11:06 a.m.
From Bogdan Purcareata <bogdan.purcareata(a)freescale.com> # This
line is ignored.
From: Bogdan Purcareata <bogdan.purcareata(a)freescale.com>
Subject: libvirt_lxc: implement <hostdev caps=net> device isolation in containers
In-Reply-To:
11:06 a.m.
New subject: [libvirt] [PATCH 1/2] Update structure and XML definitions to support <hostdev caps=net>.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata(a)freescale.com>
---
docs/formatdomain.html.in | 15 +++++++++++++--
docs/schemas/domaincommon.rng | 14 ++++++++++++++
src/conf/domain_conf.c | 28 +++++++++++++++++++++++++++-
src/conf/domain_conf.h | 4 ++++
4 files changed, 58 insertions(+), 3 deletions(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index cf382e8..8ac2441 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -2326,18 +2326,29 @@
...
</pre>
+...
+<hostdev mode='capabilities' type='net'>
+ <source>
+ <interface>eth0</interface>
+ </source>
+</hostdev>
+...
+ </pre>
+
<dl>
<dt><code>hostdev</code></dt>
<dd>The <code>hostdev</code> element is the main container for
describing
host devices. For block/character device passthrough
<code>mode</code> is
always "capabilities" and <code>type</code> is
"block" for a block
- device and "char" for a character device.
+ device, "char" for a character device and "interface" for a
host
+ network interface.
</dd>
<dt><code>source</code></dt>
<dd>The source element describes the device as seen from the host.
For block devices, the path to the block device in the host
OS is provided in the nested "block" element, while for character
- devices the "char" element is used
+ devices the "char" element is used. For network interfaces, the
+ name of the interface is provided in the "interface" element.
</dd>
</dl>
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 454ebdb..208c4c2 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -2956,6 +2956,9 @@
<group>
<ref name="hostdevcapsmisc"/>
</group>
+ <group>
+ <ref name="hostdevcapsnet"/>
+ </group>
</choice>
</define>
@@ -3016,6 +3019,17 @@
</element>
</define>
+ <define name="hostdevcapsnet">
+ <attribute name="type">
+ <value>net</value>
+ </attribute>
+ <element name="source">
+ <element name="interface">
+ <ref name="deviceName"/>
+ </element>
+ </element>
+ </define>
+
<define name="usbproduct">
<element name="vendor">
<attribute name="id">
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index cc26f21..c1ce696 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -577,7 +577,8 @@ VIR_ENUM_IMPL(virDomainHostdevSubsys,
VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST,
VIR_ENUM_IMPL(virDomainHostdevCaps, VIR_DOMAIN_HOSTDEV_CAPS_TYPE_LAST,
"storage",
- "misc")
+ "misc",
+ "net")
VIR_ENUM_IMPL(virDomainPciRombarMode,
VIR_DOMAIN_PCI_ROMBAR_LAST,
@@ -1566,6 +1567,9 @@ void virDomainHostdevDefClear(virDomainHostdevDefPtr def)
case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC:
VIR_FREE(def->source.caps.u.misc.chardev);
break;
+ case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET:
+ VIR_FREE(def->source.caps.u.net.interface);
+ break;
}
}
}
@@ -3440,6 +3444,14 @@ virDomainHostdevDefParseXMLCaps(xmlNodePtr node ATTRIBUTE_UNUSED,
goto error;
}
break;
+ case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET:
+ if (!(def->source.caps.u.net.interface =
+ virXPathString("string(./source/interface[1])", ctxt))) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("Missing <interface> element in hostdev net
device"));
+ goto error;
+ }
+ break;
default:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("address type='%s' not supported in hostdev
interfaces"),
@@ -8602,6 +8614,14 @@ virDomainHostdevMatchCapsMisc(virDomainHostdevDefPtr a,
b->source.caps.u.misc.chardev);
}
+static int
+virDomainHostdevMatchCapsNet(virDomainHostdevDefPtr a,
+ virDomainHostdevDefPtr b)
+{
+ return STREQ_NULLABLE(a->source.caps.u.net.interface,
+ b->source.caps.u.net.interface);
+}
+
static int
virDomainHostdevMatchCaps(virDomainHostdevDefPtr a,
@@ -8615,6 +8635,8 @@ virDomainHostdevMatchCaps(virDomainHostdevDefPtr a,
return virDomainHostdevMatchCapsStorage(a, b);
case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC:
return virDomainHostdevMatchCapsMisc(a, b);
+ case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET:
+ return virDomainHostdevMatchCapsNet(a, b);
}
return 0;
}
@@ -13295,6 +13317,10 @@ virDomainHostdevDefFormatCaps(virBufferPtr buf,
virBufferEscapeString(buf, "<char>%s</char>\n",
def->source.caps.u.misc.chardev);
break;
+ case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET:
+ virBufferEscapeString(buf, "<interface>%s</interface>\n",
+ def->source.caps.u.net.interface);
+ break;
default:
virReportError(VIR_ERR_INTERNAL_ERROR,
_("unexpected hostdev type %d"),
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index edddf25..8b449d8 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -407,6 +407,7 @@ struct _virDomainHostdevSubsys {
enum virDomainHostdevCapsType {
VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE,
VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC,
+ VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET,
VIR_DOMAIN_HOSTDEV_CAPS_TYPE_LAST
};
@@ -422,6 +423,9 @@ struct _virDomainHostdevCaps {
struct {
char *chardev;
} misc;
+ struct {
+ char *interface;
+ } net;
} u;
};
--
1.7.11.7
11:06 a.m.
New subject: [libvirt] [PATCH 2/2] Implement support for <hostdev caps=net>. This allows a container-type domain to have exclusive access to one of the host's NICs.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata(a)freescale.com>
---
src/lxc/lxc_container.c | 4 +++-
src/lxc/lxc_controller.c | 19 +++++++++++++++++++
src/lxc/lxc_hostdev.c | 1 +
3 files changed, 23 insertions(+), 1 deletion(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 002ba9e..e59bfdf 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1551,7 +1551,6 @@ cleanup:
return ret;
}
-
static int lxcContainerSetupHostdevSubsys(virDomainDefPtr vmDef,
virDomainHostdevDefPtr def,
const char *dstprefix,
@@ -1582,6 +1581,9 @@ static int lxcContainerSetupHostdevCaps(virDomainDefPtr vmDef,
case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC:
return lxcContainerSetupHostdevCapsMisc(vmDef, def, dstprefix, securityDriver);
+ case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET:
+ return 0; // case is handled in virLXCControllerMoveInterfaces
+
default:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Unsupported host device mode %s"),
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index cede445..ab488d8 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -1050,12 +1050,31 @@ cleanup2:
static int virLXCControllerMoveInterfaces(virLXCControllerPtr ctrl)
{
size_t i;
+ virDomainDefPtr def = ctrl->def;
for (i = 0 ; i < ctrl->nveths ; i++) {
if (virNetDevSetNamespace(ctrl->veths[i], ctrl->initpid) < 0)
return -1;
}
+ for (i = 0; i < def->nhostdevs; i ++) {
+ virDomainHostdevDefPtr hdev = def->hostdevs[i];
+
+ if (hdev->mode != VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) {
+ continue;
+ }
+
+ virDomainHostdevCaps hdcaps = hdev->source.caps;
+
+ if (hdcaps.type != VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET) {
+ continue;
+ }
+
+ if (virNetDevSetNamespace(hdcaps.u.net.interface, ctrl->initpid) < 0) {
+ return -1;
+ }
+ }
+
return 0;
}
diff --git a/src/lxc/lxc_hostdev.c b/src/lxc/lxc_hostdev.c
index 33b0b60..53a1a31 100644
--- a/src/lxc/lxc_hostdev.c
+++ b/src/lxc/lxc_hostdev.c
@@ -307,6 +307,7 @@ int virLXCPrepareHostDevices(virLXCDriverPtr driver,
switch (dev->source.subsys.type) {
case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE:
case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC:
+ case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET:
break;
default:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
--
1.7.11.7
4250
days inactive
4250
days old
2 comments
1 participants
participants (1)
-
Bogdan Purcareata