Re: [libvirt] [RFC PATCH] libxl: add tunnelled migration support
On 10/26/2016 07:24 PM, Joao Martins wrote:
> On 10/26/2016 07:33 AM, Bob Liu wrote:
>> Tunnelled migration doesn't require any extra network connections beside the
>> libvirt daemon.
>> It's capable of strong encryption and is the default option in
>> openstack-nova.
>>
>> This patch add the tunnelled migration(Tunnel3params) support to libxl.
>> The data flow in the src side is:
>> * libxlDoMigrateSend() -> pipe
>> * libxlTunnel3MigrationFunc() poll pipe out and then write to dest stream.
>>
>> While in the dest side:
>> Stream -> pipe -> 'recvfd of libxlDomainStartRestore'
>>
>> The usage is the same as p2p migration, execpt adding one more '--tunnelled'
>> to
> ^^ except
>> the libvirt p2p migration command.
>>
>> Signed-off-by: Bob Liu
> Nice :) Now openstack no longer needs to have tunnelled flag removed on nova
> to
> get migration working.
>
> See some comments below, its a first review as I would still like to test it.
>
Will take all of your suggestions.
But let's wait for more reviews before I post a updated version.
Thanks,
Bob
>> ---
>> src/libxl/libxl_driver.c| 58 ++-
>> src/libxl/libxl_migration.c | 241
>> +---
>> src/libxl/libxl_migration.h | 9 ++
>> 3 files changed, 292 insertions(+), 16 deletions(-)
>>
>> diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
>> index b66cb1f..a01bbff 100644
>> --- a/src/libxl/libxl_driver.c
>> +++ b/src/libxl/libxl_driver.c
>> @@ -5918,6 +5918,61 @@ libxlDomainMigrateBegin3Params(virDomainPtr domain,
>> }
>>
>> static int
>> +libxlDomainMigratePrepareTunnel3Params(virConnectPtr dconn,
>> + virStreamPtr st,
>> + virTypedParameterPtr params,
>> + int nparams,
>> + const char *cookiein,
>> + int cookieinlen,
>> + char **cookieout ATTRIBUTE_UNUSED,
>> + int *cookieoutlen ATTRIBUTE_UNUSED,
>> + unsigned int flags)
>> +{
>> +libxlDriverPrivatePtr driver = dconn->privateData;
>> +virDomainDefPtr def = NULL;
>> +const char *dom_xml = NULL;
>> +const char *dname = NULL;
>> +const char *uri_in = NULL;
>> +
>> +#ifdef LIBXL_HAVE_NO_SUSPEND_RESUME
>> +virReportUnsupportedError();
>> +return -1;
>> +#endif
>> +
>> +virCheckFlags(LIBXL_MIGRATION_FLAGS, -1);
>> +if (virTypedParamsValidate(params, nparams, LIBXL_MIGRATION_PARAMETERS)
>> < 0)
>> +goto error;
>> +
>> +if (virTypedParamsGetString(params, nparams,
>> +VIR_MIGRATE_PARAM_DEST_XML,
>> +&dom_xml) < 0 ||
>> +virTypedParamsGetString(params, nparams,
>> +VIR_MIGRATE_PARAM_DEST_NAME,
>> +&dname) < 0 ||
>> +virTypedParamsGetString(params, nparams,
>> +VIR_MIGRATE_PARAM_URI,
>> +&uri_in) < 0)
>> +
>> +goto error;
>> +
>> +if (!(def = libxlDomainMigrationPrepareDef(driver, dom_xml, dname)))
>> +goto error;
>> +
>> +if (virDomainMigratePrepareTunnel3ParamsEnsureACL(dconn, def) < 0)
>> +goto error;
>> +
>> +if (libxlDomainMigrationPrepareTunnel3(dconn, st, &def, cookiein,
>> + cookieinlen, flags) < 0)
>> +goto error;
>> +
>> +return 0;
>> +
>> + error:
>> +virDomainDefFree(def);
>> +return -1;
>> +}
>> +
>> +static int
>> libxlDomainMigratePrepare3Params(virConnectPtr dconn,
>> virTypedParameterPtr params,
>> int nparams,
>> @@ -6017,7 +6072,7 @@ libxlDomainMigratePerform3Params(virDomainPtr dom,
>> if (virDomainMigratePerform3ParamsEnsureACL(dom->conn, vm->def) < 0)
>> goto cleanup;
>>
>> -if (flags & VIR_MIGRATE_PEER2PEER) {
>> +if ((flags & (VIR_MIGRATE_TUNNELLED | VIR_MIGRATE_PEER2PEER))) {
>> if (libxlDomainMigrationPerformP2P(driver, vm, dom->conn, dom_xml,
>> dconnuri, uri, dname, flags) < 0)
>> goto cleanup;
>> @@ -6501,6 +6556,7 @@ static virHypervisorDriver libxlHypervisorDriver = {
>> .nodeDeviceReset = libxlNodeDeviceReset, /* 1.2.3 */
>> .domainMigrateBegin3Params = libxlDomainMigrateBegin3Params, /* 1.2.6 */
>> .domainMigratePrepare3Params = libxlDomainMigratePrepare3Params, /*
>> 1.2.6 */
>> +.domainMigratePrepareTunnel3Params =
>> libxlDomainMigratePrepareTunnel3Params, /* 2.3.1 */
> The version here is incorrect. It should be the next one to be tagged (after
> the
> ongoing freeze). Which means 2.5.0. Note that the versioning used has changed
> a
>
Re: [libvirt] [RFC PATCH] libxl: add tunnelled migration support
On 10/26/2016 07:33 AM, Bob Liu wrote:
> Tunnelled migration doesn't require any extra network connections beside the
> libvirt daemon.
> It's capable of strong encryption and is the default option in openstack-nova.
>
> This patch add the tunnelled migration(Tunnel3params) support to libxl.
> The data flow in the src side is:
> * libxlDoMigrateSend() -> pipe
> * libxlTunnel3MigrationFunc() poll pipe out and then write to dest stream.
>
> While in the dest side:
> Stream -> pipe -> 'recvfd of libxlDomainStartRestore'
>
> The usage is the same as p2p migration, execpt adding one more '--tunnelled'
> to
^^ except
> the libvirt p2p migration command.
>
> Signed-off-by: Bob Liu
Nice :) Now openstack no longer needs to have tunnelled flag removed on nova to
get migration working.
See some comments below, its a first review as I would still like to test it.
> ---
> src/libxl/libxl_driver.c| 58 ++-
> src/libxl/libxl_migration.c | 241
> +---
> src/libxl/libxl_migration.h | 9 ++
> 3 files changed, 292 insertions(+), 16 deletions(-)
>
> diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
> index b66cb1f..a01bbff 100644
> --- a/src/libxl/libxl_driver.c
> +++ b/src/libxl/libxl_driver.c
> @@ -5918,6 +5918,61 @@ libxlDomainMigrateBegin3Params(virDomainPtr domain,
> }
>
> static int
> +libxlDomainMigratePrepareTunnel3Params(virConnectPtr dconn,
> + virStreamPtr st,
> + virTypedParameterPtr params,
> + int nparams,
> + const char *cookiein,
> + int cookieinlen,
> + char **cookieout ATTRIBUTE_UNUSED,
> + int *cookieoutlen ATTRIBUTE_UNUSED,
> + unsigned int flags)
> +{
> +libxlDriverPrivatePtr driver = dconn->privateData;
> +virDomainDefPtr def = NULL;
> +const char *dom_xml = NULL;
> +const char *dname = NULL;
> +const char *uri_in = NULL;
> +
> +#ifdef LIBXL_HAVE_NO_SUSPEND_RESUME
> +virReportUnsupportedError();
> +return -1;
> +#endif
> +
> +virCheckFlags(LIBXL_MIGRATION_FLAGS, -1);
> +if (virTypedParamsValidate(params, nparams, LIBXL_MIGRATION_PARAMETERS)
> < 0)
> +goto error;
> +
> +if (virTypedParamsGetString(params, nparams,
> +VIR_MIGRATE_PARAM_DEST_XML,
> +&dom_xml) < 0 ||
> +virTypedParamsGetString(params, nparams,
> +VIR_MIGRATE_PARAM_DEST_NAME,
> +&dname) < 0 ||
> +virTypedParamsGetString(params, nparams,
> +VIR_MIGRATE_PARAM_URI,
> +&uri_in) < 0)
> +
> +goto error;
> +
> +if (!(def = libxlDomainMigrationPrepareDef(driver, dom_xml, dname)))
> +goto error;
> +
> +if (virDomainMigratePrepareTunnel3ParamsEnsureACL(dconn, def) < 0)
> +goto error;
> +
> +if (libxlDomainMigrationPrepareTunnel3(dconn, st, &def, cookiein,
> + cookieinlen, flags) < 0)
> +goto error;
> +
> +return 0;
> +
> + error:
> +virDomainDefFree(def);
> +return -1;
> +}
> +
> +static int
> libxlDomainMigratePrepare3Params(virConnectPtr dconn,
> virTypedParameterPtr params,
> int nparams,
> @@ -6017,7 +6072,7 @@ libxlDomainMigratePerform3Params(virDomainPtr dom,
> if (virDomainMigratePerform3ParamsEnsureACL(dom->conn, vm->def) < 0)
> goto cleanup;
>
> -if (flags & VIR_MIGRATE_PEER2PEER) {
> +if ((flags & (VIR_MIGRATE_TUNNELLED | VIR_MIGRATE_PEER2PEER))) {
> if (libxlDomainMigrationPerformP2P(driver, vm, dom->conn, dom_xml,
> dconnuri, uri, dname, flags) < 0)
> goto cleanup;
> @@ -6501,6 +6556,7 @@ static virHypervisorDriver libxlHypervisorDriver = {
> .nodeDeviceReset = libxlNodeDeviceReset, /* 1.2.3 */
> .domainMigrateBegin3Params = libxlDomainMigrateBegin3Params, /* 1.2.6 */
> .domainMigratePrepare3Params = libxlDomainMigratePrepare3Params, /*
> 1.2.6 */
> +.domainMigratePrepareTunnel3Params =
> libxlDomainMigratePrepareTunnel3Params, /* 2.3.1 */
The version here is incorrect. It should be the next one to be tagged (after the
ongoing freeze). Which means 2.5.0. Note that the versioning used has changed a
bit: major number is incremented per year, minor per month and bugfix number for
-maint releases.
> .domainMigratePerform3Params = libxlDomainMigratePerform3Params, /*
> 1.2.6 */
> .domainMigrateFinish3Params = libxlDomainMigrateFinish3Params, /* 1.2.6
> */
> .domainMigrateCon
[libvirt] [RFC PATCH] libxl: add tunnelled migration support
Tunnelled migration doesn't require any extra network connections beside the
libvirt daemon.
It's capable of strong encryption and is the default option in openstack-nova.
This patch add the tunnelled migration(Tunnel3params) support to libxl.
The data flow in the src side is:
* libxlDoMigrateSend() -> pipe
* libxlTunnel3MigrationFunc() poll pipe out and then write to dest stream.
While in the dest side:
Stream -> pipe -> 'recvfd of libxlDomainStartRestore'
The usage is the same as p2p migration, execpt adding one more '--tunnelled' to
the libvirt p2p migration command.
Signed-off-by: Bob Liu
---
src/libxl/libxl_driver.c| 58 ++-
src/libxl/libxl_migration.c | 241 +---
src/libxl/libxl_migration.h | 9 ++
3 files changed, 292 insertions(+), 16 deletions(-)
diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index b66cb1f..a01bbff 100644
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -5918,6 +5918,61 @@ libxlDomainMigrateBegin3Params(virDomainPtr domain,
}
static int
+libxlDomainMigratePrepareTunnel3Params(virConnectPtr dconn,
+ virStreamPtr st,
+ virTypedParameterPtr params,
+ int nparams,
+ const char *cookiein,
+ int cookieinlen,
+ char **cookieout ATTRIBUTE_UNUSED,
+ int *cookieoutlen ATTRIBUTE_UNUSED,
+ unsigned int flags)
+{
+libxlDriverPrivatePtr driver = dconn->privateData;
+virDomainDefPtr def = NULL;
+const char *dom_xml = NULL;
+const char *dname = NULL;
+const char *uri_in = NULL;
+
+#ifdef LIBXL_HAVE_NO_SUSPEND_RESUME
+virReportUnsupportedError();
+return -1;
+#endif
+
+virCheckFlags(LIBXL_MIGRATION_FLAGS, -1);
+if (virTypedParamsValidate(params, nparams, LIBXL_MIGRATION_PARAMETERS) <
0)
+goto error;
+
+if (virTypedParamsGetString(params, nparams,
+VIR_MIGRATE_PARAM_DEST_XML,
+&dom_xml) < 0 ||
+virTypedParamsGetString(params, nparams,
+VIR_MIGRATE_PARAM_DEST_NAME,
+&dname) < 0 ||
+virTypedParamsGetString(params, nparams,
+VIR_MIGRATE_PARAM_URI,
+&uri_in) < 0)
+
+goto error;
+
+if (!(def = libxlDomainMigrationPrepareDef(driver, dom_xml, dname)))
+goto error;
+
+if (virDomainMigratePrepareTunnel3ParamsEnsureACL(dconn, def) < 0)
+goto error;
+
+if (libxlDomainMigrationPrepareTunnel3(dconn, st, &def, cookiein,
+ cookieinlen, flags) < 0)
+goto error;
+
+return 0;
+
+ error:
+virDomainDefFree(def);
+return -1;
+}
+
+static int
libxlDomainMigratePrepare3Params(virConnectPtr dconn,
virTypedParameterPtr params,
int nparams,
@@ -6017,7 +6072,7 @@ libxlDomainMigratePerform3Params(virDomainPtr dom,
if (virDomainMigratePerform3ParamsEnsureACL(dom->conn, vm->def) < 0)
goto cleanup;
-if (flags & VIR_MIGRATE_PEER2PEER) {
+if ((flags & (VIR_MIGRATE_TUNNELLED | VIR_MIGRATE_PEER2PEER))) {
if (libxlDomainMigrationPerformP2P(driver, vm, dom->conn, dom_xml,
dconnuri, uri, dname, flags) < 0)
goto cleanup;
@@ -6501,6 +6556,7 @@ static virHypervisorDriver libxlHypervisorDriver = {
.nodeDeviceReset = libxlNodeDeviceReset, /* 1.2.3 */
.domainMigrateBegin3Params = libxlDomainMigrateBegin3Params, /* 1.2.6 */
.domainMigratePrepare3Params = libxlDomainMigratePrepare3Params, /* 1.2.6
*/
+.domainMigratePrepareTunnel3Params =
libxlDomainMigratePrepareTunnel3Params, /* 2.3.1 */
.domainMigratePerform3Params = libxlDomainMigratePerform3Params, /* 1.2.6
*/
.domainMigrateFinish3Params = libxlDomainMigrateFinish3Params, /* 1.2.6 */
.domainMigrateConfirm3Params = libxlDomainMigrateConfirm3Params, /* 1.2.6
*/
diff --git a/src/libxl/libxl_migration.c b/src/libxl/libxl_migration.c
index 534abb8..88c9bb8 100644
--- a/src/libxl/libxl_migration.c
+++ b/src/libxl/libxl_migration.c
@@ -44,6 +44,7 @@
#include "libxl_migration.h"
#include "locking/domain_lock.h"
#include "virtypedparam.h"
+#include "fdstream.h"
#define VIR_FROM_THIS VIR_FROM_LIBXL
@@ -484,6 +485,90 @@ libxlDomainMigrationPrepareDef(libxlDriverPrivatePtr
driver,
}
int
+libxlDomainMigrationPrepareTunnel3(virConnectPtr dconn,
+ virStreamPtr st,
+ virDomainDefPtr *def,
+ const char *cookiein,
+ int c
