Fedora virt status
by Mark McLoughlin
Fedora 12 Schedule
==================
The Fedora 12 release is looming large. At this stage, all efforts
should be focused on polishing off everything for the final release.
2009-09-17 Virt Test Day (6 days)
2009-09-29 Final Development Freeze (18 days)
2009-10-28 Release Candidate Compose (47 days)
Fedora Test Day
===============
Next Thursday, September 17th, we will be holding be holding Fedora
Test Day in order to test all the latest Fedora 12 virt goodies:
https://fedoraproject.org/wiki/Test_Day:2009-09-17_Virtualization
General Virt
* PXE booting
* Live Migration
* The qcow2 image format
KVM
* KSM
* Huge page backed memory
* NIC hotplug
* Stable guest ABI
libvirt
* libguestfs
* VirtStorageManagement
* Network_Interface_Management
* VirtTCK
* VirtPrivileges
Hardware Enablement
* SR-IOV
* VT-d
Preparations for the day are still in their early stages, so if you
want to help out, please dive right in.
Most importantly, though, please do make an effort to turn up on the
day, grab some test cases and report bugs!
KSM Tuning Daemon
=================
On the fedora-virt list, Dan Kenigsberg and Dan Berrange discussed
creating a KSM tuning service:
http://www.redhat.com/archives/fedora-virt/2009-September/msg00024.html
An unattended host running a variable number of qemu-kvm's needs to
tune ksm automatically, since when memory is tight, it's better to
spend more cpu on merging pages. In more relaxed cases, it's just a
waste of time.
The attached service tries to do just that.
It monitors how much memory is used by qemu-kvm processes, and
starts ksm when a threshold is passed. Ksm usually manages to free
up some memory.
This relates to the new KSM feature in Fedora 12:
https://fedoraproject.org/wiki/Features/KSM
FWN
===
Dale Bewley continues to churn out excellent virt updates for Fedora
Weekly News:
https://fedoraproject.org/wiki/FWN/Issue192#Virtualization
https://fedoraproject.org/wiki/FWN/Issue190#Virtualization
Dale also posted a sneak preview of the extensive virtualization
section for the Fedora 12 release notes:
http://fedoraproject.org/wiki/Documentation_Virtualization_Beat
Xen Dom0
========
Huge amounts of activity is going on the fedora-xen list around
testing out the latest Xen pv_ops Dom0 kernels. It's all too much to
summarize here, so if you're interested, take a look a the list
archives:
http://www.redhat.com/archives/fedora-xen/2009-September/date.html
Bugs
====
DOOM-O-METER: 214 open bugs now, 217 three weeks ago
The Fedora 12 blocker list is:
https://bugzilla.redhat.com/showdependencytree.cgi?id=F12VirtBlocker&hide...
and the Fedora 12 target list is:
https://bugzilla.redhat.com/showdependencytree.cgi?id=F12VirtTarget&hide_...
All these queries can be found on:
https://fedoraproject.org/wiki/Virtualization_bugs
Ongoing Bugs
============
== misc ==
https://bugzilla.redhat.com/507397
Directory permissions on volume group directory too restrictive
The change to fix volume group directory permissions is still
blocking on a change over to udev. Time is getting tight for
F-12.
== kernel ==
https://bugzilla.redhat.com/520119
virtio_net page allocation failure
A report of a 2.6.29 virtio_net oops which Rusty recently fixed
in 2.6.31.
https://bugzilla.redhat.com/509383
rotational mode is much faster for virtio-blk disks, but uses
non-rotational mode by default
Christoph is having trouble reproducing this issue.
https://bugzilla.redhat.com/512358
Unable to boot using qemu-kvm and gPXE from virt-preview
repository
This issue should be fixed in 2.6.30.6 which hopefully will
appear in F-11 updates soon.
== qemu ==
https://bugzilla.redhat.com/519787
qemu-kvm exits when initializing MSI-X fails on older kernels
virtio's MSI-X support causes qemu to exit if the kernel does not
support it. This is now fixed in rawhide by backporting a fix
from upstream.
https://bugzilla.redhat.com/520159
QEMU does not exit if it can't attach to the host USB device
Dan Berrange notes that qemu doesn't give the user any useful
error it fails to pass through a host USB device to the guest.
https://bugzilla.redhat.com/498242
QEMU threads should share the same I/O context
https://bugzilla.redhat.com/509702
Implement support for CLONE_IO
Uli doesn't think CLONE_IO should be a thread attribute and has
closed the glibc bug as WONTFIX. The suggestion now is to make
this a process-wide attribute configurable with prctl().
https://bugzilla.redhat.com/519540
qemu slows down dramatically using the SDL graphics backend and
ac97 sound driver
It looks like there may be something specific to SDL and ac97
causing qemu to slow down hugely in Fedora 11.
== libvirt ==
https://bugzilla.redhat.com/520864
libvirt is using untrusted 'info vcpus' PID data for already
running VM after libvirtd restart
Dan Berrange points out that if a qemu process is compromised, it
can cause libvirtd to kill another process.
https://bugzilla.redhat.com/517617
libvirt/netcf loads modprobe.conf and others - AVC messages
(preventing libvirtd (virtd_t) "getattr" modules_conf_t)
David Lutterkort thought it may be possible to get bonding to work
without modifying modprobe.conf, but that turns out not to be the
case so we need the selinux-policy to allow it.
https://bugzilla.redhat.com/519381
libvirt should check for -soundhw support; qemu-system-sparc does
not have soundhw support
It turns out that the sparc target does not have -soundhw
support. We need libvirt to detect that.
Resolved Bugs
=============
== misc ==
https://bugzilla.redhat.com/512376
Guest clock is running aprox. 3 seconds before host clock.
Now that the kernel is configured with CONFIG_RTC_HCTOSYS,
initscripts runs hwclock --systz rather than --hctosys, which in
turn means that the hwclock isn't incorrectly introducing an
offset between the guest and host clocks.
== kernel ==
https://bugzilla.redhat.com/516909
KSM breaks encryption 157 > kernel > 139 - KSM support now
disabled
Andrea tracked down and fixed this KSM blocker and Justin pushed
the fix to rawhide.
== qemu ==
https://bugzilla.redhat.com/519378
kvm forgets to close /proc/meminfo when hugepages are active
F-11 qemu-kvm is leaking a /proc/meminfo when using huge
pages. Fixed by backporting a change to use statfs rather than
/proc/meminfo.
https://bugzilla.redhat.com/495964
qemu locks up at shutdown with sdl audio driver
It appears several users are using qemu with QEMU_AUDIO_DRV=pa in
order to get working sound. F-11 and F-12 are now switched over to
used this backend by default.
https://bugzilla.redhat.com/501131
qemu segfault when VNC client disconnects
https://bugzilla.redhat.com/503156
qemu VNC :: xterm inside VM shows garbled text
Fixes for both of these Fedora 11 bugs have now been backported
and will appear in updates shortly.
== libvirt ==
https://bugzilla.redhat.com/521652
selinux policy update needed :: libvirt has moved the location of
the qemu monitor socket
libvirt has moved where the monitor socket is created, so the
selinux policy needed updating. This is fixed in rawhide now.
https://bugzilla.redhat.com/516120
unable to start guest: qemu: could not open serial device 'pty'
This turned out to be caused by incorrect permissions on
/dev/ptmx. We're still not sure how that came about.
https://bugzilla.redhat.com/517619
libvirtd should chown dirs when qemu configured to run as
root/root
Dan Berrange fixed this upstream for libvirt-0.7.1.
https://bugzilla.redhat.com/465532
RFE: libvirt should support KVM huge page backed memory
Dan Berrange polished off John Cooper's patch and pushed it in
time for libvirt-0.7.1.
https://bugzilla.redhat.com/507271
libvirt always places IDE disks before virtio/scsi disks
A fix for this has been committed upstream and will be pulled into
F11 soon.
== xen ==
https://bugzilla.redhat.com/508120
2.6.31-rc1 xen domU crashes early during boot
This Xen DomU pv_ops blocker should now be fixed in rawhide thanks
to a patch from Jeremy Fitzhardinge.
https://bugzilla.redhat.com/521800
kernel backtrace: possible recursive locking detected on Xen domU
A kernel lockdep warning seen under F-12 Xen DomU.
14 years, 7 months
Windows XP KVM can't shutdown?
by Tom Horsley
I just installed a windows XP KVM virtual machine via
fedora 11's virt-manager. All went well, but the KVM
machine can't seem to shutdown, instead I get the
Windows XP screen that says "it is now safe to
power off".
Is there some setting I need to tweak somewhere to enable
XP to power off by itself?
14 years, 7 months
Prevent start of VM that is already running on another host
by Gianluca Cecchi
My sw env uses F11 x86_64 and qemu/libvirt updated components as provided by
fedora-virt-preview repo.
I seem to notice that in my setup, composed by 2 hosts with several VMs and
shared storage (see below for details), if I have one VM started and try to
start it on the other one, this is not prevented.
To be clear:
- I create a qemu/kvm based VM1 on host1 with virt-manager
at this point host2 knows nothing about VM1
- I successfully live migrate VM1 to host2 (thanks again Mark for the
bugzilla opening and the follow-up for resolution)
at this point both nodes know about VM1 and in virt-manager it is in
"playing" mode in host2, and in greyed-out stopped mode in host1.
- If now I right-click and start VM1 on host1 from inside virt-manager, I
don't get any error... why?
(btw I can open console on both and work in the mean time on both the
instances of the same insisting disks VMs..... who knows what it is
happening at low level...)
In some way host1 should know that in my opinion and refuse to start VM1.
Better, I would like VM1 to not compare at all in host1 virt-manager
section after migration, so that I neither can start it....
>From the hw point of view my setup for VMs storage is based on Drbd 8.3.2 in
primary/primary mode composing a PV that is so seen by both hosts.
So that disk of VM1 is an LV inside a VG of it.
I'm also using RHCS/CLVM as a layer for this.
But I presume I would have the same problem in case of a real SAN with CLVM
managed volumes, correct?
For example on a rhel 5.3 cluster (that doesn't have virtualization at all;
only for comparing) with clvmd on a SAN based PV I can see:
[root@node1 ~]# lvs
LV VG Attr LSize Origin Snap% Move Log
Copy% Convert
LV_ORADATA VG_ORADATA -wi-a-
119.98G
LV_databases VolGroup00 -wi-ao 8.00G
[root@node2 ~]# lvs
LV VG Attr LSize Origin Snap% Move Log
Copy% Convert
LV_ORADATA VG_ORADATA -wi-ao
119.98G
LV_databases VolGroup00 -wi-ao
8.00G
Here, only node2 has the Oracle data LV open while the second node has
access to the VG and eventually to its modifications (extend vg, add lv,
ecc) in real time.
So that in case of failover is capable to carry on immediately the service.
The same is for my f11 cluster where I have my drbd synced VG that is
vg_qemu01 and my hosts that are virtfed and virtfedbis:
[root@virtfed ~]# lvs
LV VG Attr LSize Origin Snap% Move Log
Copy% Convert
centos53 vg_qemu01 -wi-ao
6.35G
test_vm_drbd vg_qemu01 -wi-a-
5.00G
w2k3_01 vg_qemu01 -wi-a-
6.35G
lv_root vg_virtfed -wi-ao
12.00G
lv_swap vg_virtfed -wi-ao 4.00G
[root@virtfedbis ~]# lvs
LV VG Attr LSize Origin Snap% Move Log
Copy% Convert
centos53 vg_qemu01 -wi-a-
6.35G
test_vm_drbd vg_qemu01 -wi-ao
5.00G
w2k3_01 vg_qemu01 -wi-a-
6.35G
lv_root vg_virtfed -wi-ao
12.00G
lv_swap vg_virtfed -wi-ao 4.00G
Giving the VMs the same name as their corresponding LV name, now I have
VM centos53 active on both but opened/started on virtfed
VM test_vm_drbd active on both but opened/started on virtfedbis
VM w2k3_01 powered off on both
If I start VM centos53 on virtfedbis after migration, I get success but
actually I corrupt my actual centos53 operating system instance, due to my
intended primary/primary config for drbd
(but the same I would get in real SAN where I do have only ONE volume
indeed).
I know that I can make an active/passive config with drbd in
primary/secondary, but in my opinion there are all the pieces to get the
active/active too.
Also, I would prefere to manage VM transitions form host1 to host2 and
viceversa by virt-manager and not as services of the rhcs (that is an
alternative used by someone).
Thanks for attention,
Gianluca
14 years, 7 months
Re: [Fedora-xen] xen 3.4.1 + myoung x86_64 kernel
by Boris Derzhavets
Did you build and and start services as root ?
After xen-3.1.4-3.src.rpm "rpmbuild" followed by install of generated packages run:-
# chkconfig xend on
# service xend start
Same commands for xenstored,xenconsoled,xendomains
Configure Libvirt Preview Repo and run :-
# yum install libvirt libvirt-python python-virtinst virt-manager virt-viewer
# chkconfig libvirtd on
# service libvirtd start
Next :-
# rpm -qa|grep xen
# rpm -qa|grep virt
Make sure right packages installed on F11
Boris.
--- On Wed, 9/2/09, Mark Schloesser <mark.schloesser(a)rwth-aachen.de> wrote:
From: Mark Schloesser <mark.schloesser(a)rwth-aachen.de>
Subject: [Fedora-xen] xen 3.4.1 + myoung x86_64 kernel
To: fedora-xen(a)redhat.com
Date: Wednesday, September 2, 2009, 5:55 PM
Hi,
I was just trying to get this combination setup up and running. I am on
Fedora 11 and mostly followed Boris Derzhavets' blog to get it done.
Sadly the box complains that it can not connect to the hypervisor when
starting libvirtd and also xend startup fails.
libvirtd screen message:
ERROR Internal error: Could not obtain handle on privileged command
interface (13 = Permission denied)
FATAL: Failed to open connection to hypervisor: Permission denied
In the kernel log I saw this:
======================================================
[ INFO: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected ]
2.6.31-0.1.2.60.rc7.git4.xendom0.fc12.x86_64 #1
------------------------------------------------------
See dmesg at http://p.carnivore.it/MrGxdQ for more info.
Thanks for any hints or clarification!
Cheers,
Mark
-----Inline Attachment Follows-----
--
Fedora-xen mailing list
Fedora-xen(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-xen
14 years, 7 months
Re: [Fedora-xen] xen 3.4.1 + myoung x86_64 kernel
by Boris Derzhavets
I didn't suggest to install Michael Young's kernel. You may build directly via J.F. Git Repo:-
# yum install mercurial gitk
# git clone git://git.kernel.org/pub/scm/linux/kernel/git/jeremy/xen.git linux-2.6-xen
# cd *-xen
# git checkout origin/rebase/master -b rebase/master
# copy ../config-work .config
# make
# make modules_install install
Pvops kernel 2.6.31-rc6 should be built and installed on system.
Working .config is attached (x86_64). No need run "make menuconfig"
However, i got it working with both kernel. Stack trace in dmesg output
of fedora's kernel seems to be harmless.
Clean install with right sequence of steps seems to be important. I was unable reinstall system once been built. Try to follow blog's steps one by one. Point of kernel build doesn't matter.
Boris.
--- On Wed, 9/2/09, Mark Schloesser <mark.schloesser(a)rwth-aachen.de> wrote:
From: Mark Schloesser <mark.schloesser(a)rwth-aachen.de>
Subject: [Fedora-xen] xen 3.4.1 + myoung x86_64 kernel
To: fedora-xen(a)redhat.com
Date: Wednesday, September 2, 2009, 5:55 PM
Hi,
I was just trying to get this combination setup up and running. I am on
Fedora 11 and mostly followed Boris Derzhavets' blog to get it done.
Sadly the box complains that it can not connect to the hypervisor when
starting libvirtd and also xend startup fails.
libvirtd screen message:
ERROR Internal error: Could not obtain handle on privileged command
interface (13 = Permission denied)
FATAL: Failed to open connection to hypervisor: Permission denied
In the kernel log I saw this:
======================================================
[ INFO: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected ]
2.6.31-0.1.2.60.rc7.git4.xendom0.fc12.x86_64 #1
------------------------------------------------------
See dmesg at http://p.carnivore.it/MrGxdQ for more info.
Thanks for any hints or clarification!
Cheers,
Mark
-----Inline Attachment Follows-----
--
Fedora-xen mailing list
Fedora-xen(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-xen
14 years, 7 months
bridge network with iptables running on host?
by Tom Horsley
Long before I ever tried using virtual machines, I painstakingly
came up with some iptables settings to make my system as closed
as possible to most of the outside world while still being open
to my local 192.168.1.0/24 network.
I'm now playing around with VMs on my system, using bridging
because I want each VM to be a fully fledged member of my
local network.
It works great as long as I turn off iptables on the host, so
now I wonder what the heck is preventing the bridge traffic
from operating? (Actually it is just the VMs that can't
get out - I get can into them OK).
Do I have to tell the host to forward everything (rather than
forwarding nothing as I have it now?).
14 years, 7 months
2nd NIC hangs udev
by Gene Czarcinski
This is on a F11 x86_64 host WITHOUT virt-preview.
This happens with F11 and F9 guests (both 32 bit and 64 bit architectures).
Installing and bootup works fine with the default NIC. But, when I add a
second NIC (such as a privately network), I hang for a long time at Starting
udev.
The NICs mostly specify a "virtio" device but this also occurs if you specify
something else. Both NICs use the same device type.
At first I thought I was really hung but waiting a long time (at least a
minute) breaks free and everything proceeds normally.
This does not happen on real hardware ... I have one system with two NICs and
another with three NICs are n\there are no "long pauses".
Any ideas??
Gene
14 years, 7 months