Re: RFC: network interface "tags" vs. portgroups

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10.06.2014 12:01, Laine Stump wrote:
A couple releases ago (commit 7d5bf484, first appeared in 1.2.2) I
modified the domain interface status xml to show what resources are
actually in use for an interface, superseding the interface config in
the cases where they conflict with each other.

In particular, if there is an interface of type='network' that
references a portgroup of the network in the <source> element, the
interface status will not contain a <source> element showing the network
and portgroup names, but instead the <source resulting from applying the
config is shown. For example, given the following domain interface and
network definitions:


     <interface type='network'>
       <source network='mynet' portgroup='xyzzy'/>
       ...
     </interface>


     <network>
       <name>mynet</name>
       <forward mode='bridge'/>\
       <bridge name='br0'/>
       <portgroup name='xyzzy'>
         <bandwidth>
           <inbound average='1000' peak='5000' floor='200' burst='1024'/>
           <outbound average='128' peak='256' burst='256'/>
         </bandwidth>
       </portgroup>
     </network>

the status that was previously displayed when the domain was running
would be identical to the config above (except that it would also
contain the tap device name and alias). But now the status will be this:


     <interface type='bridge'>
       <source bridge='br0'/>
       <bandwidth>
         <inbound average='1000' peak='5000' floor='200' burst='1024'/>
         <outbound average='128' peak='256' burst='256'/>
       </bandwidth>
       ...
     </interface>

The advantage here is that a hook script for the domain will be able to
see the bandwidth (and vlan and physical device, if any) that are
actually being used by the domain's interface. Because the config and
status both use the same elements/attributes, we can only show one or
the other; the thinking was that normally the status will be what is
desired, and anyone who really wants to look at the config should use
the VIR_DOMAIN_XML_INACTIVE flag when calling virDomainGetXMLDesc().

As you would expect, a few months later (after the release of 1.2.4)
someone on IRC checked in with a problem caused by this change - they
had been using the portgroup name in the <source> element of the
interface to determine what action to take during migration; they didn't
even have any libvirt config stored in the portgroup, but were just
using its name as a tag. Since the portgroup name is only a part of the
<source> element when the interface is type='network', they now don't
have a tag in the xml to use for their decision (and since they aren't
explicitly calling virDomainGetXMLDesc() themselves, they can't simply
get the INACTIVE xml to solve their problem).

This use of a portgroup name struck me as potentially useful (although
it is a slight hijacking of the original intent of portgroups), so I
would like to restore that functionality. I came up with a couple
different ways to solve the problem, and am looking for opinions before
I spend any time on either.

Solution 1:

My initial thought was to just restore the portgroup name in the status
XML; that could be done by moving the portgroup name out of the
network-specific part of the object and into common data for all
interface types (this way it could show up in the <source> element no
matter what is the network type). However, once we've done that it
becomes enticing to allow specification of a portgroup even in cases
where the interface type != network; in those cases though, the
portgroup would be *only* a tag to be used by external entities; this
would lead to lax checking for existence of the specified portgroup, and
may end up with people misspelling a portgroup name, then mistakenly
believing that (e.g.) they had a bandwidth limit applied to a domain
interface when none was in fact in effect. (alternately, we could allow
it only if the interface *config* was for type='network', but that seems
somehow logically broken, and you can bet that eventually someone would
ask for us to allow it for all types)

Solution 2:

An alternate idea I had was to add a new <tag name='x'/> element to
interfaces, networks, and portgroups. An interface could have multiple
tags, and would assume the tags of its <network> when active. A <tag>
would be purely for use by external entities - it would mean nothing to
libvirt. For example, given this extreme example:

     <interface type='network'>
       <source network='mynet' portgroup='xyzzy'/>
       <tag name='wumpus'/>
       ...
     </interface>

     <network>
       <name>mynet</name>
       <tag name='twisty'/>
       <forward mode='bridge'/>\
       <bridge name='br0'/>
       <portgroup name='xyzzy'>
         <tag name='xyzzytag'/>
         <bandwidth>
           <inbound average='1000' peak='5000' floor='200' burst='1024'/>
           <outbound average='128' peak='256' burst='256'/>
         </bandwidth>
       </portgroup>
     </network>
    <network>

when the interface was active, its status xml would look like this:

     <interface type='bridge'>
       <tag name='wumpus'/>
       <tag name='twisty'/>
       <tag name='xyzzytag'/>
       <source bridge='br0'/>
       <bandwidth>
         <inbound average='1000' peak='5000' floor='200' burst='1024'/>
         <outbound average='128' peak='256' burst='256'/>
       </bandwidth>
       ...
     </interface>

These tags would mean nothing to libvirt, but would be available for
management applications to make decisions during domain
start/stop/migration/etc.

While solution 1 is ad-hoc, I like it more than 2 if I had to choose. The problem with 2 is that it's polluting our domain XML. Next time we invent hooks for something else (nwfilters, storage, whatever) we're in the same situation again. Which will result in more pollution then if now go with 2 now. That's why I vote for 1 even though it's kind of ad-hoc approach.

Michal

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]