Martin Polednik has uploaded a new change for review.
Change subject: caps: report nested virtualization capabilities ......................................................................
caps: report nested virtualization capabilities
Nested virtualization capability can be easily queried without sysfs and is necessary and sufficient to determine nested VT availability. Moving this code to lib/osinfo also allows us to simplify nestedvt hook - done as a part of this patch.
Change-Id: I1715413ae815c67ecc67bf7789487dbc11278919 Signed-off-by: Martin Polednik mpolednik@redhat.com --- M lib/api/vdsm-api.yml M lib/vdsm/osinfo.py M vdsm/caps.py M vdsm_hooks/nestedvt/before_vm_start.py 4 files changed, 34 insertions(+), 12 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/17/65717/1
diff --git a/lib/api/vdsm-api.yml b/lib/api/vdsm-api.yml index e44e06a..88635e1 100644 --- a/lib/api/vdsm-api.yml +++ b/lib/api/vdsm-api.yml @@ -6496,6 +6496,13 @@ name: realtimeKernel type: string added: '4.1' + + - defaultvalue: no-default + description: Indication whether the system is capable of nested + virtualization (considers platform & module options). + name: nestedVirtualization + type: string + added: '4.1' type: object
VmShortStatus: &VmShortStatus diff --git a/lib/vdsm/osinfo.py b/lib/vdsm/osinfo.py index bf2cd5f..d35eaca 100644 --- a/lib/vdsm/osinfo.py +++ b/lib/vdsm/osinfo.py @@ -27,6 +27,7 @@
from collections import namedtuple
+from vdsm import cpuarch from vdsm import utils
# For debian systems we can use python-apt if available @@ -51,6 +52,8 @@
KernelFlags = namedtuple('KernelFlags', 'version, realtime') +NestedVirtualization = namedtuple('NestedVirtualization', + 'enabled, kvm_module')
class OSName: @@ -260,3 +263,20 @@ realtime = 'RT' in ret[3]
return KernelFlags(dict(version=ver, release=rel), realtime) + + +@utils.memoized +def nested_virtualization(): + if cpuarch.is_ppc(cpuarch.real()): + return NestedVirtualization(False, None) + + for kvm_module in ("kvm_intel", "kvm_amd"): + kvm_module_path = "/sys/module/%s/parameters/nested" % kvm_module + try: + with open(kvm_module_path) as f: + if f.readline().strip() in ("Y", "1"): + return NestedVirtualization(True, kvm_module) + except IOError: + logging.debug('Could not determine status of nested ' + 'virtualization', exc_info=True) + return NestedVirtualization(False, None) diff --git a/vdsm/caps.py b/vdsm/caps.py index 57ea7e9..b12e6df 100644 --- a/vdsm/caps.py +++ b/vdsm/caps.py @@ -170,6 +170,8 @@ caps['packages2'] = osinfo.package_versions() caps['realtimeKernel'] = str( osinfo.runtime_kernel_flags().realtime).lower() + caps['nestedVirtualization'] = str( + osinfo.nested_virtualization().enabled).lower() caps['emulatedMachines'] = machinetype.emulated_machines( cpuarch.effective()) caps['ISCSIInitiatorName'] = _getIscsiIniName() diff --git a/vdsm_hooks/nestedvt/before_vm_start.py b/vdsm_hooks/nestedvt/before_vm_start.py index 5ea71f4..f245e3f 100755 --- a/vdsm_hooks/nestedvt/before_vm_start.py +++ b/vdsm_hooks/nestedvt/before_vm_start.py @@ -21,26 +21,19 @@
import hooking
+from vdsm import osinfo + cpu_nested_features = { "kvm_intel": "vmx", "kvm_amd": "svm", }
-for kvm_mod in ("kvm_intel", "kvm_amd"): - kvm_mod_path = "/sys/module/%s/parameters/nested" % kvm_mod - try: - with open(kvm_mod_path) as f: - if f.readline().strip() in ("Y", "1"): - break - except IOError: - pass -else: - kvm_mod = None +nestedvt = osinfo.nested_virtualization()
-if kvm_mod: +if nestedvt.status: domxml = hooking.read_domxml() feature_vmx = domxml.createElement("feature") - feature_vmx.setAttribute("name", cpu_nested_features[kvm_mod]) + feature_vmx.setAttribute("name", cpu_nested_features[nestedvt.kvm_module]) feature_vmx.setAttribute("policy", "require") domxml.getElementsByTagName("cpu")[0].appendChild(feature_vmx) hooking.write_domxml(domxml)
gerrit-hooks has posted comments on this change.
Change subject: caps: report nested virtualization capabilities ......................................................................
Patch Set 1:
* Update Tracker::IGNORE, no bug url/s found * Check Bug-Url::IGNORE, not relevant for branch: master * Check Public Bug::WARN, no public bug url found * Check merged to previous::IGNORE, Not in stable branch (['ovirt-3.6', 'ovirt-4.0'])
gerrit-hooks has posted comments on this change.
Change subject: caps: report nested virtualization capabilities ......................................................................
Patch Set 2:
* Update Tracker::IGNORE, no bug url/s found * Check Bug-Url::IGNORE, not relevant for branch: master * Check Public Bug::WARN, no public bug url found * Check merged to previous::IGNORE, Not in stable branch (['ovirt-3.6', 'ovirt-4.0'])
Francesco Romani has posted comments on this change.
Change subject: caps: report nested virtualization capabilities ......................................................................
Patch Set 2: Code-Review+1
(1 comment)
nice improvement, +2 pending because inline comment
https://gerrit.ovirt.org/#/c/65717/2/lib/api/vdsm-api.yml File lib/api/vdsm-api.yml:
PS2, Line 6504: type: string You may want to use:
type: string datatype: boolean
gerrit-hooks has posted comments on this change.
Change subject: caps: report nested virtualization capabilities ......................................................................
Patch Set 3:
* Update Tracker::IGNORE, no bug url/s found * Check Bug-Url::IGNORE, no bug url/s found * Check Public Bug::WARN, no public bug url found * Check merged to previous::IGNORE, Not in stable branch (['ovirt-3.6', 'ovirt-4.0'])
Francesco Romani has posted comments on this change.
Change subject: caps: report nested virtualization capabilities ......................................................................
Patch Set 3: Code-Review+1
looks good to me. Please get ACK(s) from infra devs about the schema change.
Piotr Kliczewski has posted comments on this change.
Change subject: caps: report nested virtualization capabilities ......................................................................
Patch Set 3:
(1 comment)
https://gerrit.ovirt.org/#/c/65717/3/lib/api/vdsm-api.yml File lib/api/vdsm-api.yml:
PS3, Line 6505: string Like in previous patch. Why not to use boolean?
Martin Polednik has abandoned this change.
Change subject: caps: report nested virtualization capabilities ......................................................................
Abandoned
Actually merged (incl. Piotr's fix) with the last patch.
gerrit-hooks has posted comments on this change.
Change subject: caps: report nested virtualization capabilities ......................................................................
Patch Set 3:
* update_tracker: OK
vdsm-patches@lists.fedorahosted.org
-
automation@ovirt.org -
fromani@redhat.com -
Martin Polednik -
Piotr Kliczewski