Currently, we support only filling a volume with zeroes on wiping.
However, it is not enough as data might still be readable by
experienced and equipped attacker. Many technical papers have been
written, therefore we should support other wiping algorithms.
Extend the 'shutdown' and 'reboot' methods so that they both
accept a new argument
--mode acpi|agent
* tools/virsh.c: New args for shutdown/reboot
* tools/virsh.pod: Document new args
Other virsh domifXXX commands can accept target name
as a parameter to specify interface. From viewpoint of
consistency, virsh domif-getlink command should accept
target name as a parameter. This patch achieves this.
Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
Although this is a public API break, it only affects users that
were compiling against *_LAST values, and can be trivially
worked around without impacting compilation against older
headers, by the user defining VIR_ENUM_SENTINELS before using
libvirt.h. It is not an ABI break, since enum values do not
appear as .so entry points. Meanwhile, it prevents users from
using non-stable enum values without explicitly acknowledging
the risk of doing so.
See this list discussion:
https://www.redhat.com/archives/libvir-list/2012-January/msg00804.html
* include/libvirt/libvirt.h.in: Hide all sentinels behind
LIBVIRT_ENUM_SENTINELS, and add missing sentinels.
* src/internal.h (VIR_DEPRECATED): Allow inclusion after
libvirt.h.
(LIBVIRT_ENUM_SENTINELS): Expose sentinels internally.
* daemon/libvirtd.h: Use the sentinels.
* src/remote/remote_protocol.x (includes): Don't expose sentinels.
* python/generator.py (enum): Likewise.
* tests/cputest.c (cpuTestCompResStr): Silence compiler warning.
* tools/virsh.c (vshDomainStateReasonToString)
(vshDomainControlStateToString): Likewise.
Preparation for another patch that refactors common patterns
into the new file for fewer lines of code overall.
* src/util/util.h (virTypedParameterArrayClear): Move...
* src/util/virtypedparam.h: ...to new file.
(virTypedParameterArrayValidate, virTypedParameterAssign): New
prototypes.
* src/util/util.c (virTypedParameterArrayClear): Likewise.
* src/util/virtypedparam.c: New file.
* po/POTFILES.in: Mark file for translation.
* src/Makefile.am (UTIL_SOURCES): Build it.
* src/libvirt_private.syms (util.h): Split...
(virtypedparam.h): to new section.
(virkeycode.h): Sort.
* daemon/remote.c: Adjust callers.
* tools/virsh.c: Likewise.
When using "virsh domifstat" command or "virsh domiftune" command,
we pass an interface name as a parameter, so interface name is
important.
"virsh domiflist" output should display interface names
on the first row.
Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
Disk "type" and "device" are generally interesting stuff the
user may want to known, too. To not break any scripts which
parsed the output field, a new option "--details" is introduced
to output the two introduced fields.
Domain IDs are at least 16 bits for most hypervisors, theoretically
event 32-bits. 3 characters is clearly too small an alignment.
Increase alignment to 5 characters to allow 16-bit domain IDs to
display cleanly. Commonly seen with LXC where domain IDs are the
process IDs by default. Also increase the 'name' field from 20
to 30 characters to cope with longer guest names which are quite
common
Just like command "domblklist", the command extracts "type",
"source", "target", "model", and "MAC" of all virtual interfaces
from domain XML (live or persistent).
When running virsh migrate with --xml option and actual xml file doesn't
exist, virsh hasn't output any error information, although return value
is 1.
* tools/virsh.c: Raising a appropriate error information when operation fails.
* How to reproduce?
% virsh migrate <domain> --live qemu+ssh://<target host>/system --xml non-existent.xml
% echo $?
* Fixed result:
error: file 'non-existent.xml' doesn't exist
Signed-off-by: Alex Jia <ajia@redhat.com>
When disk snapshots were first implemented, libvirt blindly refused
to allow an external snapshot destination that already exists, since
qemu will blindly overwrite the contents of that file during the
snapshot_blkdev monitor command, and we don't like a default of
data loss by default. But VDSM has a scenario where NFS permissions
are intentionally set so that the destination file can only be
created by the management machine, and not the machine where the
guest is running, so that libvirt will necessarily see the destination
file already existing; adding a flag will allow VDSM to force the file
reuse without libvirt complaining of possible data loss.
https://bugzilla.redhat.com/show_bug.cgi?id=767104
* include/libvirt/libvirt.h.in (virDomainSnapshotCreateFlags): Add
VIR_DOMAIN_SNAPSHOT_CREATE_REUSE_EXT.
* src/libvirt.c (virDomainSnapshotCreateXML): Document it. Add
note about partial failure.
* tools/virsh.c (cmdSnapshotCreate, cmdSnapshotCreateAs): Add new
flag.
* tools/virsh.pod (snapshot-create, snapshot-create-as): Document
it.
* src/qemu/qemu_driver.c (qemuDomainSnapshotDiskPrepare)
(qemuDomainSnapshotCreateXML): Implement the new flag.
virshReportError() function frees the most recent error reported from
libvirt. Condition that checks if connection to the daemon was broken
during last command was then limited to check for SIGPIPE signal not
taking into account possible errors signalized without SIGPIPE.
This patch moves the check before the error is freed, to take into
account code that does not emit SIGPIPE while failing.
* tools/virsh.c: - move check for broken connection before error print.
Add a new command domiftune to get/set interface parameters.
* tools/virsh.c: implement the new command
* tools/virsh.pod: documentation of the new command
Trivial patch, move version command to host commands group.
It has no any related with any domain.
It may connect to the daemon, so the flag is 0 but not VSH_CMD_FLAG_NOCONNECT.
Virsh's echo command looks not having any relations with domains and its
description should go into the generic commands section instead of the
domain commands section (current).
Virsh's send-key command manipulates domains and its description should
go into the domain commands section instead of generic commands section
(current).
called vshWatchJob. This can be later used in other
job oriented commands like dump, save, managedsave
to report progress and allow user to cancel via ^C.
Detected by valgrind. Leaks introduced in commit 4d5383f.
* tools/virsh.c: fix memory leaks on cmdDomXMLFromNative and cmdDomXMLToNative.
* how to reproduce?
% virsh dumpxml ${guest} > foo.xml
% valgrind -v --leak-check=full virsh domxml-from-native qemu-argv foo.xml
% valgrind -v --leak-check=full virsh domxml-to-native qemu-argv foo.xml
* actual valgrind results:
==9724== 8,193 bytes in 1 blocks are definitely lost in loss record 31 of 33
==9724== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==9724== by 0x4A06167: realloc (vg_replace_malloc.c:525)
==9724== by 0x4C7510B: virReallocN (memory.c:161)
==9724== by 0x4C84679: virFileReadLimFD (util.c:394)
==9724== by 0x4C84815: virFileReadAll (util.c:455)
==9724== by 0x41A89F: cmdDomXMLFromNative (virsh.c:5532)
==9724== by 0x414872: vshCommandRun (virsh.c:16464)
==9724== by 0x425623: main (virsh.c:17971)
==9724==
==9724== LEAK SUMMARY:
==9724== definitely lost: 8,193 bytes in 1 blocks
==9724== indirectly lost: 0 bytes in 0 blocks
==9724== possibly lost: 0 bytes in 0 blocks
==9724== still reachable: 127,128 bytes in 1,347 blocks
==7409== 8,193 bytes in 1 blocks are definitely lost in loss record 31 of 33
==7409== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==7409== by 0x4A06167: realloc (vg_replace_malloc.c:525)
==7409== by 0x4C7510B: virReallocN (memory.c:161)
==7409== by 0x4C84679: virFileReadLimFD (util.c:394)
==7409== by 0x4C84815: virFileReadAll (util.c:455)
==7409== by 0x41A7AF: cmdDomXMLToNative (virsh.c:5578)
==7409== by 0x414892: vshCommandRun (virsh.c:16463)
==7409== by 0x425633: main (virsh.c:17970)
==7409==
==7409== LEAK SUMMARY:
==7409== definitely lost: 8,193 bytes in 1 blocks
==7409== indirectly lost: 0 bytes in 0 blocks
==7409== possibly lost: 0 bytes in 0 blocks
==7409== still reachable: 127,128 bytes in 1,347 blocks
Signed-off-by: Alex Jia <ajia@redhat.com>
Using 'virReallocN' to allocate memory on virConsoleEventOnStdin,
virConsoleEventOnStdout and virConsoleEventOnStream, however, the
cleanup function virConsoleShutdown hasn't released these memory.
* tools/console.c: fix memory leaks on virConsoleShutdown.
https://bugzilla.redhat.com/show_bug.cgi?id=767488
Signed-off-by: Alex Jia <ajia@redhat.com>
No need to repeat code for formatting typed parameters.
* tools/virsh.c (vshGetTypedParamValue): Support strings, and exit
on OOM.
(cmdSchedinfo, cmdBlkiotune, cmdMemtune, cmdBlkdeviotune): Use
it for less code.
Add an option for virsh undefine command, to remove associated storage
volumes while undefining a domain. This patch allows the user to remove
associated (libvirt managed ) storage volumes while undefining a domain.
The new option --storage for the undefine command takes a string
argument that consists of comma separated list of target or source path
of volumes to be undefined. Volumes are removed after the domain has
been successfully undefined,
If a volume is not part of a storage pool, the user is warned to remove
the volume in question himself.
Option --wipe-storage may be specified along with this, that ensures
the image is wiped before removing.
Option --remove-all-storage enables the user to remove all storage. The
name is chosen long as the users should be aware what they're about to
do.
I was wondering why 'virsh edit' didn't support the same
'--inactive' option as 'virsh dumpxml'; reading the source
code showed that --inactive was already implied, and that
the only way to alter a running guest rather than affecting
next boot is by hot-plugging individual devices, or by
something complex like saving the guest and modifying the
save image.
* tools/virsh.pod (define, edit): Mention behavior when guest is
already running.
If parsing of arguments failed, virsh did silently exit returning and
error state, but not specifying the possible problem.
* tools/virsh: cmdNodesuspend: - error handling added
Commit 4d9e51f6 fixed a 'make uninstall' failure, but failed
to follow other conventions already present in src/Makefile.am.
In particular, we prefer MKDIR_P over mkdir -p, and should
have a matching rmdir during uninstall for every directory
created during install (the idea being that uninstall in a
DESTDIR should be clean, while installation in the final
system should not fail with non-empty directories left behind).
* tools/Makefile.am (install-sysconfig, install-initscript)
(install-systemd): Use MKDIR_P.
(uninstall-sysconfig, uninstall-initscript, uninstall-systemd):
Also remove directories.
* daemon/Makefile.am (install-data-local, install-data-polkit)
(install-logrotate, install-sysconfig, install-sysctl)
(install-init-redhat, install-init-upstart, install-init-systemd)
(install-data-sasl): Use MKDIR_P.
(uninstall-data-polkit, uninstall-sysconfig, uninstall-sysctl)
(uninstall-init-redhat, uninstall-init-upstart)
(uninstall-init-systemd): Also remove directory.
(uninstall-logrotate): New rule.
(uninstall-local): Add uninstall-logrotate.
Detected by valgrind. Leak introduced in commit 88a993b:
* tools/virsh.c: fix memory leak on cmdDomblklist.
* how to reproduce?
% valgrind -v --leak-check=full virsh domblklist <domain name>
* actual valgrind result:
==6573== 1,836 bytes in 1 blocks are definitely lost in loss record 110 of 124
==6573== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==6573== by 0x330D71497D: xdr_string (in /lib64/libc-2.12.so)
==6573== by 0x4D26CED: xdr_remote_nonnull_string (remote_protocol.c:30)
==6573== by 0x4D28138: xdr_remote_domain_get_xml_desc_ret (remote_protocol.c:1418)
==6573== by 0x4D3C0C2: virNetMessageDecodePayload (virnetmessage.c:382)
==6573== by 0x4D3279F: virNetClientProgramCall (virnetclientprogram.c:382)
==6573== by 0x4D0D50B: callWithFD (remote_driver.c:4339)
==6573== by 0x4D0D5AB: call (remote_driver.c:4360)
==6573== by 0x4D16EAF: remoteDomainGetXMLDesc (remote_client_bodies.h:861)
==6573== by 0x4CF9F4F: virDomainGetXMLDesc (libvirt.c:4098)
==6573== by 0x4154D9: cmdDomblklist (virsh.c:1722)
==6573== by 0x4149E2: vshCommandRun (virsh.c:16365)
==6573==
==6573== 46,009 (352 direct, 45,657 indirect) bytes in 1 blocks are definitely lost in loss record 123 of 124
==6573== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==6573== by 0x3318286DC6: xmlXPathNewContext (in /usr/lib64/libxml2.so.2.7.6)
==6573== by 0x4C79AE2: virXMLParseHelper (xml.c:779)
==6573== by 0x415512: cmdDomblklist (virsh.c:1726)
==6573== by 0x4149E2: vshCommandRun (virsh.c:16365)
==6573== by 0x427743: main (virsh.c:17867)
==6573==
==6573== LEAK SUMMARY:
==6573== definitely lost: 2,188 bytes in 2 blocks
==6573== indirectly lost: 45,657 bytes in 332 blocks
==6573== possibly lost: 0 bytes in 0 blocks
==6573== still reachable: 128,034 bytes in 1,364 blocks
==6573== suppressed: 0 bytes in 0 blocks
Signed-off-by: Alex Jia <ajia@redhat.com>
Reported by Alex Jia <ajia@redhat.com>. Function cmdDomIfGetLink did not
set a success return value on success path.
Signed-off-by: Alex Jia<ajia@redhat.com>
Detected by valgrind. Leak introduced in commit dc675f3:
* tools/virsh.c: fix memory leak on cmdDomIfGetLink.
* how to reproduce?
% valgrind -v --leak-check=full virsh domif-getlink <domain name> 0
* actual valgrind result:
==13102== 18 bytes in 1 blocks are definitely lost in loss record 9 of 47
==13102== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==13102== by 0x322A6A67DD: xmlStrndup (in /usr/lib64/libxml2.so.2.7.6)
==13102== by 0x414892: cmdDomIfGetLink (virsh.c:1538)
==13102== by 0x4136A2: vshCommandRun (virsh.c:16363)
==13102== by 0x4253FB: main (virsh.c:17865)
==13102==
==13102== LEAK SUMMARY:
==13102== definitely lost: 18 bytes in 1 blocks
==13102== indirectly lost: 0 bytes in 0 blocks
==13102== possibly lost: 0 bytes in 0 blocks
==13102== still reachable: 127,888 bytes in 1,361 blocks
==13102== suppressed: 0 bytes in 0 blocks
Signed-off-by: Alex Jia <ajia@redhat.com>
Detected by valgrind. Leak introduced in commit e9bd9a0:
* tools/virsh.c: fix memory leak on cmdBlkdeviotune.
* how to reproduce?
% valgrind -v --leak-check=full virsh blkdeviotune <domain name> <block device>
* actual valgrind result:
==12759== 576 bytes in 1 blocks are definitely lost in loss record 18 of 29
==12759== at 0x4A04A28: calloc (vg_replace_malloc.c:467)
==12759== by 0x42134E: _vshCalloc.clone.2 (virsh.c:422)
==12759== by 0x4217CB: cmdBlkdeviotune (virsh.c:6364)
==12759== by 0x4136A2: vshCommandRun (virsh.c:16363)
==12759== by 0x4253FB: main (virsh.c:17865)
==12759==
==12759== LEAK SUMMARY:
==12759== definitely lost: 576 bytes in 1 blocks
==12759== indirectly lost: 0 bytes in 0 blocks
==12759== possibly lost: 0 bytes in 0 blocks
==12759== still reachable: 126,964 bytes in 1,342 blocks
==12759== suppressed: 0 bytes in 0 blocks
Signed-off-by: Alex Jia <ajia@redhat.com>
The installation rules for the libvirt-guests.service were
totally broken
- Installing in the wrong location
- The location was not overridable
- The install-systemd rule was not invoked anywhere
- The install-systemd rule was not invoking install-initscript
which it depends on
- The installed service file lacked a .service extension
* tools/Makefile.am: Fix install of libvirt-guests.service
On RHEL 5, with libxml2-2.6.26, the build failed with:
virsh.c: In function 'vshNodeIsSuperset':
virsh.c:11951: warning: implicit declaration of function 'xmlChildElementCount'
(or if warnings aren't errors, a link failure later on).
* src/util/xml.h (virXMLChildElementCount): New prototype.
* src/util/xml.c (virXMLChildElementCount): New function.
* src/libvirt_private.syms (xml.h): Export it.
* tools/virsh.c (vshNodeIsSuperset): Use it.
https://bugzilla.redhat.com/show_bug.cgi?id=648855 mentioned a
misuse of 'an' where 'a' is proper; that has since been fixed,
but a search found other problems (some were a spelling error for
'and', while most were fixed by 'a').
* daemon/stream.c: Fix grammar.
* src/conf/domain_conf.c: Likewise.
* src/conf/domain_event.c: Likewise.
* src/esx/esx_driver.c: Likewise.
* src/esx/esx_vi.c: Likewise.
* src/rpc/virnetclient.c: Likewise.
* src/rpc/virnetserverprogram.c: Likewise.
* src/storage/storage_backend_fs.c: Likewise.
* src/util/conf.c: Likewise.
* src/util/dnsmasq.c: Likewise.
* src/util/iptables.c: Likewise.
* src/xen/xen_hypervisor.c: Likewise.
* src/xen/xend_internal.c: Likewise.
* src/xen/xs_internal.c: Likewise.
* tools/virsh.c: Likewise.
Currently virsh supports only ^] as escape character for console.
However, some users might want to use something else. This patch
creates such ability by specifying '-e' switch on virsh command
line.
Not only was ctl->quit accessed without a mutex but unfortunately,
virEventAddTimeout only interrupts the poll when event loop is running
so the hack needs to add a timeout that will make next poll return
immediately without blocking.
Prior to this patch, for a running dom, the commands:
$ virsh blkiotune dom --device-weights /dev/sda,502,/dev/sdb,498
$ virsh blkiotune dom --device-weights /dev/sda,503
$ virsh blkiotune dom
weight : 500
device_weight : /dev/sda,503
claim that /dev/sdb no longer has a non-default weight, but
directly querying cgroups says otherwise:
$ cat /cgroup/blkio/libvirt/qemu/dom/blkio.weight_device
8:0 503
8:16 498
After this patch, an explicit 0 is required to remove a device path
from the XML, and omitting a device path that was previously
specified leaves that device path untouched in the XML, to match
cgroups behavior.
* src/qemu/qemu_driver.c (parseBlkioWeightDeviceStr): Rename...
(qemuDomainParseDeviceWeightStr): ...and use correct type.
(qemuDomainSetBlkioParameters): After parsing string, modify
rather than replacing existing table.
* tools/virsh.pod (blkiotune): Tweak wording.
Support virsh command blkdeviotune. Can set or query a block disk
I/O throttle setting.
Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>
Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
This adds per-device weights to <blkiotune>. Note that the
cgroups implementation only supports weights per block device,
and not per-file within the device; hence this option must be
global to the domain definition rather than tied to individual
<devices>/<disk> entries:
<domain ...>
<blkiotune>
<device>
<path>/path/to/block</path>
<weight>1000</weight>
</device>
</blkiotune>
..
This patch also adds a parameter --device-weights to virsh command
blkiotune for setting/getting blkiotune.weight_device for any
hypervisor that supports it. All <device> entries under
<blkiotune> are concatenated into a single string attribute under
virDomain{Get,Set}BlkioParameters, named "device_weight".
Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
If both nodes do not have any children, we pass zero to
virBitmapAlloc which returns NULL. In turn we report OOM error
and return false (meaning nodes are different). This is not true.
Up to now users have to give a full XML description on input when
device-detaching. If they omitted something it lead to unclear
error messages (like generated MAC wasn't found, etc.).
With this patch users can specify only those information which
specify one device sufficiently precise. Remaining information is
completed from domain.
This patch adds support for a systemd init service for libvirtd
and libvirt-guests. The libvirtd.service is *not* written to use
socket activation, since we want libvirtd to start on boot so it
can do guest auto-start.
The libvirt-guests.service is pretty lame, just exec'ing the
original init script for now. Ideally we would factor out the
functionality, into some shared tool.
Instead of
./configure --with-init-script=redhat
You can now do
./configure --with-init-script=systemd
Or better still:
./configure --with-init-script=systemd+redhat
We can also now support install of the upstart init script
* configure.ac: Add systemd, and systemd+redhat options to
--with-init-script option
* daemon/Makefile.am: Install systemd services
* daemon/libvirtd.sysconf: Add note about unused env variable
with systemd
* daemon/libvirtd.service.in: libvirtd systemd service unit
* libvirt.spec.in: Add scripts to installing systemd services
and migrating from legacy init scripts
* tools/Makefile.am: Install systemd services
* tools/libvirt-guests.init.sh: Rename to tools/libvirt-guests.init.in
* tools/libvirt-guests.service.in: systemd service unit
One of the top questions by libvirt users is how to create a host
bridge device so that guests can be directly on the physical
network. There are several example documents that explain how to do
this manually, but following them often results in confusion and
failure. virt-manager does a good job of creating a bridge based on an
existing network device, but not everyone wants to use virt-manager.
This patch adds a new command, iface-bridge that makes it just about
as simple as possible to create a new bridge device based on an
existing ethernet/vlan/bond device (including associating IP
configuration with the bridge rather than the now-attached device),
and start that new bridge up ready for action, eg:
virsh iface-bridge eth0 br0
For symmetry's sake, it also adds a command to remove a device from a
bridge, restoring the IP config to the now-unattached device:
virsh iface-unbridge br0
(I had a short debate about whether to do "iface-unbridge eth0"
instead, but that would involve searching through all bridge devices
for the one that contained eth0, which seems like a bit too much
trouble).
NOTE: These two commands require that the netcf library be available
on the host. Hopefully this will provide some extra incentive for
people using suse, debian, ubuntu, and other similar systems to polish
up (and push downstream) the ports to those distros recently pushed to
the upstream netcf repo by Dan Berrange. Anyone interested in helping
with that effort in any way should join the netcf-devel mailing list
(subscription info at
https://fedorahosted.org/mailman/listinfo/netcf-devel)
During creation of the bridge, it's possible to specify whether or not
the STP protocol should be started up on the bridge and, if so, how
many seconds the bridge should squelch traffic from newly added
devices while learning new topology (defaults are stp='on' and
delay='0', which seems to usually work best for bridges used in the
context of libvirt guests).
There is also an option to not immediately start the bridge (and a
similar option to not immediately start the un-attached device after
destroying the bridge. Default is to start the new device, because in
the case of iface-unbridge not starting is strongly discouraged as it
will leave the system with no network connectivity on that interface
(because it's necessary to destroy/undefine the bridge device before
the unattached device can be defined), and it seemed better to make
the option for iface-bridge behave consistently.
NOTE TO THOSE TRYING THESE COMMANDS FOR THE FIRST TIME: to guard
against any "unexpected" change to configuration, it is advisable to
issue an "virsh iface-begin" command before starting any interface
config changes, and "virsh iface-commit" only after you've verified
that everything is working as you expect. If something goes wrong,
you can always run "virsh iface-rollback" or reboot the system (which
should automatically do iface-rollback).
Aside from adding the code for these two functions, and the two
entries into the command table, the only other change to virsh.c was
to add the option name to vshCommandOptInterfaceBy(), because the
iface-unbridge command names its interface option as "bridge".
virsh.pod has also been updated with short descriptions of these two
new commands.
The src/util/network.c file is a dumping ground for many different
APIs. Split it up into 5 pieces, along functional lines
- src/util/virnetdevbandwidth.c: virNetDevBandwidth type & helper APIs
- src/util/virnetdevvportprofile.c: virNetDevVPortProfile type & helper APIs
- src/util/virsocketaddr.c: virSocketAddr and APIs
- src/conf/netdev_bandwidth_conf.c: XML parsing / formatting
for virNetDevBandwidth
- src/conf/netdev_vport_profile_conf.c: XML parsing / formatting
for virNetDevVPortProfile
* src/util/network.c, src/util/network.h: Split into 5 pieces
* src/conf/netdev_bandwidth_conf.c, src/conf/netdev_bandwidth_conf.h,
src/conf/netdev_vport_profile_conf.c, src/conf/netdev_vport_profile_conf.h,
src/util/virnetdevbandwidth.c, src/util/virnetdevbandwidth.h,
src/util/virnetdevvportprofile.c, src/util/virnetdevvportprofile.h,
src/util/virsocketaddr.c, src/util/virsocketaddr.h: New pieces
* daemon/libvirtd.h, daemon/remote.c, src/conf/domain_conf.c,
src/conf/domain_conf.h, src/conf/network_conf.c,
src/conf/network_conf.h, src/conf/nwfilter_conf.h,
src/esx/esx_util.h, src/network/bridge_driver.c,
src/qemu/qemu_conf.c, src/rpc/virnetsocket.c,
src/rpc/virnetsocket.h, src/util/dnsmasq.h, src/util/interface.h,
src/util/iptables.h, src/util/macvtap.c, src/util/macvtap.h,
src/util/virnetdev.h, src/util/virnetdevtap.c,
tools/virsh.c: Update include files
As the description of removing CDROM media from
http://wiki.libvirt.org/page/QEMUSwitchToLibvirt#eject_DEV
Add flag 'VSH_OFLAG_EMPTY_OK' to the option 'source' of attach-disk
Then avoid outputting <source> in the XML if 'source' was empty,
rather than trusting libvirt domain_conf.c to understand an empty
string.
Signed-off-by: Xu He Jie <xuhj@linux.vnet.ibm.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
If vol-create-from is failed due to 'input volume not found',
virsh outputs like this:
$ sudo virsh vol-create-from testpool test-vol.xml test.img
error: failed to get vol 'test.img', specifying --pool might help
error: Storage volume not found: no storage vol with matching path
However, '--pool' is incorrect because it is already specified as
second argument ('testpool' in this case). It should be "--inputpool".
The patch fixes this by using pooloptname, which will be "inputpool"
in this case and "pool" in other cases, as error message.
We have a new vol type "dir" in addition to "file" and "block", but
virsh doesn't know it. Fix it.
Additionally, the patch lets virsh output "unknown" if not matched
any of them.
Clarify some of the effects of managed passthrough <hostdev> devices;
with recent changes (commit d093547), a nodedev-reattach is only needed
to pair up to an explicit nodedev-dettach (but beware that older
virt-manager has a bug where it uses explicit nodedev-dettach under the
hood when using the gui to hotplug a hostdev device).
* docs/formatdomain.html.in: Mention reattach.
* tools/virsh.pod (nodedev): Mention managed mode.
Rather than having to do:
$ virsh snapshot-revert dom $(virsh snapshot-current dom --name)
I thought it would be nice to do:
$ virsh snapshot-revert dom --current
I didn't add 'virsh snapshot-dumpxml --current' since we already have
'virsh snapshot-current' for the same task. snapshot-list accepted
a name but did not require it, and that remains the case, with
--current serving in place of that name. For all other commands,
name used to be required, and can now be replaced by --current;
I intentionally made it so that omitting both --current and a name
is an error (having the absence of a name imply --current seems
just a bit too magic, so --current must be explicit). I also had
to keep snapshot-edit backwards-compatible, as the only command
that already had a --current argument alongside a name, which still
works to both edit a named snapshot and make it current.
* tools/virsh.c (vshLookupSnapshot): New helper function.
(cmdSnapshotEdit, cmdSnapshotList, cmdSnapshotParent)
(cmdSnapshotDelete, cmdDomainSnapshotRevert): Use it, adding an
option where needed.
* tools/virsh.pod (snapshot-delete, snapshot-edit)
(snapshot-list, snapshot-parent, snapshot-revert): Document
use of --current.
(snapshot-dumpxml): Mention alternative.
I got these distcheck failures with sanlock enabled:
ERROR: files left in build directory after distclean:
./tools/virt-sanlock-cleanup
./src/locking/qemu-sanlock.conf
* src/Makefile.am (DISTCLEANFILES) [HAVE_SANLOCK]: Clean built
file.
* tools/Makefile.am (DISTCLEANFILES): Likewise.
Given a list of snapshots and their parents, finding all descendants
requires a hairy traversal. This code is O(n^3); it could maybe be
made to scale O(n^2) with the use of a hash table, but that costs more
memory. Hopefully there aren't too many people with a hierarchy
so large as to approach REMOTE_DOMAIN_SNAPSHOT_LIST_NAMES_MAX (1024).
* tools/virsh.c (cmdSnapshotList): Add final fallback.
Iterating over one level of children requires parsing all snapshots
and their parents; a bit of code shuffling makes it pretty easy
to do this as well.
* tools/virsh.c (cmdSnapshotList): Add another fallback.
Emulating --from requires grabbing the entire list of snapshots
and their parents, and recursively iterating over the list from
the point of interest - but we already do that for --tree. This
turns on emulation for that situation.
* tools/virsh.c (__vshControl): Rename member.
(vshReconnect, cmdConnect, vshGetSnapshotParent): Update clients.
(cmdSnapshotList): Add fallback.
Sometimes, we only care about one branch of the snapshot hierarchy.
Make it easier to list a single branch, by using the new APIs.
Technically, I could emulate these new virsh options on old servers
by doing a complete dump, then scraping xml to filter out just the
snapshots that I care about, but I didn't want to do that in this patch.
* tools/virsh.c (cmdSnapshotList): Add --from, --descendants.
* tools/virsh.pod (snapshot-list): Document them.
I was a bit surprised that 'virsh snapshot-edit dom name' silently
allowed me to clone things, while still telling me the old name,
especially since other commands like 'virsh edit dom' reject rename
attempts (*). This fixes things to be more explicit (**).
(*) Technically, 'virsh edit dom' relies on virDomainDefineXML
behavior, which rejects attempts to mix a new name with existing
uuid or new uuid with existing name, but you can create a new
domain by changing both uuid and name. On the other hand, while
snapshot-edit --clone is a true clone, creating a new domain
would also have to decide whether to clone snapshot metadata,
managed save, and any other secondary data related to the domain.
Domain renames are not trivial either.
(**) Renaming or creating a clone is still a risky proposition -
for offline snapshots and system checkpoints, if the new name
does not match an actual name recorded in the qcow2 internal
snapshots, then you cannot revert to the new checkpoint. But it
is assumed that anyone using the new virsh flags knows what they
are doing, and can deal with the fallout caused by a rename/clone;
that is, we can't completely prevent a user from shooting
themselves in the foot, so much as we are making the default
action less risky.
* tools/virsh.c (cmdSnapshotEdit): Add --rename, --clone.
* tools/virsh.pod (snapshot-edit): Document them.
virsh undefine command can now undefine an active guest, but the help information is still the old.
This patch modifies it and make it coincident to the manpage of virsh.
Signed-off-by: tangchen <tangchen@cn.fujitsu.com>
It was impossible for 'virsh snapshot-current dom name' to set name
as the current snapshot, if name is a disk-only snapshot.
Using strstr rather than full-blown xml parsing is safe, since the
xml is assumed to be well-formed coming from libvirtd rather than
arbitrary text coming from the user.
* tools/virsh.c (cmdSnapshotCurrent, cmdSnapshotEdit): Pass
disk_only flag when redefining a disk snapshot.
Although reverting to a snapshot is a form of data loss, this is
normally expected. However, there are two cases where additional
surprises (failure to run the reverted state, or a break in
connectivity to the domain) can come into play. Requiring extra
acknowledgment in these cases will make it less likely that
someone can get into an unrecoverable state due to a default revert.
Also create a new error code, so users can distinguish when forcing
would make a difference, rather than having to blindly request force.
* include/libvirt/libvirt.h.in (VIR_DOMAIN_SNAPSHOT_REVERT_FORCE):
New flag.
* src/libvirt.c (virDomainRevertToSnapshot): Document it.
* include/libvirt/virterror.h (VIR_ERR_SNAPSHOT_REVERT_RISKY): New
error value.
* src/util/virterror.c (virErrorMsg): Implement it.
* tools/virsh.c (cmdDomainSnapshotRevert): Add --force to virsh.
* tools/virsh.pod (snapshot-revert): Document it.
Previously, virsh 'snapshot-parent' and 'snapshot-current' were
completely silent in the case where the code conclusively proved
there was no parent or current snapshot, but differed in exit
status; this silence caused some confusion on whether the commands
worked. Furthermore, commit d1be48f introduced a regression where
snapshot-parent would leak output about an unknown function, but
only on the first attempt, when talking to an older server that
lacks virDomainSnapshotGetParent. This changes things to consistenly
report an error message and exit with status 1 when no snapshot
exists, and to avoid leaking unknown function warnings when using
fallbacks.
* tools/virsh.c (vshGetSnapshotParent): Alter signature, to
distinguish between real error and missing parent. Don't pollute
last_error on success.
(cmdSnapshotParent): Adjust caller. Always output message on
failure.
(cmdSnapshotList): Adjust caller.
(cmdSnapshotCurrent): Always output message on failure.
error:could not take a screenshot of xp
==6216== Syscall param unlink(pathname) points to unaddressable byte(s)
==6216== at 0x373A0D4937: unlink (syscall-template.S:82)
==6216== by 0x40FD73: cmdScreenshot (virsh.c:3070)
==6216== by 0x42BA0D: vshCommandRun (virsh.c:14920)
==6216== by 0x42EC97: main (virsh.c:16379)
==6216== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==6216==
error:Requested operation is not valid: domain is not running
This patch is based on a improvement suggested by Kazuhiro Kikuchi
of Fujitsu, it gives a description of the target parameter for that
command
* tools/virsh.pod: add description for target parameter of
attach-interface
The man page suggest that the cpu_shares parameter of schedinfo
allows values 0-262144, but the kernel remaps values 0 and 1 to
the minimum 2, just document that behaviour:
[root@test ~]# cat /cgroup/cpu/libvirt/qemu/cpu.shares
1024
[root@test ~]# echo 0 > /cgroup/cpu/libvirt/qemu/cpu.shares
[root@test ~]# cat /cgroup/cpu/libvirt/qemu/cpu.shares
2
[root@test ~]# echo 1 > /cgroup/cpu/libvirt/qemu/cpu.shares
[root@test ~]# cat /cgroup/cpu/libvirt/qemu/cpu.shares
2
[root@test ~]#
* tools/virsh.pod: update description of the cpu_shares parameter
to indicate the values 0 and 1 are automatically changed by the
kernel to minimal value 2
Reuse the tree listing of nodedev-list, coupled with the new helper
function to efficiently grab snapshot parent names, to produce
tree output for a snapshot hierarchy. For example:
$ virsh snapshot-list dom --tree
root1
|
+- sibling1
+- sibling2
| |
| +- grandchild
|
+- sibling3
root2
|
+- child
* tools/virsh.c (cmdSnapshotList): Add --tree.
* tools/virsh.pod (snapshot-list): Document it.
Make parent computation reusable, using virDomainSnapshotGetParent
when possible.
* tools/virsh.c (vshGetSnapshotParent): New helper.
(cmdSnapshotParent): Use it.
This section of the man page was completely missing; I stumbled on
it when I had no clue that I had to use nodedev-reattach after
I was done playing with <hostdev> device passthrough to one of my
guests.
* tools/virsh.pod (NODEDEV COMMANDS): New section.
(attach-device, detach-device): Add cross-references.
This patch cleans the cpu baseline function using new libvirt helper
functions and fixes XPath expression that selects <cpu> elements from
the source file, that can contain concatenated <capabilities> XMLs,
domain XMLs and bare <cpu> elements. The fixed XPath expression ensures
not to select NUMA <cpu id=... elements.
This patch also removes vshRealloc function, that remained unused after
cleaning up cpu-baseline.
https://bugzilla.redhat.com/show_bug.cgi?id=731645
pod2man from perl-5.8.8 (RHEL 5) errors out on ill-formed POD:
*** ERROR: unterminated I<...> at line 1114 in file virsh.pod
*** ERROR: unterminated I<...> at line 1851 in file virsh.pod
Newer pod2man appears to be more tolerant (which is a shame,
because it meant that this error is harder to detect).
* tools/virsh.pod (undefine, snapshot-current): Add missing >.
Some virsh commands start a (long-running) job that can be monitored
using domjobinfo and aborted with domjobabort. Let's be explicit about
this in virsh man page.
QEMU 0.13 introduced cache=unsafe for -drive, this patch exposes
it in the libvirt layer.
* Introduced a new QEMU capability flag ($prefix_CACHE_UNSAFE),
as even if $prefix_CACHE_V2 is set, we can't know if unsafe
is supported.
* Improved the reliability of qemu cache type detection.
Commit 0a22f54 added --min-guarantee option for the memtune command.
This option is supported only by the ESX hypervisor. This patch adds a
statement about this fact, to prevent user confusion.
This patch also adds explanation how to clear/set to unlimited the
memory tunables. (documments the -1 value).
Prior to commit 85d2810, we had an issue where:
snapshot-create-as dom name --diskspec spec --diskspec spec
failed to parse the second spec, because the first spec had marked
that option as no longer requiring an argument.
In commit 85d2810, I fixed it by making argv options no longer mark
the option as seen. But this in turn breaks mandatory argv options,
which now complain that the argv option is missing.
This patch reverts that part of 85d2810, and instead replaces it with
fixes to no longer clear opts_need_arg of an argv argument.
* tools/virsh.c (vshCmddefGetOption, vshCmddefGetData)
(vshCommandParse): Fix option parsing for required argv option.
(vshCmddefOptParse): Check that argv option is last.
* tests/virsh-optparse: Enhance test.
There are 3 ways to lookup a volume, only virStorageVolLookupByName
needs pool object. So if no --pool is specified, it will tries to
get the volume via virStorageVolLookupByPath/virStorageVolLookupByKey.
But if all 3 ways fails, and no --pool is specified, a friendly
error might help the user get right way quickly.