[GSoC] Take migration in Salt virt module to the next level
by Radostin Stoyanov
Hello again libvirt community!
This summer, I once again worked on a GSoC project with libvirt. This
time, the goal of my project was to improve the libvirt integration with
SaltStack and, in particular, the support for VM migration.
SaltStack is an incredibly valuable tool that helps with automation and
infrastructure management. This is accomplished with master/minion
topology where a master acts as a central control bus for the clients
(minions), and the minions connect back to the master. The Salt virt
module provides support for core cloud operations such as VM lifecycle
management, including VM migration, by allowing minions to connect with
libvirt virtualization host.
The Salt virt.migrate interface allows users to migrate a VM from one
host to another. However, the implementation of this function used to be
based on the virsh command-line tool (instead of the libvirt Python API
bindings), which had resulted in an increased code complexity (e.g.,
string concatenation, invoking Popen.subprocess, etc) and had a limited
number of migration options exposed to users.
My project was roughly separated into three phases. The aim of the first
phase was to improve the test coverage of the virt module by increasing
the number of integration tests (i.e., before applying any major code
changes). However, SaltStack is designed to run on different platforms,
and it has been extended over the years to support many applications and
tools. Consequently, the SaltStack test suite has grown in complexity
and number of dependencies as well. As a result, not all of them (e.g.,
libvirt and qemu) are available in the Jenkins CI environment. In
addition, our goal was to only be able to effectively test VM lifecycle
management features (start, destroy, list, etc.) but also to test VM
migration. To achieve this we packaged libvirt, qemu, and all required
SaltStack minion dependencies in a container image that allows us to
spawn multiple virtualization host instances on a single machine (with
low virtualization overhead).
In the second phase of the project, now with a test environment in
place, we were able to refactor the virt.migrate implementation to
utilize the Python bindings of libvirt and add support for additional
migration options (described in the “What's new?” section below).
The third phase was primarily focused on refining the set patches,
resolving merge conflicts with upstream changes or other related PRs.
One of the major challenges was to revisit the set of tests to make them
compatible with pytest as well to collaborate with the SaltStack
community to ensure that all proposed changes will be easy to maintain
in the future.
Contributions
============
Although the development work was done in several iterations, with code
reviews on regular basis, the final result was consolidated in a single
GitHub pull request: https://github.com/saltstack/salt/pull/57947
What’s new?
===========
https://docs.saltstack.com/en/master/ref/modules/all/salt.modules.virt.ht...
The virt.migrate interface of SaltStack has been extended to support
target URI format:
$ salt src virt.migrate guest qemu+ssh://dst/system
$ salt src virt.migrate guest qemu+tcp://dst/system
$ salt src virt.migrate guest qemu+tls://dst/system
with preserved backward compatibility:
$ salt src virt.migrate guest dst
$ salt src virt.migrate guest dst True
Support for the following migration options was introduced:
Disable live migration
$ salt src virt.migrate guest qemu+ssh://dst/system live=False
Leave the migrated VM transient on destination host
$ salt src virt.migrate guest qemu+ssh://dst/system persistent=False
Leave the domain defined on the source host
$ salt src virt.migrate guest qemu+ssh://dst/system undefinesource=False
Offline migration
$ salt src virt.migrate guest qemu+ssh://dst/system offline=False
Set maximum bandwidth (in MiB/s)
$ salt src virt.migrate guest qemu+tls://dst/system max_bandwidth=10
Set maximum tolerable downtime for live-migration (i.e. a number of
milliseconds the VM is allowed to be down at the end of live migration)
$ salt src virt.migrate guest qemu+tls://dst/system max_downtime=100
Set a number of parallel network connections for live migration
$ salt src virt.migrate guest qemu+tls://dst/system parallel_connections=10
Live migration with enabled compression
$ salt src virt.migrate guest qemu+tls://dst/system \
compressed=True \
comp_methods=mt \
comp_mt_level=5 \
comp_mt_threads=4 \
comp_mt_dthreads=4
$ salt src virt.migrate guest qemu+tls://dst/system \
compressed=True \
comp_methods=xbzrle \
comp_xbzrle_cache=1024
Migrate non-shared storage
(Full disk copy)
$ salt src virt.migrate guest qemu+tls://dst/system copy_storage=all
(Incremental copy)
$ salt src virt.migrate guest qemu+tls://dst/system copy_storage=inc
Using post-copy migration
$ salt src virt.migrate guest qemu+tls://dst/system postcopy=True
$ salt src virt.migrate_start_postcopy guest
Using post-copy migration with bandwidth limit (MiB/s)
$ salt src virt.migrate guest qemu+tls://dst/system \
postcopy=True \
postcopy_bandwidth=1
$ salt src virt.migrate_start_postcopy guest
Acknowledgments
===============
I would like to sincerely thank all those who provided me with their
time, assistance, and guidance during the course of this project, for
which I am enormously grateful.
I would like to thank Cedric Bosdonnat (cbosdo), Pedro Algarvio
(s0undt3ch), Wayne Werner (waynew), Charles McMarrow (cmcmarrow) and
Daniel Wozniak (dwoz) who offered a huge amount of support, expertise,
guidance and code reviews.
I would also like to thank Michal Privoznik (mprivozn), Martin
Kletzander (mkletzan) and the rest of the libvirt and SaltStack
communities who have been extremely supportive.
Best wishes,
Radostin
4 years, 8 months
[PATCH] news: mention removal of autogenerated macvtap names from migration XML
by Laine Stump
Signed-off-by: Laine Stump <laine(a)redhat.com>
---
NEWS.rst | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 748ee3b1df..64c2b3f581 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -100,6 +100,14 @@ v6.7.0 (unreleased)
implementation. But the implementation did not handle kernels without
device-mapper support. This is now fixed.
+ * remove autogenerated macvtap names from migration XML
+
+ Autogenerated macvtap device names were being left in the
+ migration XML, which could result in libvirt erroneously deleting
+ the macvtap device of a different guest in the aftermath of
+ failing to restart the guest on the destination host. Removing the
+ autogenerated names avoids this.
+
v6.6.0 (2020-08-02)
===================
--
2.26.2
4 years, 8 months
Entering freeze for libvirt-6.7.0
by Jiri Denemark
I have just tagged v6.7.0-rc1 in the repository and pushed signed
tarballs and source RPMs to https://libvirt.org/sources/
The is the first release using meson and ninja which replaced autotools
and make so please give the release candidate some testing and in case
you find a serious issue which should have a fix in the upcoming
release, feel free to reply to this thread to make sure the issue is
more visible.
If you have not done so yet, please update NEWS.rst to document any
significant change you made since the last release.
Thanks,
Jirka
4 years, 8 months
Please revert f4be03b3 (libvirtaio: Drop object(*args, **kwargs)) for theoretical reasons
by Wojtek Porczyk
Hi Philipp,
(Cc: Daniel, because IIUC you reviewed !16 which got this merged),
I'm sorry I didn't notice this earlier, but the commit f4be03b3 dated
2020-04-20 [0] is wrong. The super().__init__(*args, **kwargs) in
Callback.__init__ was there on purpose, because of how Python's inheritance in
new-style classes works.
Let me explain this a bit, because it is not obvious.
Suppose you had diamond inheritance like this:
class A(object): pass
class B(A): pass
class C(A): pass
class D(B,C): pass
And those classes needed a common function with varying arguments:
class A(object):
def spam(self, a): print(f'A: {a}')
class B(A):
def spam(self, b): print(f'B: {b}')
class C(A):
def spam(self, c): print(f'C: {c}')
class D(B,C):
def spam(self, d): print(f'D: {d}')
The way to call all parent's functions exactly once (as per MRO) and accept
all arguments and also forbid unknown arguments is to accept **kwargs
everywhere and pass them to super().spam():
class A:
def spam(self, a):
print(f'A: {a}')
class B(A):
def spam(self, b, **kwargs):
print(f'B: {b}')
super().spam(**kwargs)
class C(A):
def spam(self, c, **kwargs):
print(f'C: {c}')
super().spam(**kwargs)
class D(B, C):
def spam(self, d, **kwargs):
print(f'D: {d}')
super().spam(**kwargs)
Let's run this:
>>> B().spam(a=1, b=2)
B: 2
A: 1
>>> D().spam(a=1, b=2, c=3, d=4)
D: 4
B: 2
C: 3
A: 1
You may notice that super() in B.spam refers to two different classes, either
A or C, depending on inheritance order in yet undefinded classes (as of B's
definition).
That's why the conclusion that super() in Callback.__init__ refers to object
is wrong. In this example, spam=__init__, A=object, B=Callback and C and D are
not yet written, but theoretically possible classes that could be written by
someone else. Why would they be needed, I don't know, but if someone written
them, s/he would be out of options to invent new arguments to C.__init__.
Note that super().__init__(*args, **kwargs) when super() refers to object
isn't harmful, and just ensures that args and kwargs are empty (i.e. no
unknown arguments were passed). In fact, this is exactly why object.__init__()
takes no arguments since Python 2.6 [1][2], as you correctly point out in the
commit message.
I don't think this breaks anything (I very much doubt anyone would need to
write code that would trigger this), nevertheless, as the commit is both
pointless and wrong, and as the original author of libvirtaio I'd like to ask
for this commit to be reverted. If this breaks some static analysis tool,
could you just suppress it for this particular line?
[0] https://gitlab.com/libvirt/libvirt-python/-/commit/f4be03b330125ab1e5a2bb...
[1] https://bugs.python.org/issue1683368
[2] https://docs.python.org/3/whatsnew/2.6.html#porting-to-python-2-6
(fourth point)
--
pozdrawiam / best regards
Wojtek Porczyk
Invisible Things Lab
I do not fear computers,
I fear lack of them.
-- Isaac Asimov
4 years, 8 months
[PATCH] meson: Only check for openwsman if hyperv is enabled
by Jim Fehlig
Running meson configure with '-Ddriver_hyperv=disabled' fails with
meson.build:1252:0: ERROR: Dependency "openwsman" not found, tried
pkgconfig and cmake
openwsman is only required if the hyperv driver is enabled. Don't
check for it if hyperv is disabled.
Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
---
There are likely other ways to fix the problem, this being a meson
noobish one :-).
meson.build | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/meson.build b/meson.build
index dabd4196e6..e3e768cab6 100644
--- a/meson.build
+++ b/meson.build
@@ -1249,7 +1249,11 @@ if numactl_dep.found()
endif
openwsman_version = '2.2.3'
-openwsman_dep = dependency('openwsman', version: '>=' + openwsman_version, required: get_option('openwsman'))
+if get_option('driver_hyperv').enabled()
+ openwsman_dep = dependency('openwsman', version: '>=' + openwsman_version, required: get_option('openwsman'))
+else
+ openwsman_dep = dependency('', required: false)
+endif
parallels_sdk_version = '7.0.22'
parallels_sdk_dep = dependency('parallels-sdk', version: '>=' + parallels_sdk_version, required: false)
--
2.28.0
4 years, 8 months
[libvirt PATCH] docs: Remove extraneous plus signs from virsh man page
by Martin Kletzander
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
docs/manpages/virsh.rst | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index 0482fe8b26f2..8e2fb7039046 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -3206,10 +3206,10 @@ Providing *--tls* causes the migration to use the host configured TLS setup
(see migrate_tls_x509_cert_dir in /etc/libvirt/qemu.conf) in order to perform
the migration of the domain. Usage requires proper TLS setup for both source
and target. Normally the TLS certificate from the destination host must match
-+the host's name for TLS verification to succeed. When the certificate does not
-+match the destination hostname and the expected certificate's hostname is
-+known, *--tls-destination* can be used to pass the expected *hostname* when
-+starting the migration.
+the host's name for TLS verification to succeed. When the certificate does not
+match the destination hostname and the expected certificate's hostname is
+known, *--tls-destination* can be used to pass the expected *hostname* when
+starting the migration.
*--parallel* option will cause migration data to be sent over multiple
--
2.28.0
4 years, 8 months
[PATCH for 6.7.0] NEWS: Document improvements/bug fixes for upcoming release
by Michal Privoznik
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
NEWS.rst | 34 ++++++++++++++++++++++++++++++++++
1 file changed, 34 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 852746eb2a..4ed4e45590 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -33,6 +33,10 @@ v6.7.0 (unreleased)
* **Improvements**
+ * Libvirt switch to Meson build system
+
+ Libvirt abandoned autotools and switched to Meson build system.
+
* Allow sparse streams for block devices
Sparse streams (e.g. ``virsh vol-download --sparse`` or ``virsh vol-upload
@@ -58,6 +62,36 @@ v6.7.0 (unreleased)
either don't have device mapper enabled or where the dm-mod module is not
loaded yet. This is now fixed.
+ * resctrl: Use exclusive lock for /sys/fs/resctrl
+
+ When two or more domains were attempted to start at once, due to a bug in
+ implementation, resctrl was not locked properly and thus threads did not
+ mutually exclude with each other resulting in not setting requested
+ limitations as requested.
+
+ * mdev: Fix daemon crash when reattaching mdevs on assignment conflict
+
+ If there's a list of mdevs to be assigned to a domain, but one of them (NOT
+ the first) is already assigned to a different domain then libvirtd would
+ crash. This is now fixed.
+
+ * Fix logic in setting COW flag on btrfs
+
+ When COW is not explicitly requested to be disabled or enabled, then
+ libvirt should do nothing on non-BTRFS file systems.
+
+ * Avoid crash due to race in glib event loop code
+
+ Libvirt switched to glib event loop in 6.1.0 but it was also tickling a bug
+ in glib code leading to the daemon crash. Libvirt way of calling glib was
+ changed so the daemon crashes no more.
+
+ * virdevmapper: Handle kernel without device-mapper support
+
+ In the previous release, Libvirt dropped libdevmapper in favor of its own
+ implementation. But the implementation did not handle kernels without
+ device-mapper support. This is now fixed.
+
v6.6.0 (2020-08-02)
===================
--
2.26.2
4 years, 8 months
[PATCH] news: Document the `role` attribute for shmem device
by Wang Xin
Signed-off-by: Wang Xin <wangxinxin.wang(a)huawei.com>
diff --git a/NEWS.rst b/NEWS.rst
index 0669051ee6..be7274a184 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -13,6 +13,12 @@ v6.7.0 (unreleased)
* **New features**
+ * shmem: Add support for shmem-{plain, doorbell} ``role`` option
+
+ The ``role`` attribute controls how the domain behaves on migration. With
+ ``role=master``, the guest will copy the shared memory on migration to
+ the destination host. With ``role=peer``, the migration is disabled.
+
* **Improvements**
* **Bug fixes**
--
2.26.0.windows.1
4 years, 8 months
[PATCH] news: mention bhyve sound support
by Roman Bogorodskiy
Signed-off-by: Roman Bogorodskiy <bogorodskiy(a)gmail.com>
---
NEWS.rst | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 2d30d5a5e8..9ded7731f8 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -25,6 +25,11 @@ v6.7.0 (unreleased)
the ``device_model_args`` setting in xl.cfg(5). The libvirt xen driver now
supports this using ``<xen:commandline/>`` XML extensions.
+ * bhyve: Sound device support
+
+ This feature allows to configure guest sound device using
+ the ``<sound>`` element, and map it to the host sound device using
+ the ``<audio>`` element.
* **Improvements**
--
2.27.0
4 years, 8 months
[libvirt PATCH 0/8] Use https:// more
by Ján Tomko
Ján Tomko (8):
docs: tlscerts: fix link to certtool invocation
tools: wireshark: fix link to wireshark repo
build-aux: vc-list-files: remove non-git support
vbox: do not repeat the innotek namespace url
Prefer https: for Wikipedia links
Prefer https: for Red Hat websites
Prefer https: for libguestfs.org links
Prefer https: everywhere where possible
build-aux/vc-list-files | 24 -------
docs/acl.html.in | 2 +-
docs/aclpolkit.html.in | 2 +-
docs/advanced-tests.rst | 4 +-
docs/api.html.in | 4 +-
docs/apps.html.in | 26 ++++----
docs/best-practices.rst | 2 +-
docs/bindings.html.in | 4 +-
docs/bugs.html.in | 6 +-
docs/coding-style.rst | 2 +-
docs/contact.html.in | 2 +-
docs/contribute.html.in | 4 +-
docs/csharp.html.in | 2 +-
docs/docs.html.in | 4 +-
docs/downloads.html.in | 2 +-
docs/drvbhyve.html.in | 10 +--
docs/drvesx.html.in | 20 +++---
docs/drvlxc.html.in | 2 +-
docs/drvnodedev.html.in | 2 +-
docs/drvopenvz.html.in | 4 +-
docs/drvvbox.html.in | 2 +-
docs/drvvmware.html.in | 8 +--
docs/firewall.html.in | 2 +-
docs/formatdomain.rst | 18 +++---
docs/formatstorage.html.in | 2 +-
docs/index.html.in | 4 +-
docs/internals/rpc.html.in | 2 +-
docs/java.html.in | 2 +-
docs/kbase/secureusage.rst | 2 +-
docs/logging.html.in | 2 +-
docs/logos/README | 2 +-
docs/manpages/virsh.rst | 2 +-
docs/nss.html.in | 2 +-
docs/page.xsl | 4 +-
docs/pci-hotplug.html.in | 2 +-
docs/php.html.in | 2 +-
docs/remote.html.in | 8 +--
docs/securityprocess.html.in | 2 +-
docs/storage.html.in | 2 +-
docs/testsuites.html.in | 4 +-
docs/testtck.html.in | 4 +-
docs/tlscerts.html.in | 6 +-
docs/uri.html.in | 2 +-
docs/virshcmdref.html.in | 2 +-
docs/windows.html.in | 6 +-
meson.build | 2 +-
run.in | 2 +-
src/conf/virchrdev.c | 2 +-
src/esx/README | 18 +++---
src/esx/esx_driver.c | 6 +-
src/hyperv/hyperv_wmi_generator.input | 2 +-
src/internal.h | 2 +-
src/libxl/libxl_conf.c | 2 +-
src/lxc/lxc_container.c | 2 +-
src/qemu/qemu_domain.c | 2 +-
src/remote/remote_driver.c | 2 +-
src/rpc/virnetclient.c | 2 +-
src/rpc/virnetdaemon.c | 2 +-
src/rpc/virnetlibsshsession.c | 2 +-
src/storage/storage_backend_gluster.c | 6 +-
src/storage/storage_util.c | 2 +-
src/util/virarch.h | 72 ++++++++++-----------
src/util/virhashcode.c | 2 +-
src/util/virhashcode.h | 2 +-
src/util/virprocess.c | 2 +-
src/util/virsysinfo.c | 2 +-
src/util/virutil.c | 2 +-
src/vbox/vbox_snapshot_conf.c | 12 ++--
src/vmx/vmx.c | 6 +-
tests/cputestdata/cpu-gather.sh | 2 +-
tools/wireshark/README.rst | 2 +-
tools/wireshark/samples/libvirt-sample.pdml | 2 +-
tools/wireshark/util/genxdrstub.pl | 2 +-
73 files changed, 182 insertions(+), 204 deletions(-)
--
2.26.2
4 years, 8 months
