[Libvir] [patch] qemu/kvm: use_system_powerdown instead of killing the vm hard
Hi, currently domainShutdown kills qemu/kvm instances hard which is not very filesystem friendly. However recent kvm git acquired system_powerdown to shutdown the system gracefully by simulating an acpi power button press. We can now use this in libvirt: diff --git a/src/qemu_driver.c b/src/qemu_driver.c index f792eba..55adb18 100644 --- a/src/qemu_driver.c +++ b/src/qemu_driver.c @@ -1849,6 +1849,27 @@ static int qemudDomainResume(virDomainPtr dom) { } +static int qemudDomainShutdown(virDomainPtr dom) { + struct qemud_driver *driver = (struct qemud_driver *)dom->conn->privateData; + struct qemud_vm *vm = qemudFindVMByID(driver, dom->id); + char* info; + + if (!vm) { + qemudReportError(dom->conn, dom, NULL, VIR_ERR_INVALID_DOMAIN, + "no domain with matching id %d", dom->id); + return -1; + } + + if (qemudMonitorCommand(driver, vm, "system_powerdown", &info) < 0) { + qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED, + "shutdown operation failed"); + return -1; + } + return 0; + +} + + static int qemudDomainDestroy(virDomainPtr dom) { struct qemud_driver *driver = (struct qemud_driver *)dom->conn->privateData; struct qemud_vm *vm = qemudFindVMByID(driver, dom->id); @@ -2855,7 +2876,7 @@ static virDriver qemuDriver = { qemudDomainLookupByName, /* domainLookupByName */ qemudDomainSuspend, /* domainSuspend */ qemudDomainResume, /* domainResume */ - qemudDomainDestroy, /* domainShutdown */ + qemudDomainShutdown, /* domainShutdown */ NULL, /* domainReboot */ qemudDomainDestroy, /* domainDestroy */ qemudDomainGetOSType, /* domainGetOSType */ Please apply, -- Guido
On Tue, Jan 08, 2008 at 12:15:56PM +0100, Guido Guenther wrote:
Hi, currently domainShutdown kills qemu/kvm instances hard which is not very filesystem friendly. However recent kvm git acquired system_powerdown to shutdown the system gracefully by simulating an acpi power button press. We can now use this in libvirt:
Excellant, although we still need to use the 'kill' approach for any VMs which don't support the 'system_powerdown' monitor command. We should probably try 'system_powerdown' and if that gets rejected then fallback to just killing it. Figuring out if its rejected could be fun though; Would have to look at the returned 'info' for an error message - hopefully QEMU has one. Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
On Tue, Jan 08, 2008 at 04:37:02PM +0000, Daniel P. Berrange wrote:
On Tue, Jan 08, 2008 at 12:15:56PM +0100, Guido Guenther wrote:
Hi, currently domainShutdown kills qemu/kvm instances hard which is not very filesystem friendly. However recent kvm git acquired system_powerdown to shutdown the system gracefully by simulating an acpi power button press. We can now use this in libvirt:
Excellant, although we still need to use the 'kill' approach for any VMs which don't support the 'system_powerdown' monitor command. We should probably try 'system_powerdown' and if that gets rejected then fallback to just killing it. Figuring out if its rejected could be fun though; Would have to look at the returned 'info' for an error message - hopefully QEMU has one. No, there's no error code or output since the drop in code in qemu is (and was since ages):
#define qemu_system_powerdown() do{}while(0) I don't think that's a problem though. As far as I understand things a shutdown simply signals the VM to powerdown. We can't rely on the machine actually stopping (say the machine hangs on unmounting something or simply stops heaps of services or whatever). So any sane script or cluster manager will have to do a domainDestroy() anyways after a reasonable timeout (what's "reasonable" depends pretty much on the usage case). Relying on domainShutdown() ever succeeding is probably wrong in the first place. If we want to be able to rely on the shutdown succeeding we have to do the domainDestroy ourselfes after a timeout. Cheers, -- Guido
On Tue, Jan 08, 2008 at 05:55:45PM +0100, Guido Guenther wrote:
On Tue, Jan 08, 2008 at 04:37:02PM +0000, Daniel P. Berrange wrote:
On Tue, Jan 08, 2008 at 12:15:56PM +0100, Guido Guenther wrote:
Hi, currently domainShutdown kills qemu/kvm instances hard which is not very filesystem friendly. However recent kvm git acquired system_powerdown to shutdown the system gracefully by simulating an acpi power button press. We can now use this in libvirt:
Excellant, although we still need to use the 'kill' approach for any VMs which don't support the 'system_powerdown' monitor command. We should probably try 'system_powerdown' and if that gets rejected then fallback to just killing it. Figuring out if its rejected could be fun though; Would have to look at the returned 'info' for an error message - hopefully QEMU has one. No, there's no error code or output since the drop in code in qemu is (and was since ages):
#define qemu_system_powerdown() do{}while(0)
I don't think that's a problem though. As far as I understand things a shutdown simply signals the VM to powerdown. We can't rely on the machine actually stopping (say the machine hangs on unmounting something or simply stops heaps of services or whatever). So any sane script or cluster manager will have to do a domainDestroy() anyways after a reasonable timeout (what's "reasonable" depends pretty much on the usage case). Relying on domainShutdown() ever succeeding is probably wrong in the first place.
Fair enough. Any idea if the 'system_reboot' command is also wired up in KVM yet ? We should probably just add code to call it anyway since it'll be near identical code to that which you used for shutdown, and its better than leaving domainReboot driver method as a no-op. Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
On Tue, Jan 08, 2008 at 06:34:36PM +0000, Daniel P. Berrange wrote:
Fair enough. Any idea if the 'system_reboot' command is also wired up in KVM yet ? We should probably just add code to call it anyway since it'll be near identical code to that which you used for shutdown, and its better than leaving domainReboot driver method as a no-op. There's no system_reboot in either kvm nor qemu. I see two solutions for wireing up domainReboot(). Either qemu/kvm accepts a parameter to system_powerdown to signal that we should restart the vm instead of simply shutting down or we simply send "sendkey ctrl-alt-delete" to the monitor which might be very fragile though. Both solutions depend on the os in the vm doing the right thing (acpi event handling in the first case). Cheers, -- Guido
On Wed, Jan 09, 2008 at 04:11:44PM +0100, Guido Guenther wrote:
On Tue, Jan 08, 2008 at 06:34:36PM +0000, Daniel P. Berrange wrote:
Fair enough. Any idea if the 'system_reboot' command is also wired up in KVM yet ? We should probably just add code to call it anyway since it'll be near identical code to that which you used for shutdown, and its better than leaving domainReboot driver method as a no-op. There's no system_reboot in either kvm nor qemu. I see two solutions for wireing up domainReboot(). Either qemu/kvm accepts a parameter to system_powerdown to signal that we should restart the vm instead of simply shutting down or we simply send "sendkey ctrl-alt-delete" to the monitor which might be very fragile though. Both solutions depend on the os in the vm doing the right thing (acpi event handling in the first case).
Well there's a 'system_reset' monitor command, but its unclear if its actually working - when i run it, it stops the guest from responding to any keyboard input and makes it take 100% CPU, but doesn't reboot :-( If that's not suitable i think the ctrl-alt-delete thing is probably the best we can do. Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
On Wed, Jan 09, 2008 at 03:56:52PM +0000, Daniel P. Berrange wrote:
On Wed, Jan 09, 2008 at 04:11:44PM +0100, Guido Guenther wrote:
On Tue, Jan 08, 2008 at 06:34:36PM +0000, Daniel P. Berrange wrote:
Fair enough. Any idea if the 'system_reboot' command is also wired up in KVM yet ? We should probably just add code to call it anyway since it'll be near identical code to that which you used for shutdown, and its better than leaving domainReboot driver method as a no-op. There's no system_reboot in either kvm nor qemu. I see two solutions for wireing up domainReboot(). Either qemu/kvm accepts a parameter to system_powerdown to signal that we should restart the vm instead of simply shutting down or we simply send "sendkey ctrl-alt-delete" to the monitor which might be very fragile though. Both solutions depend on the os in the vm doing the right thing (acpi event handling in the first case).
Well there's a 'system_reset' monitor command, but its unclear if its actually working - when i run it, it stops the guest from responding to any keyboard input and makes it take 100% CPU, but doesn't reboot :-( If that's not suitable i think the ctrl-alt-delete thing is probably the best we can do.
You are quicker than me... With an up-to-date kvm, system_reset seems to be working fine (it was buggy in previous kvms). Dan.
On Wed, Jan 09, 2008 at 06:18:50PM +0200, Dan Kenigsberg wrote:
On Wed, Jan 09, 2008 at 03:56:52PM +0000, Daniel P. Berrange wrote:
On Wed, Jan 09, 2008 at 04:11:44PM +0100, Guido Guenther wrote:
On Tue, Jan 08, 2008 at 06:34:36PM +0000, Daniel P. Berrange wrote:
Fair enough. Any idea if the 'system_reboot' command is also wired up in KVM yet ? We should probably just add code to call it anyway since it'll be near identical code to that which you used for shutdown, and its better than leaving domainReboot driver method as a no-op. There's no system_reboot in either kvm nor qemu. I see two solutions for wireing up domainReboot(). Either qemu/kvm accepts a parameter to system_powerdown to signal that we should restart the vm instead of simply shutting down or we simply send "sendkey ctrl-alt-delete" to the monitor which might be very fragile though. Both solutions depend on the os in the vm doing the right thing (acpi event handling in the first case).
Well there's a 'system_reset' monitor command, but its unclear if its actually working - when i run it, it stops the guest from responding to any keyboard input and makes it take 100% CPU, but doesn't reboot :-( If that's not suitable i think the ctrl-alt-delete thing is probably the best we can do.
You are quicker than me... With an up-to-date kvm, system_reset seems to be working fine (it was buggy in previous kvms).
Ok, I'm using an ancient KVM from Fedora 8 GA - kvm-36. On the basis that recent KVM does work, and we currently have no-impl of the reboot API to causes regressions on, I say we use system_reset for QEMU/KVM. Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
On Wed, Jan 09, 2008 at 03:56:52PM +0000, Daniel P. Berrange wrote:
Well there's a 'system_reset' monitor command, but its unclear if its actually working - when i run it, it stops the guest from responding to any keyboard input and makes it take 100% CPU, but doesn't reboot :-( If that's not suitable i think the ctrl-alt-delete thing is probably the best we can do. system_reset *resets* the machine (like hitting the reset switch). It doesn't shutdown anything, probaly not what we want. Here's a patch that does the ctrl-alt-del (on top of the previous domainsShutdown patch). This looks much more friendly to the filesystem. There are issues in kvm where after the reboot the ACPI tables are borked, but that's another issue.
Index: libvirt-0.4.0/src/qemu_driver.c =================================================================== --- libvirt-0.4.0.orig/src/qemu_driver.c 2008-01-09 16:23:34.000000000 +0000 +++ libvirt-0.4.0/src/qemu_driver.c 2008-01-09 16:24:27.000000000 +0000 @@ -1866,7 +1866,26 @@ return -1; } return 0; +} + + +static int qemudDomainReboot(virDomainPtr dom) { + struct qemud_driver *driver = (struct qemud_driver *)dom->conn->privateData; + struct qemud_vm *vm = qemudFindVMByID(driver, dom->id); + char* info; + if (!vm) { + qemudReportError(dom->conn, dom, NULL, VIR_ERR_INVALID_DOMAIN, + "no domain with matching id %d", dom->id); + return -1; + } + + if (qemudMonitorCommand(driver, vm, "sendkey ctrl-alt-delete", &info) < 0) { + qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED, + "reboot operation failed"); + return -1; + } + return 0; } @@ -2877,7 +2896,7 @@ qemudDomainSuspend, /* domainSuspend */ qemudDomainResume, /* domainResume */ qemudDomainShutdown, /* domainShutdown */ - NULL, /* domainReboot */ + qemudDomainReboot, /* domainReboot */ qemudDomainDestroy, /* domainDestroy */ qemudDomainGetOSType, /* domainGetOSType */ NULL, /* domainGetMaxMemory */ Cheers, -- Guido
Guido Guenther wrote:
On Wed, Jan 09, 2008 at 03:56:52PM +0000, Daniel P. Berrange wrote:
Well there's a 'system_reset' monitor command, but its unclear if its actually working - when i run it, it stops the guest from responding to any keyboard input and makes it take 100% CPU, but doesn't reboot :-( If that's not suitable i think the ctrl-alt-delete thing is probably the best we can do. system_reset *resets* the machine (like hitting the reset switch). It doesn't shutdown anything, probaly not what we want. Here's a patch that does the ctrl-alt-del (on top of the previous domainsShutdown patch). This looks much more friendly to the filesystem. There are issues in kvm where after the reboot the ACPI tables are borked, but that's another issue.
Index: libvirt-0.4.0/src/qemu_driver.c =================================================================== --- libvirt-0.4.0.orig/src/qemu_driver.c 2008-01-09 16:23:34.000000000 +0000 +++ libvirt-0.4.0/src/qemu_driver.c 2008-01-09 16:24:27.000000000 +0000 @@ -1866,7 +1866,26 @@ return -1; } return 0; +} + + +static int qemudDomainReboot(virDomainPtr dom) { + struct qemud_driver *driver = (struct qemud_driver *)dom->conn->privateData; + struct qemud_vm *vm = qemudFindVMByID(driver, dom->id); + char* info;
+ if (!vm) { + qemudReportError(dom->conn, dom, NULL, VIR_ERR_INVALID_DOMAIN, + "no domain with matching id %d", dom->id); + return -1; + } + + if (qemudMonitorCommand(driver, vm, "sendkey ctrl-alt-delete", &info) < 0) { + qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED, + "reboot operation failed"); + return -1; + } + return 0; }
@@ -2877,7 +2896,7 @@ qemudDomainSuspend, /* domainSuspend */ qemudDomainResume, /* domainResume */ qemudDomainShutdown, /* domainShutdown */ - NULL, /* domainReboot */ + qemudDomainReboot, /* domainReboot */ qemudDomainDestroy, /* domainDestroy */ qemudDomainGetOSType, /* domainGetOSType */ NULL, /* domainGetMaxMemory */
NACK - doesn't do the right thing at all on Windows. Rich. -- Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/ Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SL4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 03798903
On Wed, Jan 09, 2008 at 04:11:44PM +0100, Guido Guenther wrote:
On Tue, Jan 08, 2008 at 06:34:36PM +0000, Daniel P. Berrange wrote:
Fair enough. Any idea if the 'system_reboot' command is also wired up in KVM yet ? We should probably just add code to call it anyway since it'll be near identical code to that which you used for shutdown, and its better than leaving domainReboot driver method as a no-op. There's no system_reboot in either kvm nor qemu. I see two solutions for wireing up domainReboot(). Either qemu/kvm accepts a parameter to
If I'm not mistaken, qemu/kvm has a system_reset command, which does a reboot unless -no-reboot was specified in the command line. (It is still brutal to the filesystem if the guest is not cooperative, of course, but better than doing nothing)
system_powerdown to signal that we should restart the vm instead of simply shutting down or we simply send "sendkey ctrl-alt-delete" to the monitor which might be very fragile though. Both solutions depend on the os in the vm doing the right thing (acpi event handling in the first case). Cheers, -- Guido
Guido Guenther wrote:
"sendkey ctrl-alt-delete" to the monitor which might be very fragile though. Both solutions depend on the os in the vm doing the right thing (acpi event handling in the first case).
That's not going to work on Windows NT. Rich. -- Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/ Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SL4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 03798903
On Mon, Jan 14, 2008 at 12:28:09PM +0000, Richard W.M. Jones wrote:
Guido Guenther wrote:
"sendkey ctrl-alt-delete" to the monitor which might be very fragile though. Both solutions depend on the os in the vm doing the right thing (acpi event handling in the first case).
That's not going to work on Windows NT. No it isn't but it's making things much better for other OSes. I won't insist on this in any way though (this just came along with the system_powerdown stuff) but using system_reset is bad either. Using system_powerdown and then restarting the domain is probably best. Cheers, -- Guido
On Mon, Jan 14, 2008 at 02:01:40PM +0100, Guido Guenther wrote:
On Mon, Jan 14, 2008 at 12:28:09PM +0000, Richard W.M. Jones wrote:
Guido Guenther wrote:
"sendkey ctrl-alt-delete" to the monitor which might be very fragile though. Both solutions depend on the os in the vm doing the right thing (acpi event handling in the first case).
That's not going to work on Windows NT. No it isn't but it's making things much better for other OSes. I won't insist on this in any way though (this just came along with the system_powerdown stuff) but using system_reset is bad either. Using system_powerdown and then restarting the domain is probably best.
Yes, I think we'll have todo a 'system_powerdown' and then set a 'needs restart' flag in our internal 'strut qemu_vm' so that when the VM is shutdown, we know that we were supposed to restart it. Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
On Tue, Jan 08, 2008 at 12:15:56PM +0100, Guido Guenther wrote:
Hi, currently domainShutdown kills qemu/kvm instances hard which is not very filesystem friendly. However recent kvm git acquired system_powerdown to shutdown the system gracefully by simulating an acpi power button press. We can now use this in libvirt:
I've commited this patch for graceful shutdown, since there's no need to hold it up while we figure out graceful reboots. Regards, Dan -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
participants (4)
-
Dan Kenigsberg -
Daniel P. Berrange -
Guido Guenther -
Richard W.M. Jones