- 09 4月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
Ensure lxcContainerUnmountSubtree is at the top of the lxc_container.c file so it is easily referenced from any other method. No functional change Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Bogdan Purcareata 提交于
This allows a container-type domain to have exclusive access to one of the host's NICs. Wire <hostdev caps=net> with the lxc_controller - when moving the newly created veth devices into a new namespace, also look for any hostdev devices that should be moved. Note: once the container domain has been destroyed, there is no code that moves the interfaces back to the original namespace. This does happen, though, probably due to default cleanup on namespace destruction. Signed-off-by: NBogdan Purcareata <bogdan.purcareata@freescale.com>
-
- 08 4月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
The virCgroupMounted method is badly named, since a controller can be mounted, but disabled in the current object. Rename the method to be virCgroupHasController. Also make it tolerant to a NULL virCgroupPtr and out-of-range controller index, to avoid duplication of these checks in all callers Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 05 4月, 2013 8 次提交
-
-
由 Daniel P. Berrange 提交于
Currently when getting an instance of virCgroupPtr we will create the path in all cgroup controllers. Only at the virt driver layer are we attempting to filter controllers. This is bad because the mere act of creating the dirs in the controllers can have a functional impact on the kernel, particularly for performance. Update the virCgroupForDriver() method to accept a bitmask of controllers to use. Only create dirs in the controllers that are requested. When creating cgroups for domains, respect the active controller list from the parent cgroup Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The virCgroupGetAppRoot is not clear in its meaning. Change to virCgroupForSelf to highlight that this returns the cgroup config for the caller's process Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Peter Krempa 提交于
This patch refactors various places to allow removing of the defaultConsoleTargetType callback from the virCaps structure. A new console character device target type is introduced - VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE - to mark that no type was specified in the XML. This type is at the end converted to the standard VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL. Other types that are different from this default have to be processed separately in the device post parse callback.
-
由 Peter Krempa 提交于
Use the virDomainXMLConf structure to hold this data and tweak the code to avoid semantic change. Without configuration the KVM mac prefix is used by default. I chose it as it's in the privately administered segment so it should be usable for any purposes.
-
由 Peter Krempa 提交于
This patch removes the emulatorRequired field and associated infrastructure from the virCaps object. Instead the driver specific callbacks are used as this field isn't enforced by all drivers. This patch implements the appropriate callbacks in the qemu and lxc driver and moves to check to that location.
-
由 Peter Krempa 提交于
Move the xmlopt and caps arguments to the end of the argument list.
-
由 Peter Krempa 提交于
This patch adds instrumentation that will allow hypervisor drivers to fill and validate domain and device definitions after parsed by the XML parser. With this patch, after the XML is parsed, a callback to the driver is issued requesting to fill and validate driver specific details of the configuration. This allows to use sensible defaults and checks on a per driver basis at the time the XML is parsed. Two callback pointers are stored in the new virDomainXMLConf object: * virDomainDeviceDefPostParseCallback (devicesPostParseCallback) - called for a single device parsed and for every single device in a domain config. A virDomainDeviceDefPtr is passed along with the domain definition and virCaps. * virDomainDefPostParseCallback, (domainPostParseCallback) - A callback that is meant to process the domain config after it's parsed. A virDomainDefPtr is passed along with virCaps. Both types of callbacks support arbitrary opaque data passed for the callback functions. Errors may be reported in those callbacks resulting in a XML parsing failure.
-
由 Peter Krempa 提交于
This patch is the result of running: for i in $(git ls-files | grep -v html | grep -v \.po$ ); do sed -i -e "s/virDomainXMLConf/virDomainXMLOption/g" -e "s/xmlconf/xmlopt/g" $i done and a few manual tweaks.
-
- 04 4月, 2013 4 次提交
-
-
由 Daniel P. Berrange 提交于
The sysinfo code used by QEMU is trivially portable to the LXC driver
-
由 Daniel P. Berrange 提交于
This reverts commit c9c87376. Now that we force all containers to have a root filesystem, there is no way the host's /dev is ever exposed Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently the LXC container code has two codepaths, depending on whether there is a <filesystem> element with a target path of '/'. If we automatically add a <filesystem> device with src=/ and dst=/, for any container which has not specified a root filesystem, then we only need one codepath for setting up the filesystem. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Early on kernel support for private devpts was not widespread, so we had compatibiltiy codepaths. Such old kernels are not seriously used for LXC these days, so the compat code can go away Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 23 3月, 2013 5 次提交
-
-
由 Martin Kletzander 提交于
When the container has the same '/dev' mount as host (no chroot), calling domainShutdown(WithFlags) shouldn't shutdown the host it is running on.
-
由 Daniel P. Berrange 提交于
For a root filesystem with type=file or type=block, the LXC container was forgetting to actually mount it, before doing the pivot root step. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently the lxc controller sets up the devpts instance on $rootfsdef->src, but this only works if $rootfsdef is using type=mount. To support type=block or type=file for the root filesystem, we must use /var/lib/libvirt/lxc/$NAME.devpts for the temporary devpts mount in the controller
-
由 Daniel P. Berrange 提交于
Instead of using /var/lib/libvirt/lxc/$NAME for the FUSE filesystem, use /var/lib/libvirt/lxc/$NAME.fuse. This allows room for other temporary mounts in the same directory
-
由 Daniel P. Berrange 提交于
Some of the LXC callbacks did not lock the virDomainObjPtr instance. This caused transient errors like error: Failed to start domain busy-mount error: cannot rename file '/var/run/libvirt/lxc/busy-mount.xml.new' as '/var/run/libvirt/lxc/busy-mount.xml': No such file or directory as 2 threads tried to update the status file concurrently Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 22 3月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
The 'nodeset' variable was never initialized, causing a later VIR_FREE(nodeset) to free uninitialized memory. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 20 3月, 2013 3 次提交
-
-
由 Gao feng 提交于
This patch adds cpuset cgroup support for LXC. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Gao feng 提交于
Intend to reduce the redundant code,use virNumaSetupMemoryPolicy to replace virLXCControllerSetupNUMAPolicy and qemuProcessInitNumaMemoryPolicy. This patch also moves the numa related codes to the file virnuma.c and virnuma.h Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Gao feng 提交于
Allow lxc using the advisory nodeset from querying numad, this means if user doesn't specify the numa nodes that the lxc domain should assign to, libvirt will automatically bind the lxc domain to the advisory nodeset which queried from numad. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
- 19 3月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
The LXC controller is closing loop devices as soon as the container has started. This is fine if the loop device was setup as a mounted filesystem, but if we're just passing through the loop device as a disk, nothing else is keeping it open. Thus we must keep the loop device FDs open for as long the libvirt_lxc process is running. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently the LXC controller creates the cgroup, configures the resources and adds the task all in one go. This is not sufficiently flexible for the forthcoming NBD integration. We need to make sure the NBD process gets into the right cgroup immediately, but we can not have limits (in particular the device ACL) applied at the point where we start qemu-nbd. So create a virLXCCgroupCreate method which creates the cgroup and adds the current task to be called early, and leave virLXCCgroupSetup to only do resource config. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 14 3月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
The naming used in the RPC protocols for the LXC monitor and lock daemon confused the script used to generate systemtap helper functions. Rename the LXC monitor protocol symbols to reduce confusion. Adapt the gensystemtap.pl script to cope with the LXC monitor / lock daemon naming conversions. This has no functional impact on RPC wire protocol, since names are only used in the C layer Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
If an LXC domain failed to start because of a bogus SELinux label, virLXCProcessStart would call VIR_CLOSE(0) by mistake. This is because the code which initializes the member of the ttyFDs array to -1 got moved too far away from the place where the array is first allocated. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 13 3月, 2013 3 次提交
-
-
由 Daniel P. Berrange 提交于
In some startup failure modes, the fuse thread may get itself wedged. This will cause the entire libvirt_lxc process to hang trying to the join the thread. There is no compelling reason to wait for the thread to exit if the whole process is exiting, so just daemonize the fuse thread instead. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The virDomainGetSecurityLabel method is currently (mistakenly) showing the label of the libvirt_lxc process: ...snip... Security model: selinux Security DOI: 0 Security label: system_u:system_r:virtd_t:s0-s0:c0.c1023 (permissive) when it should be showing the init process label ...snip... Security model: selinux Security DOI: 0 Security label: system_u:system_r:svirt_t:s0:c724,c995 (permissive)
-
由 Peter Krempa 提交于
The virCaps structure gathered a ton of irrelevant data over time that. The original reason is that it was propagated to the XML parser functions. This patch aims to create a new data structure virDomainXMLConf that will contain immutable data that are used by the XML parser. This will allow two things we need: 1) Get rid of the stuff from virCaps 2) Allow us to add callbacks to check and add driver specific stuff after domain XML is parsed. This first attempt removes pointers to private data allocation functions to this new structure and update all callers and function that require them.
-
- 12 3月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
When setting up disks with loop devices for LXC, one of the switch cases was missing a 'break' causing it to fallthrough to an error condition. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 11 3月, 2013 2 次提交
-
-
由 Guido Günther 提交于
these were missed by 63f18f37
-
由 Guido Günther 提交于
otherwise we crash with #0 virUSBDeviceListFind (list=0x0, dev=dev@entry=0x8193d70) at util/virusb.c:526 #1 0xb1a4995b in virLXCPrepareHostdevUSBDevices (driver=driver@entry=0x815d9a0, name=0x815dbf8 "debian-700267", list=list@entry=0x81d8f08) at lxc/lxc_hostdev.c:88 #2 0xb1a49fce in virLXCPrepareHostUSBDevices (def=0x8193af8, driver=0x815d9a0) at lxc/lxc_hostdev.c:261 #3 virLXCPrepareHostDevices (driver=driver@entry=0x815d9a0, def=0x8193af8) at lxc/lxc_hostdev.c:328 #4 0xb1a4c5b1 in virLXCProcessStart (conn=0x817d3f8, driver=driver@entry=0x815d9a0, vm=vm@entry=0x8190908, autoDestroy=autoDestroy@entry=false, reason=reason@entry=VIR_DOMAIN_RUNNING_BOOTED) at lxc/lxc_process.c:1068 #5 0xb1a57e00 in lxcDomainStartWithFlags (dom=dom@entry=0x815e460, flags=flags@entry=0) at lxc/lxc_driver.c:1014 #6 0xb1a57fc3 in lxcDomainStart (dom=0x815e460) at lxc/lxc_driver.c:1046 #7 0xb79c8375 in virDomainCreate (domain=domain@entry=0x815e460) at libvirt.c:8450 #8 0x08078959 in remoteDispatchDomainCreate (args=0x81920a0, rerr=0xb65c21d0, client=0xb0d00490, server=<optimized out>, msg=<optimized out>) at remote_dispatch.h:1066 #9 remoteDispatchDomainCreateHelper (server=0x80c4928, client=0xb0d00490, msg=0xb0d005b0, rerr=0xb65c21d0, args=0x81920a0, ret=0x815d208) at remote_dispatch.h:1044 #10 0xb7a36901 in virNetServerProgramDispatchCall (msg=0xb0d005b0, client=0xb0d00490, server=0x80c4928, prog=0x80c6438) at rpc/virnetserverprogram.c:432 #11 virNetServerProgramDispatch (prog=0x80c6438, server=server@entry=0x80c4928, client=0xb0d00490, msg=0xb0d005b0) at rpc/virnetserverprogram.c:305 #12 0xb7a300a7 in virNetServerProcessMsg (msg=<optimized out>, prog=<optimized out>, client=<optimized out>, srv=0x80c4928) at rpc/virnetserver.c:162 #13 virNetServerHandleJob (jobOpaque=0xb0d00510, opaque=0x80c4928) at rpc/virnetserver.c:183 #14 0xb7924f98 in virThreadPoolWorker (opaque=opaque@entry=0x80a94b0) at util/virthreadpool.c:144 #15 0xb7924515 in virThreadHelper (data=0x80a9440) at util/virthreadpthread.c:161 #16 0xb7887c39 in start_thread (arg=0xb65c2b70) at pthread_create.c:304 #17 0xb77eb78e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130 when adding a domain with a usb device. This is Debian bug http://bugs.debian.org/700267
-
- 09 3月, 2013 1 次提交
-
-
由 Guido Günther 提交于
This fixes the build on Debian Wheezy which otherwise fails with: CC libvirt_driver_lxc_impl_la-lxc_process.lo lxc/lxc_process.c: In function 'virLXCProcessGetNsInode': lxc/lxc_process.c:648:5: error: implicit declaration of function 'stat' [-Werror=implicit-function-declaration] lxc/lxc_process.c:648:5: error: nested extern declaration of 'stat' [-Werror=nested-externs] cc1: all warnings being treated as errors
-
- 08 3月, 2013 5 次提交
-
-
由 Daniel P. Berrange 提交于
To allow the efficient correlation of container audit messages with host hosts, include the pid namespace inode in audit messages.
-
由 Daniel P. Berrange 提交于
By using a loopback device, disks backed by plain files can be made available to LXC containers. We make no attempt to auto-detect format if <driver type="raw"/> is not set, instead we unconditionally treat that as meaning raw. This is to avoid the security issues inherent with format auto-detection Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Minor re-factoring of code for setting up loop devices in the LXC controller Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently we rely on a VIR_ERROR message being logged by the virRaiseError function to report LXC startup errors. This gives the right message, but is rather ugly and can be truncated if lots of log messages are written. Change the LXC controller to explicitly print any virErrorPtr message to stderr. Then change the driver to skip over anything that looks like a log message. The result is that this error: Failed to start domain busy error: internal error guest failed to start: 2013-03-04 19:46:42.846+0000: 1734: info : libvirt version: 1.0.2 2013-03-04 19:46:42.846+0000: 1734: error : virFileLoopDeviceAssociate:600 : Unable to open /root/disk.raw: No such file or directory changes to error: Failed to start domain busy error: internal error guest failed to start: Unable to open /root/disk.raw: No such file or directory Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
In the LXC container startup code when switching stdio streams, we call VIR_FORCE_CLOSE on all FDs. This triggers a huge number of warnings, but we don't see them because stdio is closed at this point. strace() however shows them which can confuse people debugging the code. Switch to VIR_MASS_CLOSE to avoid this Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-