1181539 – RFC: network: Add hook for network update event

Bug 1181539 - RFC: network: Add hook for network update event

Summary: RFC: network: Add hook for network update event

Keywords:
Status:	CLOSED UPSTREAM
Alias:	None
Product:	Virtualization Tools
Classification:	Community
Component:	libvirt
Sub Component:
Version:	unspecified
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Assignee:	Libvirt Maintainers
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-01-13 10:58 UTC by Khramov Anton
Modified:	2016-07-26 16:46 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-07-26 16:46:19 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Khramov Anton 2015-01-13 10:58:16 UTC

Description of problem:
"virsh net-update" starts iptables rules reload for NAT network system. This event doesn't start network hooks.

Version-Release number of selected component (if applicable):
libvirt 1.2.2


How reproducible:
Add "/etc/libvirt/hooks/network" with:
-------------------------------------------
#!/bin/bash
echo "`date` $0 $@" >> /var/log/libvirt.log
-------------------------------------------
Restart libvirt and run virsh net-update command:

virsh net-update default modify ip-dhcp-host --live --config "<host mac='52:54:00:97:eb:95' name='test' ip='192.168.122.253'/>"

Steps to Reproduce:
1.
2.
3.

Actual results:
/var/log/libvirt.log log file doesn't contain events from virsh net-update command.

Expected results:
/var/log/libvirt.log log file should contain event.


Additional info:
This bug brakes iptables hooks hack for FORWARD chain with NAT network.

Comment 1 Khramov Anton 2015-06-11 08:35:18 UTC

I've wrote workaround patch for libvirt 1.2.2:

--- libvirt-1.2.2/src/network/bridge_driver.c   2015-01-13 15:17:36.000000000 +0100
+++ libvirt-1.2.2_upd/src/network/bridge_driver.c       2015-01-13 15:15:00.978542616 +0100
@@ -2887,6 +2887,9 @@
     if (needFirewallRefresh && networkAddFirewallRules(network) < 0)
         goto cleanup;

+    if (needFirewallRefresh && networkRunHook(network, NULL, NULL, VIR_HOOK_NETWORK_OP_STARTED, VIR_HOOK_SUBOP_BEGIN) < 0)
+        goto cleanup;
+
     if (flags & VIR_NETWORK_UPDATE_AFFECT_CONFIG) {
         /* save updated persistent config to disk */
         if (virNetworkSaveConfig(driver->networkConfigDir,

Comment 2 Cole Robinson 2016-04-10 20:38:27 UTC

Sorry there wasn't a timely response. Seems reasonable to me to add a NETWORK_OP_UPDATED hook. Please send the patch to libvir-list, even if it isn't perfect, it might motivate someone else to finish it off

Comment 3 Khramov Anton 2016-04-11 10:54:37 UTC

Just in case. https://www.redhat.com/archives/libvir-list/2015-June/msg01066.html

Comment 4 Khramov Anton 2016-04-11 10:56:30 UTC

And here: https://www.redhat.com/archives/libvir-list/2015-June/msg01145.html

Comment 5 Cole Robinson 2016-04-19 20:17:12 UTC

Hmm I see. If you refresh the patch against latest git, drop the firewall check so that the hook runs unconditionally, and re-send the patch, I can help document it and drum up other reviews.

Comment 6 Khramov Anton 2016-05-25 12:31:49 UTC

Finally, found some time. Sorry for delay. https://www.redhat.com/archives/libvir-list/2016-May/msg01872.html

Comment 7 Cole Robinson 2016-07-26 16:46:19 UTC

Upstream now:

commit 128a8b2c9fb76ec90157cf2912bc67d62b2b39ae
Author: Anton Khramov <anton>
Date:   Wed Jul 13 13:06:05 2016 +0200

    network: Added hook for network modification event
    
    Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1181539


Thanks for the patch!

Note You need to log in before you can comment on or make changes to this bug.