1. 27 1月, 2020 13 次提交
    • P
      tests: qemuxml2xml: Modernize 'disk-cache' test · 03a2235a
      Peter Krempa 提交于
      Mirror what's done in the xml2argv test and use recent capabilities.
      Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
      Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
      03a2235a
    • P
      tests: qemuxml2argv: Use 64 bit qemu binary and 1.5 machine type in 'disk-cache' case · 66cba5c0
      Peter Krempa 提交于
      The data is tested against the latest qemu binaries so we should use the
      proper architecture. Also the test is used against data from qemu 1.5.3
      and thus we should use a machine type that qemu supported.
      Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
      Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
      66cba5c0
    • D
      qemu: fix linking virt-qemu-run on some distros · 82dd011d
      Daniel P. Berrangé 提交于
      Debian/Ubuntu linkers are more strict that other distros requiring glib
      to be linked explicitly.
      
      macOS needs -export-dynamic instead of -Wl,--export-dynamic
      Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
      82dd011d
    • D
    • P
      qemu: snapshot: Prevent too-nested domain XML when doing inactive snapshot · b168fa88
      Peter Krempa 提交于
      Similarly to 510d154a we need to prevent
      doing too deeply nested backing chains and reject them with a sane error
      message.
      
      Add a loop to go through the snapshots prior to attempting actually
      creating them to prevent some possible inconsistent scenarios.
      
      We don't need to do it when reusing backing chains as we'll be
      re-detecting the backing chain in that case anyways.
      Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
      Reviewed-by: NEric Blake <eblake@redhat.com>
      b168fa88
    • P
      qemu: snapshot: Always rewrite backingStore data when reusing existing images · 8e9e73a9
      Peter Krempa 提交于
      Don't adopt the backing store data when reusing images provided by the
      user. This will force a backing chain re-probe as users might have
      passed in something unexpected in the overlay where our view of the
      backing chain would not correspond.
      
      This is done only for inactive snapshots as there we have way less
      verification.
      Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
      Reviewed-by: NEric Blake <eblake@redhat.com>
      8e9e73a9
    • D
      docs: add pages to support Go module package resolution · 201156ec
      Daniel P. Berrangé 提交于
      Currently the libvirt Go modules are accessed by applications using
      their github repository URLs. This is undesirable as we don't want
      applications to have a direct dependancy on a specific source repo
      location. We want to enable applications to use the Go packages via
      the libvirt.org namespace.
      
      When you do "go get libvirt.org/libvirt-go", the Go client will do an
      HTTPS request to that URL, and parse the HTML content to look for a
      <meta> tag which tells it where to the find the GIT repository.
      
         https://golang.org/cmd/go/#hdr-Remote_import_paths
      
      This adds two pages to support this Go module resolution. They are
      not linked from anywhere as we don't expect users to actually look
      at them. If someone does happen upon them, there's some boilerplate
      text to send them off to godoc.org for API documentation.
      
      Since the pages we're adding have a .html extension, we will also
      use a small apache config tweak on the server
      
          RewriteEngine on
          RewriteRule ^/libvirt-go$ /libvirt-go.html [L]
          RewriteRule ^/libvirt-go-xml$ /libvirt-go-xml.html [L]
      Reviewed-by: NJiri Denemark <jdenemar@redhat.com>
      Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
      201156ec
    • D
      qemu: introduce a new "virt-qemu-run" program · d6006672
      Daniel P. Berrangé 提交于
      The previous "QEMU shim" proof of concept was taking an approach of only
      caring about initial spawning of the QEMU process. It was then
      registered with the libvirtd daemon who took over management of it. The
      intent was that later libvirtd would be refactored so that the shim
      retained control over the QEMU monitor and libvirt just forwarded APIs
      to each shim as needed. This forwarding of APIs would require quite alot
      of significant refactoring of libvirtd to achieve.
      
      This impl thus takes a quite different approach, explicitly deciding to
      keep the VMs completely separate from those seen & managed by libvirtd.
      Instead it uses the new "qemu:///embed" URI scheme to embed the entire
      QEMU driver in the shim, running with a custom root directory.
      
      Once the driver is initialization, the shim starts a VM and then waits
      to shutdown automatically when QEMU shuts down, or should kill QEMU if
      it is terminated itself. This ought to use the AUTO_DESTROY feature but
      that is not yet available in embedded mode, so we rely on installing a
      few signal handlers to gracefully kill QEMU. This isn't reliable if
      we crash of course, but you can restart with the same root dir.
      
      Note this program does not expose any way to manage the QEMU process,
      since there's no RPC interface enabled. It merely starts the VM and
      cleans up when the guest shuts down at the end. This program is
      installed to /usr/bin/virt-qemu-run enabling direct use by end users.
      Most use cases will probably want to integrate the concept directly
      into their respective application codebases. This standalone binary
      serves as a nice demo though, and also provides a way to measure
      performance of the startup process quite simply.
      Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
      Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
      d6006672
    • D
      secrets: add support for running secret driver in embedded mode · 3e9076e7
      Daniel P. Berrangé 提交于
      This enables support for running the secret driver embedded to the
      calling application process using a URI:
      
         secret:///embed?root=/some/path
      
      When using the embedded mode with a root=/var/tmp/embed, the
      driver will use the following paths:
      
             configDir: /var/tmp/embed/etc/secrets
              stateDir: /var/tmp/embed/run/secrets
      
      These are identical whether the embedded driver is privileged
      or unprivileged.
      
      This compares with the system instance which uses
      
             configDir: /etc/libvirt/secrets
              stateDir: /var/lib/libvirt/secrets
      
      When an embedded instance of the secret driver is open, any other
      embedded drivers will automatically use the embedded secret driver.
      Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
      Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
      3e9076e7
    • D
      qemu: add support for running QEMU driver in embedded mode · 068efae5
      Daniel P. Berrangé 提交于
      This enables support for running QEMU embedded to the calling
      application process using a URI:
      
         qemu:///embed?root=/some/path
      
      Note that it is important to keep the path reasonably short to
      avoid risk of hitting the limit on UNIX socket path names
      which is 108 characters.
      
      When using the embedded mode with a root=/var/tmp/embed, the
      driver will use the following paths:
      
                      logDir: /var/tmp/embed/log/qemu
                 swtpmLogDir: /var/tmp/embed/log/swtpm
               configBaseDir: /var/tmp/embed/etc/qemu
                    stateDir: /var/tmp/embed/run/qemu
               swtpmStateDir: /var/tmp/embed/run/swtpm
                    cacheDir: /var/tmp/embed/cache/qemu
                      libDir: /var/tmp/embed/lib/qemu
             swtpmStorageDir: /var/tmp/embed/lib/swtpm
       defaultTLSx509certdir: /var/tmp/embed/etc/pki/qemu
      
      These are identical whether the embedded driver is privileged
      or unprivileged.
      
      This compares with the system instance which uses
      
                      logDir: /var/log/libvirt/qemu
                 swtpmLogDir: /var/log/swtpm/libvirt/qemu
               configBaseDir: /etc/libvirt/qemu
                    stateDir: /run/libvirt/qemu
               swtpmStateDir: /run/libvirt/qemu/swtpm
                    cacheDir: /var/cache/libvirt/qemu
                      libDir: /var/lib/libvirt/qemu
             swtpmStorageDir: /var/lib/libvirt/swtpm
       defaultTLSx509certdir: /etc/pki/qemu
      
      At this time all features present in the QEMU driver are available when
      running in embedded mode, availability matching whether the embedded
      driver is privileged or unprivileged.
      Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
      Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
      068efae5
    • D
      libvirt: support an "embed" URI path selector for opening drivers · 88446e07
      Daniel P. Berrangé 提交于
      The driver URI scheme:
      
        "$drivername:///embed?root=/some/path"
      
      enables a new way to use the drivers by embedding them directly in the
      calling process. To use this the process must have a thread running the
      libvirt event loop. This URI will then cause libvirt to dynamically load
      the driver module and call its global initialization function. This
      syntax is applicable to any driver, but only those will have been
      modified to support a custom root directory and embed URI path will
      successfully open.
      
      The application can now make normal libvirt API calls which are all
      serviced in-process with no RPC layer involved.
      
      It is required to specify an explicit root directory, and locks will be
      acquired on this directory to avoid conflicting with another app that
      might accidentally pick the same directory.
      
      Use of '/' is not explicitly forbidden, but note that the file layout
      used underneath the embedded driver root does not match the file
      layout used by system/session mode drivers. So this cannot be used as
      a backdoor to interact with, or fake, the system/session mode drivers.
      
      Libvirt will create arbitrary files underneath this root directory. The
      root directory can be kept untouched across connection open attempts if
      the application needs persistence. The application is responsible for
      purging everything underneath this root directory when finally no longer
      required.
      
      Even when a virt driver is used in embedded mode, it is still possible
      for it to in turn use functionality that calls out to other secondary
      drivers in libvirtd. For example an embedded instance of QEMU can open
      the network, secret or storage drivers in the system libvirtd.
      
      That said, the application would typically want to at least open an
      embedded secret driver ("secret:///embed?root=/some/path"). Note that
      multiple different embedded drivers can use the same root prefix and
      co-operate just as they would inside a normal libvirtd daemon.
      
      A key thing to note is that for this to work, the application that links
      to libvirt *MUST* be built with -Wl,--export-dynamic to ensure that
      symbols from libvirt.so are exported & thus available to the dynamically
      loaded driver module. If libvirt.so itself was dynamically loaded then
      RTLD_GLOBAL must be passed to dlopen().
      Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
      Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
      88446e07
    • D
      libvirt: pass a directory path into drivers for embedded usage · 207709a0
      Daniel P. Berrangé 提交于
      The intent here is to allow the virt drivers to be run directly embedded
      in an arbitrary process without interfering with libvirtd. To achieve
      this they need to store all their configuration & state in a separate
      directory tree from the main system or session libvirtd instances.
      
      This can be useful for doing testing of the virt drivers in "make check"
      without interfering with the user's own libvirtd instances.
      
      It can also be used for applications using KVM/QEMU as a piece of
      infrastructure to build an service, rather than for general purpose
      OS hosting. A long standing example is libguestfs, which would prefer
      if its temporary VMs did show up in the main libvirtd VM list, because
      this confuses apps such as OpenStack Nova. A more recent example would
      be Kata which is using KVM as a technology to build containers.
      Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
      Reviewed-by: NCole Robinson <crobinso@redhat.com>
      Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
      207709a0
    • D
  2. 25 1月, 2020 6 次提交
  3. 24 1月, 2020 15 次提交
  4. 23 1月, 2020 5 次提交
  5. 22 1月, 2020 1 次提交