From nobody Mon Nov 3 23:23:46 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1747308621026558.1577856440101; Thu, 15 May 2025 04:30:21 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uFWmI-0006zx-SF; Thu, 15 May 2025 07:29:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFWmH-0006z5-1h; Thu, 15 May 2025 07:29:29 -0400 Received: from proxmox-new.maurer-it.com ([94.136.29.106]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFWmD-0007Yj-46; Thu, 15 May 2025 07:29:28 -0400 Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id DF817426D5; Thu, 15 May 2025 13:29:14 +0200 (CEST) From: Fiona Ebner To: qemu-block@nongnu.org Cc: qemu-devel@nongnu.org, armbru@redhat.com, eblake@redhat.com, hreitz@redhat.com, kwolf@redhat.com, pl@dlhnet.de, idryomov@gmail.com Subject: [PATCH 1/2] block/rbd: support selected key-value-pairs via QAPI Date: Thu, 15 May 2025 13:29:07 +0200 Message-Id: <20250515112908.383693-2-f.ebner@proxmox.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250515112908.383693-1-f.ebner@proxmox.com> References: <20250515112908.383693-1-f.ebner@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=94.136.29.106; envelope-from=f.ebner@proxmox.com; helo=proxmox-new.maurer-it.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1747308623051116600 Content-Type: text/plain; charset="utf-8" Currently, most Ceph configuration options are not exposed via QAPI. While it is possible to specify a dedicated Ceph configuration file, specialized options are often only required for a selection of images on the RBD storage, not all of them. To avoid the need to generate a dedicated Ceph configuration file for each image (or for each required combination of options), support a selection of key-value pairs via QAPI. Initially, this is just 'rbd_cache_policy'. For example, this is useful with small images used as a pflash for EFI variables. Setting the 'rbd_cache_policy' to 'writeback' yields a substantial improvement there [0]. The function qemu_rbd_extract_key_value_pairs() was copied/adapted from the existing qemu_rbd_extract_encryption_create_options(). [0]: https://bugzilla.proxmox.com/show_bug.cgi?id=3D3329#c9 Signed-off-by: Fiona Ebner --- block/rbd.c | 73 ++++++++++++++++++++++++++++++++++++++++++++ qapi/block-core.json | 37 ++++++++++++++++++++++ 2 files changed, 110 insertions(+) diff --git a/block/rbd.c b/block/rbd.c index 7446e66659..2924f23093 100644 --- a/block/rbd.c +++ b/block/rbd.c @@ -298,6 +298,27 @@ static int qemu_rbd_set_auth(rados_t cluster, Blockdev= OptionsRbd *opts, return 0; } =20 +static int qemu_rbd_set_key_value_pairs(rados_t cluster, + RbdKeyValuePairs *key_value_pairs, + Error **errp) +{ + if (!key_value_pairs) { + return 0; + } + + if (key_value_pairs->has_rbd_cache_policy) { + RbdCachePolicy value =3D key_value_pairs->rbd_cache_policy; + int r =3D rados_conf_set(cluster, "rbd_cache_policy", + RbdCachePolicy_str(value)); + if (r < 0) { + error_setg_errno(errp, -r, "could not set 'rbd_cache_policy'"); + return -EINVAL; + } + } + + return 0; +} + static int qemu_rbd_set_keypairs(rados_t cluster, const char *keypairs_jso= n, Error **errp) { @@ -791,6 +812,44 @@ exit: return ret; } =20 +static int qemu_rbd_extract_key_value_pairs( + QemuOpts *opts, + RbdKeyValuePairs **key_value_pairs, + Error **errp) +{ + QDict *opts_qdict; + QDict *key_value_pairs_qdict; + Visitor *v; + int ret =3D 0; + + opts_qdict =3D qemu_opts_to_qdict(opts, NULL); + qdict_extract_subqdict(opts_qdict, &key_value_pairs_qdict, + "key-value-pairs."); + qobject_unref(opts_qdict); + if (!qdict_size(key_value_pairs_qdict)) { + *key_value_pairs =3D NULL; + goto exit; + } + + /* Convert options into a QAPI object */ + v =3D qobject_input_visitor_new_flat_confused(key_value_pairs_qdict, e= rrp); + if (!v) { + ret =3D -EINVAL; + goto exit; + } + + visit_type_RbdKeyValuePairs(v, NULL, key_value_pairs, errp); + visit_free(v); + if (!*key_value_pairs) { + ret =3D -EINVAL; + goto exit; + } + +exit: + qobject_unref(key_value_pairs_qdict); + return ret; +} + static int coroutine_fn qemu_rbd_co_create_opts(BlockDriver *drv, const char *filename, QemuOpts *opts, @@ -800,6 +859,7 @@ static int coroutine_fn qemu_rbd_co_create_opts(BlockDr= iver *drv, BlockdevCreateOptionsRbd *rbd_opts; BlockdevOptionsRbd *loc; RbdEncryptionCreateOptions *encrypt =3D NULL; + RbdKeyValuePairs *key_value_pairs =3D NULL; Error *local_err =3D NULL; const char *keypairs, *password_secret; QDict *options =3D NULL; @@ -848,6 +908,13 @@ static int coroutine_fn qemu_rbd_co_create_opts(BlockD= river *drv, loc->image =3D g_strdup(qdict_get_try_str(options, "image")); keypairs =3D qdict_get_try_str(options, "=3Dkeyvalue-pairs"); =20 + /* These are the key-value pairs coming in via the QAPI. */ + ret =3D qemu_rbd_extract_key_value_pairs(opts, &key_value_pairs, errp); + if (ret < 0) { + goto exit; + } + loc->key_value_pairs =3D key_value_pairs; + ret =3D qemu_rbd_do_create(create_options, keypairs, password_secret, = errp); if (ret < 0) { goto exit; @@ -937,6 +1004,12 @@ static int qemu_rbd_connect(rados_t *cluster, rados_i= octx_t *io_ctx, goto failed_shutdown; } =20 + /* For the key-value pairs coming via QAPI. */ + r =3D qemu_rbd_set_key_value_pairs(*cluster, opts->key_value_pairs, er= rp); + if (r < 0) { + goto failed_shutdown; + } + if (mon_host) { r =3D rados_conf_set(*cluster, "mon_host", mon_host); if (r < 0) { diff --git a/qapi/block-core.json b/qapi/block-core.json index 91c70e24a7..4666765e66 100644 --- a/qapi/block-core.json +++ b/qapi/block-core.json @@ -4301,6 +4301,39 @@ 'data': { 'luks': 'RbdEncryptionCreateOptionsLUKS', 'luks2': 'RbdEncryptionCreateOptionsLUKS2' } } =20 +## +# @RbdCachePolicy: +# +# An enumeration of values for the 'rbd_cache_policy' Ceph +# configuration setting. See the Ceph documentation for details. +# +# @writearound: cachable writes return immediately, reads are not +# served from the cache. +# +# @writeback: cachable writes return immediately, reads are served +# from the cache. +# +# @writethrough: writes return only when the data is on disk for all +# replicas, reads are served from the cache. +# +# Since 10.1 +## +{ 'enum' : 'RbdCachePolicy', + 'data' : [ 'writearound', 'writeback', 'writethrough' ] } + + +## +# @RbdKeyValuePairs: +# +# Key-value pairs for Ceph configuration. +# +# @rbd-cache-policy: Ceph configuration option 'rbd_cache_policy'. +# +# Since 10.1 +## +{ 'struct': 'RbdKeyValuePairs', + 'data': { '*rbd-cache-policy': 'RbdCachePolicy' } } + ## # @BlockdevOptionsRbd: # @@ -4327,6 +4360,9 @@ # authentication. This maps to Ceph configuration option "key". # (Since 3.0) # +# @key-value-pairs: Key-value pairs for additional Ceph configuraton. +# (Since 10.1) +# # @server: Monitor host address and port. This maps to the "mon_host" # Ceph option. # @@ -4342,6 +4378,7 @@ '*user': 'str', '*auth-client-required': ['RbdAuthMode'], '*key-secret': 'str', + '*key-value-pairs' : 'RbdKeyValuePairs', '*server': ['InetSocketAddressBase'] } } =20 ## --=20 2.39.5 From nobody Mon Nov 3 23:23:46 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 17473086223621014.4593780051106; Thu, 15 May 2025 04:30:22 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uFWmH-0006zW-Uh; Thu, 15 May 2025 07:29:29 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFWmF-0006yZ-QL; Thu, 15 May 2025 07:29:27 -0400 Received: from proxmox-new.maurer-it.com ([94.136.29.106]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFWmD-0007Yh-5A; Thu, 15 May 2025 07:29:27 -0400 Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 7CD4742999; Thu, 15 May 2025 13:29:14 +0200 (CEST) From: Fiona Ebner To: qemu-block@nongnu.org Cc: qemu-devel@nongnu.org, armbru@redhat.com, eblake@redhat.com, hreitz@redhat.com, kwolf@redhat.com, pl@dlhnet.de, idryomov@gmail.com Subject: [PATCH 2/2] block/rbd: support keyring option via QAPI Date: Thu, 15 May 2025 13:29:08 +0200 Message-Id: <20250515112908.383693-3-f.ebner@proxmox.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250515112908.383693-1-f.ebner@proxmox.com> References: <20250515112908.383693-1-f.ebner@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=94.136.29.106; envelope-from=f.ebner@proxmox.com; helo=proxmox-new.maurer-it.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1747308622947116600 Content-Type: text/plain; charset="utf-8" In Proxmox VE, it is not always required to have a dedicated Ceph configuration file, and using the 'key-secret' QAPI option would require obtaining a key from the keyring first. The keyring location is readily available however, so having support for the 'keyring' configuration option is most convenient. Signed-off-by: Fiona Ebner --- block/rbd.c | 8 ++++++++ qapi/block-core.json | 5 ++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/block/rbd.c b/block/rbd.c index 2924f23093..660224c6c8 100644 --- a/block/rbd.c +++ b/block/rbd.c @@ -306,6 +306,14 @@ static int qemu_rbd_set_key_value_pairs(rados_t cluste= r, return 0; } =20 + if (key_value_pairs->keyring) { + int r =3D rados_conf_set(cluster, "keyring", key_value_pairs->keyr= ing); + if (r < 0) { + error_setg_errno(errp, -r, "could not set 'keyring'"); + return -EINVAL; + } + } + if (key_value_pairs->has_rbd_cache_policy) { RbdCachePolicy value =3D key_value_pairs->rbd_cache_policy; int r =3D rados_conf_set(cluster, "rbd_cache_policy", diff --git a/qapi/block-core.json b/qapi/block-core.json index 4666765e66..3253c6e6e9 100644 --- a/qapi/block-core.json +++ b/qapi/block-core.json @@ -4327,12 +4327,15 @@ # # Key-value pairs for Ceph configuration. # +# @keyring: Ceph configuration option 'keyring'. +# # @rbd-cache-policy: Ceph configuration option 'rbd_cache_policy'. # # Since 10.1 ## { 'struct': 'RbdKeyValuePairs', - 'data': { '*rbd-cache-policy': 'RbdCachePolicy' } } + 'data': { '*keyring': 'str', + '*rbd-cache-policy': 'RbdCachePolicy' } } =20 ## # @BlockdevOptionsRbd: --=20 2.39.5