I am sponsoring this case for Max Zhen. The requested release binding is minor, timer is set to 03/04/2009.
All documents are in case directory for your reference. -Cecilia This information is Copyright 2009 Sun Microsystems 1. Introduction 1.1. Project/Component Working Name: VLAN ID for virtual interface 1.2. Name of Document Author/Supplier: Author: Max Zhen 1.3 Date of This Document: 25 February, 2009 4. Technical Description 4.1. Summary In this fast-track, we plan to support setting VLAN ID for virtual network interfaces attached to a guest domain running on Xen hypervisor. Minor release binding is requested. 4.2. Discussion Associating a VLAN ID to an interface serving as a back end device for a guest domain has been highly desired in that it can separate the guest domains network traffic from each other, and from the dom0's traffic. Thus, each traffic can be managed more precisely and easily and can get more protection. After Crossbow(PSARC/2006/357)'s integration into Nevada, it's possible to support specifying VLAN ID while setting up a VNIC as back end NIC device attached to a guest domain from within Solaris dom0 by issuing appropriate dladm(1M) command. In this fast-track, we plan to enhance existing management tools to leverage dladm(1M) and its '-v' option to set VLAN ID for virtual network interfaces for guest domains running on top of Xen hypervisor. With the integration of porting Solaris to run on Xen (PSARC/2006/260), three external management tools are also ported and integrated into Solaris: virsh(1M)(PSARC 2007/157), xm(1M)(PSARC/2006/260) and virt-install(1M)(LSARC/2007/175). Virsh(1M) and xm(1M) commands are user interfaces of domain management and virt-install(1M) are used to install guest domains. These three tools currently have user interfaces for specifying configurations for virtual interfaces for a guest domain. So, they are going to be enhanced to support specifying bandwidth limit while defining a configuration of a virtual network interface. I will discuss about each of them in following sections. Note: please refer to the design doc[1] in case directory for detailed information. 4.2.1 Management tool architecture The architecture of management tools for virtual network interface can be illustrated as below: virsh ---------+ v virt-install ----> virtd | V xend --> vif-vnic/vif-dedicated ^ xm ---------+ So, from above graph, we can see that virtual interface configuration will be passed to xend(1M) directly by xm. While, configuration will be passed to virtd (see PSARC 2008/165), who will pass it to xend. But, no matter where does the configuration come from, xend will collect all configuration and pass them to either /usr/lib/xen/scripts/vif-vnic or /usr/lib/xen/scripts/vif-dedicated, which are shell scripts to set up back end NIC device based on the configuraion for the corresponding virtual interface of the guest domain. 4.2.2 Xm(1M) There are two ways for end user to provide VLAN ID information to xm: + via 'xm network-attach' command line + via '.py' configuration file In order to support specifying VLAN ID in 'xm network-attach' command line, we need to extend the current command line syntax to add 'vlanid' option: vlanid=<vid> When attaching a virtual NIC device using 'xm network-attach' to a guest domain, user can specify VLAN ID like below: # xm network-attach domu vlanid=1 We also create a property named 'vlanid' to represent VLAN ID of a virtual network interface in a '.py' configuration file and modify xend to be able to parse it. For example: [...cut...] vif = [ 'bridge=bge0,vlanid=1' ] [...cut...] Once 'vlanid' property is parsed in xend correctly, xend will pass VLAN ID to vif-vnic script, where VNIC will be set up using appropriate dladm command with this VLAN ID from xend. So, we also need to enhance vif-vnic script to be able to parse out VLAN ID from configuration from xend and issue appropriate dladm command to set VLAN ID with '-v' option while setting up corresponding VNIC serving as the back end device for the virtual network interface. Note: please refer to the xm.man.diff.vid.txt[2] in case directory for the difference. 4.2.3 Virsh(1M) There are two ways for end user to provide VLAN ID information to virsh: + via 'virsh attach-interface' command line + via guest domain configuration file in XML format But, neither of them support specifying VLAN ID information. So, we need to enhance both of them. We need to add one more option - "--vlanid" to 'virsh attach-interface' command line syntax to allow end user to provide VLAN ID while adding(attaching) a new virtual interface to a guest domain: --vlanid <vid> 'Virsh create' and 'virsh define' are two commands that interact with XML format guest domain configuration file as a whole. So, we also need to extend current configuration file format to allow end user to provide VLAN ID. In order to insert VLAN ID information into XML file, we create a new element, "vlan", inside "interface" element. Users provide VLAN ID by setting "id" attribute of "vlan" element with a valid VLAN ID. For example: [...cut...] <interface type='bridge'> <source bridge='e1000g1'/> <vlan id='1'/> </interface> [...cut...] Note: please refer to the virsh.man.diff.vid.txt[3] in case directory for the difference. 4.2.4 virt-install(1M) Virt-install currently does not support specifying VLAN ID. We need to extend its command line syntax to allow it to be specified by end users. We will add one more property, "vlanid=<vid>", to "-w/--network" option for user to specify VLAN ID for the corresponding interface. We will only support specifying VLAN ID as an property, not as an option. Please refer to PSARC/2009/137 for more info about -w/--network option changes. Note: please refer to the virt-install.man.diff.vid.txt[4] in case directory for the difference. 4.3. Interfaces Exported interfaces: -------------------------------------------------------------------+ | Interface | Stability | Comments | +-------------------------------+---------------+------------------+ | --vlanid option for virsh(1M) | Uncommitted | | | | | | | 'vlanid' property of -w/--network| | | | option of virt-install(1M) | Volatile | | | | | | | "vlan" element in XML | | | | configuration file | Uncommitted | | | | | | | 'vlanid' option for xm(1M) | Volatile | | | | | | | 'vlanid' property in '.py' | | | | configuration file | Volatile | | | | | | | VLAN ID representation | | | | from xend(1M) (in xenstore) |Project Private| | +-------------------------------+---------------+------------------+ Imported interfaces: -------------------------------------------------------------------+ | Interface | Stability | Comments | +-------------------------------+---------------+------------------+ | dladm(1M) | Committed | | +-------------------------------+---------------+------------------+ 5. References PSARC 2006/260 Solaris on Xen PSARC 2006/357 Crossbow - Network Virtualization and Resource Management PSARC 2007/157 libvirt - a LGPL library to control guest domains PSARC 2008/165 xVM Hypervisor Remote Access (virtd) LSARC 2007/175 Virtual Machine Manager PSARC 2009/137 Bandwidth limit for virtual interface 6. Resources and Schedule 6.4. Steering Committee requested information 6.4.1. Consolidation C-team Name: ON 6.5. ARC review type: FastTrack 6.6. ARC Exposure: open FOOTNOTE: ========= [1] design doc: http://sac.eng/Archives/CaseLog/arc/PSARC/2009/138/spec/design.vid.txt [2] xm.man.diff.bw.txt: http://sac.eng/Archives/CaseLog/arc/PSARC/2009/138/spec/xm.man.diff.vid.txt [3] virsh.man.diff.bw.txt: http://sac.eng/Archives/CaseLog/arc/PSARC/2009/138/spec/virsh.man.diff.vid.txt [4] virt-install.man.diff.bw.txt http://sac.eng/Archives/CaseLog/arc/PSARC/2009/138/spec/virt-install.man.diff.vid.txt