On 03.09.2014 18:44, Stefan Hajnoczi wrote:
Hi,
QEMU offers both NBD client and server functionality. The NBD protocol
runs unencrypted, which is a problem when the client and server
communicate over an untrusted network.
This is not problem for NBD only, but for the rest of data that qemu
On Fri, Sep 05, 2014 at 08:23:17AM +0200, Michal Privoznik wrote:
On 03.09.2014 18:44, Stefan Hajnoczi wrote:
Hi,
QEMU offers both NBD client and server functionality. The NBD protocol
runs unencrypted, which is a problem when the client and server
communicate over an untrusted network.
On Fri, Sep 05, 2014 at 12:02:18AM +0200, Wouter Verhelst wrote:
[Cc: to nbd-general list added]
On Wed, Sep 03, 2014 at 05:44:17PM +0100, Stefan Hajnoczi wrote:
Hi,
QEMU offers both NBD client and server functionality. The NBD protocol
runs unencrypted, which is a problem when the
On 09/04/14 21:30, Eric Blake wrote:
On 09/04/2014 09:39 AM, Peter Krempa wrote:
On 08/31/14 06:02, Eric Blake wrote:
Another layer of overly-multiplexed code that deserves to be
split into obviously separate paths for query vs. modify.
This continues the cleanup started in the previous
On Thu, Sep 04, 2014 at 03:02:54PM -0700, Anirban Chakraborty wrote:
ethernet interfaces in libvirt currently do not support bandwidth setting.
For example, following xml file for an interface will not apply these
settings to corresponding qdiscs.
interface type=ethernet
mac
Commit fba6bc4 introduced supoprt for the 'invtsc' feature,
which blocks migration. We should not include it in the
host-model CPU by default, because it's intended to be used
with migration.
https://bugzilla.redhat.com/show_bug.cgi?id=1138221
---
src/cpu/cpu_map.xml | 2 +-
src/cpu/cpu_x86.c
On 08/31/14 06:02, Eric Blake wrote:
Expose the new flag just added to virDomainGetBlockJobInfo.
With --raw, the presence or absence of --bytes determines which
flag to use in the single API call. Without --raw, the use of
--bytes forces an error if the server doesn't support it,
otherwise,
On 08/31/14 06:02, Eric Blake wrote:
To date, anyone performing a block copy and pivot ends up with
the destination being treated as disk type='file'. While this
works for data access for a block device, it has at least one
noticeable shortcoming: virDomainGetBlockInfo() reports allocation
On 08/31/14 06:02, Eric Blake wrote:
I'm about to extend the capabilities of blockcopy. Hiding a few
common lines of implementation gets in the way of the new required
logic, and putting the new logic in the common implementation won't
benefit any of the other blockjob operations. Therefore,
On 09/05/14 11:29, Peter Krempa wrote:
On 08/31/14 06:02, Eric Blake wrote:
I'm about to extend the capabilities of blockcopy. Hiding a few
common lines of implementation gets in the way of the new required
logic, and putting the new logic in the common implementation won't
benefit any of
On Fri, Sep 05, 2014 at 11:04:30 +0200, Jano Tomko wrote:
Commit fba6bc4 introduced supoprt for the 'invtsc' feature,
s/supoprt/support/
which blocks migration. We should not include it in the
host-model CPU by default, because it's intended to be used
with migration.
On 09/05/14 11:30, Peter Krempa wrote:
On 09/05/14 11:29, Peter Krempa wrote:
On 08/31/14 06:02, Eric Blake wrote:
I'm about to extend the capabilities of blockcopy. Hiding a few
common lines of implementation gets in the way of the new required
logic, and putting the new logic in the common
On 08/31/14 06:02, Eric Blake wrote:
Expose the new power of virDomainBlockCopy through virsh (well,
all but the finer-grained bandwidth, as that is its own can of
worms for a later patch). Continue to use the older API where
possible, for maximum compatibility.
The command now requires
On 08/31/14 06:02, Eric Blake wrote:
Fairly straightforward - I got lucky that the generated functions
worked out of the box :)
* src/remote/remote_protocol.x (remote_domain_block_copy_args):
New struct.
(REMOTE_PROC_DOMAIN_BLOCK_COPY): New RPC.
* src/remote/remote_driver.c
On 2014/9/5 1:40, Laine Stump wrote:
I do point out the existence of exactly the problem that you are fixing.
However, there is a problem with the way you're fixing it if the clock
for the domain is set like this:
clock offset ='variable' basis='localtime'/
The problem is that when the
Commit fba6bc4 introduced support for the 'invtsc' feature,
which blocks migration. We should not include it in the
host-model CPU by default, because it's intended to be used
with migration.
https://bugzilla.redhat.com/show_bug.cgi?id=1138221
---
v2: added tests and comment, fixed a typo
On Thu, Sep 04, 2014 at 02:42:32PM +0530, Shivaprasad G Bhat wrote:
For security type='none' libvirt according to the docs should not generate
seclabel be it for selinux or any model. So, skip the reservation of labels
when type is none.
I wrapped the commit message.
Signed-off-by:
The previous patch hoisted some bounds checks to the callers;
but someone that is not aware of the hoisted check could now
try passing an integer between LLONG_MAX and ULLONG_MAX. As a
safety measure, add new json conversion modes that let libvirt
error out early instead of pass bad numbers to
On Tue, Sep 02, 2014 at 05:12:01PM +0200, Michal Privoznik wrote:
As of 136ad4974 it is possible to specify different huge pages per
guest NUMA node. However, there's no check if nodeset specified in
./hugepages/page contains only those guest NUMA nodes that exist.
In other words with current
On 09/05/2014 04:48 AM, Ján Tomko wrote:
Commit fba6bc4 introduced support for the 'invtsc' feature,
which blocks migration. We should not include it in the
host-model CPU by default, because it's intended to be used
with migration.
https://bugzilla.redhat.com/show_bug.cgi?id=1138221
---
On 09/05/14 13:55, Eric Blake wrote:
On 09/05/2014 04:48 AM, Ján Tomko wrote:
Commit fba6bc4 introduced support for the 'invtsc' feature,
which blocks migration. We should not include it in the
host-model CPU by default, because it's intended to be used
with migration.
On 09/05/14 13:36, Eric Blake wrote:
The previous patch hoisted some bounds checks to the callers;
but someone that is not aware of the hoisted check could now
try passing an integer between LLONG_MAX and ULLONG_MAX. As a
safety measure, add new json conversion modes that let libvirt
error
On Fri, Sep 05, 2014 at 12:54:45AM +0200, Benoît Canet wrote:
The Friday 05 Sep 2014 à 00:07:04 (+0200), Wouter Verhelst wrote :
On Thu, Sep 04, 2014 at 04:19:17PM +0200, Benoît Canet wrote:
The Wednesday 03 Sep 2014 à 17:44:17 (+0100), Stefan Hajnoczi wrote :
Hi,
QEMU offers both
Tuning NUMA or network interface parameters require root
privileges to manage cgroups, thus an attempt to set some of these
parameters in session mode on a running domain should be invalid
followed by an error.
As an example might be memory tuning which raises an error in such case.
Following
On Fri, Sep 05, 2014 at 12:02:18AM +0200, Wouter Verhelst wrote:
[Cc: to nbd-general list added]
On Wed, Sep 03, 2014 at 05:44:17PM +0100, Stefan Hajnoczi wrote:
Besides QEMU, the userspace NBD tools (http://nbd.sf.net/) can also be
extended to support TLS. In this case the kernel needs a
On Fri, Sep 05, 2014 at 09:46:18AM +0100, Hani Benhabiles wrote:
On Wed, Sep 03, 2014 at 05:44:17PM +0100, Stefan Hajnoczi wrote:
Also, so mean of verification is required (otherwise, back to point 0 being
vulnerable to sslstrip style attacks) either that the server's cert is signed
with a
On Fri, Sep 05, 2014 at 12:48:00 +0200, Jano Tomko wrote:
Commit fba6bc4 introduced support for the 'invtsc' feature,
which blocks migration. We should not include it in the
host-model CPU by default, because it's intended to be used
with migration.
On 08/31/14 06:02, Eric Blake wrote:
In order to implement the new virDomainBlockCopy, the existing
block copy internal implementation needs to be adjusted. The
new function will parse XML into a storage source, and parse
typed parameters into integers, then call into the same common
On 08/31/14 06:02, Eric Blake wrote:
The new blockcopy API wants to reuse only a subset of the disk
hotplug parser - namely, we only care about the embedded
virStorageSourcePtr inside a disk XML. Strange as it may
seem, it was easier to just parse an entire disk definition,
then throw away
On 08/31/14 06:02, Eric Blake wrote:
The hard part of managing the disk copy is already coded; all
this had to do was convert the XML and virTypedParameters into
the internal representation.
With this patch, all blockcopy operations that used the old
API should also work via the new API.
On 08/31/14 06:02, Eric Blake wrote:
Upstream qemu 1.4 added some drive-mirror tunables not present
when it was first introduced in 1.3. Management apps may want
to set these in some cases (for example, without tuning
granularity down to sector size, a copy may end up occupying
more bytes
On 08/31/14 06:02, Eric Blake wrote:
We stupidly modeled block job bandwidth after migration
bandwidth, which in turn was an 'unsigned long' and therefore
subject to 32-bit vs. 64-bit interpretations. To work around
the fact that 10-gigabit interfaces are possible but don't fit
within 32
Am 01.09.2014 um 13:41 hat Markus Armbruster geschrieben:
Benoît Canet benoit.ca...@irqsave.net writes:
The Monday 01 Sep 2014 à 11:52:00 (+0200), Markus Armbruster wrote :
Cc'ing libvirt following Stefan's lead.
Benoît Canet benoit.ca...@irqsave.net writes:
/* the following would
The Friday 05 Sep 2014 à 16:30:31 (+0200), Kevin Wolf wrote :
Am 01.09.2014 um 13:41 hat Markus Armbruster geschrieben:
Benoît Canet benoit.ca...@irqsave.net writes:
The Monday 01 Sep 2014 à 11:52:00 (+0200), Markus Armbruster wrote :
Cc'ing libvirt following Stefan's lead.
The Friday 05 Sep 2014 à 16:30:31 (+0200), Kevin Wolf wrote :
Am 01.09.2014 um 13:41 hat Markus Armbruster geschrieben:
Benoît Canet benoit.ca...@irqsave.net writes:
The Monday 01 Sep 2014 à 11:52:00 (+0200), Markus Armbruster wrote :
Cc'ing libvirt following Stefan's lead.
On Fri, Sep 05, 2014 at 12:54:45AM +0200, Benoît Canet wrote:
The Friday 05 Sep 2014 à 00:07:04 (+0200), Wouter Verhelst wrote :
On Thu, Sep 04, 2014 at 04:19:17PM +0200, Benoît Canet wrote:
Prenegociating TLS look like we will accidentaly introduce some security
hole.
I was thinking
On Fri, Sep 05, 2014 at 09:46:18AM +0100, Hani Benhabiles wrote:
On Wed, Sep 03, 2014 at 05:44:17PM +0100, Stefan Hajnoczi wrote:
Hi,
QEMU offers both NBD client and server functionality. The NBD protocol
runs unencrypted, which is a problem when the client and server
communicate over an
On Wed, Sep 03, 2014 at 05:44:17PM +0100, Stefan Hajnoczi wrote:
Hi,
QEMU offers both NBD client and server functionality. The NBD protocol
runs unencrypted, which is a problem when the client and server
communicate over an untrusted network.
The particular use case that prompted this mail
On Fri, Sep 05, 2014 at 09:13:26AM +0100, Daniel P. Berrange wrote:
On Fri, Sep 05, 2014 at 12:02:18AM +0200, Wouter Verhelst wrote:
[Cc: to nbd-general list added]
On Wed, Sep 03, 2014 at 05:44:17PM +0100, Stefan Hajnoczi wrote:
Hi,
QEMU offers both NBD client and server
The Friday 05 Sep 2014 à 16:30:31 (+0200), Kevin Wolf wrote :
Am 01.09.2014 um 13:41 hat Markus Armbruster geschrieben:
Benoît Canet benoit.ca...@irqsave.net writes:
The Monday 01 Sep 2014 à 11:52:00 (+0200), Markus Armbruster wrote :
Cc'ing libvirt following Stefan's lead.
On 09/05/2014 04:31 AM, Martin Kletzander wrote:
On Thu, Sep 04, 2014 at 03:02:54PM -0700, Anirban Chakraborty wrote:
ethernet interfaces in libvirt currently do not support bandwidth
setting.
For example, following xml file for an interface will not apply these
settings to corresponding
On 08/30/2014 10:02 PM, Eric Blake wrote:
Another layer of overly-multiplexed code that deserves to be
split into obviously separate paths for query vs. modify.
This continues the cleanup started in the previous patch.
In the process, make some tweaks to simplify the logic when
parsing the
On 09/05/2014 06:00 AM, Peter Krempa wrote:
On 09/05/14 13:36, Eric Blake wrote:
The previous patch hoisted some bounds checks to the callers;
but someone that is not aware of the hoisted check could now
try passing an integer between LLONG_MAX and ULLONG_MAX. As a
safety measure, add new
On 09/04/2014 10:11 AM, Peter Krempa wrote:
On 08/31/14 06:02, Eric Blake wrote:
While reviewing the new virDomainBlockCopy API, Peter Krempa
pointed out that our existing design of using MiB/s for block
job bandwidth is rather coarse, especially since qemu tracks
it in bytes/s; so
On Fri, Aug 29, 2014 at 12:03:24PM +0200, Daniel Veillard wrote:
On Wed, Aug 27, 2014 at 08:45:29PM +0200, Richard Weinberger wrote:
On Wed, Aug 27, 2014 at 9:18 AM, Daniel Veillard veill...@redhat.com
wrote:
So I tagged 1.2.8-rc1 in git and made tarball and signed rpms
Can you
On 09/01/2014 11:05 AM, Jiri Denemark wrote:
Job statistics data were tracked in several structures and variables.
Let's make a new qemuDomainJobInfo structure which can be used as a
single source of statistics data as a preparation for storing data about
completed a job.
Signed-off-by:
On 09/01/2014 11:05 AM, Jiri Denemark wrote:
virDomainGetJobStats gains new VIR_DOMAIN_JOB_STATS_COMPLETED flag that
can be used to fetch statistics of a completed job rather than a
currently running job.
Signed-off-by: Jiri Denemark jdene...@redhat.com
---
include/libvirt/libvirt.h.in
On 09/01/2014 11:05 AM, Jiri Denemark wrote:
New --completed flag for virsh domjobinfo command.
Signed-off-by: Jiri Denemark jdene...@redhat.com
---
tools/virsh-domain.c | 27 ---
tools/virsh.pod | 5 +++--
2 files changed, 27 insertions(+), 5 deletions(-)
On 09/01/2014 11:05 AM, Jiri Denemark wrote:
When migrating a transient domain or with VIR_MIGRATE_UNDEFINE_SOURCE
flag, the domain may disappear from source host. And so will migration
statistics associated with the domain. We need to transfer the
statistics at the end of a migration so
On 09/04/2014 10:23 AM, Peter Krempa wrote:
On 08/31/14 06:02, Eric Blake wrote:
The current output of 'blockjob [--info]' is a single line
designed for human consumption; it's not very nice for machine
parsing. Furthermore, I have plans to modify the line in
response to the new flag for
On 09/01/2014 11:05 AM, Jiri Denemark wrote:
After previous commit, migration statistics on source and destination
hosts are not equal because destination updated time statistics. Let's
send the result back so that the same data can be queried on both end of
a migration.
My grammar bells
On 09/05/2014 03:05 AM, Peter Krempa wrote:
On 08/31/14 06:02, Eric Blake wrote:
Expose the new flag just added to virDomainGetBlockJobInfo.
With --raw, the presence or absence of --bytes determines which
flag to use in the single API call. Without --raw, the use of
--bytes forces an error
On 09/05/2014 03:23 AM, Peter Krempa wrote:
On 08/31/14 06:02, Eric Blake wrote:
To date, anyone performing a block copy and pivot ends up with
the destination being treated as disk type='file'. While this
works for data access for a block device, it has at least one
noticeable shortcoming:
On 09/05/2014 01:47 AM, Pradipta Kr. Banerjee wrote:
libvirtd crash when defining scsi storage pool
libvirtd crashes when there is an existing SCSI pool defined
with adapter type as 'scsi_host' and defining a new SCSI pool with adapter
type as 'fc_host' and parent attribute missing or
On 9/5/14, 1:31 AM, Martin Kletzander mklet...@redhat.com wrote:
On Thu, Sep 04, 2014 at 03:02:54PM -0700, Anirban Chakraborty wrote:
ethernet interfaces in libvirt currently do not support bandwidth
setting.
For example, following xml file for an interface will not apply these
settings to
55 matches
Mail list logo