Re: [libvirt] [RFC, PATCH] network: add 'netboot' option to dhcp config

2009-09-14 Thread Paolo Bonzini

On 09/15/2009 01:01 AM, Jeremy Kerr wrote:

Hi Paolo,


Since there is only one TFTP server running in the network


IIRC, it's possible to have more than one: the Server-Name (id 66) of the DHCP
response specifies which. However, we probably only ever want to start one
server, so the  tag should work fine.


Yes, what I meant is that in general the TFTP server started by libvirt 
will run on the address provided by /network/i...@address.  So libvirt can 
only start one TFTP server even though in the future it might support 
multiple DHCP ranges.


In this case, some ranges may not support BOOTP and some may, and they 
can give different boot files, but all must share a single 
dnsmasq-provided TFTP server (using a server attribute would be fine; 
but that TFTP server will not be started by libvirt).


This can be seen from the fact that BOOTP is nothing more than a few 
options within a DHCP packet (i.e. ), but TFTP 
binds on a completely different port and could be a separate process 
(hence  is a sibling of ).  dnsmasq is special.



, it is not
possible to specify different roots for different dhcp ranges.  I think
the schema should be

  


  
  

  


If you want it to be specific to the range, shouldn't it be within the
tag? Currently the code will only parse one  tag.


No, I want it to be specific to the _network_, since it will bind to 
/network/i...@address.



One thing that I've tried to keep in mind is that the tftp service may be
provided by a separate machine in the network, so we may need some way in the
future to represent that - maybe no  tag


That's already implemented by my patch, and can be used with an external 
TFTP server, for example started via (x)inetd.



and use server="w.x.y.z" in
the bootp tag. Also, would be cool to have separate files for different hosts,
but that may be thinking too far ahead at this stage :)


Yes.  That's something you'd get for free if libvirt supported multiple 
DHCP ranges.


Paolo

--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list


Re: [libvirt] [RFC, PATCH] network: add 'netboot' option to dhcp config

2009-09-14 Thread Jeremy Kerr
Hi Paolo,

> Since there is only one TFTP server running in the network

IIRC, it's possible to have more than one: the Server-Name (id 66) of the DHCP 
response specifies which. However, we probably only ever want to start one 
server, so the  tag should work fine.

> , it is not
> possible to specify different roots for different dhcp ranges.  I think
> the schema should be
> 
>  
>
>
>  
>  
>
>  

If you want it to be specific to the range, shouldn't it be within the  
tag? Currently the code will only parse one  tag.

Otherwise, looks fine - I'm happy with either method.

One thing that I've tried to keep in mind is that the tftp service may be 
provided by a separate machine in the network, so we may need some way in the 
future to represent that - maybe no  tag, and use server="w.x.y.z" in 
the bootp tag. Also, would be cool to have separate files for different hosts, 
but that may be thinking too far ahead at this stage :)

Cheers,


Jeremy

--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list


Re: [libvirt] [RFC, PATCH] network: add 'netboot' option to dhcp config

2009-09-14 Thread Paolo Bonzini

On 09/11/2009 06:47 AM, Jeremy Kerr wrote:

Currently, libvirtd will start a dnsmasq process for the virtual
network, but (aside from killing the dnsmasq process and replacing it),
there's no way to define tftp boot options.

This change introduces a 'netboot' tag to the dhcp configuration:

  
default



  


  

  

When root= and file= attributes are present, these are passed to the
arguments to dnsmasq:

  dnsmasq [...] --enable-tftp --tftp-root /srv/tftp --dhcp-boot pxeboot.img

At present, only local tftp servers are supported (ie, dnsmasq runs as
the tftp server), but we could improve this in future by adding a
server= attribute.


Since there is only one TFTP server running in the network, it is not 
possible to specify different roots for different dhcp ranges.  I think 
the schema should be



  
  


  


where in the future the bootp argument could grow a server attribute as 
mentioned by Jeremy.


Paolo

--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list


Re: gPXE (was Re: [libvirt] [RFC,PATCH] network: add 'netboot' option to dhcp config)

2009-09-11 Thread Mark McLoughlin
On Fri, 2009-09-11 at 09:44 +0100, Tom Hughes wrote:
> > I very much like this idea - e.g. I'd really like to have this to give
> > people simple instructions for testing gPXE in next week's Fedora Test
> > Day.
> 
> On the subject of gPXE has anybody else found that it doesn't seem to be 
> working at all?
> 
> I'm using the virt-preview packages on F11 and ever since qemu switched 
> to use gPXE network booting has been completely broken. I get the gPXE 
> banner message appear and then nothing happens. Monitoring the network 
> shows no signs of any DHCP requests being sent at all.

It's probably this:

  https://bugzilla.redhat.com/512358

It's fixed in the F-12 kernel, but we need that fix backported to F-11.

Cheers,
Mark.

--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list


gPXE (was Re: [libvirt] [RFC,PATCH] network: add 'netboot' option to dhcp config)

2009-09-11 Thread Tom Hughes



I very much like this idea - e.g. I'd really like to have this to give
people simple instructions for testing gPXE in next week's Fedora Test
Day.


On the subject of gPXE has anybody else found that it doesn't seem to be 
working at all?


I'm using the virt-preview packages on F11 and ever since qemu switched 
to use gPXE network booting has been completely broken. I get the gPXE 
banner message appear and then nothing happens. Monitoring the network 
shows no signs of any DHCP requests being sent at all.


Tom

--
Tom Hughes (t...@compton.nu)
http://www.compton.nu/

--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list


Re: [libvirt] [RFC,PATCH] network: add 'netboot' option to dhcp config

2009-09-11 Thread Daniel Veillard
On Fri, Sep 11, 2009 at 09:22:09AM +0100, Mark McLoughlin wrote:
> On Fri, 2009-09-11 at 14:47 +1000, Jeremy Kerr wrote:
> > Currently, libvirtd will start a dnsmasq process for the virtual
> > network, but (aside from killing the dnsmasq process and replacing it),
> > there's no way to define tftp boot options.
> > 
> > This change introduces a 'netboot' tag to the dhcp configuration:
> > 
> >  
> >default
> >
> >
> >
> >  
> >
> >
> >  
> >
> >  
> > 
> > When root= and file= attributes are present, these are passed to the
> > arguments to dnsmasq:
> > 
> >  dnsmasq [...] --enable-tftp --tftp-root /srv/tftp --dhcp-boot pxeboot.img
> > 
> > At present, only local tftp servers are supported (ie, dnsmasq runs as
> > the tftp server), but we could improve this in future by adding a
> > server= attribute.
> 
> I very much like this idea - e.g. I'd really like to have this to give
> people simple instructions for testing gPXE in next week's Fedora Test
> Day.
> 
> The argument was made before that it's pointless to use PXE like this
> when you can just explicitly configure a kernel/initrd, but that misses
> the point that sometimes you do explicitly want to use PXE, even just
> for testing purposes.
> 
> Patch looks good to me too, ACK

I like the idea too.
But this opens the door to outside access or just limits it to
the guest ? In any case make sure you have an up to date dnsmasq

  
https://cert.belnet.be/belnetadvisories/rhsa-20091238-01-important-dnsmasq-security-update

Daniel

-- 
Daniel Veillard  | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
dan...@veillard.com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/

--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list


Re: [libvirt] [RFC,PATCH] network: add 'netboot' option to dhcp config

2009-09-11 Thread Mark McLoughlin
On Fri, 2009-09-11 at 09:22 +0100, Mark McLoughlin wrote:
> On Fri, 2009-09-11 at 14:47 +1000, Jeremy Kerr wrote:
> > Currently, libvirtd will start a dnsmasq process for the virtual
> > network, but (aside from killing the dnsmasq process and replacing it),
> > there's no way to define tftp boot options.
> > 
> > This change introduces a 'netboot' tag to the dhcp configuration:
> > 
> >  
> >default
> >
> >
> >
> >  
> >
> >
> >  
> >
> >  
> > 
> > When root= and file= attributes are present, these are passed to the
> > arguments to dnsmasq:
> > 
> >  dnsmasq [...] --enable-tftp --tftp-root /srv/tftp --dhcp-boot pxeboot.img
> > 
> > At present, only local tftp servers are supported (ie, dnsmasq runs as
> > the tftp server), but we could improve this in future by adding a
> > server= attribute.
> 
> I very much like this idea - e.g. I'd really like to have this to give
> people simple instructions for testing gPXE in next week's Fedora Test
> Day.
> 
> The argument was made before that it's pointless to use PXE like this
> when you can just explicitly configure a kernel/initrd, but that misses
> the point that sometimes you do explicitly want to use PXE, even just
> for testing purposes.
> 
> Patch looks good to me too, ACK

Previous discussion was here:

  http://www.redhat.com/archives/fedora-virt/2009-June/msg00154.html

Cheers,
Mark.

--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list


Re: [libvirt] [RFC,PATCH] network: add 'netboot' option to dhcp config

2009-09-11 Thread Mark McLoughlin
On Fri, 2009-09-11 at 14:47 +1000, Jeremy Kerr wrote:
> Currently, libvirtd will start a dnsmasq process for the virtual
> network, but (aside from killing the dnsmasq process and replacing it),
> there's no way to define tftp boot options.
> 
> This change introduces a 'netboot' tag to the dhcp configuration:
> 
>  
>default
>
>
>
>  
>
>
>  
>
>  
> 
> When root= and file= attributes are present, these are passed to the
> arguments to dnsmasq:
> 
>  dnsmasq [...] --enable-tftp --tftp-root /srv/tftp --dhcp-boot pxeboot.img
> 
> At present, only local tftp servers are supported (ie, dnsmasq runs as
> the tftp server), but we could improve this in future by adding a
> server= attribute.

I very much like this idea - e.g. I'd really like to have this to give
people simple instructions for testing gPXE in next week's Fedora Test
Day.

The argument was made before that it's pointless to use PXE like this
when you can just explicitly configure a kernel/initrd, but that misses
the point that sometimes you do explicitly want to use PXE, even just
for testing purposes.

Patch looks good to me too, ACK

Cheers,
Mark.

--
Libvir-list mailing list
Libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list