On Mon, Nov 21, 2016 at 03:40:23PM +0100, Christian Ehrhardt wrote:
> When virt-aa-helper parses xml content it can fail on security labels.
>
> It fails by requiring to parse active domain content on seclabels that
> is not yet filled in.
>
> Testcase with virt-aa-helper on a minimal xml:
> $ c
On 11/20/2016 06:36 PM, Bob Liu wrote:
On 11/19/2016 08:22 AM, Jim Fehlig wrote:
On 11/10/2016 09:14 PM, Bob Liu wrote:
Tunnelled migration doesn't require any extra network connections beside the
libvirt daemon.
It's capable of strong encryption and the default option of openstack-nova.
This
For a new hostdev type='scsi_host' we have a number of
required functions for managing, adding, and removing the
host device to/from guests. Provide the basic infrastructure
for these tasks.
The name "SCSIVHost" (and its variants) is chosen to avoid
conflicts with existing code named "SCSIHost" t
Do all the stuff for the vhost-scsi capability in QEMU,
so it's in place for our checks later.
Signed-off-by: Eric Farman
Reviewed-by: Boris Fiuczynski
---
src/qemu/qemu_capabilities.c| 2 ++
src/qemu/qemu_capabilities.h| 1 +
tests/qemuca
This patch series provides a libvirt implementation of the vhost-scsi
interface in QEMU. As near as I can see, this was discussed upstream in
July 2014[1], and ended in a desire to replace a vhost-scsi controller
in favor of a hostdev element instead[2].
Host setup via targetcli (SCSI LUN(s) are
Open /dev/vhost-scsi, and record the resulting file descriptor, so that
the guest has access to the host device outside of the libvirt daemon.
Pass this information, along with data parsed from the XML file, to build
a device string for the qemu command line. That device string will be
for either
Ensure that the vhost-scsi wwpn information is passed to the
different security policies.
Signed-off-by: Eric Farman
---
src/security/security_apparmor.c | 20 -
src/security/security_dac.c | 46 ++--
src/security/security_selinux.c | 43
Signed-off-by: Eric Farman
---
docs/formatdomain.html.in | 24
1 file changed, 24 insertions(+)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 4e40aa1..6bd02cc 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -3694,6 +36
These tests were cloned from hostdev-scsi-virtio-scsi in both
xml2argv and xml2xml
We add ones for both vhost-scsi-ccw and vhost-scsi-pci since
the syntaxes are slightly different between them.
Signed-off-by: Eric Farman
Reviewed-by: Boris Fiuczynski
---
.../qemuxml2argv-hostdev-scsi-vhost-scs
With the QEMU components in place, provide the XML parsing to
invoke that code when given the following XML snippet:
An optional address element can be specified within the hostdev
(pick CCW or PCI as necessary):
Signed-off-by: Eric Farman
---
docs/schemas/domai
We already have a "scsi" hostdev subsys type, which refers to a single
LUN that is passed through to a guest. But what of things where
multiple LUNs are passed through via a single SCSI HBA, such as with
the vhost-scsi target? Create a new hostdev subsys type that will
carry this.
Signed-off-by:
Adjust the device string that is built for vhost-scsi devices so that it
can be invoked from hotplug.
>From the QEMU command line, the file descriptors are expect to be numeric only.
However, for hotplug, the file descriptors are expected to begin with at least
one alphabetic character else this e
On 22/11/16 00:08, Andrea Bolognani wrote:
> On Mon, 2016-11-21 at 13:12 +1100, Alexey Kardashevskiy wrote:
> 1) switch to PCI Express on newer machine types, and
>expose some sort of capability through QMP so that
>libvirt can know about the switch
>
> [..
The new field will return a list of device type names that are
compatible with the default bus configuration of the
machine-type. The list can be easily built using the
MachineClass::default_bus_types and
BusClass::supported_device_type fields.
The returned types can be used as the 'implements' pa
The Problem
===
Currently management software has no way to find out which device
types can be plugged in a machine, unless the machine is already
initialized.
Even after the machine is initialized, there's no way to map
existing bus types to supported device types unless management
softw
Modify _virDomainBlockIoTuneInfo and rng schema to support the group_name
option for iotune throttling. Document the new value.
Signed-off-by: John Ferlan
---
docs/formatdomain.html.in | 11
docs/schemas/domaincommon.rng | 5 ++
src/conf/domain
https://bugzilla.redhat.com/show_bug.cgi?id=1336564
Add the ability to set/display the group_name for block device iotune
Signed-off-by: John Ferlan
---
tools/virsh-domain.c | 17 +
tools/virsh.pod | 5 -
2 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/t
This is just a REPOST of the v2 series:
http://www.redhat.com/archives/libvir-list/2016-November/msg00363.html
The only difference being updating to the current top of tree
of commit id '0b4c3bd30'.
I did *not* add the NEWS change yet as that's newer than this, but will
update NEWS with this onc
Add the new field to support sharing I/O throttling quota between
multiple drives.
Signed-off-by: John Ferlan
---
include/libvirt/libvirt-domain.h | 7 +++
1 file changed, 7 insertions(+)
diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-domain.h
index 5f50660..8c9876c
Add support to read/parse the iotune group setting for qemu.
Signed-off-by: John Ferlan
---
include/libvirt/libvirt-domain.h | 8
src/conf/domain_conf.c | 1 +
src/conf/domain_conf.h | 1 +
src/qemu/qemu_driver.c | 45 +++-
src/qemu/qemu_moni
Rather than have multiple bool values, create a single enum with bits
representing what can be set.
Signed-off-by: John Ferlan
---
src/qemu/qemu_driver.c | 113 +++--
1 file changed, 54 insertions(+), 59 deletions(-)
diff --git a/src/qemu/qemu_driver.
Rather than using negative logic and setting the maxparams to a lesser
value based on which capabilities exist, alter the logic to modify the
maxparams based on a base value plus the found capabilities. Reduces the
chance that some backported feature produces an incorrect value.
Signed-off-by: Joh
Add the capability to detect if the qemu binary can support the feature
to use throttling.group.
Signed-off-by: John Ferlan
---
src/qemu/qemu_capabilities.c| 2 ++
src/qemu/qemu_capabilities.h| 1 +
tests/qemucapabilitiesdata/caps_2.4.0.x86
Add in the block I/O throttling group parameter to the command line
if supported. If not supported, fail command creation.
Add the xml2argvtest for testing.
Signed-off-by: John Ferlan
---
src/qemu/qemu_command.c| 13 +
.../qemuxml2argv-blkdeviotune-group-num.
Currently we build the JSON object for the "block_set_io_throttle"
command using the knowledge that a NULL for a support*Options boolean
would essentially ignore the rest of the arguments.
This may not work properly if some capability was backported, plus it just
looks rather ugly. So instead, bui
[...]
>
> [C] might be more user-friendly, but I'm not sure if we can change the
> meaning of the NO_OVERWRITE constant like that. On the bright side,
> if blkid can also identify partition tables, we could unify the probing
> code with the disk backend and stop parsing parted's output (also, catc
On Mon, Nov 21, 2016 at 04:15:44PM +0100, Andrea Bolognani wrote:
On Mon, 2016-11-21 at 13:26 +0100, Martin Kletzander wrote:
Signed-off-by: Martin Kletzander
---
docs/news.html.in | 3 +++
1 file changed, 3 insertions(+)
diff --git a/docs/news.html.in b/docs/news.html.in
index fca1e29d043
All of these changes have already been merged, so document
them properly.
---
docs/news.html.in | 18 ++
1 file changed, 18 insertions(+)
diff --git a/docs/news.html.in b/docs/news.html.in
index 26d3548..aa4fd41 100644
--- a/docs/news.html.in
+++ b/docs/news.html.in
@@ -14,14 +14,
Way too tired, can't even blurb.
Andrea Bolognani (3):
NEWS: Archive 2016 releases
NEWS: Update XSLT stylesheet
NEWS: Update entries
docs/{news.html.in => news-2016.html.in} |9 -
docs/news.html.in| 3777 +-
docs/news.xsl
The new format requires some tweaks to be translated into
a nice plain text output, and the XSLT stylesheet needs to
be updated to match.
---
My XSLT skills are quite poor (heck, I can't even write XSLT
right half of the time!) but I've spent way too much time on
this and I'm quite tired now, so it
This patch set enables cpu model support for s390. The user can now set exact
cpu models, query supported models via virsh domcapabilities, and use host-model
and host-passthrough modes. The end result is that migration is safer because
Qemu will perform runnability checking on the destination host
From: "Collin L. Walling"
Qemu has abandoned the +/-feature syntax in favor of key=value. Some
architectures (s390) do not support +/-feature. So we update libvirt to handle
both formats.
If we detect a sufficiently new Qemu (indicated by support for qmp
query-cpu-model-expansion) we use key=val
From: "Collin L. Walling"
query-cpu-model-expansion is used to get a list of features for a given cpu
model name or to get the model and features of the host hardware/environment
as seen by Qemu/kvm.
Signed-off-by: Collin L. Walling
Signed-off-by: Jason J. Herne
---
src/qemu/qemu_monitor.c
From: "Collin L. Walling"
Warn the user when migrating a guest that is using the host-passthrough cpu
mode. host-passthrough is not migration safe because the host hypervisor is not
attempting to block features that may not exist on the destination host.
Signed-off-by: Collin L. Walling
Signed-
From: "Collin L. Walling"
On s390 , the host's features are heavily influenced by not only the host
hardware but also by hardware microcode level, host OS version, qemu
version and kvm version. In this environment it does not make sense to
attempt to report exact host details.
Signed-off-by: Jas
From: "Collin L. Walling"
When qmp query-cpu-model-expansion is available probe Qemu for its view of the
host model. In kvm environments this can provide a more complete view of the
host model because features supported by Qemu and Kvm can be considered.
Signed-off-by: Collin L. Walling
Signed-
Implement compare for s390. Required to test the guest against the host for
guest cpu model runnability checking. We always return IDENTICAL to bypass
Libvirt's checking. s390 will rely on Qemu to perform the runnability checking.
Implement update for s390. required to support use of cpu "host-mod
Ján Tomko wrote:
> On Mon, Nov 21, 2016 at 06:45:05PM +0300, Roman Bogorodskiy wrote:
> >Use 'goto cleanup'-style error handling instead of explicitly
> >freeing variables in every error path.
> >---
> > src/bhyve/bhyve_command.c | 39 +--
> > 1 file changed, 1
On 21.11.2016 16:30, Peter Krempa wrote:
> The original implementation reused qemuMonitorGetCPUInfo to update the halted
> state. The function is very complex and should not be called all the time just
> to update a trivial parameter.
>
> Add infrastructure to properly update the state without the
On Mon, Nov 21, 2016 at 06:45:05PM +0300, Roman Bogorodskiy wrote:
Use 'goto cleanup'-style error handling instead of explicitly
freeing variables in every error path.
---
src/bhyve/bhyve_command.c | 39 +--
1 file changed, 17 insertions(+), 22 deletions(-)
dif
ARAT feature was first introduced in QEMU 2.4.0, which means host-model
CPU mode is unusable with QEMU < 2.4.0 on any host CPU which supports
ARAT. Let's not include this feature in host-model CPUs unless a user
explicitly asks for it.
Signed-off-by: Jiri Denemark
---
Notes:
We will do this
On Mon, Nov 21, 2016 at 04:30:07PM +0100, Peter Krempa wrote:
The original implementation reused qemuMonitorGetCPUInfo to update the halted
state. The function is very complex and should not be called all the time just
to update a trivial parameter.
Add infrastructure to properly update the stat
Use 'goto cleanup'-style error handling instead of explicitly
freeing variables in every error path.
---
src/bhyve/bhyve_command.c | 39 +--
1 file changed, 17 insertions(+), 22 deletions(-)
diff --git a/src/bhyve/bhyve_command.c b/src/bhyve/bhyve_command.c
ind
On Fri, Nov 18, 2016 at 4:25 PM, Jim Fehlig wrote:
> Hi All,
>
> I briefly mentioned this at an evening event during the KVM Forum / Xen Dev
> Summit, but the list is certainly a better place to discuss such a topic.
> What do folks think about finally removing the old, legacy, xend-based
> driver
On Fri, Nov 18, 2016 at 02:25:18PM -0700, Jim Fehlig wrote:
> Hi All,
>
> I briefly mentioned this at an evening event during the KVM Forum / Xen Dev
> Summit, but the list is certainly a better place to discuss such a topic.
> What do folks think about finally removing the old, legacy, xend-based
Hello,
libvirt allows us to attach graphics device to a network, then it
resolves IP on its own.
However, when OVS network is used and not attached to a fake-bridge,
but rather to OVS bridge and given VLAN tag, libvirt is not able to
resolve IP (it tries to use IP of bridge, whereas it should che
Storing of the ID will allow simpler extraction of data present only in
query-cpus without the need to call qemuMonitorGetCPUInfo in statistics
paths.
---
src/qemu/qemu_domain.c | 1 +
src/qemu/qemu_domain.h | 1 +
src/qemu/qemu_monitor.h | 2 ++
src/qemu/qemu_monitor_json.c |
Don't use qemuMonitorGetCPUInfo which does a lot of matching to get the
full picture which is not necessary and would be mostly discarded.
Refresh only the vcpu halted state using data from query-cpus.
---
src/qemu/qemu_domain.c | 19 +++
1 file changed, 7 insertions(+), 12 deleti
We don't need to call qemuMonitorGetCPUInfo which is very inefficient to
get data required to update the vcpu 'halted' state.
Add a monitor helper that will retrieve the halted state and return it
in a bitmap so that it can be indexed easily.
---
src/qemu/qemu_monitor.c | 40 +
The original implementation reused qemuMonitorGetCPUInfo to update the halted
state. The function is very complex and should not be called all the time just
to update a trivial parameter.
Add infrastructure to properly update the state without the need to match in
hotplug parameters.
Peter Krempa
Since a successful completion of the calls to openvswitch is expected
a long timeout should be chosen to account for heavily loaded systems.
Therefore this patch increases the timeout value from 5 to 120 seconds.
Signed-off-by: Stefan Zimmermann
Reviewed-by: Boris Fiuczynski
---
src/util/virnet
On Mon, 2016-11-21 at 13:26 +0100, Martin Kletzander wrote:
> Signed-off-by: Martin Kletzander
> ---
> docs/news.html.in | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/docs/news.html.in b/docs/news.html.in
> index fca1e29d043c..473c2ead13b4 100644
> --- a/docs/news.html.in
> +++ b/d
Hello,
libvirt allows us to attach graphics device to a network, then it
resolves IP on its own.
However, when OVS network is used and not attached to a fake-bridge,
but rather to OVS bridge and given VLAN tag, libvirt is not able to
resolve IP (it tries to use IP of bridge, whereas it should che
On Sun, 2016-11-20 at 14:09 +0100, Martin Kletzander wrote:
> On Fri, Nov 18, 2016 at 05:16:47PM +0100, Andrea Bolognani wrote:
> > This entry is meant to both get the ball rolling on the
> > switch and to provide a blueprint of what NEWS file entries
> > are supposed to look like.
> > ---
> > We n
When virt-aa-helper parses xml content it can fail on security labels.
It fails by requiring to parse active domain content on seclabels that
is not yet filled in.
Testcase with virt-aa-helper on a minimal xml:
$ cat << EOF > /tmp/test.xml
test-seclabel
12345678-9abc-def1-2345-6789abcde
On Mon, Nov 21, 2016 at 10:51:29AM +0100, Jiri Denemark wrote:
Whenever qemuMonitorJSONCheckError returns 0, the "return" object is
guaranteed to exist. Thus virJSONValueObjectGetObject will never fail to
get it. On the other hand, virJSONValueObjectGetArray may fail since the
"return" object may
On Mon, Nov 21, 2016 at 9:03 AM, Guido Günther wrote:
> This should be shortened and clarified (see the other part of the
> thread). IMHO the root cause is that we parse the active domain XML but
> the live part of the seclabel is not filled in yet.
>
Ok, reasonable to keep the actual commit sli
On Mon, Nov 21, 2016 at 00:21:23 +0100, Jiri Denemark wrote:
> Signed-off-by: Jiri Denemark
> ---
> tests/domaincapsschemadata/qemu_2.6.0.ppc64le.xml |5 +-
> tests/domaincapstest.c |2 +-
> .../caps_2.6.0.ppc64le.replies | 1324
>
On Mon, Nov 14, 2016 at 05:53:46PM +0100, Peter Krempa wrote:
Peter Krempa (5):
qemu: parse: Validate that the VM has at least one cpu
qemu: parse: Allow the 'cpus=' prefix for current cpu number
qemu: parse: Assign topology info earlier
qemu: parse: Assign maximum cpu count from topology if
On Mon, Nov 21, 2016 at 01:56:05PM +0100, Martin Polednik wrote:
As sched_deadline is linux specific, it is not set through
sched_setscheduler but rather the sched_setattr syscall. Additionally,
the scheduler has new set of parameters: runtime, deadline and period.
In this part of the series, we
On 18.11.2016 19:28, Andrea Bolognani wrote:
On Mon, 2016-11-14 at 18:20 +0300, Pavel Glushchak wrote:
dom xml generated on begin step should be passed
to perform step in VIR_MIGRATE_PARAM_DEST_XML parameter.
Otherwise 'XML error: failed to parse xml document' is
raised on destination host as do
On Mon, 2016-11-21 at 13:12 +1100, Alexey Kardashevskiy wrote:
> > > >1) switch to PCI Express on newer machine types, and
> > > > expose some sort of capability through QMP so that
> > > > libvirt can know about the switch
> > > >
> > > > [...]
> > > > Option 1) would break horrib
The code within the function is too specific for priority attribute of
RT schedulers. To allow addition of schedulers that group by different
properties, we factor out the logic to calculate cpu subset. Instead
of comparing by priority, the new code accepts comparator for the 2
sched structs.
---
Since the code is now generalized beyond just vcpusched priority, it's
better to rename the variables that indicated direct relationship with
priority: prioMap and nextprio.
---
src/conf/domain_conf.c | 28 ++--
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git
As sched_deadline is linux specific, it is not set through
sched_setscheduler but rather the sched_setattr syscall. Additionally,
the scheduler has new set of parameters: runtime, deadline and period.
In this part of the series, we extend virProcessSetScheduler to
accommodate the additional parame
As the code for changing task scheduler is now able to choose deadline
scheduler, we can update domain configuration to parse the scheduler.
---
docs/formatdomain.html.in | 15 +++---
docs/schemas/domaincommon.rng | 16 +++
src/conf/domain_conf.c| 108
The policy SCHED_DEADLINE is available since kernel 3.14 (and most likely
backported to older RT_PREEMPT kernels). It is safer to use than fifo or round
robin policies due to only limiting part of cpu time for the RT process,
leading to lack of lockups of the host.
The series adds new vcpusched/io
Deadline scheduler, or SCHED_DEADLINE, is a new realtime scheduler
added to Linux 3.14. In order to support it as a possible value in
vcpusched/iothreadsched, we have to add it to scheduler related
structures.
---
src/conf/domain_conf.c | 1 +
src/conf/domain_conf.h | 3 +++
src/util/virprocess.
On Mon, Nov 21, 2016 at 01:43:48PM +0100, Martin Kletzander wrote:
> Because this makes the font the same size as the non-monospaced one,
> let's change those properties a little bit as well. will be
> shrunk a bit and inside or will have slightly greyer
> background.
>
> Signed-off-by: Marti
Because this makes the font the same size as the non-monospaced one,
let's change those properties a little bit as well. will be
shrunk a bit and inside or will have slightly greyer
background.
Signed-off-by: Martin Kletzander
---
Notes:
Now it looks like this:
http://people.re
Signed-off-by: Martin Kletzander
---
docs/news.html.in | 3 +++
1 file changed, 3 insertions(+)
diff --git a/docs/news.html.in b/docs/news.html.in
index fca1e29d043c..473c2ead13b4 100644
--- a/docs/news.html.in
+++ b/docs/news.html.in
@@ -22,6 +22,9 @@
List user-visible changes instead of
On Fri, Oct 14, 2016 at 10:13:48AM +0300, Nikolay Shirokovskiy wrote:
It is already discussed in "[RFC] daemon: remove hardcode dep on
libvirt-guests" [1].
Mgmt can use means to save/restore domains on system shutdown/boot other then
libvirt-guests.service. Thus we need to specify appropriate o
On Sun, 2016-11-20 at 23:37 +0100, Martin Kletzander wrote:
>
> I'm not familiar with Xen to such detail, particularly with its
> history,
> but allow me to (hopefully) help you with the decision by saying that
> we
> dropped support for any QEmu older than 0.12.0 (released on December
> 2009). A
Whenever qemuMonitorJSONCheckError returns 0, the "return" object is
guaranteed to exist. Thus virJSONValueObjectGetObject will never fail to
get it. On the other hand, virJSONValueObjectGetArray may fail since the
"return" object may not be an array.
Signed-off-by: Jiri Denemark
---
src/qemu/qe
On Sun, Nov 20, 2016 at 10:57:06AM +0100, Martin Kletzander wrote:
> On Fri, Nov 18, 2016 at 03:28:33PM +, Daniel P. Berrange wrote:
> > On Fri, Nov 18, 2016 at 03:23:55PM +, Daniel P. Berrange wrote:
> > > On Fri, Nov 18, 2016 at 04:05:52PM +0100, Martin Kletzander wrote:
> > > > Since we
On Fri, Nov 18, 2016 at 16:05:44 +0100, Michal Privoznik wrote:
> After a944bd92 we gained support for setting gluster debug level.
> However, due to stupid space we haven't tested whether augeas
In space no one can hear you be stupid. Also drop the word "stupid".
> file actually works.
>
> Sign
Hi Christian,
On Mon, Oct 31, 2016 at 11:32:44AM +0100, Christian Ehrhardt wrote:
> When parsing labels virt-aa-helper does no more pass
> VIR_DOMAIN_DEF_PARSE_INACTIVE due to dfbc9a83 that tried to mitigate the
> changes of a89f05ba. For those it had to switch from
> VIR_DOMAIN_DEF_PARSE_INACTIVE
77 matches
Mail list logo