Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvremote.html.in | 7 ------- docs/meson.build | 1 - 2 files changed, 8 deletions(-) delete mode 100644 docs/drvremote.html.in diff --git a/docs/drvremote.html.in b/docs/drvremote.html.in deleted file mode 100644 index 224f1bfb17..0000000000 --- a/docs/drvremote.html.in +++ /dev/null @@ -1,7 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>Remote management driver</h1> - </body> -</html> diff --git a/docs/meson.build b/docs/meson.build index b097866208..5f26d40082 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -29,7 +29,6 @@ docs_html_in_files = [ 'drvlxc', 'drvnodedev', 'drvopenvz', - 'drvremote', 'drvsecret', 'drvtest', 'drvvbox', -- 2.35.1

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/cgroups.html.in | 424 ------------------------------------------- docs/cgroups.rst | 364 +++++++++++++++++++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 365 insertions(+), 425 deletions(-) delete mode 100644 docs/cgroups.html.in create mode 100644 docs/cgroups.rst diff --git a/docs/cgroups.html.in b/docs/cgroups.html.in deleted file mode 100644 index 412a9360ff..0000000000 --- a/docs/cgroups.html.in +++ /dev/null @@ -1,424 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>Control Groups Resource Management</h1> - - <ul id="toc"></ul> - - <p> - The QEMU and LXC drivers make use of the Linux "Control Groups" facility - for applying resource management to their virtual machines and containers. - </p> - - <h2><a id="requiredControllers">Required controllers</a></h2> - - <p> - The control groups filesystem supports multiple "controllers". By default - the init system (such as systemd) should mount all controllers compiled - into the kernel at <code>/sys/fs/cgroup/$CONTROLLER-NAME</code>. Libvirt - will never attempt to mount any controllers itself, merely detect where - they are mounted. - </p> - - <p> - The QEMU driver is capable of using the <code>cpuset</code>, - <code>cpu</code>, <code>cpuacct</code>, <code>memory</code>, - <code>blkio</code> and <code>devices</code> controllers. - None of them are compulsory. If any controller is not mounted, - the resource management APIs which use it will cease to operate. - It is possible to explicitly turn off use of a controller, - even when mounted, via the <code>/etc/libvirt/qemu.conf</code> - configuration file. - </p> - - <p> - The LXC driver is capable of using the <code>cpuset</code>, - <code>cpu</code>, <code>cpuacct</code>, <code>freezer</code>, - <code>memory</code>, <code>blkio</code> and <code>devices</code> - controllers. The <code>cpuacct</code>, <code>devices</code> - and <code>memory</code> controllers are compulsory. Without - them mounted, no containers can be started. If any of the - other controllers are not mounted, the resource management APIs - which use them will cease to operate. - </p> - - <h2><a id="currentLayout">Current cgroups layout</a></h2> - - <p> - As of libvirt 1.0.5 or later, the cgroups layout created by libvirt has been - simplified, in order to facilitate the setup of resource control policies by - administrators / management applications. The new layout is based on the concepts - of "partitions" and "consumers". A "consumer" is a cgroup which holds the - processes for a single virtual machine or container. A "partition" is a cgroup - which does not contain any processes, but can have resource controls applied. - A "partition" will have zero or more child directories which may be either - "consumer" or "partition". - </p> - - <p> - As of libvirt 1.1.1 or later, the cgroups layout will have some slight - differences when running on a host with systemd 205 or later. The overall - tree structure is the same, but there are some differences in the naming - conventions for the cgroup directories. Thus the following docs split - in two, one describing systemd hosts and the other non-systemd hosts. - </p> - - <h3><a id="currentLayoutSystemd">Systemd cgroups integration</a></h3> - - <p> - On hosts which use systemd, each consumer maps to a systemd scope unit, - while partitions map to a system slice unit. - </p> - - <h4><a id="systemdScope">Systemd scope naming</a></h4> - - <p> - The systemd convention is for the scope name of virtual machines / containers - to be of the general format <code>machine-$NAME.scope</code>. Libvirt forms the - <code>$NAME</code> part of this by concatenating the driver type with the id - and truncated name of the guest, and then escaping any systemd reserved - characters. - So for a guest <code>demo</code> running under the <code>lxc</code> driver, - we get a <code>$NAME</code> of <code>lxc-12345-demo</code> which when escaped - is <code>lxc\x2d12345\x2ddemo</code>. So the complete scope name is - <code>machine-lxc\x2d12345\x2ddemo.scope</code>. - The scope names map directly to the cgroup directory names. - </p> - - <h4><a id="systemdSlice">Systemd slice naming</a></h4> - - <p> - The systemd convention for slice naming is that a slice should include the - name of all of its parents prepended on its own name. So for a libvirt - partition <code>/machine/engineering/testing</code>, the slice name will - be <code>machine-engineering-testing.slice</code>. Again the slice names - map directly to the cgroup directory names. Systemd creates three top level - slices by default, <code>system.slice</code> <code>user.slice</code> and - <code>machine.slice</code>. All virtual machines or containers created - by libvirt will be associated with <code>machine.slice</code> by default. - </p> - - <h4><a id="systemdLayout">Systemd cgroup layout</a></h4> - - <p> - Given this, a possible systemd cgroups layout involving 3 qemu guests, - 3 lxc containers and 3 custom child slices, would be: - </p> - - <pre> -$ROOT - | - +- system.slice - | | - | +- libvirtd.service - | - +- machine.slice - | - +- machine-qemu\x2d1\x2dvm1.scope - | | - | +- libvirt - | | - | +- emulator - | +- vcpu0 - | +- vcpu1 - | - +- machine-qemu\x2d2\x2dvm2.scope - | | - | +- libvirt - | | - | +- emulator - | +- vcpu0 - | +- vcpu1 - | - +- machine-qemu\x2d3\x2dvm3.scope - | | - | +- libvirt - | | - | +- emulator - | +- vcpu0 - | +- vcpu1 - | - +- machine-engineering.slice - | | - | +- machine-engineering-testing.slice - | | | - | | +- machine-lxc\x2d11111\x2dcontainer1.scope - | | - | +- machine-engineering-production.slice - | | - | +- machine-lxc\x2d22222\x2dcontainer2.scope - | - +- machine-marketing.slice - | - +- machine-lxc\x2d33333\x2dcontainer3.scope - </pre> - - <p> - Prior libvirt 7.1.0 the topology doesn't have extra - <code>libvirt</code> directory. - </p> - - <h3><a id="currentLayoutGeneric">Non-systemd cgroups layout</a></h3> - - <p> - On hosts which do not use systemd, each consumer has a corresponding cgroup - named <code>$VMNAME.libvirt-{qemu,lxc}</code>. Each consumer is associated - with exactly one partition, which also have a corresponding cgroup usually - named <code>$PARTNAME.partition</code>. The exceptions to this naming rule - is the top level default partition for virtual machines and containers - <code>/machine</code>. - </p> - - <p> - Given this, a possible non-systemd cgroups layout involving 3 qemu guests, - 3 lxc containers and 2 custom child slices, would be: - </p> - - <pre> -$ROOT - | - +- machine - | - +- qemu-1-vm1.libvirt-qemu - | | - | +- emulator - | +- vcpu0 - | +- vcpu1 - | - +- qeme-2-vm2.libvirt-qemu - | | - | +- emulator - | +- vcpu0 - | +- vcpu1 - | - +- qemu-3-vm3.libvirt-qemu - | | - | +- emulator - | +- vcpu0 - | +- vcpu1 - | - +- engineering.partition - | | - | +- testing.partition - | | | - | | +- lxc-11111-container1.libvirt-lxc - | | - | +- production.partition - | | - | +- lxc-22222-container2.libvirt-lxc - | - +- marketing.partition - | - +- lxc-33333-container3.libvirt-lxc - </pre> - - <h2><a id="customPartiton">Using custom partitions</a></h2> - - <p> - If there is a need to apply resource constraints to groups of - virtual machines or containers, then the single default - partition <code>/machine</code> may not be sufficiently - flexible. The administrator may wish to sub-divide the - default partition, for example into "testing" and "production" - partitions, and then assign each guest to a specific - sub-partition. This is achieved via a small element addition - to the guest domain XML config, just below the main <code>domain</code> - element - </p> - - <pre> -... -&lt;resource&gt; - &lt;partition&gt;/machine/production&lt;/partition&gt; -&lt;/resource&gt; -... - </pre> - - <p> - Note that the partition names in the guest XML are using a - generic naming format, not the low level naming convention - required by the underlying host OS. That is, you should not include - any of the <code>.partition</code> or <code>.slice</code> - suffixes in the XML config. Given a partition name - <code>/machine/production</code>, libvirt will automatically - apply the platform specific translation required to get - <code>/machine/production.partition</code> (non-systemd) - or <code>/machine.slice/machine-production.slice</code> - (systemd) as the underlying cgroup name - </p> - - <p> - Libvirt will not auto-create the cgroups directory to back - this partition. In the future, libvirt / virsh will provide - APIs / commands to create custom partitions, but currently - this is left as an exercise for the administrator. - </p> - - <p> - <strong>Note:</strong> the ability to place guests in custom - partitions is only available with libvirt &gt;= 1.0.5, using - the new cgroup layout. The legacy cgroups layout described - later in this document did not support customization per guest. - </p> - - <h3><a id="createSystemd">Creating custom partitions (systemd)</a></h3> - - <p> - Given the XML config above, the admin on a systemd based host would - need to create a unit file <code>/etc/systemd/system/machine-production.slice</code> - </p> - - <pre> -# cat &gt; /etc/systemd/system/machine-testing.slice &lt;&lt;EOF -[Unit] -Description=VM testing slice -Before=slices.target -Wants=machine.slice -EOF -# systemctl start machine-testing.slice - </pre> - - <h3><a id="createNonSystemd">Creating custom partitions (non-systemd)</a></h3> - - <p> - Given the XML config above, the admin on a non-systemd based host - would need to create a cgroup named '/machine/production.partition' - </p> - - <pre> -# cd /sys/fs/cgroup -# for i in blkio cpu,cpuacct cpuset devices freezer memory net_cls perf_event - do - mkdir $i/machine/production.partition - done -# for i in cpuset.cpus cpuset.mems - do - cat cpuset/machine/$i > cpuset/machine/production.partition/$i - done -</pre> - - <h2><a id="resourceAPIs">Resource management APIs/commands</a></h2> - - <p> - Since libvirt aims to provide an API which is portable across - hypervisors, the concept of cgroups is not exposed directly - in the API or XML configuration. It is considered to be an - internal implementation detail. Instead libvirt provides a - set of APIs for applying resource controls, which are then - mapped to corresponding cgroup tunables - </p> - - <h3>Scheduler tuning</h3> - - <p> - Parameters from the "cpu" controller are exposed via the - <code>schedinfo</code> command in virsh. - </p> - - <pre> -# virsh schedinfo demo -Scheduler : posix -cpu_shares : 1024 -vcpu_period : 100000 -vcpu_quota : -1 -emulator_period: 100000 -emulator_quota : -1</pre> - - - <h3>Block I/O tuning</h3> - - <p> - Parameters from the "blkio" controller are exposed via the - <code>bkliotune</code> command in virsh. - </p> - - - <pre> -# virsh blkiotune demo -weight : 500 -device_weight : </pre> - - <h3>Memory tuning</h3> - - <p> - Parameters from the "memory" controller are exposed via the - <code>memtune</code> command in virsh. - </p> - - <pre> -# virsh memtune demo -hard_limit : 580192 -soft_limit : unlimited -swap_hard_limit: unlimited - </pre> - - <h3>Network tuning</h3> - - <p> - The <code>net_cls</code> is not currently used. Instead traffic - filter policies are set directly against individual virtual - network interfaces. - </p> - - <h2><a id="legacyLayout">Legacy cgroups layout</a></h2> - - <p> - Prior to libvirt 1.0.5, the cgroups layout created by libvirt was different - from that described above, and did not allow for administrator customization. - Libvirt used a fixed, 3-level hierarchy <code>libvirt/{qemu,lxc}/$VMNAME</code> - which was rooted at the point in the hierarchy where libvirtd itself was - located. So if libvirtd was placed at <code>/system/libvirtd.service</code> - by systemd, the groups for each virtual machine / container would be located - at <code>/system/libvirtd.service/libvirt/{qemu,lxc}/$VMNAME</code>. In addition - to this, the QEMU drivers further child groups for each vCPU thread and the - emulator thread(s). This leads to a hierarchy that looked like - </p> - - - <pre> -$ROOT - | - +- system - | - +- libvirtd.service - | - +- libvirt - | - +- qemu - | | - | +- vm1 - | | | - | | +- emulator - | | +- vcpu0 - | | +- vcpu1 - | | - | +- vm2 - | | | - | | +- emulator - | | +- vcpu0 - | | +- vcpu1 - | | - | +- vm3 - | | - | +- emulator - | +- vcpu0 - | +- vcpu1 - | - +- lxc - | - +- container1 - | - +- container2 - | - +- container3 - </pre> - - <p> - Although current releases are much improved, historically the use of deep - hierarchies has had a significant negative impact on the kernel scalability. - The legacy libvirt cgroups layout highlighted these problems, to the detriment - of the performance of virtual machines and containers. - </p> - </body> -</html> diff --git a/docs/cgroups.rst b/docs/cgroups.rst new file mode 100644 index 0000000000..eb66a14f0d --- /dev/null +++ b/docs/cgroups.rst @@ -0,0 +1,364 @@ +================================== +Control Groups Resource Management +================================== + +.. contents:: + +The QEMU and LXC drivers make use of the Linux "Control Groups" facility for +applying resource management to their virtual machines and containers. + +Required controllers +-------------------- + +The control groups filesystem supports multiple "controllers". By default the +init system (such as systemd) should mount all controllers compiled into the +kernel at ``/sys/fs/cgroup/$CONTROLLER-NAME``. Libvirt will never attempt to +mount any controllers itself, merely detect where they are mounted. + +The QEMU driver is capable of using the ``cpuset``, ``cpu``, ``cpuacct``, +``memory``, ``blkio`` and ``devices`` controllers. None of them are compulsory. +If any controller is not mounted, the resource management APIs which use it will +cease to operate. It is possible to explicitly turn off use of a controller, +even when mounted, via the ``/etc/libvirt/qemu.conf`` configuration file. + +The LXC driver is capable of using the ``cpuset``, ``cpu``, ``cpuacct``, +``freezer``, ``memory``, ``blkio`` and ``devices`` controllers. The ``cpuacct``, +``devices`` and ``memory`` controllers are compulsory. Without them mounted, no +containers can be started. If any of the other controllers are not mounted, the +resource management APIs which use them will cease to operate. + +Current cgroups layout +---------------------- + +As of libvirt 1.0.5 or later, the cgroups layout created by libvirt has been +simplified, in order to facilitate the setup of resource control policies by +administrators / management applications. The new layout is based on the +concepts of "partitions" and "consumers". A "consumer" is a cgroup which holds +the processes for a single virtual machine or container. A "partition" is a +cgroup which does not contain any processes, but can have resource controls +applied. A "partition" will have zero or more child directories which may be +either "consumer" or "partition". + +As of libvirt 1.1.1 or later, the cgroups layout will have some slight +differences when running on a host with systemd 205 or later. The overall tree +structure is the same, but there are some differences in the naming conventions +for the cgroup directories. Thus the following docs split in two, one describing +systemd hosts and the other non-systemd hosts. + +Systemd cgroups integration +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +On hosts which use systemd, each consumer maps to a systemd scope unit, while +partitions map to a system slice unit. + +Systemd scope naming +^^^^^^^^^^^^^^^^^^^^ + +The systemd convention is for the scope name of virtual machines / containers to +be of the general format ``machine-$NAME.scope``. Libvirt forms the ``$NAME`` +part of this by concatenating the driver type with the id and truncated name of +the guest, and then escaping any systemd reserved characters. So for a guest +``demo`` running under the ``lxc`` driver, we get a ``$NAME`` of +``lxc-12345-demo`` which when escaped is ``lxc\x2d12345\x2ddemo``. So the +complete scope name is ``machine-lxc\x2d12345\x2ddemo.scope``. The scope names +map directly to the cgroup directory names. + +Systemd slice naming +^^^^^^^^^^^^^^^^^^^^ + +The systemd convention for slice naming is that a slice should include the name +of all of its parents prepended on its own name. So for a libvirt partition +``/machine/engineering/testing``, the slice name will be +``machine-engineering-testing.slice``. Again the slice names map directly to the +cgroup directory names. Systemd creates three top level slices by default, +``system.slice`` ``user.slice`` and ``machine.slice``. All virtual machines or +containers created by libvirt will be associated with ``machine.slice`` by +default. + +Systemd cgroup layout +^^^^^^^^^^^^^^^^^^^^^ + +Given this, a possible systemd cgroups layout involving 3 qemu guests, 3 lxc +containers and 3 custom child slices, would be: + +:: + + $ROOT + | + +- system.slice + | | + | +- libvirtd.service + | + +- machine.slice + | + +- machine-qemu\x2d1\x2dvm1.scope + | | + | +- libvirt + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- machine-qemu\x2d2\x2dvm2.scope + | | + | +- libvirt + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- machine-qemu\x2d3\x2dvm3.scope + | | + | +- libvirt + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- machine-engineering.slice + | | + | +- machine-engineering-testing.slice + | | | + | | +- machine-lxc\x2d11111\x2dcontainer1.scope + | | + | +- machine-engineering-production.slice + | | + | +- machine-lxc\x2d22222\x2dcontainer2.scope + | + +- machine-marketing.slice + | + +- machine-lxc\x2d33333\x2dcontainer3.scope + +Prior libvirt 7.1.0 the topology doesn't have extra ``libvirt`` directory. + +Non-systemd cgroups layout +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +On hosts which do not use systemd, each consumer has a corresponding cgroup +named ``$VMNAME.libvirt-{qemu,lxc}``. Each consumer is associated with exactly +one partition, which also have a corresponding cgroup usually named +``$PARTNAME.partition``. The exceptions to this naming rule is the top level +default partition for virtual machines and containers ``/machine``. + +Given this, a possible non-systemd cgroups layout involving 3 qemu guests, 3 lxc +containers and 2 custom child slices, would be: + +:: + + $ROOT + | + +- machine + | + +- qemu-1-vm1.libvirt-qemu + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- qeme-2-vm2.libvirt-qemu + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- qemu-3-vm3.libvirt-qemu + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- engineering.partition + | | + | +- testing.partition + | | | + | | +- lxc-11111-container1.libvirt-lxc + | | + | +- production.partition + | | + | +- lxc-22222-container2.libvirt-lxc + | + +- marketing.partition + | + +- lxc-33333-container3.libvirt-lxc + +Using custom partitions +----------------------- + +If there is a need to apply resource constraints to groups of virtual machines +or containers, then the single default partition ``/machine`` may not be +sufficiently flexible. The administrator may wish to sub-divide the default +partition, for example into "testing" and "production" partitions, and then +assign each guest to a specific sub-partition. This is achieved via a small +element addition to the guest domain XML config, just below the main ``domain`` +element + +:: + + ... + <resource> + <partition>/machine/production</partition> + </resource> + ... + +Note that the partition names in the guest XML are using a generic naming +format, not the low level naming convention required by the underlying host OS. +That is, you should not include any of the ``.partition`` or ``.slice`` suffixes +in the XML config. Given a partition name ``/machine/production``, libvirt will +automatically apply the platform specific translation required to get +``/machine/production.partition`` (non-systemd) or +``/machine.slice/machine-production.slice`` (systemd) as the underlying cgroup +name + +Libvirt will not auto-create the cgroups directory to back this partition. In +the future, libvirt / virsh will provide APIs / commands to create custom +partitions, but currently this is left as an exercise for the administrator. + +**Note:** the ability to place guests in custom partitions is only available +with libvirt >= 1.0.5, using the new cgroup layout. The legacy cgroups layout +described later in this document did not support customization per guest. + +Creating custom partitions (systemd) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Given the XML config above, the admin on a systemd based host would need to +create a unit file ``/etc/systemd/system/machine-production.slice`` + +:: + + # cat > /etc/systemd/system/machine-testing.slice <<EOF + [Unit] + Description=VM testing slice + Before=slices.target + Wants=machine.slice + EOF + # systemctl start machine-testing.slice + +Creating custom partitions (non-systemd) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Given the XML config above, the admin on a non-systemd based host would need to +create a cgroup named '/machine/production.partition' + +:: + + # cd /sys/fs/cgroup + # for i in blkio cpu,cpuacct cpuset devices freezer memory net_cls perf_event + do + mkdir $i/machine/production.partition + done + # for i in cpuset.cpus cpuset.mems + do + cat cpuset/machine/$i > cpuset/machine/production.partition/$i + done + +Resource management APIs/commands +--------------------------------- + +Since libvirt aims to provide an API which is portable across hypervisors, the +concept of cgroups is not exposed directly in the API or XML configuration. It +is considered to be an internal implementation detail. Instead libvirt provides +a set of APIs for applying resource controls, which are then mapped to +corresponding cgroup tunables + +Scheduler tuning +~~~~~~~~~~~~~~~~ + +Parameters from the "cpu" controller are exposed via the ``schedinfo`` command +in virsh. + +:: + + # virsh schedinfo demo + Scheduler : posix + cpu_shares : 1024 + vcpu_period : 100000 + vcpu_quota : -1 + emulator_period: 100000 + emulator_quota : -1 + +Block I/O tuning +~~~~~~~~~~~~~~~~ + +Parameters from the "blkio" controller are exposed via the ``bkliotune`` command +in virsh. + +:: + + # virsh blkiotune demo + weight : 500 + device_weight : + +Memory tuning +~~~~~~~~~~~~~ + +Parameters from the "memory" controller are exposed via the ``memtune`` command +in virsh. + +:: + + # virsh memtune demo + hard_limit : 580192 + soft_limit : unlimited + swap_hard_limit: unlimited + +Network tuning +~~~~~~~~~~~~~~ + +The ``net_cls`` is not currently used. Instead traffic filter policies are set +directly against individual virtual network interfaces. + +Legacy cgroups layout +--------------------- + +Prior to libvirt 1.0.5, the cgroups layout created by libvirt was different from +that described above, and did not allow for administrator customization. Libvirt +used a fixed, 3-level hierarchy ``libvirt/{qemu,lxc}/$VMNAME`` which was rooted +at the point in the hierarchy where libvirtd itself was located. So if libvirtd +was placed at ``/system/libvirtd.service`` by systemd, the groups for each +virtual machine / container would be located at +``/system/libvirtd.service/libvirt/{qemu,lxc}/$VMNAME``. In addition to this, +the QEMU drivers further child groups for each vCPU thread and the emulator +thread(s). This leads to a hierarchy that looked like + +:: + + $ROOT + | + +- system + | + +- libvirtd.service + | + +- libvirt + | + +- qemu + | | + | +- vm1 + | | | + | | +- emulator + | | +- vcpu0 + | | +- vcpu1 + | | + | +- vm2 + | | | + | | +- emulator + | | +- vcpu0 + | | +- vcpu1 + | | + | +- vm3 + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- lxc + | + +- container1 + | + +- container2 + | + +- container3 + +Although current releases are much improved, historically the use of deep +hierarchies has had a significant negative impact on the kernel scalability. The +legacy libvirt cgroups layout highlighted these problems, to the detriment of +the performance of virtual machines and containers. diff --git a/docs/meson.build b/docs/meson.build index 5f26d40082..bb7e27e031 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -19,7 +19,6 @@ docs_assets = [ docs_html_in_files = [ '404', - 'cgroups', 'csharp', 'dbus', 'docs', @@ -70,6 +69,7 @@ docs_rst_files = [ 'best-practices', 'bindings', 'bugs', + 'cgroups', 'ci', 'coding-style', 'committer-guidelines', -- 2.35.1

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvbhyve.html.in | 583 ------------------------------------------ docs/drvbhyve.rst | 582 +++++++++++++++++++++++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 583 insertions(+), 584 deletions(-) delete mode 100644 docs/drvbhyve.html.in create mode 100644 docs/drvbhyve.rst diff --git a/docs/drvbhyve.html.in b/docs/drvbhyve.html.in deleted file mode 100644 index 228e8b2bd5..0000000000 --- a/docs/drvbhyve.html.in +++ /dev/null @@ -1,583 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>Bhyve driver</h1> - - <ul id="toc"></ul> - -<p> -Bhyve is a FreeBSD hypervisor. It first appeared in FreeBSD 10.0. However, it's -recommended to keep tracking FreeBSD 10-STABLE to make sure all new features -of bhyve are supported. - -In order to enable bhyve on your FreeBSD host, you'll need to load the <code>vmm</code> -kernel module. Additionally, <code>if_tap</code> and <code>if_bridge</code> modules -should be loaded for networking support. Also, <span class="since">since 3.2.0</span> the -<code>virt-host-validate(1)</code> supports the bhyve host validation and could be -used like this: -</p> - -<pre> -$ virt-host-validate bhyve - BHYVE: Checking for vmm module : PASS - BHYVE: Checking for if_tap module : PASS - BHYVE: Checking for if_bridge module : PASS - BHYVE: Checking for nmdm module : PASS -$ -</pre> - -<p> -Additional information on bhyve could be obtained on <a href="https://bhyve.org/">bhyve.org</a>;. -</p> - -<h2><a id="uri">Connections to the Bhyve driver</a></h2> -<p> -The libvirt bhyve driver is a single-instance privileged driver. Some sample -connection URIs are: -</p> - -<pre> -bhyve:///system (local access) -bhyve+unix:///system (local access) -bhyve+ssh://root@example.com/system (remote access, SSH tunnelled) -</pre> - -<h2><a id="exconfig">Example guest domain XML configurations</a></h2> - -<h3>Example config</h3> -<p> -The bhyve driver in libvirt is in its early stage and under active development. So it supports -only limited number of features bhyve provides. -</p> - -<p> -Note: in older libvirt versions, only a single network device and a single -disk device were supported per-domain. However, -<span class="since">since 1.2.6</span> the libvirt bhyve driver supports -up to 31 PCI devices. -</p> - -<p> -Note: the Bhyve driver in libvirt will boot whichever device is first. If you -want to install from CD, put the CD device first. If not, put the root HDD -first. -</p> - -<p> -Note: Only the SATA bus is supported. Only <code>cdrom</code>- and -<code>disk</code>-type disks are supported. -</p> - -<pre> -&lt;domain type='bhyve'&gt; - &lt;name&gt;bhyve&lt;/name&gt; - &lt;uuid&gt;df3be7e7-a104-11e3-aeb0-50e5492bd3dc&lt;/uuid&gt; - &lt;memory&gt;219136&lt;/memory&gt; - &lt;currentMemory&gt;219136&lt;/currentMemory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;os&gt; - &lt;type&gt;hvm&lt;/type&gt; - &lt;/os&gt; - &lt;features&gt; - &lt;apic/&gt; - &lt;acpi/&gt; - &lt;/features&gt; - &lt;clock offset='utc'/&gt; - &lt;on_poweroff&gt;destroy&lt;/on_poweroff&gt; - &lt;on_reboot&gt;restart&lt;/on_reboot&gt; - &lt;on_crash&gt;destroy&lt;/on_crash&gt; - &lt;devices&gt; - &lt;disk type='file'&gt; - &lt;driver name='file' type='raw'/&gt; - &lt;source file='/path/to/bhyve_freebsd.img'/&gt; - &lt;target dev='hda' bus='sata'/&gt; - &lt;/disk&gt; - &lt;disk type='file' device='cdrom'&gt; - &lt;driver name='file' type='raw'/&gt; - &lt;source file='/path/to/cdrom.iso'/&gt; - &lt;target dev='hdc' bus='sata'/&gt; - &lt;readonly/&gt; - &lt;/disk&gt; - &lt;interface type='bridge'&gt; - &lt;model type='virtio'/&gt; - &lt;source bridge="virbr0"/&gt; - &lt;/interface&gt; - &lt;/devices&gt; -&lt;/domain&gt; -</pre> - -<p>(The &lt;disk&gt; sections may be swapped in order to install from -<em>cdrom.iso</em>.)</p> - -<h3>Example config (Linux guest)</h3> - -<p> -Note the addition of &lt;bootloader&gt;. -</p> - -<pre> -&lt;domain type='bhyve'&gt; - &lt;name&gt;linux_guest&lt;/name&gt; - &lt;uuid&gt;df3be7e7-a104-11e3-aeb0-50e5492bd3dc&lt;/uuid&gt; - &lt;memory&gt;131072&lt;/memory&gt; - &lt;currentMemory&gt;131072&lt;/currentMemory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;bootloader&gt;/usr/local/sbin/grub-bhyve&lt;/bootloader&gt; - &lt;os&gt; - &lt;type&gt;hvm&lt;/type&gt; - &lt;/os&gt; - &lt;features&gt; - &lt;apic/&gt; - &lt;acpi/&gt; - &lt;/features&gt; - &lt;clock offset='utc'/&gt; - &lt;on_poweroff&gt;destroy&lt;/on_poweroff&gt; - &lt;on_reboot&gt;restart&lt;/on_reboot&gt; - &lt;on_crash&gt;destroy&lt;/on_crash&gt; - &lt;devices&gt; - &lt;disk type='file' device='disk'&gt; - &lt;driver name='file' type='raw'/&gt; - &lt;source file='/path/to/guest_hdd.img'/&gt; - &lt;target dev='hda' bus='sata'/&gt; - &lt;/disk&gt; - &lt;disk type='file' device='cdrom'&gt; - &lt;driver name='file' type='raw'/&gt; - &lt;source file='/path/to/cdrom.iso'/&gt; - &lt;target dev='hdc' bus='sata'/&gt; - &lt;readonly/&gt; - &lt;/disk&gt; - &lt;interface type='bridge'&gt; - &lt;model type='virtio'/&gt; - &lt;source bridge="virbr0"/&gt; - &lt;/interface&gt; - &lt;/devices&gt; -&lt;/domain&gt; -</pre> - -<h3>Example config (Linux UEFI guest, VNC, tablet)</h3> - -<p>This is an example to boot into Fedora 25 installation:</p> - -<pre> -&lt;domain type='bhyve'&gt; - &lt;name&gt;fedora_uefi_vnc_tablet&lt;/name&gt; - &lt;memory unit='G'&gt;4&lt;/memory&gt; - &lt;vcpu&gt;2&lt;/vcpu&gt; - &lt;os&gt; - &lt;type&gt;hvm&lt;/type&gt; - <b>&lt;loader readonly=&quot;yes&quot; type=&quot;pflash&quot;&gt;/usr/local/share/uefi-firmware/BHYVE_UEFI.fd&lt;/loader&gt;</b> - &lt;/os&gt; - &lt;features&gt; - &lt;apic/&gt; - &lt;acpi/&gt; - &lt;/features&gt; - &lt;clock offset='utc'/&gt; - &lt;on_poweroff&gt;destroy&lt;/on_poweroff&gt; - &lt;on_reboot&gt;restart&lt;/on_reboot&gt; - &lt;on_crash&gt;destroy&lt;/on_crash&gt; - &lt;devices&gt; - &lt;disk type='file' device='cdrom'&gt; - &lt;driver name='file' type='raw'/&gt; - &lt;source file='/path/to/Fedora-Workstation-Live-x86_64-25-1.3.iso'/&gt; - &lt;target dev='hdc' bus='sata'/&gt; - &lt;readonly/&gt; - &lt;/disk&gt; - &lt;disk type='file' device='disk'&gt; - &lt;driver name='file' type='raw'/&gt; - &lt;source file='/path/to/linux_uefi.img'/&gt; - &lt;target dev='hda' bus='sata'/&gt; - &lt;/disk&gt; - &lt;interface type='bridge'&gt; - &lt;model type='virtio'/&gt; - &lt;source bridge=&quot;virbr0&quot;/&gt; - &lt;/interface&gt; - &lt;serial type=&quot;nmdm&quot;&gt; - &lt;source master=&quot;/dev/nmdm0A&quot; slave=&quot;/dev/nmdm0B&quot;/&gt; - &lt;/serial&gt; - <b>&lt;graphics type='vnc' port='5904'&gt; - &lt;listen type='address' address='127.0.0.1'/&gt; - &lt;/graphics&gt; - &lt;controller type='usb' model='nec-xhci'/&gt; - &lt;input type='tablet' bus='usb'/&gt;</b> - &lt;/devices&gt; -&lt;/domain&gt; -</pre> - -<p>Please refer to the <a href="#uefi">UEFI</a> section for a more detailed explanation.</p> - -<h2><a id="usage">Guest usage / management</a></h2> - -<h3><a id="console">Connecting to a guest console</a></h3> - -<p> -Guest console connection is supported through the <code>nmdm</code> device. It could be enabled by adding -the following to the domain XML (<span class="since">Since 1.2.4</span>): -</p> - -<pre> -... -&lt;devices&gt; - &lt;serial type="nmdm"&gt; - &lt;source master="/dev/nmdm0A" slave="/dev/nmdm0B"/&gt; - &lt;/serial&gt; -&lt;/devices&gt; -...</pre> - - -<p>Make sure to load the <code>nmdm</code> kernel module if you plan to use that.</p> - -<p> -Then <code>virsh console</code> command can be used to connect to the text console -of a guest.</p> - -<p><b>NB:</b> Some versions of bhyve have a bug that prevents guests from booting -until the console is opened by a client. This bug was fixed in -<a href="https://svnweb.freebsd.org/changeset/base/262884">FreeBSD changeset r262884</a>. If -an older version is used, one either has to open a console manually with <code>virsh console</code> -to let a guest boot or start a guest using:</p> - -<pre>start --console domname</pre> - -<p><b>NB:</b> A bootloader configured to require user interaction will prevent -the domain from starting (and thus <code>virsh console</code> or <code>start ---console</code> from functioning) until the user interacts with it manually on -the VM host. Because users typically do not have access to the VM host, -interactive bootloaders are unsupported by libvirt. <em>However,</em> if you happen to -run into this scenario and also happen to have access to the Bhyve host -machine, you may select a boot option and allow the domain to finish starting -by using an alternative terminal client on the VM host to connect to the -domain-configured null modem device. One example (assuming -<code>/dev/nmdm0B</code> is configured as the slave end of the domain serial -device) is:</p> - -<pre>cu -l /dev/nmdm0B</pre> - -<h3><a id="xmltonative">Converting from domain XML to Bhyve args</a></h3> - -<p> -The <code>virsh domxml-to-native</code> command can preview the actual -<code>bhyve</code> commands that will be executed for a given domain. -It outputs two lines, the first line is a <code>bhyveload</code> command and -the second is a <code>bhyve</code> command. -</p> - -<p>Please note that the <code>virsh domxml-to-native</code> doesn't do any -real actions other than printing the command, for example, it doesn't try to -find a proper TAP interface and create it, like what is done when starting -a domain; and always returns <code>tap0</code> for the network interface. So -if you're going to run these commands manually, most likely you might want to -tweak them.</p> - -<pre> -# virsh -c "bhyve:///system" domxml-to-native --format bhyve-argv --xml /path/to/bhyve.xml -/usr/sbin/bhyveload -m 214 -d /home/user/vm1.img vm1 -/usr/sbin/bhyve -c 2 -m 214 -A -I -H -P -s 0:0,hostbridge \ - -s 3:0,virtio-net,tap0,mac=52:54:00:5d:74:e3 -s 2:0,virtio-blk,/home/user/vm1.img \ - -s 1,lpc -l com1,/dev/nmdm0A vm1 -</pre> - -<h3><a id="zfsvolume">Using ZFS volumes</a></h3> - -<p>It's possible to use ZFS volumes as disk devices <span class="since">since 1.2.8</span>. -An example of domain XML device entry for that will look like:</p> - -<pre> -... -&lt;disk type='volume' device='disk'&gt; - &lt;source pool='zfspool' volume='vol1'/&gt; - &lt;target dev='vdb' bus='virtio'/&gt; -&lt;/disk&gt; -...</pre> - -<p>Please refer to the <a href="storage.html">Storage documentation</a> for more details on storage -management.</p> - -<h3><a id="grubbhyve">Using grub2-bhyve or Alternative Bootloaders</a></h3> - -<p>It's possible to boot non-FreeBSD guests by specifying an explicit -bootloader, e.g. <code>grub-bhyve(1)</code>. Arguments to the bootloader may be -specified as well. If the bootloader is <code>grub-bhyve</code> and arguments -are omitted, libvirt will try and infer boot ordering from user-supplied -&lt;boot order='N'&gt; configuration in the domain. Failing that, it will boot -the first disk in the domain (either <code>cdrom</code>- or -<code>disk</code>-type devices). If the disk type is <code>disk</code>, it will -attempt to boot from the first partition in the disk image.</p> - -<pre> -... -&lt;bootloader&gt;/usr/local/sbin/grub-bhyve&lt;/bootloader&gt; -&lt;bootloader_args&gt;...&lt;/bootloader_args&gt; -... -</pre> - -<p>Caveat: <code>bootloader_args</code> does not support any quoting. -Filenames, etc, must not have spaces or they will be tokenized incorrectly.</p> - -<h3><a id="uefi">Using UEFI bootrom, VNC, and USB tablet</a></h3> - -<p><span class="since">Since 3.2.0</span>, in addition to <a href="#grubbhyve">grub-bhyve</a>, -non-FreeBSD guests could be also booted using an UEFI boot ROM, provided both guest OS and -installed <code>bhyve(1)</code> version support UEFI. To use that, <code>loader</code> -should be specified in the <code>os</code> section:</p> - -<pre> -&lt;domain type='bhyve'&gt; - ... - &lt;os&gt; - &lt;type&gt;hvm&lt;/type&gt; - &lt;loader readonly="yes" type="pflash"&gt;/usr/local/share/uefi-firmware/BHYVE_UEFI.fd&lt;/loader&gt; - &lt;/os&gt; - ... -</pre> - -<p>This uses the UEFI firmware provided by -the <a href="https://www.freshports.org/sysutils/bhyve-firmware/">s... -FreeBSD port.</p> - -<p>VNC and the tablet input device could be configured this way:</p> - -<pre> -&lt;domain type='bhyve'&gt; - &lt;devices&gt; - ... - &lt;graphics type='vnc' port='5904'&gt; - &lt;listen type='address' address='127.0.0.1'/&gt; - &lt;/graphics&gt; - &lt;controller type='usb' model='nec-xhci'/&gt; - &lt;input type='tablet' bus='usb'/&gt; - &lt;/devices&gt; - ... -&lt;/domain&gt; -</pre> - -<p>This way, VNC will be accessible on <code>127.0.0.1:5904</code>.</p> - -<p>Please note that the tablet device requires to have a USB controller -of the <code>nec-xhci</code> model. Currently, only a single controller of this -type and a single tablet are supported per domain.</p> - -<p><span class="since">Since 3.5.0</span>, it's possible to configure how the video device is exposed -to the guest using the <code>vgaconf</code> attribute:</p> - -<pre> -&lt;domain type='bhyve'&gt; - &lt;devices&gt; - ... - &lt;graphics type='vnc' port='5904'&gt; - &lt;listen type='address' address='127.0.0.1'/&gt; - &lt;/graphics&gt; - &lt;video&gt; - &lt;driver vgaconf='on'/&gt; - &lt;model type='gop' heads='1' primary='yes'/&gt; - &lt;/video&gt; - ... - &lt;/devices&gt; - ... -&lt;/domain&gt; -</pre> - -<p>If not specified, bhyve's default mode for <code>vgaconf</code> -will be used. Please refer to the -<a href="https://www.freebsd.org/cgi/man.cgi?query=bhyve&amp;sektio... -manual page and the <a href="https://wiki.freebsd.org/bhyve">bhyve wiki</a> for more details on using -the <code>vgaconf</code> option.</p> - -<p><span class="since">Since 3.7.0</span>, it's possible to use <code>autoport</code> -to let libvirt allocate VNC port automatically (instead of explicitly specifying -it with the <code>port</code> attribute):</p> - -<pre> - &lt;graphics type='vnc' autoport='yes'&gt; -</pre> - -<p><span class="since">Since 6.8.0</span>, it's possible to set framebuffer resolution -using the <code>resolution</code> sub-element:</p> - -<pre> - &lt;video&gt; - &lt;model type='gop' heads='1' primary='yes'&gt; - &lt;resolution x='800' y='600'/&gt; - &lt;/model&gt; - &lt;/video&gt; -</pre> - -<p><span class="since">Since 6.8.0</span>, VNC server can be configured to use -password based authentication:</p> - -<pre> - &lt;graphics type='vnc' port='5904' passwd='foobar'&gt; - &lt;listen type='address' address='127.0.0.1'/&gt; - &lt;/graphics&gt; -</pre> - -<p>Note: VNC password authentication is known to be cryptographically weak. -Additionally, the password is passed as a command line argument in clear text. -Make sure you understand the risks associated with this feature before using it.</p> - -<h3><a id="clockconfig">Clock configuration</a></h3> - -<p>Originally bhyve supported only localtime for RTC. Support for UTC time was introduced in -<a href="https://svnweb.freebsd.org/changeset/base/284894">FreeBSD changeset r284894</a> -for <i>10-STABLE</i> and -in <a href="https://svnweb.freebsd.org/changeset/base/279225">chan... r279225</a> -for <i>-CURRENT</i>. It's possible to use this in libvirt <span class="since">since 1.2.18</span>, -just place the following to domain XML:</p> - -<pre> -&lt;domain type="bhyve"&gt; - ... - &lt;clock offset='utc'/&gt; - ... -&lt;/domain&gt; -</pre> - -<p>Please note that if you run the older bhyve version that doesn't support UTC time, you'll -fail to start a domain. As UTC is used as a default when you do not specify clock settings, -you'll need to explicitly specify 'localtime' in this case:</p> - -<pre> -&lt;domain type="bhyve"&gt; - ... - &lt;clock offset='localtime'/&gt; - ... -&lt;/domain&gt; -</pre> - -<h3><a id="e1000">e1000 NIC</a></h3> - -<p>As of <a href="https://svnweb.freebsd.org/changeset/base/302504">FreeBSD changeset r302504</a> -bhyve supports Intel e1000 network adapter emulation. It's supported in libvirt -<span class="since">since 3.1.0</span> and could be used as follows:</p> - -<pre> -... - &lt;interface type='bridge'&gt; - &lt;source bridge='virbr0'/&gt; - &lt;model type='<b>e1000</b>'/&gt; - &lt;/interface&gt; -... -</pre> - -<h3><a id="sound">Sound device</a></h3> - -<p>As of <a href="https://svnweb.freebsd.org/changeset/base/349355">FreeBSD changeset r349355</a> -bhyve supports sound device emulation. It's supported in libvirt -<span class="since">since 6.7.0</span>.</p> - -<pre> -... - &lt;sound model='ich7'&gt; - &lt;audio id='1'/&gt; - &lt;/sound&gt; - &lt;audio id='1' type='oss'&gt; - &lt;input dev='/dev/dsp0'/&gt; - &lt;output dev='/dev/dsp0'/&gt; - &lt;/audio&gt; -... -</pre> - -<p>Here, the <code>sound</code> element specifies the sound device as it's exposed -to the guest, with <code>ich7</code> being the only supported model now, -and the <code>audio</code> element specifies how the guest device is mapped -to the host sound device.</p> - -<h3><a id="fs-9p">Virtio-9p filesystem</a></h3> - -<p>As of <a href="https://svnweb.freebsd.org/changeset/base/366413">FreeBSD changeset r366413</a> -bhyve supports sharing arbitrary directory tree between the guest and the host. -It's supported in libvirt <span class="since">since 6.9.0</span>.</p> - -<pre> -... - &lt;filesystem&gt; - &lt;source dir='/shared/dir'/&gt; - &lt;target dir='shared_dir'/&gt; - &lt;/filesystem&gt; -... -</pre> - -<p>This share could be made read only by adding the <code>&lt;readonly/&gt;</code> sub-element.</p> - -<p>In the Linux guest, this could be mounted using:</p> - -<pre>mount -t 9p shared_dir /mnt/shared_dir</pre> - -<h3><a id="wired">Wiring guest memory</a></h3> - -<p><span class="since">Since 4.4.0</span>, it's possible to specify that guest memory should -be wired and cannot be swapped out as follows:</p> -<pre> -&lt;domain type="bhyve"&gt; - ... - &lt;memoryBacking&gt; - &lt;locked/&gt; - &lt;/memoryBacking&gt; - ... -&lt;/domain&gt; -</pre> - -<h3><a id="cputopology">CPU topology</a></h3> - -<p><span class="since">Since 4.5.0</span>, it's possible to specify guest CPU topology, if bhyve -supports that. Support for specifying guest CPU topology was added to bhyve in -<a href="https://svnweb.freebsd.org/changeset/base/332298">FreeBSD changeset r332298</a> -for <i>-CURRENT</i>. -Example:</p> -<pre> -&lt;domain type="bhyve"&gt; - ... - &lt;cpu&gt; - &lt;topology sockets='1' cores='2' threads='1'/&gt; - &lt;/cpu&gt; - ... -&lt;/domain&gt; -</pre> - -<h3><a id="msrs">Ignoring unknown MSRs reads and writes</a></h3> - -<p><span class="since">Since 5.1.0</span>, it's possible to make bhyve -ignore accesses to unimplemented Model Specific Registers (MSRs). -Example:</p> - -<pre> -&lt;domain type="bhyve"&gt; - ... - &lt;features&gt; - ... - &lt;msrs unknown='ignore'/&gt; - ... - &lt;/features&gt; - ... -&lt;/domain&gt; -</pre> - -<h3><a id="bhyvecommand">Pass-through of arbitrary bhyve commands</a></h3> - -<p><span class="since">Since 5.1.0</span>, it's possible to pass additional command-line -arguments to the bhyve process when starting the domain using the -<code>&lt;bhyve:commandline&gt;</code> element under <code>domain</code>. -To supply an argument, use the element <code>&lt;bhyve:arg&gt;</code> with -the attribute <code>value</code> set to additional argument to be added. -The arg element may be repeated multiple times. To use this XML addition, it is necessary -to issue an XML namespace request (the special <code>xmlns:<i>name</i></code> attribute) -that pulls in <code>http://libvirt.org/schemas/domain/bhyve/1.0</code>; -typically, the namespace is given the name of <code>bhyve</code>. -</p> -<p>Example:</p> -<pre> -&lt;domain type="bhyve" xmlns:bhyve="http://libvirt.org/schemas/domain/bhyve/1.0"&gt; - ... - &lt;bhyve:commandline&gt; - &lt;bhyve:arg value='-somebhyvearg'/&gt; - &lt;/bhyve:commandline&gt; -&lt;/domain&gt; -</pre> - -<p>Note that these extensions are for testing and development purposes only. -They are <b>unsupported</b>, using them may result in inconsistent state, -and upgrading either bhyve or libvirtd maybe break behavior of a domain that -was relying on a specific commands pass-through.</p> - - </body> -</html> diff --git a/docs/drvbhyve.rst b/docs/drvbhyve.rst new file mode 100644 index 0000000000..95ef4e9b49 --- /dev/null +++ b/docs/drvbhyve.rst @@ -0,0 +1,582 @@ +.. role:: since + +============ +Bhyve driver +============ + +.. contents:: + +Bhyve is a FreeBSD hypervisor. It first appeared in FreeBSD 10.0. However, it's +recommended to keep tracking FreeBSD 10-STABLE to make sure all new features of +bhyve are supported. In order to enable bhyve on your FreeBSD host, you'll need +to load the ``vmm`` kernel module. Additionally, ``if_tap`` and ``if_bridge`` +modules should be loaded for networking support. Also, :since:`since 3.2.0` the +``virt-host-validate(1)`` supports the bhyve host validation and could be used +like this: + +:: + + $ virt-host-validate bhyve + BHYVE: Checking for vmm module : PASS + BHYVE: Checking for if_tap module : PASS + BHYVE: Checking for if_bridge module : PASS + BHYVE: Checking for nmdm module : PASS + $ + +Additional information on bhyve could be obtained on +`bhyve.org <https://bhyve.org/>`__. + +Connections to the Bhyve driver +------------------------------- + +The libvirt bhyve driver is a single-instance privileged driver. Some sample +connection URIs are: + +:: + + bhyve:///system (local access) + bhyve+unix:///system (local access) + bhyve+ssh://root@example.com/system (remote access, SSH tunnelled) + +Example guest domain XML configurations +--------------------------------------- + +Example config +~~~~~~~~~~~~~~ + +The bhyve driver in libvirt is in its early stage and under active development. +So it supports only limited number of features bhyve provides. + +Note: in older libvirt versions, only a single network device and a single disk +device were supported per-domain. However, :since:`since 1.2.6` the libvirt +bhyve driver supports up to 31 PCI devices. + +Note: the Bhyve driver in libvirt will boot whichever device is first. If you +want to install from CD, put the CD device first. If not, put the root HDD +first. + +Note: Only the SATA bus is supported. Only ``cdrom``- and ``disk``-type disks +are supported. + +:: + + <domain type='bhyve'> + <name>bhyve</name> + <uuid>df3be7e7-a104-11e3-aeb0-50e5492bd3dc</uuid> + <memory>219136</memory> + <currentMemory>219136</currentMemory> + <vcpu>1</vcpu> + <os> + <type>hvm</type> + </os> + <features> + <apic/> + <acpi/> + </features> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <disk type='file'> + <driver name='file' type='raw'/> + <source file='/path/to/bhyve_freebsd.img'/> + <target dev='hda' bus='sata'/> + </disk> + <disk type='file' device='cdrom'> + <driver name='file' type='raw'/> + <source file='/path/to/cdrom.iso'/> + <target dev='hdc' bus='sata'/> + <readonly/> + </disk> + <interface type='bridge'> + <model type='virtio'/> + <source bridge="virbr0"/> + </interface> + </devices> + </domain> + +(The <disk> sections may be swapped in order to install from *cdrom.iso*.) + +Example config (Linux guest) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Note the addition of <bootloader>. + +:: + + <domain type='bhyve'> + <name>linux_guest</name> + <uuid>df3be7e7-a104-11e3-aeb0-50e5492bd3dc</uuid> + <memory>131072</memory> + <currentMemory>131072</currentMemory> + <vcpu>1</vcpu> + <bootloader>/usr/local/sbin/grub-bhyve</bootloader> + <os> + <type>hvm</type> + </os> + <features> + <apic/> + <acpi/> + </features> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <disk type='file' device='disk'> + <driver name='file' type='raw'/> + <source file='/path/to/guest_hdd.img'/> + <target dev='hda' bus='sata'/> + </disk> + <disk type='file' device='cdrom'> + <driver name='file' type='raw'/> + <source file='/path/to/cdrom.iso'/> + <target dev='hdc' bus='sata'/> + <readonly/> + </disk> + <interface type='bridge'> + <model type='virtio'/> + <source bridge="virbr0"/> + </interface> + </devices> + </domain> + +Example config (Linux UEFI guest, VNC, tablet) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This is an example to boot into Fedora 25 installation: + +:: + + <domain type='bhyve'> + <name>fedora_uefi_vnc_tablet</name> + <memory unit='G'>4</memory> + <vcpu>2</vcpu> + <os> + <type>hvm</type> + <loader readonly="yes" type="pflash">/usr/local/share/uefi-firmware/BHYVE_UEFI.fd</loader> + </os> + <features> + <apic/> + <acpi/> + </features> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <disk type='file' device='cdrom'> + <driver name='file' type='raw'/> + <source file='/path/to/Fedora-Workstation-Live-x86_64-25-1.3.iso'/> + <target dev='hdc' bus='sata'/> + <readonly/> + </disk> + <disk type='file' device='disk'> + <driver name='file' type='raw'/> + <source file='/path/to/linux_uefi.img'/> + <target dev='hda' bus='sata'/> + </disk> + <interface type='bridge'> + <model type='virtio'/> + <source bridge="virbr0"/> + </interface> + <serial type="nmdm"> + <source master="/dev/nmdm0A" slave="/dev/nmdm0B"/> + </serial> + <graphics type='vnc' port='5904'> + <listen type='address' address='127.0.0.1'/> + </graphics> + <controller type='usb' model='nec-xhci'/> + <input type='tablet' bus='usb'/> + </devices> + </domain> + +Please refer to the `UEFI <#uefi>`__ section for a more detailed explanation. + +Guest usage / management +------------------------ + +Connecting to a guest console +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Guest console connection is supported through the ``nmdm`` device. It could be +enabled by adding the following to the domain XML ( :since:`Since 1.2.4` ): + +:: + + ... + <devices> + <serial type="nmdm"> + <source master="/dev/nmdm0A" slave="/dev/nmdm0B"/> + </serial> + </devices> + ... + +Make sure to load the ``nmdm`` kernel module if you plan to use that. + +Then ``virsh console`` command can be used to connect to the text console of a +guest. + +**NB:** Some versions of bhyve have a bug that prevents guests from booting +until the console is opened by a client. This bug was fixed in `FreeBSD +changeset r262884 <https://svnweb.freebsd.org/changeset/base/262884>`__. If an +older version is used, one either has to open a console manually with +``virsh console`` to let a guest boot or start a guest using: + +:: + + start --console domname + +**NB:** A bootloader configured to require user interaction will prevent the +domain from starting (and thus ``virsh console`` or ``start --console`` from +functioning) until the user interacts with it manually on the VM host. Because +users typically do not have access to the VM host, interactive bootloaders are +unsupported by libvirt. *However,* if you happen to run into this scenario and +also happen to have access to the Bhyve host machine, you may select a boot +option and allow the domain to finish starting by using an alternative terminal +client on the VM host to connect to the domain-configured null modem device. One +example (assuming ``/dev/nmdm0B`` is configured as the slave end of the domain +serial device) is: + +:: + + cu -l /dev/nmdm0B + +Converting from domain XML to Bhyve args +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh domxml-to-native`` command can preview the actual ``bhyve`` commands +that will be executed for a given domain. It outputs two lines, the first line +is a ``bhyveload`` command and the second is a ``bhyve`` command. + +Please note that the ``virsh domxml-to-native`` doesn't do any real actions +other than printing the command, for example, it doesn't try to find a proper +TAP interface and create it, like what is done when starting a domain; and +always returns ``tap0`` for the network interface. So if you're going to run +these commands manually, most likely you might want to tweak them. + +:: + + # virsh -c "bhyve:///system" domxml-to-native --format bhyve-argv --xml /path/to/bhyve.xml + /usr/sbin/bhyveload -m 214 -d /home/user/vm1.img vm1 + /usr/sbin/bhyve -c 2 -m 214 -A -I -H -P -s 0:0,hostbridge \ + -s 3:0,virtio-net,tap0,mac=52:54:00:5d:74:e3 -s 2:0,virtio-blk,/home/user/vm1.img \ + -s 1,lpc -l com1,/dev/nmdm0A vm1 + +Using ZFS volumes +~~~~~~~~~~~~~~~~~ + +It's possible to use ZFS volumes as disk devices :since:`since 1.2.8` . An +example of domain XML device entry for that will look like: + +:: + + ... + <disk type='volume' device='disk'> + <source pool='zfspool' volume='vol1'/> + <target dev='vdb' bus='virtio'/> + </disk> + ... + +Please refer to the `Storage documentation <storage.html>`__ for more details on +storage management. + +Using grub2-bhyve or Alternative Bootloaders +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +It's possible to boot non-FreeBSD guests by specifying an explicit bootloader, +e.g. ``grub-bhyve(1)``. Arguments to the bootloader may be specified as well. If +the bootloader is ``grub-bhyve`` and arguments are omitted, libvirt will try and +infer boot ordering from user-supplied <boot order='N'> configuration in the +domain. Failing that, it will boot the first disk in the domain (either +``cdrom``- or ``disk``-type devices). If the disk type is ``disk``, it will +attempt to boot from the first partition in the disk image. + +:: + + ... + <bootloader>/usr/local/sbin/grub-bhyve</bootloader> + <bootloader_args>...</bootloader_args> + ... + +Caveat: ``bootloader_args`` does not support any quoting. Filenames, etc, must +not have spaces or they will be tokenized incorrectly. + +Using UEFI bootrom, VNC, and USB tablet +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:since:`Since 3.2.0` , in addition to `grub-bhyve <#grubbhyve>`__, non-FreeBSD +guests could be also booted using an UEFI boot ROM, provided both guest OS and +installed ``bhyve(1)`` version support UEFI. To use that, ``loader`` should be +specified in the ``os`` section: + +:: + + <domain type='bhyve'> + ... + <os> + <type>hvm</type> + <loader readonly="yes" type="pflash">/usr/local/share/uefi-firmware/BHYVE_UEFI.fd</loader> + </os> + ... + +This uses the UEFI firmware provided by the +`sysutils/bhyve-firmware <https://www.freshports.org/sysutils/bhyve-firmware/>`__ +FreeBSD port. + +VNC and the tablet input device could be configured this way: + +:: + + <domain type='bhyve'> + <devices> + ... + <graphics type='vnc' port='5904'> + <listen type='address' address='127.0.0.1'/> + </graphics> + <controller type='usb' model='nec-xhci'/> + <input type='tablet' bus='usb'/> + </devices> + ... + </domain> + +This way, VNC will be accessible on ``127.0.0.1:5904``. + +Please note that the tablet device requires to have a USB controller of the +``nec-xhci`` model. Currently, only a single controller of this type and a +single tablet are supported per domain. + +:since:`Since 3.5.0` , it's possible to configure how the video device is +exposed to the guest using the ``vgaconf`` attribute: + +:: + + <domain type='bhyve'> + <devices> + ... + <graphics type='vnc' port='5904'> + <listen type='address' address='127.0.0.1'/> + </graphics> + <video> + <driver vgaconf='on'/> + <model type='gop' heads='1' primary='yes'/> + </video> + ... + </devices> + ... + </domain> + +If not specified, bhyve's default mode for ``vgaconf`` will be used. Please +refer to the +`bhyve(8) <https://www.freebsd.org/cgi/man.cgi?query=bhyve&sektion=8&manpath... +manual page and the `bhyve wiki <https://wiki.freebsd.org/bhyve>`__ for more +details on using the ``vgaconf`` option. + +:since:`Since 3.7.0` , it's possible to use ``autoport`` to let libvirt allocate +VNC port automatically (instead of explicitly specifying it with the ``port`` +attribute): + +:: + + <graphics type='vnc' autoport='yes'> + +:since:`Since 6.8.0` , it's possible to set framebuffer resolution using the +``resolution`` sub-element: + +:: + + <video> + <model type='gop' heads='1' primary='yes'> + <resolution x='800' y='600'/> + </model> + </video> + +:since:`Since 6.8.0` , VNC server can be configured to use password based +authentication: + +:: + + <graphics type='vnc' port='5904' passwd='foobar'> + <listen type='address' address='127.0.0.1'/> + </graphics> + +Note: VNC password authentication is known to be cryptographically weak. +Additionally, the password is passed as a command line argument in clear text. +Make sure you understand the risks associated with this feature before using it. + +Clock configuration +~~~~~~~~~~~~~~~~~~~ + +Originally bhyve supported only localtime for RTC. Support for UTC time was +introduced in `FreeBSD changeset +r284894 <https://svnweb.freebsd.org/changeset/base/284894>`__ for *10-STABLE* +and in `changeset r279225 <https://svnweb.freebsd.org/changeset/base/279225>`__ +for *-CURRENT*. It's possible to use this in libvirt :since:`since 1.2.18` , +just place the following to domain XML: + +:: + + <domain type="bhyve"> + ... + <clock offset='utc'/> + ... + </domain> + +Please note that if you run the older bhyve version that doesn't support UTC +time, you'll fail to start a domain. As UTC is used as a default when you do not +specify clock settings, you'll need to explicitly specify 'localtime' in this +case: + +:: + + <domain type="bhyve"> + ... + <clock offset='localtime'/> + ... + </domain> + +e1000 NIC +~~~~~~~~~ + +As of `FreeBSD changeset +r302504 <https://svnweb.freebsd.org/changeset/base/302504>`__ bhyve supports +Intel e1000 network adapter emulation. It's supported in libvirt :since:`since +3.1.0` and could be used as follows: + +:: + + ... + <interface type='bridge'> + <source bridge='virbr0'/> + <model type='e1000'/> + </interface> + ... + +Sound device +~~~~~~~~~~~~ + +As of `FreeBSD changeset +r349355 <https://svnweb.freebsd.org/changeset/base/349355>`__ bhyve supports +sound device emulation. It's supported in libvirt :since:`since 6.7.0` . + +:: + + ... + <sound model='ich7'> + <audio id='1'/> + </sound> + <audio id='1' type='oss'> + <input dev='/dev/dsp0'/> + <output dev='/dev/dsp0'/> + </audio> + ... + +Here, the ``sound`` element specifies the sound device as it's exposed to the +guest, with ``ich7`` being the only supported model now, and the ``audio`` +element specifies how the guest device is mapped to the host sound device. + +Virtio-9p filesystem +~~~~~~~~~~~~~~~~~~~~ + +As of `FreeBSD changeset +r366413 <https://svnweb.freebsd.org/changeset/base/366413>`__ bhyve supports +sharing arbitrary directory tree between the guest and the host. It's supported +in libvirt :since:`since 6.9.0` . + +:: + + ... + <filesystem> + <source dir='/shared/dir'/> + <target dir='shared_dir'/> + </filesystem> + ... + +This share could be made read only by adding the ``<readonly/>`` sub-element. + +In the Linux guest, this could be mounted using: + +:: + + mount -t 9p shared_dir /mnt/shared_dir + +Wiring guest memory +~~~~~~~~~~~~~~~~~~~ + +:since:`Since 4.4.0` , it's possible to specify that guest memory should be +wired and cannot be swapped out as follows: + +:: + + <domain type="bhyve"> + ... + <memoryBacking> + <locked/> + </memoryBacking> + ... + </domain> + +CPU topology +~~~~~~~~~~~~ + +:since:`Since 4.5.0` , it's possible to specify guest CPU topology, if bhyve +supports that. Support for specifying guest CPU topology was added to bhyve in +`FreeBSD changeset r332298 <https://svnweb.freebsd.org/changeset/base/332298>`__ +for *-CURRENT*. Example: + +:: + + <domain type="bhyve"> + ... + <cpu> + <topology sockets='1' cores='2' threads='1'/> + </cpu> + ... + </domain> + +Ignoring unknown MSRs reads and writes +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:since:`Since 5.1.0` , it's possible to make bhyve ignore accesses to +unimplemented Model Specific Registers (MSRs). Example: + +:: + + <domain type="bhyve"> + ... + <features> + ... + <msrs unknown='ignore'/> + ... + </features> + ... + </domain> + +Pass-through of arbitrary bhyve commands +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:since:`Since 5.1.0` , it's possible to pass additional command-line arguments +to the bhyve process when starting the domain using the ``<bhyve:commandline>`` +element under ``domain``. To supply an argument, use the element ``<bhyve:arg>`` +with the attribute ``value`` set to additional argument to be added. The arg +element may be repeated multiple times. To use this XML addition, it is +necessary to issue an XML namespace request (the special ``xmlns:name`` +attribute) that pulls in ``http://libvirt.org/schemas/domain/bhyve/1.0``; +typically, the namespace is given the name of ``bhyve``. + +Example: + +:: + + <domain type="bhyve" xmlns:bhyve="http://libvirt.org/schemas/domain/bhyve/1.0"> + ... + <bhyve:commandline> + <bhyve:arg value='-somebhyvearg'/> + </bhyve:commandline> + </domain> + +Note that these extensions are for testing and development purposes only. They +are **unsupported**, using them may result in inconsistent state, and upgrading +either bhyve or libvirtd maybe break behavior of a domain that was relying on a +specific commands pass-through. diff --git a/docs/meson.build b/docs/meson.build index bb7e27e031..a6c3077f25 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvbhyve', 'drvesx', 'drvhyperv', 'drvlxc', @@ -79,6 +78,7 @@ docs_rst_files = [ 'daemons', 'downloads', 'drivers', + 'drvbhyve', 'drvch', 'drvqemu', 'errors', -- 2.35.1

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvesx.html.in | 838 -------------------------------------------- docs/drvesx.rst | 681 +++++++++++++++++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 682 insertions(+), 839 deletions(-) delete mode 100644 docs/drvesx.html.in create mode 100644 docs/drvesx.rst diff --git a/docs/drvesx.html.in b/docs/drvesx.html.in deleted file mode 100644 index c56da16f57..0000000000 --- a/docs/drvesx.html.in +++ /dev/null @@ -1,838 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>VMware ESX hypervisor driver</h1> - <ul id="toc"></ul> - <p> - The libvirt VMware ESX driver can manage VMware ESX/ESXi 3.5/4.x/5.x and - VMware GSX 2.0, also called VMware Server 2.0, and possibly later - versions. <span class="since">Since 0.8.3</span> the driver can also - connect to a VMware vCenter 2.5/4.x/5.x (VPX). - </p> - - <h2><a id="project">Project Links</a></h2> - - <ul> - <li> - The <a href="https://www.vmware.com/">VMware ESX and GSX</a> - hypervisors - </li> - </ul> - - <h2><a id="prereq">Deployment pre-requisites</a></h2> - <p> - None. Any out-of-the-box installation of VPX/ESX(i)/GSX should work. No - preparations are required on the server side, no libvirtd must be - installed on the ESX server. The driver uses version 2.5 of the remote, - SOAP based - <a href="https://www.vmware.com/support/developer/vc-sdk/visdk25pubs/Re... - VMware Virtual Infrastructure API</a> (VI API) to communicate with the - ESX server, like the VMware Virtual Infrastructure Client (VI client) - does. Since version 4.0 this API is called - <a href="https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/R... - VMware vSphere API</a>. - </p> - - <h2><a id="uri">Connections to the VMware ESX driver</a></h2> - <p> - Some example remote connection URIs for the driver are: - </p> -<pre> -vpx://example-vcenter.com/dc1/srv1 (VPX over HTTPS, select ESX server 'srv1' in datacenter 'dc1') -esx://example-esx.com (ESX over HTTPS) -gsx://example-gsx.com (GSX over HTTPS) -esx://example-esx.com/?transport=http (ESX over HTTP) -esx://example-esx.com/?no_verify=1 (ESX over HTTPS, but doesn't verify the server's SSL certificate) -</pre> - <p> - <strong>Note</strong>: In contrast to other drivers, the ESX driver is - a client-side-only driver. It connects to the ESX server using HTTP(S). - Therefore, the <a href="remote.html">remote transport mechanism</a> - provided by the remote driver and libvirtd will not work, and you - cannot use URIs like <code>esx+ssh://example.com</code>. - </p> - - - <h3><a id="uriformat">URI Format</a></h3> - <p> - URIs have this general form (<code>[...]</code> marks an optional part). - </p> -<pre> -type://[username@]hostname[:port]/[[folder/...]datacenter/[folder/...][cluster/]server][?extraparameters] -</pre> - <p> - The <code>type://</code> is either <code>esx://</code> or - <code>gsx://</code> or <code>vpx://</code> <span class="since">since 0.8.3</span>. - The driver selects the default port depending on the <code>type://</code>. - For <code>esx://</code> and <code>vpx://</code> the default HTTPS port - is 443, for <code>gsx://</code> it is 8333. - If the port parameter is given, it overrides the default port. - </p> - <p> - A <code>vpx://</code> connection is currently restricted to a single - ESX server. This might be relaxed in the future. The path part of the - URI is used to specify the datacenter and the ESX server in it. If the - ESX server is part of a cluster then the cluster has to be specified too. - </p> - <p> - An example: ESX server <code>example-esx.com</code> is managed by - vCenter <code>example-vcenter.com</code> and part of cluster - <code>cluster1</code>. This cluster is part of datacenter <code>dc1</code>. - </p> -<pre> -vpx://example-vcenter.com/dc1/cluster1/example-esx.com -</pre> - <p> - Datacenters and clusters can be organized in folders, those have to be - specified as well. The driver can handle folders - <span class="since">since 0.9.7</span>. - </p> -<pre> -vpx://example-vcenter.com/folder1/dc1/folder2/example-esx.com -</pre> - - - <h4><a id="extraparams">Extra parameters</a></h4> - <p> - Extra parameters can be added to a URI as part of the query string - (the part following <code>?</code>). A single parameter is formed by a - <code>name=value</code> pair. Multiple parameters are separated by - <code>&amp;</code>. - </p> -<pre> -?<span style="color: #E50000">no_verify=1</span>&amp;<span style="color: #00B200">auto_answer=1</span>&amp;<span style="color: #0000E5">proxy=socks://example-proxy.com:23456</span> -</pre> - <p> - The driver understands the extra parameters shown below. - </p> - <table class="top_table"> - <tr> - <th>Name</th> - <th>Values</th> - <th>Meaning</th> - </tr> - <tr> - <td> - <code>transport</code> - </td> - <td> - <code>http</code> or <code>https</code> - </td> - <td> - Overrides the default HTTPS transport. For <code>esx://</code> - and <code>vpx://</code> the default HTTP port is 80, for - <code>gsx://</code> it is 8222. - </td> - </tr> - <tr> - <td> - <code>vcenter</code> - </td> - <td> - Hostname of a VMware vCenter or <code>*</code> - </td> - <td> - In order to perform a migration the driver needs to know the - VMware vCenter for the ESX server. If set to <code>*</code>, - the driver connects to the vCenter known to the ESX server. - This parameter in useful when connecting to an ESX server only. - </td> - </tr> - <tr> - <td> - <code>no_verify</code> - </td> - <td> - <code>0</code> or <code>1</code> - </td> - <td> - If set to 1, this disables libcurl client checks of the server's - SSL certificate. The default value is 0. See the - <a href="#certificates">Certificates for HTTPS</a> section for - details. - </td> - </tr> - <tr> - <td> - <code>auto_answer</code> - </td> - <td> - <code>0</code> or <code>1</code> - </td> - <td> - If set to 1, the driver answers all - <a href="#questions">questions</a> with the default answer. - If set to 0, questions are reported as errors. The default - value is 0. <span class="since">Since 0.7.5</span>. - </td> - </tr> - <tr> - <td> - <code>proxy</code> - </td> - <td> - <code>[type://]hostname[:port]</code> - </td> - <td> - Allows to specify a proxy for HTTP and HTTPS communication. - <span class="since">Since 0.8.2</span>. - The optional <code>type</code> part may be one of: - <code>http</code>, <code>socks</code>, <code>socks4</code>, - <code>socks4a</code> or <code>socks5</code>. The default is - <code>http</code> and <code>socks</code> is synonymous for - <code>socks5</code>. The optional <code>port</code> allows to - override the default port 1080. - </td> - </tr> - </table> - - - <h3><a id="auth">Authentication</a></h3> - <p> - In order to perform any useful operation the driver needs to log into - the ESX server. Therefore, only <code>virConnectOpenAuth</code> can be - used to connect to an ESX server, <code>virConnectOpen</code> and - <code>virConnectOpenReadOnly</code> don't work. - To log into an ESX server or vCenter the driver will request - credentials using the callback passed to the - <code>virConnectOpenAuth</code> function. The driver passes the - hostname as challenge parameter to the callback. This enables the - callback to distinguish between requests for ESX server and vCenter. - </p> - <p> - <strong>Note</strong>: During the ongoing driver development, testing - is done using an unrestricted <code>root</code> account. Problems may - occur if you use a restricted account. Detailed testing with restricted - accounts has not been done yet. - </p> - - - <h3><a id="certificates">Certificates for HTTPS</a></h3> - <p> - By default the ESX driver uses HTTPS to communicate with an ESX server. - Proper HTTPS communication requires correctly configured SSL - certificates. This certificates are different from the ones libvirt - uses for <a href="remote.html">secure communication over TLS</a> to a - libvirtd one a remote server. - </p> - <p> - By default the driver tries to verify the server's SSL certificate - using the CA certificate pool installed on your client computer. With - an out-of-the-box installed ESX server this won't work, because a newly - installed ESX server uses auto-generated self-signed certificates. - Those are signed by a CA certificate that is typically not known to your - client computer and libvirt will report an error like this one: - </p> -<pre> -error: internal error curl_easy_perform() returned an error: Peer certificate cannot be authenticated with known CA certificates (60) -</pre> - <p> - Where are two ways to solve this problem: - </p> - <ul> - <li> - Use the <code>no_verify=1</code> <a href="#extraparams">extra parameter</a> - to disable server certificate verification. - </li> - <li> - Generate new SSL certificates signed by a CA known to your client - computer and replace the original ones on your ESX server. See the - section <i>Replace a Default Certificate with a CA-Signed Certificate</i> - in the <a href="https://www.vmware.com/pdf/vsphere4/r40/vsp_40_esx_server_conf... Configuration Guide</a> - </li> - </ul> - - - <h3><a id="connproblems">Connection problems</a></h3> - <p> - There are also other causes for connection problems than the - <a href="#certificates">HTTPS certificate</a> related ones. - </p> - <ul> - <li> - As stated before the ESX driver doesn't need the - <a href="remote.html">remote transport mechanism</a> - provided by the remote driver and libvirtd, nor does the ESX driver - support it. Therefore, using an URI including a transport in the - scheme won't work. Only <a href="#uriformat">URIs as described</a> - are supported by the ESX driver. Here's a collection of possible - error messages: -<pre> -$ virsh -c esx+tcp://example.com/ -error: unable to connect to libvirtd at 'example.com': Connection refused -</pre> -<pre> -$ virsh -c esx+tls://example.com/ -error: Cannot access CA certificate '/etc/pki/CA/cacert.pem': No such file or directory -</pre> -<pre> -$ virsh -c esx+ssh://example.com/ -error: cannot recv data: ssh: connect to host example.com port 22: Connection refused -</pre> -<pre> -$ virsh -c esx+ssh://example.com/ -error: cannot recv data: Resource temporarily unavailable -</pre> - </li> - <li> - <span class="since">Since 0.7.0</span> libvirt contains the ESX - driver. Earlier versions of libvirt will report a misleading error - about missing certificates when you try to connect to an ESX server. -<pre> -$ virsh -c esx://example.com/ -error: Cannot access CA certificate '/etc/pki/CA/cacert.pem': No such file or directory -</pre> - <p> - Don't let this error message confuse you. Setting up certificates - as described on the <a href="remote.html#Remote_certificates">remote transport mechanism</a> page - does not help, as this is not a certificate related problem. - </p> - <p> - To fix this problem you need to update your libvirt to 0.7.0 or newer. - You may also see this error when you use a libvirt version that - contains the ESX driver but you or your distro disabled the ESX - driver during compilation. <span class="since">Since 0.8.3</span> - the error message has been improved in this case: - </p> -<pre> -$ virsh -c esx://example.com/ -error: invalid argument in libvirt was built without the 'esx' driver -</pre> - </li> - </ul> - - - <h2><a id="questions">Questions blocking tasks</a></h2> - <p> - Some methods of the VI API start tasks, for example - <code>PowerOnVM_Task()</code>. Such tasks may be blocked by questions - if the ESX server detects an issue with the domain that requires user - interaction. The ESX driver cannot prompt the user to answer a - question, libvirt doesn't have an API for something like this. - </p> - <p> - The VI API provides the <code>AnswerVM()</code> method to - programmatically answer a questions. So the driver has two options - how to handle such a situation: either answer the questions with the - default answer or report the question as an error and cancel the - blocked task if possible. The - <a href="#uriformat"><code>auto_answer</code></a> query parameter - controls the answering behavior. - </p> - - - <h2><a id="xmlspecial">Specialities in the domain XML config</a></h2> - <p> - There are several specialities in the domain XML config for ESX domains. - </p> - - <h3><a id="restrictions">Restrictions</a></h3> - <p> - There are some restrictions for some values of the domain XML config. - The driver will complain if this restrictions are violated. - </p> - <ul> - <li> - Memory size has to be a multiple of 4096 - </li> - <li> - Number of virtual CPU has to be 1 or a multiple of 2. - <span class="since">Since 4.10.0</span> any number of vCPUs is - supported. - </li> - <li> - Valid MAC address prefixes are <code>00:0c:29</code> and - <code>00:50:56</code>. <span class="since">Since 0.7.6</span> - arbitrary <a href="#macaddresses">MAC addresses</a> are supported. - </li> - </ul> - - - <h3><a id="datastore">Datastore references</a></h3> - <p> - Storage is managed in datastores. VMware uses a special path format to - reference files in a datastore. Basically, the datastore name is put - into squared braces in front of the path. - </p> -<pre> -[datastore] directory/filename -</pre> - <p> - To define a new domain the driver converts the domain XML into a - VMware VMX file and uploads it to a datastore known to the ESX server. - Because multiple datastores may be known to an ESX server the driver - needs to decide to which datastore the VMX file should be uploaded. - The driver deduces this information from the path of the source of the - first file-based harddisk listed in the domain XML. - </p> - - - <h3><a id="macaddresses">MAC addresses</a></h3> - <p> - VMware has registered two MAC address prefixes for domains: - <code>00:0c:29</code> and <code>00:50:56</code>. These prefixes are - split into ranges for different purposes. - </p> - <table class="top_table"> - <tr> - <th>Range</th> - <th>Purpose</th> - </tr> - <tr> - <td> - <code>00:0c:29:00:00:00</code> - <code>00:0c:29:ff:ff:ff</code> - </td> - <td> - An ESX server autogenerates MAC addresses from this range if - the VMX file doesn't contain a MAC address when trying to start - a domain. - </td> - </tr> - <tr> - <td> - <code>00:50:56:00:00:00</code> - <code>00:50:56:3f:ff:ff</code> - </td> - <td> - MAC addresses from this range can by manually assigned by the - user in the VI client. - </td> - </tr> - <tr> - <td> - <code>00:50:56:80:00:00</code> - <code>00:50:56:bf:ff:ff</code> - </td> - <td> - A VI client autogenerates MAC addresses from this range for - newly defined domains. - </td> - </tr> - </table> - <p> - The VMX files generated by the ESX driver always contain a MAC address, - because libvirt generates a random one if an interface element in the - domain XML file lacks a MAC address. - <span class="since">Since 0.7.6</span> the ESX driver sets the prefix - for generated MAC addresses to <code>00:0c:29</code>. Before 0.7.6 - the <code>00:50:56</code> prefix was used. Sometimes this resulted in - the generation of out-of-range MAC address that were rejected by the - ESX server. - </p> - <p> - Also <span class="since">since 0.7.6</span> every MAC address outside - this ranges can be used. For such MAC addresses the ESX server-side - check is disabled in the VMX file to stop the ESX server from rejecting - out-of-predefined-range MAC addresses. - </p> -<pre> -ethernet0.checkMACAddress = "false" -</pre> - <p> - <span class="since">Since 6.6.0</span>, one can force libvirt to keep the - provided MAC address when it's in the reserved VMware range by adding a - <code>type="static"</code> attribute to the <code>&lt;mac/&gt;</code> element. - Note that this attribute is useless if the provided MAC address is outside of - the reserved VMWare ranges. - </p> - - - <h3><a id="hardware">Available hardware</a></h3> - <p> - VMware ESX supports different models of SCSI controllers and network - cards. - </p> - - <h4>SCSI controller models</h4> - <dl> - <dt><code>auto</code></dt> - <dd> - This isn't an actual controller model. If specified the ESX driver - tries to detect the SCSI controller model referenced in the - <code>.vmdk</code> file and use it. Autodetection fails when a - SCSI controller has multiple disks attached and the SCSI controller - models referenced in the <code>.vmdk</code> files are inconsistent. - <span class="since">Since 0.8.3</span> - </dd> - <dt><code>buslogic</code></dt> - <dd> - BusLogic SCSI controller for older guests. - </dd> - <dt><code>lsilogic</code></dt> - <dd> - LSI Logic SCSI controller for recent guests. - </dd> - <dt><code>lsisas1068</code></dt> - <dd> - LSI Logic SAS 1068 controller. <span class="since">Since 0.8.0</span> - </dd> - <dt><code>vmpvscsi</code></dt> - <dd> - Special VMware Paravirtual SCSI controller, requires VMware tools inside - the guest. See <a href="https://kb.vmware.com/kb/1010398">VMware KB1010398</a> - for details. <span class="since">Since 0.8.3</span> - </dd> - </dl> - <p> - Here a domain XML snippet: - </p> -<pre> -... -&lt;disk type='file' device='disk'&gt; - &lt;source file='[local-storage] Fedora11/Fedora11.vmdk'/&gt; - &lt;target dev='sda' bus='scsi'/&gt; - &lt;address type='drive' controller='0' bus='0' unit='0'/&gt; -&lt;/disk&gt; -&lt;controller type='scsi' index='0' model='<strong>lsilogic</strong>'/&gt; -... -</pre> - <p> - The controller element is supported <span class="since">since 0.8.2</span>. - Prior to this <code>&lt;driver name='lsilogic'/&gt;</code> was abused to - specify the SCSI controller model. This attribute usage is deprecated now. - </p> -<pre> -... -&lt;disk type='file' device='disk'&gt; - &lt;driver name='<strong>lsilogic</strong>'/&gt; - &lt;source file='[local-storage] Fedora11/Fedora11.vmdk'/&gt; - &lt;target dev='sda' bus='scsi'/&gt; -&lt;/disk&gt; -... -</pre> - - - <h4>Network card models</h4> - <dl> - <dt><code>vlance</code></dt> - <dd> - AMD PCnet32 network card for older guests. - </dd> - <dt><code>vmxnet</code>, <code>vmxnet2</code>, <code>vmxnet3</code></dt> - <dd> - Special VMware VMXnet network card, requires VMware tools inside - the guest. See <a href="https://kb.vmware.com/kb/1001805">VMware KB1001805</a> - for details. - </dd> - <dt><code>e1000</code></dt> - <dd> - Intel E1000 network card for recent guests. - </dd> - </dl> - <p> - Here a domain XML snippet: - </p> -<pre> -... -&lt;interface type='bridge'&gt; - &lt;mac address='00:50:56:25:48:c7'/&gt; - &lt;source bridge='VM Network'/&gt; - &lt;model type='<strong>e1000</strong>'/&gt; -&lt;/interface&gt; -... -</pre> - - - <h2><a id="importexport">Import and export of domain XML configs</a></h2> - <p> - The ESX driver currently supports a native config format known as - <code>vmware-vmx</code> to handle VMware VMX configs. - </p> - - - <h3><a id="xmlimport">Converting from VMware VMX config to domain XML config</a></h3> - <p> - The <code>virsh domxml-from-native</code> provides a way to convert an - existing VMware VMX config into a domain XML config that can then be - used by libvirt. - </p> -<pre> -$ cat &gt; demo.vmx &lt;&lt; EOF -#!/usr/bin/vmware -config.version = "8" -virtualHW.version = "4" -floppy0.present = "false" -nvram = "Fedora11.nvram" -deploymentPlatform = "windows" -virtualHW.productCompatibility = "hosted" -tools.upgrade.policy = "useGlobal" -powerType.powerOff = "default" -powerType.powerOn = "default" -powerType.suspend = "default" -powerType.reset = "default" -displayName = "Fedora11" -extendedConfigFile = "Fedora11.vmxf" -scsi0.present = "true" -scsi0.sharedBus = "none" -scsi0.virtualDev = "lsilogic" -memsize = "1024" -scsi0:0.present = "true" -scsi0:0.fileName = "/vmfs/volumes/498076b2-02796c1a-ef5b-000ae484a6a3/Fedora11/Fedora11.vmdk" -scsi0:0.deviceType = "scsi-hardDisk" -ide0:0.present = "true" -ide0:0.clientDevice = "true" -ide0:0.deviceType = "cdrom-raw" -ide0:0.startConnected = "false" -ethernet0.present = "true" -ethernet0.networkName = "VM Network" -ethernet0.addressType = "vpx" -ethernet0.generatedAddress = "00:50:56:91:48:c7" -chipset.onlineStandby = "false" -guestOSAltName = "Red Hat Enterprise Linux 5 (32-Bit)" -guestOS = "rhel5" -uuid.bios = "50 11 5e 16 9b dc 49 d7-f1 71 53 c4 d7 f9 17 10" -snapshot.action = "keep" -sched.cpu.min = "0" -sched.cpu.units = "mhz" -sched.cpu.shares = "normal" -sched.mem.minsize = "0" -sched.mem.shares = "normal" -toolScripts.afterPowerOn = "true" -toolScripts.afterResume = "true" -toolScripts.beforeSuspend = "true" -toolScripts.beforePowerOff = "true" -scsi0:0.redo = "" -tools.syncTime = "false" -uuid.location = "56 4d b5 06 a2 bd fb eb-ae 86 f7 d8 49 27 d0 c4" -sched.cpu.max = "unlimited" -sched.swap.derivedName = "/vmfs/volumes/498076b2-02796c1a-ef5b-000ae484a6a3/Fedora11/Fedora11-7de040d8.vswp" -tools.remindInstall = "TRUE" -EOF - -$ virsh -c esx://example.com domxml-from-native vmware-vmx demo.vmx -Enter username for example.com [root]: -Enter root password for example.com: -&lt;domain type='vmware'&gt; - &lt;name&gt;Fedora11&lt;/name&gt; - &lt;uuid&gt;50115e16-9bdc-49d7-f171-53c4d7f91710&lt;/uuid&gt; - &lt;memory&gt;1048576&lt;/memory&gt; - &lt;currentMemory&gt;1048576&lt;/currentMemory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;os&gt; - &lt;type arch='i686'&gt;hvm&lt;/type&gt; - &lt;/os&gt; - &lt;clock offset='utc'/&gt; - &lt;on_poweroff&gt;destroy&lt;/on_poweroff&gt; - &lt;on_reboot&gt;restart&lt;/on_reboot&gt; - &lt;on_crash&gt;destroy&lt;/on_crash&gt; - &lt;devices&gt; - &lt;disk type='file' device='disk'&gt; - &lt;source file='[local-storage] Fedora11/Fedora11.vmdk'/&gt; - &lt;target dev='sda' bus='scsi'/&gt; - &lt;address type='drive' controller='0' bus='0' unit='0'/&gt; - &lt;/disk&gt; - &lt;controller type='scsi' index='0' model='lsilogic'/&gt; - &lt;interface type='bridge'&gt; - &lt;mac address='00:50:56:91:48:c7'/&gt; - &lt;source bridge='VM Network'/&gt; - &lt;/interface&gt; - &lt;/devices&gt; -&lt;/domain&gt; -</pre> - - - <h3><a id="xmlexport">Converting from domain XML config to VMware VMX config</a></h3> - <p> - The <code>virsh domxml-to-native</code> provides a way to convert a - domain XML config into a VMware VMX config. - </p> -<pre> -$ cat &gt; demo.xml &lt;&lt; EOF -&lt;domain type='vmware'&gt; - &lt;name&gt;Fedora11&lt;/name&gt; - &lt;uuid&gt;50115e16-9bdc-49d7-f171-53c4d7f91710&lt;/uuid&gt; - &lt;memory&gt;1048576&lt;/memory&gt; - &lt;currentMemory&gt;1048576&lt;/currentMemory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;os&gt; - &lt;type arch='x86_64'&gt;hvm&lt;/type&gt; - &lt;/os&gt; - &lt;devices&gt; - &lt;disk type='file' device='disk'&gt; - &lt;source file='[local-storage] Fedora11/Fedora11.vmdk'/&gt; - &lt;target dev='sda' bus='scsi'/&gt; - &lt;address type='drive' controller='0' bus='0' unit='0'/&gt; - &lt;/disk&gt; - &lt;controller type='scsi' index='0' model='lsilogic'/&gt; - &lt;interface type='bridge'&gt; - &lt;mac address='00:50:56:25:48:c7'/&gt; - &lt;source bridge='VM Network'/&gt; - &lt;/interface&gt; - &lt;/devices&gt; -&lt;/domain&gt; -EOF - -$ virsh -c esx://example.com domxml-to-native vmware-vmx demo.xml -Enter username for example.com [root]: -Enter root password for example.com: -config.version = "8" -virtualHW.version = "4" -guestOS = "other-64" -uuid.bios = "50 11 5e 16 9b dc 49 d7-f1 71 53 c4 d7 f9 17 10" -displayName = "Fedora11" -memsize = "1024" -numvcpus = "1" -scsi0.present = "true" -scsi0.virtualDev = "lsilogic" -scsi0:0.present = "true" -scsi0:0.deviceType = "scsi-hardDisk" -scsi0:0.fileName = "/vmfs/volumes/local-storage/Fedora11/Fedora11.vmdk" -ethernet0.present = "true" -ethernet0.networkName = "VM Network" -ethernet0.connectionType = "bridged" -ethernet0.addressType = "static" -ethernet0.address = "00:50:56:25:48:C7" -</pre> - - - <h2><a id="xmlconfig">Example domain XML configs</a></h2> - - <h3>Fedora11 on x86_64</h3> -<pre> -&lt;domain type='vmware'&gt; - &lt;name&gt;Fedora11&lt;/name&gt; - &lt;uuid&gt;50115e16-9bdc-49d7-f171-53c4d7f91710&lt;/uuid&gt; - &lt;memory&gt;1048576&lt;/memory&gt; - &lt;currentMemory&gt;1048576&lt;/currentMemory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;os&gt; - &lt;type arch='x86_64'&gt;hvm&lt;/type&gt; - &lt;/os&gt; - &lt;devices&gt; - &lt;disk type='file' device='disk'&gt; - &lt;source file='[local-storage] Fedora11/Fedora11.vmdk'/&gt; - &lt;target dev='sda' bus='scsi'/&gt; - &lt;address type='drive' controller='0' bus='0' unit='0'/&gt; - &lt;/disk&gt; - &lt;controller type='scsi' index='0'/&gt; - &lt;interface type='bridge'&gt; - &lt;mac address='00:50:56:25:48:c7'/&gt; - &lt;source bridge='VM Network'/&gt; - &lt;/interface&gt; - &lt;/devices&gt; -&lt;/domain&gt; -</pre> - - - <h2><a id="migration">Migration</a></h2> - <p> - A migration cannot be initiated on an ESX server directly, a VMware - vCenter is necessary for this. The <code>vcenter</code> query - parameter must be set either to the hostname or IP address of the - vCenter managing the ESX server or to <code>*</code>. Setting it - to <code>*</code> causes the driver to connect to the vCenter known to - the ESX server. If the ESX server is not managed by a vCenter an error - is reported. - </p> -<pre> -esx://example.com/?vcenter=example-vcenter.com -</pre> - <p> - Here's an example how to migrate the domain <code>Fedora11</code> from - ESX server <code>example-src.com</code> to ESX server - <code>example-dst.com</code> implicitly involving vCenter - <code>example-vcenter.com</code> using <code>virsh</code>. - </p> -<pre> -$ virsh -c esx://example-src.com/?vcenter=* migrate Fedora11 esx://example-dst.com/?vcenter=* -Enter username for example-src.com [root]: -Enter root password for example-src.com: -Enter username for example-vcenter.com [administrator]: -Enter administrator password for example-vcenter.com: -Enter username for example-dst.com [root]: -Enter root password for example-dst.com: -Enter username for example-vcenter.com [administrator]: -Enter administrator password for example-vcenter.com: -</pre> - <p> - <span class="since">Since 0.8.3</span> you can directly connect to a vCenter. - This simplifies migration a bit. Here's the same migration as above but - using <code>vpx://</code> connections and assuming both ESX server are in - datacenter <code>dc1</code> and aren't part of a cluster. - </p> -<pre> -$ virsh -c vpx://example-vcenter.com/dc1/example-src.com migrate Fedora11 vpx://example-vcenter.com/dc1/example-dst.com -Enter username for example-vcenter.com [administrator]: -Enter administrator password for example-vcenter.com: -Enter username for example-vcenter.com [administrator]: -Enter administrator password for example-vcenter.com: -</pre> - - - <h2><a id="scheduler">Scheduler configuration</a></h2> - <p> - The driver exposes the ESX CPU scheduler. The parameters listed below - are available to control the scheduler. - </p> - <dl> - <dt><code>reservation</code></dt> - <dd> - The amount of CPU resource in MHz that is guaranteed to be - available to the domain. Valid values are 0 and greater. - </dd> - <dt><code>limit</code></dt> - <dd> - The CPU utilization of the domain will be - limited to this value in MHz, even if more CPU resources are - available. If the limit is set to -1, the CPU utilization of the - domain is unlimited. If the limit is not set to -1, it must be - greater than or equal to the reservation. - </dd> - <dt><code>shares</code></dt> - <dd> - Shares are used to determine relative CPU - allocation between domains. In general, a domain with more shares - gets proportionally more of the CPU resource. Valid values are 0 - and greater. The special values -1, -2 and -3 represent the - predefined shares level <code>low</code>, <code>normal</code> and - <code>high</code>. - </dd> - </dl> - - - <h2><a id="tools">VMware tools</a></h2> - <p> - Some actions require installed VMware tools. If the VMware tools are - not installed in the guest and one of the actions below is to be - performed the ESX server raises an error and the driver reports it. - </p> - <ul> - <li> - <code>virDomainGetHostname</code> - </li> - <li> - <code>virDomainInterfaceAddresses</code> (only for the - <code>VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT</code> source) - </li> - <li> - <code>virDomainReboot</code> - </li> - <li> - <code>virDomainShutdown</code> - </li> - </ul> - - - <h2><a id="links">Links</a></h2> - <ul> - <li> - <a href="https://www.vmware.com/support/developer/vc-sdk/"> - VMware vSphere Web Services SDK Documentation - </a> - </li> - <li> - <a href="https://www.vmware.com/pdf/esx3_memory.pdf"> - The Role of Memory in VMware ESX Server 3 - </a> - </li> - <li> - <a href="https://www.sanbarrow.com/vmx.html"> - VMware VMX config parameters - </a> - </li> - <li> - <a href="https://www.vmware.com/pdf/vsp_4_pvscsi_perf.pdf"> - VMware ESX 4.0 PVSCSI Storage Performance - </a> - </li> - </ul> -</body></html> diff --git a/docs/drvesx.rst b/docs/drvesx.rst new file mode 100644 index 0000000000..7b35492d21 --- /dev/null +++ b/docs/drvesx.rst @@ -0,0 +1,681 @@ +.. role:: since + +============================ +VMware ESX hypervisor driver +============================ + +.. contents:: + +The libvirt VMware ESX driver can manage VMware ESX/ESXi 3.5/4.x/5.x and VMware +GSX 2.0, also called VMware Server 2.0, and possibly later versions. +:since:`Since 0.8.3` the driver can also connect to a VMware vCenter 2.5/4.x/5.x +(VPX). + +Project Links +------------- + +- The `VMware ESX and GSX <https://www.vmware.com/>`__ hypervisors + +Deployment pre-requisites +------------------------- + +None. Any out-of-the-box installation of VPX/ESX(i)/GSX should work. No +preparations are required on the server side, no libvirtd must be installed on +the ESX server. The driver uses version 2.5 of the remote, SOAP based `VMware +Virtual Infrastructure +API <https://www.vmware.com/support/developer/vc-sdk/visdk25pubs/ReferenceGuid... +(VI API) to communicate with the ESX server, like the VMware Virtual +Infrastructure Client (VI client) does. Since version 4.0 this API is called +`VMware vSphere +API <https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGui.... + +Connections to the VMware ESX driver +------------------------------------ + +Some example remote connection URIs for the driver are: + +:: + + vpx://example-vcenter.com/dc1/srv1 (VPX over HTTPS, select ESX server 'srv1' in datacenter 'dc1') + esx://example-esx.com (ESX over HTTPS) + gsx://example-gsx.com (GSX over HTTPS) + esx://example-esx.com/?transport=http (ESX over HTTP) + esx://example-esx.com/?no_verify=1 (ESX over HTTPS, but doesn't verify the server's SSL certificate) + +**Note**: In contrast to other drivers, the ESX driver is a client-side-only +driver. It connects to the ESX server using HTTP(S). Therefore, the `remote +transport mechanism <remote.html>`__ provided by the remote driver and libvirtd +will not work, and you cannot use URIs like ``esx+ssh://example.com``. + +URI Format +~~~~~~~~~~ + +URIs have this general form (``[...]`` marks an optional part). + +:: + + type://[username@]hostname[:port]/[[folder/...]datacenter/[folder/...][cluster/]server][?extraparameters] + +The ``type://`` is either ``esx://`` or ``gsx://`` or ``vpx://`` :since:`since +0.8.3` . The driver selects the default port depending on the ``type://``. For +``esx://`` and ``vpx://`` the default HTTPS port is 443, for ``gsx://`` it is +8333. If the port parameter is given, it overrides the default port. + +A ``vpx://`` connection is currently restricted to a single ESX server. This +might be relaxed in the future. The path part of the URI is used to specify the +datacenter and the ESX server in it. If the ESX server is part of a cluster then +the cluster has to be specified too. + +An example: ESX server ``example-esx.com`` is managed by vCenter +``example-vcenter.com`` and part of cluster ``cluster1``. This cluster is part +of datacenter ``dc1``. + +:: + + vpx://example-vcenter.com/dc1/cluster1/example-esx.com + +Datacenters and clusters can be organized in folders, those have to be specified +as well. The driver can handle folders :since:`since 0.9.7` . + +:: + + vpx://example-vcenter.com/folder1/dc1/folder2/example-esx.com + +Extra parameters +^^^^^^^^^^^^^^^^ + +Extra parameters can be added to a URI as part of the query string (the part +following ``?``). A single parameter is formed by a ``name=value`` pair. +Multiple parameters are separated by ``&``. + +:: + + ?no_verify=1&auto_answer=1&proxy=socks://example-proxy.com:23456 + +The driver understands the extra parameters shown below. + ++-----------------+-----------------------------+-----------------------------+ +| Name | Values | Meaning | ++=================+=============================+=============================+ +| ``transport`` | ``http`` or ``https`` | Overrides the default HTTPS | +| | | transport. For ``esx://`` | +| | | and ``vpx://`` the default | +| | | HTTP port is 80, for | +| | | ``gsx://`` it is 8222. | ++-----------------+-----------------------------+-----------------------------+ +| ``vcenter`` | Hostname of a VMware | In order to perform a | +| | vCenter or ``*`` | migration the driver needs | +| | | to know the VMware vCenter | +| | | for the ESX server. If set | +| | | to ``*``, the driver | +| | | connects to the vCenter | +| | | known to the ESX server. | +| | | This parameter in useful | +| | | when connecting to an ESX | +| | | server only. | ++-----------------+-----------------------------+-----------------------------+ +| ``no_verify`` | ``0`` or ``1`` | If set to 1, this disables | +| | | libcurl client checks of | +| | | the server's SSL | +| | | certificate. The default | +| | | value is 0. See the | +| | | `Certificates for | +| | | HTTPS <#certificates>`__ | +| | | section for details. | ++-----------------+-----------------------------+-----------------------------+ +| ``auto_answer`` | ``0`` or ``1`` | If set to 1, the driver | +| | | answers all | +| | | `questions <#questions>`__ | +| | | with the default answer. If | +| | | set to 0, questions are | +| | | reported as errors. The | +| | | default value is 0. | +| | | :since:`Since 0.7.5` . | ++-----------------+-----------------------------+-----------------------------+ +| ``proxy`` | [type://]hostname[:port] | Allows to specify a proxy | +| | | for HTTP and HTTPS | +| | | communication. | +| | | :since:`Since 0.8.2` . The | +| | | optional ``type`` part may | +| | | be one of: ``http``, | +| | | ``socks``, ``socks4``, | +| | | ``socks4a`` or ``socks5``. | +| | | The default is ``http`` and | +| | | ``socks`` is synonymous for | +| | | ``socks5``. The optional | +| | | ``port`` allows to override | +| | | the default port 1080. | ++-----------------+-----------------------------+-----------------------------+ + +Authentication +~~~~~~~~~~~~~~ + +In order to perform any useful operation the driver needs to log into the ESX +server. Therefore, only ``virConnectOpenAuth`` can be used to connect to an ESX +server, ``virConnectOpen`` and ``virConnectOpenReadOnly`` don't work. To log +into an ESX server or vCenter the driver will request credentials using the +callback passed to the ``virConnectOpenAuth`` function. The driver passes the +hostname as challenge parameter to the callback. This enables the callback to +distinguish between requests for ESX server and vCenter. + +**Note**: During the ongoing driver development, testing is done using an +unrestricted ``root`` account. Problems may occur if you use a restricted +account. Detailed testing with restricted accounts has not been done yet. + +Certificates for HTTPS +~~~~~~~~~~~~~~~~~~~~~~ + +By default the ESX driver uses HTTPS to communicate with an ESX server. Proper +HTTPS communication requires correctly configured SSL certificates. This +certificates are different from the ones libvirt uses for `secure communication +over TLS <remote.html>`__ to a libvirtd one a remote server. + +By default the driver tries to verify the server's SSL certificate using the CA +certificate pool installed on your client computer. With an out-of-the-box +installed ESX server this won't work, because a newly installed ESX server uses +auto-generated self-signed certificates. Those are signed by a CA certificate +that is typically not known to your client computer and libvirt will report an +error like this one: + +:: + + error: internal error curl_easy_perform() returned an error: Peer certificate cannot be authenticated with known CA certificates (60) + +Where are two ways to solve this problem: + +- Use the ``no_verify=1`` `extra parameter <#extraparams>`__ to disable server + certificate verification. +- Generate new SSL certificates signed by a CA known to your client computer + and replace the original ones on your ESX server. See the section *Replace a + Default Certificate with a CA-Signed Certificate* in the `ESX Configuration + Guide <https://www.vmware.com/pdf/vsphere4/r40/vsp_40_esx_server_config.pdf>`__ + +Connection problems +~~~~~~~~~~~~~~~~~~~ + +There are also other causes for connection problems than the `HTTPS +certificate <#certificates>`__ related ones. + +- As stated before the ESX driver doesn't need the `remote transport + mechanism <remote.html>`__ provided by the remote driver and libvirtd, nor + does the ESX driver support it. Therefore, using an URI including a transport + in the scheme won't work. Only `URIs as described <#uriformat>`__ are + supported by the ESX driver. Here's a collection of possible error messages: + + :: + + $ virsh -c esx+tcp://example.com/ + error: unable to connect to libvirtd at 'example.com': Connection refused + + :: + + $ virsh -c esx+tls://example.com/ + error: Cannot access CA certificate '/etc/pki/CA/cacert.pem': No such file or directory + + :: + + $ virsh -c esx+ssh://example.com/ + error: cannot recv data: ssh: connect to host example.com port 22: Connection refused + + :: + + $ virsh -c esx+ssh://example.com/ + error: cannot recv data: Resource temporarily unavailable + +- :since:`Since 0.7.0` libvirt contains the ESX driver. Earlier versions of + libvirt will report a misleading error about missing certificates when you + try to connect to an ESX server. + + :: + + $ virsh -c esx://example.com/ + error: Cannot access CA certificate '/etc/pki/CA/cacert.pem': No such file or directory + + Don't let this error message confuse you. Setting up certificates as + described on the `remote transport + mechanism <remote.html#Remote_certificates>`__ page does not help, as this is + not a certificate related problem. + + To fix this problem you need to update your libvirt to 0.7.0 or newer. You + may also see this error when you use a libvirt version that contains the ESX + driver but you or your distro disabled the ESX driver during compilation. + :since:`Since 0.8.3` the error message has been improved in this case: + + :: + + $ virsh -c esx://example.com/ + error: invalid argument in libvirt was built without the 'esx' driver + +Questions blocking tasks +------------------------ + +Some methods of the VI API start tasks, for example ``PowerOnVM_Task()``. Such +tasks may be blocked by questions if the ESX server detects an issue with the +domain that requires user interaction. The ESX driver cannot prompt the user to +answer a question, libvirt doesn't have an API for something like this. + +The VI API provides the ``AnswerVM()`` method to programmatically answer a +questions. So the driver has two options how to handle such a situation: either +answer the questions with the default answer or report the question as an error +and cancel the blocked task if possible. The `auto_answer <#uriformat>`__ query +parameter controls the answering behavior. + +Specialities in the domain XML config +------------------------------------- + +There are several specialities in the domain XML config for ESX domains. + +Restrictions +~~~~~~~~~~~~ + +There are some restrictions for some values of the domain XML config. The driver +will complain if this restrictions are violated. + +- Memory size has to be a multiple of 4096 +- Number of virtual CPU has to be 1 or a multiple of 2. :since:`Since 4.10.0` + any number of vCPUs is supported. +- Valid MAC address prefixes are ``00:0c:29`` and ``00:50:56``. :since:`Since + 0.7.6` arbitrary `MAC addresses <#macaddresses>`__ are supported. + +Datastore references +~~~~~~~~~~~~~~~~~~~~ + +Storage is managed in datastores. VMware uses a special path format to reference +files in a datastore. Basically, the datastore name is put into squared braces +in front of the path. + +:: + + [datastore] directory/filename + +To define a new domain the driver converts the domain XML into a VMware VMX file +and uploads it to a datastore known to the ESX server. Because multiple +datastores may be known to an ESX server the driver needs to decide to which +datastore the VMX file should be uploaded. The driver deduces this information +from the path of the source of the first file-based harddisk listed in the +domain XML. + +MAC addresses +~~~~~~~~~~~~~ + +VMware has registered two MAC address prefixes for domains: ``00:0c:29`` and +``00:50:56``. These prefixes are split into ranges for different purposes. + ++--------------------------------------+--------------------------------------+ +| Range | Purpose | ++======================================+======================================+ +| ``00:0c:29:00:00:00`` - | An ESX server autogenerates MAC | +| ``00:0c:29:ff:ff:ff`` | addresses from this range if the VMX | +| | file doesn't contain a MAC address | +| | when trying to start a domain. | ++--------------------------------------+--------------------------------------+ +| ``00:50:56:00:00:00`` - | MAC addresses from this range can by | +| ``00:50:56:3f:ff:ff`` | manually assigned by the user in the | +| | VI client. | ++--------------------------------------+--------------------------------------+ +| ``00:50:56:80:00:00`` - | A VI client autogenerates MAC | +| ``00:50:56:bf:ff:ff`` | addresses from this range for newly | +| | defined domains. | ++--------------------------------------+--------------------------------------+ + +The VMX files generated by the ESX driver always contain a MAC address, because +libvirt generates a random one if an interface element in the domain XML file +lacks a MAC address. :since:`Since 0.7.6` the ESX driver sets the prefix for +generated MAC addresses to ``00:0c:29``. Before 0.7.6 the ``00:50:56`` prefix +was used. Sometimes this resulted in the generation of out-of-range MAC address +that were rejected by the ESX server. + +Also :since:`since 0.7.6` every MAC address outside this ranges can be used. For +such MAC addresses the ESX server-side check is disabled in the VMX file to stop +the ESX server from rejecting out-of-predefined-range MAC addresses. + +:: + + ethernet0.checkMACAddress = "false" + +:since:`Since 6.6.0` , one can force libvirt to keep the provided MAC address +when it's in the reserved VMware range by adding a ``type="static"`` attribute +to the ``<mac/>`` element. Note that this attribute is useless if the provided +MAC address is outside of the reserved VMWare ranges. + +Available hardware +~~~~~~~~~~~~~~~~~~ + +VMware ESX supports different models of SCSI controllers and network cards. + +SCSI controller models +^^^^^^^^^^^^^^^^^^^^^^ + +``auto`` + This isn't an actual controller model. If specified the ESX driver tries to + detect the SCSI controller model referenced in the ``.vmdk`` file and use it. + Autodetection fails when a SCSI controller has multiple disks attached and + the SCSI controller models referenced in the ``.vmdk`` files are + inconsistent. :since:`Since 0.8.3` +``buslogic`` + BusLogic SCSI controller for older guests. +``lsilogic`` + LSI Logic SCSI controller for recent guests. +``lsisas1068`` + LSI Logic SAS 1068 controller. :since:`Since 0.8.0` +``vmpvscsi`` + Special VMware Paravirtual SCSI controller, requires VMware tools inside the + guest. See `VMware KB1010398 <https://kb.vmware.com/kb/1010398>`__ for + details. :since:`Since 0.8.3` + +Here a domain XML snippet: + +:: + + ... + <disk type='file' device='disk'> + <source file='[local-storage] Fedora11/Fedora11.vmdk'/> + <target dev='sda' bus='scsi'/> + <address type='drive' controller='0' bus='0' unit='0'/> + </disk> + <controller type='scsi' index='0' model='lsilogic'/> + ... + +The controller element is supported :since:`since 0.8.2` . Prior to this +``<driver name='lsilogic'/>`` was abused to specify the SCSI controller model. +This attribute usage is deprecated now. + +:: + + ... + <disk type='file' device='disk'> + <driver name='lsilogic'/> + <source file='[local-storage] Fedora11/Fedora11.vmdk'/> + <target dev='sda' bus='scsi'/> + </disk> + ... + +Network card models +^^^^^^^^^^^^^^^^^^^ + +``vlance`` + AMD PCnet32 network card for older guests. +``vmxnet``, ``vmxnet2``, ``vmxnet3`` + Special VMware VMXnet network card, requires VMware tools inside the guest. + See `VMware KB1001805 <https://kb.vmware.com/kb/1001805>`__ for details. +``e1000`` + Intel E1000 network card for recent guests. + +Here a domain XML snippet: + +:: + + ... + <interface type='bridge'> + <mac address='00:50:56:25:48:c7'/> + <source bridge='VM Network'/> + <model type='e1000'/> + </interface> + ... + +Import and export of domain XML configs +--------------------------------------- + +The ESX driver currently supports a native config format known as ``vmware-vmx`` +to handle VMware VMX configs. + +Converting from VMware VMX config to domain XML config +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh domxml-from-native`` provides a way to convert an existing VMware +VMX config into a domain XML config that can then be used by libvirt. + +:: + + $ cat > demo.vmx << EOF + #!/usr/bin/vmware + config.version = "8" + virtualHW.version = "4" + floppy0.present = "false" + nvram = "Fedora11.nvram" + deploymentPlatform = "windows" + virtualHW.productCompatibility = "hosted" + tools.upgrade.policy = "useGlobal" + powerType.powerOff = "default" + powerType.powerOn = "default" + powerType.suspend = "default" + powerType.reset = "default" + displayName = "Fedora11" + extendedConfigFile = "Fedora11.vmxf" + scsi0.present = "true" + scsi0.sharedBus = "none" + scsi0.virtualDev = "lsilogic" + memsize = "1024" + scsi0:0.present = "true" + scsi0:0.fileName = "/vmfs/volumes/498076b2-02796c1a-ef5b-000ae484a6a3/Fedora11/Fedora11.vmdk" + scsi0:0.deviceType = "scsi-hardDisk" + ide0:0.present = "true" + ide0:0.clientDevice = "true" + ide0:0.deviceType = "cdrom-raw" + ide0:0.startConnected = "false" + ethernet0.present = "true" + ethernet0.networkName = "VM Network" + ethernet0.addressType = "vpx" + ethernet0.generatedAddress = "00:50:56:91:48:c7" + chipset.onlineStandby = "false" + guestOSAltName = "Red Hat Enterprise Linux 5 (32-Bit)" + guestOS = "rhel5" + uuid.bios = "50 11 5e 16 9b dc 49 d7-f1 71 53 c4 d7 f9 17 10" + snapshot.action = "keep" + sched.cpu.min = "0" + sched.cpu.units = "mhz" + sched.cpu.shares = "normal" + sched.mem.minsize = "0" + sched.mem.shares = "normal" + toolScripts.afterPowerOn = "true" + toolScripts.afterResume = "true" + toolScripts.beforeSuspend = "true" + toolScripts.beforePowerOff = "true" + scsi0:0.redo = "" + tools.syncTime = "false" + uuid.location = "56 4d b5 06 a2 bd fb eb-ae 86 f7 d8 49 27 d0 c4" + sched.cpu.max = "unlimited" + sched.swap.derivedName = "/vmfs/volumes/498076b2-02796c1a-ef5b-000ae484a6a3/Fedora11/Fedora11-7de040d8.vswp" + tools.remindInstall = "TRUE" + EOF + + $ virsh -c esx://example.com domxml-from-native vmware-vmx demo.vmx + Enter username for example.com [root]: + Enter root password for example.com: + <domain type='vmware'> + <name>Fedora11</name> + <uuid>50115e16-9bdc-49d7-f171-53c4d7f91710</uuid> + <memory>1048576</memory> + <currentMemory>1048576</currentMemory> + <vcpu>1</vcpu> + <os> + <type arch='i686'>hvm</type> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <disk type='file' device='disk'> + <source file='[local-storage] Fedora11/Fedora11.vmdk'/> + <target dev='sda' bus='scsi'/> + <address type='drive' controller='0' bus='0' unit='0'/> + </disk> + <controller type='scsi' index='0' model='lsilogic'/> + <interface type='bridge'> + <mac address='00:50:56:91:48:c7'/> + <source bridge='VM Network'/> + </interface> + </devices> + </domain> + +Converting from domain XML config to VMware VMX config +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh domxml-to-native`` provides a way to convert a domain XML config +into a VMware VMX config. + +:: + + $ cat > demo.xml << EOF + <domain type='vmware'> + <name>Fedora11</name> + <uuid>50115e16-9bdc-49d7-f171-53c4d7f91710</uuid> + <memory>1048576</memory> + <currentMemory>1048576</currentMemory> + <vcpu>1</vcpu> + <os> + <type arch='x86_64'>hvm</type> + </os> + <devices> + <disk type='file' device='disk'> + <source file='[local-storage] Fedora11/Fedora11.vmdk'/> + <target dev='sda' bus='scsi'/> + <address type='drive' controller='0' bus='0' unit='0'/> + </disk> + <controller type='scsi' index='0' model='lsilogic'/> + <interface type='bridge'> + <mac address='00:50:56:25:48:c7'/> + <source bridge='VM Network'/> + </interface> + </devices> + </domain> + EOF + + $ virsh -c esx://example.com domxml-to-native vmware-vmx demo.xml + Enter username for example.com [root]: + Enter root password for example.com: + config.version = "8" + virtualHW.version = "4" + guestOS = "other-64" + uuid.bios = "50 11 5e 16 9b dc 49 d7-f1 71 53 c4 d7 f9 17 10" + displayName = "Fedora11" + memsize = "1024" + numvcpus = "1" + scsi0.present = "true" + scsi0.virtualDev = "lsilogic" + scsi0:0.present = "true" + scsi0:0.deviceType = "scsi-hardDisk" + scsi0:0.fileName = "/vmfs/volumes/local-storage/Fedora11/Fedora11.vmdk" + ethernet0.present = "true" + ethernet0.networkName = "VM Network" + ethernet0.connectionType = "bridged" + ethernet0.addressType = "static" + ethernet0.address = "00:50:56:25:48:C7" + +Example domain XML configs +-------------------------- + +Fedora11 on x86_64 +~~~~~~~~~~~~~~~~~~ + +:: + + <domain type='vmware'> + <name>Fedora11</name> + <uuid>50115e16-9bdc-49d7-f171-53c4d7f91710</uuid> + <memory>1048576</memory> + <currentMemory>1048576</currentMemory> + <vcpu>1</vcpu> + <os> + <type arch='x86_64'>hvm</type> + </os> + <devices> + <disk type='file' device='disk'> + <source file='[local-storage] Fedora11/Fedora11.vmdk'/> + <target dev='sda' bus='scsi'/> + <address type='drive' controller='0' bus='0' unit='0'/> + </disk> + <controller type='scsi' index='0'/> + <interface type='bridge'> + <mac address='00:50:56:25:48:c7'/> + <source bridge='VM Network'/> + </interface> + </devices> + </domain> + +Migration +--------- + +A migration cannot be initiated on an ESX server directly, a VMware vCenter is +necessary for this. The ``vcenter`` query parameter must be set either to the +hostname or IP address of the vCenter managing the ESX server or to ``*``. +Setting it to ``*`` causes the driver to connect to the vCenter known to the ESX +server. If the ESX server is not managed by a vCenter an error is reported. + +:: + + esx://example.com/?vcenter=example-vcenter.com + +Here's an example how to migrate the domain ``Fedora11`` from ESX server +``example-src.com`` to ESX server ``example-dst.com`` implicitly involving +vCenter ``example-vcenter.com`` using ``virsh``. + +:: + + $ virsh -c esx://example-src.com/?vcenter=* migrate Fedora11 esx://example-dst.com/?vcenter=* + Enter username for example-src.com [root]: + Enter root password for example-src.com: + Enter username for example-vcenter.com [administrator]: + Enter administrator password for example-vcenter.com: + Enter username for example-dst.com [root]: + Enter root password for example-dst.com: + Enter username for example-vcenter.com [administrator]: + Enter administrator password for example-vcenter.com: + +:since:`Since 0.8.3` you can directly connect to a vCenter. This simplifies +migration a bit. Here's the same migration as above but using ``vpx://`` +connections and assuming both ESX server are in datacenter ``dc1`` and aren't +part of a cluster. + +:: + + $ virsh -c vpx://example-vcenter.com/dc1/example-src.com migrate Fedora11 vpx://example-vcenter.com/dc1/example-dst.com + Enter username for example-vcenter.com [administrator]: + Enter administrator password for example-vcenter.com: + Enter username for example-vcenter.com [administrator]: + Enter administrator password for example-vcenter.com: + +Scheduler configuration +----------------------- + +The driver exposes the ESX CPU scheduler. The parameters listed below are +available to control the scheduler. + +``reservation`` + The amount of CPU resource in MHz that is guaranteed to be available to the + domain. Valid values are 0 and greater. +``limit`` + The CPU utilization of the domain will be limited to this value in MHz, even + if more CPU resources are available. If the limit is set to -1, the CPU + utilization of the domain is unlimited. If the limit is not set to -1, it + must be greater than or equal to the reservation. +``shares`` + Shares are used to determine relative CPU allocation between domains. In + general, a domain with more shares gets proportionally more of the CPU + resource. Valid values are 0 and greater. The special values -1, -2 and -3 + represent the predefined shares level ``low``, ``normal`` and ``high``. + +VMware tools +------------ + +Some actions require installed VMware tools. If the VMware tools are not +installed in the guest and one of the actions below is to be performed the ESX +server raises an error and the driver reports it. + +- ``virDomainGetHostname`` +- ``virDomainInterfaceAddresses`` (only for the + ``VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT`` source) +- ``virDomainReboot`` +- ``virDomainShutdown`` + +Links +----- + +- `VMware vSphere Web Services SDK + Documentation <https://www.vmware.com/support/developer/vc-sdk/>`__ +- `The Role of Memory in VMware ESX Server + 3 <https://www.vmware.com/pdf/esx3_memory.pdf>`__ +- `VMware VMX config parameters <https://www.sanbarrow.com/vmx.html>`__ +- `VMware ESX 4.0 PVSCSI Storage + Performance <https://www.vmware.com/pdf/vsp_4_pvscsi_perf.pdf>`__ diff --git a/docs/meson.build b/docs/meson.build index a6c3077f25..0465c22274 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvesx', 'drvhyperv', 'drvlxc', 'drvnodedev', @@ -80,6 +79,7 @@ docs_rst_files = [ 'drivers', 'drvbhyve', 'drvch', + 'drvesx', 'drvqemu', 'errors', 'formatbackup', -- 2.35.1

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvhyperv.html.in | 150 ----------------------------------------- docs/drvhyperv.rst | 121 +++++++++++++++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 122 insertions(+), 151 deletions(-) delete mode 100644 docs/drvhyperv.html.in create mode 100644 docs/drvhyperv.rst diff --git a/docs/drvhyperv.html.in b/docs/drvhyperv.html.in deleted file mode 100644 index bce4e4128b..0000000000 --- a/docs/drvhyperv.html.in +++ /dev/null @@ -1,150 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>Microsoft Hyper-V hypervisor driver</h1> - <ul id="toc"></ul> - <p> - The libvirt Microsoft Hyper-V driver can manage Hyper-V 2012 R2 and newer. - </p> - - - <h2><a id="project">Project Links</a></h2> - <ul> - <li> - The <a href="http://www.microsoft.com/hyper-v-server/">Microsoft Hyper-V</a> - hypervisor - </li> - </ul> - - - <h2><a id="uri">Connections to the Microsoft Hyper-V driver</a></h2> - <p> - Some example remote connection URIs for the driver are: - </p> -<pre> -hyperv://example-hyperv.com (over HTTPS) -hyperv://example-hyperv.com/?transport=http (over HTTP) -</pre> - <p> - <strong>Note</strong>: In contrast to other drivers, the Hyper-V driver - is a client-side-only driver. It connects to the Hyper-V server using - WS-Management over HTTP(S). Therefore, the - <a href="remote.html">remote transport mechanism</a> provided by the - remote driver and libvirtd will not work, and you cannot use URIs like - <code>hyperv+ssh://example.com</code>. - </p> - - - <h3><a id="uriformat">URI Format</a></h3> - <p> - URIs have this general form (<code>[...]</code> marks an optional part). - </p> -<pre> -hyperv://[username@]hostname[:port]/[?extraparameters] -</pre> - <p> - The default HTTPS ports is 5986. If the port parameter is given, it - overrides the default port. - </p> - - - <h4><a id="extraparams">Extra parameters</a></h4> - <p> - Extra parameters can be added to a URI as part of the query string - (the part following <code>?</code>). A single parameter is formed by a - <code>name=value</code> pair. Multiple parameters are separated by - <code>&amp;</code>. - </p> -<pre> -?transport=http -</pre> - <p> - The driver understands the extra parameters shown below. - </p> - <table class="top_table"> - <tr> - <th>Name</th> - <th>Values</th> - <th>Meaning</th> - </tr> - <tr> - <td> - <code>transport</code> - </td> - <td> - <code>http</code> or <code>https</code> - </td> - <td> - Overrides the default HTTPS transport. The default HTTP port - is 5985. - </td> - </tr> - </table> - - - <h3><a id="auth">Authentication</a></h3> - <p> - In order to perform any useful operation the driver needs to log into - the Hyper-V server. Therefore, only <code>virConnectOpenAuth</code> can - be used to connect to an Hyper-V server, <code>virConnectOpen</code> and - <code>virConnectOpenReadOnly</code> don't work. - To log into an Hyper-V server the driver will request credentials using - the callback passed to the <code>virConnectOpenAuth</code> function. - The driver passes the hostname as challenge parameter to the callback. - </p> - <p> - <strong>Note</strong>: Currently only <code>Basic</code> authentication - is supported by libvirt. This method is disabled by default on the - Hyper-V server and can be enabled via the WinRM commandline tool. - </p> -<pre> -winrm set winrm/config/service/auth @{Basic="true"} -</pre> - <p> - To allow <code>Basic</code> authentication with HTTP transport WinRM - needs to allow unencrypted communication. This can be enabled via the - WinRM commandline tool. However, this is not the recommended - communication mode. - </p> -<pre> -winrm set winrm/config/service @{AllowUnencrypted="true"} -</pre> - - - <h2><a id="versions">Version Numbers</a></h2> - <p> - Since Microsoft's build numbers are almost always over 1000, this driver - needs to pack the value differently compared to the format defined by - <code>virConnectGetVersion</code>. - To preserve all of the digits, the following format is used: - </p> - <pre>major * 100000000 + minor * 1000000 + micro</pre> - <p> - This results in <code>virsh version</code> producing unexpected output. - </p> - <table class="top_table"> - <thead> - <th>Windows Release</th> - <th>Kernel Version</th> - <th>libvirt Representation</th> - </thead> - <tr> - <td>Windows Server 2012 R2</td> - <td>6.3.9600</td> - <td>603.9.600</td> - </tr> - <tr> - <td>Windows Server 2016</td> - <td>10.0.14393</td> - <td>1000.14.393</td> - </tr> - <tr> - <td>Windows Server 2019</td> - <td>10.0.17763</td> - <td>1000.17.763</td> - </tr> - </table> - - -</body></html> diff --git a/docs/drvhyperv.rst b/docs/drvhyperv.rst new file mode 100644 index 0000000000..17d620f29c --- /dev/null +++ b/docs/drvhyperv.rst @@ -0,0 +1,121 @@ +=================================== +Microsoft Hyper-V hypervisor driver +=================================== + +.. contents:: + +The libvirt Microsoft Hyper-V driver can manage Hyper-V 2012 R2 and newer. + +Project Links +------------- + +- The `Microsoft Hyper-V <http://www.microsoft.com/hyper-v-server/>`__ + hypervisor + +Connections to the Microsoft Hyper-V driver +------------------------------------------- + +Some example remote connection URIs for the driver are: + +:: + + hyperv://example-hyperv.com (over HTTPS) + hyperv://example-hyperv.com/?transport=http (over HTTP) + +**Note**: In contrast to other drivers, the Hyper-V driver is a client-side-only +driver. It connects to the Hyper-V server using WS-Management over HTTP(S). +Therefore, the `remote transport mechanism <remote.html>`__ provided by the +remote driver and libvirtd will not work, and you cannot use URIs like +``hyperv+ssh://example.com``. + +URI Format +~~~~~~~~~~ + +URIs have this general form (``[...]`` marks an optional part). + +:: + + hyperv://[username@]hostname[:port]/[?extraparameters] + +The default HTTPS ports is 5986. If the port parameter is given, it overrides +the default port. + +Extra parameters +^^^^^^^^^^^^^^^^ + +Extra parameters can be added to a URI as part of the query string (the part +following ``?``). A single parameter is formed by a ``name=value`` pair. +Multiple parameters are separated by ``&``. + +:: + + ?transport=http + +The driver understands the extra parameters shown below. + ++---------------+-----------------------+-------------------------------------+ +| Name | Values | Meaning | ++===============+=======================+=====================================+ +| ``transport`` | ``http`` or ``https`` | Overrides the default HTTPS | +| | | transport. The default HTTP port is | +| | | 5985. | ++---------------+-----------------------+-------------------------------------+ + +Authentication +~~~~~~~~~~~~~~ + +In order to perform any useful operation the driver needs to log into the +Hyper-V server. Therefore, only ``virConnectOpenAuth`` can be used to connect to +an Hyper-V server, ``virConnectOpen`` and ``virConnectOpenReadOnly`` don't work. +To log into an Hyper-V server the driver will request credentials using the +callback passed to the ``virConnectOpenAuth`` function. The driver passes the +hostname as challenge parameter to the callback. + +**Note**: Currently only ``Basic`` authentication is supported by libvirt. This +method is disabled by default on the Hyper-V server and can be enabled via the +WinRM commandline tool. + +:: + + winrm set winrm/config/service/auth @{Basic="true"} + +To allow ``Basic`` authentication with HTTP transport WinRM needs to allow +unencrypted communication. This can be enabled via the WinRM commandline tool. +However, this is not the recommended communication mode. + +:: + + winrm set winrm/config/service @{AllowUnencrypted="true"} + +Version Numbers +--------------- + +Since Microsoft's build numbers are almost always over 1000, this driver needs +to pack the value differently compared to the format defined by +``virConnectGetVersion``. To preserve all of the digits, the following format is +used: + +:: + + major * 100000000 + minor * 1000000 + micro + +This results in ``virsh version`` producing unexpected output. + +.. list-table:: + :header-rows: 1 + + * - Windows Release + - Kernel Version + - libvirt Representation + + * - Windows Server 2012 R2 + - 6.3.9600 + - 603.9.600 + + * - Windows Server 2016 + - 10.0.14393 + - 1000.14.393 + + * - Windows Server 2019 + - 10.0.17763 + - 1000.17.763 diff --git a/docs/meson.build b/docs/meson.build index 0465c22274..cfbde2a58d 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvhyperv', 'drvlxc', 'drvnodedev', 'drvopenvz', @@ -80,6 +79,7 @@ docs_rst_files = [ 'drvbhyve', 'drvch', 'drvesx', + 'drvhyperv', 'drvqemu', 'errors', 'formatbackup', -- 2.35.1

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvlxc.html.in | 822 -------------------------------------------- docs/drvlxc.rst | 670 ++++++++++++++++++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 671 insertions(+), 823 deletions(-) delete mode 100644 docs/drvlxc.html.in create mode 100644 docs/drvlxc.rst diff --git a/docs/drvlxc.html.in b/docs/drvlxc.html.in deleted file mode 100644 index 23aae991a2..0000000000 --- a/docs/drvlxc.html.in +++ /dev/null @@ -1,822 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>LXC container driver</h1> - - <ul id="toc"></ul> - -<p> -The libvirt LXC driver manages "Linux Containers". At their simplest, containers -can just be thought of as a collection of processes, separated from the main -host processes via a set of resource namespaces and constrained via control -groups resource tunables. The libvirt LXC driver has no dependency on the LXC -userspace tools hosted on sourceforge.net. It directly utilizes the relevant -kernel features to build the container environment. This allows for sharing -of many libvirt technologies across both the QEMU/KVM and LXC drivers. In -particular sVirt for mandatory access control, auditing of operations, -integration with control groups and many other features. -</p> - -<h2><a id="cgroups">Control groups Requirements</a></h2> - -<p> -In order to control the resource usage of processes inside containers, the -libvirt LXC driver requires that certain cgroups controllers are mounted on -the host OS. The minimum required controllers are 'cpuacct', 'memory' and -'devices', while recommended extra controllers are 'cpu', 'freezer' and -'blkio'. Libvirt will not mount the cgroups filesystem itself, leaving -this up to the init system to take care of. Systemd will do the right thing -in this respect, while for other init systems the <code>cgconfig</code> -init service will be required. For further information, consult the general -libvirt <a href="cgroups.html">cgroups documentation</a>. -</p> - -<h2><a id="namespaces">Namespace requirements</a></h2> - -<p> -In order to separate processes inside a container from those in the -primary "host" OS environment, the libvirt LXC driver requires that -certain kernel namespaces are compiled in. Libvirt currently requires -the 'mount', 'ipc', 'pid', and 'uts' namespaces to be available. If -separate network interfaces are desired, then the 'net' namespace is -required. If the guest configuration declares a -<a href="formatdomain.html#elementsOSContainer">UID or GID mapping</a>, -the 'user' namespace will be enabled to apply these. <strong>A suitably -configured UID/GID mapping is a pre-requisite to making containers -secure, in the absence of sVirt confinement.</strong> -</p> - -<h2><a id="init">Default container setup</a></h2> - -<h3><a id="cliargs">Command line arguments</a></h3> - -<p> -When the container "init" process is started, it will typically -not be given any command line arguments (eg the equivalent of -the bootloader args visible in <code>/proc/cmdline</code>). If -any arguments are desired, then must be explicitly set in the -container XML configuration via one or more <code>initarg</code> -elements. For example, to run <code>systemd --unit emergency.service</code> -would use the following XML -</p> - -<pre> -&lt;os&gt; - &lt;type arch='x86_64'&gt;exe&lt;/type&gt; - &lt;init&gt;/bin/systemd&lt;/init&gt; - &lt;initarg&gt;--unit&lt;/initarg&gt; - &lt;initarg&gt;emergency.service&lt;/initarg&gt; -&lt;/os&gt; -</pre> - -<h3><a id="envvars">Environment variables</a></h3> - -<p> -When the container "init" process is started, it will be given several useful -environment variables. The following standard environment variables are mandated -by <a href="https://www.freedesktop.org/wiki/Software/systemd/ContainerInt... container interface</a> -to be provided by all container technologies on Linux. -</p> - -<dl> -<dt><code>container</code></dt> -<dd>The fixed string <code>libvirt-lxc</code> to identify libvirt as the creator</dd> -<dt><code>container_uuid</code></dt> -<dd>The UUID assigned to the container by libvirt</dd> -<dt><code>PATH</code></dt> -<dd>The fixed string <code>/bin:/usr/bin</code></dd> -<dt><code>TERM</code></dt> -<dd>The fixed string <code>linux</code></dd> -<dt><code>HOME</code></dt> -<dd>The fixed string <code>/</code></dd> -</dl> - -<p> -In addition to the standard variables, the following libvirt specific -environment variables are also provided -</p> - -<dl> -<dt><code>LIBVIRT_LXC_NAME</code></dt> -<dd>The name assigned to the container by libvirt</dd> -<dt><code>LIBVIRT_LXC_UUID</code></dt> -<dd>The UUID assigned to the container by libvirt</dd> -<dt><code>LIBVIRT_LXC_CMDLINE</code></dt> -<dd>The unparsed command line arguments specified in the container configuration. -Use of this is discouraged, in favour of passing arguments directly to the -container init process via the <code>initarg</code> config element.</dd> -</dl> - -<h3><a id="fsmounts">Filesystem mounts</a></h3> - -<p> -In the absence of any explicit configuration, the container will -inherit the host OS filesystem mounts. A number of mount points will -be made read only, or re-mounted with new instances to provide -container specific data. The following special mounts are setup -by libvirt -</p> - -<ul> -<li><code>/dev</code> a new "tmpfs" pre-populated with authorized device nodes</li> -<li><code>/dev/pts</code> a new private "devpts" instance for console devices</li> -<li><code>/sys</code> the host "sysfs" instance remounted read-only</li> -<li><code>/proc</code> a new instance of the "proc" filesystem</li> -<li><code>/proc/sys</code> the host "/proc/sys" bind-mounted read-only</li> -<li><code>/sys/fs/selinux</code> the host "selinux" instance remounted read-only</li> -<li><code>/sys/fs/cgroup/NNNN</code> the host cgroups controllers bind-mounted to -only expose the sub-tree associated with the container</li> -<li><code>/proc/meminfo</code> a FUSE backed file reflecting memory limits of the container</li> -</ul> - - -<h3><a id="devnodes">Device nodes</a></h3> - -<p> -The container init process will be started with <code>CAP_MKNOD</code> -capability removed and blocked from re-acquiring it. As such it will -not be able to create any device nodes in <code>/dev</code> or anywhere -else in its filesystems. Libvirt itself will take care of pre-populating -the <code>/dev</code> filesystem with any devices that the container -is authorized to use. The current devices that will be made available -to all containers are -</p> - -<ul> -<li><code>/dev/zero</code></li> -<li><code>/dev/null</code></li> -<li><code>/dev/full</code></li> -<li><code>/dev/random</code></li> -<li><code>/dev/urandom</code></li> -<li><code>/dev/stdin</code> symlinked to <code>/proc/self/fd/0</code></li> -<li><code>/dev/stdout</code> symlinked to <code>/proc/self/fd/1</code></li> -<li><code>/dev/stderr</code> symlinked to <code>/proc/self/fd/2</code></li> -<li><code>/dev/fd</code> symlinked to <code>/proc/self/fd</code></li> -<li><code>/dev/ptmx</code> symlinked to <code>/dev/pts/ptmx</code></li> -<li><code>/dev/console</code> symlinked to <code>/dev/pts/0</code></li> -</ul> - -<p> -In addition, for every console defined in the guest configuration, -a symlink will be created from <code>/dev/ttyN</code> symlinked to -the corresponding <code>/dev/pts/M</code> pseudo TTY device. The -first console will be <code>/dev/tty1</code>, with further consoles -numbered incrementally from there. -</p> - -<p> -Since /dev/ttyN and /dev/console are linked to the pts devices. The -tty device of login program is pts device. The pam module securetty -may prevent root user from logging in container. If you want root -user to log in container successfully, add the pts device to the file -/etc/securetty of container. -</p> - -<p> -Further block or character devices will be made available to containers -depending on their configuration. -</p> - -<h2><a id="security">Security considerations</a></h2> - -<p> -The libvirt LXC driver is fairly flexible in how it can be configured, -and as such does not enforce a requirement for strict security -separation between a container and the host. This allows it to be used -in scenarios where only resource control capabilities are important, -and resource sharing is desired. Applications wishing to ensure secure -isolation between a container and the host must ensure that they are -writing a suitable configuration. -</p> - -<h3><a id="securenetworking">Network isolation</a></h3> - -<p> -If the guest configuration does not list any network interfaces, -the <code>network</code> namespace will not be activated, and thus -the container will see all the host's network interfaces. This will -allow apps in the container to bind to/connect from TCP/UDP addresses -and ports from the host OS. It also allows applications to access -UNIX domain sockets associated with the host OS, which are in the -abstract namespace. If access to UNIX domains sockets in the abstract -namespace is not wanted, then applications should set the -<code>&lt;privnet/&gt;</code> flag in the -<code>&lt;features&gt;....&lt;/features&gt;</code> element. -</p> - -<h3><a id="securefs">Filesystem isolation</a></h3> - -<p> -If the guest configuration does not list any filesystems, then -the container will be set up with a root filesystem that matches -the host's root filesystem. As noted earlier, only a few locations -such as <code>/dev</code>, <code>/proc</code> and <code>/sys</code> -will be altered. This means that, in the absence of restrictions -from sVirt, a process running as user/group N:M inside the container -will be able to access almost exactly the same files as a process -running as user/group N:M in the host. -</p> - -<p> -There are multiple options for restricting this. It is possible to -simply map the existing root filesystem through to the container in -read-only mode. Alternatively a completely separate root filesystem -can be configured for the guest. In both cases, further sub-mounts -can be applied to customize the content that is made visible. Note -that in the absence of sVirt controls, it is still possible for the -root user in a container to unmount any sub-mounts applied. The user -namespace feature can also be used to restrict access to files based -on the UID/GID mappings. -</p> - -<p> -Sharing the host filesystem tree, also allows applications to access -UNIX domains sockets associated with the host OS, which are in the -filesystem namespaces. It should be noted that a number of init -systems including at least <code>systemd</code> and <code>upstart</code> -have UNIX domain socket which are used to control their operation. -Thus, if the directory/filesystem holding their UNIX domain socket is -exposed to the container, it will be possible for a user in the container -to invoke operations on the init service in the same way it could if -outside the container. This also applies to other applications in the -host which use UNIX domain sockets in the filesystem, such as DBus, -Libvirtd, and many more. If this is not desired, then applications -should either specify the UID/GID mapping in the configuration to -enable user namespaces and thus block access to the UNIX domain socket -based on permissions, or should ensure the relevant directories have -a bind mount to hide them. This is particularly important for the -<code>/run</code> or <code>/var/run</code> directories. -</p> - - -<h3><a id="secureusers">User and group isolation</a></h3> - -<p> -If the guest configuration does not list any ID mapping, then the -user and group IDs used inside the container will match those used -outside the container. In addition, the capabilities associated with -a process in the container will infer the same privileges they would -for a process in the host. This has obvious implications for security, -since a root user inside the container will be able to access any -file owned by root that is visible to the container, and perform more -or less any privileged kernel operation. In the absence of additional -protection from sVirt, this means that the root user inside a container -is effectively as powerful as the root user in the host. There is no -security isolation of the root user. -</p> - -<p> -The ID mapping facility was introduced to allow for stricter control -over the privileges of users inside the container. It allows apps to -define rules such as "user ID 0 in the container maps to user ID 1000 -in the host". In addition the privileges associated with capabilities -are somewhat reduced so that they cannot be used to escape from the -container environment. A full description of user namespaces is outside -the scope of this document, however LWN has -<a href="https://lwn.net/Articles/532593/">a good write-up on the topic</a>. -From the libvirt point of view, the key thing to remember is that defining -an ID mapping for users and groups in the container XML configuration -causes libvirt to activate the user namespace feature. -</p> - - -<h2><a id="configFiles">Location of configuration files</a></h2> - -<p> -The LXC driver comes with sane default values. However, during its -initialization it reads a configuration file which offers system -administrator to override some of that default. The file is located -under <code>/etc/libvirt/lxc.conf</code> -</p> - - -<h2><a id="activation">Systemd Socket Activation Integration</a></h2> - -<p> -The libvirt LXC driver provides the ability to pass across pre-opened file -descriptors when starting LXC guests. This allows for libvirt LXC to support -systemd's <a href="http://0pointer.de/blog/projects/socket-activated-containers.html">socket -activation capability</a>, where an incoming client connection -in the host OS will trigger the startup of a container, which runs another -copy of systemd which gets passed the server socket, and then activates the -actual service handler in the container. -</p> - -<p> -Let us assume that you already have a LXC guest created, running -a systemd instance as PID 1 inside the container, which has an -SSHD service configured. The goal is to automatically activate -the container when the first SSH connection is made. The first -step is to create a couple of unit files for the host OS systemd -instance. The <code>/etc/systemd/system/mycontainer.service</code> -unit file specifies how systemd will start the libvirt LXC container -</p> - -<pre> -[Unit] -Description=My little container - -[Service] -ExecStart=/usr/bin/virsh -c lxc:///system start --pass-fds 3 mycontainer -ExecStop=/usr/bin/virsh -c lxc:///system destroy mycontainer -Type=oneshot -RemainAfterExit=yes -KillMode=none -</pre> - -<p> -The <code>--pass-fds 3</code> argument specifies that the file -descriptor number 3 that <code>virsh</code> inherits from systemd, -is to be passed into the container. Since <code>virsh</code> will -exit immediately after starting the container, the <code>RemainAfterExit</code> -and <code>KillMode</code> settings must be altered from their defaults. -</p> - -<p> -Next, the <code>/etc/systemd/system/mycontainer.socket</code> unit -file is created to get the host systemd to listen on port 23 for -TCP connections. When this unit file is activated by the first -incoming connection, it will cause the <code>mycontainer.service</code> -unit to be activated with the FD corresponding to the listening TCP -socket passed in as FD 3. -</p> - -<pre> -[Unit] -Description=The SSH socket of my little container - -[Socket] -ListenStream=23 -</pre> - -<p> -Port 23 was picked here so that the container doesn't conflict -with the host's SSH which is on the normal port 22. That's it -in terms of host side configuration. -</p> - -<p> -Inside the container, the <code>/etc/systemd/system/sshd.socket</code> -unit file must be created -</p> - -<pre> -[Unit] -Description=SSH Socket for Per-Connection Servers - -[Socket] -ListenStream=23 -Accept=yes -</pre> - -<p> -The <code>ListenStream</code> value listed in this unit file, must -match the value used in the host file. When systemd in the container -receives the pre-opened FD from libvirt during container startup, it -looks at the <code>ListenStream</code> values to figure out which -FD to give to which service. The actual service to start is defined -by a correspondingly named <code>/etc/systemd/system/sshd@.service</code> -</p> - -<pre> -[Unit] -Description=SSH Per-Connection Server for %I - -[Service] -ExecStart=-/usr/sbin/sshd -i -StandardInput=socket -</pre> - -<p> -Finally, make sure this SSH service is set to start on boot of the container, -by running the following command inside the container: -</p> - -<pre> -# mkdir -p /etc/systemd/system/sockets.target.wants/ -# ln -s /etc/systemd/system/sshd.socket /etc/systemd/system/sockets.target.wants/ -</pre> - -<p> -This example shows how to activate the container based on an incoming -SSH connection. If the container was also configured to have an httpd -service, it may be desirable to activate it upon either an httpd or a -sshd connection attempt. In this case, the <code>mycontainer.socket</code> -file in the host would simply list multiple socket ports. Inside the -container a separate <code>xxxxx.socket</code> file would need to be -created for each service, with a corresponding <code>ListenStream</code> -value set. -</p> - -<!-- -<h2>Container configuration</h2> - -<h3>Init process</h3> - -<h3>Console devices</h3> - -<h3>Filesystem devices</h3> - -<h3>Disk devices</h3> - -<h3>Block devices</h3> - -<h3>USB devices</h3> - -<h3>Character devices</h3> - -<h3>Network devices</h3> ---> - -<h2>Container security</h2> - -<h3>sVirt SELinux</h3> - -<p> -In the absence of the "user" namespace being used, containers cannot -be considered secure against exploits of the host OS. The sVirt SELinux -driver provides a way to secure containers even when the "user" namespace -is not used. The cost is that writing a policy to allow execution of -arbitrary OS is not practical. The SELinux sVirt policy is typically -tailored to work with a simpler application confinement use case, -as provided by the "libvirt-sandbox" project. -</p> - -<h3>Auditing</h3> - -<p> -The LXC driver is integrated with libvirt's auditing subsystem, which -causes audit messages to be logged whenever there is an operation -performed against a container which has impact on host resources. -So for example, start/stop, device hotplug will all log audit messages -providing details about what action occurred and any resources -associated with it. There are the following 3 types of audit messages -</p> - -<ul> -<li><code>VIRT_MACHINE_ID</code> - details of the SELinux process and -image security labels assigned to the container.</li> -<li><code>VIRT_CONTROL</code> - details of an action / operation -performed against a container. There are the following types of -operation - <ul> - <li><code>op=start</code> - a container has been started. Provides - the machine name, uuid and PID of the <code>libvirt_lxc</code> - controller process</li> - <li><code>op=init</code> - the init PID of the container has been - started. Provides the machine name, uuid and PID of the - <code>libvirt_lxc</code> controller process and PID of the - init process (in the host PID namespace)</li> - <li><code>op=stop</code> - a container has been stopped. Provides - the machine name, uuid</li> - </ul> -</li> -<li><code>VIRT_RESOURCE</code> - details of a host resource -associated with a container action.</li> -</ul> - -<h3>Device access</h3> - -<p> -All containers are launched with the CAP_MKNOD capability cleared -and removed from the bounding set. Libvirt will ensure that the -/dev filesystem is pre-populated with all devices that a container -is allowed to use. In addition, the cgroup "device" controller is -configured to block read/write/mknod from all devices except those -that a container is authorized to use. -</p> - -<h2><a id="exconfig">Example configurations</a></h2> - -<h3>Example config version 1</h3> -<p></p> -<pre> -&lt;domain type='lxc'&gt; - &lt;name&gt;vm1&lt;/name&gt; - &lt;memory&gt;500000&lt;/memory&gt; - &lt;os&gt; - &lt;type&gt;exe&lt;/type&gt; - &lt;init&gt;/bin/sh&lt;/init&gt; - &lt;/os&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;clock offset='utc'/&gt; - &lt;on_poweroff&gt;destroy&lt;/on_poweroff&gt; - &lt;on_reboot&gt;restart&lt;/on_reboot&gt; - &lt;on_crash&gt;destroy&lt;/on_crash&gt; - &lt;devices&gt; - &lt;emulator&gt;/usr/libexec/libvirt_lxc&lt;/emulator&gt; - &lt;interface type='network'&gt; - &lt;source network='default'/&gt; - &lt;/interface&gt; - &lt;console type='pty' /&gt; - &lt;/devices&gt; -&lt;/domain&gt; -</pre> - -<p> -In the &lt;emulator&gt; element, be sure you specify the correct path -to libvirt_lxc, if it does not live in /usr/libexec on your system. -</p> - -<p> -The next example assumes there is a private root filesystem -(perhaps hand-crafted using busybox, or installed from media, -debootstrap, whatever) under /opt/vm-1-root: -</p> -<p></p> -<pre> -&lt;domain type='lxc'&gt; - &lt;name&gt;vm1&lt;/name&gt; - &lt;memory&gt;32768&lt;/memory&gt; - &lt;os&gt; - &lt;type&gt;exe&lt;/type&gt; - &lt;init&gt;/init&lt;/init&gt; - &lt;/os&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;clock offset='utc'/&gt; - &lt;on_poweroff&gt;destroy&lt;/on_poweroff&gt; - &lt;on_reboot&gt;restart&lt;/on_reboot&gt; - &lt;on_crash&gt;destroy&lt;/on_crash&gt; - &lt;devices&gt; - &lt;emulator&gt;/usr/libexec/libvirt_lxc&lt;/emulator&gt; - &lt;filesystem type='mount'&gt; - &lt;source dir='/opt/vm-1-root'/&gt; - &lt;target dir='/'/&gt; - &lt;/filesystem&gt; - &lt;interface type='network'&gt; - &lt;source network='default'/&gt; - &lt;/interface&gt; - &lt;console type='pty' /&gt; - &lt;/devices&gt; -&lt;/domain&gt; -</pre> - -<h2><a id="capabilities">Altering the available capabilities</a></h2> - -<p> -By default the libvirt LXC driver drops some capabilities among which CAP_MKNOD. -However <span class="since">since 1.2.6</span> libvirt can be told to keep or -drop some capabilities using a domain configuration like the following: -</p> -<pre> -... -&lt;features&gt; - &lt;capabilities policy='default'&gt; - &lt;mknod state='on'/&gt; - &lt;sys_chroot state='off'/&gt; - &lt;/capabilities&gt; -&lt;/features&gt; -... -</pre> -<p> -The capabilities children elements are named after the capabilities as defined in -<code>man 7 capabilities</code>. An <code>off</code> state tells libvirt to drop the -capability, while an <code>on</code> state will force to keep the capability even though -this one is dropped by default. -</p> -<p> -The <code>policy</code> attribute can be one of <code>default</code>, <code>allow</code> -or <code>deny</code>. It defines the default rules for capabilities: either keep the -default behavior that is dropping a few selected capabilities, or keep all capabilities -or drop all capabilities. The interest of <code>allow</code> and <code>deny</code> is that -they guarantee that all capabilities will be kept (or removed) even if new ones are added -later. -</p> -<p> -The following example, drops all capabilities but CAP_MKNOD: -</p> -<pre> -... -&lt;features&gt; - &lt;capabilities policy='deny'&gt; - &lt;mknod state='on'/&gt; - &lt;/capabilities&gt; -&lt;/features&gt; -... -</pre> -<p> -Note that allowing capabilities that are normally dropped by default can seriously -affect the security of the container and the host. -</p> - -<h2><a id="share">Inherit namespaces</a></h2> - -<p> -Libvirt allows you to inherit the namespace from container/process just like lxc tools -or docker provides to share the network namespace. The following can be used to share -required namespaces. If we want to share only one then the other namespaces can be ignored. -The netns option is specific to sharenet. It can be used in cases we want to use existing network namespace -rather than creating new network namespace for the container. In this case privnet option will be -ignored. -</p> -<pre> -&lt;domain type='lxc' xmlns:lxc='http://libvirt.org/schemas/domain/lxc/1.0'&gt; -... -&lt;lxc:namespace&gt; - &lt;lxc:sharenet type='netns' value='red'/&gt; - &lt;lxc:shareuts type='name' value='container1'/&gt; - &lt;lxc:shareipc type='pid' value='12345'/&gt; -&lt;/lxc:namespace&gt; -&lt;/domain&gt; -</pre> - -<p> -The use of namespace passthrough requires libvirt >= 1.2.19 -</p> - -<h2><a id="usage">Container usage / management</a></h2> - -<p> -As with any libvirt virtualization driver, LXC containers can be -managed via a wide variety of libvirt based tools. At the lowest -level the <code>virsh</code> command can be used to perform many -tasks, by passing the <code>-c lxc:///system</code> argument. As an -alternative to repeating the URI with every command, the <code>LIBVIRT_DEFAULT_URI</code> -environment variable can be set to <code>lxc:///system</code>. The -examples that follow outline some common operations with virsh -and LXC. For further details about usage of virsh consult its -manual page. -</p> - -<h3><a id="usageSave">Defining (saving) container configuration</a></h3> - -<p> -The <code>virsh define</code> command takes an XML configuration -document and loads it into libvirt, saving the configuration on disk -</p> - -<pre> -# virsh -c lxc:///system define myguest.xml -</pre> - -<h3><a id="usageView">Viewing container configuration</a></h3> - -<p> -The <code>virsh dumpxml</code> command can be used to view the -current XML configuration of a container. By default the XML -output reflects the current state of the container. If the -container is running, it is possible to explicitly request the -persistent configuration, instead of the current live configuration -using the <code>--inactive</code> flag -</p> - -<pre> -# virsh -c lxc:///system dumpxml myguest -</pre> - -<h3><a id="usageStart">Starting containers</a></h3> - -<p> -The <code>virsh start</code> command can be used to start a -container from a previously defined persistent configuration -</p> - -<pre> -# virsh -c lxc:///system start myguest -</pre> - -<p> -It is also possible to start so called "transient" containers, -which do not require a persistent configuration to be saved -by libvirt, using the <code>virsh create</code> command. -</p> - -<pre> -# virsh -c lxc:///system create myguest.xml -</pre> - - -<h3><a id="usageStop">Stopping containers</a></h3> - -<p> -The <code>virsh shutdown</code> command can be used -to request a graceful shutdown of the container. By default -this command will first attempt to send a message to the -init process via the <code>/dev/initctl</code> device node. -If no such device node exists, then it will send SIGTERM -to PID 1 inside the container. -</p> - -<pre> -# virsh -c lxc:///system shutdown myguest -</pre> - -<p> -If the container does not respond to the graceful shutdown -request, it can be forcibly stopped using the <code>virsh destroy</code> -</p> - -<pre> -# virsh -c lxc:///system destroy myguest -</pre> - - -<h3><a id="usageReboot">Rebooting a container</a></h3> - -<p> -The <code>virsh reboot</code> command can be used -to request a graceful shutdown of the container. By default -this command will first attempt to send a message to the -init process via the <code>/dev/initctl</code> device node. -If no such device node exists, then it will send SIGHUP -to PID 1 inside the container. -</p> - -<pre> -# virsh -c lxc:///system reboot myguest -</pre> - -<h3><a id="usageDelete">Undefining (deleting) a container configuration</a></h3> - -<p> -The <code>virsh undefine</code> command can be used to delete the -persistent configuration of a container. If the guest is currently -running, this will turn it into a "transient" guest. -</p> - -<pre> -# virsh -c lxc:///system undefine myguest -</pre> - -<h3><a id="usageConnect">Connecting to a container console</a></h3> - -<p> -The <code>virsh console</code> command can be used to connect -to the text console associated with a container. -</p> - -<pre> -# virsh -c lxc:///system console myguest -</pre> - -<p> -If the container has been configured with multiple console devices, -then the <code>--devname</code> argument can be used to choose the -console to connect to. -In LXC, multiple consoles will be named -as 'console0', 'console1', 'console2', etc. -</p> - -<pre> -# virsh -c lxc:///system console myguest --devname console1 -</pre> - -<h3><a id="usageEnter">Running commands in a container</a></h3> - -<p> -The <code>virsh lxc-enter-namespace</code> command can be used -to enter the namespaces and security context of a container -and then execute an arbitrary command. -</p> - -<pre> -# virsh -c lxc:///system lxc-enter-namespace myguest -- /bin/ls -al /dev -</pre> - -<h3><a id="usageTop">Monitoring container utilization</a></h3> - -<p> -The <code>virt-top</code> command can be used to monitor the -activity and resource utilization of all containers on a -host -</p> - -<pre> -# virt-top -c lxc:///system -</pre> - -<h3><a id="usageConvert">Converting LXC container configuration</a></h3> - -<p> -The <code>virsh domxml-from-native</code> command can be used to convert -most of the LXC container configuration into a domain XML fragment -</p> - -<pre> -# virsh -c lxc:///system domxml-from-native lxc-tools /var/lib/lxc/myguest/config -</pre> - -<p> -This conversion has some limitations due to the fact that the -domxml-from-native command output has to be independent of the host. Here -are a few things to take care of before converting: -</p> - -<ul> -<li> -Replace the fstab file referenced by <tt>lxc.mount</tt> by the corresponding -lxc.mount.entry lines. -</li> -<li> -Replace all relative sizes of tmpfs mount entries to absolute sizes. Also -make sure that tmpfs entries all have a size option (default is 50%). -</li> -<li> -Define <tt>lxc.cgroup.memory.limit_in_bytes</tt> to properly limit the memory -available to the container. The conversion will use 64MiB as the default. -</li> -</ul> - - </body> -</html> diff --git a/docs/drvlxc.rst b/docs/drvlxc.rst new file mode 100644 index 0000000000..b88323b165 --- /dev/null +++ b/docs/drvlxc.rst @@ -0,0 +1,670 @@ +.. role:: since + +==================== +LXC container driver +==================== + +.. contents:: + +The libvirt LXC driver manages "Linux Containers". At their simplest, containers +can just be thought of as a collection of processes, separated from the main +host processes via a set of resource namespaces and constrained via control +groups resource tunables. The libvirt LXC driver has no dependency on the LXC +userspace tools hosted on sourceforge.net. It directly utilizes the relevant +kernel features to build the container environment. This allows for sharing of +many libvirt technologies across both the QEMU/KVM and LXC drivers. In +particular sVirt for mandatory access control, auditing of operations, +integration with control groups and many other features. + +Control groups Requirements +--------------------------- + +In order to control the resource usage of processes inside containers, the +libvirt LXC driver requires that certain cgroups controllers are mounted on the +host OS. The minimum required controllers are 'cpuacct', 'memory' and 'devices', +while recommended extra controllers are 'cpu', 'freezer' and 'blkio'. Libvirt +will not mount the cgroups filesystem itself, leaving this up to the init system +to take care of. Systemd will do the right thing in this respect, while for +other init systems the ``cgconfig`` init service will be required. For further +information, consult the general libvirt `cgroups +documentation <cgroups.html>`__. + +Namespace requirements +---------------------- + +In order to separate processes inside a container from those in the primary +"host" OS environment, the libvirt LXC driver requires that certain kernel +namespaces are compiled in. Libvirt currently requires the 'mount', 'ipc', +'pid', and 'uts' namespaces to be available. If separate network interfaces are +desired, then the 'net' namespace is required. If the guest configuration +declares a `UID or GID mapping <formatdomain.html#elementsOSContainer>`__, the +'user' namespace will be enabled to apply these. **A suitably configured UID/GID +mapping is a pre-requisite to making containers secure, in the absence of sVirt +confinement.** + +Default container setup +----------------------- + +Command line arguments +~~~~~~~~~~~~~~~~~~~~~~ + +When the container "init" process is started, it will typically not be given any +command line arguments (eg the equivalent of the bootloader args visible in +``/proc/cmdline``). If any arguments are desired, then must be explicitly set in +the container XML configuration via one or more ``initarg`` elements. For +example, to run ``systemd --unit emergency.service`` would use the following XML + +:: + + <os> + <type arch='x86_64'>exe</type> + <init>/bin/systemd</init> + <initarg>--unit</initarg> + <initarg>emergency.service</initarg> + </os> + +Environment variables +~~~~~~~~~~~~~~~~~~~~~ + +When the container "init" process is started, it will be given several useful +environment variables. The following standard environment variables are mandated +by `systemd container +interface <https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface>`__ +to be provided by all container technologies on Linux. + +``container`` + The fixed string ``libvirt-lxc`` to identify libvirt as the creator +``container_uuid`` + The UUID assigned to the container by libvirt +``PATH`` + The fixed string ``/bin:/usr/bin`` +``TERM`` + The fixed string ``linux`` +``HOME`` + The fixed string ``/`` + +In addition to the standard variables, the following libvirt specific +environment variables are also provided + +``LIBVIRT_LXC_NAME`` + The name assigned to the container by libvirt +``LIBVIRT_LXC_UUID`` + The UUID assigned to the container by libvirt +``LIBVIRT_LXC_CMDLINE`` + The unparsed command line arguments specified in the container configuration. + Use of this is discouraged, in favour of passing arguments directly to the + container init process via the ``initarg`` config element. + +Filesystem mounts +~~~~~~~~~~~~~~~~~ + +In the absence of any explicit configuration, the container will inherit the +host OS filesystem mounts. A number of mount points will be made read only, or +re-mounted with new instances to provide container specific data. The following +special mounts are setup by libvirt + +- ``/dev`` a new "tmpfs" pre-populated with authorized device nodes +- ``/dev/pts`` a new private "devpts" instance for console devices +- ``/sys`` the host "sysfs" instance remounted read-only +- ``/proc`` a new instance of the "proc" filesystem +- ``/proc/sys`` the host "/proc/sys" bind-mounted read-only +- ``/sys/fs/selinux`` the host "selinux" instance remounted read-only +- ``/sys/fs/cgroup/NNNN`` the host cgroups controllers bind-mounted to only + expose the sub-tree associated with the container +- ``/proc/meminfo`` a FUSE backed file reflecting memory limits of the + container + +Device nodes +~~~~~~~~~~~~ + +The container init process will be started with ``CAP_MKNOD`` capability removed +and blocked from re-acquiring it. As such it will not be able to create any +device nodes in ``/dev`` or anywhere else in its filesystems. Libvirt itself +will take care of pre-populating the ``/dev`` filesystem with any devices that +the container is authorized to use. The current devices that will be made +available to all containers are + +- ``/dev/zero`` +- ``/dev/null`` +- ``/dev/full`` +- ``/dev/random`` +- ``/dev/urandom`` +- ``/dev/stdin`` symlinked to ``/proc/self/fd/0`` +- ``/dev/stdout`` symlinked to ``/proc/self/fd/1`` +- ``/dev/stderr`` symlinked to ``/proc/self/fd/2`` +- ``/dev/fd`` symlinked to ``/proc/self/fd`` +- ``/dev/ptmx`` symlinked to ``/dev/pts/ptmx`` +- ``/dev/console`` symlinked to ``/dev/pts/0`` + +In addition, for every console defined in the guest configuration, a symlink +will be created from ``/dev/ttyN`` symlinked to the corresponding ``/dev/pts/M`` +pseudo TTY device. The first console will be ``/dev/tty1``, with further +consoles numbered incrementally from there. + +Since /dev/ttyN and /dev/console are linked to the pts devices. The tty device +of login program is pts device. The pam module securetty may prevent root user +from logging in container. If you want root user to log in container +successfully, add the pts device to the file /etc/securetty of container. + +Further block or character devices will be made available to containers +depending on their configuration. + +Security considerations +----------------------- + +The libvirt LXC driver is fairly flexible in how it can be configured, and as +such does not enforce a requirement for strict security separation between a +container and the host. This allows it to be used in scenarios where only +resource control capabilities are important, and resource sharing is desired. +Applications wishing to ensure secure isolation between a container and the host +must ensure that they are writing a suitable configuration. + +Network isolation +~~~~~~~~~~~~~~~~~ + +If the guest configuration does not list any network interfaces, the ``network`` +namespace will not be activated, and thus the container will see all the host's +network interfaces. This will allow apps in the container to bind to/connect +from TCP/UDP addresses and ports from the host OS. It also allows applications +to access UNIX domain sockets associated with the host OS, which are in the +abstract namespace. If access to UNIX domains sockets in the abstract namespace +is not wanted, then applications should set the ``<privnet/>`` flag in the +``<features>....</features>`` element. + +Filesystem isolation +~~~~~~~~~~~~~~~~~~~~ + +If the guest configuration does not list any filesystems, then the container +will be set up with a root filesystem that matches the host's root filesystem. +As noted earlier, only a few locations such as ``/dev``, ``/proc`` and ``/sys`` +will be altered. This means that, in the absence of restrictions from sVirt, a +process running as user/group N:M inside the container will be able to access +almost exactly the same files as a process running as user/group N:M in the +host. + +There are multiple options for restricting this. It is possible to simply map +the existing root filesystem through to the container in read-only mode. +Alternatively a completely separate root filesystem can be configured for the +guest. In both cases, further sub-mounts can be applied to customize the content +that is made visible. Note that in the absence of sVirt controls, it is still +possible for the root user in a container to unmount any sub-mounts applied. The +user namespace feature can also be used to restrict access to files based on the +UID/GID mappings. + +Sharing the host filesystem tree, also allows applications to access UNIX +domains sockets associated with the host OS, which are in the filesystem +namespaces. It should be noted that a number of init systems including at least +``systemd`` and ``upstart`` have UNIX domain socket which are used to control +their operation. Thus, if the directory/filesystem holding their UNIX domain +socket is exposed to the container, it will be possible for a user in the +container to invoke operations on the init service in the same way it could if +outside the container. This also applies to other applications in the host which +use UNIX domain sockets in the filesystem, such as DBus, Libvirtd, and many +more. If this is not desired, then applications should either specify the +UID/GID mapping in the configuration to enable user namespaces and thus block +access to the UNIX domain socket based on permissions, or should ensure the +relevant directories have a bind mount to hide them. This is particularly +important for the ``/run`` or ``/var/run`` directories. + +User and group isolation +~~~~~~~~~~~~~~~~~~~~~~~~ + +If the guest configuration does not list any ID mapping, then the user and group +IDs used inside the container will match those used outside the container. In +addition, the capabilities associated with a process in the container will infer +the same privileges they would for a process in the host. This has obvious +implications for security, since a root user inside the container will be able +to access any file owned by root that is visible to the container, and perform +more or less any privileged kernel operation. In the absence of additional +protection from sVirt, this means that the root user inside a container is +effectively as powerful as the root user in the host. There is no security +isolation of the root user. + +The ID mapping facility was introduced to allow for stricter control over the +privileges of users inside the container. It allows apps to define rules such as +"user ID 0 in the container maps to user ID 1000 in the host". In addition the +privileges associated with capabilities are somewhat reduced so that they cannot +be used to escape from the container environment. A full description of user +namespaces is outside the scope of this document, however LWN has `a good +write-up on the topic <https://lwn.net/Articles/532593/>`__. From the libvirt +point of view, the key thing to remember is that defining an ID mapping for +users and groups in the container XML configuration causes libvirt to activate +the user namespace feature. + +Location of configuration files +------------------------------- + +The LXC driver comes with sane default values. However, during its +initialization it reads a configuration file which offers system administrator +to override some of that default. The file is located under +``/etc/libvirt/lxc.conf`` + +Systemd Socket Activation Integration +------------------------------------- + +The libvirt LXC driver provides the ability to pass across pre-opened file +descriptors when starting LXC guests. This allows for libvirt LXC to support +systemd's `socket activation +capability <http://0pointer.de/blog/projects/socket-activated-containers.html>`__, +where an incoming client connection in the host OS will trigger the startup of a +container, which runs another copy of systemd which gets passed the server +socket, and then activates the actual service handler in the container. + +Let us assume that you already have a LXC guest created, running a systemd +instance as PID 1 inside the container, which has an SSHD service configured. +The goal is to automatically activate the container when the first SSH +connection is made. The first step is to create a couple of unit files for the +host OS systemd instance. The ``/etc/systemd/system/mycontainer.service`` unit +file specifies how systemd will start the libvirt LXC container + +:: + + [Unit] + Description=My little container + + [Service] + ExecStart=/usr/bin/virsh -c lxc:///system start --pass-fds 3 mycontainer + ExecStop=/usr/bin/virsh -c lxc:///system destroy mycontainer + Type=oneshot + RemainAfterExit=yes + KillMode=none + +The ``--pass-fds 3`` argument specifies that the file descriptor number 3 that +``virsh`` inherits from systemd, is to be passed into the container. Since +``virsh`` will exit immediately after starting the container, the +``RemainAfterExit`` and ``KillMode`` settings must be altered from their +defaults. + +Next, the ``/etc/systemd/system/mycontainer.socket`` unit file is created to get +the host systemd to listen on port 23 for TCP connections. When this unit file +is activated by the first incoming connection, it will cause the +``mycontainer.service`` unit to be activated with the FD corresponding to the +listening TCP socket passed in as FD 3. + +:: + + [Unit] + Description=The SSH socket of my little container + + [Socket] + ListenStream=23 + +Port 23 was picked here so that the container doesn't conflict with the host's +SSH which is on the normal port 22. That's it in terms of host side +configuration. + +Inside the container, the ``/etc/systemd/system/sshd.socket`` unit file must be +created + +:: + + [Unit] + Description=SSH Socket for Per-Connection Servers + + [Socket] + ListenStream=23 + Accept=yes + +The ``ListenStream`` value listed in this unit file, must match the value used +in the host file. When systemd in the container receives the pre-opened FD from +libvirt during container startup, it looks at the ``ListenStream`` values to +figure out which FD to give to which service. The actual service to start is +defined by a correspondingly named ``/etc/systemd/system/sshd@.service`` + +:: + + [Unit] + Description=SSH Per-Connection Server for %I + + [Service] + ExecStart=-/usr/sbin/sshd -i + StandardInput=socket + +Finally, make sure this SSH service is set to start on boot of the container, by +running the following command inside the container: + +:: + + # mkdir -p /etc/systemd/system/sockets.target.wants/ + # ln -s /etc/systemd/system/sshd.socket /etc/systemd/system/sockets.target.wants/ + +This example shows how to activate the container based on an incoming SSH +connection. If the container was also configured to have an httpd service, it +may be desirable to activate it upon either an httpd or a sshd connection +attempt. In this case, the ``mycontainer.socket`` file in the host would simply +list multiple socket ports. Inside the container a separate ``xxxxx.socket`` +file would need to be created for each service, with a corresponding +``ListenStream`` value set. + +Container security +------------------ + +sVirt SELinux +~~~~~~~~~~~~~ + +In the absence of the "user" namespace being used, containers cannot be +considered secure against exploits of the host OS. The sVirt SELinux driver +provides a way to secure containers even when the "user" namespace is not used. +The cost is that writing a policy to allow execution of arbitrary OS is not +practical. The SELinux sVirt policy is typically tailored to work with a simpler +application confinement use case, as provided by the "libvirt-sandbox" project. + +Auditing +~~~~~~~~ + +The LXC driver is integrated with libvirt's auditing subsystem, which causes +audit messages to be logged whenever there is an operation performed against a +container which has impact on host resources. So for example, start/stop, device +hotplug will all log audit messages providing details about what action occurred +and any resources associated with it. There are the following 3 types of audit +messages + +- ``VIRT_MACHINE_ID`` - details of the SELinux process and image security + labels assigned to the container. +- ``VIRT_CONTROL`` - details of an action / operation performed against a + container. There are the following types of operation + + - ``op=start`` - a container has been started. Provides the machine name, + uuid and PID of the ``libvirt_lxc`` controller process + - ``op=init`` - the init PID of the container has been started. Provides the + machine name, uuid and PID of the ``libvirt_lxc`` controller process and + PID of the init process (in the host PID namespace) + - ``op=stop`` - a container has been stopped. Provides the machine name, + uuid + +- ``VIRT_RESOURCE`` - details of a host resource associated with a container + action. + +Device access +~~~~~~~~~~~~~ + +All containers are launched with the CAP_MKNOD capability cleared and removed +from the bounding set. Libvirt will ensure that the /dev filesystem is +pre-populated with all devices that a container is allowed to use. In addition, +the cgroup "device" controller is configured to block read/write/mknod from all +devices except those that a container is authorized to use. + +Example configurations +---------------------- + +Example config version 1 +~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + <domain type='lxc'> + <name>vm1</name> + <memory>500000</memory> + <os> + <type>exe</type> + <init>/bin/sh</init> + </os> + <vcpu>1</vcpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/libexec/libvirt_lxc</emulator> + <interface type='network'> + <source network='default'/> + </interface> + <console type='pty' /> + </devices> + </domain> + +In the <emulator> element, be sure you specify the correct path to libvirt_lxc, +if it does not live in /usr/libexec on your system. + +The next example assumes there is a private root filesystem (perhaps +hand-crafted using busybox, or installed from media, debootstrap, whatever) +under /opt/vm-1-root: + +:: + + <domain type='lxc'> + <name>vm1</name> + <memory>32768</memory> + <os> + <type>exe</type> + <init>/init</init> + </os> + <vcpu>1</vcpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/libexec/libvirt_lxc</emulator> + <filesystem type='mount'> + <source dir='/opt/vm-1-root'/> + <target dir='/'/> + </filesystem> + <interface type='network'> + <source network='default'/> + </interface> + <console type='pty' /> + </devices> + </domain> + +Altering the available capabilities +----------------------------------- + +By default the libvirt LXC driver drops some capabilities among which CAP_MKNOD. +However :since:`since 1.2.6` libvirt can be told to keep or drop some +capabilities using a domain configuration like the following: + +:: + + ... + <features> + <capabilities policy='default'> + <mknod state='on'/> + <sys_chroot state='off'/> + </capabilities> + </features> + ... + +The capabilities children elements are named after the capabilities as defined +in ``man 7 capabilities``. An ``off`` state tells libvirt to drop the +capability, while an ``on`` state will force to keep the capability even though +this one is dropped by default. + +The ``policy`` attribute can be one of ``default``, ``allow`` or ``deny``. It +defines the default rules for capabilities: either keep the default behavior +that is dropping a few selected capabilities, or keep all capabilities or drop +all capabilities. The interest of ``allow`` and ``deny`` is that they guarantee +that all capabilities will be kept (or removed) even if new ones are added +later. + +The following example, drops all capabilities but CAP_MKNOD: + +:: + + ... + <features> + <capabilities policy='deny'> + <mknod state='on'/> + </capabilities> + </features> + ... + +Note that allowing capabilities that are normally dropped by default can +seriously affect the security of the container and the host. + +Inherit namespaces +------------------ + +Libvirt allows you to inherit the namespace from container/process just like lxc +tools or docker provides to share the network namespace. The following can be +used to share required namespaces. If we want to share only one then the other +namespaces can be ignored. The netns option is specific to sharenet. It can be +used in cases we want to use existing network namespace rather than creating new +network namespace for the container. In this case privnet option will be +ignored. + +:: + + <domain type='lxc' xmlns:lxc='http://libvirt.org/schemas/domain/lxc/1.0'> + ... + <lxc:namespace> + <lxc:sharenet type='netns' value='red'/> + <lxc:shareuts type='name' value='container1'/> + <lxc:shareipc type='pid' value='12345'/> + </lxc:namespace> + </domain> + +The use of namespace passthrough requires libvirt >= 1.2.19 + +Container usage / management +---------------------------- + +As with any libvirt virtualization driver, LXC containers can be managed via a +wide variety of libvirt based tools. At the lowest level the ``virsh`` command +can be used to perform many tasks, by passing the ``-c lxc:///system`` argument. +As an alternative to repeating the URI with every command, the +``LIBVIRT_DEFAULT_URI`` environment variable can be set to ``lxc:///system``. +The examples that follow outline some common operations with virsh and LXC. For +further details about usage of virsh consult its manual page. + +Defining (saving) container configuration +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh define`` command takes an XML configuration document and loads it +into libvirt, saving the configuration on disk + +:: + + # virsh -c lxc:///system define myguest.xml + +Viewing container configuration +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh dumpxml`` command can be used to view the current XML configuration +of a container. By default the XML output reflects the current state of the +container. If the container is running, it is possible to explicitly request the +persistent configuration, instead of the current live configuration using the +``--inactive`` flag + +:: + + # virsh -c lxc:///system dumpxml myguest + +Starting containers +~~~~~~~~~~~~~~~~~~~ + +The ``virsh start`` command can be used to start a container from a previously +defined persistent configuration + +:: + + # virsh -c lxc:///system start myguest + +It is also possible to start so called "transient" containers, which do not +require a persistent configuration to be saved by libvirt, using the +``virsh create`` command. + +:: + + # virsh -c lxc:///system create myguest.xml + +Stopping containers +~~~~~~~~~~~~~~~~~~~ + +The ``virsh shutdown`` command can be used to request a graceful shutdown of the +container. By default this command will first attempt to send a message to the +init process via the ``/dev/initctl`` device node. If no such device node +exists, then it will send SIGTERM to PID 1 inside the container. + +:: + + # virsh -c lxc:///system shutdown myguest + +If the container does not respond to the graceful shutdown request, it can be +forcibly stopped using the ``virsh destroy`` + +:: + + # virsh -c lxc:///system destroy myguest + +Rebooting a container +~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh reboot`` command can be used to request a graceful shutdown of the +container. By default this command will first attempt to send a message to the +init process via the ``/dev/initctl`` device node. If no such device node +exists, then it will send SIGHUP to PID 1 inside the container. + +:: + + # virsh -c lxc:///system reboot myguest + +Undefining (deleting) a container configuration +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh undefine`` command can be used to delete the persistent +configuration of a container. If the guest is currently running, this will turn +it into a "transient" guest. + +:: + + # virsh -c lxc:///system undefine myguest + +Connecting to a container console +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh console`` command can be used to connect to the text console +associated with a container. + +:: + + # virsh -c lxc:///system console myguest + +If the container has been configured with multiple console devices, then the +``--devname`` argument can be used to choose the console to connect to. In LXC, +multiple consoles will be named as 'console0', 'console1', 'console2', etc. + +:: + + # virsh -c lxc:///system console myguest --devname console1 + +Running commands in a container +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh lxc-enter-namespace`` command can be used to enter the namespaces +and security context of a container and then execute an arbitrary command. + +:: + + # virsh -c lxc:///system lxc-enter-namespace myguest -- /bin/ls -al /dev + +Monitoring container utilization +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virt-top`` command can be used to monitor the activity and resource +utilization of all containers on a host + +:: + + # virt-top -c lxc:///system + +Converting LXC container configuration +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh domxml-from-native`` command can be used to convert most of the LXC +container configuration into a domain XML fragment + +:: + + # virsh -c lxc:///system domxml-from-native lxc-tools /var/lib/lxc/myguest/config + +This conversion has some limitations due to the fact that the domxml-from-native +command output has to be independent of the host. Here are a few things to take +care of before converting: + +- Replace the fstab file referenced by lxc.mount by the corresponding + lxc.mount.entry lines. +- Replace all relative sizes of tmpfs mount entries to absolute sizes. Also + make sure that tmpfs entries all have a size option (default is 50%). +- Define lxc.cgroup.memory.limit_in_bytes to properly limit the memory + available to the container. The conversion will use 64MiB as the default. diff --git a/docs/meson.build b/docs/meson.build index cfbde2a58d..fdf1714da8 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvlxc', 'drvnodedev', 'drvopenvz', 'drvsecret', @@ -80,6 +79,7 @@ docs_rst_files = [ 'drvch', 'drvesx', 'drvhyperv', + 'drvlxc', 'drvqemu', 'errors', 'formatbackup', -- 2.35.1

Fix one cross link anchor along with the conversion. Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvnodedev.html.in | 383 ---------------------------------------- docs/drvnodedev.rst | 348 ++++++++++++++++++++++++++++++++++++ docs/formatdomain.rst | 3 +- docs/meson.build | 2 +- 4 files changed, 351 insertions(+), 385 deletions(-) delete mode 100644 docs/drvnodedev.html.in create mode 100644 docs/drvnodedev.rst diff --git a/docs/drvnodedev.html.in b/docs/drvnodedev.html.in deleted file mode 100644 index ee75eeb25c..0000000000 --- a/docs/drvnodedev.html.in +++ /dev/null @@ -1,383 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>Host device management</h1> - - <p> - Libvirt provides management of both physical and virtual host devices - (historically also referred to as node devices) like USB, PCI, SCSI, and - network devices. This also includes various virtualization capabilities - which the aforementioned devices provide for utilization, for example - SR-IOV, NPIV, MDEV, DRM, etc. - </p> - - <p> - The node device driver provides means to list and show details about host - devices (<code>virsh nodedev-list</code>, <code>virsh nodedev-info</code>, - and <code>virsh nodedev-dumpxml</code>), which are generic and can be used - with all devices. It also provides the means to manage virtual devices. - Persistently-defined virtual devices are only supported for mediated - devices, while transient devices are supported by both mediated devices - and NPIV (<a href="https://wiki.libvirt.org/page/NPIV_in_libvirt">more - info about NPIV)</a>). - </p> - <p> - Persistent virtual devices are managed with - <code>virsh nodedev-define</code> and <code>virsh nodedev-undefine</code>. - Persistent devices can be configured to start manually or automatically - using <code>virsh nodedev-autostart</code>. Inactive devices can be made - active with <code>virsh nodedev-start</code>. - </p> - <p> - Transient virtual devices are started and stopped with the commands - <code>virsh nodedev-create</code> and <code>virsh nodedev-destroy</code>. - </p> - <p> - Devices on the host system are arranged in a tree-like hierarchy, with - the root node being called <code>computer</code>. The node device driver - supports udev backend (HAL backend was removed in <code>6.8.0</code>). - </p> - - <p> - Details of the XML format of a host device can be found <a - href="formatnode.html">here</a>. Of particular interest is the - <code>capability</code> element, which describes features supported by - the device. Some specific device types are addressed in more detail - below. - </p> - <h2>Basic structure of a node device</h2> - <pre> -&lt;device&gt; - &lt;name&gt;pci_0000_00_17_0&lt;/name&gt; - &lt;path&gt;/sys/devices/pci0000:00/0000:00:17.0&lt;/path&gt; - &lt;parent&gt;computer&lt;/parent&gt; - &lt;driver&gt; - &lt;name&gt;ahci&lt;/name&gt; - &lt;/driver&gt; - &lt;capability type='pci'&gt; -... - &lt;/capability&gt; -&lt;/device&gt;</pre> - - <ul id="toc"/> - - <h2><a id="PCI">PCI host devices</a></h2> - <dl> - <dt><code>capability</code></dt> - <dd> - When used as top level element, the supported values for the - <code>type</code> attribute are <code>pci</code> and - <code>phys_function</code> (see <a href="#SRIOVCap">SR-IOV below</a>). - </dd> - </dl> - <pre> -&lt;device&gt; - &lt;name&gt;pci_0000_04_00_1&lt;/name&gt; - &lt;path&gt;/sys/devices/pci0000:00/0000:00:06.0/0000:04:00.1&lt;/path&gt; - &lt;parent&gt;pci_0000_00_06_0&lt;/parent&gt; - &lt;driver&gt; - &lt;name&gt;igb&lt;/name&gt; - &lt;/driver&gt; - &lt;capability type='pci'&gt; - &lt;domain&gt;0&lt;/domain&gt; - &lt;bus&gt;4&lt;/bus&gt; - &lt;slot&gt;0&lt;/slot&gt; - &lt;function&gt;1&lt;/function&gt; - &lt;product id='0x10c9'&gt;82576 Gigabit Network Connection&lt;/product&gt; - &lt;vendor id='0x8086'&gt;Intel Corporation&lt;/vendor&gt; - &lt;iommuGroup number='15'&gt; - &lt;address domain='0x0000' bus='0x04' slot='0x00' function='0x1'/&gt; - &lt;/iommuGroup&gt; - &lt;numa node='0'/&gt; - &lt;pci-express&gt; - &lt;link validity='cap' port='1' speed='2.5' width='2'/&gt; - &lt;link validity='sta' speed='2.5' width='2'/&gt; - &lt;/pci-express&gt; - &lt;/capability&gt; -&lt;/device&gt;</pre> - - <p> - The XML format for a PCI device stays the same for any further - capabilities it supports, a single nested <code>&lt;capability&gt;</code> - element will be included for each capability the device supports. - </p> - - <h3><a id="SRIOVCap">SR-IOV capability</a></h3> - <p> - Single root input/output virtualization (SR-IOV) allows sharing of the - PCIe resources by multiple virtual environments. That is achieved by - slicing up a single full-featured physical resource called physical - function (PF) into multiple devices called virtual functions (VFs) sharing - their configuration with the underlying PF. Despite the SR-IOV - specification, the amount of VFs that can be created on a PF varies among - manufacturers. - </p> - - <p> - Suppose the NIC <a href="#PCI">above</a> was also SR-IOV capable, it would - also include a nested - <code>&lt;capability&gt;</code> element enumerating all virtual - functions available on the physical device (physical port) like in the - example below. - </p> - - <pre> -&lt;capability type='pci'&gt; -... - &lt;capability type='virt_functions' maxCount='7'&gt; - &lt;address domain='0x0000' bus='0x04' slot='0x10' function='0x1'/&gt; - &lt;address domain='0x0000' bus='0x04' slot='0x10' function='0x3'/&gt; - &lt;address domain='0x0000' bus='0x04' slot='0x10' function='0x5'/&gt; - &lt;address domain='0x0000' bus='0x04' slot='0x10' function='0x7'/&gt; - &lt;address domain='0x0000' bus='0x04' slot='0x11' function='0x1'/&gt; - &lt;address domain='0x0000' bus='0x04' slot='0x11' function='0x3'/&gt; - &lt;address domain='0x0000' bus='0x04' slot='0x11' function='0x5'/&gt; - &lt;/capability&gt; -... -&lt;/capability&gt;</pre> - <p> - A SR-IOV child device on the other hand, would then report its top level - capability type as a <code>phys_function</code> instead: - </p> - - <pre> -&lt;device&gt; -... - &lt;capability type='phys_function'&gt; - &lt;address domain='0x0000' bus='0x04' slot='0x00' function='0x0'/&gt; - &lt;/capability&gt; -... -&lt;/device&gt;</pre> - - <h3><a id="MDEVCap">MDEV capability</a></h3> - <p> - A device capable of creating mediated devices will include a nested - capability <code>mdev_types</code> which enumerates all supported mdev - types on the physical device, along with the type attributes available - through sysfs. A detailed description of the XML format for the - <code>mdev_types</code> capability can be found - <a href="formatnode.html#MDEVTypesCap">here</a>. - </p> - <p> - The following example shows how we might represent an NVIDIA GPU device - that supports mediated devices. See below for <a href="#MDEV">more - information about mediated devices</a>. - </p> - -<pre> -&lt;device&gt; -... - &lt;driver&gt; - &lt;name&gt;nvidia&lt;/name&gt; - &lt;/driver&gt; - &lt;capability type='pci'&gt; -... - &lt;capability type='mdev_types'&gt; - &lt;type id='nvidia-11'&gt; - &lt;name&gt;GRID M60-0B&lt;/name&gt; - &lt;deviceAPI&gt;vfio-pci&lt;/deviceAPI&gt; - &lt;availableInstances&gt;16&lt;/availableInstances&gt; - &lt;/type&gt; - &lt;!-- Here would come the rest of the available mdev types --&gt; - &lt;/capability&gt; -... - &lt;/capability&gt; -&lt;/device&gt;</pre> - - <h3><a id="VPDCap">VPD capability</a></h3> - <p> - A device that exposes a PCI/PCIe VPD capability will include a nested - capability <code>vpd</code> which presents data stored in the Vital Product - Data (VPD). VPD provides a device name and a number of other standard-defined - read-only fields (change level, manufacture id, part number, serial number) and - vendor-specific read-only fields. Additionally, if a device supports it, - read-write fields (asset tag, vendor-specific fields or system fields) may - also be present. The VPD capability is optional for PCI/PCIe devices and the - set of exposed fields may vary depending on a device. The XML format follows - the binary format described in "I.3. VPD Definitions" in PCI Local Bus (2.2+) - and the identical format in PCIe 4.0+. At the time of writing, the support for - exposing this capability is only present on Linux-based systems (kernel version - v2.6.26 is the first one to expose VPD via sysfs which Libvirt relies on). - Reading the VPD contents requires root privileges, therefore, - <code>virsh nodedev-dumpxml</code> must be executed accordingly. - A description of the XML format for the <code>vpd</code> capability can - be found <a href="formatnode.html#VPDCap">here</a>. - </p> - <p> - The following example shows a VPD representation for a device that exposes the - VPD capability with read-only and read-write fields. Among other things, - the VPD of this particular device includes a unique board serial number. - </p> -<pre> -&lt;device&gt; - &lt;name&gt;pci_0000_42_00_0&lt;/name&gt; - &lt;capability type=&apos;pci&apos;&gt; - &lt;class&gt;0x020000&lt;/class&gt; - &lt;domain&gt;0&lt;/domain&gt; - &lt;bus&gt;66&lt;/bus&gt; - &lt;slot&gt;0&lt;/slot&gt; - &lt;function&gt;0&lt;/function&gt; - &lt;product id=&apos;0xa2d6&apos;&gt;MT42822 BlueField-2 integrated ConnectX-6 Dx network controller&lt;/product&gt; - &lt;vendor id=&apos;0x15b3&apos;&gt;Mellanox Technologies&lt;/vendor&gt; - &lt;capability type=&apos;virt_functions&apos; maxCount=&apos;16&apos;/&gt; - &lt;capability type=&apos;vpd&apos;&gt; - &lt;name&gt;BlueField-2 DPU 25GbE Dual-Port SFP56, Crypto Enabled, 16GB on-board DDR, 1GbE OOB management, Tall Bracket&lt;/name&gt; - &lt;fields access=&apos;readonly&apos;&gt; - &lt;change_level&gt;B1&lt;/change_level&gt; - &lt;manufacture_id&gt;foobar&lt;/manufacture_id&gt; - &lt;part_number&gt;MBF2H332A-AEEOT&lt;/part_number&gt; - &lt;serial_number&gt;MT2113X00000&lt;/serial_number&gt; - &lt;vendor_field index=&apos;0&apos;&gt;PCIeGen4 x8&lt;/vendor_field&gt; - &lt;vendor_field index=&apos;2&apos;&gt;MBF2H332A-AEEOT&lt;/vendor_field&gt; - &lt;vendor_field index=&apos;3&apos;&gt;3c53d07eec484d8aab34dabd24fe575aa&lt;/vendor_field&gt; - &lt;vendor_field index=&apos;A&apos;&gt;MLX:MN=MLNX:CSKU=V2:UUID=V3:PCI=V0:MODL=BF2H332A&lt;/vendor_field&gt; - &lt;/fields&gt; - &lt;fields access=&apos;readwrite&apos;&gt; - &lt;asset_tag&gt;fooasset&lt;/asset_tag&gt; - &lt;vendor_field index=&apos;0&apos;&gt;vendorfield0&lt;/vendor_field&gt; - &lt;vendor_field index=&apos;2&apos;&gt;vendorfield2&lt;/vendor_field&gt; - &lt;vendor_field index=&apos;A&apos;&gt;vendorfieldA&lt;/vendor_field&gt; - &lt;system_field index=&apos;B&apos;&gt;systemfieldB&lt;/system_field&gt; - &lt;system_field index=&apos;0&apos;&gt;systemfield0&lt;/system_field&gt; - &lt;/fields&gt; - &lt;/capability&gt; - &lt;iommuGroup number=&apos;65&apos;&gt; - &lt;address domain=&apos;0x0000&apos; bus=&apos;0x42&apos; slot=&apos;0x00&apos; function=&apos;0x0&apos;/&gt; - &lt;/iommuGroup&gt; - &lt;numa node=&apos;0&apos;/&gt; - &lt;pci-express&gt; - &lt;link validity=&apos;cap&apos; port=&apos;0&apos; speed=&apos;16&apos; width=&apos;8&apos;/&gt; - &lt;link validity=&apos;sta&apos; speed=&apos;8&apos; width=&apos;8&apos;/&gt; - &lt;/pci-express&gt; - &lt;/capability&gt; -&lt;/device&gt; -</pre> - - <h2><a id="MDEV">Mediated devices (MDEVs)</a></h2> - <p> - Mediated devices (<span class="since">Since 3.2.0</span>) are software - devices defining resource allocation on the backing physical device which - in turn allows the parent physical device's resources to be divided into - several mediated devices, thus sharing the physical device's performance - among multiple guests. Unlike SR-IOV however, where a PCIe device appears - as multiple separate PCIe devices on the host's PCI bus, mediated devices - only appear on the mdev virtual bus. Therefore, no detach/reattach - procedure from/to the host driver procedure is involved even though - mediated devices are used in a direct device assignment manner. A - detailed description of the XML format for the <code>mdev</code> - capability can be found <a href="formatnode.html#mdev">here</a>. - </p> - - <h3>Example of a mediated device</h3> - <pre> -&lt;device&gt; - &lt;name&gt;mdev_4b20d080_1b54_4048_85b3_a6a62d165c01&lt;/name&gt; - &lt;path&gt;/sys/devices/pci0000:00/0000:00:02.0/4b20d080-1b54-4048-85b3-a6a62d165c01&lt;/path&gt; - &lt;parent&gt;pci_0000_06_00_0&lt;/parent&gt; - &lt;driver&gt; - &lt;name&gt;vfio_mdev&lt;/name&gt; - &lt;/driver&gt; - &lt;capability type='mdev'&gt; - &lt;type id='nvidia-11'/&gt; - &lt;uuid&gt;4b20d080-1b54-4048-85b3-a6a62d165c01&lt;/uuid&gt; - &lt;iommuGroup number='12'/&gt; - &lt;/capability&gt; -&lt;/device&gt;</pre> - - <p> - The support of mediated device's framework in libvirt's node device driver - covers the following features: - </p> - - <ul> - <li> - list available mediated devices on the host - (<span class="since">Since 3.4.0</span>) - </li> - <li> - display device details - (<span class="since">Since 3.4.0</span>) - </li> - <li> - create transient mediated devices - (<span class="since">Since 6.5.0</span>) - </li> - <li> - define persistent mediated devices - (<span class="since">Since 7.3.0</span>) - </li> - </ul> - - <p> - Because mediated devices are instantiated from vendor specific templates, - simply called 'types', information describing these types is contained - within the parent device's capabilities (see the example in <a - href="#PCI">PCI host devices</a>). To list all devices capable of - creating mediated devices, the following command can be used. - </p> - <pre>$ virsh nodedev-list --cap mdev_types</pre> - - <p> - To see the supported mediated device types on a specific physical device - use the following: - </p> - - <pre>$ virsh nodedev-dumpxml &lt;device&gt;</pre> - - <p> - Before creating a mediated device, unbind the device from the respective - device driver, eg. subchannel I/O driver for a CCW device. Then bind the - device to the respective VFIO driver. For a CCW device, also unbind the - corresponding subchannel of the CCW device from the subchannel I/O driver - and then bind the subchannel (instead of the CCW device) to the vfio_ccw - driver. The below example shows the unbinding and binding steps for a CCW - device. - </p> - - <pre> -device="0.0.1234" -subchannel="0.0.0123" -echo $device &gt; /sys/bus/ccw/devices/$device/driver/unbind -echo $subchannel &gt; /sys/bus/css/devices/$subchannel/driver/unbind -echo $subchannel &gt; /sys/bus/css/drivers/vfio_ccw/bind - </pre> - - <p> - To instantiate a transient mediated device, create an XML file representing the - device. See above for information about the mediated device xml format. - </p> - - <pre>$ virsh nodedev-create &lt;xml-file&gt; -Node device '&lt;device-name&gt;' created from '&lt;xml-file&gt;'</pre> - - <p> - If you would like to persistently define the device so that it will be - maintained across host reboots, use <code>virsh nodedev-define</code> - instead of <code>nodedev-create</code>: - </p> - - <pre>$ virsh nodedev-define &lt;xml-file&gt; -Node device '&lt;device-name&gt;' defined from '&lt;xml-file&gt;'</pre> - - <p> - To start an instance of this device definition, use the following command: - </p> - - <pre>$ virsh nodedev-start &lt;device-name&gt;</pre> - <p> - Active mediated device instances can be stopped using <code>virsh - nodedev-destroy</code>, and persistent device definitions can be removed - using <code>virsh nodedev-undefine</code>. - </p> - - <p> - If a mediated device is defined persistently, it can also be set to be - automatically started whenever the host reboots or when the parent device - becomes available. In order to autostart a mediated device, use the - following command: - </p> - - <pre>$ virsh nodedev-autostart &lt;device-name&gt;</pre> - </body> -</html> diff --git a/docs/drvnodedev.rst b/docs/drvnodedev.rst new file mode 100644 index 0000000000..cddb36c73b --- /dev/null +++ b/docs/drvnodedev.rst @@ -0,0 +1,348 @@ +.. role:: since + +====================== +Host device management +====================== + +.. contents:: + +Libvirt provides management of both physical and virtual host devices +(historically also referred to as node devices) like USB, PCI, SCSI, and network +devices. This also includes various virtualization capabilities which the +aforementioned devices provide for utilization, for example SR-IOV, NPIV, MDEV, +DRM, etc. + +The node device driver provides means to list and show details about host +devices (``virsh nodedev-list``, ``virsh nodedev-info``, and +``virsh nodedev-dumpxml``), which are generic and can be used with all devices. +It also provides the means to manage virtual devices. Persistently-defined +virtual devices are only supported for mediated devices, while transient devices +are supported by both mediated devices and NPIV (`more info about +NPIV) <https://wiki.libvirt.org/page/NPIV_in_libvirt>`__). + +Persistent virtual devices are managed with ``virsh nodedev-define`` and +``virsh nodedev-undefine``. Persistent devices can be configured to start +manually or automatically using ``virsh nodedev-autostart``. Inactive devices +can be made active with ``virsh nodedev-start``. + +Transient virtual devices are started and stopped with the commands +``virsh nodedev-create`` and ``virsh nodedev-destroy``. + +Devices on the host system are arranged in a tree-like hierarchy, with the root +node being called ``computer``. The node device driver supports udev backend +(HAL backend was removed in ``6.8.0``). + +Details of the XML format of a host device can be found +`here <formatnode.html>`__. Of particular interest is the ``capability`` +element, which describes features supported by the device. Some specific device +types are addressed in more detail below. + +Basic structure of a node device +-------------------------------- + +:: + + <device> + <name>pci_0000_00_17_0</name> + <path>/sys/devices/pci0000:00/0000:00:17.0</path> + <parent>computer</parent> + <driver> + <name>ahci</name> + </driver> + <capability type='pci'> + ... + </capability> + </device> + +PCI host devices +---------------- + +``capability`` + When used as top level element, the supported values for the ``type`` + attribute are ``pci`` and ``phys_function`` (see `SR-IOV + below <#SRIOVCap>`__). + +:: + + <device> + <name>pci_0000_04_00_1</name> + <path>/sys/devices/pci0000:00/0000:00:06.0/0000:04:00.1</path> + <parent>pci_0000_00_06_0</parent> + <driver> + <name>igb</name> + </driver> + <capability type='pci'> + <domain>0</domain> + <bus>4</bus> + <slot>0</slot> + <function>1</function> + <product id='0x10c9'>82576 Gigabit Network Connection</product> + <vendor id='0x8086'>Intel Corporation</vendor> + <iommuGroup number='15'> + <address domain='0x0000' bus='0x04' slot='0x00' function='0x1'/> + </iommuGroup> + <numa node='0'/> + <pci-express> + <link validity='cap' port='1' speed='2.5' width='2'/> + <link validity='sta' speed='2.5' width='2'/> + </pci-express> + </capability> + </device> + +The XML format for a PCI device stays the same for any further capabilities it +supports, a single nested ``<capability>`` element will be included for each +capability the device supports. + +SR-IOV capability +~~~~~~~~~~~~~~~~~ + +Single root input/output virtualization (SR-IOV) allows sharing of the PCIe +resources by multiple virtual environments. That is achieved by slicing up a +single full-featured physical resource called physical function (PF) into +multiple devices called virtual functions (VFs) sharing their configuration with +the underlying PF. Despite the SR-IOV specification, the amount of VFs that can +be created on a PF varies among manufacturers. + +Suppose the NIC `above <#PCI>`__ was also SR-IOV capable, it would also include +a nested ``<capability>`` element enumerating all virtual functions available on +the physical device (physical port) like in the example below. + +:: + + <capability type='pci'> + ... + <capability type='virt_functions' maxCount='7'> + <address domain='0x0000' bus='0x04' slot='0x10' function='0x1'/> + <address domain='0x0000' bus='0x04' slot='0x10' function='0x3'/> + <address domain='0x0000' bus='0x04' slot='0x10' function='0x5'/> + <address domain='0x0000' bus='0x04' slot='0x10' function='0x7'/> + <address domain='0x0000' bus='0x04' slot='0x11' function='0x1'/> + <address domain='0x0000' bus='0x04' slot='0x11' function='0x3'/> + <address domain='0x0000' bus='0x04' slot='0x11' function='0x5'/> + </capability> + ... + </capability> + +A SR-IOV child device on the other hand, would then report its top level +capability type as a ``phys_function`` instead: + +:: + + <device> + ... + <capability type='phys_function'> + <address domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> + </capability> + ... + </device> + +MDEV capability +~~~~~~~~~~~~~~~ + +A device capable of creating mediated devices will include a nested capability +``mdev_types`` which enumerates all supported mdev types on the physical device, +along with the type attributes available through sysfs. A detailed description +of the XML format for the ``mdev_types`` capability can be found +`here <formatnode.html#MDEVTypesCap>`__. + +The following example shows how we might represent an NVIDIA GPU device that +supports mediated devices. See below for `more information about mediated +devices <#MDEV>`__. + +:: + + <device> + ... + <driver> + <name>nvidia</name> + </driver> + <capability type='pci'> + ... + <capability type='mdev_types'> + <type id='nvidia-11'> + <name>GRID M60-0B</name> + <deviceAPI>vfio-pci</deviceAPI> + <availableInstances>16</availableInstances> + </type> + <!-- Here would come the rest of the available mdev types --> + </capability> + ... + </capability> + </device> + +VPD capability +~~~~~~~~~~~~~~ + +A device that exposes a PCI/PCIe VPD capability will include a nested capability +``vpd`` which presents data stored in the Vital Product Data (VPD). VPD provides +a device name and a number of other standard-defined read-only fields (change +level, manufacture id, part number, serial number) and vendor-specific read-only +fields. Additionally, if a device supports it, read-write fields (asset tag, +vendor-specific fields or system fields) may also be present. The VPD capability +is optional for PCI/PCIe devices and the set of exposed fields may vary +depending on a device. The XML format follows the binary format described in +"I.3. VPD Definitions" in PCI Local Bus (2.2+) and the identical format in PCIe +4.0+. At the time of writing, the support for exposing this capability is only +present on Linux-based systems (kernel version v2.6.26 is the first one to +expose VPD via sysfs which Libvirt relies on). Reading the VPD contents requires +root privileges, therefore, ``virsh nodedev-dumpxml`` must be executed +accordingly. A description of the XML format for the ``vpd`` capability can be +found `here <formatnode.html#VPDCap>`__. + +The following example shows a VPD representation for a device that exposes the +VPD capability with read-only and read-write fields. Among other things, the VPD +of this particular device includes a unique board serial number. + +:: + + <device> + <name>pci_0000_42_00_0</name> + <capability type='pci'> + <class>0x020000</class> + <domain>0</domain> + <bus>66</bus> + <slot>0</slot> + <function>0</function> + <product id='0xa2d6'>MT42822 BlueField-2 integrated ConnectX-6 Dx network controller</product> + <vendor id='0x15b3'>Mellanox Technologies</vendor> + <capability type='virt_functions' maxCount='16'/> + <capability type='vpd'> + <name>BlueField-2 DPU 25GbE Dual-Port SFP56, Crypto Enabled, 16GB on-board DDR, 1GbE OOB management, Tall Bracket</name> + <fields access='readonly'> + <change_level>B1</change_level> + <manufacture_id>foobar</manufacture_id> + <part_number>MBF2H332A-AEEOT</part_number> + <serial_number>MT2113X00000</serial_number> + <vendor_field index='0'>PCIeGen4 x8</vendor_field> + <vendor_field index='2'>MBF2H332A-AEEOT</vendor_field> + <vendor_field index='3'>3c53d07eec484d8aab34dabd24fe575aa</vendor_field> + <vendor_field index='A'>MLX:MN=MLNX:CSKU=V2:UUID=V3:PCI=V0:MODL=BF2H332A</vendor_field> + </fields> + <fields access='readwrite'> + <asset_tag>fooasset</asset_tag> + <vendor_field index='0'>vendorfield0</vendor_field> + <vendor_field index='2'>vendorfield2</vendor_field> + <vendor_field index='A'>vendorfieldA</vendor_field> + <system_field index='B'>systemfieldB</system_field> + <system_field index='0'>systemfield0</system_field> + </fields> + </capability> + <iommuGroup number='65'> + <address domain='0x0000' bus='0x42' slot='0x00' function='0x0'/> + </iommuGroup> + <numa node='0'/> + <pci-express> + <link validity='cap' port='0' speed='16' width='8'/> + <link validity='sta' speed='8' width='8'/> + </pci-express> + </capability> + </device> + +Mediated devices (MDEVs) +------------------------ + +Mediated devices ( :since:`Since 3.2.0` ) are software devices defining resource +allocation on the backing physical device which in turn allows the parent +physical device's resources to be divided into several mediated devices, thus +sharing the physical device's performance among multiple guests. Unlike SR-IOV +however, where a PCIe device appears as multiple separate PCIe devices on the +host's PCI bus, mediated devices only appear on the mdev virtual bus. Therefore, +no detach/reattach procedure from/to the host driver procedure is involved even +though mediated devices are used in a direct device assignment manner. A +detailed description of the XML format for the ``mdev`` capability can be found +`here <formatnode.html#mdev>`__. + +Example of a mediated device +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + <device> + <name>mdev_4b20d080_1b54_4048_85b3_a6a62d165c01</name> + <path>/sys/devices/pci0000:00/0000:00:02.0/4b20d080-1b54-4048-85b3-a6a62d165c01</path> + <parent>pci_0000_06_00_0</parent> + <driver> + <name>vfio_mdev</name> + </driver> + <capability type='mdev'> + <type id='nvidia-11'/> + <uuid>4b20d080-1b54-4048-85b3-a6a62d165c01</uuid> + <iommuGroup number='12'/> + </capability> + </device> + +The support of mediated device's framework in libvirt's node device driver +covers the following features: + +- list available mediated devices on the host ( :since:`Since 3.4.0` ) +- display device details ( :since:`Since 3.4.0` ) +- create transient mediated devices ( :since:`Since 6.5.0` ) +- define persistent mediated devices ( :since:`Since 7.3.0` ) + +Because mediated devices are instantiated from vendor specific templates, simply +called 'types', information describing these types is contained within the +parent device's capabilities (see the example in `PCI host devices <#PCI>`__). +To list all devices capable of creating mediated devices, the following command +can be used. + +:: + + $ virsh nodedev-list --cap mdev_types + +To see the supported mediated device types on a specific physical device use the +following: + +:: + + $ virsh nodedev-dumpxml <device> + +Before creating a mediated device, unbind the device from the respective device +driver, eg. subchannel I/O driver for a CCW device. Then bind the device to the +respective VFIO driver. For a CCW device, also unbind the corresponding +subchannel of the CCW device from the subchannel I/O driver and then bind the +subchannel (instead of the CCW device) to the vfio_ccw driver. The below example +shows the unbinding and binding steps for a CCW device. + +:: + + device="0.0.1234" + subchannel="0.0.0123" + echo $device > /sys/bus/ccw/devices/$device/driver/unbind + echo $subchannel > /sys/bus/css/devices/$subchannel/driver/unbind + echo $subchannel > /sys/bus/css/drivers/vfio_ccw/bind + +To instantiate a transient mediated device, create an XML file representing the +device. See above for information about the mediated device xml format. + +:: + + $ virsh nodedev-create <xml-file> + Node device '<device-name>' created from '<xml-file>' + +If you would like to persistently define the device so that it will be +maintained across host reboots, use ``virsh nodedev-define`` instead of +``nodedev-create``: + +:: + + $ virsh nodedev-define <xml-file> + Node device '<device-name>' defined from '<xml-file>' + +To start an instance of this device definition, use the following command: + +:: + + $ virsh nodedev-start <device-name> + +Active mediated device instances can be stopped using +``virsh nodedev-destroy``, and persistent device definitions can be +removed using ``virsh nodedev-undefine``. + +If a mediated device is defined persistently, it can also be set to be +automatically started whenever the host reboots or when the parent device +becomes available. In order to autostart a mediated device, use the following +command: + +:: + + $ virsh nodedev-autostart <device-name> diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index e492532004..4fb2e1a9f4 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -4166,7 +4166,8 @@ or: specifies the device API which determines how the host's vfio driver will expose the device to the guest. Currently, ``model='vfio-pci'``, ``model='vfio-ccw'`` ( :since:`Since 4.4.0` ) and ``model='vfio-ap'`` ( - :since:`Since 4.9.0` ) is supported. `MDEV <drvnodedev.html#MDEV>`__ + :since:`Since 4.9.0` ) is supported. + `MDEV <drvnodedev.html#mediated-devices-mdevs>`__ section provides more information about mediated devices as well as how to create mediated devices on the host. :since:`Since 4.6.0 (QEMU 2.12)` an optional ``display`` attribute may be used to enable or disable support diff --git a/docs/meson.build b/docs/meson.build index fdf1714da8..bf5a978b07 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvnodedev', 'drvopenvz', 'drvsecret', 'drvtest', @@ -80,6 +79,7 @@ docs_rst_files = [ 'drvesx', 'drvhyperv', 'drvlxc', + 'drvnodedev', 'drvqemu', 'errors', 'formatbackup', -- 2.35.1

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvopenvz.html.in | 123 ----------------------------------------- docs/drvopenvz.rst | 97 ++++++++++++++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 98 insertions(+), 124 deletions(-) delete mode 100644 docs/drvopenvz.html.in create mode 100644 docs/drvopenvz.rst diff --git a/docs/drvopenvz.html.in b/docs/drvopenvz.html.in deleted file mode 100644 index 64a75e3fec..0000000000 --- a/docs/drvopenvz.html.in +++ /dev/null @@ -1,123 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>OpenVZ container driver</h1> - - <ul id="toc"></ul> - - <p> - The OpenVZ driver for libvirt allows use and management of container - based virtualization on a Linux host OS. Prior to using the OpenVZ - driver, the OpenVZ enabled kernel must be installed &amp; booted, and the - OpenVZ userspace tools installed. The libvirt driver has been tested - with OpenVZ 3.0.22, but other 3.0.x versions should also work without - undue trouble. - </p> - - <h2><a id="project">Project Links</a></h2> - - <ul> - <li> - The <a href="https://openvz.org/">OpenVZ</a> Linux container - system - </li> - </ul> - - <h2><a id="connections">Connections to OpenVZ driver</a></h2> - - <p> - The libvirt OpenVZ driver is a single-instance privileged driver, - with a driver name of 'openvz'. Some example connection URIs for - the libvirt driver are: - </p> - -<pre> -openvz:///system (local access) -openvz+unix:///system (local access) -openvz://example.com/system (remote access, TLS/x509) -openvz+tcp://example.com/system (remote access, SASl/Kerberos) -openvz+ssh://root@example.com/system (remote access, SSH tunnelled) -</pre> - - <h2><a id="notes">Notes on bridged networking</a></h2> - - <p> - Bridged networking enables a guest domain (ie container) to have its - network interface connected directly to the host's physical LAN. Before - this can be used there are a couple of configuration pre-requisites for - the host OS. - </p> - - <h3><a id="host">Host network devices</a></h3> - - <p> - One or more of the physical devices must be attached to a bridge. The - process for this varies according to the operating system in use, so - for up to date notes consult the <a href="https://wiki.libvirt.org">Wiki</a> - or your operating system's networking documentation. The basic idea is - that the host OS should end up with a bridge device "br0" containing a - physical device "eth0", or a bonding device "bond0". - </p> - - <h3><a id="tools">OpenVZ tools configuration</a></h3> - - <p> - OpenVZ releases later than 3.0.23 ship with a standard network device - setup script that is able to setup bridging, named - <code>/usr/sbin/vznetaddbr</code>. For releases prior to 3.0.23, this - script must be created manually by the host OS administrator. The - simplest way is to just download the latest version of this script - from a newer OpenVZ release, or upstream source repository. Then - a generic configuration file <code>/etc/vz/vznet.conf</code> - must be created containing - </p> - -<pre> -#!/bin/bash -EXTERNAL_SCRIPT="/usr/sbin/vznetaddbr" -</pre> - - <p> - The host OS is now ready to allow bridging of guest containers, which - will work whether the container is started with libvirt, or OpenVZ - tools. - </p> - - - <h2><a id="example">Example guest domain XML configuration</a></h2> - - <p> - The current libvirt OpenVZ driver has a restriction that the - domain names must match the OpenVZ container VEID, which by - convention start at 100, and are incremented from there. The - choice of OS template to use inside the container is determined - by the <code>filesystem</code> tag, and the template source name - matches the templates known to OpenVZ tools. - </p> - -<pre> -&lt;domain type='openvz' id='104'&gt; - &lt;name&gt;104&lt;/name&gt; - &lt;uuid&gt;86c12009-e591-a159-6e9f-91d18b85ef78&lt;/uuid&gt; - &lt;vcpu&gt;3&lt;/vcpu&gt; - &lt;os&gt; - &lt;type&gt;exe&lt;/type&gt; - &lt;init&gt;/sbin/init&lt;/init&gt; - &lt;/os&gt; - &lt;devices&gt; - &lt;filesystem type='template'&gt; - &lt;source name='fedora-9-i386-minimal'/&gt; - &lt;target dir='/'/&gt; - &lt;/filesystem&gt; - &lt;interface type='bridge'&gt; - &lt;mac address='00:18:51:5b:ea:bf'/&gt; - &lt;source bridge='br0'/&gt; - &lt;target dev='veth101.0'/&gt; - &lt;/interface&gt; - &lt;/devices&gt; -&lt;/domain&gt; -</pre> - - </body> -</html> diff --git a/docs/drvopenvz.rst b/docs/drvopenvz.rst new file mode 100644 index 0000000000..ff6e1f994d --- /dev/null +++ b/docs/drvopenvz.rst @@ -0,0 +1,97 @@ +======================= +OpenVZ container driver +======================= + +.. contents:: + +The OpenVZ driver for libvirt allows use and management of container based +virtualization on a Linux host OS. Prior to using the OpenVZ driver, the OpenVZ +enabled kernel must be installed & booted, and the OpenVZ userspace tools +installed. The libvirt driver has been tested with OpenVZ 3.0.22, but other +3.0.x versions should also work without undue trouble. + +Project Links +------------- + +- The `OpenVZ <https://openvz.org/>`__ Linux container system + +Connections to OpenVZ driver +---------------------------- + +The libvirt OpenVZ driver is a single-instance privileged driver, with a driver +name of 'openvz'. Some example connection URIs for the libvirt driver are: + +:: + + openvz:///system (local access) + openvz+unix:///system (local access) + openvz://example.com/system (remote access, TLS/x509) + openvz+tcp://example.com/system (remote access, SASl/Kerberos) + openvz+ssh://root@example.com/system (remote access, SSH tunnelled) + +Notes on bridged networking +--------------------------- + +Bridged networking enables a guest domain (ie container) to have its network +interface connected directly to the host's physical LAN. Before this can be used +there are a couple of configuration pre-requisites for the host OS. + +Host network devices +~~~~~~~~~~~~~~~~~~~~ + +One or more of the physical devices must be attached to a bridge. The process +for this varies according to the operating system in use, so for up to date +notes consult the `Wiki <https://wiki.libvirt.org>`__ or your operating system's +networking documentation. The basic idea is that the host OS should end up with +a bridge device "br0" containing a physical device "eth0", or a bonding device +"bond0". + +OpenVZ tools configuration +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +OpenVZ releases later than 3.0.23 ship with a standard network device setup +script that is able to setup bridging, named ``/usr/sbin/vznetaddbr``. For +releases prior to 3.0.23, this script must be created manually by the host OS +administrator. The simplest way is to just download the latest version of this +script from a newer OpenVZ release, or upstream source repository. Then a +generic configuration file ``/etc/vz/vznet.conf`` must be created containing + +:: + + #!/bin/bash + EXTERNAL_SCRIPT="/usr/sbin/vznetaddbr" + +The host OS is now ready to allow bridging of guest containers, which will work +whether the container is started with libvirt, or OpenVZ tools. + +Example guest domain XML configuration +-------------------------------------- + +The current libvirt OpenVZ driver has a restriction that the domain names must +match the OpenVZ container VEID, which by convention start at 100, and are +incremented from there. The choice of OS template to use inside the container is +determined by the ``filesystem`` tag, and the template source name matches the +templates known to OpenVZ tools. + +:: + + <domain type='openvz' id='104'> + <name>104</name> + <uuid>86c12009-e591-a159-6e9f-91d18b85ef78</uuid> + <vcpu>3</vcpu> + <os> + <type>exe</type> + <init>/sbin/init</init> + </os> + <devices> + <filesystem type='template'> + <source name='fedora-9-i386-minimal'/> + <target dir='/'/> + </filesystem> + <interface type='bridge'> + <mac address='00:18:51:5b:ea:bf'/> + <source bridge='br0'/> + <target dev='veth101.0'/> + </interface> + </devices> + </domain> diff --git a/docs/meson.build b/docs/meson.build index bf5a978b07..d936091091 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvopenvz', 'drvsecret', 'drvtest', 'drvvbox', @@ -80,6 +79,7 @@ docs_rst_files = [ 'drvhyperv', 'drvlxc', 'drvnodedev', + 'drvopenvz', 'drvqemu', 'errors', 'formatbackup', -- 2.35.1

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvsecret.html.in | 82 ------------------------------------------ docs/drvsecret.rst | 65 +++++++++++++++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 66 insertions(+), 83 deletions(-) delete mode 100644 docs/drvsecret.html.in create mode 100644 docs/drvsecret.rst diff --git a/docs/drvsecret.html.in b/docs/drvsecret.html.in deleted file mode 100644 index 1bd7d75215..0000000000 --- a/docs/drvsecret.html.in +++ /dev/null @@ -1,82 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>Secret information management</h1> - - <p> - The secrets driver in libvirt provides a simple interface for - storing and retrieving secret information. - </p> - - <h2><a id="uris">Connections to SECRET driver</a></h2> - - <p> - The libvirt SECRET driver is a multi-instance driver, providing a single - system wide privileged driver (the "system" instance), and per-user - unprivileged drivers (the "session" instance). A connection to the secret - driver is automatically available when opening a connection to one of the - stateful primary hypervisor drivers. It is none the less also possible to - explicitly open just the secret driver, using the URI protocol "secret" - Some example connection URIs for the driver are: - </p> - -<pre> -secret:///session (local access to per-user instance) -secret+unix:///session (local access to per-user instance) - -secret:///system (local access to system instance) -secret+unix:///system (local access to system instance) -secret://example.com/system (remote access, TLS/x509) -secret+tcp://example.com/system (remote access, SASl/Kerberos) -secret+ssh://root@example.com/system (remote access, SSH tunnelled) -</pre> - - <h3><a id="uriembedded">Embedded driver</a></h3> - - <p> - Since 6.1.0 the secret driver has experimental support for operating - in an embedded mode. In this scenario, rather than connecting to - the libvirtd daemon, the secret driver runs in the client application - process directly. To open the driver in embedded mode the app use the - new URI path and specify a virtual root directory under which the - driver will create content. - </p> - - <pre> - secret:///embed?root=/some/dir - </pre> - - <p> - Under the specified root directory the following locations will - be used - </p> - - <pre> -/some/dir - | - +- etc - | | - | +- secrets - | - +- run - | - +- secrets - </pre> - - <p> - The application is responsible for recursively purging the contents - of this directory tree once they no longer require a connection, - though it can also be left intact for reuse when opening a future - connection. - </p> - - <p> - The range of functionality is intended to be on a par with that - seen when using the traditional system or session libvirt connections - to QEMU. Normal practice would be to open the secret driver in embedded - mode any time one of the other drivers is opened in embedded mode so - that the two drivers can interact in-process. - </p> - </body> -</html> diff --git a/docs/drvsecret.rst b/docs/drvsecret.rst new file mode 100644 index 0000000000..76a9097d2b --- /dev/null +++ b/docs/drvsecret.rst @@ -0,0 +1,65 @@ +============================= +Secret information management +============================= + +The secrets driver in libvirt provides a simple interface for storing and +retrieving secret information. + +Connections to SECRET driver +---------------------------- + +The libvirt SECRET driver is a multi-instance driver, providing a single system +wide privileged driver (the "system" instance), and per-user unprivileged +drivers (the "session" instance). A connection to the secret driver is +automatically available when opening a connection to one of the stateful primary +hypervisor drivers. It is none the less also possible to explicitly open just +the secret driver, using the URI protocol "secret" Some example connection URIs +for the driver are: + +:: + + secret:///session (local access to per-user instance) + secret+unix:///session (local access to per-user instance) + + secret:///system (local access to system instance) + secret+unix:///system (local access to system instance) + secret://example.com/system (remote access, TLS/x509) + secret+tcp://example.com/system (remote access, SASl/Kerberos) + secret+ssh://root@example.com/system (remote access, SSH tunnelled) + +Embedded driver +~~~~~~~~~~~~~~~ + +Since 6.1.0 the secret driver has experimental support for operating in an +embedded mode. In this scenario, rather than connecting to the libvirtd daemon, +the secret driver runs in the client application process directly. To open the +driver in embedded mode the app use the new URI path and specify a virtual root +directory under which the driver will create content. + +:: + + secret:///embed?root=/some/dir + +Under the specified root directory the following locations will be used + +:: + + /some/dir + | + +- etc + | | + | +- secrets + | + +- run + | + +- secrets + +The application is responsible for recursively purging the contents of this +directory tree once they no longer require a connection, though it can also be +left intact for reuse when opening a future connection. + +The range of functionality is intended to be on a par with that seen when using +the traditional system or session libvirt connections to QEMU. Normal practice +would be to open the secret driver in embedded mode any time one of the other +drivers is opened in embedded mode so that the two drivers can interact +in-process. diff --git a/docs/meson.build b/docs/meson.build index d936091091..8499b3d595 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvsecret', 'drvtest', 'drvvbox', 'drvvirtuozzo', @@ -81,6 +80,7 @@ docs_rst_files = [ 'drvnodedev', 'drvopenvz', 'drvqemu', + 'drvsecret', 'errors', 'formatbackup', 'formatcheckpoint', -- 2.35.1

The first sentence was moved up a paragraph to stop treating the first sub-heading as a page subtitle. Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvtest.html.in | 27 --------------------------- docs/drvtest.rst | 21 +++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 22 insertions(+), 28 deletions(-) delete mode 100644 docs/drvtest.html.in create mode 100644 docs/drvtest.rst diff --git a/docs/drvtest.html.in b/docs/drvtest.html.in deleted file mode 100644 index 6884184e6f..0000000000 --- a/docs/drvtest.html.in +++ /dev/null @@ -1,27 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>Test "mock" driver</h1> - - <h2>Connections to Test driver</h2> - - <p> - The libvirt Test driver is a per-process fake hypervisor driver, - with a driver name of 'test'. The driver maintains all its state - in memory. It can start with a pre-configured default config, or - be given a path to an alternate config. Some example connection URIs - for the libvirt driver are: - </p> - -<pre> -test:///default (local access, default config) -test:///path/to/driver/config.xml (local access, custom config) -test+unix:///default (local access, default config, via daemon) -test://example.com/default (remote access, TLS/x509) -test+tcp://example.com/default (remote access, SASl/Kerberos) -test+ssh://root@example.com/default (remote access, SSH tunnelled) -</pre> - - </body> -</html> diff --git a/docs/drvtest.rst b/docs/drvtest.rst new file mode 100644 index 0000000000..99578a47ba --- /dev/null +++ b/docs/drvtest.rst @@ -0,0 +1,21 @@ +================== +Test "mock" driver +================== + +The libvirt ``test`` driver is a per-process fake hypervisor driver. + +Connections to Test driver +-------------------------- + +The driver maintains all its state in memory. It can start with +a pre-configured default config, or be given a path to an alternate config. Some +example connection URIs for the libvirt driver are: + +:: + + test:///default (local access, default config) + test:///path/to/driver/config.xml (local access, custom config) + test+unix:///default (local access, default config, via daemon) + test://example.com/default (remote access, TLS/x509) + test+tcp://example.com/default (remote access, SASl/Kerberos) + test+ssh://root@example.com/default (remote access, SSH tunnelled) diff --git a/docs/meson.build b/docs/meson.build index 8499b3d595..5995b2ec91 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvtest', 'drvvbox', 'drvvirtuozzo', 'drvvmware', @@ -81,6 +80,7 @@ docs_rst_files = [ 'drvopenvz', 'drvqemu', 'drvsecret', + 'drvtest', 'errors', 'formatbackup', 'formatcheckpoint', -- 2.35.1

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvvbox.html.in | 172 ------------------------------------------- docs/drvvbox.rst | 161 ++++++++++++++++++++++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 162 insertions(+), 173 deletions(-) delete mode 100644 docs/drvvbox.html.in create mode 100644 docs/drvvbox.rst diff --git a/docs/drvvbox.html.in b/docs/drvvbox.html.in deleted file mode 100644 index 0c0d14fa6a..0000000000 --- a/docs/drvvbox.html.in +++ /dev/null @@ -1,172 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>VirtualBox hypervisor driver</h1> - <p> - The libvirt VirtualBox driver can manage any VirtualBox version - from version 4.0 onwards - (<span class="since">since libvirt 3.0.0</span>). - </p> - - <h2><a id="project">Project Links</a></h2> - - <ul> - <li> - The <a href="https://www.virtualbox.org/">VirtualBox</a> - hypervisor - </li> - </ul> - - <h2>Connections to VirtualBox driver</h2> - - <p> - The libvirt VirtualBox driver provides per-user drivers (the "session" instance). - The uri of the driver protocol is "vbox". Some example connection URIs for the driver are: - </p> - -<pre> -vbox:///session (local access to per-user instance) -vbox+unix:///session (local access to per-user instance) -vbox+tcp://user@example.com/session (remote access, SASl/Kerberos) -vbox+ssh://user@example.com/session (remote access, SSH tunnelled) -</pre> - - <p> - <strong>NOTE: as of libvirt 1.0.6, the VirtualBox driver will always - run inside the libvirtd daemon, instead of being built-in to the - libvirt.so library directly. This change was required due to the - fact that VirtualBox code is LGPLv2-only licensed, which is not - compatible with the libvirt.so license of LGPLv2-or-later. The - daemon will be auto-started when the first connection to VirtualBox - is requested. This change also means that it will not be possible - to use VirtualBox URIs on the Windows platform, until additional - work is completed to get the libvirtd daemon working there.</strong> - </p> - - <h2><a id="xmlconfig">Example domain XML config</a></h2> - -<pre> -&lt;domain type='vbox'&gt; - &lt;name&gt;vbox&lt;/name&gt; - &lt;uuid&gt;4dab22b31d52d8f32516782e98ab3fa0&lt;/uuid&gt; - - &lt;os&gt; - &lt;type&gt;hvm&lt;/type&gt; - &lt;boot dev='cdrom'/&gt; - &lt;boot dev='hd'/&gt; - &lt;boot dev='fd'/&gt; - &lt;boot dev='network'/&gt; - &lt;/os&gt; - - &lt;memory&gt;654321&lt;/memory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - - &lt;features&gt; - &lt;pae/&gt; - &lt;acpi/&gt; - &lt;apic/&gt; - &lt;/features&gt; - - &lt;devices&gt; - &lt;!--Set IDE controller model to PIIX4 (default PIIX3)--&gt; - &lt;controller type='ide' model='piix4'/&gt; - - &lt;controller type='scsi' index='0'/&gt; - - &lt;!--VirtualBox SAS Controller--&gt; - &lt;controller type='scsi' index='1' model='lsisas1068'/&gt; - - &lt;disk type='file' device='cdrom'&gt; - &lt;source file='/home/user/Downloads/slax-6.0.9.iso'/&gt; - &lt;target dev='hdc'/&gt; - &lt;readonly/&gt; - &lt;/disk&gt; - - &lt;disk type='file' device='disk'&gt; - &lt;source file='/home/user/tmp/vbox.vdi'/&gt; - &lt;target dev='hdd'/&gt; - &lt;/disk&gt; - - &lt;!--Attach to the SCSI controller (index=0, default)--&gt; - &lt;disk type='file' device='disk'&gt; - &lt;source file='/home/user/tmp/vbox2.vdi'/&gt; - &lt;target dev='sda' bus='scsi'/&gt; - &lt;/disk&gt; - - &lt;!--Attach to the SAS controller (index=1)--&gt; - &lt;disk type='file' device='disk'&gt; - &lt;source file='/home/user/tmp/vbox3.vdi'/&gt; - &lt;target dev='sda' bus='scsi'/&gt; - &lt;address type='drive' controller='1' bus='0' target='0' unit='0'/&gt; - &lt;/disk&gt; - - &lt;disk type='file' device='floppy'&gt; - &lt;source file='/home/user/tmp/WIN98C.IMG'/&gt; - &lt;target dev='fda'/&gt; - &lt;/disk&gt; - - &lt;filesystem type='mount'&gt; - &lt;source dir='/home/user/stuff'/&gt; - &lt;target dir='my-shared-folder'/&gt; - &lt;/filesystem&gt; - - &lt;!--BRIDGE--&gt; - &lt;interface type='bridge'&gt; - &lt;source bridge='eth0'/&gt; - &lt;mac address='00:16:3e:5d:c7:9e'/&gt; - &lt;model type='am79c973'/&gt; - &lt;/interface&gt; - - &lt;!--NAT--&gt; - &lt;interface type='user'&gt; - &lt;mac address='56:16:3e:5d:c7:9e'/&gt; - &lt;model type='82540eM'/&gt; - &lt;/interface&gt; - - &lt;graphics type='desktop'/&gt; - - &lt;!--Activate the VRDE server with a port in 3389-3689 range--&gt; - &lt;graphics type='rdp' autoport='yes' multiUser='yes'/&gt; - - &lt;sound model='sb16'/&gt; - - &lt;parallel type='dev'&gt; - &lt;source path='/dev/pts/1'/&gt; - &lt;target port='0'/&gt; - &lt;/parallel&gt; - - &lt;parallel type='dev'&gt; - &lt;source path='/dev/pts/2'/&gt; - &lt;target port='1'/&gt; - &lt;/parallel&gt; - - &lt;serial type="dev"&gt; - &lt;source path="/dev/ttyS0"/&gt; - &lt;target port="0"/&gt; - &lt;/serial&gt; - - &lt;serial type="pipe"&gt; - &lt;source path="/tmp/serial.txt"/&gt; - &lt;target port="1"/&gt; - &lt;/serial&gt; - - &lt;hostdev mode='subsystem' type='usb'&gt; - &lt;source&gt; - &lt;vendor id='0x1234'/&gt; - &lt;product id='0xbeef'/&gt; - &lt;/source&gt; - &lt;/hostdev&gt; - - &lt;hostdev mode='subsystem' type='usb'&gt; - &lt;source&gt; - &lt;vendor id='0x4321'/&gt; - &lt;product id='0xfeeb'/&gt; - &lt;/source&gt; - &lt;/hostdev&gt; - &lt;/devices&gt; -&lt;/domain&gt; -</pre> - - </body> -</html> diff --git a/docs/drvvbox.rst b/docs/drvvbox.rst new file mode 100644 index 0000000000..5154280ca2 --- /dev/null +++ b/docs/drvvbox.rst @@ -0,0 +1,161 @@ +.. role:: since + +============================ +VirtualBox hypervisor driver +============================ + +The libvirt VirtualBox driver can manage any VirtualBox version from version 4.0 +onwards ( :since:`since libvirt 3.0.0` ). + +Project Links +------------- + +- The `VirtualBox <https://www.virtualbox.org/>`__ hypervisor + +Connections to VirtualBox driver +-------------------------------- + +The libvirt VirtualBox driver provides per-user drivers (the "session" +instance). The uri of the driver protocol is "vbox". Some example connection +URIs for the driver are: + +:: + + vbox:///session (local access to per-user instance) + vbox+unix:///session (local access to per-user instance) + vbox+tcp://user@example.com/session (remote access, SASl/Kerberos) + vbox+ssh://user@example.com/session (remote access, SSH tunnelled) + +**NOTE: as of libvirt 1.0.6, the VirtualBox driver will always run inside the +libvirtd daemon, instead of being built-in to the libvirt.so library directly. +This change was required due to the fact that VirtualBox code is LGPLv2-only +licensed, which is not compatible with the libvirt.so license of +LGPLv2-or-later. The daemon will be auto-started when the first connection to +VirtualBox is requested. This change also means that it will not be possible to +use VirtualBox URIs on the Windows platform, until additional work is completed +to get the libvirtd daemon working there.** + +Example domain XML config +------------------------- + +:: + + <domain type='vbox'> + <name>vbox</name> + <uuid>4dab22b31d52d8f32516782e98ab3fa0</uuid> + + <os> + <type>hvm</type> + <boot dev='cdrom'/> + <boot dev='hd'/> + <boot dev='fd'/> + <boot dev='network'/> + </os> + + <memory>654321</memory> + <vcpu>1</vcpu> + + <features> + <pae/> + <acpi/> + <apic/> + </features> + + <devices> + <!--Set IDE controller model to PIIX4 (default PIIX3)--> + <controller type='ide' model='piix4'/> + + <controller type='scsi' index='0'/> + + <!--VirtualBox SAS Controller--> + <controller type='scsi' index='1' model='lsisas1068'/> + + <disk type='file' device='cdrom'> + <source file='/home/user/Downloads/slax-6.0.9.iso'/> + <target dev='hdc'/> + <readonly/> + </disk> + + <disk type='file' device='disk'> + <source file='/home/user/tmp/vbox.vdi'/> + <target dev='hdd'/> + </disk> + + <!--Attach to the SCSI controller (index=0, default)--> + <disk type='file' device='disk'> + <source file='/home/user/tmp/vbox2.vdi'/> + <target dev='sda' bus='scsi'/> + </disk> + + <!--Attach to the SAS controller (index=1)--> + <disk type='file' device='disk'> + <source file='/home/user/tmp/vbox3.vdi'/> + <target dev='sda' bus='scsi'/> + <address type='drive' controller='1' bus='0' target='0' unit='0'/> + </disk> + + <disk type='file' device='floppy'> + <source file='/home/user/tmp/WIN98C.IMG'/> + <target dev='fda'/> + </disk> + + <filesystem type='mount'> + <source dir='/home/user/stuff'/> + <target dir='my-shared-folder'/> + </filesystem> + + <!--BRIDGE--> + <interface type='bridge'> + <source bridge='eth0'/> + <mac address='00:16:3e:5d:c7:9e'/> + <model type='am79c973'/> + </interface> + + <!--NAT--> + <interface type='user'> + <mac address='56:16:3e:5d:c7:9e'/> + <model type='82540eM'/> + </interface> + + <graphics type='desktop'/> + + <!--Activate the VRDE server with a port in 3389-3689 range--> + <graphics type='rdp' autoport='yes' multiUser='yes'/> + + <sound model='sb16'/> + + <parallel type='dev'> + <source path='/dev/pts/1'/> + <target port='0'/> + </parallel> + + <parallel type='dev'> + <source path='/dev/pts/2'/> + <target port='1'/> + </parallel> + + <serial type="dev"> + <source path="/dev/ttyS0"/> + <target port="0"/> + </serial> + + <serial type="pipe"> + <source path="/tmp/serial.txt"/> + <target port="1"/> + </serial> + + <hostdev mode='subsystem' type='usb'> + <source> + <vendor id='0x1234'/> + <product id='0xbeef'/> + </source> + </hostdev> + + <hostdev mode='subsystem' type='usb'> + <source> + <vendor id='0x4321'/> + <product id='0xfeeb'/> + </source> + </hostdev> + </devices> + </domain> diff --git a/docs/meson.build b/docs/meson.build index 5995b2ec91..954c4e4b96 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvvbox', 'drvvirtuozzo', 'drvvmware', 'drvxen', @@ -81,6 +80,7 @@ docs_rst_files = [ 'drvqemu', 'drvsecret', 'drvtest', + 'drvvbox', 'errors', 'formatbackup', 'formatcheckpoint', -- 2.35.1

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvvirtuozzo.html.in | 70 --------------------------------------- docs/drvvirtuozzo.rst | 60 +++++++++++++++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 61 insertions(+), 71 deletions(-) delete mode 100644 docs/drvvirtuozzo.html.in create mode 100644 docs/drvvirtuozzo.rst diff --git a/docs/drvvirtuozzo.html.in b/docs/drvvirtuozzo.html.in deleted file mode 100644 index e47f72bad1..0000000000 --- a/docs/drvvirtuozzo.html.in +++ /dev/null @@ -1,70 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>Virtuozzo driver</h1> - <ul id="toc"></ul> - <p> - The libvirt vz driver can manage Virtuozzo starting from version 6.0. - </p> - - - <h2><a id="project">Project Links</a></h2> - <ul> - <li> - The <a href="https://www.virtuozzo.com/">Virtuozzo</a> Solution. - </li> - </ul> - - - <h2><a id="uri">Connections to the Virtuozzo driver</a></h2> - <p> - The libvirt Virtuozzo driver is a single-instance privileged driver, with a driver name of 'virtuozzo'. Some example connection URIs for the libvirt driver are: - </p> -<pre> -vz:///system (local access) -vz+unix:///system (local access) -vz://example.com/system (remote access, TLS/x509) -vz+tcp://example.com/system (remote access, SASl/Kerberos) -vz+ssh://root@example.com/system (remote access, SSH tunnelled) -</pre> - - <h2><a id="example">Example guest domain XML configuration</a></h2> - - <p> - Virtuozzo driver require at least one hard disk for new domains - at this time. It is used for defining directory, where VM should - be created. - </p> - -<pre> -&lt;domain type='vz'&gt; - &lt;name&gt;demo&lt;/name&gt; - &lt;uuid&gt;54cdecad-4492-4e31-a209-33cc21d64057&lt;/uuid&gt; - &lt;description&gt;some description&lt;/description&gt; - &lt;memory unit='KiB'&gt;1048576&lt;/memory&gt; - &lt;currentMemory unit='KiB'&gt;1048576&lt;/currentMemory&gt; - &lt;vcpu placement='static'&gt;2&lt;/vcpu&gt; - &lt;os&gt; - &lt;type arch='x86_64'&gt;hvm&lt;/type&gt; - &lt;/os&gt; - &lt;clock offset='utc'/&gt; - &lt;on_poweroff&gt;destroy&lt;/on_poweroff&gt; - &lt;on_reboot&gt;destroy&lt;/on_reboot&gt; - &lt;on_crash&gt;destroy&lt;/on_crash&gt; - &lt;devices&gt; - &lt;disk type='file' device='disk'&gt; - &lt;source file='/storage/vol1'/&gt; - &lt;target dev='hda'/&gt; - &lt;/disk&gt; - &lt;video&gt; - &lt;model type='vga' vram='33554432' heads='1'&gt; - &lt;acceleration accel3d='no' accel2d='no'/&gt; - &lt;/model&gt; - &lt;/video&gt; - &lt;/devices&gt; -&lt;/domain&gt; - -</pre> - -</body></html> diff --git a/docs/drvvirtuozzo.rst b/docs/drvvirtuozzo.rst new file mode 100644 index 0000000000..fbb6ab0e71 --- /dev/null +++ b/docs/drvvirtuozzo.rst @@ -0,0 +1,60 @@ +================ +Virtuozzo driver +================ + +The libvirt vz driver can manage Virtuozzo starting from version 6.0. + +Project Links +------------- + +- The `Virtuozzo <https://www.virtuozzo.com/>`__ Solution. + +Connections to the Virtuozzo driver +----------------------------------- + +The libvirt Virtuozzo driver is a single-instance privileged driver, with a +driver name of 'virtuozzo'. Some example connection URIs for the libvirt driver +are: + +:: + + vz:///system (local access) + vz+unix:///system (local access) + vz://example.com/system (remote access, TLS/x509) + vz+tcp://example.com/system (remote access, SASl/Kerberos) + vz+ssh://root@example.com/system (remote access, SSH tunnelled) + +Example guest domain XML configuration +-------------------------------------- + +Virtuozzo driver require at least one hard disk for new domains at this time. It +is used for defining directory, where VM should be created. + +:: + + <domain type='vz'> + <name>demo</name> + <uuid>54cdecad-4492-4e31-a209-33cc21d64057</uuid> + <description>some description</description> + <memory unit='KiB'>1048576</memory> + <currentMemory unit='KiB'>1048576</currentMemory> + <vcpu placement='static'>2</vcpu> + <os> + <type arch='x86_64'>hvm</type> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>destroy</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <disk type='file' device='disk'> + <source file='/storage/vol1'/> + <target dev='hda'/> + </disk> + <video> + <model type='vga' vram='33554432' heads='1'> + <acceleration accel3d='no' accel2d='no'/> + </model> + </video> + </devices> + </domain> diff --git a/docs/meson.build b/docs/meson.build index 954c4e4b96..99732f57ba 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvvirtuozzo', 'drvvmware', 'drvxen', 'firewall', @@ -81,6 +80,7 @@ docs_rst_files = [ 'drvsecret', 'drvtest', 'drvvbox', + 'drvvirtuozzo', 'errors', 'formatbackup', 'formatcheckpoint', -- 2.35.1

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvvmware.html.in | 89 ------------------------------------------ docs/drvvmware.rst | 72 ++++++++++++++++++++++++++++++++++ docs/meson.build | 2 +- 3 files changed, 73 insertions(+), 90 deletions(-) delete mode 100644 docs/drvvmware.html.in create mode 100644 docs/drvvmware.rst diff --git a/docs/drvvmware.html.in b/docs/drvvmware.html.in deleted file mode 100644 index d581ad1d1c..0000000000 --- a/docs/drvvmware.html.in +++ /dev/null @@ -1,89 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>VMware Workstation / Player / Fusion hypervisors driver</h1> - <p> - The libvirt VMware driver should be able to manage any Workstation, - Player, Fusion version supported by the VMware VIX API. See the - compatibility list - <a href="https://www.vmware.com/support/developer/vix-api/vix110_refere...;. - </p> - <p> - This driver uses the "vmrun" utility which is distributed with the VMware VIX API. - You can download the VIX API - from <a href="https://www.vmware.com/support/developer/vix-api/">her...;. - </p> - - <h2><a id="project">Project Links</a></h2> - - <ul> - <li> - The <a href="https://www.vmware.com/">VMware Workstation and - Player</a> hypervisors - </li> - <li> - The <a href="https://www.vmware.com/fusion">VMware Fusion</a> - hypervisor - </li> - </ul> - - <h2>Connections to VMware driver</h2> - - <p> - The libvirt VMware driver provides per-user drivers (the "session" instance). - Three uris are available: - </p> - <ul> - <li>"vmwareplayer" for VMware Player</li> - <li>"vmwarews" for VMware Workstation</li> - <li>"vmwarefusion" for VMware Fusion</li> - </ul> - <p> - Some example connection URIs for the driver are: - </p> - -<pre> -vmwareplayer:///session (local access to VMware Player per-user instance) -vmwarews:///session (local access to VMware Workstation per-user instance) -vmwarefusion:///session (local access to VMware Fusion per-user instance) -vmwarews+tcp://user@example.com/session (remote access to VMware Workstation, SASl/Kerberos) -vmwarews+ssh://user@example.com/session (remote access to VMware Workstation, SSH tunnelled) -</pre> - - <h2><a id="xmlconfig">Example domain XML config</a></h2> - -<pre> -&lt;domain type='vmware'&gt; - &lt;name&gt;vmware&lt;/name&gt; - &lt;uuid&gt;bea92244-8885-4562-828b-3b086731c5b1&lt;/uuid&gt; - - &lt;os&gt; - &lt;type&gt;hvm&lt;/type&gt; - &lt;/os&gt; - - &lt;memory&gt;524288&lt;/memory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - - &lt;features&gt; - &lt;pae/&gt; - &lt;acpi/&gt; - &lt;/features&gt; - - &lt;devices&gt; - &lt;disk type='file' device='disk'&gt; - &lt;source file='/home/user/tmp/disk.vmdk'/&gt; - &lt;target bus='ide' dev='hda'/&gt; - &lt;/disk&gt; - - &lt;interface type='bridge'&gt; - &lt;target dev='/dev/vmnet1'/&gt; - &lt;source bridge=''/&gt; - &lt;mac address='00:16:3e:5d:c7:9e'/&gt; - &lt;/interface&gt; - &lt;/devices&gt; -&lt;/domain&gt; -</pre> - - </body> -</html> diff --git a/docs/drvvmware.rst b/docs/drvvmware.rst new file mode 100644 index 0000000000..6db1a78a17 --- /dev/null +++ b/docs/drvvmware.rst @@ -0,0 +1,72 @@ +======================================================= +VMware Workstation / Player / Fusion hypervisors driver +======================================================= + +The libvirt VMware driver should be able to manage any Workstation, Player, +Fusion version supported by the VMware VIX API. See the compatibility list +`here <https://www.vmware.com/support/developer/vix-api/vix110_reference/>`__. + +This driver uses the "vmrun" utility which is distributed with the VMware VIX +API. You can download the VIX API from +`here <https://www.vmware.com/support/developer/vix-api/>`__. + +Project Links +------------- + +- The `VMware Workstation and Player <https://www.vmware.com/>`__ hypervisors +- The `VMware Fusion <https://www.vmware.com/fusion>`__ hypervisor + +Connections to VMware driver +---------------------------- + +The libvirt VMware driver provides per-user drivers (the "session" instance). +Three uris are available: + +- "vmwareplayer" for VMware Player +- "vmwarews" for VMware Workstation +- "vmwarefusion" for VMware Fusion + +Some example connection URIs for the driver are: + +:: + + vmwareplayer:///session (local access to VMware Player per-user instance) + vmwarews:///session (local access to VMware Workstation per-user instance) + vmwarefusion:///session (local access to VMware Fusion per-user instance) + vmwarews+tcp://user@example.com/session (remote access to VMware Workstation, SASl/Kerberos) + vmwarews+ssh://user@example.com/session (remote access to VMware Workstation, SSH tunnelled) + +Example domain XML config +------------------------- + +:: + + <domain type='vmware'> + <name>vmware</name> + <uuid>bea92244-8885-4562-828b-3b086731c5b1</uuid> + + <os> + <type>hvm</type> + </os> + + <memory>524288</memory> + <vcpu>1</vcpu> + + <features> + <pae/> + <acpi/> + </features> + + <devices> + <disk type='file' device='disk'> + <source file='/home/user/tmp/disk.vmdk'/> + <target bus='ide' dev='hda'/> + </disk> + + <interface type='bridge'> + <target dev='/dev/vmnet1'/> + <source bridge=''/> + <mac address='00:16:3e:5d:c7:9e'/> + </interface> + </devices> + </domain> diff --git a/docs/meson.build b/docs/meson.build index 99732f57ba..940fbedcfa 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvvmware', 'drvxen', 'firewall', 'format', @@ -81,6 +80,7 @@ docs_rst_files = [ 'drvtest', 'drvvbox', 'drvvirtuozzo', + 'drvvmware', 'errors', 'formatbackup', 'formatcheckpoint', -- 2.35.1

Fix the referenced anchor in 'formatdomain.rst' right away. Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- docs/drvxen.html.in | 358 ------------------------------------------ docs/drvxen.rst | 338 +++++++++++++++++++++++++++++++++++++++ docs/formatdomain.rst | 2 +- docs/meson.build | 2 +- 4 files changed, 340 insertions(+), 360 deletions(-) delete mode 100644 docs/drvxen.html.in create mode 100644 docs/drvxen.rst diff --git a/docs/drvxen.html.in b/docs/drvxen.html.in deleted file mode 100644 index 95be36c879..0000000000 --- a/docs/drvxen.html.in +++ /dev/null @@ -1,358 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> - <body> - <h1>libxl hypervisor driver for Xen</h1> - - <ul id="toc"></ul> - - <p> - The libvirt libxl driver provides the ability to manage virtual - machines on any Xen release from 4.6.0 onwards. - </p> - - <h2><a id="project">Project Links</a></h2> - - <ul> - <li> - The <a href="https://www.xenproject.org">Xen</a> - hypervisor on Linux and Solaris hosts - </li> - </ul> - - <h2><a id="prereq">Deployment pre-requisites</a></h2> - - <p> - The libvirt libxl driver uses Xen's libxl API, also known as - libxenlight, to implement libvirt's hypervisor driver - functionality. libxl provides a consolidated interface for - managing a Xen host and its virtual machines, unlike old - versions of Xen where applications often had to communicate - with xend, xenstored, and the hypervisor itself via hypercalls. - With libxl the only pre-requisit is a properly installed Xen - host with the libxl toolstack running in a service domain - (often Domain-0). - </p> - - <h2><a id="uri">Connections to libxl driver</a></h2> - - <p> - The libvirt libxl driver is a single-instance privileged driver, - with a driver name of 'xen'. Some example connection URIs for - the libxl driver are: - </p> - -<pre> -xen:///system (local access, direct) -xen+unix:///system (local access, via daemon) -xen://example.com/system (remote access, TLS/x509) -xen+tcp://example.com/system (remote access, SASl/Kerberos) -xen+ssh://root@example.com/system (remote access, SSH tunnelled) -</pre> - - - <h2><a id="configFiles">Location of configuration files</a></h2> - - <p> - The libxl driver comes with sane default values. However, during its - initialization it reads a configuration file which offers system - administrator to override some of that default. The file is located - under <code>/etc/libvirt/libxl.conf</code> - </p> - - - <h2><a id="imex">Import and export of libvirt domain XML configs</a></h2> - - <p> - The libxl driver currently supports three native - config formats. The first, known as <code>xen-xm</code>, is the - original Xen virtual machine config format used by the legacy - xm/xend toolstack. The second, known as <code>xen-sxpr</code>, - is also one of the original formats that was used by xend's - legacy HTTP RPC service (<span class='removed'>removed in 5.6.0</span>) - </p> - - <p> - The third format is <code>xen-xl</code>, which is the virtual - machine config format supported by modern Xen. The <code>xen-xl</code> - format is described in the xl.cfg(5) man page. - </p> - - <h3><a id="xmlimport">Converting from XM config files to domain XML</a></h3> - - <p> - The <code>virsh domxml-from-native</code> provides a way to convert an - existing set of xl, xm, or sxpr config files to libvirt Domain XML, - which can then be used by libvirt. - </p> - - <pre>$ virsh -c xen:///system domxml-from-native xen-xm rhel5.cfg -&lt;domain type='xen'&gt; - &lt;name&gt;rhel5pv&lt;/name&gt; - &lt;uuid&gt;8f07fe28-753f-2729-d76d-bdbd892f949a&lt;/uuid&gt; - &lt;memory&gt;2560000&lt;/memory&gt; - &lt;currentMemory&gt;307200&lt;/currentMemory&gt; - &lt;vcpu&gt;4&lt;/vcpu&gt; - &lt;bootloader&gt;/usr/bin/pygrub&lt;/bootloader&gt; - &lt;os&gt; - &lt;type arch='x86_64' machine='xenpv'&gt;linux&lt;/type&gt; - &lt;/os&gt; - &lt;clock offset='utc'/&gt; - &lt;on_poweroff&gt;destroy&lt;/on_poweroff&gt; - &lt;on_reboot&gt;restart&lt;/on_reboot&gt; - &lt;on_crash&gt;restart&lt;/on_crash&gt; - &lt;devices&gt; - &lt;disk type='file' device='disk'&gt; - &lt;driver name='tap' type='aio'/&gt; - &lt;source file='/var/lib/xen/images/rhel5pv.img'/&gt; - &lt;target dev='xvda' bus='xen'/&gt; - &lt;/disk&gt; - &lt;disk type='file' device='disk'&gt; - &lt;driver name='tap' type='qcow'/&gt; - &lt;source file='/root/qcow1-xen.img'/&gt; - &lt;target dev='xvdd' bus='xen'/&gt; - &lt;/disk&gt; - &lt;interface type='bridge'&gt; - &lt;mac address='00:16:3e:60:36:ba'/&gt; - &lt;source bridge='xenbr0'/&gt; - &lt;/interface&gt; - &lt;console type='pty'&gt; - &lt;target port='0'/&gt; - &lt;/console&gt; - &lt;input type='mouse' bus='xen'/&gt; - &lt;graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/&gt; - &lt;/devices&gt; -&lt;/domain&gt;</pre> - - <h3><a id="xmlexport">Converting from domain XML to XM config files</a></h3> - - <p> - The <code>virsh domxml-to-native</code> provides a way to convert a - guest description using libvirt Domain XML into xl, xm, or sxpr config - format. - </p> - - <pre>$ virsh -c xen:///system domxml-to-native xen-xm rhel5pv.xml -name = "rhel5pv" -uuid = "8f07fe28-753f-2729-d76d-bdbd892f949a" -maxmem = 2500 -memory = 300 -vcpus = 4 -bootloader = "/usr/bin/pygrub" -kernel = "/var/lib/xen/boot_kernel.0YK-cS" -ramdisk = "/var/lib/xen/boot_ramdisk.vWgrxK" -extra = "ro root=/dev/VolGroup00/LogVol00 rhgb quiet" -on_poweroff = "destroy" -on_reboot = "restart" -on_crash = "restart" -sdl = 0 -vnc = 1 -vncunused = 1 -vnclisten = "0.0.0.0" -disk = [ "tap:aio:/var/lib/xen/images/rhel5pv.img,xvda,w", "tap:qcow:/root/qcow1-xen.img,xvdd,w" ] -vif = [ "mac=00:16:3e:60:36:ba,bridge=virbr0,script=vif-bridge,vifname=vif5.0" ]</pre> - - <h2><a id="xencommand">Pass-through of arbitrary command-line arguments - to the qemu device model</a></h2> - - <p><span class="since">Since 6.7.0</span>, the Xen driver supports passing - arbitrary command-line arguments to the qemu device model used by Xen with - the <code>&lt;xen:commandline&gt;</code> element under <code>domain</code>. - In order to use command-line pass-through, an XML namespace request must be - issued that pulls in <code>http://libvirt.org/schemas/domain/xen/1.0</code>;. - With the namespace in place, it is then possible to add - <code>&lt;xen:arg&gt;</code>sub-elements to - <code>&lt;xen:commandline&gt;</code> describing each argument passed to - the device model when starting the domain. - </p> - <p>The following example illustrates passing arguments to the QEMU device - model that define a floppy drive, which Xen does not support through its - public APIs: - </p> - <pre> -&lt;domain type="xen" xmlns:xen="http://libvirt.org/schemas/domain/xen/1.0"&gt; - ... - &lt;xen:commandline&gt; - &lt;xen:arg value='-drive'/&gt; - &lt;xen:arg value='file=/path/to/image,format=raw,if=none,id=drive-fdc0-0-0'/&gt; - &lt;xen:arg value='-global'/&gt; - &lt;xen:arg value='isa-fdc.driveA=drive-fdc0-0-0'/&gt; - &lt;/xen:commandline&gt; -&lt;/domain&gt; - </pre> - - <h2><a id="xmlconfig">Example domain XML config</a></h2> - - <p> - Below are some example XML configurations for Xen guest domains. - For full details of the available options, consult the <a href="formatdomain.html">domain XML format</a> - guide. - </p> - - <h3>Paravirtualized guest bootloader</h3> - - <p> - Using a bootloader allows a paravirtualized guest to be booted using - a kernel stored inside its virtual disk image - </p> - - <pre>&lt;domain type='xen' &gt; - &lt;name&gt;fc8&lt;/name&gt; - &lt;bootloader&gt;/usr/bin/pygrub&lt;/bootloader&gt; - &lt;os&gt; - &lt;type&gt;linux&lt;/type&gt; - &lt;/os&gt; - &lt;memory&gt;131072&lt;/memory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;devices&gt; - &lt;disk type='file'&gt; - &lt;source file='/var/lib/xen/images/fc4.img'/&gt; - &lt;target dev='sda1'/&gt; - &lt;/disk&gt; - &lt;interface type='bridge'&gt; - &lt;source bridge='xenbr0'/&gt; - &lt;mac address='aa:00:00:00:00:11'/&gt; - &lt;script path='/etc/xen/scripts/vif-bridge'/&gt; - &lt;/interface&gt; - &lt;console tty='/dev/pts/5'/&gt; - &lt;/devices&gt; -&lt;/domain&gt;</pre> - - <h3>Paravirtualized guest direct kernel boot</h3> - - <p> - For installation of paravirtualized guests it is typical to boot the - domain using a kernel and initrd stored in the host OS - </p> - - <pre>&lt;domain type='xen' &gt; - &lt;name&gt;fc8&lt;/name&gt; - &lt;os&gt; - &lt;type&gt;linux&lt;/type&gt; - &lt;kernel&gt;/var/lib/xen/install/vmlinuz-fedora8-x86_64&lt;/kernel&gt; - &lt;initrd&gt;/var/lib/xen/install/initrd-vmlinuz-fedora8-x86_64&lt;/initrd&gt; - &lt;cmdline&gt; kickstart=http://example.com/myguest.ks &lt;/cmdline&gt; - &lt;/os&gt; - &lt;memory&gt;131072&lt;/memory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;devices&gt; - &lt;disk type='file'&gt; - &lt;source file='/var/lib/xen/images/fc4.img'/&gt; - &lt;target dev='sda1'/&gt; - &lt;/disk&gt; - &lt;interface type='bridge'&gt; - &lt;source bridge='xenbr0'/&gt; - &lt;mac address='aa:00:00:00:00:11'/&gt; - &lt;script path='/etc/xen/scripts/vif-bridge'/&gt; - &lt;/interface&gt; - &lt;graphics type='vnc' port='-1'/&gt; - &lt;console tty='/dev/pts/5'/&gt; - &lt;/devices&gt; -&lt;/domain&gt;</pre> - - <h3>Fullyvirtualized guest BIOS boot</h3> - - <p> - Fullyvirtualized guests use the emulated BIOS to boot off the primary - harddisk, CDROM or Network PXE ROM. - </p> - - <pre>&lt;domain type='xen' id='3'&gt; - &lt;name&gt;fv0&lt;/name&gt; - &lt;uuid&gt;4dea22b31d52d8f32516782e98ab3fa0&lt;/uuid&gt; - &lt;os&gt; - &lt;type&gt;hvm&lt;/type&gt; - &lt;loader&gt;/usr/lib/xen/boot/hvmloader&lt;/loader&gt; - &lt;boot dev='hd'/&gt; - &lt;/os&gt; - &lt;memory&gt;524288&lt;/memory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;on_poweroff&gt;destroy&lt;/on_poweroff&gt; - &lt;on_reboot&gt;restart&lt;/on_reboot&gt; - &lt;on_crash&gt;restart&lt;/on_crash&gt; - &lt;features&gt; - &lt;pae/&gt; - &lt;acpi/&gt; - &lt;apic/&gt; - &lt;/features&gt; - &lt;clock sync="localtime"/&gt; - &lt;devices&gt; - &lt;emulator&gt;/usr/lib/xen/bin/qemu-dm&lt;/emulator&gt; - &lt;interface type='bridge'&gt; - &lt;source bridge='xenbr0'/&gt; - &lt;mac address='00:16:3e:5d:c7:9e'/&gt; - &lt;script path='vif-bridge'/&gt; - &lt;/interface&gt; - &lt;disk type='file'&gt; - &lt;source file='/var/lib/xen/images/fv0'/&gt; - &lt;target dev='hda'/&gt; - &lt;/disk&gt; - &lt;disk type='file' device='cdrom'&gt; - &lt;source file='/var/lib/xen/images/fc5-x86_64-boot.iso'/&gt; - &lt;target dev='hdc'/&gt; - &lt;readonly/&gt; - &lt;/disk&gt; - &lt;disk type='file' device='floppy'&gt; - &lt;source file='/root/fd.img'/&gt; - &lt;target dev='fda'/&gt; - &lt;/disk&gt; - &lt;graphics type='vnc' port='5904'/&gt; - &lt;/devices&gt; -&lt;/domain&gt;</pre> - - <h3>Fullyvirtualized guest direct kernel boot</h3> - - <p> - With Xen 3.2.0 or later it is possible to bypass the BIOS and directly - boot a Linux kernel and initrd as a fullyvirtualized domain. This allows - for complete automation of OS installation, for example using the Anaconda - kickstart support. - </p> - - <pre>&lt;domain type='xen' id='3'&gt; - &lt;name&gt;fv0&lt;/name&gt; - &lt;uuid&gt;4dea22b31d52d8f32516782e98ab3fa0&lt;/uuid&gt; - &lt;os&gt; - &lt;type&gt;hvm&lt;/type&gt; - &lt;loader&gt;/usr/lib/xen/boot/hvmloader&lt;/loader&gt; - &lt;kernel&gt;/var/lib/xen/install/vmlinuz-fedora8-x86_64&lt;/kernel&gt; - &lt;initrd&gt;/var/lib/xen/install/initrd-vmlinuz-fedora8-x86_64&lt;/initrd&gt; - &lt;cmdline&gt; kickstart=http://example.com/myguest.ks &lt;/cmdline&gt; - &lt;/os&gt; - &lt;memory&gt;524288&lt;/memory&gt; - &lt;vcpu&gt;1&lt;/vcpu&gt; - &lt;on_poweroff&gt;destroy&lt;/on_poweroff&gt; - &lt;on_reboot&gt;restart&lt;/on_reboot&gt; - &lt;on_crash&gt;restart&lt;/on_crash&gt; - &lt;features&gt; - &lt;pae/&gt; - &lt;acpi/&gt; - &lt;apic/&gt; - &lt;/features&gt; - &lt;clock sync="localtime"/&gt; - &lt;devices&gt; - &lt;emulator&gt;/usr/lib/xen/bin/qemu-dm&lt;/emulator&gt; - &lt;interface type='bridge'&gt; - &lt;source bridge='xenbr0'/&gt; - &lt;mac address='00:16:3e:5d:c7:9e'/&gt; - &lt;script path='vif-bridge'/&gt; - &lt;/interface&gt; - &lt;disk type='file'&gt; - &lt;source file='/var/lib/xen/images/fv0'/&gt; - &lt;target dev='hda'/&gt; - &lt;/disk&gt; - &lt;disk type='file' device='cdrom'&gt; - &lt;source file='/var/lib/xen/images/fc5-x86_64-boot.iso'/&gt; - &lt;target dev='hdc'/&gt; - &lt;readonly/&gt; - &lt;/disk&gt; - &lt;disk type='file' device='floppy'&gt; - &lt;source file='/root/fd.img'/&gt; - &lt;target dev='fda'/&gt; - &lt;/disk&gt; - &lt;graphics type='vnc' port='5904'/&gt; - &lt;/devices&gt; -&lt;/domain&gt;</pre> - - </body> -</html> diff --git a/docs/drvxen.rst b/docs/drvxen.rst new file mode 100644 index 0000000000..c131d52c7a --- /dev/null +++ b/docs/drvxen.rst @@ -0,0 +1,338 @@ +.. role:: since + +=============================== +libxl hypervisor driver for Xen +=============================== + +.. contents:: + +The libvirt libxl driver provides the ability to manage virtual machines on any +Xen release from 4.6.0 onwards. + +Project Links +------------- + +- The `Xen <https://www.xenproject.org>`__ hypervisor on Linux and Solaris + hosts + +Deployment pre-requisites +------------------------- + +The libvirt libxl driver uses Xen's libxl API, also known as libxenlight, to +implement libvirt's hypervisor driver functionality. libxl provides a +consolidated interface for managing a Xen host and its virtual machines, unlike +old versions of Xen where applications often had to communicate with xend, +xenstored, and the hypervisor itself via hypercalls. With libxl the only +pre-requisit is a properly installed Xen host with the libxl toolstack running +in a service domain (often Domain-0). + +Connections to libxl driver +--------------------------- + +The libvirt libxl driver is a single-instance privileged driver, with a driver +name of 'xen'. Some example connection URIs for the libxl driver are: + +:: + + xen:///system (local access, direct) + xen+unix:///system (local access, via daemon) + xen://example.com/system (remote access, TLS/x509) + xen+tcp://example.com/system (remote access, SASl/Kerberos) + xen+ssh://root@example.com/system (remote access, SSH tunnelled) + +Location of configuration files +------------------------------- + +The libxl driver comes with sane default values. However, during its +initialization it reads a configuration file which offers system administrator +to override some of that default. The file is located under +``/etc/libvirt/libxl.conf`` + +Import and export of libvirt domain XML configs +----------------------------------------------- + +The libxl driver currently supports three native config formats. The first, +known as ``xen-xm``, is the original Xen virtual machine config format used by +the legacy xm/xend toolstack. The second, known as ``xen-sxpr``, is also one of +the original formats that was used by xend's legacy HTTP RPC service ( +:since:`removed in 5.6.0` ) + +The third format is ``xen-xl``, which is the virtual machine config format +supported by modern Xen. The ``xen-xl`` format is described in the xl.cfg(5) man +page. + +Converting from XM config files to domain XML +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh domxml-from-native`` provides a way to convert an existing set of +xl, xm, or sxpr config files to libvirt Domain XML, which can then be used by +libvirt. + +:: + + $ virsh -c xen:///system domxml-from-native xen-xm rhel5.cfg + <domain type='xen'> + <name>rhel5pv</name> + <uuid>8f07fe28-753f-2729-d76d-bdbd892f949a</uuid> + <memory>2560000</memory> + <currentMemory>307200</currentMemory> + <vcpu>4</vcpu> + <bootloader>/usr/bin/pygrub</bootloader> + <os> + <type arch='x86_64' machine='xenpv'>linux</type> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>restart</on_crash> + <devices> + <disk type='file' device='disk'> + <driver name='tap' type='aio'/> + <source file='/var/lib/xen/images/rhel5pv.img'/> + <target dev='xvda' bus='xen'/> + </disk> + <disk type='file' device='disk'> + <driver name='tap' type='qcow'/> + <source file='/root/qcow1-xen.img'/> + <target dev='xvdd' bus='xen'/> + </disk> + <interface type='bridge'> + <mac address='00:16:3e:60:36:ba'/> + <source bridge='xenbr0'/> + </interface> + <console type='pty'> + <target port='0'/> + </console> + <input type='mouse' bus='xen'/> + <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/> + </devices> + </domain> + +Converting from domain XML to XM config files +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``virsh domxml-to-native`` provides a way to convert a guest description +using libvirt Domain XML into xl, xm, or sxpr config format. + +:: + + $ virsh -c xen:///system domxml-to-native xen-xm rhel5pv.xml + name = "rhel5pv" + uuid = "8f07fe28-753f-2729-d76d-bdbd892f949a" + maxmem = 2500 + memory = 300 + vcpus = 4 + bootloader = "/usr/bin/pygrub" + kernel = "/var/lib/xen/boot_kernel.0YK-cS" + ramdisk = "/var/lib/xen/boot_ramdisk.vWgrxK" + extra = "ro root=/dev/VolGroup00/LogVol00 rhgb quiet" + on_poweroff = "destroy" + on_reboot = "restart" + on_crash = "restart" + sdl = 0 + vnc = 1 + vncunused = 1 + vnclisten = "0.0.0.0" + disk = [ "tap:aio:/var/lib/xen/images/rhel5pv.img,xvda,w", "tap:qcow:/root/qcow1-xen.img,xvdd,w" ] + vif = [ "mac=00:16:3e:60:36:ba,bridge=virbr0,script=vif-bridge,vifname=vif5.0" ] + +Pass-through of arbitrary command-line arguments to the qemu device model +------------------------------------------------------------------------- + +:since:`Since 6.7.0` , the Xen driver supports passing arbitrary command-line +arguments to the qemu device model used by Xen with the ``<xen:commandline>`` +element under ``domain``. In order to use command-line pass-through, an XML +namespace request must be issued that pulls in +``http://libvirt.org/schemas/domain/xen/1.0``. With the namespace in place, it +is then possible to add ``<xen:arg>``\ sub-elements to ``<xen:commandline>`` +describing each argument passed to the device model when starting the domain. + +The following example illustrates passing arguments to the QEMU device model +that define a floppy drive, which Xen does not support through its public APIs: + +:: + + <domain type="xen" xmlns:xen="http://libvirt.org/schemas/domain/xen/1.0"> + ... + <xen:commandline> + <xen:arg value='-drive'/> + <xen:arg value='file=/path/to/image,format=raw,if=none,id=drive-fdc0-0-0'/> + <xen:arg value='-global'/> + <xen:arg value='isa-fdc.driveA=drive-fdc0-0-0'/> + </xen:commandline> + </domain> + +Example domain XML config +------------------------- + +Below are some example XML configurations for Xen guest domains. For full +details of the available options, consult the `domain XML +format <formatdomain.html>`__ guide. + +Paravirtualized guest bootloader +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Using a bootloader allows a paravirtualized guest to be booted using a kernel +stored inside its virtual disk image + +:: + + <domain type='xen' > + <name>fc8</name> + <bootloader>/usr/bin/pygrub</bootloader> + <os> + <type>linux</type> + </os> + <memory>131072</memory> + <vcpu>1</vcpu> + <devices> + <disk type='file'> + <source file='/var/lib/xen/images/fc4.img'/> + <target dev='sda1'/> + </disk> + <interface type='bridge'> + <source bridge='xenbr0'/> + <mac address='aa:00:00:00:00:11'/> + <script path='/etc/xen/scripts/vif-bridge'/> + </interface> + <console tty='/dev/pts/5'/> + </devices> + </domain> + +Paravirtualized guest direct kernel boot +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +For installation of paravirtualized guests it is typical to boot the domain +using a kernel and initrd stored in the host OS + +:: + + <domain type='xen' > + <name>fc8</name> + <os> + <type>linux</type> + <kernel>/var/lib/xen/install/vmlinuz-fedora8-x86_64</kernel> + <initrd>/var/lib/xen/install/initrd-vmlinuz-fedora8-x86_64</initrd> + <cmdline> kickstart=http://example.com/myguest.ks </cmdline> + </os> + <memory>131072</memory> + <vcpu>1</vcpu> + <devices> + <disk type='file'> + <source file='/var/lib/xen/images/fc4.img'/> + <target dev='sda1'/> + </disk> + <interface type='bridge'> + <source bridge='xenbr0'/> + <mac address='aa:00:00:00:00:11'/> + <script path='/etc/xen/scripts/vif-bridge'/> + </interface> + <graphics type='vnc' port='-1'/> + <console tty='/dev/pts/5'/> + </devices> + </domain> + +Fullyvirtualized guest BIOS boot +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Fullyvirtualized guests use the emulated BIOS to boot off the primary harddisk, +CDROM or Network PXE ROM. + +:: + + <domain type='xen' id='3'> + <name>fv0</name> + <uuid>4dea22b31d52d8f32516782e98ab3fa0</uuid> + <os> + <type>hvm</type> + <loader>/usr/lib/xen/boot/hvmloader</loader> + <boot dev='hd'/> + </os> + <memory>524288</memory> + <vcpu>1</vcpu> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>restart</on_crash> + <features> + <pae/> + <acpi/> + <apic/> + </features> + <clock sync="localtime"/> + <devices> + <emulator>/usr/lib/xen/bin/qemu-dm</emulator> + <interface type='bridge'> + <source bridge='xenbr0'/> + <mac address='00:16:3e:5d:c7:9e'/> + <script path='vif-bridge'/> + </interface> + <disk type='file'> + <source file='/var/lib/xen/images/fv0'/> + <target dev='hda'/> + </disk> + <disk type='file' device='cdrom'> + <source file='/var/lib/xen/images/fc5-x86_64-boot.iso'/> + <target dev='hdc'/> + <readonly/> + </disk> + <disk type='file' device='floppy'> + <source file='/root/fd.img'/> + <target dev='fda'/> + </disk> + <graphics type='vnc' port='5904'/> + </devices> + </domain> + +Fullyvirtualized guest direct kernel boot +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +With Xen 3.2.0 or later it is possible to bypass the BIOS and directly boot a +Linux kernel and initrd as a fullyvirtualized domain. This allows for complete +automation of OS installation, for example using the Anaconda kickstart support. + +:: + + <domain type='xen' id='3'> + <name>fv0</name> + <uuid>4dea22b31d52d8f32516782e98ab3fa0</uuid> + <os> + <type>hvm</type> + <loader>/usr/lib/xen/boot/hvmloader</loader> + <kernel>/var/lib/xen/install/vmlinuz-fedora8-x86_64</kernel> + <initrd>/var/lib/xen/install/initrd-vmlinuz-fedora8-x86_64</initrd> + <cmdline> kickstart=http://example.com/myguest.ks </cmdline> + </os> + <memory>524288</memory> + <vcpu>1</vcpu> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>restart</on_crash> + <features> + <pae/> + <acpi/> + <apic/> + </features> + <clock sync="localtime"/> + <devices> + <emulator>/usr/lib/xen/bin/qemu-dm</emulator> + <interface type='bridge'> + <source bridge='xenbr0'/> + <mac address='00:16:3e:5d:c7:9e'/> + <script path='vif-bridge'/> + </interface> + <disk type='file'> + <source file='/var/lib/xen/images/fv0'/> + <target dev='hda'/> + </disk> + <disk type='file' device='cdrom'> + <source file='/var/lib/xen/images/fc5-x86_64-boot.iso'/> + <target dev='hdc'/> + <readonly/> + </disk> + <disk type='file' device='floppy'> + <source file='/root/fd.img'/> + <target dev='fda'/> + </disk> + <graphics type='vnc' port='5904'/> + </devices> + </domain> diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 4fb2e1a9f4..95ace2677e 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -8352,5 +8352,5 @@ Example configs Example configurations for each driver are provide on the driver specific pages listed below -- `Xen examples <drvxen.html#xmlconfig>`__ +- `Xen examples <drvxen.html#example-domain-xml-config>`__ - `QEMU/KVM examples <drvqemu.html#example-domain-xml-config>`__ diff --git a/docs/meson.build b/docs/meson.build index 940fbedcfa..6147f85d16 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -22,7 +22,6 @@ docs_html_in_files = [ 'csharp', 'dbus', 'docs', - 'drvxen', 'firewall', 'format', 'formatcaps', @@ -81,6 +80,7 @@ docs_rst_files = [ 'drvvbox', 'drvvirtuozzo', 'drvvmware', + 'drvxen', 'errors', 'formatbackup', 'formatcheckpoint', -- 2.35.1