qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] KVM call agenda for June, Tuesday 15th


From: Anthony Liguori
Subject: Re: [Qemu-devel] KVM call agenda for June, Tuesday 15th
Date: Tue, 15 May 2012 08:44:14 -0500
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120329 Thunderbird/11.0.1

On 05/15/2012 03:51 AM, Kevin Wolf wrote:
Am 14.05.2012 17:42, schrieb Anthony Liguori:
On 05/14/2012 07:41 AM, Juan Quintela wrote:

Hi

Please send in any agenda items you are interested in covering.

-open-fd-hook proposal

The discussion seems to have tapered out without a consensus.

I asked for really good reasons to justify it, and the only response you
gave was along the lines of "because it's easy to implement".

Is this not a really good reason? It's a simple and complete way to solve a real problem.

Actually, I think it's not very easy at all when you start considering
cases like libvirt crashing (or restarting during an upgrade, as Daniel
mentioned).

I think this is just an implementation detail. We could switch to a named unix domain socket and also support reconnect.

Currently we have a very simple unidirectional structure:
qemu is a standalone program that keeps running on its own. libvirt is
the user of qemu. Often enough it's already hard to get things working
correctly in error cases with this simple structure - do you really want
to have qemu depend on an RPC to libvirt?

Yes. We're relying on libvirt for a *syscall* that the kernel isn't processing correctly. I'm not advocating a general mechanism where we defer larges parts of QEMU to libvirt. This is specifically the open() syscall.

You're right that the proper fix would be in the kernel, but in qemu a
much better solution that RPCs to libvirt is allowing all QMP commands
that open new files to pass a block device description that can contain
a fd.

I don't agree that this is an obviously better solution. For example, it mandates that libvirt parse image formats to determine the backing file chains.

OTOH, the open() RPC allows libvirt to avoid parsing image formats. It could do something as simple as have the user specify a white list of image files the guest is allowed to access in the domain XML and validate against that.

It removes considerable complexity from libvirt as it doesn't have to construct a potentially complex set of blockdev arguments.

This would much better than first getting an open command via QMP
and then using an RPC to ask back what we're really meant to open.

To the full extent we're going to get this with blockdev-add (which is
what we should really start working on now rather than on hacks like
-open-fd-hook), but if you like hacks, much (if not all) of it is
already possible today with the 'existing' mode of live snapshots.

I really don't think that blockdev is an elegant solution to this problem. It pushes an awful lot of complexity to libvirt (or any management tool).

I actually think Avi's original idea of a filename dictionary is a better approach than blockdev for solving this problem.

That is not to say that I think blockdev doesn't have it's own merits, but I don't think we should be mandating its usage for management tools to do something simple.

Regards,

Anthony Liguori


So if you want -open-fd-hook, please give us use cases that can't be
solved by passing the file descriptor directly in the QMP command (or on
the command line). I believe you might find some obscure ones that don't
work today, but I don't really expect that it enables anything that
-blockdev wouldn't enable.

Kevin





reply via email to

[Prev in Thread] Current Thread [Next in Thread]