainDefPtr +libxlDomainMigrationPrepareDef(libxlDriverPrivatePtr driver, + const char *dom_xml, + const char *dname); + +int +libxlDomainMigrationPrepare(virConnectPtr dconn, + virDomainDefPtr def, + const char *uri_in, + char **uri_out); + +int +libxlDomainMigrationPerform(libxlDriverPrivatePtr driver, + virDomainObjPtr vm, + const char *dom_xml, + const char *dconnuri, + const char *uri_str, + const char *dname, + unsigned int flags); + +virDomainPtr +libxlDomainMigrationFinish(virConnectPtr dconn, + virDomainObjPtr vm, + unsigned int flags, + int cancelled); + +int +libxlDomainMigrationConfirm(libxlDriverPrivatePtr driver, + virDomainObjPtr vm, + unsigned int flags, + int cancelled); + +#endif /* LIBXL_DRIVER_H */ -- 1.8.1.4

2 1

[libvirt] [PATCH 0/2] Add support of SASL authentication for QEMU migration
by Sahid Orentino Ferdjaoui 30 Apr '14

30 Apr '14

This is a first contribution, I have tried to follow the most as possible rules marked in HACKING. I hope this commit will be conform with the specifications. make check OK make syntax-check OK make -C tests valgrind OK Currently with peer to peer migration provided by virDomainMigrateToURI, QEMU migration code uses virConnectOpen() which means that all authentication callbacks are disabled. Since no auth callback is present, SASL doesn't find any mechanisms and thus auth fails with the error: "authentication failed: Failed to start SASL negotiation: -4 (SASL(-4): no mechanism available: No worthy mechs found)" The PATCH 1/2 adds a new example to illustrate how to use peer to peer migration. This patch is not necessary to fix the problem and can be removed. It is provided to help reviewers by avoiding the necessary to create code that use this feature. Also as it demonstrates the performance of libvirt I have thought it could be interesting to keep it for new users. The PATCH 2/2 fixes the problem by configuring QEMU migration code to use virConnectOpenAuth instead of virConnectOpen. Indeed this function will call if necessary a callback responsible to fetching credentials. Sahid Orentino Ferdjaoui (2): Add a new example to illustrate domain migration Add support for QEMU migration to use SASL authentication .gitignore | 1 + Makefile.am | 2 +- configure.ac | 1 + examples/dommigrate/Makefile.am | 26 ++++++++++++++ examples/dommigrate/dommigrate.c | 78 ++++++++++++++++++++++++++++++++++++++++ libvirt.spec.in | 3 +- src/qemu/qemu_migration.c | 14 +++++++- 7 files changed, 122 insertions(+), 3 deletions(-) create mode 100644 examples/dommigrate/Makefile.am create mode 100644 examples/dommigrate/dommigrate.c -- 1.9.0

3 12

[libvirt] [PATCH] virstoragetest: Don't run the test on 32 bit arches
by Michal Privoznik 30 Apr '14

30 Apr '14

Currently, there's an issue with virStrToLong_* APIs that they turn "-1" into UINT_MAX. While this is not acceptable, it works on 64 bit architectures and doesn't work on 32 bit ones. I know that much cleaner solution is required, but given that we are in the freeze we may as well just skip the test on 32 bits. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- tests/virstoragetest.c | 54 ++++++++++++++++++++++++++++++++------------------ 1 file changed, 35 insertions(+), 19 deletions(-) diff --git a/tests/virstoragetest.c b/tests/virstoragetest.c index 018469a..9e81782 100644 --- a/tests/virstoragetest.c +++ b/tests/virstoragetest.c @@ -23,19 +23,26 @@ #include <stdlib.h> #include "testutils.h" -#include "vircommand.h" -#include "virerror.h" -#include "virfile.h" -#include "virlog.h" -#include "virstoragefile.h" -#include "virstring.h" -#include "dirname.h" -#define VIR_FROM_THIS VIR_FROM_NONE +/* + * XXX An awful workaround as this test doesn't run + * cleanly on 32 bit architectures. + */ +#ifdef __LP64__ + +# include "vircommand.h" +# include "virerror.h" +# include "virfile.h" +# include "virlog.h" +# include "virstoragefile.h" +# include "virstring.h" +# include "dirname.h" + +# define VIR_FROM_THIS VIR_FROM_NONE VIR_LOG_INIT("tests.storagetest"); -#define datadir abs_builddir "/virstoragedata" +# define datadir abs_builddir "/virstoragedata" /* This test creates the following files, all in datadir: @@ -239,14 +246,14 @@ testPrepImages(void) goto cleanup; } -#ifdef HAVE_SYMLINK +# ifdef HAVE_SYMLINK /* Create some symlinks in a sub-directory. */ if (symlink("../qcow2", datadir "/sub/link1") < 0 || symlink("../wrap", datadir "/sub/link2") < 0) { fprintf(stderr, "unable to create symlink"); goto cleanup; } -#endif +# endif ret = 0; cleanup: @@ -513,7 +520,7 @@ mymain(void) if ((ret = testPrepImages()) != 0) return ret; -#define TEST_ONE_CHAIN(id, start, format, flags, ...) \ +# define TEST_ONE_CHAIN(id, start, format, flags, ...) \ do { \ size_t i; \ memset(&data, 0, sizeof(data)); \ @@ -528,10 +535,10 @@ mymain(void) ret = -1; \ } while (0) -#define VIR_FLATTEN_2(...) __VA_ARGS__ -#define VIR_FLATTEN_1(_1) VIR_FLATTEN_2 _1 +# define VIR_FLATTEN_2(...) __VA_ARGS__ +# define VIR_FLATTEN_1(_1) VIR_FLATTEN_2 _1 -#define TEST_CHAIN(id, relstart, absstart, format, chain1, flags1, \ +# define TEST_CHAIN(id, relstart, absstart, format, chain1, flags1, \ chain2, flags2, chain3, flags3, chain4, flags4) \ do { \ TEST_ONE_CHAIN(#id "a", relstart, format, flags1, \ @@ -788,7 +795,7 @@ mymain(void) (&dir), EXP_PASS, (&dir), ALLOW_PROBE | EXP_PASS); -#ifdef HAVE_SYMLINK +# ifdef HAVE_SYMLINK /* Rewrite qcow2 and wrap file to use backing names relative to a * symlink from a different directory */ virCommandFree(cmd); @@ -838,7 +845,7 @@ mymain(void) (&link2, &link1, &raw), ALLOW_PROBE | EXP_PASS, (&link2, &link1, &raw), EXP_PASS, (&link2, &link1, &raw), ALLOW_PROBE | EXP_PASS); -#endif +# endif /* Rewrite qcow2 to be a self-referential loop */ virCommandFree(cmd); @@ -894,7 +901,7 @@ mymain(void) goto cleanup; } -#define TEST_LOOKUP_TARGET(id, target, name, index, result, meta, parent) \ +# define TEST_LOOKUP_TARGET(id, target, name, index, result, meta, parent) \ do { \ struct testLookupData data2 = { chain, target, name, index, \ result, meta, parent, }; \ @@ -902,7 +909,7 @@ mymain(void) testStorageLookup, &data2) < 0) \ ret = -1; \ } while (0) -#define TEST_LOOKUP(id, name, result, meta, parent) \ +# define TEST_LOOKUP(id, name, result, meta, parent) \ TEST_LOOKUP_TARGET(id, NULL, name, 0, result, meta, parent) TEST_LOOKUP(0, "bogus", NULL, NULL, NULL); @@ -1012,3 +1019,12 @@ mymain(void) } VIRT_TEST_MAIN(mymain) + +#else + +int main(void) +{ + return EXIT_AM_SKIP; +} + +#endif /* __LP64___ */ -- 1.9.0

5 8

[libvirt] [PATCH 0/2] fix build failures on freebsd
by Pavel Hrdina 30 Apr '14

30 Apr '14

Pavel Hrdina (2): virfirewall: fix build on freebsd networkxml2firewalltest: fix build failure on freebsd src/util/virfirewall.c | 4 ++-- tests/networkxml2firewalltest.c | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) -- 1.8.3.2

1 2

[libvirt] Entering freeze for libvirt-1.2.4
by Daniel Veillard 30 Apr '14

30 Apr '14

As planned on Friday, I tagged the tree earlier today for Release Candidate 1, the tarball and rpms are available from the usual place: ftp://libvirt.org/libvirt/ Seems to work fine in my limited testing, but distcheck failed with xsltproc being unable to access ../../ . I don't think anything changed there on my side so it smells like a new problem. Otherwise looks good to me so far, with a bit of luck we can push 1.2.4 end of Friday or sometime next week-end, Daniel -- Daniel Veillard | Open Source and Standards, Red Hat veillard(a)redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | virtualization library http://libvirt.org/

4 4