Bug 1064831
| Summary: | Have upstream network hooks available in 6.6 | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Antoni Segura Puimedon <asegurap> |
| Component: | libvirt | Assignee: | Michal Privoznik <mprivozn> |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.6 | CC: | asegurap, bazulay, danken, dyuan, gsun, honzhang, jdenemar, lcui, mzhan, rbalakri, shyu |
| Target Milestone: | rc | Keywords: | Upstream |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | libvirt-0.10.2-36.el6 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-10-14 04:20:15 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1002699, 1023565, 1043226 | ||
|
Description
Antoni Segura Puimedon
2014-02-13 11:46:58 UTC
These patches implement the functionality upstream:
commit 4d88294483b89948c9b4aea585b0c853147aa158
Author: Michal Privoznik <mprivozn>
AuthorDate: Tue Feb 18 18:40:28 2014 +0100
Commit: Michal Privoznik <mprivozn>
CommitDate: Tue Feb 18 19:52:39 2014 +0100
bridge_driver.h: Fix build --without-network
The networkNotifyActualDevice function is accepting two arguments, not
one:
qemu/qemu_process.c: In function 'qemuProcessNotifyNets':
qemu/qemu_process.c:2776:47: error: macro "networkNotifyActualDevice" passed 2 arguments, but takes just 1
if (networkNotifyActualDevice(def, net) < 0)
^
Signed-off-by: Michal Privoznik <mprivozn>
commit 9de7309125d644360b59b84e40cf40c031b09b3d
Author: Michal Privoznik <mprivozn>
AuthorDate: Tue Feb 4 17:36:54 2014 +0100
Commit: Michal Privoznik <mprivozn>
CommitDate: Tue Feb 18 14:46:49 2014 +0100
network: Taint networks that are using hook script
Basically, the idea is copied from domain code, where tainting
exists for a while. Currently, only one taint reason exists -
VIR_NETWORK_TAINT_HOOK to mark those networks which caused invoking
of hook script.
Signed-off-by: Michal Privoznik <mprivozn>
commit f1ab06e43da7a892b499479aa7a7f9407fc0d917
Author: Michal Privoznik <mprivozn>
AuthorDate: Fri Jan 31 16:48:06 2014 +0100
Commit: Michal Privoznik <mprivozn>
CommitDate: Tue Feb 18 14:46:49 2014 +0100
network: Introduce network hooks
There might be some use cases, where user wants to prepare the host or
its environment prior to starting a network and do some cleanup after
the network has been shut down. Consider all the functionality that
libvirt doesn't currently have as an example what a hook script can
possibly do.
Signed-off-by: Michal Privoznik <mprivozn>
commit e0a31274ec74fb2d77c40a489d26799c0965a198
Author: Michal Privoznik <mprivozn>
AuthorDate: Wed Feb 12 17:36:35 2014 +0100
Commit: Michal Privoznik <mprivozn>
CommitDate: Tue Feb 18 14:46:48 2014 +0100
network_conf: Expose virNetworkDefFormatInternal
In the next patch I'm going to need the network format function that
takes virBuffer as argument. However, slightly change of name is more
appropriate then: virNetworkDefFormatBuf to match the rest of functions
that format an object to buffer.
Signed-off-by: Michal Privoznik <mprivozn>
commit 28900766d570ca09015ed2b2d74a85a3f4ebf0b8
Author: Michal Privoznik <mprivozn>
AuthorDate: Mon Feb 10 19:26:16 2014 +0100
Commit: Michal Privoznik <mprivozn>
CommitDate: Mon Feb 10 19:26:16 2014 +0100
virNetworkLoadState: Disallow mangled 'floor' element
In the network status XML we may have the <floor/> element with the
'sum' attribute. The attribute represents sum of all 'floor'-s of
computed over each interface connected to the network (this is needed to
guarantee certain bandwidth for certain domain). The sum is therefore a
number. However, if the number was mangled (e.g. by an user's
interference to network status file), we've just ignored it without
refusing to parse such file. This was all due to 'goto error' missing.
Signed-off-by: Michal Privoznik <mprivozn>
commit e209c077605831ac8ce2fe5c6dce6a177e7f5083
Author: Michal Privoznik <mprivozn>
AuthorDate: Fri Jan 31 15:36:13 2014 +0100
Commit: Michal Privoznik <mprivozn>
CommitDate: Mon Feb 10 11:47:24 2014 +0100
networkStartNetwork: Be more verbose
The lack of debug printings might be frustrating in the future.
Moreover, this function doesn't follow the usual pattern we have in the
rest of the code:
int ret = -1;
/* do some work */
ret = 0;
cleanup:
/* some cleanup work */
return ret;
Signed-off-by: Michal Privoznik <mprivozn>
*** Bug 1055484 has been marked as a duplicate of this bug. *** Verify it using libvirt-0.10.2-36.el6.x86_64 as follows
1. Verify it in virtual network and interface.
[root@hongming ~]# cat /etc/libvirt/hooks/network
#!/bin/bash
echo "$0" "$@" >> /tmp/network.log
exit 0
[root@hongming ~]# virsh net-start default
Network default started
[root@hongming ~]# virsh net-dumpxml default
<network>
<name>default</name>
<uuid>aae44491-5b5a-4b59-bfe6-f7db7ef7ff14</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0' />
<mac address='52:54:00:3A:76:B7'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254' />
</dhcp>
</ip>
</network>
[root@hongming ~]# cat /tmp/network.log
/etc/libvirt/hooks/network default start begin -
/etc/libvirt/hooks/network default started begin -
[root@hongming ~]# virsh net-destroy default
Network default destroyed
[root@hongming ~]# cat /tmp/network.log
/etc/libvirt/hooks/network default start begin -
/etc/libvirt/hooks/network default started begin -
/etc/libvirt/hooks/network default stopped end -
[root@hongming ~]# virsh net-start default
Network default started
[root@hongming ~]# virsh start r6.5
Domain r6.5 started
[root@hongming ~]# > /tmp/network.log
[root@hongming ~]# virsh attach-interface r6.5 network default
Interface attached successfully
[root@hongming ~]# cat /tmp/network.log
/etc/libvirt/hooks/network default plugged begin -
[root@hongming ~]# virsh dumpxml r6.5|grep interface -A5
<interface type='network'>
<mac address='52:54:00:73:b1:91'/>
<source network='default'/>
<target dev='vnet0'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>
<interface type='network'>
<mac address='52:54:00:9a:53:a9'/>
<source network='default'/>
<target dev='vnet1'/>
<alias name='net1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
</interface>
[root@hongming ~]# virsh detach-interface r6.5 network --mac 52:54:00:9a:53:a9
Interface detached successfully
[root@hongming ~]# cat /tmp/network.log
/etc/libvirt/hooks/network default plugged begin -
/etc/libvirt/hooks/network default unplugged begin -
[root@hongming ~]# virsh destroy r6.5
Domain r6.5 destroyed
[root@hongming ~]# cat /tmp/network.log
/etc/libvirt/hooks/network default plugged begin -
/etc/libvirt/hooks/network default unplugged begin -
/etc/libvirt/hooks/network default unplugged begin -
============================================================================
2. Verify it using hostdev network and VF interface
[root@sriov2 images]# virsh net-list --all
Name State Autostart Persistent
--------------------------------------------------
default active yes yes
hostdev active no yes
[root@sriov2 images]# virsh net-dumpxml hostdev
<network>
<name>hostdev</name>
<uuid>25964d3e-4c8e-b6e7-dac7-a8fd70785444</uuid>
<forward mode='hostdev' managed='yes'>
<address type='pci' domain='0x0000' bus='0x0f' slot='0x10' function='0x0'/>
<address type='pci' domain='0x0000' bus='0x0f' slot='0x10' function='0x1'/>
<address type='pci' domain='0x0000' bus='0x11' slot='0x10' function='0x0'/>
<address type='pci' domain='0x0000' bus='0x11' slot='0x10' function='0x1'/>
</forward>
</network>
[root@sriov2 images]# > /tmp/network.log
[root@sriov2 images]# virsh net-destroy hostdev
Network hostdev destroyed
[root@sriov2 images]# virsh net-start hostdev
Network hostdev started
[root@sriov2 images]# cat /tmp/network.log
/etc/libvirt/hooks/network hostdev stopped end -
/etc/libvirt/hooks/network hostdev start begin -
/etc/libvirt/hooks/network hostdev started begin -
[root@sriov2 images]# > /tmp/network.log
[root@sriov2 images]# virsh attach-device rhel63 vf.xml
Device attached successfully
[root@sriov2 images]# cat /tmp/network.log
/etc/libvirt/hooks/network hostdev plugged begin -
[root@sriov2 images]# virsh dumpxml rhel63|grep interface -A6
<interface type='network'>
<mac address='52:54:00:a3:e2:4d'/>
<source network='default'/>
<target dev='vnet0'/>
<model type='virtio'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>
<interface type='hostdev' managed='yes'>
<mac address='52:54:00:67:8d:54'/>
<source>
<address type='pci' domain='0x0000' bus='0x0f' slot='0x10' function='0x0'/>
</source>
<alias name='hostdev1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
</interface>
[root@sriov2 images]# cat vf1.xml
<hostdev mode='subsystem' type='pci' managed='yes'>
<source>
<address type='pci' domain='0x0000' bus='0x0f' slot='0x10' function='0x0'/>
</source>
</hostdev>
[root@sriov2 images]# virsh detach-device rhel63 vf1.xml
Device detached successfully
[root@sriov2 images]# cat /tmp/network.log
/etc/libvirt/hooks/network hostdev plugged begin -
/etc/libvirt/hooks/network hostdev unplugged begin -
[root@sriov2 images]# virsh attach-device rhel63 vf.xml
Device attached successfully
[root@sriov2 images]# > /tmp/network.log
[root@sriov2 images]# virsh destroy rhel63
Domain rhel63 destroyed
[root@sriov2 images]# cat /tmp/network.log
/etc/libvirt/hooks/network default unplugged begin -
/etc/libvirt/hooks/network hostdev unplugged begin -
If don't use hostdev network , hotplug a interface which type isn't 'network', the networkRunHook doesn't get callled. Verify the following cases - hotplug a VF using <hostdev> element. - hotplug a interface with direct type . [root@sriov2 images]# > /tmp/network.log [root@sriov2 images]# cat if-direct.xml <interface type='direct'> <source dev='eth3' mode='vepa'/> </interface> [root@sriov2 images]# virsh attach-device rhel63 if-direct.xml Device attached successfully [root@sriov2 images]# cat /tmp/network.log [root@sriov2 images]# cat vf.xml <interface type='network'> <source network='hostdev'/> </interface> [root@sriov2 images]# cat vf1.xml <hostdev mode='subsystem' type='pci' managed='yes'> <source> <address type='pci' domain='0x0000' bus='0x0f' slot='0x10' function='0x0'/> </source> </hostdev> [root@sriov2 images]# virsh attach-device rhel63 vf1.xml Device attached successfully [root@sriov2 images]# cat /tmp/network.log [root@sriov2 images]# Verify the patch : conf: output actual netdev status in <interface> XML
[root@sriov2 images]# virsh net-list
Name State Autostart Persistent
--------------------------------------------------
default active yes yes
multi-portgroups active no yes
[root@sriov2 images]# virsh net-dumpxml multi-portgroups
<network>
<name>multi-portgroups</name>
<uuid>b10b1e1d-a73d-b1b0-1aa7-dc4e84af1f25</uuid>
<forward mode='nat'/>
<bridge name='virbr2' stp='on' delay='0' />
<mac address='52:54:00:A5:69:F9'/>
<ip address='192.168.120.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.120.2' end='192.168.120.254' />
</dhcp>
</ip>
<portgroup name='engineering' default='yes'>
<bandwidth>
<inbound average='1000' peak='5000' burst='5120'/>
<outbound average='1000' peak='5000' burst='5120'/>
</bandwidth>
</portgroup>
<portgroup name='sales'>
<bandwidth>
<inbound average='500' peak='2000' burst='2560'/>
<outbound average='128' peak='256' burst='256'/>
</bandwidth>
</portgroup>
</network>
[root@sriov2 images]# virsh edit rhel63
Domain rhel63 XML configuration edited.
-Add the following xml to domain
<interface type='network'>
<source network='multi-portgroups' portgroup='engineering'/>
</interface>
[root@sriov2 images]# virsh dumpxml rhel63
<domain>
......
<interface type='network'>
<mac address='52:54:00:21:51:35'/>
<source network='multi-portgroups'/>
<bandwidth>
<inbound average='1000' peak='5000' burst='5120'/>
<outbound average='1000' peak='5000' burst='5120'/>
</bandwidth>
<target dev='vnet1'/>
<alias name='net1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
</interface>
......
</domain>
[root@sriov2 images]# tc -d class show dev vnet1
class htb 1:1 root leaf 2: prio 0 quantum 100000 rate 8000Kbit ceil 40000Kbit burst 5Mb/8 mpu 0b overhead 0b cburst 1600b/8 mpu 0b overhead 0b level 0
[root@sriov2 images]# tc -d filter show dev vnet1 parent ffff:
filter protocol all pref 49152 u32
filter protocol all pref 49152 u32 fh 800: ht divisor 1
filter protocol all pref 49152 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid :1
match 00000000/00000000 at 0
police 0x2 rate 8000Kbit burst 5Mb mtu 64Kb action drop overhead 0b
ref 1 bind 1
Verify the patch:Avoid crash when LXC start fails with no interface target
[root@hongming images]# cat lxc.xml
<domain type='lxc'>
<name>vm1</name>
<memory>500000</memory>
<currentMemory>500000</currentMemory>
<vcpu>1</vcpu>
<os>
<type arch='x86_64'>exe</type>
<init>/bin/sh</init>
</os>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/libexec/libvirt_lxc</emulator>
<interface type='network'>
<mac address='52:54:00:f2:2c:ac'/>
<source network='default'/>
</interface>
<console type='pty'>
<target port='0'/>
</console>
</devices>
</domain>
[root@hongming images]# virsh -c lxc:/// define lxc.xml
Domain vm1 defined from lxc.xml
[root@hongming images]# virsh -c lxc:/// start vm1
Domain vm1 started
[root@hongming images]# virsh -c lxc:/// dumpxml vm1
<domain type='lxc' id='12558'>
<name>vm1</name>
<uuid>59eab5a8-460e-674c-64fb-756356e4d674</uuid>
<memory unit='KiB'>500000</memory>
<currentMemory unit='KiB'>500000</currentMemory>
<vcpu placement='static'>1</vcpu>
<os>
<type arch='x86_64'>exe</type>
<init>/bin/sh</init>
</os>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/libexec/libvirt_lxc</emulator>
<interface type='network'>
<mac address='52:54:00:f2:2c:ac'/>
<source network='default'/>
<target dev='veth0'/>
</interface>
<console type='pty' tty='/dev/pts/2'>
<source path='/dev/pts/2'/>
<target type='lxc' port='0'/>
<alias name='console0'/>
</console>
</devices>
<seclabel type='none'/>
</domain>
Verify transient network hooks
[root@hongming images]# virsh net-create transient.xml
Network transient created from transient.xml
[root@hongming images]# virsh net-dumpxml transient
<network>
<name>transient</name>
<uuid>e2197dc4-3982-a4db-4b8e-e22d8c9b6961</uuid>
<forward mode='nat'/>
<bridge name='virbr2' stp='on' delay='0' />
<mac address='52:54:00:A5:69:F9'/>
<ip address='192.168.120.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.120.2' end='192.168.120.254' />
</dhcp>
</ip>
<portgroup name='engineering' default='yes'>
<bandwidth>
<inbound average='1000' peak='5000' burst='5120'/>
<outbound average='1000' peak='5000' burst='5120'/>
</bandwidth>
</portgroup>
<portgroup name='sales'>
<virtualport type='802.1Qbh'>
<parameters profileid='salestest'/>
</virtualport>
<bandwidth>
<inbound average='500' peak='2000' burst='2560'/>
<outbound average='128' peak='256' burst='256'/>
</bandwidth>
</portgroup>
</network>
[root@hongming images]# cat /tmp/network.log
/etc/libvirt/hooks/network transient start begin -
/etc/libvirt/hooks/network transient started begin -
[root@hongming images]# virsh start r6.5
Domain r6.5 started
[root@hongming images]# > /tmp/network.log
[root@hongming images]# virsh attach-device r6.5 if.xml
Device attached successfully
[root@hongming images]# cat /tmp/network.log
/etc/libvirt/hooks/network transient plugged begin -
[root@hongming images]# virsh dumpxml r6.5
<domain type='kvm' id='5'>
......
<interface type='network'>
<mac address='52:54:00:65:6b:97'/>
<source network='transient'/>
<bandwidth>
<inbound average='500' peak='2000' burst='2560'/>
<outbound average='128' peak='256' burst='256'/>
</bandwidth>
<target dev='vnet1'/>
<alias name='net1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
</interface>
......
</domain>
[root@hongming images]# virsh detach-interface r6.5 network --mac 52:54:00:46:87:43
Interface detached successfully
[root@hongming images]# cat /tmp/network.log
/etc/libvirt/hooks/network transient plugged begin -
/etc/libvirt/hooks/network transient unplugged begin -
[root@hongming images]# virsh destroy r6.5
Domain r6.5 destroyed
[root@hongming images]# cat /tmp/network.log
/etc/libvirt/hooks/network transient plugged begin -
/etc/libvirt/hooks/network transient unplugged begin -
/etc/libvirt/hooks/network default unplugged begin -
Verify - outputting actual vlan status in <interface> XML
[root@sriov2 images]# virsh net-dumpxml hostdev
<network>
<name>hostdev</name>
<uuid>d58fcb8d-ed2c-74f2-b134-4e2bad788559</uuid>
<forward mode='hostdev' managed='yes'>
<address type='pci' domain='0x0000' bus='0x0f' slot='0x10' function='0x0'/>
<address type='pci' domain='0x0000' bus='0x0f' slot='0x10' function='0x1'/>
<address type='pci' domain='0x0000' bus='0x11' slot='0x10' function='0x0'/>
<address type='pci' domain='0x0000' bus='0x11' slot='0x10' function='0x1'/>
</forward>
<portgroup name='admin'>
<vlan>
<tag id='42'/>
</vlan>
</portgroup>
<portgroup name='sales'>
<vlan>
<tag id='47'/>
</vlan>
</portgroup>
</network>
[root@sriov2 images]# cat vf.xml
<interface type='network'>
<source network='hostdev' portgroup='admin'/>
</interface>
[root@sriov2 images]# virsh attach-device rhel63 vf.xml
Device attached successfully
[root@sriov2 images]# virsh dumpxml rhel63
<domain type='kvm' id='2'>
......
<interface type='hostdev' managed='yes'>
<mac address='52:54:00:38:6a:68'/>
<source>
<address type='pci' domain='0x0000' bus='0x0f' slot='0x10' function='0x0'/>
</source>
<vlan>
<tag id='42'/>
</vlan>
<alias name='hostdev0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
</interface>
......
</domain>
The above results are expected. Move its status to VERIFIED. Add verify steps - Verify the network hook script's stdin.
[root@sriov2 images]# cat /etc/libvirt/hooks/network
#!/usr/bin/python
import sys
import os
hooklog = '/tmp/hook.log'
log = open(hooklog, 'w')
def read_in():
lines = sys.stdin.readlines()
for i in range(len(lines)):
log.write(lines[i])
def main():
if sys.argv[1] == 'default':
read_in()
if __name__ == '__main__':
main()
[root@sriov2 images]# virsh net-destroy default
Network default destroyed
[root@sriov2 images]# cat /tmp/hook.log
<hookData>
<network connections='1'>
<name>default</name>
<uuid>ab177012-c4f8-4c92-a9a0-1f7040932ef4</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0' />
<mac address='52:54:00:83:80:F8'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254' />
</dhcp>
</ip>
</network>
</hookData>
[root@sriov2 images]# virsh attach-interface rhel63 network default
Interface attached successfully
[root@sriov2 images]# cat /tmp/hook.log
<hookData>
<interface type='network'>
<mac address='52:54:00:4d:ef:1b'/>
<source network='default'/>
</interface>
<network connections='1'>
<name>default</name>
<uuid>ab177012-c4f8-4c92-a9a0-1f7040932ef4</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0' />
<mac address='52:54:00:83:80:F8'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254' />
</dhcp>
</ip>
</network>
<domain type='kvm' id='3'>
<name>rhel63</name>
<uuid>704640d1-a8a0-e315-af53-715200e1b2db</uuid>
......
</domain>
</hookData>
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1374.html |