Some hypervisors require a respawn of the hypervisor to allow reverting
to some snapshot states. This patch adds flag to remove the default
safe approach to not allow this. When this flag is specified the
hypervisor driver should re-emit events to allow management apps to
reconnect.
This flag is meant as a lesser way to enforce the restart of the
hypervisor, that is a fairly common possibility compared to other
meanings that the existing force flag has.
---
New in series.
Please see the next patch on actual use semantics. I was considering how to
split the very powerful meaning of VIR_DOMAIN_SNAPSHOT_REVERT_FORCE to something
less powerful but still useful. (I could add a flag that would allow invalidating of
snapshot/image but that wouldn't be used that much)
---
include/libvirt/libvirt.h.in | 2 ++
src/libvirt.c | 5 +++++
tools/virsh-snapshot.c | 4 ++++
tools/virsh.pod | 6 +++++-
4 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in
index f5bbc89..2656a58 100644
--- a/include/libvirt/libvirt.h.in
+++ b/include/libvirt/libvirt.h.in
@@ -3874,6 +3874,8 @@ typedef enum {
VIR_DOMAIN_SNAPSHOT_REVERT_PAUSED = 1 << 1, /* Pause after revert */
VIR_DOMAIN_SNAPSHOT_REVERT_FORCE = 1 << 2, /* Allow risky reverts */
VIR_DOMAIN_SNAPSHOT_REVERT_STOPPED = 1 << 3, /* Revert into stopped state */
+ VIR_DOMAIN_SNAPSHOT_REVERT_RESPAWN = 1 << 4, /* Allow restarting of the
+ hypervisor */
} virDomainSnapshotRevertFlags;
/* Revert the domain to a point-in-time snapshot. The
diff --git a/src/libvirt.c b/src/libvirt.c
index b6b885c..098fe06 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -18650,6 +18650,11 @@ error:
* possible to revert a transient domain into an inactive state, so transient
* domains require the use of one of these two flags.
*
+ * Some snapshot operations may require a restart of the hypervisor to complete
+ * successfuly. This is normally not allowed. To override this behavior add
+ * VIR_DOMAIN_SNAPSHOT_REVERT_RESPAWN to @flags. The hypervisor driver should
+ * re-emit the appropriate events to allow reconnect of management applications.
+ *
* Reverting to any snapshot discards all configuration changes made since
* the last snapshot. Additionally, reverting to a snapshot from a running
* domain is a form of data loss, since it discards whatever is in the
diff --git a/tools/virsh-snapshot.c b/tools/virsh-snapshot.c
index 952dec5..a67cbd8 100644
--- a/tools/virsh-snapshot.c
+++ b/tools/virsh-snapshot.c
@@ -1519,6 +1519,8 @@ static const vshCmdOptDef opts_snapshot_revert[] = {
{"paused", VSH_OT_BOOL, 0, N_("after reverting, change state to
paused")},
{"stopped", VSH_OT_BOOL, 0, N_("after reverting, change state to
stopped")},
{"force", VSH_OT_BOOL, 0, N_("try harder on risky reverts")},
+ {"allow-respawn", VSH_OT_BOOL, 0,
+ N_("allow respawn of hypervisor on certain operations")},
{NULL, 0, 0, NULL}
};
@@ -1539,6 +1541,8 @@ cmdDomainSnapshotRevert(vshControl *ctl, const vshCmd *cmd)
flags |= VIR_DOMAIN_SNAPSHOT_REVERT_PAUSED;
if (vshCommandOptBool(cmd, "stopped"))
flags |= VIR_DOMAIN_SNAPSHOT_REVERT_STOPPED;
+ if (vshCommandOptBool(cmd, "allow-respawn"))
+ flags |= VIR_DOMAIN_SNAPSHOT_REVERT_RESPAWN;
/* We want virsh snapshot-revert --force to work even when talking
* to older servers that did the unsafe revert by default but
* reject the flag, so we probe without the flag, and only use it
diff --git a/tools/virsh.pod b/tools/virsh.pod
index ce5d010..29e955b 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -2822,7 +2822,7 @@ Output the name of the parent snapshot, if any, for the given
I<snapshot>, or for the current snapshot with I<--current>.
=item B<snapshot-revert> I<domain> {I<snapshot> | I<--current>}
-[{I<--running> | I<--paused> | I<--stopped>}] [I<--force>]
+[{I<--running> | I<--paused> | I<--stopped>}] [I<--force>]
[I<--respawn>]
Revert the given domain to the snapshot specified by I<snapshot>, or to
the current snapshot with I<--current>. Be aware
@@ -2842,6 +2842,10 @@ I<--running> or I<--paused> flags when reverting to a
disk snapshot of a
transient domain. The I<--stopped> flag cannot be used on snapshots
of transient domains.
+Some snapshot revert approaches may require a respawn of the hypervisor
+process. This is not allowed by default. You may specify I<--allow-respawn>
+to override this limit.
+
There are two cases where a snapshot revert involves extra risk, which
requires the use of I<--force> to proceed. One is the case of a
snapshot that lacks full domain information for reverting
--
1.8.0