[PATCH 3/4] virt-host-validate: check for required cgroups

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Extend the virt-host-validate checks to see if the required
cgroups are compiled into the kernel and that they are
mounted on the system. The cgroups are all optional except
for 3 that LXC mandates

Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
 tools/virt-host-validate-common.c | 130 +++++++++++++++++++++++++++++++++++---
 tools/virt-host-validate-common.h |   8 ++-
 tools/virt-host-validate-lxc.c    |  30 +++++++++
 tools/virt-host-validate-qemu.c   |  30 +++++++++
 4 files changed, 188 insertions(+), 10 deletions(-)

diff --git a/tools/virt-host-validate-common.c b/tools/virt-host-validate-common.c
index d646a79..7e8d619 100644
--- a/tools/virt-host-validate-common.c
+++ b/tools/virt-host-validate-common.c
@@ -26,6 +26,7 @@
 #include <stdio.h>
 #include <unistd.h>
 #include <sys/utsname.h>
+#include <mntent.h>
 
 #include "virutil.h"
 #include "viralloc.h"
@@ -104,14 +105,29 @@ static const char *failEscapeCodes[] = {
 verify(ARRAY_CARDINALITY(failEscapeCodes) == VIR_HOST_VALIDATE_LAST);
 
 void virHostMsgFail(virHostValidateLevel level,
-                    const char *hint)
+                    const char *format,
+                    ...)
 {
+    va_list args;
+    char *msg;
+
+    if (quiet)
+        return;
+
+    va_start(args, format);
+    if (virVasprintf(&msg, format, args) < 0) {
+        perror("malloc");
+        abort();
+    }
+    va_end(args);
+
     if (virHostMsgWantEscape())
         fprintf(stdout, "%s%s\033[0m (%s)\n",
-                failEscapeCodes[level], _(failMessages[level]), hint);
+                failEscapeCodes[level], _(failMessages[level]), msg);
     else
         fprintf(stdout, "%s (%s)\n",
-                _(failMessages[level]), hint);
+                _(failMessages[level]), msg);
+    free(msg);
 }
 
 
@@ -123,7 +139,7 @@ int virHostValidateDeviceExists(const char *hvname,
     virHostMsgCheck(hvname, "if device %s exists", dev_name);
 
     if (access(dev_name, F_OK) < 0) {
-        virHostMsgFail(level, hint);
+        virHostMsgFail(level, "%s", hint);
         return -1;
     }
 
@@ -140,7 +156,7 @@ int virHostValidateDeviceAccessible(const char *hvname,
     virHostMsgCheck(hvname, "if device %s is accessible", dev_name);
 
     if (access(dev_name, R_OK|W_OK) < 0) {
-        virHostMsgFail(level, hint);
+        virHostMsgFail(level, "%s", hint);
         return -1;
     }
 
@@ -160,7 +176,7 @@ int virHostValidateNamespace(const char *hvname,
     snprintf(nspath, sizeof(nspath), "/proc/self/ns/%s", ns_name);
 
     if (access(nspath, F_OK) < 0) {
-        virHostMsgFail(level, hint);
+        virHostMsgFail(level, "%s", hint);
         return -1;
     }
 
@@ -211,20 +227,116 @@ int virHostValidateLinuxKernel(const char *hvname,
                     (version & 0xff));
 
     if (STRNEQ(uts.sysname, "Linux")) {
-        virHostMsgFail(level, hint);
+        virHostMsgFail(level, "%s", hint);
         return -1;
     }
 
     if (virParseVersionString(uts.release, &thisversion, true) < 0) {
-        virHostMsgFail(level, hint);
+        virHostMsgFail(level, "%s", hint);
         return -1;
     }
 
     if (thisversion < version) {
-        virHostMsgFail(level, hint);
+        virHostMsgFail(level, "%s", hint);
         return -1;
     } else {
         virHostMsgPass();
         return 0;
     }
 }
+
+
+static int virHostValidateCGroupSupport(const char *hvname,
+                                        const char *cg_name,
+                                        virHostValidateLevel level,
+                                        const char *config_name)
+{
+    virHostMsgCheck(hvname, "for cgroup '%s' controller support", cg_name);
+    FILE *fp = fopen("/proc/self/cgroup", "r");
+    size_t len = 0;
+    char *line = NULL;
+    ssize_t ret;
+    bool matched = false;
+
+    if (!fp)
+        goto error;
+
+    while ((ret = getline(&line, &len, fp)) >= 0 && !matched) {
+        char *tmp = strstr(line, cg_name);
+        if (!tmp)
+            continue;
+
+        tmp += strlen(cg_name);
+        if (*tmp != ',' &&
+            *tmp != ':')
+            continue;
+
+        matched = true;
+    }
+    free(line);
+    fclose(fp);
+    if (!matched)
+        goto error;
+
+    virHostMsgPass();
+    return 0;
+
+ error:
+    free(line);
+    virHostMsgFail(level, "Enable CONFIG_%s in kernel Kconfig file", config_name);
+    return -1;
+}
+
+static int virHostValidateCGroupMount(const char *hvname,
+                                      const char *cg_name,
+                                      virHostValidateLevel level)
+{
+    virHostMsgCheck(hvname, "for cgroup '%s' controller mount-point", cg_name);
+    FILE *fp = setmntent("/proc/mounts", "r");
+    struct mntent *ent;
+    bool matched = false;
+
+    if (!fp)
+        goto error;
+
+    while ((ent = getmntent(fp)) && !matched) {
+        char *tmp = strstr(ent->mnt_opts, cg_name);
+        if (!tmp)
+            continue;
+
+        tmp += strlen(cg_name);
+        if (*tmp != ',' &&
+            *tmp != '\0')
+            continue;
+
+        matched = true;
+    }
+    endmntent(fp);
+    if (!matched)
+        goto error;
+
+    virHostMsgPass();
+    return 0;
+
+ error:
+    virHostMsgFail(level, "Mount '%s' cgroup controller (suggested at /sys/fs/cgroup/%s)",
+                   cg_name, cg_name);
+    return -1;
+}
+
+extern int virHostValidateCGroupController(const char *hvname,
+                                           const char *cg_name,
+                                           virHostValidateLevel level,
+                                           const char *config_name)
+{
+    if (virHostValidateCGroupSupport(hvname,
+                                     cg_name,
+                                     level,
+                                     config_name) < 0)
+        return -1;
+    if (virHostValidateCGroupMount(hvname,
+                                   cg_name,
+                                   level) < 0)
+        return -1;
+    return 0;
+}
diff --git a/tools/virt-host-validate-common.h b/tools/virt-host-validate-common.h
index c25e69c..1547e22 100644
--- a/tools/virt-host-validate-common.h
+++ b/tools/virt-host-validate-common.h
@@ -40,7 +40,8 @@ extern void virHostMsgCheck(const char *prefix,
 
 extern void virHostMsgPass(void);
 extern void virHostMsgFail(virHostValidateLevel level,
-                           const char *hint);
+                           const char *format,
+                           ...) ATTRIBUTE_FMT_PRINTF(2, 3);
 
 extern int virHostValidateDeviceExists(const char *hvname,
                                        const char *dev_name,
@@ -64,4 +65,9 @@ extern int virHostValidateNamespace(const char *hvname,
                                     virHostValidateLevel level,
                                     const char *hint);
 
+extern int virHostValidateCGroupController(const char *hvname,
+                                           const char *cg_name,
+                                           virHostValidateLevel level,
+                                           const char *config_name);
+
 #endif /* __VIRT_HOST_VALIDATE_COMMON_H__ */
diff --git a/tools/virt-host-validate-lxc.c b/tools/virt-host-validate-lxc.c
index 43c3f5f..48323da 100644
--- a/tools/virt-host-validate-lxc.c
+++ b/tools/virt-host-validate-lxc.c
@@ -63,5 +63,35 @@ int virHostValidateLXC(void)
                                  _("User namespace support is recommended")) < 0)
         ret = -1;
 
+    if (virHostValidateCGroupController("LXC", "memory",
+                                        VIR_HOST_VALIDATE_FAIL,
+                                        "MEMCG") < 0)
+        ret = -1;
+
+    if (virHostValidateCGroupController("LXC", "cpu",
+                                        VIR_HOST_VALIDATE_FAIL,
+                                        "CGROUP_SCHED") < 0)
+        ret = -1;
+
+    if (virHostValidateCGroupController("LXC", "cpuacct",
+                                        VIR_HOST_VALIDATE_FAIL,
+                                        "CGROUP_CPUACCT") < 0)
+        ret = -1;
+
+    if (virHostValidateCGroupController("LXC", "devices",
+                                        VIR_HOST_VALIDATE_FAIL,
+                                        "CGROUP_DEVICE") < 0)
+        ret = -1;
+
+    if (virHostValidateCGroupController("LXC", "net_cls",
+                                        VIR_HOST_VALIDATE_WARN,
+                                        "NET_CLS_CGROUP") < 0)
+        ret = -1;
+
+    if (virHostValidateCGroupController("LXC", "freezer",
+                                        VIR_HOST_VALIDATE_WARN,
+                                        "CGROUP_FREEZER") < 0)
+        ret = -1;
+
     return ret;
 }
diff --git a/tools/virt-host-validate-qemu.c b/tools/virt-host-validate-qemu.c
index 9486064..b0ae293 100644
--- a/tools/virt-host-validate-qemu.c
+++ b/tools/virt-host-validate-qemu.c
@@ -57,5 +57,35 @@ int virHostValidateQEMU(void)
                                     _("Load the 'tun' module to enable networking for QEMU guests")) < 0)
         ret = -1;
 
+    if (virHostValidateCGroupController("QEMU", "memory",
+                                        VIR_HOST_VALIDATE_WARN,
+                                        "MEMCG") < 0)
+        ret = -1;
+
+    if (virHostValidateCGroupController("QEMU", "cpu",
+                                        VIR_HOST_VALIDATE_WARN,
+                                        "CGROUP_CPU") < 0)
+        ret = -1;
+
+    if (virHostValidateCGroupController("QEMU", "cpuacct",
+                                        VIR_HOST_VALIDATE_WARN,
+                                        "CGROUP_CPUACCT") < 0)
+        ret = -1;
+
+    if (virHostValidateCGroupController("QEMU", "devices",
+                                        VIR_HOST_VALIDATE_WARN,
+                                        "CGROUP_DEVICES") < 0)
+        ret = -1;
+
+    if (virHostValidateCGroupController("QEMU", "net_cls",
+                                        VIR_HOST_VALIDATE_WARN,
+                                        "NET_CLS_CGROUP") < 0)
+        ret = -1;
+
+    if (virHostValidateCGroupController("QEMU", "blkio",
+                                        VIR_HOST_VALIDATE_WARN,
+                                        "BLK_CGROUP") < 0)
+        ret = -1;
+
     return ret;
 }
-- 
2.4.3

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]