… Hello. I would like to start a discussion about network SLA mechs in libvirt. Right now, as I understand, libvirt is managing traffic controls, e.g. bandwitdh limitation, calling external routines (ip/tc). This approach has its own drawbacks, including the need to parse text output of external commands and also some complexity with the current state identification — the queueing discipline can be changed on the interface in runtime outside of libvirt.

But I would like to propose another approach — not dropping the previous one, just as an option, maybe. Not so long time ago I started a project [1] that works with netlink directly and can provide standalone daemon, that manages interface properties, including queueing disciplines. Working with netlink events, it is in permanent sync with the current interface statuses w/o any polling. So maybe it would make sense to use this daemon — e.g. with JSON or XML-RPC over SSL/TLS, or with any other RPC that's preferred by libvirt. That approach can provide: * more high-level API, that will keep libvirt off the need to compute rule and filter handlers, hierarchy and so on — we would be able to implement more complex traffic control schemes in more easy way * generally speaking, an RPC API is more easy to use, than the execution of external binary file and parsing text output, and `tc` is not the easiest command to automate.

If it sounds reasonably enough, we can discuss the overall scheme, communication and API details that would be more comfortable to libvirt and so on.

On 05/17/2013 07:06 PM, Daniel P. Berrange wrote: <skip /> > The idea of handing off this to an external python daemon isn't > really very appealing to me, because I don't really like libvirt > core functionality depending on anything python related. > > Really libvirt should just talk network directly rather than > invoking the 'tc' command, or there could be a low level C > library that could be used instead of 'tc'. I don't think we > need to hand this off to a daemon at all. Does it matter, in what the language is written the external program, when it follows some standard API? Having once C implementation, that meets the requirements («no python»), one can always replace python implementation. Since there can be more appliances for such traffic controlling application, than only libvirt, standard API will make it possible to reuse it in other solutions — be it python implementation, C or even erlang. Python was choosen 'cause of one simple reason: it allows to implement netlink message encoder/decoder a way much easier than C, and since the netlink control message communication doesn't require high throughput, python's performance more than enough. Simple structure handling in python allows in this case really fast time-to-market features delivery, sometimes it makes sense. Beside of that, some high-level virtualization solutions uses python anyway, so mostly this application will not even create unique package dependencies, using only python stdlib and no tricks like ctypes and so on. But as I said, the language in this case really doesn't mean so much, having standard RPC API. C — ok, maybe someone will implement it in C also. The key issue is to have the API standard.