2009-03-03 Feature freeze (32 days) 2009-03-10 Beta Freeze (39 days) 2009-04-14 Final freeze (74 days)
Alpha Freeze, Take 2 ====================
Cole released new versions of virt-manager and virtinst releases:
http://www.redhat.com/archives/fedora-virt/2009-January/msg00041.html http://www.redhat.com/archives/fedora-virt/2009-January/msg00042.html
Unfortunately, no libvirt release, but more on that below.
The biggest virt issue that we would have liked to get resolved the alpha is the infamous "unsynchronized TSC" issue which causes guests on certain hosts to hang or crash:
https://bugzilla.redhat.com/475598
Juan Quintela is close to a fix suitable for sending upstream, but in the meantime we've applied a temporary fix to disable KVM's paravirt clock on those hosts. The current rawhide kernel has this fix and the upcoming 2.6.29 kernel for F-10 will have it too.
On Monday, rel-eng met and decided to try for an alpha refresh using Tuesday's rawhide. A number of issues were found including:
https://bugzilla.redhat.com/481716 rawhide anaconda traceback when installing KVM guest (yum-HEAD.patch)
This turned out to be a problem with yum and was quickly fixed. There also were issues with latest yum that affected the tools for building the release tree and these were fixed.
https://bugzilla.redhat.com/482907 f11alpha anaconda hanging when moving to timezone screen
Initially KVM was accussed, but evidence was produced and we were granted a reprieve.
Right now, the fingers are pointing at a bizarre GtkCheckButton related issue but no doubt the problem will turn out to be completely random. Plenty of fun to be had here if anyone is interested in helping.
So, the alpha has definitely frozen now, but blockers are still being worked on.
Fedora Weekly News ==================
A new issue of FWN was posted with some nice virt coverage:
http://fedoraproject.org/wiki/FWN/Issue160#Virtualization
Thanks to Dale Bewley.
Fedora 10 Kernel ================
Plans have changed, F10 is going to get 2.6.29:
https://www.redhat.com/archives/fedora-kernel-list/2009-January/msg00098.htm...
Initial builds are available in Koji for testing.
libvirt =======
Work in preparation for a new release has been ongoing all week. The release is likely to happen this weekend.
Some highlights from the week:
- Lots and lots of fixes
- libvirt_proxy vulvnerability:
http://thread.gmane.org/gmane.comp.emulators.libvirt/11459
- qemu disk format support, including support for COW backing stores
- virtio GSO is now enabled for KVM guests where appropriate
PCI Device Assignment =====================
https://fedoraproject.org/wiki/Features/KVM_PCI_Device_Assignment
This came up for review by FESCo this week and received a very positive reception - seven +1s. Lots of time was spent discussing, but most questions seemed to be just FESCo member's personal interest in the feature rather than any real concerns over whether it should be approved.
Kevin Fenzi (nirik) and Dennis Gilmore (dgilmore) both mentioned that they're using TDM cards with Asterisk and would like to be able to move this service into a KVM guest. Supporting these cards are on of the most common requests.
Some time was spent discussing exactly what PCI devices can be assigned. The first requirement is VT-d and AMD IOMMU. PCIe devices should work well. Multiple conventional PCI devices on the same bridge can't be assigned to different guests. Graphics cards won't work for now.
Will Woods asked about VT-d support causing issues with some BIOSes. Fedora disabled CONFIG_DMAR in May because of this issue but it has been re-enabled recently again. The goal is to resolve any of these issues, perhaps through blacklisting. Any users experiencing issues should try disabling DMAR with intel_iommu=off and report to iommu@lists.linux-foundation.org if that fixes their problem.
On the testing front, basic device assignment seems to be working. Assigning an e1000e device to a guest using qemu-kvm directly from the command line works fine. One issue is that rawhide was missing the pci-stub module:
https://bugzilla.redhat.com/482792
but that's now resolved. A more serious issue is "TX Unit Hang" problems when trying to do an install using an assigned NIC. These warnings seems to be a suggest that the NIC isn't being fully reset before being used.
CONFIG_DMAR ===========
Related to PCI device assignment are Intel VT-d issues that have been reported recently.
Basically, on some machines - e.g. Lenovo x200, Dell Precision T5400 and Dell Latitude E6400 - VT-d support is causing serious and, in one case, data loss.
Kyle Martin sensibly made intel_iommu=off the default in rawhide:
* Fri Jan 23 2009 Kyle McMartin kyle@redhat.com - disable intel_iommu by default (enable with "intel_iommu=on")
and has sent his patch to do so upstream.
More details on the issue:
https://bugzilla.redhat.com/479996 http://bugzilla.kernel.org/show_bug.cgi?id=12578 https://lists.linux-foundation.org/pipermail/iommu/2009-January/001028.html
David Woodhouse has promised to dig into it next week. Bhavesh Davda and Adar Dembo from VMware are both working on the issue too. Adar tried DMA_API_DEBUG, but no driver issues were uncovered.
Disk Access Errors ==================
Dan Walsh and Cole have been looking into how to solve the issue of qemu blowing up when it doesn't have access to disk images because e.g. it was downloaded to a user's homedir and doesn't have the appropriate SELinux label.
One suggestion is to add a <code>qemuaccess</code> program which would be run early on by virt-managerto check that qemu will have access. That way the problem could be reported earlier to the user in a manner that is easier to diagnose.
sVirt =====
A new F11 feature page has been posted:
https://fedoraproject.org/wiki/SVirt_Mandatory_Access_Control
"sVirt integrates SELinux with the Fedora virtualization stack to allow Mandatory Access Control (MAC) security be applied to guest virtual machines. Amongst other things, this prevents a security bug in the hypervisor from allowing guests to attack the host or one another."
James Morris is hacking away on adding this to libvirt. Dan Walsh is going to handle making sure it works well for Fedora.
Fedora Package Updates ======================
A discussion around what a Fedora package update description should contain generated a wide discussion around how package maintainers should handles updates in general. Some guidelines have been proposed here:
https://fedoraproject.org/wiki/User:Markmc/Draft_package_update_guidelines
These guidelines are virt specific, but might interest virt package maintainers.
pv_ops ======
Jeremy Fitzhardinge has posted some patches to reduce the overhead of enabling paravirt_ops on bare-metal:
http://lkml.org/lkml/2009/1/28/438
"In testing, the net result was that the overhead dropped by about 75%"
Fedora's kernel has pv_ops enabled, of course, so this should prove a nice win.
bugs ====
DOOM-O-METER: 186 open bugs last week, 191 this week. Booo!
(Hmm, how do you drop needinfo bugs from bugzilla queries?)
Some interesting ones:
https://bugzilla.redhat.com/454415 dnsmasq --user=nobody broken on F9 -> fixed now
https://bugzilla.redhat.com/479622 libvirt should avoid creating virtual networks with the same bridge name -> Edouard found that if he created multiple virtual networks in virt-manager, they all had the same bridge name.
https://bugzilla.redhat.com/460649 libvirtd requires restart in order to detect KVM support -> If you install KVM after libvirtd has started, KVM support won't be available in virt-manager. Fixing this may involve libvirtd having to be restarted, or libvirtd might re-poll periodically for KVM.
https://bugzilla.redhat.com/480779 https://bugzilla.redhat.com/483204 F10 kvm mmu bugs: -> Some users reported KVM MMU issues. The wiley Glauber Costa noticed that the kernels in question had an nVidia driver loaded at the time. Since Linux developers can't do anything to fix closed source drivers, these bugs will be closed unless they can be reproduced without the nVidia driver.
https://bugzilla.redhat.com/480822 https://bugzilla.redhat.com/480850 virtio_net oops during rawhide guest install on rawhide host -> These oopses in slab_alloc() are still a major issue.
-
Mark McLoughlin