9:01 a.m.
Blocking writes ensure that the mirroring converges even when the guest
is I/O intensive with a fast local storage and slow mirror.
This patchset does it by introducing flags which use the blocking mode
as it will have performance impact, and for guests which do I/O in
bursts it might be detrimental to their performance.
One could argue that both the copy job and migration have the
expectations of actually using the copy so ensuring that it converges
might be also something we'd want to do by default. This would obviously
greatly simplify this series, but I didn't want to change the default.
Peter Krempa (17):
qemu: monitor: Avoid ternary operators in helpers for
drive/blockdev-mirror
qemuMonitorJSONHandleShutdown: Use virTristateBoolFromBool
qemuMonitorJSONEjectMedia: Use a bool directly for constructing JSON
with 'b' modifier
qemuMonitorJSONMigrate: Extract flags prior to constructing command
qemuMonitorJSONGraphicsRelocate: Clean up command argument
construction
qemu: monitor: Add support for 'write-blocking' copy mode for
blockdev-mirror
include: virDomainBlockCopyFlags: Convert to prefix comments
virDomainBlockCopy: Introduce VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES
flag
qemuDomainBlockCopy: Implement
VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES
include: virDomainMigrateFlags: Remove "block alignment" whitespace
man: virsh: Separate paragrapsh describing distinct flags
VIR_REQUIRE_FLAG_(GOTO|RET): Add parens around arguments in expansion
virDomainMigrate: Introduce VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES
flag
qemu: migration: Implement VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES
docs: Convert 'migration' doc to RST
docs: migration: Add a paragraph about non-shared storage migration
NEWS: Mention synchronous copy job additions
NEWS.rst | 12 +
docs/manpages/virsh.rst | 45 +-
docs/meson.build | 2 +-
docs/migration.html.in | 688 -------------------------------
docs/migration.rst | 490 ++++++++++++++++++++++
include/libvirt/libvirt-domain.h | 63 +--
src/internal.h | 4 +-
src/libvirt-domain.c | 26 ++
src/qemu/qemu_driver.c | 17 +-
src/qemu/qemu_migration.c | 17 +-
src/qemu/qemu_migration.h | 1 +
src/qemu/qemu_monitor.c | 10 +-
src/qemu/qemu_monitor.h | 3 +-
src/qemu/qemu_monitor_json.c | 67 ++-
src/qemu/qemu_monitor_json.h | 3 +-
tests/qemumonitorjsontest.c | 2 +-
tools/virsh-domain.c | 22 +-
17 files changed, 707 insertions(+), 765 deletions(-)
delete mode 100644 docs/migration.html.in
create mode 100644 docs/migration.rst
--
2.31.1
9:01 a.m.
New subject: [PATCH 01/17] qemu: monitor: Avoid ternary operators in helpers for drive/blockdev-mirror
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_monitor_json.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index c10ea583fd..1ecb06895c 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -4262,6 +4262,14 @@ qemuMonitorJSONDriveMirror(qemuMonitor *mon,
{
g_autoptr(virJSONValue) cmd = NULL;
g_autoptr(virJSONValue) reply = NULL;
+ const char *syncmode = "full";
+ const char *mode = "absolute-paths";
+
+ if (shallow)
+ syncmode = "top";
+
+ if (reuse)
+ mode = "existing";
cmd = qemuMonitorJSONMakeCommand("drive-mirror",
"s:device", device,
@@ -4269,8 +4277,8 @@ qemuMonitorJSONDriveMirror(qemuMonitor *mon,
"Y:speed", speed,
"z:granularity", granularity,
"P:buf-size", buf_size,
- "s:sync", shallow ? "top" :
"full",
- "s:mode", reuse ? "existing" :
"absolute-paths",
+ "s:sync", syncmode,
+ "s:mode", mode,
"S:format", format,
NULL);
if (!cmd)
@@ -4298,6 +4306,10 @@ qemuMonitorJSONBlockdevMirror(qemuMonitor *mon,
g_autoptr(virJSONValue) reply = NULL;
virTristateBool autofinalize = VIR_TRISTATE_BOOL_ABSENT;
virTristateBool autodismiss = VIR_TRISTATE_BOOL_ABSENT;
+ const char *syncmode = "full";
+
+ if (shallow)
+ syncmode = "top";
if (persistjob) {
autofinalize = VIR_TRISTATE_BOOL_YES;
@@ -4311,7 +4323,7 @@ qemuMonitorJSONBlockdevMirror(qemuMonitor *mon,
"Y:speed", speed,
"z:granularity", granularity,
"P:buf-size", buf_size,
- "s:sync", shallow ? "top" :
"full",
+ "s:sync", syncmode,
"T:auto-finalize", autofinalize,
"T:auto-dismiss", autodismiss,
NULL);
--
2.31.1
9:01 a.m.
New subject: [PATCH 02/17] qemuMonitorJSONHandleShutdown: Use virTristateBoolFromBool
Instead of a ternary operator we can use the existing helper.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_monitor_json.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 1ecb06895c..4b339db399 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -574,7 +574,7 @@ static void qemuMonitorJSONHandleShutdown(qemuMonitor *mon,
virJSONValue *data)
virTristateBool guest_initiated = VIR_TRISTATE_BOOL_ABSENT;
if (data && virJSONValueObjectGetBoolean(data, "guest", &guest)
== 0)
- guest_initiated = guest ? VIR_TRISTATE_BOOL_YES : VIR_TRISTATE_BOOL_NO;
+ guest_initiated = virTristateBoolFromBool(guest);
qemuMonitorEmitShutdown(mon, guest_initiated);
}
--
2.31.1
9:01 a.m.
New subject: [PATCH 03/17] qemuMonitorJSONEjectMedia: Use a bool directly for constructing JSON with 'b' modifier
It actually already expects a bool.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_monitor_json.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 4b339db399..da14eee964 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -2970,7 +2970,7 @@ int qemuMonitorJSONEjectMedia(qemuMonitor *mon,
{
g_autoptr(virJSONValue) cmd = qemuMonitorJSONMakeCommand("eject",
"s:device",
dev_name,
- "b:force", force ?
1 : 0,
+ "b:force", force,
NULL);
g_autoptr(virJSONValue) reply = NULL;
--
2.31.1
9:01 a.m.
New subject: [PATCH 04/17] qemuMonitorJSONMigrate: Extract flags prior to constructing command
The migration API takes specific flags which are then converted to
boolean parameters for the command. Extract the flag into helper
variables rather than using ternary operatirs while constructing the
command itself.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_monitor_json.c | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index da14eee964..82631e30e0 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -3440,13 +3440,15 @@ int qemuMonitorJSONMigrate(qemuMonitor *mon,
unsigned int flags,
const char *uri)
{
- g_autoptr(virJSONValue) cmd =
- qemuMonitorJSONMakeCommand("migrate",
- "b:detach", flags &
QEMU_MONITOR_MIGRATE_BACKGROUND ? 1 : 0,
- "b:blk", flags &
QEMU_MONITOR_MIGRATE_NON_SHARED_DISK ? 1 : 0,
- "b:inc", flags &
QEMU_MONITOR_MIGRATE_NON_SHARED_INC ? 1 : 0,
- "s:uri", uri,
- NULL);
+ bool detach = !!(flags & QEMU_MONITOR_MIGRATE_BACKGROUND);
+ bool blk = !!(flags & QEMU_MONITOR_MIGRATE_NON_SHARED_DISK);
+ bool inc = !!(flags & QEMU_MONITOR_MIGRATE_NON_SHARED_INC);
+ g_autoptr(virJSONValue) cmd = qemuMonitorJSONMakeCommand("migrate",
+ "b:detach",
detach,
+ "b:blk", blk,
+ "b:inc", inc,
+ "s:uri", uri,
+ NULL);
g_autoptr(virJSONValue) reply = NULL;
if (!cmd)
--
2.31.1
10:06 a.m.
New subject: [PATCH 04/17] qemuMonitorJSONMigrate: Extract flags prior to constructing command
On a Friday in 2021, Peter Krempa wrote:
The migration API takes specific flags which are then converted to
boolean parameters for the command. Extract the flag into helper
variables rather than using ternary operatirs while constructing the
operators
command itself.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_monitor_json.c | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
Jano
9:01 a.m.
New subject: [PATCH 05/17] qemuMonitorJSONGraphicsRelocate: Clean up command argument construction
Move the construction of the command from the variable declaration so
that it doesn't exceed the line length and we can also move the logic of
determining the protocol outside of the command construction.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_monitor_json.c | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 82631e30e0..7cb6795a58 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -3590,17 +3590,20 @@ int qemuMonitorJSONGraphicsRelocate(qemuMonitor *mon,
int tlsPort,
const char *tlsSubject)
{
- g_autoptr(virJSONValue) cmd =
qemuMonitorJSONMakeCommand("client_migrate_info",
- "s:protocol",
- (type ==
VIR_DOMAIN_GRAPHICS_TYPE_SPICE ? "spice" : "vnc"),
- "s:hostname",
hostname,
- "i:port", port,
- "i:tls-port",
tlsPort,
- "S:cert-subject",
tlsSubject,
- NULL);
+ const char *protocol = "vnc";
+ g_autoptr(virJSONValue) cmd = NULL;
g_autoptr(virJSONValue) reply = NULL;
- if (!cmd)
+ if (type == VIR_DOMAIN_GRAPHICS_TYPE_SPICE)
+ protocol = "spice";
+
+ if (!(cmd = qemuMonitorJSONMakeCommand("client_migrate_info",
+ "s:protocol", protocol,
+ "s:hostname", hostname,
+ "i:port", port,
+ "i:tls-port", tlsPort,
+ "S:cert-subject", tlsSubject,
+ NULL)))
return -1;
if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0)
--
2.31.1
9:01 a.m.
New subject: [PATCH 06/17] qemu: monitor: Add support for 'write-blocking' copy mode for blockdev-mirror
Forces the data to be written synchronously to both the original and the
mirrored images which ensures that the job will reach synchronized
phase.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_driver.c | 3 ++-
src/qemu/qemu_migration.c | 3 ++-
src/qemu/qemu_monitor.c | 10 ++++++----
src/qemu/qemu_monitor.h | 3 ++-
src/qemu/qemu_monitor_json.c | 8 +++++++-
src/qemu/qemu_monitor_json.h | 3 ++-
tests/qemumonitorjsontest.c | 2 +-
7 files changed, 22 insertions(+), 10 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 6333d0af36..4cc1d20b89 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -15150,7 +15150,8 @@ qemuDomainBlockCopyCommon(virDomainObj *vm,
ret = qemuMonitorBlockdevMirror(priv->mon, job->name, true,
qemuDomainDiskGetTopNodename(disk),
mirror->nodeformat, bandwidth,
- granularity, buf_size, mirror_shallow);
+ granularity, buf_size, mirror_shallow,
+ false);
} else {
/* qemuMonitorDriveMirror needs to honor the REUSE_EXT flag as specified
* by the user */
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index f2ea73c923..00c33c869e 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -959,7 +959,8 @@ qemuMigrationSrcNBDStorageCopyBlockdev(virQEMUDriver *driver,
if (mon_ret == 0)
mon_ret = qemuMonitorBlockdevMirror(qemuDomainGetMonitor(vm), jobname,
persistjob,
sourcename, copysrc->nodeformat,
- mirror_speed, 0, 0, mirror_shallow);
+ mirror_speed, 0, 0, mirror_shallow,
+ false);
if (mon_ret != 0)
qemuBlockStorageSourceAttachRollback(qemuDomainGetMonitor(vm), data);
diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index 26b59801b8..072739f5da 100644
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -3059,17 +3059,19 @@ qemuMonitorBlockdevMirror(qemuMonitor *mon,
unsigned long long bandwidth,
unsigned int granularity,
unsigned long long buf_size,
- bool shallow)
+ bool shallow,
+ bool syncWrite)
{
VIR_DEBUG("jobname=%s, persistjob=%d, device=%s, target=%s, bandwidth=%lld,
"
- "granularity=%#x, buf_size=%lld, shallow=%d",
+ "granularity=%#x, buf_size=%lld, shallow=%d syncWrite=%d",
NULLSTR(jobname), persistjob, device, target, bandwidth, granularity,
- buf_size, shallow);
+ buf_size, shallow, syncWrite);
QEMU_CHECK_MONITOR(mon);
return qemuMonitorJSONBlockdevMirror(mon, jobname, persistjob, device, target,
- bandwidth, granularity, buf_size, shallow);
+ bandwidth, granularity, buf_size, shallow,
+ syncWrite);
}
diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h
index 99ecebc648..b58c637baf 100644
--- a/src/qemu/qemu_monitor.h
+++ b/src/qemu/qemu_monitor.h
@@ -1079,7 +1079,8 @@ int qemuMonitorBlockdevMirror(qemuMonitor *mon,
unsigned long long bandwidth,
unsigned int granularity,
unsigned long long buf_size,
- bool shallow)
+ bool shallow,
+ bool syncWrite)
ATTRIBUTE_NONNULL(4) ATTRIBUTE_NONNULL(5);
int qemuMonitorDrivePivot(qemuMonitor *mon,
const char *jobname)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 7cb6795a58..64739762b0 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -4305,17 +4305,22 @@ qemuMonitorJSONBlockdevMirror(qemuMonitor *mon,
unsigned long long speed,
unsigned int granularity,
unsigned long long buf_size,
- bool shallow)
+ bool shallow,
+ bool syncWrite)
{
g_autoptr(virJSONValue) cmd = NULL;
g_autoptr(virJSONValue) reply = NULL;
virTristateBool autofinalize = VIR_TRISTATE_BOOL_ABSENT;
virTristateBool autodismiss = VIR_TRISTATE_BOOL_ABSENT;
const char *syncmode = "full";
+ const char *copymode = NULL;
if (shallow)
syncmode = "top";
+ if (syncWrite)
+ copymode = "write-blocking";
+
if (persistjob) {
autofinalize = VIR_TRISTATE_BOOL_YES;
autodismiss = VIR_TRISTATE_BOOL_NO;
@@ -4329,6 +4334,7 @@ qemuMonitorJSONBlockdevMirror(qemuMonitor *mon,
"z:granularity", granularity,
"P:buf-size", buf_size,
"s:sync", syncmode,
+ "S:copy-mode", copymode,
"T:auto-finalize", autofinalize,
"T:auto-dismiss", autodismiss,
NULL);
diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h
index f7fb13f56c..0dec49ec28 100644
--- a/src/qemu/qemu_monitor_json.h
+++ b/src/qemu/qemu_monitor_json.h
@@ -266,7 +266,8 @@ int qemuMonitorJSONBlockdevMirror(qemuMonitor *mon,
unsigned long long speed,
unsigned int granularity,
unsigned long long buf_size,
- bool shallow)
+ bool shallow,
+ bool syncWrite)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4) ATTRIBUTE_NONNULL(5);
int qemuMonitorJSONDrivePivot(qemuMonitor *mon,
const char *jobname)
diff --git a/tests/qemumonitorjsontest.c b/tests/qemumonitorjsontest.c
index 4c882fa5d3..1ad2912b08 100644
--- a/tests/qemumonitorjsontest.c
+++ b/tests/qemumonitorjsontest.c
@@ -1175,7 +1175,7 @@ GEN_TEST_FUNC(qemuMonitorJSONGraphicsRelocate,
VIR_DOMAIN_GRAPHICS_TYPE_SPICE,
GEN_TEST_FUNC(qemuMonitorJSONRemoveNetdev, "net0")
GEN_TEST_FUNC(qemuMonitorJSONDelDevice, "ide0")
GEN_TEST_FUNC(qemuMonitorJSONDriveMirror, "vdb", "/foo/bar",
"formatstr", 1024, 1234, 31234, true, true)
-GEN_TEST_FUNC(qemuMonitorJSONBlockdevMirror, "jobname", true, "vdb",
"targetnode", 1024, 1234, 31234, true)
+GEN_TEST_FUNC(qemuMonitorJSONBlockdevMirror, "jobname", true, "vdb",
"targetnode", 1024, 1234, 31234, true, true)
GEN_TEST_FUNC(qemuMonitorJSONBlockStream, "vdb", "jobname", true,
"/foo/bar1", "backingnode", "backingfilename", 1024)
GEN_TEST_FUNC(qemuMonitorJSONBlockCommit, "vdb", "jobname", true,
"/foo/bar1", "topnode", "/foo/bar2", "basenode",
"backingfilename", 1024)
GEN_TEST_FUNC(qemuMonitorJSONDrivePivot, "vdb")
--
2.31.1
9:01 a.m.
New subject: [PATCH 07/17] include: virDomainBlockCopyFlags: Convert to prefix comments
Switch to the comment style allowing more text.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
include/libvirt/libvirt-domain.h | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-domain.h
index 2f017c5b68..dddcae86a4 100644
--- a/include/libvirt/libvirt-domain.h
+++ b/include/libvirt/libvirt-domain.h
@@ -2590,13 +2590,14 @@ int virDomainBlockRebase(virDomainPtr dom, const char *disk,
* Flags available for virDomainBlockCopy().
*/
typedef enum {
- VIR_DOMAIN_BLOCK_COPY_SHALLOW = 1 << 0, /* Limit copy to top of source
- backing chain */
- VIR_DOMAIN_BLOCK_COPY_REUSE_EXT = 1 << 1, /* Reuse existing external
- file for a copy */
- VIR_DOMAIN_BLOCK_COPY_TRANSIENT_JOB = 1 << 2, /* Don't force usage of
- recoverable job for the
- copy operation */
+ /* Limit copy to top of source backing chain */
+ VIR_DOMAIN_BLOCK_COPY_SHALLOW = 1 << 0,
+
+ /* Reuse existing external file for a copy */
+ VIR_DOMAIN_BLOCK_COPY_REUSE_EXT = 1 << 1,
+
+ /* Don't force usage of recoverable job for the copy operation */
+ VIR_DOMAIN_BLOCK_COPY_TRANSIENT_JOB = 1 << 2,
} virDomainBlockCopyFlags;
/**
--
2.31.1
9:01 a.m.
New subject: [PATCH 08/17] virDomainBlockCopy: Introduce VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES flag
In cases when the destination storage is slower than the normal VM
storage and the VM does intensive I/O to the disk a block copy job may
never converge.
Switching it to synchronous mode will ensure that all writes done by the
guest are propagated to the destination at the cost of slowing down I/O
of the guest to the synchronous speed.
This patch adds the new API flag and implements virsh support.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
docs/manpages/virsh.rst | 7 ++++++-
include/libvirt/libvirt-domain.h | 4 ++++
src/libvirt-domain.c | 6 ++++++
tools/virsh-domain.c | 9 ++++++++-
4 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index 39636a565e..9728f36a78 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -1218,7 +1218,7 @@ blockcopy
[--shallow] [--reuse-external] [bandwidth]
[--wait [--async] [--verbose]] [{--pivot | --finish}]
[--timeout seconds] [granularity] [buf-size] [--bytes]
- [--transient-job]
+ [--transient-job] [--synchronous-writes]
Copy a disk backing image chain to a destination. Either *dest* as
the destination file name, or *--xml* with the name of an XML file containing
@@ -1278,6 +1278,11 @@ be recovered if the VM crashes or is turned off before the job
completes. This
flag removes the restriction of copy jobs to transient domains if that
restriction is applied by the hypervisor.
+If *--synchronous-writes* is specified the block job will wait for guest writes
+to be propagated both to the original image and to the destination of the copy
+so that it's guaranteed that the job converges if the destination storage is
+slower. This may impact performance of writes while the blockjob is running.
+
blockjob
--------
diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-domain.h
index dddcae86a4..3a76aec90f 100644
--- a/include/libvirt/libvirt-domain.h
+++ b/include/libvirt/libvirt-domain.h
@@ -2598,6 +2598,10 @@ typedef enum {
/* Don't force usage of recoverable job for the copy operation */
VIR_DOMAIN_BLOCK_COPY_TRANSIENT_JOB = 1 << 2,
+
+ /* Force the copy job to synchronously propagate guest writes into
+ * the destination image, so that the copy is guaranteed to converge */
+ VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES = 1 << 3,
} virDomainBlockCopyFlags;
/**
diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
index ce7cafde36..8ee2490867 100644
--- a/src/libvirt-domain.c
+++ b/src/libvirt-domain.c
@@ -10509,6 +10509,12 @@ virDomainBlockRebase(virDomainPtr dom, const char *disk,
* remove the restriction of copy jobs to transient domains. Note that this flag
* is automatically implied if the VM is transient at the time it's started.
*
+ * If @flags contains VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES the job will wait
+ * for guest writes to be propagated both to the original image and to the
+ * destination of the copy so that it's guaranteed that the job converges if
+ * the destination storage is slower. This may impact performance of writes
+ * while the blockjob is running.
+ *
* The @disk parameter is either an unambiguous source name of the
* block device (the <source file='...'/> sub-element, such as
* "/path/to/image"), or the device target shorthand (the
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index e179e24ca9..a00b4cc243 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -2284,6 +2284,10 @@ static const vshCmdOptDef opts_blockcopy[] = {
.type = VSH_OT_BOOL,
.help = N_("the copy job is not persisted if VM is turned off")
},
+ {.name = "synchronous-writes",
+ .type = VSH_OT_BOOL,
+ .help = N_("the copy job forces guest writes to be synchronously written to the
destination")
+ },
{.name = NULL}
};
@@ -2306,6 +2310,7 @@ cmdBlockcopy(vshControl *ctl, const vshCmd *cmd)
bool async = vshCommandOptBool(cmd, "async");
bool bytes = vshCommandOptBool(cmd, "bytes");
bool transientjob = vshCommandOptBool(cmd, "transient-job");
+ bool syncWrites = vshCommandOptBool(cmd, "synchronous-writes");
int timeout = 0;
const char *path = NULL;
int abort_flags = 0;
@@ -2337,6 +2342,8 @@ cmdBlockcopy(vshControl *ctl, const vshCmd *cmd)
flags |= VIR_DOMAIN_BLOCK_REBASE_REUSE_EXT;
if (transientjob)
flags |= VIR_DOMAIN_BLOCK_COPY_TRANSIENT_JOB;
+ if (syncWrites)
+ flags |= VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES;
if (vshCommandOptTimeoutToMs(ctl, cmd, &timeout) < 0)
return false;
@@ -2386,7 +2393,7 @@ cmdBlockcopy(vshControl *ctl, const vshCmd *cmd)
}
if (granularity || buf_size || (format && STRNEQ(format, "raw")) ||
xml ||
- transientjob) {
+ transientjob || syncWrites) {
/* New API */
if (bandwidth || granularity || buf_size) {
params = g_new0(virTypedParameter, 3);
--
2.31.1
9:01 a.m.
New subject: [PATCH 09/17] qemuDomainBlockCopy: Implement VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES
Wire up the flag to enable the 'write-blocking' 'copy-mode' of
'blockdev-mirror'.
It's not supported by all qemu versions but it is with those which we
use -blockdev with so we can use that instead of adding another custom
capability as we use blockdev for some time now.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_driver.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 4cc1d20b89..a9fb840628 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -14902,12 +14902,14 @@ qemuDomainBlockCopyCommon(virDomainObj *vm,
virStorageSource *n;
virStorageSource *mirrorBacking = NULL;
g_autoptr(GHashTable) blockNamedNodeData = NULL;
+ bool syncWrites = !!(flags & VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES);
int rc = 0;
/* Preliminaries: find the disk we are editing, sanity checks */
virCheckFlags(VIR_DOMAIN_BLOCK_COPY_SHALLOW |
VIR_DOMAIN_BLOCK_COPY_REUSE_EXT |
- VIR_DOMAIN_BLOCK_COPY_TRANSIENT_JOB, -1);
+ VIR_DOMAIN_BLOCK_COPY_TRANSIENT_JOB |
+ VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES, -1);
if (virStorageSourceIsRelative(mirror)) {
virReportError(VIR_ERR_INVALID_ARG, "%s",
@@ -14945,6 +14947,12 @@ qemuDomainBlockCopyCommon(virDomainObj *vm,
virDomainDiskDefSourceLUNValidate(mirror) < 0)
goto endjob;
+ if (syncWrites && !blockdev) {
+ virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+ _("VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES is not supported
by this VM"));
+ goto endjob;
+ }
+
if (!(flags & VIR_DOMAIN_BLOCK_COPY_TRANSIENT_JOB) &&
vm->persistent) {
/* XXX if qemu ever lets us start a new domain with mirroring
@@ -15151,7 +15159,7 @@ qemuDomainBlockCopyCommon(virDomainObj *vm,
qemuDomainDiskGetTopNodename(disk),
mirror->nodeformat, bandwidth,
granularity, buf_size, mirror_shallow,
- false);
+ syncWrites);
} else {
/* qemuMonitorDriveMirror needs to honor the REUSE_EXT flag as specified
* by the user */
@@ -15286,7 +15294,9 @@ qemuDomainBlockCopy(virDomainPtr dom, const char *disk, const char
*destxml,
virCheckFlags(VIR_DOMAIN_BLOCK_COPY_SHALLOW |
VIR_DOMAIN_BLOCK_COPY_REUSE_EXT |
- VIR_DOMAIN_BLOCK_COPY_TRANSIENT_JOB, -1);
+ VIR_DOMAIN_BLOCK_COPY_TRANSIENT_JOB |
+ VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES, -1);
+
if (virTypedParamsValidate(params, nparams,
VIR_DOMAIN_BLOCK_COPY_BANDWIDTH,
VIR_TYPED_PARAM_ULLONG,
--
2.31.1
9:01 a.m.
New subject: [PATCH 10/17] include: virDomainMigrateFlags: Remove "block alignment" whitespace
Using whitespace to align the '=' and values doesn't make sense for the
virDomainMigrateFlags enum as the visual block is interrupted by
comments.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
include/libvirt/libvirt-domain.h | 34 ++++++++++++++++----------------
1 file changed, 17 insertions(+), 17 deletions(-)
diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-domain.h
index 3a76aec90f..f81e96d374 100644
--- a/include/libvirt/libvirt-domain.h
+++ b/include/libvirt/libvirt-domain.h
@@ -710,7 +710,7 @@ typedef enum {
* faster then it can be transferred. The domain can be manually paused
* anytime during migration using virDomainSuspend.
*/
- VIR_MIGRATE_LIVE = (1 << 0),
+ VIR_MIGRATE_LIVE = (1 << 0),
/* Tell the source libvirtd to connect directly to the destination host.
* Without this flag the client (e.g., virsh) connects to both hosts and
@@ -718,7 +718,7 @@ typedef enum {
* libvirtd controls the migration by calling the destination daemon
* directly.
*/
- VIR_MIGRATE_PEER2PEER = (1 << 1),
+ VIR_MIGRATE_PEER2PEER = (1 << 1),
/* Tunnel migration data over libvirtd connection. Without this flag the
* source hypervisor sends migration data directly to the destination
@@ -728,25 +728,25 @@ typedef enum {
* Note the less-common spelling that we're stuck with:
* VIR_MIGRATE_TUNNELLED should be VIR_MIGRATE_TUNNELED.
*/
- VIR_MIGRATE_TUNNELLED = (1 << 2),
+ VIR_MIGRATE_TUNNELLED = (1 << 2),
/* Define the domain as persistent on the destination host after successful
* migration. If the domain was persistent on the source host and
* VIR_MIGRATE_UNDEFINE_SOURCE is not used, it will end up persistent on
* both hosts.
*/
- VIR_MIGRATE_PERSIST_DEST = (1 << 3),
+ VIR_MIGRATE_PERSIST_DEST = (1 << 3),
/* Undefine the domain on the source host once migration successfully
* finishes.
*/
- VIR_MIGRATE_UNDEFINE_SOURCE = (1 << 4),
+ VIR_MIGRATE_UNDEFINE_SOURCE = (1 << 4),
/* Leave the domain suspended on the destination host. virDomainResume (on
* the virDomainPtr returned by the migration API) has to be called
* explicitly to resume domain's virtual CPUs.
*/
- VIR_MIGRATE_PAUSED = (1 << 5),
+ VIR_MIGRATE_PAUSED = (1 << 5),
/* Migrate full disk images in addition to domain's memory. By default
* only non-shared non-readonly disk images are transferred. The
@@ -755,7 +755,7 @@ typedef enum {
*
* This flag and VIR_MIGRATE_NON_SHARED_INC are mutually exclusive.
*/
- VIR_MIGRATE_NON_SHARED_DISK = (1 << 6),
+ VIR_MIGRATE_NON_SHARED_DISK = (1 << 6),
/* Migrate disk images in addition to domain's memory. This is similar to
* VIR_MIGRATE_NON_SHARED_DISK, but only the top level of each disk's
@@ -765,7 +765,7 @@ typedef enum {
*
* This flag and VIR_MIGRATE_NON_SHARED_DISK are mutually exclusive.
*/
- VIR_MIGRATE_NON_SHARED_INC = (1 << 7),
+ VIR_MIGRATE_NON_SHARED_INC = (1 << 7),
/* Protect against domain configuration changes during the migration
* process. This flag is used automatically when both sides support it.
@@ -782,7 +782,7 @@ typedef enum {
* is unsafe unless the disk images are stored on coherent clustered
* filesystem, such as GFS2 or GPFS.
*/
- VIR_MIGRATE_UNSAFE = (1 << 9),
+ VIR_MIGRATE_UNSAFE = (1 << 9),
/* Migrate a domain definition without starting the domain on the
* destination and without stopping it on the source host. Offline
@@ -791,19 +791,19 @@ typedef enum {
* Offline migration may not copy disk storage or any other file based
* storage (such as UEFI variables).
*/
- VIR_MIGRATE_OFFLINE = (1 << 10),
+ VIR_MIGRATE_OFFLINE = (1 << 10),
/* Compress migration data. The compression methods can be specified using
* VIR_MIGRATE_PARAM_COMPRESSION. A hypervisor default method will be used
* if this parameter is omitted. Individual compression methods can be
* tuned via their specific VIR_MIGRATE_PARAM_COMPRESSION_* parameters.
*/
- VIR_MIGRATE_COMPRESSED = (1 << 11),
+ VIR_MIGRATE_COMPRESSED = (1 << 11),
/* Cancel migration if a soft error (such as I/O error) happens during
* migration.
*/
- VIR_MIGRATE_ABORT_ON_ERROR = (1 << 12),
+ VIR_MIGRATE_ABORT_ON_ERROR = (1 << 12),
/* Enable algorithms that ensure a live migration will eventually converge.
* This usually means the domain will be slowed down to make sure it does
@@ -811,7 +811,7 @@ typedef enum {
* memory to the destination host. VIR_MIGRATE_PARAM_AUTO_CONVERGE_*
* parameters can be used to tune the algorithm.
*/
- VIR_MIGRATE_AUTO_CONVERGE = (1 << 13),
+ VIR_MIGRATE_AUTO_CONVERGE = (1 << 13),
/* This flag can be used with RDMA migration (i.e., when
* VIR_MIGRATE_PARAM_URI starts with "rdma://") to tell the hypervisor
@@ -828,27 +828,27 @@ typedef enum {
* domain and the host itself since the host's kernel may run out of
* memory.
*/
- VIR_MIGRATE_RDMA_PIN_ALL = (1 << 14),
+ VIR_MIGRATE_RDMA_PIN_ALL = (1 << 14),
/* Setting the VIR_MIGRATE_POSTCOPY flag tells libvirt to enable post-copy
* migration. However, the migration will start normally and
* virDomainMigrateStartPostCopy needs to be called to switch it into the
* post-copy mode. See virDomainMigrateStartPostCopy for more details.
*/
- VIR_MIGRATE_POSTCOPY = (1 << 15),
+ VIR_MIGRATE_POSTCOPY = (1 << 15),
/* Setting the VIR_MIGRATE_TLS flag will cause the migration to attempt
* to use the TLS environment configured by the hypervisor in order to
* perform the migration. If incorrectly configured on either source or
* destination, the migration will fail.
*/
- VIR_MIGRATE_TLS = (1 << 16),
+ VIR_MIGRATE_TLS = (1 << 16),
/* Send memory pages to the destination host through several network
* connections. See VIR_MIGRATE_PARAM_PARALLEL_* parameters for
* configuring the parallel migration.
*/
- VIR_MIGRATE_PARALLEL = (1 << 17),
+ VIR_MIGRATE_PARALLEL = (1 << 17),
} virDomainMigrateFlags;
--
2.31.1
9:01 a.m.
New subject: [PATCH 11/17] man: virsh: Separate paragrapsh describing distinct flags
Separate the paragragraphs where the topic changes to simplify further
additions.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
docs/manpages/virsh.rst | 32 ++++++++++++++++++++------------
1 file changed, 20 insertions(+), 12 deletions(-)
diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index 9728f36a78..7c50388216 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -3187,9 +3187,12 @@ for peer-2-peer migration; *--direct* for direct migration; or
*--tunnelled*
for tunnelled migration. *--offline* migrates domain definition without
starting the domain on destination and without stopping it on source host.
Offline migration may be used with inactive domains and it must be used with
-*--persistent* option. *--persistent* leaves the domain persistent on
-destination host, *--undefinesource* undefines the domain on the source host,
-and *--suspend* leaves the domain paused on the destination host.
+*--persistent* option.
+
+*--persistent* leaves the domain persistent on destination host,
+*--undefinesource* undefines the domain on the source host, and *--suspend*
+leaves the domain paused on the destination host.
+
*--copy-storage-all* indicates migration with non-shared storage with full
disk copy, *--copy-storage-inc* indicates migration with non-shared storage
with incremental copy (same base image shared between source and destination).
@@ -3198,15 +3201,20 @@ In both cases the disk images have to exist on destination host,
the
images on source host to the images found at the same place on the destination
host. By default only non-shared non-readonly images are transferred. Use
*--migrate-disks* to explicitly specify a list of disk targets to
-transfer via the comma separated ``disk-list`` argument. *--change-protection*
-enforces that no incompatible configuration changes will be made to the domain
-while the migration is underway; this flag is implicitly enabled when supported
-by the hypervisor, but can be explicitly used to reject the migration if the
-hypervisor lacks change protection support. *--verbose* displays the progress
-of migration. *--abort-on-error* cancels
-the migration if a soft error (for example I/O error) happens during the
-migration. *--postcopy* enables post-copy logic in migration, but does not
-actually start post-copy, i.e., migration is started in pre-copy mode.
+transfer via the comma separated ``disk-list`` argument.
+
+*--change-protection* enforces that no incompatible configuration changes will
+be made to the domain while the migration is underway; this flag is implicitly
+enabled when supported by the hypervisor, but can be explicitly used to reject
+the migration if the hypervisor lacks change protection support.
+
+*--verbose* displays the progress of migration.
+
+*--abort-on-error* cancels the migration if a soft error (for example I/O error)
+happens during the migration.
+
+*--postcopy* enables post-copy logic in migration, but does not actually start
+post-copy, i.e., migration is started in pre-copy mode.
Once migration is running, the user may switch to post-copy using the
``migrate-postcopy`` command sent from another virsh instance or use
*--postcopy-after-precopy* along with *--postcopy* to let libvirt
--
2.31.1
10:14 a.m.
New subject: [PATCH 11/17] man: virsh: Separate paragrapsh describing distinct flags
*paragraphs
On a Friday in 2021, Peter Krempa wrote:
Separate the paragragraphs where the topic changes to simplify further
*paragraphs
additions.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
docs/manpages/virsh.rst | 32 ++++++++++++++++++++------------
1 file changed, 20 insertions(+), 12 deletions(-)
Jano
9:01 a.m.
New subject: [PATCH 12/17] VIR_REQUIRE_FLAG_(GOTO|RET): Add parens around arguments in expansion
Make the macro useful also for cases when one of multiple flags is
required.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/internal.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/internal.h b/src/internal.h
index 2e404cd705..b6e4332542 100644
--- a/src/internal.h
+++ b/src/internal.h
@@ -374,7 +374,7 @@
*/
#define VIR_REQUIRE_FLAG_RET(FLAG1, FLAG2, RET) \
do { \
- if ((flags & FLAG1) && !(flags & FLAG2)) { \
+ if ((flags & (FLAG1)) && !(flags & (FLAG2))) { \
virReportInvalidArg(ctl, \
_("Flag '%s' is required by flag
'%s'"), \
#FLAG2, #FLAG1); \
@@ -396,7 +396,7 @@
*/
#define VIR_REQUIRE_FLAG_GOTO(FLAG1, FLAG2, LABEL) \
do { \
- if ((flags & FLAG1) && !(flags & FLAG2)) { \
+ if ((flags & (FLAG1)) && !(flags & (FLAG2))) { \
virReportInvalidArg(ctl, \
_("Flag '%s' is required by flag
'%s'"), \
#FLAG2, #FLAG1); \
--
2.31.1
9:01 a.m.
New subject: [PATCH 13/17] virDomainMigrate: Introduce VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES flag
Non-shared storage migration of guests which are disk I/O intensive and
have fast local storage may actually never converge if the guest happens
to dirty the disk faster than it can be copied.
This patch introduces a new flag
'VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES' which will instruct
hypervisors to synchronize local I/O writes with the writes to remote
storage used for migration so that the guest can't overwhelm the
migration. This comes at a cost of decreased local I/O performance for
guests which behave well on average.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
docs/manpages/virsh.rst | 6 +++++-
include/libvirt/libvirt-domain.h | 10 ++++++++++
src/libvirt-domain.c | 20 ++++++++++++++++++++
tools/virsh-domain.c | 13 +++++++++++++
4 files changed, 48 insertions(+), 1 deletion(-)
diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index 7c50388216..1ce3e77c9f 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -3180,7 +3180,7 @@ migrate
[--postcopy-bandwidth bandwidth]
[--parallel [--parallel-connections connections]]
[--bandwidth bandwidth] [--tls-destination hostname]
- [--disks-uri URI]
+ [--disks-uri URI] [--copy-storage-synchronous-writes]
Migrate domain to another host. Add *--live* for live migration; <--p2p>
for peer-2-peer migration; *--direct* for direct migration; or *--tunnelled*
@@ -3202,6 +3202,10 @@ images on source host to the images found at the same place on the
destination
host. By default only non-shared non-readonly images are transferred. Use
*--migrate-disks* to explicitly specify a list of disk targets to
transfer via the comma separated ``disk-list`` argument.
+With *--copy-storage-synchronous-writes* flag used the disk data migration will
+synchronous handle guest disk writes to both the original soure and the
+destination to ensure that the disk migration coverges at the price of possibly
+decreased burst performance.
*--change-protection* enforces that no incompatible configuration changes will
be made to the domain while the migration is underway; this flag is implicitly
diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-domain.h
index f81e96d374..d0dd11ab01 100644
--- a/include/libvirt/libvirt-domain.h
+++ b/include/libvirt/libvirt-domain.h
@@ -850,6 +850,16 @@ typedef enum {
*/
VIR_MIGRATE_PARALLEL = (1 << 17),
+ /* Force the guest writes which happen when copying disk images for
+ * non-shared storage migration to be synchronously written to the
+ * destination. This ensures the storage migration converges for VMs
+ * doing heavy I/O on fast local storage and slow mirror.
+ *
+ * Requires one of VIR_MIGRATE_NON_SHARED_DISK, VIR_MIGRATE_NON_SHARED_INC
+ * to be present as well.
+ */
+ VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES = (1 << 18),
+
} virDomainMigrateFlags;
diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
index 8ee2490867..5708ff839b 100644
--- a/src/libvirt-domain.c
+++ b/src/libvirt-domain.c
@@ -3567,6 +3567,10 @@ virDomainMigrate(virDomainPtr domain,
VIR_MIGRATE_PARALLEL,
error);
+ VIR_REQUIRE_FLAG_GOTO(VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES,
+ VIR_MIGRATE_NON_SHARED_DISK | VIR_MIGRATE_NON_SHARED_INC,
+ error);
+
if (flags & VIR_MIGRATE_OFFLINE) {
rc = VIR_DRV_SUPPORTS_FEATURE(domain->conn->driver, domain->conn,
VIR_DRV_FEATURE_MIGRATION_OFFLINE);
@@ -3760,6 +3764,10 @@ virDomainMigrate2(virDomainPtr domain,
VIR_MIGRATE_PARALLEL,
error);
+ VIR_REQUIRE_FLAG_GOTO(VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES,
+ VIR_MIGRATE_NON_SHARED_DISK | VIR_MIGRATE_NON_SHARED_INC,
+ error);
+
if (flags & VIR_MIGRATE_OFFLINE) {
rc = VIR_DRV_SUPPORTS_FEATURE(domain->conn->driver, domain->conn,
VIR_DRV_FEATURE_MIGRATION_OFFLINE);
@@ -3966,6 +3974,14 @@ virDomainMigrate3(virDomainPtr domain,
VIR_MIGRATE_NON_SHARED_INC,
error);
+ VIR_REQUIRE_FLAG_GOTO(VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES,
+ VIR_MIGRATE_NON_SHARED_DISK | VIR_MIGRATE_NON_SHARED_INC,
+ error);
+
+ VIR_REQUIRE_FLAG_GOTO(VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES,
+ VIR_MIGRATE_NON_SHARED_DISK | VIR_MIGRATE_NON_SHARED_INC,
+ error);
+
if (flags & VIR_MIGRATE_PEER2PEER) {
virReportInvalidArg(flags, "%s",
_("use virDomainMigrateToURI3 for peer-to-peer "
@@ -4137,6 +4153,10 @@ int virDomainMigrateUnmanagedCheckCompat(virDomainPtr domain,
VIR_MIGRATE_NON_SHARED_INC,
-1);
+ VIR_REQUIRE_FLAG_RET(VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES,
+ VIR_MIGRATE_NON_SHARED_DISK | VIR_MIGRATE_NON_SHARED_INC,
+ -1);
+
if (flags & VIR_MIGRATE_OFFLINE) {
rc = VIR_DRV_SUPPORTS_FEATURE(domain->conn->driver, domain->conn,
VIR_DRV_FEATURE_MIGRATION_OFFLINE);
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index a00b4cc243..8379f9f135 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -10543,6 +10543,10 @@ static const vshCmdOptDef opts_migrate[] = {
.type = VSH_OT_BOOL,
.help = N_("migration with non-shared storage with incremental copy (same base
image shared between source and destination)")
},
+ {.name = "copy-storage-synchronous-writes",
+ .type = VSH_OT_BOOL,
+ .help = N_("force guest disk writes to be synchronously written to the
destination to improve storage migration convergence")
+ },
{.name = "change-protection",
.type = VSH_OT_BOOL,
.help = N_("prevent any configuration changes to domain until migration
ends")
@@ -10949,6 +10953,15 @@ doMigrate(void *opaque)
if (vshCommandOptBool(cmd, "copy-storage-inc"))
flags |= VIR_MIGRATE_NON_SHARED_INC;
+ if (vshCommandOptBool(cmd, "copy-storage-synchronous-writes")) {
+ if (!(flags & VIR_MIGRATE_NON_SHARED_DISK) &&
+ !(flags & VIR_MIGRATE_NON_SHARED_INC)) {
+ vshError(ctl, "'--copy-storage-synchronous-writes' requires one
of '--copy-storage-all', 'copy-storage-inc'");
+ goto out;
+ }
+ flags |= VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES;
+ }
+
if (vshCommandOptBool(cmd, "change-protection"))
flags |= VIR_MIGRATE_CHANGE_PROTECTION;
--
2.31.1
10:17 a.m.
New subject: [PATCH 13/17] virDomainMigrate: Introduce VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES flag
On a Friday in 2021, Peter Krempa wrote:
Non-shared storage migration of guests which are disk I/O intensive
and
have fast local storage may actually never converge if the guest happens
to dirty the disk faster than it can be copied.
This patch introduces a new flag
'VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES' which will instruct
hypervisors to synchronize local I/O writes with the writes to remote
storage used for migration so that the guest can't overwhelm the
migration. This comes at a cost of decreased local I/O performance for
guests which behave well on average.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
docs/manpages/virsh.rst | 6 +++++-
include/libvirt/libvirt-domain.h | 10 ++++++++++
src/libvirt-domain.c | 20 ++++++++++++++++++++
tools/virsh-domain.c | 13 +++++++++++++
4 files changed, 48 insertions(+), 1 deletion(-)
diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index 7c50388216..1ce3e77c9f 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -3180,7 +3180,7 @@ migrate
[--postcopy-bandwidth bandwidth]
[--parallel [--parallel-connections connections]]
[--bandwidth bandwidth] [--tls-destination hostname]
- [--disks-uri URI]
+ [--disks-uri URI] [--copy-storage-synchronous-writes]
Migrate domain to another host. Add *--live* for live migration; <--p2p>
for peer-2-peer migration; *--direct* for direct migration; or *--tunnelled*
@@ -3202,6 +3202,10 @@ images on source host to the images found at the same place on the
destination
host. By default only non-shared non-readonly images are transferred. Use
*--migrate-disks* to explicitly specify a list of disk targets to
transfer via the comma separated ``disk-list`` argument.
+With *--copy-storage-synchronous-writes* flag used the disk data migration will
+synchronous handle guest disk writes to both the original soure and the
synchronously
+destination to ensure that the disk migration coverges at the price
of possibly
converges
+decreased burst performance.
*--change-protection* enforces that no incompatible configuration changes will
be made to the domain while the migration is underway; this flag is implicitly
Jano
9:01 a.m.
New subject: [PATCH 14/17] qemu: migration: Implement VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES
Use it to enable the 'write-blocking' mode of 'blockdev-mirror'.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_migration.c | 16 +++++++++++++---
src/qemu/qemu_migration.h | 1 +
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 00c33c869e..e32c5865f9 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -931,7 +931,8 @@ qemuMigrationSrcNBDStorageCopyBlockdev(virQEMUDriver *driver,
const char *socket,
unsigned long long mirror_speed,
unsigned int mirror_shallow,
- const char *tlsAlias)
+ const char *tlsAlias,
+ bool syncWrites)
{
g_autoptr(qemuBlockStorageSourceAttachData) data = NULL;
qemuDomainDiskPrivate *diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
@@ -960,7 +961,7 @@ qemuMigrationSrcNBDStorageCopyBlockdev(virQEMUDriver *driver,
mon_ret = qemuMonitorBlockdevMirror(qemuDomainGetMonitor(vm), jobname,
persistjob,
sourcename, copysrc->nodeformat,
mirror_speed, 0, 0, mirror_shallow,
- false);
+ syncWrites);
if (mon_ret != 0)
qemuBlockStorageSourceAttachRollback(qemuDomainGetMonitor(vm), data);
@@ -1034,6 +1035,7 @@ qemuMigrationSrcNBDStorageCopyOne(virQEMUDriver *driver,
const char *jobname = NULL;
const char *sourcename = NULL;
bool persistjob = false;
+ bool syncWrites = !!(flags & VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES);
int rc;
int ret = -1;
@@ -1063,7 +1065,8 @@ qemuMigrationSrcNBDStorageCopyOne(virQEMUDriver *driver,
host, port, socket,
mirror_speed,
mirror_shallow,
- tlsAlias);
+ tlsAlias,
+ syncWrites);
} else {
rc = qemuMigrationSrcNBDStorageCopyDriveMirror(driver, vm, diskAlias,
host, port, socket,
@@ -2364,6 +2367,13 @@ qemuMigrationSrcBeginPhase(virQEMUDriver *driver,
}
if (flags & (VIR_MIGRATE_NON_SHARED_DISK | VIR_MIGRATE_NON_SHARED_INC)) {
+ if (flags & VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES &&
+ !virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV)) {
+ virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+ _("VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES is not
supported by this QEMU"));
+ return NULL;
+ }
+
if (flags & VIR_MIGRATE_TUNNELLED) {
if (virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV)) {
virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
diff --git a/src/qemu/qemu_migration.h b/src/qemu/qemu_migration.h
index dd74f8bc88..b233358a51 100644
--- a/src/qemu/qemu_migration.h
+++ b/src/qemu/qemu_migration.h
@@ -59,6 +59,7 @@
VIR_MIGRATE_POSTCOPY | \
VIR_MIGRATE_TLS | \
VIR_MIGRATE_PARALLEL | \
+ VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES | \
0)
/* All supported migration parameters and their types. */
--
2.31.1
9:01 a.m.
New subject: [PATCH 15/17] docs: Convert 'migration' doc to RST
After conversion the table doesn't have to custom colors, but otherwise
seems to hold well.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
docs/meson.build | 2 +-
docs/migration.html.in | 688 -----------------------------------------
docs/migration.rst | 458 +++++++++++++++++++++++++++
3 files changed, 459 insertions(+), 689 deletions(-)
delete mode 100644 docs/migration.html.in
create mode 100644 docs/migration.rst
diff --git a/docs/meson.build b/docs/meson.build
index fb6e0029d0..3aabb52950 100644
--- a/docs/meson.build
+++ b/docs/meson.build
@@ -77,7 +77,6 @@ docs_html_in_files = [
'internals',
'java',
'logging',
- 'migration',
'nss',
'pci-hotplug',
'php',
@@ -121,6 +120,7 @@ docs_rst_files = [
'hacking',
'libvirt-go',
'libvirt-go-xml',
+ 'migration',
'newreposetup',
'pci-addresses',
'platforms',
diff --git a/docs/migration.html.in b/docs/migration.html.in
deleted file mode 100644
index 627200f96a..0000000000
--- a/docs/migration.html.in
+++ /dev/null
@@ -1,688 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml">
- <body>
- <h1>Guest migration</h1>
-
- <ul id="toc"></ul>
-
- <p>
- Migration of guests between hosts is a complicated problem with many possible
- solutions, each with their own positive and negative points. For maximum
- flexibility of both hypervisor integration, and administrator deployment,
- libvirt implements several options for migration.
- </p>
-
- <h2><a id="transport">Network data
transports</a></h2>
-
- <p>
- There are two options for the data transport used during migration, either
- the hypervisor's own <strong>native</strong> transport, or
<strong>tunnelled</strong>
- over a libvirtd connection.
- </p>
-
- <h3><a id="transportnative">Hypervisor native
transport</a></h3>
- <p>
- <em>Native</em> data transports may or may not support encryption,
depending
- on the hypervisor in question, but will typically have the lowest computational
costs
- by minimising the number of data copies involved. The native data transports will
also
- require extra hypervisor-specific network configuration steps by the administrator
when
- deploying a host. For some hypervisors, it might be necessary to open up a large
range
- of ports on the firewall to allow multiple concurrent migration operations.
- </p>
-
- <p>
- Modern hypervisors support TLS for encryption and authentication of the
- migration connections which can be enabled using the
- <code>VIR_MIGRATE_TLS</code> flag. The <em>qemu</em>
hypervisor driver
- allows users to force use of TLS via the
<code>migrate_tls_force</code>
- knob configured in <code>/etc/libvirt/qemu.conf</code>.
- </p>
-
- <p>
- <img class="diagram" src="migration-native.png"
alt="Migration native path"/>
- </p>
-
- <h3><a id="transporttunnel">libvirt tunnelled
transport</a></h3>
- <p>
- <em>Tunnelled</em> data transports will always be capable of strong
encryption
- since they are able to leverage the capabilities built in to the libvirt RPC
protocol.
- The downside of a tunnelled transport, however, is that there will be extra data
copies
- involved on both the source and destinations hosts as the data is moved between
libvirtd
- and the hypervisor. This is likely to be a more significant problem for guests
with
- very large RAM sizes, which dirty memory pages quickly. On the deployment side,
tunnelled
- transports do not require any extra network configuration over and above what's
already
- required for general libvirtd <a href="remote.html">remote
access</a>, and there is only
- need for a single port to be open on the firewall to support multiple concurrent
- migration operations.
- </p>
-
- <p>
- <em>Note:</em> Certain features such as migration of non-shared
storage
- (<code>VIR_MIGRATE_NON_SHARED_DISK</code>), the multi-connection
migration
- (<code>VIR_MIGRATE_PARALLEL</code>), or post-copy migration
- (<code>VIR_MIGRATE_POSTCOPY</code>) may not be available when using
- libvirt's tunnelling.
- </p>
-
- <p>
- <img class="diagram" src="migration-tunnel.png"
alt="Migration tunnel path"/>
- </p>
-
- <h2><a id="flow">Communication control
paths/flows</a></h2>
-
- <p>
- Migration of virtual machines requires close co-ordination of the two
- hosts involved, as well as the application invoking the migration,
- which may be on the source, the destination, or a third host.
- </p>
-
- <h3><a id="flowmanageddirect">Managed direct
migration</a></h3>
-
- <p>
- With <em>managed direct</em> migration, the libvirt client process
- controls the various phases of migration. The client application must
- be able to connect and authenticate with the libvirtd daemons on both
- the source and destination hosts. There is no need for the two libvirtd
- daemons to communicate with each other. If the client application
- crashes, or otherwise loses its connection to libvirtd during the
- migration process, an attempt will be made to abort the migration and
- restart the guest CPUs on the source host. There may be scenarios
- where this cannot be safely done, in which cases the guest will be
- left paused on one or both of the hosts.
- </p>
-
- <p>
- <img class="diagram" src="migration-managed-direct.png"
alt="Migration direct, managed"/>
- </p>
-
-
- <h3><a id="flowpeer2peer">Managed peer to peer
migration</a></h3>
-
- <p>
- With <em>peer to peer</em> migration, the libvirt client process only
- talks to the libvirtd daemon on the source host. The source libvirtd
- daemon controls the entire migration process itself, by directly
- connecting the destination host libvirtd. If the client application crashes,
- or otherwise loses its connection to libvirtd, the migration process
- will continue uninterrupted until completion. Note that the
- source libvirtd uses its own credentials (typically root) to
- connect to the destination, rather than the credentials used
- by the client to connect to the source; if these differ, it is
- common to run into a situation where a client can connect to the
- destination directly but the source cannot make the connection to
- set up the peer-to-peer migration.
- </p>
-
- <p>
- <img class="diagram" src="migration-managed-p2p.png"
alt="Migration peer-to-peer"/>
- </p>
-
-
- <h3><a id="flowunmanageddirect">Unmanaged direct
migration</a></h3>
-
- <p>
- With <em>unmanaged direct</em> migration, neither the libvirt client
- or libvirtd daemon control the migration process. Control is instead
- delegated to the hypervisor's over management services (if any). The
- libvirt client merely initiates the migration via the hypervisor's
- management layer. If the libvirt client or libvirtd crash, the
- migration process will continue uninterrupted until completion.
- </p>
-
- <p>
- <img class="diagram" src="migration-unmanaged-direct.png"
alt="Migration direct, unmanaged"/>
- </p>
-
-
- <h2><a id="security">Data security</a></h2>
-
- <p>
- Since the migration data stream includes a complete copy of the guest
- OS RAM, snooping of the migration data stream may allow compromise
- of sensitive guest information. If the virtualization hosts have
- multiple network interfaces, or if the network switches support
- tagged VLANs, then it is very desirable to separate guest network
- traffic from migration or management traffic.
- </p>
-
- <p>
- In some scenarios, even a separate network for migration data may
- not offer sufficient security. In this case it is possible to apply
- encryption to the migration data stream. If the hypervisor does not
- itself offer encryption, then the libvirt tunnelled migration
- facility should be used.
- </p>
-
- <h2><a id="offline">Offline migration</a></h2>
-
- <p>
- Offline migration transfers the inactive definition of a domain
- (which may or may not be active). After successful completion, the
- domain remains in its current state on the source host and is defined
- but inactive on the destination host. It's a bit more clever than
- <code>virsh dumpxml</code> on source host followed by
- <code>virsh define</code> on destination host, as offline migration
- will run the pre-migration hook to update the domain XML on
- destination host. Currently, copying non-shared storage or other file
- based storages (e.g. UEFI variable storage) is not supported during
- offline migration.
- </p>
-
- <h2><a id="uris">Migration URIs</a></h2>
-
- <p>
- Initiating a guest migration requires the client application to
- specify up to three URIs, depending on the choice of control
- flow and/or APIs used. The first URI is that of the libvirt
- connection to the source host, where the virtual guest is
- currently running. The second URI is that of the libvirt
- connection to the destination host, where the virtual guest
- will be moved to (and in peer-to-peer migrations, this is from
- the perspective of the source, not the client). The third URI is
- a hypervisor specific
- URI used to control how the guest will be migrated. With
- any managed migration flow, the first and second URIs are
- compulsory, while the third URI is optional. With the
- unmanaged direct migration mode, the first and third URIs are
- compulsory and the second URI is not used.
- </p>
-
- <p>
- Ordinarily management applications only need to care about the
- first and second URIs, which are both in the normal libvirt
- connection URI format. Libvirt will then automatically determine
- the hypervisor specific URI, by looking up the target host's
- configured hostname. There are a few scenarios where the management
- application may wish to have direct control over the third URI.
- </p>
-
- <ol>
- <li>The configured hostname is incorrect, or DNS is broken. If a
- host has a hostname which will not resolve to match one of its
- public IP addresses, then libvirt will generate an incorrect
- URI. In this case the management application should specify the
- hypervisor specific URI explicitly, using an IP address, or a
- correct hostname.</li>
- <li>The host has multiple network interfaces. If a host has multiple
- network interfaces, it might be desirable for the migration data
- stream to be sent over a specific interface for either security
- or performance reasons. In this case the management application
- should specify the hypervisor specific URI, using an IP address
- associated with the network to be used.</li>
- <li>The firewall restricts what ports are available. When libvirt
- generates a migration URI it will pick a port number using hypervisor
- specific rules. Some hypervisors only require a single port to be
- open in the firewalls, while others require a whole range of port
- numbers. In the latter case the management application may wish
- to choose a specific port number outside the default range in order
- to comply with local firewall policies.</li>
- <li>The second URI uses UNIX transport method. In this advanced case
- libvirt should not guess a *migrateuri* and it should be specified using
- UNIX socket path URI:
<code>unix:///path/to/socket</code>.</li>
- </ol>
-
- <h2><a id="config">Configuration file
handling</a></h2>
-
- <p>
- There are two types of virtual machines known to libvirt. A
<em>transient</em>
- guest only exists while it is running, and has no configuration file stored
- on disk. A <em>persistent</em> guest maintains a configuration file on
disk
- even when it is not running.
- </p>
-
- <p>
- By default, a migration operation will not attempt to modify any configuration
- files that may be stored on either the source or destination host. It is the
- administrator, or management application's, responsibility to manage
distribution
- of configuration files (if desired). It is important to note that the
<code>/etc/libvirt</code>
- directory <strong>MUST NEVER BE SHARED BETWEEN HOSTS</strong>. There
are some
- typical scenarios that might be applicable:
- </p>
-
- <ul>
- <li>Centralized configuration files outside libvirt, in shared storage. A
cluster
- aware management application may maintain all the master guest configuration
- files in a cluster filesystem. When attempting to start a guest, the config
- will be read from the cluster FS and used to deploy a persistent guest.
- For migration the configuration will need to be copied to the destination
- host and removed on the original.
- </li>
- <li>Centralized configuration files outside libvirt, in a database. A data
center
- management application may not store configuration files at all. Instead it
- may generate libvirt XML on the fly when a guest is booted. It will typically
- use transient guests, and thus not have to consider configuration files during
- migration.
- </li>
- <li>Distributed configuration inside libvirt. The configuration file for
each
- guest is copied to every host where the guest is able to run. Upon migration
- the existing config merely needs to be updated with any changes.
- </li>
- <li>Ad-hoc configuration management inside libvirt. Each guest is tied to a
- specific host and rarely migrated. When migration is required, the config
- is moved from one host to the other.
- </li>
- </ul>
-
- <p>
- As mentioned above, libvirt will not modify configuration files during
- migration by default. The <code>virsh</code> command has two flags to
- influence this behaviour. The <code>--undefinesource</code> flag
- will cause the configuration file to be removed on the source host
- after a successful migration. The <code>--persistent</code> flag will
- cause a configuration file to be created on the destination host
- after a successful migration. The following table summarizes the
- configuration file handling in all possible state and flag
- combinations.
- </p>
-
- <table>
- <thead>
- <tr class="head">
- <th colspan="3">Before migration</th>
- <th colspan="2">Flags</th>
- <th colspan="3">After migration</th>
- </tr>
- <tr class="subhead">
- <th>Source type</th>
- <th>Source config</th>
- <th>Dest config</th>
- <th>--undefinesource</th>
- <th>--persistent</th>
- <th>Dest type</th>
- <th>Source config</th>
- <th>Dest config</th>
- </tr>
- </thead>
- <tbody>
- <!-- src:N, dst:N -->
- <tr>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="n">N</td>
- </tr>
- <tr>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="n">N</td>
- </tr>
- <tr>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td>Persistent</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- </tr>
- <tr>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td>Persistent</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- </tr>
-
- <!-- src:N, dst:Y -->
- <tr>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td>Persistent</td>
- <td class="n">N</td>
- <td class="y">Y<br/>(unchanged dest config)</td>
- </tr>
- <tr>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td>Persistent</td>
- <td class="n">N</td>
- <td class="y">Y<br/>(unchanged dest config)</td>
- </tr>
- <tr>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td>Persistent</td>
- <td class="n">N</td>
- <td class="y">Y<br/>(replaced with source)</td>
- </tr>
- <tr>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td>Persistent</td>
- <td class="n">N</td>
- <td class="y">Y<br/>(replaced with source)</td>
- </tr>
-
- <!-- src:Y dst:N -->
- <tr>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td>Transient</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- </tr>
- <tr>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td>Transient</td>
- <td class="n">N</td>
- <td class="n">N</td>
- </tr>
- <tr>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- </tr>
- <tr>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td>Persistent</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- </tr>
-
- <!-- src:Y dst:Y -->
- <tr>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td class="n">N</td>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="y">Y<br/>(unchanged dest config)</td>
- </tr>
- <tr>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td>Persistent</td>
- <td class="n">N</td>
- <td class="y">Y<br/>(unchanged dest config)</td>
- </tr>
- <tr>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td class="n">N</td>
- <td class="y">Y</td>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="y">Y<br/>(replaced with source)</td>
- </tr>
- <tr>
- <td>Persistent</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td class="y">Y</td>
- <td>Persistent</td>
- <td class="n">N</td>
- <td class="y">Y<br/>(replaced with source)</td>
- </tr>
- </tbody>
- </table>
-
- <h2><a id="scenarios">Migration scenarios</a></h2>
-
-
- <h3><a id="scenarionativedirect">Native migration, client to
two libvirtd servers</a></h3>
-
- <p>
- At an API level this requires use of virDomainMigrate, without the
- VIR_MIGRATE_PEER2PEER flag set. The destination libvirtd server
- will automatically determine the native hypervisor URI for migration
- based off the primary hostname. To force migration over an alternate
- network interface the optional hypervisor specific URI must be provided
- </p>
-
- <pre>
-syntax: virsh migrate GUESTNAME DEST-LIBVIRT-URI [HV-URI]
-
-
-eg using default network interface
-
-virsh migrate web1 qemu+ssh://desthost/system
-virsh migrate web1 xen+tls://desthost/system
-
-
-eg using secondary network interface
-
-virsh migrate web1 qemu://desthost/system tcp://10.0.0.1/
- </pre>
-
- <p>
- Supported by Xen, QEMU, VMware and VirtualBox drivers
- </p>
-
- <h3><a id="scenarionativepeer2peer">Native migration, client to
and peer2peer between, two libvirtd servers</a></h3>
-
- <p>
- virDomainMigrate, with the VIR_MIGRATE_PEER2PEER flag set,
- using the libvirt URI format for the 'uri' parameter. The
- destination libvirtd server will automatically determine
- the native hypervisor URI for migration, based off the
- primary hostname. The optional uri parameter controls how
- the source libvirtd connects to the destination libvirtd,
- in case it is not accessible using the same address that
- the client uses to connect to the destination, or a different
- encryption/auth scheme is required. There is no
- scope for forcing an alternative network interface for the
- native migration data with this method.
- </p>
-
- <p>
- This mode cannot be invoked from virsh
- </p>
-
- <p>
- Supported by QEMU driver
- </p>
-
- <h3><a id="scenariotunnelpeer2peer1">Tunnelled migration,
client and peer2peer between two libvirtd servers</a></h3>
-
- <p>
- virDomainMigrate, with the VIR_MIGRATE_PEER2PEER & VIR_MIGRATE_TUNNELLED
- flags set, using the libvirt URI format for the 'uri' parameter. The
- destination libvirtd server will automatically determine
- the native hypervisor URI for migration, based off the
- primary hostname. The optional uri parameter controls how
- the source libvirtd connects to the destination libvirtd,
- in case it is not accessible using the same address that
- the client uses to connect to the destination, or a different
- encryption/auth scheme is required. The native hypervisor URI
- format is not used at all.
- </p>
-
- <p>
- This mode cannot be invoked from virsh
- </p>
-
- <p>
- Supported by QEMU driver
- </p>
-
- <h3><a id="nativedirectunmanaged">Native migration, client to
one libvirtd server</a></h3>
-
- <p>
- virDomainMigrateToURI, without the VIR_MIGRATE_PEER2PEER flag set,
- using a hypervisor specific URI format for the 'uri' parameter.
- There is no use or requirement for a destination libvirtd instance
- at all. This is typically used when the hypervisor has its own
- native management daemon available to handle incoming migration
- attempts on the destination.
- </p>
-
- <pre>
-syntax: virsh migrate GUESTNAME HV-URI
-
-
-eg using same libvirt URI for all connections
-
- </pre>
-
- <h3><a id="nativepeer2peer">Native migration, peer2peer between
two libvirtd servers</a></h3>
-
- <p>
- virDomainMigrateToURI, with the VIR_MIGRATE_PEER2PEER flag set,
- using the libvirt URI format for the 'uri' parameter. The
- destination libvirtd server will automatically determine
- the native hypervisor URI for migration, based off the
- primary hostname. There is no scope for forcing an alternative
- network interface for the native migration data with this
- method. The destination URI must be reachable using the source
- libvirtd credentials (which are not necessarily the same as the
- credentials of the client in connecting to the source).
- </p>
-
- <pre>
-syntax: virsh migrate GUESTNAME DEST-LIBVIRT-URI [ALT-DEST-LIBVIRT-URI]
-
-
-eg using same libvirt URI for all connections
-
-virsh migrate --p2p web1 qemu+ssh://desthost/system
-
-
-eg using different libvirt URI auth scheme for peer2peer connections
-
-virsh migrate --p2p web1 qemu+ssh://desthost/system qemu+tls:/desthost/system
-
-
-eg using different libvirt URI hostname for peer2peer connections
-
-virsh migrate --p2p web1 qemu+ssh://desthost/system qemu+ssh://10.0.0.1/system
- </pre>
-
- <p>
- Supported by the QEMU driver
- </p>
-
- <h3><a id="scenariotunnelpeer2peer2">Tunnelled migration,
peer2peer between two libvirtd servers</a></h3>
-
- <p>
- virDomainMigrateToURI, with the VIR_MIGRATE_PEER2PEER &
VIR_MIGRATE_TUNNELLED
- flags set, using the libvirt URI format for the 'uri' parameter. The
- destination libvirtd server will automatically determine
- the native hypervisor URI for migration, based off the
- primary hostname. The optional uri parameter controls how
- the source libvirtd connects to the destination libvirtd,
- in case it is not accessible using the same address that
- the client uses to connect to the destination, or a different
- encryption/auth scheme is required. The native hypervisor URI
- format is not used at all. The destination URI must be
- reachable using the source libvirtd credentials (which are not
- necessarily the same as the credentials of the client in
- connecting to the source).
- </p>
-
- <pre>
-syntax: virsh migrate GUESTNAME DEST-LIBVIRT-URI [ALT-DEST-LIBVIRT-URI]
-
-
-eg using same libvirt URI for all connections
-
-virsh migrate --p2p --tunnelled web1 qemu+ssh://desthost/system
-
-
-eg using different libvirt URI auth scheme for peer2peer connections
-
-virsh migrate --p2p --tunnelled web1 qemu+ssh://desthost/system
qemu+tls:/desthost/system
-
-
-eg using different libvirt URI hostname for peer2peer connections
-
-virsh migrate --p2p --tunnelled web1 qemu+ssh://desthost/system
qemu+ssh://10.0.0.1/system
- </pre>
-
- <p>
- Supported by QEMU driver
- </p>
-
-
- <h3><a id="scenariounixsocket">Migration using only UNIX
sockets</a></h3>
-
- <p>
- In niche scenarios where libvirt daemon does not have access to the
- network (e.g. running in a restricted container on a host that has
- accessible network), when a management application wants to have complete
- control over the transfer or when migrating between two containers on the
- same host all the communication can be done using UNIX sockets. This
- includes connecting to non-standard socket path for the destination
- daemon, using UNIX sockets for hypervisor's communication or for the NBD
- data transfer. All of that can be used with both peer2peer and direct
- migration options.
- </p>
-
- <p>
- Example using <code>/tmp/migdir</code> as a directory representing the
- same path visible from both libvirt daemons. That can be achieved by
- bind-mounting the same directory to different containers running separate
- daemons or forwarding connections to these sockets manually
- (using <code>socat</code>, <code>netcat</code> or a custom
piece of
- software):
- </p>
- <pre>
-virsh migrate --domain web1 [--p2p] --copy-storage-all
- --desturi 'qemu+unix:///system?socket=/tmp/migdir/test-sock-driver'
- --migrateuri 'unix:///tmp/migdir/test-sock-qemu'
- --disks-uri unix:///tmp/migdir/test-sock-nbd
- </pre>
-
- <p>
- One caveat is that on SELinux-enabled systems all the sockets that the
- hypervisor is going to connect to needs to have the proper context and
- that is chosen before its creation by the process that creates it. That
- is usually done by using <code>setsockcreatecon{,raw}()</code>
functions.
- Generally *system_r:system_u:svirt_socket_t:s0* should do the trick, but
- check the SELinux rules and settings of your system.
- </p>
-
- <p>
- Supported by QEMU driver
- </p>
-
- </body>
-</html>
diff --git a/docs/migration.rst b/docs/migration.rst
new file mode 100644
index 0000000000..0a40600462
--- /dev/null
+++ b/docs/migration.rst
@@ -0,0 +1,458 @@
+===============
+Guest migration
+===============
+
+.. contents::
+
+Migration of guests between hosts is a complicated problem with many possible
+solutions, each with their own positive and negative points. For maximum
+flexibility of both hypervisor integration, and administrator deployment,
+libvirt implements several options for migration.
+
+Network data transports
+-----------------------
+
+There are two options for the data transport used during migration, either the
+hypervisor's own **native** transport, or **tunnelled** over a libvirtd
+connection.
+
+Hypervisor native transport
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+*Native* data transports may or may not support encryption, depending on the
+hypervisor in question, but will typically have the lowest computational costs
+by minimising the number of data copies involved. The native data transports
+will also require extra hypervisor-specific network configuration steps by the
+administrator when deploying a host. For some hypervisors, it might be necessary
+to open up a large range of ports on the firewall to allow multiple concurrent
+migration operations.
+
+Modern hypervisors support TLS for encryption and authentication of the
+migration connections which can be enabled using the ``VIR_MIGRATE_TLS`` flag.
+The *qemu* hypervisor driver allows users to force use of TLS via the
+``migrate_tls_force`` knob configured in ``/etc/libvirt/qemu.conf``.
+
+|Migration native path|
+
+libvirt tunnelled transport
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+*Tunnelled* data transports will always be capable of strong encryption since
+they are able to leverage the capabilities built in to the libvirt RPC protocol.
+The downside of a tunnelled transport, however, is that there will be extra data
+copies involved on both the source and destinations hosts as the data is moved
+between libvirtd and the hypervisor. This is likely to be a more significant
+problem for guests with very large RAM sizes, which dirty memory pages quickly.
+On the deployment side, tunnelled transports do not require any extra network
+configuration over and above what's already required for general libvirtd
+`remote access <remote.html>`__, and there is only need for a single port to be
+open on the firewall to support multiple concurrent migration operations.
+
+*Note:* Certain features such as migration of non-shared storage
+(``VIR_MIGRATE_NON_SHARED_DISK``), the multi-connection migration
+(``VIR_MIGRATE_PARALLEL``), or post-copy migration (``VIR_MIGRATE_POSTCOPY``)
+may not be available when using libvirt's tunnelling.
+
+|Migration tunnel path|
+
+Communication control paths/flows
+---------------------------------
+
+Migration of virtual machines requires close co-ordination of the two hosts
+involved, as well as the application invoking the migration, which may be on the
+source, the destination, or a third host.
+
+Managed direct migration
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+With *managed direct* migration, the libvirt client process controls the various
+phases of migration. The client application must be able to connect and
+authenticate with the libvirtd daemons on both the source and destination hosts.
+There is no need for the two libvirtd daemons to communicate with each other. If
+the client application crashes, or otherwise loses its connection to libvirtd
+during the migration process, an attempt will be made to abort the migration and
+restart the guest CPUs on the source host. There may be scenarios where this
+cannot be safely done, in which cases the guest will be left paused on one or
+both of the hosts.
+
+|Migration direct, managed|
+
+Managed peer to peer migration
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+With *peer to peer* migration, the libvirt client process only talks to the
+libvirtd daemon on the source host. The source libvirtd daemon controls the
+entire migration process itself, by directly connecting the destination host
+libvirtd. If the client application crashes, or otherwise loses its connection
+to libvirtd, the migration process will continue uninterrupted until completion.
+Note that the source libvirtd uses its own credentials (typically root) to
+connect to the destination, rather than the credentials used by the client to
+connect to the source; if these differ, it is common to run into a situation
+where a client can connect to the destination directly but the source cannot
+make the connection to set up the peer-to-peer migration.
+
+|Migration peer-to-peer|
+
+Unmanaged direct migration
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+With *unmanaged direct* migration, neither the libvirt client or libvirtd daemon
+control the migration process. Control is instead delegated to the hypervisor's
+over management services (if any). The libvirt client merely initiates the
+migration via the hypervisor's management layer. If the libvirt client or
+libvirtd crash, the migration process will continue uninterrupted until
+completion.
+
+|Migration direct, unmanaged|
+
+Data security
+-------------
+
+Since the migration data stream includes a complete copy of the guest OS RAM,
+snooping of the migration data stream may allow compromise of sensitive guest
+information. If the virtualization hosts have multiple network interfaces, or if
+the network switches support tagged VLANs, then it is very desirable to separate
+guest network traffic from migration or management traffic.
+
+In some scenarios, even a separate network for migration data may not offer
+sufficient security. In this case it is possible to apply encryption to the
+migration data stream. If the hypervisor does not itself offer encryption, then
+the libvirt tunnelled migration facility should be used.
+
+Offline migration
+-----------------
+
+Offline migration transfers the inactive definition of a domain (which may or
+may not be active). After successful completion, the domain remains in its
+current state on the source host and is defined but inactive on the destination
+host. It's a bit more clever than ``virsh dumpxml`` on source host followed by
+``virsh define`` on destination host, as offline migration will run the
+pre-migration hook to update the domain XML on destination host. Currently,
+copying non-shared storage or other file based storages (e.g. UEFI variable
+storage) is not supported during offline migration.
+
+Migration URIs
+--------------
+
+Initiating a guest migration requires the client application to specify up to
+three URIs, depending on the choice of control flow and/or APIs used. The first
+URI is that of the libvirt connection to the source host, where the virtual
+guest is currently running. The second URI is that of the libvirt connection to
+the destination host, where the virtual guest will be moved to (and in
+peer-to-peer migrations, this is from the perspective of the source, not the
+client). The third URI is a hypervisor specific URI used to control how the
+guest will be migrated. With any managed migration flow, the first and second
+URIs are compulsory, while the third URI is optional. With the unmanaged direct
+migration mode, the first and third URIs are compulsory and the second URI is
+not used.
+
+Ordinarily management applications only need to care about the first and second
+URIs, which are both in the normal libvirt connection URI format. Libvirt will
+then automatically determine the hypervisor specific URI, by looking up the
+target host's configured hostname. There are a few scenarios where the
+management application may wish to have direct control over the third URI.
+
+#. The configured hostname is incorrect, or DNS is broken. If a host has a
+ hostname which will not resolve to match one of its public IP addresses, then
+ libvirt will generate an incorrect URI. In this case the management
+ application should specify the hypervisor specific URI explicitly, using an
+ IP address, or a correct hostname.
+#. The host has multiple network interfaces. If a host has multiple network
+ interfaces, it might be desirable for the migration data stream to be sent
+ over a specific interface for either security or performance reasons. In this
+ case the management application should specify the hypervisor specific URI,
+ using an IP address associated with the network to be used.
+#. The firewall restricts what ports are available. When libvirt generates a
+ migration URI it will pick a port number using hypervisor specific rules.
+ Some hypervisors only require a single port to be open in the firewalls,
+ while others require a whole range of port numbers. In the latter case the
+ management application may wish to choose a specific port number outside the
+ default range in order to comply with local firewall policies.
+#. The second URI uses UNIX transport method. In this advanced case libvirt
+ should not guess a \*migrateuri\* and it should be specified using UNIX
+ socket path URI: ``unix:///path/to/socket``.
+
+Configuration file handling
+---------------------------
+
+There are two types of virtual machines known to libvirt. A *transient* guest
+only exists while it is running, and has no configuration file stored on disk. A
+*persistent* guest maintains a configuration file on disk even when it is not
+running.
+
+By default, a migration operation will not attempt to modify any configuration
+files that may be stored on either the source or destination host. It is the
+administrator, or management application's, responsibility to manage
+distribution of configuration files (if desired). It is important to note that
+the ``/etc/libvirt`` directory **MUST NEVER BE SHARED BETWEEN HOSTS**. There are
+some typical scenarios that might be applicable:
+
+- Centralized configuration files outside libvirt, in shared storage. A cluster
+ aware management application may maintain all the master guest configuration
+ files in a cluster filesystem. When attempting to start a guest, the config
+ will be read from the cluster FS and used to deploy a persistent guest. For
+ migration the configuration will need to be copied to the destination host
+ and removed on the original.
+- Centralized configuration files outside libvirt, in a database. A data center
+ management application may not store configuration files at all. Instead it
+ may generate libvirt XML on the fly when a guest is booted. It will typically
+ use transient guests, and thus not have to consider configuration files
+ during migration.
+- Distributed configuration inside libvirt. The configuration file for each
+ guest is copied to every host where the guest is able to run. Upon migration
+ the existing config merely needs to be updated with any changes.
+- Ad-hoc configuration management inside libvirt. Each guest is tied to a
+ specific host and rarely migrated. When migration is required, the config is
+ moved from one host to the other.
+
+As mentioned above, libvirt will not modify configuration files during migration
+by default. The ``virsh`` command has two flags to influence this behaviour. The
+``--undefinesource`` flag will cause the configuration file to be removed on the
+source host after a successful migration. The ``--persistent`` flag will cause a
+configuration file to be created on the destination host after a successful
+migration. The following table summarizes the configuration file handling in all
+possible state and flag combinations.
+
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Before migration | Flags
| After migration |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Source type | Source config | Dest config | --undefinesource |
--persistent | Dest type | Source config | Dest config |
++===================+===================+===================+===================+===================+===================+===================+===================+
+| Transient | N | N | N | N
| Transient | N | N |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Transient | N | N | Y | N
| Transient | N | N |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Transient | N | N | N | Y
| Persistent | N | Y |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Transient | N | N | Y | Y
| Persistent | N | Y |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Transient | N | Y | N | N
| Persistent | N | Y |
+| | | | |
| | | (unchanged dest |
+| | | | |
| | | config) |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Transient | N | Y | Y | N
| Persistent | N | Y |
+| | | | |
| | | (unchanged dest |
+| | | | |
| | | config) |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Transient | N | Y | N | Y
| Persistent | N | Y |
+| | | | |
| | | (replaced with |
+| | | | |
| | | source) |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Transient | N | Y | Y | Y
| Persistent | N | Y |
+| | | | |
| | | (replaced with |
+| | | | |
| | | source) |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Persistent | Y | N | N | N
| Transient | Y | N |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Persistent | Y | N | Y | N
| Transient | N | N |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Persistent | Y | N | N | Y
| Persistent | Y | Y |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Persistent | Y | N | Y | Y
| Persistent | N | Y |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Persistent | Y | Y | N | N
| Persistent | Y | Y |
+| | | | |
| | | (unchanged dest |
+| | | | |
| | | config) |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Persistent | Y | Y | Y | N
| Persistent | N | Y |
+| | | | |
| | | (unchanged dest |
+| | | | |
| | | config) |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Persistent | Y | Y | N | Y
| Persistent | Y | Y |
+| | | | |
| | | (replaced with |
+| | | | |
| | | source) |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+| Persistent | Y | Y | Y | Y
| Persistent | N | Y |
+| | | | |
| | | (replaced with |
+| | | | |
| | | source) |
++-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+-------------------+
+
+Migration scenarios
+-------------------
+
+Native migration, client to two libvirtd servers
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+At an API level this requires use of virDomainMigrate, without the
+VIR_MIGRATE_PEER2PEER flag set. The destination libvirtd server will
+automatically determine the native hypervisor URI for migration based off the
+primary hostname. To force migration over an alternate network interface the
+optional hypervisor specific URI must be provided
+
+::
+
+ syntax: virsh migrate GUESTNAME DEST-LIBVIRT-URI [HV-URI]
+
+
+ eg using default network interface
+
+ virsh migrate web1 qemu+ssh://desthost/system
+ virsh migrate web1 xen+tls://desthost/system
+
+
+ eg using secondary network interface
+
+ virsh migrate web1 qemu://desthost/system tcp://10.0.0.1/
+
+Supported by Xen, QEMU, VMware and VirtualBox drivers
+
+Native migration, client to and peer2peer between, two libvirtd servers
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+virDomainMigrate, with the VIR_MIGRATE_PEER2PEER flag set, using the libvirt URI
+format for the 'uri' parameter. The destination libvirtd server will
+automatically determine the native hypervisor URI for migration, based off the
+primary hostname. The optional uri parameter controls how the source libvirtd
+connects to the destination libvirtd, in case it is not accessible using the
+same address that the client uses to connect to the destination, or a different
+encryption/auth scheme is required. There is no scope for forcing an alternative
+network interface for the native migration data with this method.
+
+This mode cannot be invoked from virsh
+
+Supported by QEMU driver
+
+Tunnelled migration, client and peer2peer between two libvirtd servers
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+virDomainMigrate, with the VIR_MIGRATE_PEER2PEER & VIR_MIGRATE_TUNNELLED flags
+set, using the libvirt URI format for the 'uri' parameter. The destination
+libvirtd server will automatically determine the native hypervisor URI for
+migration, based off the primary hostname. The optional uri parameter controls
+how the source libvirtd connects to the destination libvirtd, in case it is not
+accessible using the same address that the client uses to connect to the
+destination, or a different encryption/auth scheme is required. The native
+hypervisor URI format is not used at all.
+
+This mode cannot be invoked from virsh
+
+Supported by QEMU driver
+
+Native migration, client to one libvirtd server
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+virDomainMigrateToURI, without the VIR_MIGRATE_PEER2PEER flag set, using a
+hypervisor specific URI format for the 'uri' parameter. There is no use or
+requirement for a destination libvirtd instance at all. This is typically used
+when the hypervisor has its own native management daemon available to handle
+incoming migration attempts on the destination.
+
+::
+
+ syntax: virsh migrate GUESTNAME HV-URI
+
+
+ eg using same libvirt URI for all connections
+
+
+Native migration, peer2peer between two libvirtd servers
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+virDomainMigrateToURI, with the VIR_MIGRATE_PEER2PEER flag set, using the
+libvirt URI format for the 'uri' parameter. The destination libvirtd server will
+automatically determine the native hypervisor URI for migration, based off the
+primary hostname. There is no scope for forcing an alternative network interface
+for the native migration data with this method. The destination URI must be
+reachable using the source libvirtd credentials (which are not necessarily the
+same as the credentials of the client in connecting to the source).
+
+::
+
+ syntax: virsh migrate GUESTNAME DEST-LIBVIRT-URI [ALT-DEST-LIBVIRT-URI]
+
+
+ eg using same libvirt URI for all connections
+
+ virsh migrate --p2p web1 qemu+ssh://desthost/system
+
+
+ eg using different libvirt URI auth scheme for peer2peer connections
+
+ virsh migrate --p2p web1 qemu+ssh://desthost/system qemu+tls:/desthost/system
+
+
+ eg using different libvirt URI hostname for peer2peer connections
+
+ virsh migrate --p2p web1 qemu+ssh://desthost/system qemu+ssh://10.0.0.1/system
+
+Supported by the QEMU driver
+
+Tunnelled migration, peer2peer between two libvirtd servers
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+virDomainMigrateToURI, with the VIR_MIGRATE_PEER2PEER & VIR_MIGRATE_TUNNELLED
+flags set, using the libvirt URI format for the 'uri' parameter. The destination
+libvirtd server will automatically determine the native hypervisor URI for
+migration, based off the primary hostname. The optional uri parameter controls
+how the source libvirtd connects to the destination libvirtd, in case it is not
+accessible using the same address that the client uses to connect to the
+destination, or a different encryption/auth scheme is required. The native
+hypervisor URI format is not used at all. The destination URI must be reachable
+using the source libvirtd credentials (which are not necessarily the same as the
+credentials of the client in connecting to the source).
+
+::
+
+ syntax: virsh migrate GUESTNAME DEST-LIBVIRT-URI [ALT-DEST-LIBVIRT-URI]
+
+
+ eg using same libvirt URI for all connections
+
+ virsh migrate --p2p --tunnelled web1 qemu+ssh://desthost/system
+
+
+ eg using different libvirt URI auth scheme for peer2peer connections
+
+ virsh migrate --p2p --tunnelled web1 qemu+ssh://desthost/system
qemu+tls:/desthost/system
+
+
+ eg using different libvirt URI hostname for peer2peer connections
+
+ virsh migrate --p2p --tunnelled web1 qemu+ssh://desthost/system
qemu+ssh://10.0.0.1/system
+
+Supported by QEMU driver
+
+Migration using only UNIX sockets
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+In niche scenarios where libvirt daemon does not have access to the network
+(e.g. running in a restricted container on a host that has accessible network),
+when a management application wants to have complete control over the transfer
+or when migrating between two containers on the same host all the communication
+can be done using UNIX sockets. This includes connecting to non-standard socket
+path for the destination daemon, using UNIX sockets for hypervisor's
+communication or for the NBD data transfer. All of that can be used with both
+peer2peer and direct migration options.
+
+Example using ``/tmp/migdir`` as a directory representing the same path visible
+from both libvirt daemons. That can be achieved by bind-mounting the same
+directory to different containers running separate daemons or forwarding
+connections to these sockets manually (using ``socat``, ``netcat`` or a custom
+piece of software):
+
+::
+
+ virsh migrate --domain web1 [--p2p] --copy-storage-all
+ --desturi 'qemu+unix:///system?socket=/tmp/migdir/test-sock-driver'
+ --migrateuri 'unix:///tmp/migdir/test-sock-qemu'
+ --disks-uri unix:///tmp/migdir/test-sock-nbd
+
+One caveat is that on SELinux-enabled systems all the sockets that the
+hypervisor is going to connect to needs to have the proper context and that is
+chosen before its creation by the process that creates it. That is usually done
+by using ``setsockcreatecon{,raw}()`` functions. Generally
+\*system_r:system_u:svirt_socket_t:s0\* should do the trick, but check the
+SELinux rules and settings of your system.
+
+Supported by QEMU driver
+
+.. |Migration native path| image:: migration-native.png
+ :class: diagram
+.. |Migration tunnel path| image:: migration-tunnel.png
+ :class: diagram
+.. |Migration direct, managed| image:: migration-managed-direct.png
+ :class: diagram
+.. |Migration peer-to-peer| image:: migration-managed-p2p.png
+ :class: diagram
+.. |Migration direct, unmanaged| image:: migration-unmanaged-direct.png
+ :class: diagram
--
2.31.1
9:01 a.m.
New subject: [PATCH 16/17] docs: migration: Add a paragraph about non-shared storage migration
Outline some of the basics and the caveats of the non-shared migration
code.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
docs/migration.rst | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
diff --git a/docs/migration.rst b/docs/migration.rst
index 0a40600462..247f345f8c 100644
--- a/docs/migration.rst
+++ b/docs/migration.rst
@@ -446,6 +446,38 @@ SELinux rules and settings of your system.
Supported by QEMU driver
+
+Migration of VMs using non-shared images for disks
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Libvirt by default expects that the disk images which are not explicitly network
+accessed are shared between the hosts by means of a network filesystem or remote
+block storage.
+
+By default it's expected that they are in the same location, but this can be
+modified by providing an updated domain XML with appropriate paths to the images
+using ``--xml`` argument for ``virsh migrate``.
+
+In case when one or more of the images are residing on local storage libvirt
+can migrate them as part of the migration flow. This is enabled using
+``--copy-storage-all`` flag for ``virsh migrate``. Additionally
+``--migrate-disks`` parameter allows control which disks need to actually be
+migrated. Without the flag all read-write disks are migrated.
+
+On the destination the images must be either pre-created by the user having
+correct format and size or alternatively if the target path resides within a
+libvirt storage pool they will be automatically created.
+
+In case when the user wishes to migrate only the topmost image from a backing
+chain of images for each disks ``--copy-storage-inc`` can be used instead. User
+must pre-create the images unconditionally.
+
+In order to ensure that the migration of disks will not be overwhelmed by a
+guest doing a lot of I/O to a local fast storage the
+``--copy-storage-synchronous-writes`` flag ensures that newly written data is
+synchronously written to the destination. This may harm I/O performance during
+the migration.
+
.. |Migration native path| image:: migration-native.png
:class: diagram
.. |Migration tunnel path| image:: migration-tunnel.png
--
2.31.1
9:01 a.m.
New subject: [PATCH 17/17] NEWS: Mention synchronous copy job additions
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
NEWS.rst | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 4d690ff64b..a4252d555d 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -17,6 +17,18 @@ v8.0.0 (unreleased)
* **New features**
+ * qemu: Synchronous write mode for disk copy operations
+
+ The ``blockdev-mirror`` block job supports a mode where writes from the VM
+ are synchronously propagated to the destination of the copy. This ensures
+ that the job will converge under heavy I/O.
+
+ Implement the mode for the copy blockjob as
+ ``VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES`` flag exposed via
+ ``virsh blockcopy --synchronous-writes`` and for non-shared storage migration
+ as ``VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES`` exposed via
+ ``virsh migrate --copy-storage-synchronous-writes``.
+
* **Improvements**
* **Bug fixes**
--
2.31.1
10:22 a.m.
On a Friday in 2021, Peter Krempa wrote:
Blocking writes ensure that the mirroring converges even when the
guest
is I/O intensive with a fast local storage and slow mirror.
This patchset does it by introducing flags which use the blocking mode
as it will have performance impact, and for guests which do I/O in
bursts it might be detrimental to their performance.
One could argue that both the copy job and migration have the
expectations of actually using the copy so ensuring that it converges
might be also something we'd want to do by default. This would obviously
greatly simplify this series, but I didn't want to change the default.
Peter Krempa (17):
qemu: monitor: Avoid ternary operators in helpers for
drive/blockdev-mirror
qemuMonitorJSONHandleShutdown: Use virTristateBoolFromBool
qemuMonitorJSONEjectMedia: Use a bool directly for constructing JSON
with 'b' modifier
qemuMonitorJSONMigrate: Extract flags prior to constructing command
qemuMonitorJSONGraphicsRelocate: Clean up command argument
construction
qemu: monitor: Add support for 'write-blocking' copy mode for
blockdev-mirror
include: virDomainBlockCopyFlags: Convert to prefix comments
virDomainBlockCopy: Introduce VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES
flag
qemuDomainBlockCopy: Implement
VIR_DOMAIN_BLOCK_COPY_SYNCHRONOUS_WRITES
include: virDomainMigrateFlags: Remove "block alignment" whitespace
man: virsh: Separate paragrapsh describing distinct flags
VIR_REQUIRE_FLAG_(GOTO|RET): Add parens around arguments in expansion
virDomainMigrate: Introduce VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES
flag
qemu: migration: Implement VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES
docs: Convert 'migration' doc to RST
docs: migration: Add a paragraph about non-shared storage migration
NEWS: Mention synchronous copy job additions
NEWS.rst | 12 +
docs/manpages/virsh.rst | 45 +-
docs/meson.build | 2 +-
docs/migration.html.in | 688 -------------------------------
docs/migration.rst | 490 ++++++++++++++++++++++
include/libvirt/libvirt-domain.h | 63 +--
src/internal.h | 4 +-
src/libvirt-domain.c | 26 ++
src/qemu/qemu_driver.c | 17 +-
src/qemu/qemu_migration.c | 17 +-
src/qemu/qemu_migration.h | 1 +
src/qemu/qemu_monitor.c | 10 +-
src/qemu/qemu_monitor.h | 3 +-
src/qemu/qemu_monitor_json.c | 67 ++-
src/qemu/qemu_monitor_json.h | 3 +-
tests/qemumonitorjsontest.c | 2 +-
tools/virsh-domain.c | 22 +-
17 files changed, 707 insertions(+), 765 deletions(-)
delete mode 100644 docs/migration.html.in
create mode 100644 docs/migration.rst
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
1085
days inactive
1085
days old
21 comments
2 participants
participants (2)
-
Ján Tomko -
Peter Krempa