[libvirt] [PATCH] Fix compile error for stable 1.2.9
by Yang hongyang
Seems a backport miss. An extra member is passed to struct
virLXCBasicMountInfo.
Signed-off-by: Yang hongyang <hongyang.yang(a)easystack.cn>
---
src/lxc/lxc_container.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 28dabec..1c65fa9 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -760,7 +760,7 @@ typedef struct {
static const virLXCBasicMountInfo lxcBasicMounts[] = {
{ "proc", "/proc", "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, false, false },
- { "/proc/sys", "/proc/sys", NULL, MS_BIND|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, false, false, false },
+ { "/proc/sys", "/proc/sys", NULL, MS_BIND|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, false, false },
{ "sysfs", "/sys", "sysfs", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, false, false },
{ "securityfs", "/sys/kernel/security", "securityfs", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY, true, true },
#if WITH_SELINUX
--
1.7.1
1 year
[libvirt] Supporting vhost-net and macvtap in libvirt for QEMU
by Anthony Liguori
Disclaimer: I am neither an SR-IOV nor a vhost-net expert, but I've CC'd
people that are who can throw tomatoes at me for getting bits wrong :-)
I wanted to start a discussion about supporting vhost-net in libvirt.
vhost-net has not yet been merged into qemu but I expect it will be soon
so it's a good time to start this discussion.
There are two modes worth supporting for vhost-net in libvirt. The
first mode is where vhost-net backs to a tun/tap device. This is
behaves in very much the same way that -net tap behaves in qemu today.
Basically, the difference is that the virtio backend is in the kernel
instead of in qemu so there should be some performance improvement.
Current, libvirt invokes qemu with -net tap,fd=X where X is an already
open fd to a tun/tap device. I suspect that after we merge vhost-net,
libvirt could support vhost-net in this mode by just doing -net
vhost,fd=X. I think the only real question for libvirt is whether to
provide a user visible switch to use vhost or to just always use vhost
when it's available and it makes sense. Personally, I think the later
makes sense.
The more interesting invocation of vhost-net though is one where the
vhost-net device backs directly to a physical network card. In this
mode, vhost should get considerably better performance than the current
implementation. I don't know the syntax yet, but I think it's
reasonable to assume that it will look something like -net
tap,dev=eth0. The effect will be that eth0 is dedicated to the guest.
On most modern systems, there is a small number of network devices so
this model is not all that useful except when dealing with SR-IOV
adapters. In that case, each physical device can be exposed as many
virtual devices (VFs). There are a few restrictions here though. The
biggest is that currently, you can only change the number of VFs by
reloading a kernel module so it's really a parameter that must be set at
startup time.
I think there are a few ways libvirt could support vhost-net in this
second mode. The simplest would be to introduce a new tag similar to
<source network='br0'>. In fact, if you probed the device type for the
network parameter, you could probably do something like <source
network='eth0'> and have it Just Work.
Another model would be to have libvirt see an SR-IOV adapter as a
network pool whereas it handled all of the VF management. Considering
how inflexible SR-IOV is today, I'm not sure whether this is the best model.
Has anyone put any more thought into this problem or how this should be
modeled in libvirt? Michael, could you share your current thinking for
-net syntax?
--
Regards,
Anthony Liguori
1 year
[libvirt] [PATCH v2 0/1] storage: vstorage support
by Olga Krishtal
The patch supports pool and volume managment using Vistuozzo Storage (vstorage)
as a backend.
To define pool use:
virsh -c qemu+unix:///system pool-define-as --name VZ --type vstorage
--source-name vz7-vzstorage --target /vzstorage_pool
The resulting XML:
<pool type='vstorage'>
<name>VZ</name>
<uuid>5f45665b-66fa-4b18-84d1-248774cff3a1</uuid>
<capacity unit='bytes'>107374182400</capacity>
<allocation unit='bytes'>1441144832</allocation>
<available unit='bytes'>105933037568</available>
<source>
<name>vz7-vzstorage</name>
</source>
<target>
<path>/vzstorage_pool</path>
<permissions>
<mode>0700</mode>
<owner>0</owner>
<group>0</group>
</permissions>
</target>
</pool>
For the vstorage pool the only obligatory parameter, which stores cluster name,
is --source-name.
v2:
- maximum code reusage
- fixed name issue - we use vstorage
- simplified findPoolSources
Olga Krishtal (1):
storage: vz storage pool support
configure.ac | 28 ++++++++++
docs/schemas/storagepool.rng | 13 +++++
include/libvirt/libvirt-storage.h | 1 +
src/conf/storage_conf.c | 16 +++++-
src/conf/storage_conf.h | 4 +-
src/storage/storage_backend.c | 3 +
src/storage/storage_backend_fs.c | 114 ++++++++++++++++++++++++++++++++++++--
src/storage/storage_backend_fs.h | 3 +
src/storage/storage_driver.c | 2 +
tools/virsh-pool.c | 2 +
tools/virsh.c | 3 +
11 files changed, 181 insertions(+), 8 deletions(-)
--
1.8.3.1
7 years, 11 months
[libvirt] [PATCH 0/2] qemu_cgroup: allow access to /dev/dri/render*
by Ján Tomko
Technically a v2, but v1 is already pushed.
This version is based on the <gl enable> in <spice> instead
of accel3d="yes" in <video><model type="virtio".
It also only allows access to the render* devices, instead of all of them.
https://bugzilla.redhat.com/show_bug.cgi?id=1337290
Ján Tomko (2):
Revert "qemu_cgroup: allow access to /dev/dri for virtio-vga"
qemu_cgroup: allow access to /dev/dri/render*
src/qemu/qemu_cgroup.c | 71 ++++++++++++++++++++++++++++++++++++++++----------
1 file changed, 57 insertions(+), 14 deletions(-)
--
2.7.3
7 years, 11 months
[libvirt] RFC: add recreate option to domain events conf
by Nikolay Shirokovskiy
Hi, all.
Does it make sense to anybody else that rebooting and resetting
a persistent domain from outside or from inside should bring upon
pending configuration changes? For this purpose we can add another
option to on_reboot and other events, say 'recreate'. From technical
POV qemu has enough capabilities, namely -no-reboot option.
Nikolay
7 years, 11 months
Re: [libvirt] question about rdma migration
by Michael R. Hines
Hi Roy,
On 02/09/2016 03:57 AM, Roy Shterman wrote:
> Hi,
>
> I tried to understand the rdma-migration in qemu code and i have two
> questions about it:
>
> 1. I'm working with qemu-kvm using libvirt and i'm getting
>
> MEMLOCK max locked-in-memory address space 65536 65536 bytes
>
> in qemu process so I don't understand how can you use rdma-pin-all
> with such low MEMLOCK.
>
> I found a solution in libvirt to lock all vm memory in advance and to
> enlarge MEMLOCK.
> It uses memoryBacking locking and memory tuning hard_limit of vm
> memory but I couldn't find a usage of this in rdma-migration code.
>
You're absolutey right, the RDMA migration code itself doesn't set this
lock limit explicitly because there are system-wide restrictions in both
appArmour,
/etc/security, as well as SELINUX that restrict applications from
arbitrarily setting their maximum memory lock limits.
The other problem is CGROUPS: If someone sets a cgroup control for
maximum memory and forgets about that mlock() limits, then
there will be a conflict.
So, libvirt must have a policy to deal with all of these possibilities,
not just handle a special case for RDMA migration.
The only way "simple" way (without patching the problems above) to apply
a higher lock limit to QEMU is to set the ulimit for libvirt
(or for QEMU if starting QEMU manually) in your environment or the
command line with $ ulimit # before attempting the migration,
then the RDMA subsystem will be able to lock the memory successfully.
The other option is to use /etc/security/limits.conf and set the option
for a specific libvirt process user and make sure your libvirt/qemu
are not running as root.
QEMU itself also has a "mlock" option built into the command line, but
it also suffers from the same problem --- you have to find
a way (currently) to increase the limit before using the option.
> 2. Do you have any comparison of IOPS and bandwidth between TCP
> migration and rdma migration?
>
Yes, lots of comparisons.
http://wiki.qemu.org/Features/RDMALiveMigration
http://www.canturkisci.com/ETC/papers/IBMJRD2011/preprint.pdf
> Regards,
> Roy
>
>
8 years
[libvirt] Qemu: create empty cdrom
by Gromak Yuriy
Hello.
Qemu is latest from master branch.
Tryingto start a domain, which is connected toa blankcdrom:
<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<target dev='sdb' bus='scsi'/>
<readonly/>
<address type='drive' controller='0' target='1' bus='0'
unit='0'/>
</disk>
But I get an error:
qemu-system-x86_64: -drive
if=none,id=drive-scsi0-0-1-0,readonly=on,format=raw: Can't use 'raw' as
a block driver for the protocol level.
8 years, 1 month
[libvirt] [PATCHv2] qemu: agent: Fix QEMU guest agent is not available due to an error
by Xiubo Li
These days, we experienced one qemu guest agent is not available
error. Then the guest agent couldn't be used forever before rebooting
the libvirtd daemon or reboot the qemu-guest-agent in the VM(you can
also reboot the VM) to clear the priv->agentError.
This is one bug for a long time in many verisons of libvirtd:
https://bugzilla.redhat.com/show_bug.cgi?id=1090551
And there is one python script to reproduce this bug from the bugzilla:
https://github.com/aspirer/study/blob/master/qemu-guest-agent/test2.py
Just set the timeout to 0 at Line26, you can reproduce it very quickly:
rsp = libvirt_qemu.qemuAgentCommand(dom, cmd, 1, 0) // 1 -> 0
The reason why this could happen is that:
In case we received something like {"return": {}} for example, it is
likely that somebody:
1) Started GA thread which sent one "guest-ping" command with seconds
equals to VIR_DOMAIN_QEMU_AGENT_COMMAND_NOWAIT(0) makes this function
return immediately without waiting, but after updating the events, it
will sleep in virCondWait() or virCondWaitUntil().
2) While in AgentIO thread the "guest-ping" command is sent successfully,
with updating the events it will wait for reply.
3) Then the GA thread is woken up and the mon->msg is set to NULL and exit.
4) At last the AgentIO thread receives the reply of "guest-ping" command
with the mon->msg == NULL.
This case could be adapt to all the GA commands, including guest-sync, etc.
This patch will check if this is the case and don't report an error but
return silently.
Signed-off-by: Xiubo Li <lixiubo(a)cmss.chinamobile.com>
Signed-off-by: Zhuoyu Zhang <zhangzhuoyu(a)cmss.chinamobile.com>
Signed-off-by: Wei Tang <tangwei(a)cmss.chinamobile.com>
Signed-off-by: Yaowei Bai <baiyaowei(a)cmss.chinamobile.com>
Signed-off-by: Qide Chen <chenqide(a)cmss.chinamobile.com>
---
Changes in V2:
- check value type instead of object type.
src/qemu/qemu_agent.c | 37 ++++++++++++++++++++++++++++---------
src/util/virjson.h | 7 +++++++
2 files changed, 35 insertions(+), 9 deletions(-)
diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
index eeede6b..f5408cc 100644
--- a/src/qemu/qemu_agent.c
+++ b/src/qemu/qemu_agent.c
@@ -308,7 +308,6 @@ qemuAgentIOProcessLine(qemuAgentPtr mon,
{
virJSONValuePtr obj = NULL;
int ret = -1;
- unsigned long long id;
VIR_DEBUG("Line [%s]", line);
@@ -333,16 +332,36 @@ qemuAgentIOProcessLine(qemuAgentPtr mon,
obj = NULL;
ret = 0;
} else {
- /* If we've received something like:
- * {"return": 1234}
- * it is likely that somebody started GA
- * which is now processing our previous
- * guest-sync commands. Check if this is
- * the case and don't report an error but
+ virJSONValuePtr val;
+
+ /* In case we received something like:
+ * {"return": {}} for example,
+ * it is likely that somebody:
+ *
+ * 1) Started GA thread which sent one "guest-ping" command
+ * with seconds equals to VIR_DOMAIN_QEMU_AGENT_COMMAND_NOWAIT(0)
+ * makes this function return immediately without waiting, but
+ * after updating the events, it will sleep in virCondWait() or
+ * virCondWaitUntil().
+ *
+ * 2) While in AgentIO thread the "guest-ping" command is sent
+ * successfully, with updating the events it will wait for reply.
+ *
+ * 3) Then the GA thread is woken up and the mon->msg is set
+ * to NULL and exit.
+ *
+ * 4) At last the AgentIO thread receives the reply of "guest-ping"
+ * command with the mon->msg == NULL.
+ *
+ * This case could be adapt to all the GA commands, including
+ * guest-sync, etc.
+ *
+ * Check if this is the case and don't report an error but
* return silently.
*/
- if (virJSONValueObjectGetNumberUlong(obj, "return", &id) == 0) {
- VIR_DEBUG("Ignoring delayed reply to guest-sync: %llu", id);
+ val = virJSONValueObjectGet(obj, "return");
+ if (val && virJSONValueTypeIsValid(val)) {
+ VIR_DEBUG("Ignoring delayed command reply");
ret = 0;
goto cleanup;
}
diff --git a/src/util/virjson.h b/src/util/virjson.h
index 66ed48a..cb1d973 100644
--- a/src/util/virjson.h
+++ b/src/util/virjson.h
@@ -80,6 +80,13 @@ struct _virJSONValue {
} data;
};
+static inline bool
+virJSONValueTypeIsValid(virJSONValuePtr value)
+{
+ return ((value->type >= VIR_JSON_TYPE_OBJECT) &&
+ (value->type <= VIR_JSON_TYPE_BOOLEAN));
+}
+
void virJSONValueFree(virJSONValuePtr value);
int virJSONValueObjectCreate(virJSONValuePtr *obj, ...)
--
1.8.3.1
8 years, 2 months
[libvirt] [PATCH v3 0/6] Test persistent device attachment
by Tomasz Flendrich
Changes in v3:
* fewer patches, because part of v2 was ACK'd
* two old commits, 08/10 and 09/10, are now one commit
* qemuDomainUpdateDeviceFlags is now also split, creating a new function
qemuDomainUpdateDeviceLiveAndConfig(). This function is now used in
qemuhotplugtest.c.
* qemuDomainAttachDeviceLiveAndConfig, qemuDomainDetachDeviceLiveAndConfig
and qemuDomainUpdateDeviceLiveAndConfig are now in a new file:
qemu_driverpriv.h
* variable "target" is renamed to "impact" and its type is changed
* testQemuHotplugCheckResult() now takes "impact" as a parameter to determine
whether to test the ->def or ->newDef
* def->id is no longer set when handling a persistent domain
* split DO_TEST_ATTACH (and other macros) to DO_TEST_ATTACH_LIVE and
DO_TEST_ATTACH_CONFIG instead of taking a parameter
* fixed indentation
* "<source mode='bind'/>" is removed from one xml
* a three year old testcase for updating a disk device was modified
a little bit to make it finally execute and test something
Link to v2: https://www.redhat.com/archives/libvir-list/2016-July/msg00595.html
Tomasz Flendrich (6):
Split qemuDomainUpdateDeviceFlags in two
Make qemu attach/detach functions public
Make qemuhotplugtest work with persistent domains
qemuhotplug: Use a more generic function to update devices
qemuhotplugtest: add testcase to update a disk device
qemuhotplugtest: add a persistent attachment testcase
src/qemu/qemu_driver.c | 117 +++---
src/qemu/qemu_driverpriv.h | 47 +++
tests/qemuhotplugtest.c | 433 ++++++++++++---------
.../qemuhotplug-disk-cdrom-nochange.xml | 2 +-
.../qemuhotplug-qemu-agent.xml | 1 -
.../qemuhotplug-base-config+qemu-agent+config.xml | 44 +++
.../qemuhotplug-base-config.xml | 40 ++
.../qemuhotplug-disk-cdrom.xml | 2 +-
8 files changed, 454 insertions(+), 232 deletions(-)
create mode 100644 src/qemu/qemu_driverpriv.h
create mode 100644 tests/qemuhotplugtestdomains/qemuhotplug-base-config+qemu-agent+config.xml
create mode 100644 tests/qemuhotplugtestdomains/qemuhotplug-base-config.xml
--
1.9.1
8 years, 2 months
