From nobody Sun May 5 03:36:19 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
207.211.31.120 as permitted sender) client-ip=207.211.31.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=pass(p=none dis=none) header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1599210003; cv=none;
d=zohomail.com; s=zohoarc;
b=MW+b4C0nFFRgfEUQhMmC97OPcsHCDOH7q777TjH5JnUCiZ4YOqlaiO7o4WK/A4Sbcd5Wpn9qm0xEu/BnpEUrH4WC1yfN7FB5U/pAZA03eqnofNMvksziZrrVzrxDA5bywkNPWTzbfp733oyJzH8FOqx48meegFdUN+IE3q7GBd8=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1599210003;
h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=4rKMSVfxKQ7BcJm8OVYow93/Fj4woLKoOa1SmYFsFSw=;
b=ehUHIUECzsBFFlgCOBKYxUwUdhTBnzv7HiuIIGPwiz4cwek3CvZXXLaCMiQ/qiaffmkbO4H0JusqcOlVV1SVGod6s0hc0e5F3820FCNoTzkcfjgchuAFcpRrLHaeIxjYLGsFgimLLfLA3rtmEWuRQwZp+KKbJK9vZ1Y8k1xKzEQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=pass header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120]) by mx.zohomail.com
with SMTPS id 1599210003741609.2013151201181;
Fri, 4 Sep 2020 02:00:03 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-335-vAs5J21zOo6fBCS54zRgSQ-1; Fri, 04 Sep 2020 04:59:30 -0400
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
[10.5.11.14])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 29F9784E243;
Fri, 4 Sep 2020 08:59:25 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 038415D9CC;
Fri, 4 Sep 2020 08:59:25 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 47FDE1832FC1;
Fri, 4 Sep 2020 08:59:23 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
[10.5.11.16])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 0848xKDG003517 for ;
Fri, 4 Sep 2020 04:59:20 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 292875C269; Fri, 4 Sep 2020 08:59:20 +0000 (UTC)
Received: from carol.localdomain (unknown [10.43.2.39])
by smtp.corp.redhat.com (Postfix) with ESMTPS id A4F525C230
for ; Fri, 4 Sep 2020 08:59:16 +0000 (UTC)
Received: from carol.redhat.com (carol.k8r.cz [127.0.0.1])
by carol.localdomain (Postfix) with ESMTP id 13F2FC200C2
for ; Fri, 4 Sep 2020 10:59:15 +0200 (CEST)
X-MC-Unique: vAs5J21zOo6fBCS54zRgSQ-1
From: Martin Kletzander
To: libvir-list@redhat.com
Subject: [PATCH v3 1/2] qemu: Allow migration over UNIX socket
Date: Fri, 4 Sep 2020 10:58:45 +0200
Message-Id:
<4d55ac055e5a2780611a85d33edbebaa728bb5dc.1599208676.git.mkletzan@redhat.com>
In-Reply-To:
References:
MIME-Version: 1.0
X-Clacks-Overhead: GNU Terry Pratchett
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-loop: libvir-list@redhat.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Mimecast-Spam-Score: 0.002
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"
This allows:
a) migration without access to network
b) complete control of the migration stream
c) easy migration between containerised libvirt daemons on the same host
Resolves: https://bugzilla.redhat.com/1638889
Signed-off-by: Martin Kletzander
Reviewed-by: Jiri Denemark
---
docs/manpages/virsh.rst | 13 ++-
docs/migration.html.in | 33 ++++++++
src/qemu/qemu_driver.c | 22 ++++-
src/qemu/qemu_migration.c | 138 +++++++++++++++++++++++--------
src/qemu/qemu_migration_params.c | 9 ++
src/qemu/qemu_migration_params.h | 3 +
src/qemu/qemu_monitor.c | 15 ++++
src/qemu/qemu_monitor.h | 4 +
8 files changed, 198 insertions(+), 39 deletions(-)
diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index a0d6c3fadda6..ca5acf84cad2 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -3270,6 +3270,14 @@ There are a few scenarios where specifying *migrateu=
ri* may help:
might be specified to choose a specific port number outside the default =
range in
order to comply with local firewall policies.
=20
+* The *desturi* uses UNIX transport method. In this advanced case libvirt
+ should not guess a *migrateuri* and it should be specified using
+ UNIX socket path URI:
+
+.. code-block::
+
+ unix:///path/to/socket
+
See `https://libvirt.org/migration.html#uris `_ for more details on
migration URIs.
=20
@@ -3296,8 +3304,9 @@ specific parameters separated by '&'. Currently recog=
nized parameters are
Optional *listen-address* sets the listen address that hypervisor on the
destination side should bind to for incoming migration. Both IPv4 and IPv6
addresses are accepted as well as hostnames (the resolving is done on
-destination). Some hypervisors do not support this feature and will return=
an
-error if this parameter is used.
+destination). Some hypervisors do not support specifying the listen addre=
ss and
+will return an error if this parameter is used. This parameter cannot be u=
sed if
+*desturi* uses UNIX transport method.
=20
Optional *disks-port* sets the port that hypervisor on destination side sh=
ould
bind to for incoming disks traffic. Currently it is supported only by QEMU.
diff --git a/docs/migration.html.in b/docs/migration.html.in
index e95ee9de6f1b..162c202227b9 100644
--- a/docs/migration.html.in
+++ b/docs/migration.html.in
@@ -201,6 +201,9 @@
numbers. In the latter case the management application may wish
to choose a specific port number outside the default range in order
to comply with local firewall policies.
+ The second URI uses UNIX transport method. In this advanced case
+ libvirt should not guess a *migrateuri* and it should be specified=
using
+ UNIX socket path URI: unix:///path/to/socket
.
=20
@@ -628,5 +631,35 @@ virsh migrate --p2p --tunnelled web1 qemu+ssh://destho=
st/system qemu+ssh://10.0.
Supported by QEMU driver
=20
+
+
+
+
+ In niche scenarios where libvirt daemon does not have access to the
+ network (e.g. running in a restricted container on a host that has
+ accessible network), when a management application wants to have com=
plete
+ control over the transfer or when migrating between two containers o=
n the
+ same host all the communication can be done using UNIX sockets. This
+ includes connecting to non-standard socket path for the destination
+ daemon, using UNIX sockets for hypervisor's communication or for the=
NBD
+ data transfer. All of that can be used with both peer2peer and dire=
ct
+ migration options.
+
+
+
+ Example using /tmp/migdir
as a directory representing t=
he
+ same path visible from both libvirt daemons. That can be achieved by
+ bind-mounting the same directory to different containers running sep=
arate
+ daemons or forwarding connections to these sockets manually
+ (using socat
, netcat
or a custom piece of
+ software):
+
+virsh migrate web1 [--p2p] --copy-storage-all 'qemu+unix:///system?socket=
=3D/tmp/migdir/test-sock-driver' 'unix:///tmp/migdir/test-sock-qemu' --disk=
s-uri unix:///tmp/migdir/test-sock-nbd
+
+
+
+ Supported by QEMU driver
+
+