[PATCH 0/9] docs: Various fixes, mostly around :since: tags

newer
[PATCH v2 0/4] Rewrite x86 feature...

older
[PATCH v2] virsh-completer: modify...

Andrea Bolognani

20 Feb 2024 20 Feb '24

4:41 a.m.

The way we use :since: is awfully inconsistent. This series doesn't try to fix everything, but takes care of at least a few low-hanging fruits plus a bunch of odds and ends. Abridged version, with the full one available from https://gitlab.com/abologna/libvirt/-/commits/docs-rst-since Andrea Bolognani (9): docs: Format lists of files better docs: Remove unnecessary whitespace docs: Fix list of values docs: Don't use "line blocks" docs: Fix a few weird :since: tags docs: Leave kernel version out of :since: docs: Rewrite a few awkward sections docs: Other fixes to :since: tags syntax-check: Validate :since: tags build-aux/syntax-check.mk | 5 + docs/api_extension.rst | 27 +- docs/bugs.rst | 14 +- docs/drvbhyve.rst | 30 +- docs/drvesx.rst | 19 +- docs/drvnodedev.rst | 2 +- docs/drvqemu.rst | 2 +- docs/drvxen.rst | 2 +- docs/firewall.rst | 23 +- docs/formatcaps.rst | 8 +- docs/formatdomain.rst | 510 ++++++++++++++++--------------- docs/formatnetwork.rst | 81 ++--- docs/formatnetworkport.rst | 2 +- docs/formatnode.rst | 6 +- docs/formatnwfilter.rst | 143 ++++----- docs/formatsecret.rst | 10 +- docs/formatsnapshot.rst | 4 +- docs/formatstorage.rst | 29 +- docs/formatstorageencryption.rst | 8 +- docs/hooks.rst | 168 +++++----- 20 files changed, 563 insertions(+), 530 deletions(-) -- 2.43.2

Show replies by date

Andrea Bolognani

20 Feb 20 Feb

4:41 a.m.

New subject: [PATCH 1/9] docs: Format lists of files better

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- docs/api_extension.rst | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/docs/api_extension.rst b/docs/api_extension.rst index 152e64487e..a42c82daca 100644 --- a/docs/api_extension.rst +++ b/docs/api_extension.rst @@ -73,14 +73,16 @@ The first task is to define the public API. If the new API involves an XML extension, you have to enhance the RelaxNG schema and document the new elements or attributes: -``src/conf/schemas/domaincommon.rng docs/formatdomain.rst`` +* ``src/conf/schemas/domaincommon.rng`` +* ``docs/formatdomain.rst`` If the API extension involves a new function, you have to add a declaration in the public header, and arrange to export the function name (symbol) so other programs can link against the libvirt library and call the new function: -``include/libvirt/libvirt-$MODULE.h.in src/libvirt_public.syms`` +* ``include/libvirt/libvirt-$MODULE.h.in`` +* ``src/libvirt_public.syms`` Please consult our `coding style <coding-style.html#xml-element-and-attribute-naming>`__ guide on @@ -108,7 +110,7 @@ creation of a new struct type to represent the new driver type. The driver structs are defined in: -``src/driver-$MODULE.h`` +* ``src/driver-$MODULE.h`` To define the internal API, first typedef the driver function prototype and then add a new field for it to the relevant driver struct. Then, @@ -142,7 +144,7 @@ driver implementation. In RFC 2119 vocabulary, this function: The public API calls are implemented in: -``src/libvirt-$MODULE.c`` +* ``src/libvirt-$MODULE.c`` Implementing the remote protocol -------------------------------- @@ -156,7 +158,7 @@ Defining the wire protocol format Defining the wire protocol involves making additions to: -``src/remote/remote_protocol.x`` +* ``src/remote/remote_protocol.x`` First, create two new structs for each new function that you're adding to the API. One struct describes the parameters to be passed to the @@ -174,7 +176,11 @@ protocol code. This must be done on a Linux host using the GLibC rpcgen program. Other rpcgen versions may generate code which results in bogus compile time warnings. This regenerates the following files: -``src/remote/remote_daemon_dispatch_stubs.h src/remote/remote_daemon_dispatch.h src/remote/remote_daemon_dispatch.c src/remote/remote_protocol.c src/remote/remote_protocol.h`` +* ``src/remote/remote_daemon_dispatch_stubs.h`` +* ``src/remote/remote_daemon_dispatch.h`` +* ``src/remote/remote_daemon_dispatch.c`` +* ``src/remote/remote_protocol.c`` +* ``src/remote/remote_protocol.h`` Implement the RPC client ~~~~~~~~~~~~~~~~~~~~~~~~ @@ -182,7 +188,7 @@ Implement the RPC client Implementing the RPC client uses the rpcgen generated .h files. The remote method calls go in: -``src/remote/remote_driver.c`` +* ``src/remote/remote_driver.c`` Each remote method invocation does the following: @@ -202,7 +208,7 @@ matter of deserializing the parameters passed in from the remote caller and passing them to the corresponding internal API function. The server side dispatchers are implemented in: -``src/remote/remote_daemon_dispatch.c`` +* ``src/remote/remote_daemon_dispatch.c`` Again, this step uses the .h files generated by make rpcgen. @@ -210,7 +216,7 @@ After all three pieces of the remote protocol are complete, and the generated files have been updated, it will be necessary to update the file: -``src/remote_protocol-structs`` +* ``src/remote_protocol-structs`` This file should only have new lines added; modifications to existing lines probably imply a backwards-incompatible API change. @@ -246,7 +252,8 @@ those pieces in place you can write the function implementing the virsh command. Finally, you need to add the new command to the commands[] array. The following files need changes: -``tools/virsh-$MODULE.c tools/virsh.pod`` +* ``tools/virsh-$MODULE.c`` +* ``tools/virsh.pod`` Implement the driver methods ---------------------------- -- 2.43.2

Andrea Bolognani

4:41 a.m.

New subject: [PATCH 2/9] docs: Remove unnecessary whitespace

It slipped in during the conversion to reStructuredText. In one case, part of the preformatted text shouldn't have been marked as such, so that's addressed too. A spurious opening parenthesis is dropped as well. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- docs/drvnodedev.rst | 2 +- docs/formatdomain.rst | 16 ++++++++-------- docs/formatnetwork.rst | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/docs/drvnodedev.rst b/docs/drvnodedev.rst index 115d52ca02..2f050bb9d3 100644 --- a/docs/drvnodedev.rst +++ b/docs/drvnodedev.rst @@ -335,7 +335,7 @@ To start an instance of this device definition, use the following command: $ virsh nodedev-start <device-name> Active mediated device instances can be stopped using -``virsh nodedev-destroy``, and persistent device definitions can be +``virsh nodedev-destroy``, and persistent device definitions can be removed using ``virsh nodedev-undefine``. If a mediated device is defined persistently, it can also be set to be diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 3e7dfb7f26..fa42883809 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -2238,7 +2238,7 @@ are: Possible values for the ``value`` attribute are ``broken`` (no protection), ``workaround`` (count cache flush), ``fixed-ibs`` (fixed by serializing indirect branches), ``fixed-ccd`` (fixed by disabling the cache count) and - ``fixed-na (fixed in hardware - no longer applicable)``. If the + ``fixed-na`` (fixed in hardware - no longer applicable). If the attribute is not defined, the hypervisor default will be used. :since:`Since 6.3.0` (QEMU/KVM only) ``tcg`` @@ -4725,7 +4725,7 @@ behaves like a physical USB CCID (Chip/Smart Card Interface Device) card. Rather than requiring a smartcard to be plugged into the host, it is possible to provide three NSS certificate names residing in a database on the host. These certificates can be generated via the command - ``certutil -d /etc/pki/nssdb -x -t CT,CT,CT -S -s CN=cert1 -n cert1``, + ``certutil -d /etc/pki/nssdb -x -t CT,CT,CT -S -s CN=cert1 -n cert1``, and the resulting three certificate names must be supplied as the content of each of three ``<certificate>`` sub-elements. An additional sub-element ``<database>`` can specify the absolute path to an alternate directory @@ -4810,7 +4810,7 @@ network may be totally isolated (no ``<forward>`` element given), NAT'ing to an explicit network device or to the default route (``<forward mode='nat'>``), routed with no NAT (``<forward mode='route'/>``), or connected directly to one of the host's network interfaces (via macvtap) or bridge devices -((``<forward mode='bridge|private|vepa|passthrough'/>`` :since:`Since +(``<forward mode='bridge|private|vepa|passthrough'/>`` :since:`Since 0.9.4` ) For networks with a forward mode of bridge, private, vepa, and passthrough, it @@ -5363,11 +5363,11 @@ domain, or ``transient`` to indicate a device that may periodically be removed, then later re-added to the domain. When type="transient", there should be a second attribute to ``<teaming>`` called ``persistent`` - this attribute should be set to the alias name of the other device in the pair (the one that -has ``<teaming type="persistent'/>``). +has ``<teaming type="persistent'/>``). In the particular case of QEMU, libvirt's ``<teaming>`` element is used to setup a virtio-net "failover" device pair. For this setup, the persistent device must -be an interface with ``<model type="virtio"/>``, and the transient device +be an interface with ``<model type="virtio"/>``, and the transient device must be ``<interface type='hostdev'/>`` (or ``<interface type='network'/>`` where the referenced network defines a pool of SRIOV VFs). The guest will then have a simple network team/bond device made of the virtio NIC + hostdev NIC @@ -5927,7 +5927,7 @@ connection types, including standard linux bridges and libvirt's own virtual networks, **do not** support it. 802.1Qbh (vn-link) and 802.1Qbg (VEPA) switches provide their own way (outside of libvirt) to tag guest traffic onto a specific VLAN. Each tag is given in a separate ``<tag>`` subelement of ``<vlan>`` (for -example: ``<tag id='42'/>``). For VLAN trunking of multiple tags (which is +example: ``<tag id='42'/>``). For VLAN trunking of multiple tags (which is supported only on Open vSwitch connections), multiple ``<tag>`` subelements can be specified, which implies that the user wants to do VLAN trunking on the interface for all the specified tags. In the case that VLAN trunking of a single @@ -7921,9 +7921,9 @@ Example: manually added device with static PCI slot 2 requested ``period`` The optional ``period`` allows the QEMU virtio memory balloon driver to - provide statistics through the ``virsh dommemstat [domain]`` + provide statistics through the ``virsh dommemstat [domain]`` command. By default, collection is not enabled. In order to enable, use the - ``virsh dommemstat [domain] --period [number]`` command or + ``virsh dommemstat [domain] --period [number]`` command or ``virsh edit`` command to add the option to the XML definition. The ``virsh dommemstat`` will accept the options ``--live``, ``--current``, or ``--config``. If an option is not provided, the change for a running domain diff --git a/docs/formatnetwork.rst b/docs/formatnetwork.rst index dcdaf1e5a5..c875d35982 100644 --- a/docs/formatnetwork.rst +++ b/docs/formatnetwork.rst @@ -529,7 +529,7 @@ connection types, including standard linux bridges and libvirt's own virtual networks, **do not** support it. 802.1Qbh (vn-link) and 802.1Qbg (VEPA) switches provide their own way (outside of libvirt) to tag guest traffic onto a specific VLAN. Each tag is given in a separate ``<tag>`` subelement of ``<vlan>`` (for -example: ``<tag id='42'/>``). For VLAN trunking of multiple tags (which is +example: ``<tag id='42'/>``). For VLAN trunking of multiple tags (which is supported only on Open vSwitch connections), multiple ``<tag>`` subelements can be specified, which implies that the user wants to do VLAN trunking on the interface for all the specified tags. In the case that VLAN trunking of a single -- 2.43.2

Andrea Bolognani

4:41 a.m.

New subject: [PATCH 3/9] docs: Fix list of values

One of them got chopped up. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- docs/formatnwfilter.rst | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/formatnwfilter.rst b/docs/formatnwfilter.rst index 434da5b1fd..b749edadfc 100644 --- a/docs/formatnwfilter.rst +++ b/docs/formatnwfilter.rst @@ -909,8 +909,8 @@ be omitted or set to ``root``. | 0.8.5)` | | characters | +-------------------------+-------------------------+-------------------------+ | state :since:`(Since | STRING | comma separated list of | -| 0.8.5)` | | NEW,ESTA | -| | | BLISHED,RELATED,INVALID | +| 0.8.5)` | | NEW, ESTABLISHED, | +| | | RELATED, INVALID | | | | or NONE | +-------------------------+-------------------------+-------------------------+ | flags :since:`(Since | STRING | TCP-only: format of | @@ -984,8 +984,8 @@ be omitted or set to ``root``. | 0.8.5)` | | characters | +-------------------------+-------------------------+-------------------------+ | state :since:`(Since | STRING | comma separated list of | -| 0.8.5)` | | NEW,ESTA | -| | | BLISHED,RELATED,INVALID | +| 0.8.5)` | | NEW, ESTABLISHED, | +| | | RELATED, INVALID | | | | or NONE | +-------------------------+-------------------------+-------------------------+ | ipset :since:`(Since | STRING | The name of an IPSet | @@ -1048,8 +1048,8 @@ be omitted or set to ``root``. | 0.8.5)` | | characters | +-------------------------+-------------------------+-------------------------+ | state :since:`(Since | STRING | comma separated list of | -| 0.8.5)` | | NEW,ESTA | -| | | BLISHED,RELATED,INVALID | +| 0.8.5)` | | NEW, ESTABLISHED, | +| | | RELATED, INVALID | | | | or NONE | +-------------------------+-------------------------+-------------------------+ | ipset :since:`(Since | STRING | The name of an IPSet | @@ -1115,8 +1115,8 @@ be omitted or set to ``root``. | 0.8.5)` | | characters | +-------------------------+-------------------------+-------------------------+ | state :since:`(Since | STRING | comma separated list of | -| 0.8.5)` | | NEW,ESTA | -| | | BLISHED,RELATED,INVALID | +| 0.8.5)` | | NEW, ESTABLISHED, | +| | | RELATED, INVALID | | | | or NONE | +-------------------------+-------------------------+-------------------------+ | flags :since:`(Since | STRING | TCP-only: format of | @@ -1183,8 +1183,8 @@ be omitted or set to ``root``. | 0.8.5)` | | characters | +-------------------------+-------------------------+-------------------------+ | state :since:`(Since | STRING | comma separated list of | -| 0.8.5)` | | NEW,ESTA | -| | | BLISHED,RELATED,INVALID | +| 0.8.5)` | | NEW, ESTABLISHED, | +| | | RELATED, INVALID | | | | or NONE | +-------------------------+-------------------------+-------------------------+ | ipset :since:`(Since | STRING | The name of an IPSet | @@ -1240,8 +1240,8 @@ be omitted or set to ``root``. | 0.8.5)` | | characters | +-------------------------+-------------------------+-------------------------+ | state :since:`(Since | STRING | comma separated list of | -| 0.8.5)` | | NEW,ESTA | -| | | BLISHED,RELATED,INVALID | +| 0.8.5)` | | NEW, ESTABLISHED, | +| | | RELATED, INVALID | | | | or NONE | +-------------------------+-------------------------+-------------------------+ | ipset :since:`(Since | STRING | The name of an IPSet | -- 2.43.2

Andrea Bolognani

4:41 a.m.

New subject: [PATCH 4/9] docs: Don't use "line blocks"

It's unclear why the conversion process decided to insert them, but they don't seem to do much. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- docs/bugs.rst | 14 ++-- docs/firewall.rst | 23 ++++--- docs/formatdomain.rst | 17 ++--- docs/hooks.rst | 146 +++++++++++++++++++++--------------------- 4 files changed, 102 insertions(+), 98 deletions(-) diff --git a/docs/bugs.rst b/docs/bugs.rst index b5d2e42b0c..5fd1970caf 100644 --- a/docs/bugs.rst +++ b/docs/bugs.rst @@ -99,13 +99,13 @@ that for the data to be really useful libvirt debug information must be present for example by installing libvirt debuginfo package on Fedora or Red Hat Enterprise Linux (with debuginfo-install libvirt) prior to running gdb. -| It may also happen that the libvirt daemon itself crashes or gets stuck, in - the first case run it (as root) under gdb, and reproduce the sequence leading - to the crash, similarly to a normal program provide the "bt" backtrace - information to where gdb will have stopped. -| But if libvirtd gets stuck, for example seems to stop processing commands, try - to attach to the faulty daemon and issue a gdb command "thread apply all bt" - to show all the threads backtraces, as in: +It may also happen that the libvirt daemon itself crashes or gets stuck, in +the first case run it (as root) under gdb, and reproduce the sequence leading +to the crash, similarly to a normal program provide the "bt" backtrace +information to where gdb will have stopped. +But if libvirtd gets stuck, for example seems to stop processing commands, try +to attach to the faulty daemon and issue a gdb command "thread apply all bt" +to show all the threads backtraces, as in: :: diff --git a/docs/firewall.rst b/docs/firewall.rst index eff9de5a89..26474d3317 100644 --- a/docs/firewall.rst +++ b/docs/firewall.rst @@ -77,8 +77,9 @@ LAN/WAN. The next rules depend on the type of connectivity allowed, and go in the main FORWARD chain: -- | type=isolated - | Allow traffic between guests. Deny inbound. Deny outbound. +- type=isolated + + Allow traffic between guests. Deny inbound. Deny outbound. :: @@ -87,10 +88,11 @@ FORWARD chain: REJECT all -- * virbr1 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- virbr1 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable -- | type=nat - | Allow inbound related to an established connection. Allow outbound, but - only from our expected subnet. Allow traffic between guests. Deny all other - inbound. Deny all other outbound. +- type=nat + + Allow inbound related to an established connection. Allow outbound, but + only from our expected subnet. Allow traffic between guests. Deny all other + inbound. Deny all other outbound. :: @@ -101,10 +103,11 @@ FORWARD chain: REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable -- | type=routed - | Allow inbound, but only to our expected subnet. Allow outbound, but only - from our expected subnet. Allow traffic between guests. Deny all other - inbound. Deny all other outbound. +- type=routed + + Allow inbound, but only to our expected subnet. Allow outbound, but only + from our expected subnet. Allow traffic between guests. Deny all other + inbound. Deny all other outbound. :: diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index fa42883809..f56f40d5cc 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -5118,14 +5118,15 @@ integration is required. Direct attachment to physical interface ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -| Provides direct attachment of the virtual machine's NIC to the given physical - interface of the host. :since:`Since 0.7.7 (QEMU and KVM only)` -| This setup requires the Linux macvtap driver to be available. :since:`(Since - Linux 2.6.34.)` One of the modes 'vepa' ( `'Virtual Ethernet Port - Aggregator' <https://www.ieee802.org/1/files/public/docs2009/new-evb-congdon-vepa-modular-0709-v01.pdf>`__), - 'bridge' or 'private' can be chosen for the operation mode of the macvtap - device, 'vepa' being the default mode. The individual modes cause the delivery - of packets to behave as follows: +Provides direct attachment of the virtual machine's NIC to the given physical +interface of the host. :since:`Since 0.7.7 (QEMU and KVM only)` + +This setup requires the Linux macvtap driver to be available. :since:`(Since +Linux 2.6.34.)` One of the modes 'vepa' ( `'Virtual Ethernet Port +Aggregator' <https://www.ieee802.org/1/files/public/docs2009/new-evb-congdon-vepa-modular-0709-v01.pdf>`__), +'bridge' or 'private' can be chosen for the operation mode of the macvtap +device, 'vepa' being the default mode. The individual modes cause the delivery +of packets to behave as follows: If the model type is set to ``virtio`` and interface's ``trustGuestRxFilters`` attribute is set to ``yes``, changes made to the interface mac address, diff --git a/docs/hooks.rst b/docs/hooks.rst index bd197c0d6e..4a0454a454 100644 --- a/docs/hooks.rst +++ b/docs/hooks.rst @@ -151,20 +151,20 @@ This translates to the following specifics for each hook script: /etc/libvirt/hooks/daemon ^^^^^^^^^^^^^^^^^^^^^^^^^ -- | When the libvirt daemon is started, this script is called as: +- When the libvirt daemon is started, this script is called as: :: /etc/libvirt/hooks/daemon - start - start -- | When the libvirt daemon is shut down, this script is called as: +- When the libvirt daemon is shut down, this script is called as: :: /etc/libvirt/hooks/daemon - shutdown - shutdown -- | When the libvirt daemon receives the SIGHUP signal, it reloads its - configuration and triggers the hook script as: +- When the libvirt daemon receives the SIGHUP signal, it reloads its + configuration and triggers the hook script as: :: @@ -177,41 +177,41 @@ operation. There is no specific operation to indicate a "restart" is occurring. /etc/libvirt/hooks/qemu ^^^^^^^^^^^^^^^^^^^^^^^ -- | Before a QEMU guest is started, the qemu hook script is called in three - locations; if any location fails, the guest is not started. The first - location, :since:`since 0.9.0` , is before libvirt performs any resource - labeling, and the hook can allocate resources not managed by libvirt such - as DRBD or missing bridges. This is called as: +- Before a QEMU guest is started, the qemu hook script is called in three + locations; if any location fails, the guest is not started. The first + location, :since:`since 0.9.0` , is before libvirt performs any resource + labeling, and the hook can allocate resources not managed by libvirt such + as DRBD or missing bridges. This is called as: :: /etc/libvirt/hooks/qemu guest_name prepare begin - - | The second location, available :since:`Since 0.8.0` , occurs after libvirt - has finished labeling all resources, but has not yet started the guest, - called as: + The second location, available :since:`Since 0.8.0` , occurs after libvirt + has finished labeling all resources, but has not yet started the guest, + called as: :: /etc/libvirt/hooks/qemu guest_name start begin - - | The third location, :since:`0.9.13` , occurs after the QEMU process has - successfully started up: + The third location, :since:`0.9.13` , occurs after the QEMU process has + successfully started up: :: /etc/libvirt/hooks/qemu guest_name started begin - -- | When a QEMU guest is stopped, the qemu hook script is called in two - locations, to match the startup. First, :since:`since 0.8.0` , the hook is - called before libvirt restores any labels: +- When a QEMU guest is stopped, the qemu hook script is called in two + locations, to match the startup. First, :since:`since 0.8.0` , the hook is + called before libvirt restores any labels: :: /etc/libvirt/hooks/qemu guest_name stopped end - - | Then, after libvirt has released all resources, the hook is called again, - :since:`since 0.9.0` , to allow any additional resource cleanup: + Then, after libvirt has released all resources, the hook is called again, + :since:`since 0.9.0` , to allow any additional resource cleanup: :: @@ -274,41 +274,41 @@ operation. There is no specific operation to indicate a "restart" is occurring. /etc/libvirt/hooks/lxc ^^^^^^^^^^^^^^^^^^^^^^ -- | Before a LXC guest is started, the lxc hook script is called in three - locations; if any location fails, the guest is not started. The first - location, :since:`since 0.9.13` , is before libvirt performs any resource - labeling, and the hook can allocate resources not managed by libvirt such - as DRBD or missing bridges. This is called as: +- Before a LXC guest is started, the lxc hook script is called in three + locations; if any location fails, the guest is not started. The first + location, :since:`since 0.9.13` , is before libvirt performs any resource + labeling, and the hook can allocate resources not managed by libvirt such + as DRBD or missing bridges. This is called as: :: /etc/libvirt/hooks/lxc guest_name prepare begin - - | The second location, available :since:`Since 0.8.0` , occurs after libvirt - has finished labeling all resources, but has not yet started the guest, - called as: + The second location, available :since:`Since 0.8.0` , occurs after libvirt + has finished labeling all resources, but has not yet started the guest, + called as: :: /etc/libvirt/hooks/lxc guest_name start begin - - | The third location, :since:`0.9.13` , occurs after the LXC process has - successfully started up: + The third location, :since:`0.9.13` , occurs after the LXC process has + successfully started up: :: /etc/libvirt/hooks/lxc guest_name started begin - -- | When a LXC guest is stopped, the lxc hook script is called in two - locations, to match the startup. First, :since:`since 0.8.0` , the hook is - called before libvirt restores any labels: +- When a LXC guest is stopped, the lxc hook script is called in two + locations, to match the startup. First, :since:`since 0.8.0` , the hook is + called before libvirt restores any labels: :: /etc/libvirt/hooks/lxc guest_name stopped end - - | Then, after libvirt has released all resources, the hook is called again, - :since:`since 0.9.0` , to allow any additional resource cleanup: + Then, after libvirt has released all resources, the hook is called again, + :since:`since 0.9.0` , to allow any additional resource cleanup: :: @@ -325,41 +325,41 @@ operation. There is no specific operation to indicate a "restart" is occurring. /etc/libvirt/hooks/libxl ^^^^^^^^^^^^^^^^^^^^^^^^ -- | Before a Xen guest is started using libxl driver, the libxl hook script is - called in three locations; if any location fails, the guest is not started. - The first location, :since:`since 2.1.0` , is before libvirt performs any - resource labeling, and the hook can allocate resources not managed by - libvirt. This is called as: +- Before a Xen guest is started using libxl driver, the libxl hook script is + called in three locations; if any location fails, the guest is not started. + The first location, :since:`since 2.1.0` , is before libvirt performs any + resource labeling, and the hook can allocate resources not managed by + libvirt. This is called as: :: /etc/libvirt/hooks/libxl guest_name prepare begin - - | The second location, available :since:`Since 2.1.0` , occurs after libvirt - has finished labeling all resources, but has not yet started the guest, - called as: + The second location, available :since:`Since 2.1.0` , occurs after libvirt + has finished labeling all resources, but has not yet started the guest, + called as: :: /etc/libvirt/hooks/libxl guest_name start begin - - | The third location, :since:`2.1.0` , occurs after the domain has - successfully started up: + The third location, :since:`2.1.0` , occurs after the domain has + successfully started up: :: /etc/libvirt/hooks/libxl guest_name started begin - -- | When a libxl-handled Xen guest is stopped, the libxl hook script is called - in two locations, to match the startup. First, :since:`since 2.1.0` , the - hook is called before libvirt restores any labels: +- When a libxl-handled Xen guest is stopped, the libxl hook script is called + in two locations, to match the startup. First, :since:`since 2.1.0` , the + hook is called before libvirt restores any labels: :: /etc/libvirt/hooks/libxl guest_name stopped end - - | Then, after libvirt has released all resources, the hook is called again, - :since:`since 2.1.0` , to allow any additional resource cleanup: + Then, after libvirt has released all resources, the hook is called again, + :since:`since 2.1.0` , to allow any additional resource cleanup: :: @@ -399,41 +399,41 @@ operation. There is no specific operation to indicate a "restart" is occurring. /etc/libvirt/hooks/bhyve ^^^^^^^^^^^^^^^^^^^^^^^^ -- | Before an bhyve guest is started, the bhyve hook script is called in three - locations; if any location fails, the guest is not started. The first - location, :since:`since 6.1.0` , is before libvirt performs any resource - labeling, and the hook can allocate resources not managed by libvirt. This is - called as: +- Before an bhyve guest is started, the bhyve hook script is called in three + locations; if any location fails, the guest is not started. The first + location, :since:`since 6.1.0` , is before libvirt performs any resource + labeling, and the hook can allocate resources not managed by libvirt. This is + called as: :: /etc/libvirt/hooks/bhyve guest_name prepare begin - - | The second location, available :since:`Since 6.1.0` , occurs after libvirt - has finished labeling all resources, but has not yet started the guest, - called as: + The second location, available :since:`Since 6.1.0` , occurs after libvirt + has finished labeling all resources, but has not yet started the guest, + called as: :: /etc/libvirt/hooks/bhyve guest_name start begin - - | The third location, :since:`6.1.0` , occurs after the bhyve process has - successfully started up: + The third location, :since:`6.1.0` , occurs after the bhyve process has + successfully started up: :: /etc/libvirt/hooks/bhyve guest_name started begin - -- | When an bhyve guest is stopped, the bhyve hook script is called in two - locations, to match the startup. First, :since:`since 6.1.0` , the hook is - called before libvirt restores any labels: +- When an bhyve guest is stopped, the bhyve hook script is called in two + locations, to match the startup. First, :since:`since 6.1.0` , the hook is + called before libvirt restores any labels: :: /etc/libvirt/hooks/bhyve guest_name stopped end - - | Then, after libvirt has released all resources, the hook is called again, - :since:`since 6.1.0` , to allow any additional resource cleanup: + Then, after libvirt has released all resources, the hook is called again, + :since:`since 6.1.0` , to allow any additional resource cleanup: :: @@ -442,27 +442,27 @@ operation. There is no specific operation to indicate a "restart" is occurring. /etc/libvirt/hooks/network ^^^^^^^^^^^^^^^^^^^^^^^^^^ -- | :since:`Since 1.2.2` , before a network is started, this script is called - as: +- :since:`Since 1.2.2` , before a network is started, this script is called + as: :: /etc/libvirt/hooks/network network_name start begin - -- | After the network is started, up & running, the script is called as: +- After the network is started, up & running, the script is called as: :: /etc/libvirt/hooks/network network_name started begin - -- | When a network is shut down, this script is called as: +- When a network is shut down, this script is called as: :: /etc/libvirt/hooks/network network_name stopped end - -- | Later, when network is started and there's an interface from a domain to be - plugged into the network, the hook script is called as: +- Later, when network is started and there's an interface from a domain to be + plugged into the network, the hook script is called as: :: @@ -471,14 +471,14 @@ operation. There is no specific operation to indicate a "restart" is occurring. Please note, that in this case, the script is passed both network and port XMLs on its stdin. -- | When network is updated, the hook script is called as: +- When network is updated, the hook script is called as: :: /etc/libvirt/hooks/network network_name updated begin - -- | When the domain from previous case is shutting down, the interface is - unplugged. This leads to another script invocation: +- When the domain from previous case is shutting down, the interface is + unplugged. This leads to another script invocation: :: -- 2.43.2

Andrea Bolognani

4:41 a.m.

New subject: [PATCH 5/9] docs: Fix a few weird :since: tags

These either mention libvirt explicitly, which is something that we generally don't do, or lack the word "since", which makes the resulting HTML awkward. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- docs/formatdomain.rst | 38 ++++++++++++++++++-------------------- 1 file changed, 18 insertions(+), 20 deletions(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index f56f40d5cc..10aa0bcebe 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -2962,7 +2962,7 @@ paravirtualized driver is specified via the ``disk`` element. the client of a networked storage protocol. Supported for 'rbd' :since:`since 1.2.11 (QEMU only).` ``auth`` - :since:`Since libvirt 3.9.0` , the ``auth`` element is supported for a + :since:`Since 3.9.0`, the ``auth`` element is supported for a disk ``type`` "network" that is using a ``source`` element with the ``protocol`` attributes "rbd", "iscsi", or "ssh". If present, the ``auth`` element provides the authentication credentials needed to access @@ -2978,14 +2978,14 @@ paravirtualized driver is specified via the ``disk`` element. ``usage`` attribute matching the key that was specified in the secret object. ``encryption`` - :since:`Since libvirt 3.9.0` , the ``encryption`` can be a sub-element of + :since:`Since 3.9.0`, the ``encryption`` can be a sub-element of the ``source`` element for encrypted storage sources. If present, specifies how the storage source is encrypted See the `Storage Encryption <formatstorageencryption.html>`__ page for more information. Note that the 'qcow' format of encryption is broken and thus is no longer - supported for use with disk images. ( :since:`Since libvirt 4.5.0` ) + supported for use with disk images. ( :since:`Since 4.5.0` ) ``reservations`` - :since:`Since libvirt 4.4.0` , the ``reservations`` can be a sub-element + :since:`Since 4.4.0`, the ``reservations`` can be a sub-element of the ``source`` element for storage sources (QEMU driver only). If present it enables persistent reservations for SCSI based disks. The element has one mandatory attribute ``managed`` with accepted values @@ -2998,7 +2998,7 @@ paravirtualized driver is specified via the ``disk`` element. specifying the role of hypervisor. It's recommended to allow libvirt manage the persistent reservations. ``initiator`` - :since:`Since libvirt 4.7.0` , the ``initiator`` element is supported for + :since:`Since 4.7.0`, the ``initiator`` element is supported for a disk ``type`` "network" that is using a ``source`` element with the ``protocol`` attribute "iscsi". If present, the ``initiator`` element provides the initiator IQN needed to access the source via mandatory @@ -3430,7 +3430,7 @@ paravirtualized driver is specified via the ``disk`` element. together with general boot elements in `BIOS bootloader`_ section. :since:`Since 0.8.8` ``encryption`` - Starting with :since:`libvirt 3.9.0` the ``encryption`` element is preferred + since:`Since 3.9.0` the ``encryption`` element is preferred to be a sub-element of the ``source`` element. If present, specifies how the volume is encrypted using "qcow". See the `Storage Encryption <formatstorageencryption.html>`__ page for more information. @@ -3487,20 +3487,20 @@ paravirtualized driver is specified via the ``disk`` element. The ``type`` attribute is mandatory, and is typically "pci" or "drive". For a "pci" controller, additional attributes for ``bus``, ``slot``, and ``function`` must be present, as well as optional ``domain`` and - ``multifunction``. Multifunction defaults to 'off'; any other value requires - QEMU 0.1.3 and :since:`libvirt 0.9.7` . For a "drive" controller, additional - attributes ``controller``, ``bus``, ``target`` ( :since:`libvirt 0.9.11` ), - and ``unit`` are available, each defaulting to 0. + ``multifunction`` (:since:`since 0.9.7`). Multifunction defaults to 'off'. + For a "drive" controller, additional attributes ``controller``, ``bus``, + ``target`` (:since:`since 0.9.11`), and ``unit`` are available, each + defaulting to 0. ``auth`` - Starting with :since:`libvirt 3.9.0` the ``auth`` element is preferred to be + :since:`Since 3.9.0`, the ``auth`` element is preferred to be a sub-element of the ``source`` element. The element is still read and managed as a ``disk`` sub-element. It is invalid to use ``auth`` as both a - sub-element of ``disk`` and ``source``. The ``auth`` element was introduced - as a ``disk`` sub-element in :since:`libvirt 0.9.7.` + sub-element of ``disk`` and ``source``. + :since:`Since 0.9.7` ``geometry`` The optional ``geometry`` element provides the ability to override geometry settings. This mostly useful for S390 DASD-disks or older DOS-disks. - :since:`0.10.0` + :since:`Since 0.10.0` ``cyls`` The ``cyls`` attribute is the number of cylinders. @@ -4572,10 +4572,8 @@ or: ``shareable`` If present, this indicates the device is expected to be shared between domains (assuming the hypervisor and OS support this). Only supported by SCSI - host device. :since:`Since 1.0.6` - - Note: Although ``shareable`` was introduced :since:`in 1.0.6` , it did not - work as as expected until :since:`1.2.2` . + host device. :since:`Since 1.0.6`, but only works as expected + :since:`since 1.2.2`. Block / character devices ^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -6460,8 +6458,8 @@ interaction with the admin. has better performance). Since this display type doesn't provide any window or graphical console like the other types, for practical reasons it should be paired with either ``vnc`` or ``spice`` graphics types. This - display type is only supported by QEMU domains (needs QEMU :since:`2.10` - or newer). :since:`5.0.0` this element accepts a ``<gl/>`` sub-element + display type is only supported by QEMU domains (needs QEMU 2.10 or + newer). :since:`Since 5.0.0` this element accepts a ``<gl/>`` sub-element with an optional attribute ``rendernode`` which can be used to specify an absolute path to a host's DRI device to be used for OpenGL rendering. -- 2.43.2

Andrea Bolognani

4:41 a.m.

New subject: [PATCH 6/9] docs: Leave kernel version out of :since:

Tweak things so that the required kernel version is still listed, just not as part of the :since: tag. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- docs/formatdomain.rst | 4 ++-- docs/formatnetwork.rst | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 10aa0bcebe..da6a920089 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -5119,8 +5119,8 @@ Direct attachment to physical interface Provides direct attachment of the virtual machine's NIC to the given physical interface of the host. :since:`Since 0.7.7 (QEMU and KVM only)` -This setup requires the Linux macvtap driver to be available. :since:`(Since -Linux 2.6.34.)` One of the modes 'vepa' ( `'Virtual Ethernet Port +This setup requires the Linux macvtap driver (introduced in 2.6.34) +to be available. One of the modes 'vepa' ( `'Virtual Ethernet Port Aggregator' <https://www.ieee802.org/1/files/public/docs2009/new-evb-congdon-vepa-modular-0709-v01.pdf>`__), 'bridge' or 'private' can be chosen for the operation mode of the macvtap device, 'vepa' being the default mode. The individual modes cause the delivery diff --git a/docs/formatnetwork.rst b/docs/formatnetwork.rst index c875d35982..e65570038d 100644 --- a/docs/formatnetwork.rst +++ b/docs/formatnetwork.rst @@ -127,8 +127,7 @@ to the physical LAN (if at all). bridge (in particular, the port attaching the bridge to the physical network). However, it can also cause some networking setups to stop working (e.g. vlan tagging, multicast, guest-initiated changes to MAC address) and is - not supported by older kernels. :since:`Since 1.2.11, requires kernel 3.17 or - newer` + not supported by kernels older than 3.17. :since:`Since 1.2.11` The optional ``zone`` attribute of the ``bridge`` element is used to specify the `firewalld <https://firewalld.org>`__ zone for the bridge of a network @@ -1110,7 +1109,8 @@ will be no restrictions on inbound or outbound connections). Using a macvtap "direct" connection ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -:since:`Since 0.9.4, QEMU and KVM only, requires Linux kernel 2.6.34 or newer` +:since:`Since 0.9.4, QEMU and KVM only`. Requires Linux kernel 2.6.34 or newer. + This shows how to use macvtap to connect to the physical network directly through one of a group of physical devices (without using a host bridge device). As with the host bridge network, the guests will effectively be directly -- 2.43.2

Andrea Bolognani

4:41 a.m.

New subject: [PATCH 7/9] docs: Rewrite a few awkward sections

Address several oddities, and bring them in line with the style used for the vast majority of our documentation. In a couple of cases, some of the possible values for an attribute were listed with :since: information matching that off the attribute itself, making it redundant. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- docs/formatdomain.rst | 71 ++++++++++++++++++++++------------------- docs/formatnetwork.rst | 20 ++++++------ docs/formatnwfilter.rst | 19 +++++------ 3 files changed, 58 insertions(+), 52 deletions(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index da6a920089..2f9ee1110a 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -50,9 +50,10 @@ General metadata The content of the ``uuid`` element provides a globally unique identifier for the virtual machine. The format must be RFC 4122 compliant, eg ``3e3fce45-4f53-4fa7-bb32-11f34168b82b``. If omitted when defining/creating a - new machine, a random UUID is generated. It is also possible to provide the - UUID via a `SMBIOS System Information`_ specification. :since:`Since 0.0.1, - sysinfo since 0.8.7` + new machine, a random UUID is generated. :since:`Since 0.0.1` + + :since:`Since 0.8.7`, it is also possible to provide the UUID via a + `SMBIOS System Information`_ specification. ``genid`` :since:`Since 4.4.0` , the ``genid`` element can be used to add a Virtual Machine Generation ID which exposes a 128-bit, cryptographically random, @@ -338,8 +339,8 @@ them in production. This element has attribute ``useserial`` with possible values ``yes`` or ``no``. It enables or disables Serial Graphics Adapter which allows users to see BIOS messages on a serial port. Therefore, one needs to have `Serial port`_ - defined. :since:`Since 0.9.4` . :since:`Since - 0.10.2 (QEMU only)` there is another attribute, ``rebootTimeout`` that + defined. :since:`Since 0.9.4`. + The ``rebootTimeout`` attribute (:since:`since 0.10.2 (QEMU only)`) controls whether and after how long the guest should start booting again in case the boot fails (according to BIOS). The value is in milliseconds with maximum of ``65535`` and special value ``-1`` disables the reboot. @@ -3285,20 +3286,23 @@ paravirtualized driver is specified via the ``disk`` element. "qcow2", and "qed". - The optional ``cache`` attribute controls the cache mechanism, possible values are "default", "none", "writethrough", "writeback", "directsync" - (like "writethrough", but it bypasses the host page cache) and "unsafe" - (host may cache all disk io, and sync requests from guest are ignored). - :since:`Since 0.6.0, "directsync" since 0.9.5, "unsafe" since 0.9.7` + (:since:`since 0.9.5`; like "writethrough", but it bypasses the host page + cache) and "unsafe" (:since:`since 0.9.7`; host may cache all disk io, + and sync requests from guest are ignored). + :since:`Since 0.6.0` - The optional ``error_policy`` attribute controls how the hypervisor will behave on a disk read or write error, possible values are "stop", - "report", "ignore", and "enospace". :since:`Since 0.8.0, "report" since - 0.9.7` The default is left to the discretion of the hypervisor. There is - also an optional ``rerror_policy`` that controls behavior for read errors - only. :since:`Since 0.9.7` . If no rerror_policy is given, error_policy is + "report" (:since:`since 0.9.7`), "ignore", and "enospace". + The default is left to the discretion of the hypervisor. + :since:`Since 0.8.0`. + - The optional ``rerror_policy`` attribute controls behavior for read + errors only. If no rerror_policy is given, error_policy is used for both read and write errors. If rerror_policy is given, it overrides the ``error_policy`` for read errors. Also note that "enospace" is not a valid policy for read errors, so if ``error_policy`` is set to "enospace" and no ``rerror_policy`` is given, the read error policy will be left at its default. + :since:`Since 0.9.7` - The optional ``io`` attribute controls specific policies on I/O; qemu guests support "threads" and "native" :since:`Since 0.8.8` , io_uring :since:`Since 6.3.0 (QEMU 5.0)` . @@ -4253,9 +4257,9 @@ Host device assignment USB / PCI / SCSI devices ^^^^^^^^^^^^^^^^^^^^^^^^ -USB, PCI and SCSI devices attached to the host can be passed through to the -guest using the ``hostdev`` element. :since:`since after 0.4.4 for USB, 0.6.0 -for PCI (KVM only) and 1.0.6 for SCSI (KVM only)` : +USB (:since:`since 0.4.4`), PCI (:since:`since 0.6.0, KVM only`) and +SCSI (:since:`since 1.0.6, KVM only`) devices attached to the host can be +passed through to the guest using the ``hostdev`` element. :: @@ -5314,11 +5318,10 @@ requires QEMU 5.1.0 or newer)` Teaming a virtio/hostdev NIC pair ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:since:`Since 6.1.0 (QEMU and KVM only, requires QEMU 4.2.0 or newer and a guest -virtio-net driver supporting the "failover" feature, such as the one included in -Linux kernel 4.18 and newer)` The ``<teaming>`` element of two interfaces can -be used to connect them as a team/bond device in the guest (assuming proper -support in the hypervisor and the guest network driver). +:since:`Since 6.1.0 (QEMU and KVM only)`, the ``<teaming>`` element of two +interfaces can be used to connect them as a team/bond device in the guest. +This requires a guest virtio-net driver supporting the "failover" feature, +such as the one included in Linux 4.18. :: @@ -5917,11 +5920,12 @@ Setting VLAN tag (on supported network types only) If (and only if) the network connection used by the guest supports VLAN tagging transparent to the guest, an optional ``<vlan>`` element can specify one or more VLAN tags to apply to the guest's network traffic :since:`Since 0.10.0` . -Network connections that support guest-transparent VLAN tagging include 1) -type='bridge' interfaces connected to an Open vSwitch bridge :since:`Since -0.10.0` , 2) SRIOV Virtual Functions (VF) used via type='hostdev' (direct device -assignment) :since:`Since 0.10.0` , and 3) SRIOV VFs used via type='direct' with -mode='passthrough' (macvtap "passthru" mode) :since:`Since 1.3.5` . All other + +Network connections that support guest-transparent VLAN tagging include +``type='bridge'`` interfaces connected to an Open vSwitch bridge, SRIOV +Virtual Functions (VF) used via ``type='hostdev'`` (direct device assignment) +and, :since:`since 1.3.5`, SRIOV VFs used via ``type='direct'`` with +``mode='passthrough'`` (macvtap "passthru" mode). All other connection types, including standard linux bridges and libvirt's own virtual networks, **do not** support it. 802.1Qbh (vn-link) and 802.1Qbg (VEPA) switches provide their own way (outside of libvirt) to tag guest traffic onto a specific @@ -8034,9 +8038,10 @@ Example: usage of the TPM passthrough device The emulator device type gives access to a TPM emulator providing TPM functionality for each VM. QEMU talks to it over a Unix socket. With the -emulator device type each guest gets its own private TPM. :since:`'emulator' -since 4.5.0` The state of the TPM emulator can be encrypted by providing an -``encryption`` element. :since:`'encryption' since 5.6.0` +emulator device type each guest gets its own private TPM. :since:`Since 4.5.0` + +:since:`Since 5.6.0`, the state of the TPM emulator can be encrypted by +providing an ``encryption`` element. Example: usage of the TPM Emulator @@ -8604,15 +8609,15 @@ Security label -------------- The ``seclabel`` element allows control over the operation of the security -drivers. There are three basic modes of operation, 'dynamic' where libvirt -automatically generates a unique security label, 'static' where the -application/administrator chooses the labels, or 'none' where confinement is +drivers. There are three basic modes of operation, 'dynamic' +(:since:`since 0.6.1`) where libvirt automatically generates a unique security +label, 'static' (:since:`since 0.6.2`) where the application/administrator +chooses the labels, or 'none' (:since:`since 0.9.10`) where confinement is disabled. With dynamic label generation, libvirt will always automatically relabel any resources associated with the virtual machine. With static label assignment, by default, the administrator or application must ensure labels are set correctly on any resources, however, automatic relabeling can be enabled if -desired. :since:`'dynamic' since 0.6.1, 'static' since 0.6.2, and 'none' since -0.9.10.` +desired. If more than one security driver is used by libvirt, multiple ``seclabel`` tags can be used, one for each driver and the security driver referenced by each tag diff --git a/docs/formatnetwork.rst b/docs/formatnetwork.rst index e65570038d..186190dc6f 100644 --- a/docs/formatnetwork.rst +++ b/docs/formatnetwork.rst @@ -489,9 +489,7 @@ follows, where accepted values for each attribute is an integer number. ``peak`` and ``burst`` attributes still require ``average``. Currently, the Linux kernel doesn't allow ingress qdiscs to have any classes therefore ``floor`` can be applied only on ``inbound`` and not ``outbound``. - -Attributes ``average``, ``peak``, and ``burst`` are available :since:`since -0.9.4` , while the ``floor`` attribute is available :since:`since 1.0.1` . + :since:`Since 1.0.1` Setting VLAN tag (on supported network types only) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -519,11 +517,12 @@ Setting VLAN tag (on supported network types only) If (and only if) the network connection used by the guest supports VLAN tagging transparent to the guest, an optional ``<vlan>`` element can specify one or more VLAN tags to apply to the guest's network traffic :since:`Since 0.10.0` . -Network connections that support guest-transparent VLAN tagging include 1) -type='bridge' interfaces connected to an Open vSwitch bridge :since:`Since -0.10.0` , 2) SRIOV Virtual Functions (VF) used via type='hostdev' (direct device -assignment) :since:`Since 0.10.0` , and 3) SRIOV VFs used via type='direct' with -mode='passthrough' (macvtap "passthru" mode) :since:`Since 1.3.5` . All other + +Network connections that support guest-transparent VLAN tagging include +``type='bridge'`` interfaces connected to an Open vSwitch bridge, SRIOV +Virtual Functions (VF) used via ``type='hostdev'`` (direct device assignment) +and, :since:`since 1.3.5`, SRIOV VFs used via ``type='direct'`` with +``mode='passthrough'`` (macvtap "passthru" mode). All other connection types, including standard linux bridges and libvirt's own virtual networks, **do not** support it. 802.1Qbh (vn-link) and 802.1Qbg (VEPA) switches provide their own way (outside of libvirt) to tag guest traffic onto a specific @@ -844,12 +843,13 @@ of 'route' or 'nat'. The optional ``bootp`` element specifies BOOTP options to be provided by the DHCP server for IPv4 only. Two attributes are supported: ``file`` is mandatory and gives the file to be used for the boot image; - ``server`` is optional and gives the address of the TFTP server from + ``server`` (:since:`since 0.7.3`) is optional and + gives the address of the TFTP server from which the boot image will be fetched. ``server`` defaults to the same host that runs the DHCP server, as is the case when the ``tftp`` element is used. The BOOTP options currently have to be the same for all address ranges and statically assigned addresses. :since:`Since - 0.7.1` (``server`` :since:`since 0.7.3` ) + 0.7.1` Optionally, ``range`` and ``host`` elements can have ``lease`` child element which specifies the lease time through it's attributes ``expiry`` diff --git a/docs/formatnwfilter.rst b/docs/formatnwfilter.rst index b749edadfc..b258a4f74b 100644 --- a/docs/formatnwfilter.rst +++ b/docs/formatnwfilter.rst @@ -472,13 +472,14 @@ A traffic filtering rule starts with the ``rule`` node. This node may contain up to three attributes - action -- mandatory; must either be ``drop`` (matching the rule silently - discards the packet with no further analysis), ``reject`` (matching the rule - generates an ICMP reject message with no further analysis) :since:`(since - 0.9.0)` , ``accept`` (matching the rule accepts the packet with no further - analysis), ``return`` (matching the rule passes this filter, but returns - control to the calling filter for further analysis) :since:`(since 0.9.7)` , - or ``continue`` (matching the rule goes on to the next rule for further - analysis) :since:`(since 0.9.7)` . + discards the packet with no further analysis), ``reject`` + (:since:`since 0.9.0`; matching the rule generates an ICMP reject message + with no further analysis), + ``accept`` (matching the rule accepts the packet with no further + analysis), ``return`` (:since:`since 0.9.7`; matching the rule passes this + filter, but returns control to the calling filter for further analysis), + or ``continue`` (:since:`since 0.9.7`; matching the rule goes on to the next + rule for further analysis). - direction -- mandatory; must either be ``in``, ``out`` or ``inout`` if the rule is for incoming, outgoing or incoming-and-outgoing traffic @@ -1600,8 +1601,8 @@ Second example custom filter In this example we now want to build a similar filter as in the example above, but extend the list of requirements with an ftp server located inside the VM. -Further, we will be using features that have been added in :since:`version -0.8.5` . The requirements for this filter are: +Further, we will be using features that have been available +:since:`since 0.8.5`. The requirements for this filter are: - prevents a VM's interface from MAC, IP and ARP spoofing -- 2.43.2

Andrea Bolognani

4:41 a.m.

New subject: [PATCH 8/9] docs: Other fixes to :since: tags

Make sure that they're entirely contained within a single line and that punctuation is used in a way that doesn't make the resulting HTML look weird. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- docs/drvbhyve.rst | 30 +-- docs/drvesx.rst | 19 +- docs/drvqemu.rst | 2 +- docs/drvxen.rst | 2 +- docs/formatcaps.rst | 8 +- docs/formatdomain.rst | 370 ++++++++++++++++--------------- docs/formatnetwork.rst | 55 ++--- docs/formatnetworkport.rst | 2 +- docs/formatnode.rst | 6 +- docs/formatnwfilter.rst | 112 +++++----- docs/formatsecret.rst | 10 +- docs/formatsnapshot.rst | 4 +- docs/formatstorage.rst | 29 +-- docs/formatstorageencryption.rst | 8 +- docs/hooks.rst | 64 +++--- 15 files changed, 367 insertions(+), 354 deletions(-) diff --git a/docs/drvbhyve.rst b/docs/drvbhyve.rst index 214bc2e76e..f9cb99006e 100644 --- a/docs/drvbhyve.rst +++ b/docs/drvbhyve.rst @@ -268,7 +268,7 @@ these commands manually, most likely you might want to tweak them. Using ZFS volumes ~~~~~~~~~~~~~~~~~ -It's possible to use ZFS volumes as disk devices :since:`since 1.2.8` . An +It's possible to use ZFS volumes as disk devices :since:`since 1.2.8`. An example of domain XML device entry for that will look like: :: @@ -307,7 +307,7 @@ not have spaces or they will be tokenized incorrectly. Using UEFI bootrom, VNC, and USB tablet ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -:since:`Since 3.2.0` , in addition to +:since:`Since 3.2.0`, in addition to `Using grub2-bhyve or Alternative Bootloaders`_, non-FreeBSD guests could be also booted using an UEFI boot ROM, provided both guest OS and installed ``bhyve(1)`` version support UEFI. To use that, ``loader`` should be @@ -349,7 +349,7 @@ Please note that the tablet device requires to have a USB controller of the ``nec-xhci`` model. Currently, only a single controller of this type and a single tablet are supported per domain. -:since:`Since 3.5.0` , it's possible to configure how the video device is +:since:`Since 3.5.0`, it's possible to configure how the video device is exposed to the guest using the ``vgaconf`` attribute: :: @@ -375,7 +375,7 @@ refer to the manual page and the `bhyve wiki <https://wiki.freebsd.org/bhyve>`__ for more details on using the ``vgaconf`` option. -:since:`Since 3.7.0` , it's possible to use ``autoport`` to let libvirt allocate +:since:`Since 3.7.0`, it's possible to use ``autoport`` to let libvirt allocate VNC port automatically (instead of explicitly specifying it with the ``port`` attribute): @@ -383,7 +383,7 @@ attribute): <graphics type='vnc' autoport='yes'> -:since:`Since 6.8.0` , it's possible to set framebuffer resolution using the +:since:`Since 6.8.0`, it's possible to set framebuffer resolution using the ``resolution`` sub-element: :: @@ -394,7 +394,7 @@ attribute): </model> </video> -:since:`Since 6.8.0` , VNC server can be configured to use password based +:since:`Since 6.8.0`, VNC server can be configured to use password based authentication: :: @@ -414,7 +414,7 @@ Originally bhyve supported only localtime for RTC. Support for UTC time was introduced in `FreeBSD changeset r284894 <https://svnweb.freebsd.org/changeset/base/284894>`__ for *10-STABLE* and in `changeset r279225 <https://svnweb.freebsd.org/changeset/base/279225>`__ -for *-CURRENT*. It's possible to use this in libvirt :since:`since 1.2.18` , +for *-CURRENT*. It's possible to use this in libvirt :since:`since 1.2.18`, just place the following to domain XML: :: @@ -443,8 +443,8 @@ e1000 NIC As of `FreeBSD changeset r302504 <https://svnweb.freebsd.org/changeset/base/302504>`__ bhyve supports -Intel e1000 network adapter emulation. It's supported in libvirt :since:`since -3.1.0` and could be used as follows: +Intel e1000 network adapter emulation. It's supported in libvirt +:since:`since 3.1.0` and could be used as follows: :: @@ -460,7 +460,7 @@ Sound device As of `FreeBSD changeset r349355 <https://svnweb.freebsd.org/changeset/base/349355>`__ bhyve supports -sound device emulation. It's supported in libvirt :since:`since 6.7.0` . +sound device emulation. It's supported in libvirt :since:`since 6.7.0`. :: @@ -484,7 +484,7 @@ Virtio-9p filesystem As of `FreeBSD changeset r366413 <https://svnweb.freebsd.org/changeset/base/366413>`__ bhyve supports sharing arbitrary directory tree between the guest and the host. It's supported -in libvirt :since:`since 6.9.0` . +in libvirt :since:`since 6.9.0`. :: @@ -506,7 +506,7 @@ In the Linux guest, this could be mounted using: Wiring guest memory ~~~~~~~~~~~~~~~~~~~ -:since:`Since 4.4.0` , it's possible to specify that guest memory should be +:since:`Since 4.4.0`, it's possible to specify that guest memory should be wired and cannot be swapped out as follows: :: @@ -522,7 +522,7 @@ wired and cannot be swapped out as follows: CPU topology ~~~~~~~~~~~~ -:since:`Since 4.5.0` , it's possible to specify guest CPU topology, if bhyve +:since:`Since 4.5.0`, it's possible to specify guest CPU topology, if bhyve supports that. Support for specifying guest CPU topology was added to bhyve in `FreeBSD changeset r332298 <https://svnweb.freebsd.org/changeset/base/332298>`__ for *-CURRENT*. Example: @@ -540,7 +540,7 @@ for *-CURRENT*. Example: Ignoring unknown MSRs reads and writes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -:since:`Since 5.1.0` , it's possible to make bhyve ignore accesses to +:since:`Since 5.1.0`, it's possible to make bhyve ignore accesses to unimplemented Model Specific Registers (MSRs). Example: :: @@ -558,7 +558,7 @@ unimplemented Model Specific Registers (MSRs). Example: Pass-through of arbitrary bhyve commands ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -:since:`Since 5.1.0` , it's possible to pass additional command-line arguments +:since:`Since 5.1.0`, it's possible to pass additional command-line arguments to the bhyve process when starting the domain using the ``<bhyve:commandline>`` element under ``domain``. To supply an argument, use the element ``<bhyve:arg>`` with the attribute ``value`` set to additional argument to be added. The arg ... -- 2.43.2

Andrea Bolognani

4:41 a.m.

New subject: [PATCH 9/9] syntax-check: Validate :since: tags

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- build-aux/syntax-check.mk | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/build-aux/syntax-check.mk b/build-aux/syntax-check.mk index 0a10259bd8..2ac8c5760f 100644 --- a/build-aux/syntax-check.mk +++ b/build-aux/syntax-check.mk @@ -1342,6 +1342,11 @@ sc_prohibit_enum_impl_with_vir_prefix_in_virsh: halt='avoid "vir" prefix for enums in virsh' \ $(_sc_search_regexp) +sc_rst_since: + @prohibit=':since:`[^`]+$|:since:`[^`]+[.,;]`|:since:`[^`]+` [.,;]' \ + halt='format :since: correctly' \ + $(_sc_search_regexp) + ## ---------- ## ## Exceptions ## -- 2.43.2

Michal Prívozník

6:26 a.m.

On 2/20/24 10:41, Andrea Bolognani wrote:

...

The way we use :since: is awfully inconsistent. This series doesn't try to fix everything, but takes care of at least a few low-hanging fruits plus a bunch of odds and ends.

Abridged version, with the full one available from

https://gitlab.com/abologna/libvirt/-/commits/docs-rst-since

Andrea Bolognani (9): docs: Format lists of files better docs: Remove unnecessary whitespace docs: Fix list of values docs: Don't use "line blocks" docs: Fix a few weird :since: tags docs: Leave kernel version out of :since: docs: Rewrite a few awkward sections docs: Other fixes to :since: tags syntax-check: Validate :since: tags

build-aux/syntax-check.mk | 5 + docs/api_extension.rst | 27 +- docs/bugs.rst | 14 +- docs/drvbhyve.rst | 30 +- docs/drvesx.rst | 19 +- docs/drvnodedev.rst | 2 +- docs/drvqemu.rst | 2 +- docs/drvxen.rst | 2 +- docs/firewall.rst | 23 +- docs/formatcaps.rst | 8 +- docs/formatdomain.rst | 510 ++++++++++++++++--------------- docs/formatnetwork.rst | 81 ++--- docs/formatnetworkport.rst | 2 +- docs/formatnode.rst | 6 +- docs/formatnwfilter.rst | 143 ++++----- docs/formatsecret.rst | 10 +- docs/formatsnapshot.rst | 4 +- docs/formatstorage.rst | 29 +- docs/formatstorageencryption.rst | 8 +- docs/hooks.rst | 168 +++++----- 20 files changed, 563 insertions(+), 530 deletions(-)

Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Michal

565

Age (days ago)

565

Last active (days ago)

List overview

Download

10 comments

2 participants

participants (2)

Andrea Bolognani
Michal Prívozník