[libvirt] [PATCH v1] qemu-migration: Disallow migration of read only disk
From: "Corey S. McQuay" <csmcquay@linux.vnet.ibm.com> Currently Libvirt allows attempts to migrate read only disks. Qemu cannot handle this as read only disks cannot be written to on the destination system. The end result is a cryptic error message and a failed migration. This patch causes migration to fail earlier and provides a meaningful error message stating that migrating read only disks is not supported. Signed-off-by: Corey S. McQuay <csmcquay@linux.vnet.ibm.com> Reviewed-by: Jason J. Herne <jjherne@linux.vnet.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com> --- src/qemu/qemu_migration.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index d018add..7d0a78f 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -2387,6 +2387,28 @@ qemuMigrationIsSafe(virDomainDefPtr def, return true; } +static bool +qemuMigrationAreAllDisksRW(virDomainDefPtr def, + size_t nmigrate_disks, + const char **migrate_disks) +{ + size_t i; + + for (i = 0; i < def->ndisks; i++) { + virDomainDiskDefPtr disk = def->disks[i]; + + if (qemuMigrateDisk(disk, nmigrate_disks, migrate_disks) && + disk->src->readonly) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _("Cannot migrate read-only disk %s"), + disk->dst); + return false; + } + } + + return true; +} + /** qemuMigrationSetOffline * Pause domain for non-live migration. */ @@ -3132,6 +3154,9 @@ qemuMigrationBeginPhase(virQEMUDriverPtr driver, !qemuMigrationIsSafe(vm->def, nmigrate_disks, migrate_disks)) goto cleanup; + if (!qemuMigrationAreAllDisksRW(vm->def, nmigrate_disks, migrate_disks)) + goto cleanup; + if (flags & VIR_MIGRATE_POSTCOPY && (!(flags & VIR_MIGRATE_LIVE) || flags & VIR_MIGRATE_PAUSED)) { -- 1.8.3.1
-----Original Message----- From: libvir-list-bounces@redhat.com [mailto:libvir-list- bounces@redhat.com] On Behalf Of Corey S. McQuay Sent: Friday, August 5, 2016 8:34 PM To: jjherne@linux.vnet.ibm.com; libvir-list@redhat.com Cc: Corey S. McQuay <csmcquay@linux.vnet.ibm.com> Subject: [libvirt] [PATCH v1] qemu-migration: Disallow migration of read only disk
From: "Corey S. McQuay" <csmcquay@linux.vnet.ibm.com>
Currently Libvirt allows attempts to migrate read only disks. Qemu cannot handle this as read only disks cannot be written to on the destination system. The end result is a cryptic error message and a failed migration.
This patch causes migration to fail earlier and provides a meaningful error message stating that migrating read only disks is not supported.
What will happen if read-only disk is copied to destination prior to migration start? Currently such scenario works, will it still work with this code?
Signed-off-by: Corey S. McQuay <csmcquay@linux.vnet.ibm.com> Reviewed-by: Jason J. Herne <jjherne@linux.vnet.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com> --- src/qemu/qemu_migration.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index d018add..7d0a78f 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -2387,6 +2387,28 @@ qemuMigrationIsSafe(virDomainDefPtr def, return true; }
+static bool +qemuMigrationAreAllDisksRW(virDomainDefPtr def, + size_t nmigrate_disks, + const char **migrate_disks) { + size_t i; + + for (i = 0; i < def->ndisks; i++) { + virDomainDiskDefPtr disk = def->disks[i]; + + if (qemuMigrateDisk(disk, nmigrate_disks, migrate_disks) && + disk->src->readonly) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _("Cannot migrate read-only disk %s"), + disk->dst); + return false; + } + } + + return true; +} + /** qemuMigrationSetOffline * Pause domain for non-live migration. */ @@ -3132,6 +3154,9 @@ qemuMigrationBeginPhase(virQEMUDriverPtr driver, !qemuMigrationIsSafe(vm->def, nmigrate_disks, migrate_disks)) goto cleanup;
+ if (!qemuMigrationAreAllDisksRW(vm->def, nmigrate_disks, migrate_disks)) + goto cleanup; + if (flags & VIR_MIGRATE_POSTCOPY && (!(flags & VIR_MIGRATE_LIVE) || flags & VIR_MIGRATE_PAUSED)) { -- 1.8.3.1
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On 08/10/2016 09:16 AM, Koniszewski, Pawel wrote:
-----Original Message----- From: libvir-list-bounces@redhat.com [mailto:libvir-list- bounces@redhat.com] On Behalf Of Corey S. McQuay Sent: Friday, August 5, 2016 8:34 PM To: jjherne@linux.vnet.ibm.com; libvir-list@redhat.com Cc: Corey S. McQuay <csmcquay@linux.vnet.ibm.com> Subject: [libvirt] [PATCH v1] qemu-migration: Disallow migration of read only disk
From: "Corey S. McQuay" <csmcquay@linux.vnet.ibm.com>
Currently Libvirt allows attempts to migrate read only disks. Qemu cannot handle this as read only disks cannot be written to on the destination system. The end result is a cryptic error message and a failed migration.
This patch causes migration to fail earlier and provides a meaningful error message stating that migrating read only disks is not supported. What will happen if read-only disk is copied to destination prior to migration start? Currently such scenario works, will it still work with this code? Based on our testing, pre-copying a read only disk image to the destination system has no effect on the outcome of attempting to migrate a non-shared read only disk. I'm not sure what scenario you are referring to but here is what we tried:
Relevant guest xml: <disk type='file' device='cdrom'> <driver name='qemu' type='raw' cache='writethrough'/> <source file='/disk-images/guest.iso'/> <backingStore/> <target dev='sdz' bus='scsi'/> <readonly/> <alias name='scsi0-0-0-0'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> The disk image exists at /disk-images/guest.iso on the source. Before migration we copied the image to the same path on the destination system. Then we attempted migration: virsh migrate --live --copy-storage-all --migrate-disks sdz --verbose kvm1 qemu+ssh://dstHost/system tcp://dstHost The error message we get is: error: internal error: info migration reply was missing return status Running journalctl shows additional information: Aug 10 16:02:16 collin-kvm libvirtd[41616]: operation failed: migration of disk sdz failed. I'm pretty sure this patch does not stop the user from doing anything that works today. But if your scenario is different from ours in some way please let us know and we'll do some more testing.
On 08/11/2016 08:57 AM, Corey S McQuay wrote:
On 08/10/2016 09:16 AM, Koniszewski, Pawel wrote:
-----Original Message----- From: libvir-list-bounces@redhat.com [mailto:libvir-list- bounces@redhat.com] On Behalf Of Corey S. McQuay Sent: Friday, August 5, 2016 8:34 PM To: jjherne@linux.vnet.ibm.com; libvir-list@redhat.com Cc: Corey S. McQuay <csmcquay@linux.vnet.ibm.com> Subject: [libvirt] [PATCH v1] qemu-migration: Disallow migration of read only disk
From: "Corey S. McQuay" <csmcquay@linux.vnet.ibm.com>
Currently Libvirt allows attempts to migrate read only disks. Qemu cannot handle this as read only disks cannot be written to on the destination system. The end result is a cryptic error message and a failed migration.
This patch causes migration to fail earlier and provides a meaningful error message stating that migrating read only disks is not supported. What will happen if read-only disk is copied to destination prior to migration start? Currently such scenario works, will it still work with this code? Based on our testing, pre-copying a read only disk image to the destination system has no effect on the outcome of attempting to migrate a non-shared read only disk. I'm not sure what scenario you are referring to but here is what we tried:
Relevant guest xml: <disk type='file' device='cdrom'> <driver name='qemu' type='raw' cache='writethrough'/> <source file='/disk-images/guest.iso'/> <backingStore/> <target dev='sdz' bus='scsi'/> <readonly/> <alias name='scsi0-0-0-0'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk>
The disk image exists at /disk-images/guest.iso on the source. Before migration we copied the image to the same path on the destination system. Then we attempted migration:
virsh migrate --live --copy-storage-all --migrate-disks sdz --verbose kvm1 qemu+ssh://dstHost/system tcp://dstHost
The error message we get is:
error: internal error: info migration reply was missing return status
Running journalctl shows additional information:
Aug 10 16:02:16 collin-kvm libvirtd[41616]: operation failed: migration of disk sdz failed.
I'm pretty sure this patch does not stop the user from doing anything that works today. But if your scenario is different from ours in some way please let us know and we'll do some more testing.
Pawel, Thanks for taking a look. Does Corey's reply address your concerns? -- -- Jason J. Herne (jjherne@linux.vnet.ibm.com)
On 08/17/2016 05:10 PM, Jason J. Herne wrote:
On 08/11/2016 08:57 AM, Corey S McQuay wrote:
On 08/10/2016 09:16 AM, Koniszewski, Pawel wrote:
-----Original Message----- From: libvir-list-bounces@redhat.com [mailto:libvir-list- bounces@redhat.com] On Behalf Of Corey S. McQuay Sent: Friday, August 5, 2016 8:34 PM To: jjherne@linux.vnet.ibm.com; libvir-list@redhat.com Cc: Corey S. McQuay <csmcquay@linux.vnet.ibm.com> Subject: [libvirt] [PATCH v1] qemu-migration: Disallow migration of read only disk
From: "Corey S. McQuay" <csmcquay@linux.vnet.ibm.com>
Currently Libvirt allows attempts to migrate read only disks. Qemu cannot handle this as read only disks cannot be written to on the destination system. The end result is a cryptic error message and a failed migration.
This patch causes migration to fail earlier and provides a meaningful error message stating that migrating read only disks is not supported. What will happen if read-only disk is copied to destination prior to migration start? Currently such scenario works, will it still work with this code? Based on our testing, pre-copying a read only disk image to the destination system has no effect on the outcome of attempting to migrate a non-shared read only disk. I'm not sure what scenario you are referring to but here is what we tried:
Relevant guest xml: <disk type='file' device='cdrom'> <driver name='qemu' type='raw' cache='writethrough'/> <source file='/disk-images/guest.iso'/> <backingStore/> <target dev='sdz' bus='scsi'/> <readonly/> <alias name='scsi0-0-0-0'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk>
The disk image exists at /disk-images/guest.iso on the source. Before migration we copied the image to the same path on the destination system. Then we attempted migration:
virsh migrate --live --copy-storage-all --migrate-disks sdz --verbose kvm1 qemu+ssh://dstHost/system tcp://dstHost
The error message we get is:
error: internal error: info migration reply was missing return status
Running journalctl shows additional information:
Aug 10 16:02:16 collin-kvm libvirtd[41616]: operation failed: migration of disk sdz failed.
I'm pretty sure this patch does not stop the user from doing anything that works today. But if your scenario is different from ours in some way please let us know and we'll do some more testing.
Pawel,
Thanks for taking a look. Does Corey's reply address your concerns?
Polite ping for Pawel, and anyone else who wants to review. Thanks :) Original patch here: https://www.redhat.com/archives/libvir-list/2016-August/msg00378.html -- -- Jason J. Herne (jjherne@linux.vnet.ibm.com)
Oh, sorry, had this on my todo list and somehow missed it. This looks ok, in my case read-only device is not part of migrate-disks parameter, so everything should be all right. Thanks for testing it! Kind Regards, Pawel Koniszewski
-----Original Message----- From: Jason J. Herne [mailto:jjherne@linux.vnet.ibm.com] Sent: Thursday, August 25, 2016 3:22 PM To: Corey S McQuay <csmcquay@linux.vnet.ibm.com>; Koniszewski, Pawel <pawel.koniszewski@intel.com>; libvir-list@redhat.com Subject: Re: [libvirt] [PATCH v1] qemu-migration: Disallow migration of read only disk
On 08/17/2016 05:10 PM, Jason J. Herne wrote:
On 08/11/2016 08:57 AM, Corey S McQuay wrote:
On 08/10/2016 09:16 AM, Koniszewski, Pawel wrote:
-----Original Message----- From: libvir-list-bounces@redhat.com [mailto:libvir-list- bounces@redhat.com] On Behalf Of Corey S. McQuay Sent: Friday, August 5, 2016 8:34 PM To: jjherne@linux.vnet.ibm.com; libvir-list@redhat.com Cc: Corey S. McQuay <csmcquay@linux.vnet.ibm.com> Subject: [libvirt] [PATCH v1] qemu-migration: Disallow migration of read only disk
From: "Corey S. McQuay" <csmcquay@linux.vnet.ibm.com>
Currently Libvirt allows attempts to migrate read only disks. Qemu cannot handle this as read only disks cannot be written to on the destination system. The end result is a cryptic error message and a failed migration.
This patch causes migration to fail earlier and provides a meaningful error message stating that migrating read only disks is not supported. What will happen if read-only disk is copied to destination prior to migration start? Currently such scenario works, will it still work with this code? Based on our testing, pre-copying a read only disk image to the destination system has no effect on the outcome of attempting to migrate a non-shared read only disk. I'm not sure what scenario you are referring to but here is what we tried:
Relevant guest xml: <disk type='file' device='cdrom'> <driver name='qemu' type='raw' cache='writethrough'/> <source file='/disk-images/guest.iso'/> <backingStore/> <target dev='sdz' bus='scsi'/> <readonly/> <alias name='scsi0-0-0-0'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk>
The disk image exists at /disk-images/guest.iso on the source. Before migration we copied the image to the same path on the destination system. Then we attempted migration:
virsh migrate --live --copy-storage-all --migrate-disks sdz --verbose kvm1 qemu+ssh://dstHost/system tcp://dstHost
The error message we get is:
error: internal error: info migration reply was missing return status
Running journalctl shows additional information:
Aug 10 16:02:16 collin-kvm libvirtd[41616]: operation failed: migration of disk sdz failed.
I'm pretty sure this patch does not stop the user from doing anything that works today. But if your scenario is different from ours in some way please let us know and we'll do some more testing.
Pawel,
Thanks for taking a look. Does Corey's reply address your concerns?
Polite ping for Pawel, and anyone else who wants to review. Thanks :)
Original patch here: https://www.redhat.com/archives/libvir-list/2016-August/msg00378.html
-- -- Jason J. Herne (jjherne@linux.vnet.ibm.com)
participants (4)
-
Corey S McQuay -
Corey S. McQuay
-
Jason J. Herne -
Koniszewski, Pawel