hv_kvm.py 104 KB
Newer Older
Guido Trotter's avatar
Guido Trotter committed
1
2
3
#
#

4
# Copyright (C) 2008, 2009, 2010, 2011, 2012, 2013, 2014 Google Inc.
Guido Trotter's avatar
Guido Trotter committed
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301, USA.


"""KVM hypervisor

"""

Balazs Lecz's avatar
Balazs Lecz committed
26
import errno
Guido Trotter's avatar
Guido Trotter committed
27
28
29
30
import os
import os.path
import re
import tempfile
31
import time
Guido Trotter's avatar
Guido Trotter committed
32
import logging
33
import pwd
34
35
import struct
import fcntl
36
import shutil
37
import urllib2
38
import socket
39
import stat
40
import StringIO
41
from bitarray import bitarray
42
try:
Andrea Spadaccini's avatar
Andrea Spadaccini committed
43
  import affinity   # pylint: disable=F0401
44
45
except ImportError:
  affinity = None
46
47
48
49
try:
  import fdsend   # pylint: disable=F0401
except ImportError:
  fdsend = None
Guido Trotter's avatar
Guido Trotter committed
50
51
52
53

from ganeti import utils
from ganeti import constants
from ganeti import errors
54
55
from ganeti import serializer
from ganeti import objects
56
57
from ganeti import uidpool
from ganeti import ssconf
58
from ganeti import netutils
59
60
from ganeti import pathutils
from ganeti.hypervisor import hv_base
61
from ganeti.utils import wrapper as utils_wrapper
Guido Trotter's avatar
Guido Trotter committed
62
63


64
_KVM_NETWORK_SCRIPT = pathutils.CONF_DIR + "/kvm-vif-bridge"
65
_KVM_START_PAUSED_FLAG = "-S"
66

67
68
69
70
71
72
73
74
75
76
# TUN/TAP driver constants, taken from <linux/if_tun.h>
# They are architecture-independent and already hardcoded in qemu-kvm source,
# so we can safely include them here.
TUNSETIFF = 0x400454ca
TUNGETIFF = 0x800454d2
TUNGETFEATURES = 0x800454cf
IFF_TAP = 0x0002
IFF_NO_PI = 0x1000
IFF_VNET_HDR = 0x4000

77
78
79
80
81
82
83
84
85
86
87
#: SPICE parameters which depend on L{constants.HV_KVM_SPICE_BIND}
_SPICE_ADDITIONAL_PARAMS = frozenset([
  constants.HV_KVM_SPICE_IP_VERSION,
  constants.HV_KVM_SPICE_PASSWORD_FILE,
  constants.HV_KVM_SPICE_LOSSLESS_IMG_COMPR,
  constants.HV_KVM_SPICE_JPEG_IMG_COMPR,
  constants.HV_KVM_SPICE_ZLIB_GLZ_IMG_COMPR,
  constants.HV_KVM_SPICE_STREAMING_VIDEO_DETECTION,
  constants.HV_KVM_SPICE_USE_TLS,
  ])

88
89
90
91
# Constant bitarray that reflects to a free pci slot
# Use it with bitarray.search()
_AVAILABLE_PCI_SLOT = bitarray("0")

92
93
# below constants show the format of runtime file
# the nics are in second possition, while the disks in 4th (last)
94
95
# moreover disk entries are stored as a list of in tuples
# (L{objects.Disk}, link_name, uri)
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
_KVM_NICS_RUNTIME_INDEX = 1
_KVM_DISKS_RUNTIME_INDEX = 3
_DEVICE_RUNTIME_INDEX = {
  constants.HOTPLUG_TARGET_DISK: _KVM_DISKS_RUNTIME_INDEX,
  constants.HOTPLUG_TARGET_NIC: _KVM_NICS_RUNTIME_INDEX
  }
_FIND_RUNTIME_ENTRY = {
  constants.HOTPLUG_TARGET_NIC:
    lambda nic, kvm_nics: [n for n in kvm_nics if n.uuid == nic.uuid],
  constants.HOTPLUG_TARGET_DISK:
    lambda disk, kvm_disks: [(d, l, u) for (d, l, u) in kvm_disks
                             if d.uuid == disk.uuid]
  }
_RUNTIME_DEVICE = {
  constants.HOTPLUG_TARGET_NIC: lambda d: d,
  constants.HOTPLUG_TARGET_DISK: lambda (d, e, _): d
  }
_RUNTIME_ENTRY = {
  constants.HOTPLUG_TARGET_NIC: lambda d, e: d,
  constants.HOTPLUG_TARGET_DISK: lambda d, e: (d, e, None)
  }

118
119
_MIGRATION_CAPS_DELIM = ":"

120

121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
def _GenerateDeviceKVMId(dev_type, dev):
  """Helper function to generate a unique device name used by KVM

  QEMU monitor commands use names to identify devices. Here we use their pci
  slot and a part of their UUID to name them. dev.pci might be None for old
  devices in the cluster.

  @type dev_type: sting
  @param dev_type: device type of param dev
  @type dev: L{objects.Disk} or L{objects.NIC}
  @param dev: the device object for which we generate a kvm name
  @raise errors.HotplugError: in case a device has no pci slot (old devices)

  """

  if not dev.pci:
    raise errors.HotplugError("Hotplug is not supported for %s with UUID %s" %
                              (dev_type, dev.uuid))

  return "%s-%s-pci-%d" % (dev_type.lower(), dev.uuid.split("-")[0], dev.pci)


143
144
145
146
147
148
149
150
151
152
153
154
def _GetFreeSlot(slots, slot=None, reserve=False):
  """Helper method to get first available slot in a bitarray

  @type slots: bitarray
  @param slots: the bitarray to operate on
  @type slot: integer
  @param slot: if given we check whether the slot is free
  @type reserve: boolean
  @param reserve: whether to reserve the first available slot or not
  @return: the idx of the (first) available slot
  @raise errors.HotplugError: If all slots in a bitarray are occupied
    or the given slot is not free.
155

156
157
158
159
160
  """
  if slot is not None:
    assert slot < len(slots)
    if slots[slot]:
      raise errors.HypervisorError("Slots %d occupied" % slot)
161

162
163
164
165
  else:
    avail = slots.search(_AVAILABLE_PCI_SLOT, 1)
    if not avail:
      raise errors.HypervisorError("All slots occupied")
166

167
    slot = int(avail[0])
168

169
170
  if reserve:
    slots[slot] = True
171

172
  return slot
173
174


175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
def _GetExistingDeviceInfo(dev_type, device, runtime):
  """Helper function to get an existing device inside the runtime file

  Used when an instance is running. Load kvm runtime file and search
  for a device based on its type and uuid.

  @type dev_type: sting
  @param dev_type: device type of param dev
  @type device: L{objects.Disk} or L{objects.NIC}
  @param device: the device object for which we generate a kvm name
  @type runtime: tuple (cmd, nics, hvparams, disks)
  @param runtime: the runtime data to search for the device
  @raise errors.HotplugError: in case the requested device does not
    exist (e.g. device has been added without --hotplug option) or
    device info has not pci slot (e.g. old devices in the cluster)

  """
  index = _DEVICE_RUNTIME_INDEX[dev_type]
  found = _FIND_RUNTIME_ENTRY[dev_type](device, runtime[index])
  if not found:
    raise errors.HotplugError("Cannot find runtime info for %s with UUID %s" %
                              (dev_type, device.uuid))

  return found[0]


201
202
203
204
205
206
def _UpgradeSerializedRuntime(serialized_runtime):
  """Upgrade runtime data

  Remove any deprecated fields or change the format of the data.
  The runtime files are not upgraded when Ganeti is upgraded, so the required
  modification have to be performed here.
207
208
209

  @type serialized_runtime: string
  @param serialized_runtime: raw text data read from actual runtime file
210
211
  @return: (cmd, nic dicts, hvparams, bdev dicts)
  @rtype: tuple
212
213
214

  """
  loaded_runtime = serializer.Load(serialized_runtime)
215
216
217
  kvm_cmd, serialized_nics, hvparams = loaded_runtime[:3]
  if len(loaded_runtime) >= 4:
    serialized_disks = loaded_runtime[3]
218
  else:
219
220
221
222
223
224
225
226
227
    serialized_disks = []

  for nic in serialized_nics:
    # Add a dummy uuid slot if an pre-2.8 NIC is found
    if "uuid" not in nic:
      nic["uuid"] = utils.NewUUID()

  return kvm_cmd, serialized_nics, hvparams, serialized_disks

228

229
230
def _AnalyzeSerializedRuntime(serialized_runtime):
  """Return runtime entries for a serialized runtime file
231

232
233
234
235
236
237
238
239
  @type serialized_runtime: string
  @param serialized_runtime: raw text data read from actual runtime file
  @return: (cmd, nics, hvparams, bdevs)
  @rtype: tuple

  """
  kvm_cmd, serialized_nics, hvparams, serialized_disks = \
    _UpgradeSerializedRuntime(serialized_runtime)
240
  kvm_nics = [objects.NIC.FromDict(snic) for snic in serialized_nics]
241
242
  kvm_disks = [(objects.Disk.FromDict(sdisk), link, uri)
               for sdisk, link, uri in serialized_disks]
243

244
  return (kvm_cmd, kvm_nics, hvparams, kvm_disks)
245

246

247
248
249
250
251
252
253
254
255
256
def _GetTunFeatures(fd, _ioctl=fcntl.ioctl):
  """Retrieves supported TUN features from file descriptor.

  @see: L{_ProbeTapVnetHdr}

  """
  req = struct.pack("I", 0)
  try:
    buf = _ioctl(fd, TUNGETFEATURES, req)
  except EnvironmentError, err:
Iustin Pop's avatar
Iustin Pop committed
257
    logging.warning("ioctl(TUNGETFEATURES) failed: %s", err)
258
259
260
261
262
263
264
    return None
  else:
    (flags, ) = struct.unpack("I", buf)
    return flags


def _ProbeTapVnetHdr(fd, _features_fn=_GetTunFeatures):
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
  """Check whether to enable the IFF_VNET_HDR flag.

  To do this, _all_ of the following conditions must be met:
   1. TUNGETFEATURES ioctl() *must* be implemented
   2. TUNGETFEATURES ioctl() result *must* contain the IFF_VNET_HDR flag
   3. TUNGETIFF ioctl() *must* be implemented; reading the kernel code in
      drivers/net/tun.c there is no way to test this until after the tap device
      has been created using TUNSETIFF, and there is no way to change the
      IFF_VNET_HDR flag after creating the interface, catch-22! However both
      TUNGETIFF and TUNGETFEATURES were introduced in kernel version 2.6.27,
      thus we can expect TUNGETIFF to be present if TUNGETFEATURES is.

   @type fd: int
   @param fd: the file descriptor of /dev/net/tun

  """
281
  flags = _features_fn(fd)
282

283
284
  if flags is None:
    # Not supported
285
286
    return False

287
288
289
290
291
292
293
  result = bool(flags & IFF_VNET_HDR)

  if not result:
    logging.warning("Kernel does not support IFF_VNET_HDR, not enabling")

  return result

294

295
def _OpenTap(vnet_hdr=True, name=""):
296
297
298
299
300
301
302
  """Open a new tap device and return its file descriptor.

  This is intended to be used by a qemu-type hypervisor together with the -net
  tap,fd=<fd> command line parameter.

  @type vnet_hdr: boolean
  @param vnet_hdr: Enable the VNET Header
303
304
305
306
307

  @type name: string
  @param name: name for the TAP interface being created; if an empty
               string is passed, the OS will generate a unique name

308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
  @return: (ifname, tapfd)
  @rtype: tuple

  """
  try:
    tapfd = os.open("/dev/net/tun", os.O_RDWR)
  except EnvironmentError:
    raise errors.HypervisorError("Failed to open /dev/net/tun")

  flags = IFF_TAP | IFF_NO_PI

  if vnet_hdr and _ProbeTapVnetHdr(tapfd):
    flags |= IFF_VNET_HDR

  # The struct ifreq ioctl request (see netdevice(7))
323
  ifr = struct.pack("16sh", name, flags)
324
325
326

  try:
    res = fcntl.ioctl(tapfd, TUNSETIFF, ifr)
327
328
329
  except EnvironmentError, err:
    raise errors.HypervisorError("Failed to allocate a new TAP device: %s" %
                                 err)
330
331
332
333
334

  # Get the interface name from the ioctl
  ifname = struct.unpack("16sh", res)[0].strip("\x00")
  return (ifname, tapfd)

335

336
337
338
339
340
class HeadRequest(urllib2.Request):
  def get_method(self):
    return "HEAD"


341
342
343
344
345
def _CheckUrl(url):
  """Check if a given URL exists on the server

  """
  try:
346
347
    urllib2.urlopen(HeadRequest(url))
    return True
348
349
350
351
  except urllib2.URLError:
    return False


352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
class QmpMessage:
  """QEMU Messaging Protocol (QMP) message.

  """
  def __init__(self, data):
    """Creates a new QMP message based on the passed data.

    """
    if not isinstance(data, dict):
      raise TypeError("QmpMessage must be initialized with a dict")

    self.data = data

  def __getitem__(self, field_name):
    """Get the value of the required field if present, or None.

    Overrides the [] operator to provide access to the message data,
    returning None if the required item is not in the message
    @return: the value of the field_name field, or None if field_name
             is not contained in the message

    """
374
    return self.data.get(field_name, None)
375
376
377
378
379
380
381

  def __setitem__(self, field_name, field_value):
    """Set the value of the required field_name to field_value.

    """
    self.data[field_name] = field_value

382
383
384
385
386
387
388
389
390
391
392
393
  def __len__(self):
    """Return the number of fields stored in this QmpMessage.

    """
    return len(self.data)

  def __delitem__(self, key):
    """Delete the specified element from the QmpMessage.

    """
    del(self.data[key])

394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
  @staticmethod
  def BuildFromJsonString(json_string):
    """Build a QmpMessage from a JSON encoded string.

    @type json_string: str
    @param json_string: JSON string representing the message
    @rtype: L{QmpMessage}
    @return: a L{QmpMessage} built from json_string

    """
    # Parse the string
    data = serializer.LoadJson(json_string)
    return QmpMessage(data)

  def __str__(self):
409
410
    # The protocol expects the JSON object to be sent as a single line.
    return serializer.DumpJson(self.data)
411
412
413
414
415
416
417

  def __eq__(self, other):
    # When comparing two QmpMessages, we are interested in comparing
    # their internal representation of the message data
    return self.data == other.data


418
class MonitorSocket(object):
419
420
421
  _SOCKET_TIMEOUT = 5

  def __init__(self, monitor_filename):
422
    """Instantiates the MonitorSocket object.
423
424
425

    @type monitor_filename: string
    @param monitor_filename: the filename of the UNIX raw socket on which the
426
                             monitor (QMP or simple one) is listening
427
428
429
430
431
432
433
434
435

    """
    self.monitor_filename = monitor_filename
    self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
    # We want to fail if the server doesn't send a complete message
    # in a reasonable amount of time
    self.sock.settimeout(self._SOCKET_TIMEOUT)
    self._connected = False

436
437
438
439
440
441
  def _check_socket(self):
    sock_stat = None
    try:
      sock_stat = os.stat(self.monitor_filename)
    except EnvironmentError, err:
      if err.errno == errno.ENOENT:
442
        raise errors.HypervisorError("No monitor socket found")
443
      else:
444
        raise errors.HypervisorError("Error checking monitor socket: %s",
445
446
                                     utils.ErrnoOrStr(err))
    if not stat.S_ISSOCK(sock_stat.st_mode):
447
      raise errors.HypervisorError("Monitor socket is not a socket")
448

449
450
451
452
453
  def _check_connection(self):
    """Make sure that the connection is established.

    """
    if not self._connected:
454
      raise errors.ProgrammerError("To use a MonitorSocket you need to first"
455
456
457
                                   " invoke connect() on it")

  def connect(self):
458
    """Connects to the monitor.
459

460
    Connects to the UNIX socket
461
462
463
464

    @raise errors.HypervisorError: when there are communication errors

    """
465
466
467
468
469
470
471
472
473
474
    if self._connected:
      raise errors.ProgrammerError("Cannot connect twice")

    self._check_socket()

    # Check file existance/stuff
    try:
      self.sock.connect(self.monitor_filename)
    except EnvironmentError:
      raise errors.HypervisorError("Can't connect to qmp socket")
475
476
    self._connected = True

477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
  def close(self):
    """Closes the socket

    It cannot be used after this call.

    """
    self.sock.close()


class QmpConnection(MonitorSocket):
  """Connection to the QEMU Monitor using the QEMU Monitor Protocol (QMP).

  """
  _FIRST_MESSAGE_KEY = "QMP"
  _EVENT_KEY = "event"
  _ERROR_KEY = "error"
  _RETURN_KEY = RETURN_KEY = "return"
  _ACTUAL_KEY = ACTUAL_KEY = "actual"
  _ERROR_CLASS_KEY = "class"
  _ERROR_DESC_KEY = "desc"
  _EXECUTE_KEY = "execute"
  _ARGUMENTS_KEY = "arguments"
  _CAPABILITIES_COMMAND = "qmp_capabilities"
  _MESSAGE_END_TOKEN = "\r\n"

  def __init__(self, monitor_filename):
    super(QmpConnection, self).__init__(monitor_filename)
    self._buf = ""

  def connect(self):
    """Connects to the QMP monitor.

    Connects to the UNIX socket and makes sure that we can actually send and
    receive data to the kvm instance via QMP.

    @raise errors.HypervisorError: when there are communication errors
    @raise errors.ProgrammerError: when there are data serialization errors

    """
    super(QmpConnection, self).connect()
517
518
519
520
521
    # Check if we receive a correct greeting message from the server
    # (As per the QEMU Protocol Specification 0.1 - section 2.2)
    greeting = self._Recv()
    if not greeting[self._FIRST_MESSAGE_KEY]:
      self._connected = False
522
      raise errors.HypervisorError("kvm: QMP communication error (wrong"
523
524
                                   " server greeting")

525
526
527
528
    # This is needed because QMP can return more than one greetings
    # see https://groups.google.com/d/msg/ganeti-devel/gZYcvHKDooU/SnukC8dgS5AJ
    self._buf = ""

529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
    # Let's put the monitor in command mode using the qmp_capabilities
    # command, or else no command will be executable.
    # (As per the QEMU Protocol Specification 0.1 - section 4)
    self.Execute(self._CAPABILITIES_COMMAND)

  def _ParseMessage(self, buf):
    """Extract and parse a QMP message from the given buffer.

    Seeks for a QMP message in the given buf. If found, it parses it and
    returns it together with the rest of the characters in the buf.
    If no message is found, returns None and the whole buffer.

    @raise errors.ProgrammerError: when there are data serialization errors

    """
    message = None
    # Check if we got the message end token (CRLF, as per the QEMU Protocol
    # Specification 0.1 - Section 2.1.1)
    pos = buf.find(self._MESSAGE_END_TOKEN)
    if pos >= 0:
      try:
        message = QmpMessage.BuildFromJsonString(buf[:pos + 1])
      except Exception, err:
        raise errors.ProgrammerError("QMP data serialization error: %s" % err)
      buf = buf[pos + 1:]

    return (message, buf)

  def _Recv(self):
    """Receives a message from QMP and decodes the received JSON object.

    @rtype: QmpMessage
    @return: the received message
    @raise errors.HypervisorError: when there are communication errors
    @raise errors.ProgrammerError: when there are data serialization errors

    """
    self._check_connection()

    # Check if there is already a message in the buffer
    (message, self._buf) = self._ParseMessage(self._buf)
    if message:
      return message

    recv_buffer = StringIO.StringIO(self._buf)
    recv_buffer.seek(len(self._buf))
    try:
      while True:
        data = self.sock.recv(4096)
        if not data:
          break
        recv_buffer.write(data)

        (message, self._buf) = self._ParseMessage(recv_buffer.getvalue())
        if message:
          return message

    except socket.timeout, err:
      raise errors.HypervisorError("Timeout while receiving a QMP message: "
                                   "%s" % (err))
    except socket.error, err:
      raise errors.HypervisorError("Unable to receive data from KVM using the"
                                   " QMP protocol: %s" % err)

  def _Send(self, message):
    """Encodes and sends a message to KVM using QMP.

    @type message: QmpMessage
    @param message: message to send to KVM
    @raise errors.HypervisorError: when there are communication errors
    @raise errors.ProgrammerError: when there are data serialization errors

    """
    self._check_connection()
    try:
      message_str = str(message)
    except Exception, err:
      raise errors.ProgrammerError("QMP data deserialization error: %s" % err)

    try:
      self.sock.sendall(message_str)
    except socket.timeout, err:
      raise errors.HypervisorError("Timeout while sending a QMP message: "
                                   "%s (%s)" % (err.string, err.errno))
    except socket.error, err:
      raise errors.HypervisorError("Unable to send data from KVM using the"
                                   " QMP protocol: %s" % err)

  def Execute(self, command, arguments=None):
    """Executes a QMP command and returns the response of the server.

    @type command: str
    @param command: the command to execute
    @type arguments: dict
    @param arguments: dictionary of arguments to be passed to the command
    @rtype: dict
    @return: dictionary representing the received JSON object
    @raise errors.HypervisorError: when there are communication errors
    @raise errors.ProgrammerError: when there are data serialization errors

    """
    self._check_connection()
    message = QmpMessage({self._EXECUTE_KEY: command})
    if arguments:
      message[self._ARGUMENTS_KEY] = arguments
    self._Send(message)

    # Events can occur between the sending of the command and the reception
    # of the response, so we need to filter out messages with the event key.
    while True:
      response = self._Recv()
      err = response[self._ERROR_KEY]
      if err:
        raise errors.HypervisorError("kvm: error executing the %s"
643
                                     " command: %s (%s):" %
644
645
                                     (command,
                                      err[self._ERROR_DESC_KEY],
646
                                      err[self._ERROR_CLASS_KEY]))
647
648
649
650
651

      elif not response[self._EVENT_KEY]:
        return response


Guido Trotter's avatar
Guido Trotter committed
652
class KVMHypervisor(hv_base.BaseHypervisor):
Michael Hanselmann's avatar
Michael Hanselmann committed
653
654
655
  """KVM hypervisor interface

  """
656
  CAN_MIGRATE = True
Guido Trotter's avatar
Guido Trotter committed
657

658
  _ROOT_DIR = pathutils.RUN_DIR + "/kvm-hypervisor"
Guido Trotter's avatar
Guido Trotter committed
659
  _PIDS_DIR = _ROOT_DIR + "/pid" # contains live instances pids
660
  _UIDS_DIR = _ROOT_DIR + "/uid" # contains instances reserved uids
Guido Trotter's avatar
Guido Trotter committed
661
662
  _CTRL_DIR = _ROOT_DIR + "/ctrl" # contains instances control sockets
  _CONF_DIR = _ROOT_DIR + "/conf" # contains instances startup data
663
  _NICS_DIR = _ROOT_DIR + "/nic" # contains instances nic <-> tap associations
664
  _KEYMAP_DIR = _ROOT_DIR + "/keymap" # contains instances keymaps
Balazs Lecz's avatar
Balazs Lecz committed
665
666
667
668
669
670
671
672
  # KVM instances with chroot enabled are started in empty chroot directories.
  _CHROOT_DIR = _ROOT_DIR + "/chroot" # for empty chroot directories
  # After an instance is stopped, its chroot directory is removed.
  # If the chroot directory is not empty, it can't be removed.
  # A non-empty chroot directory indicates a possible security incident.
  # To support forensics, the non-empty chroot directory is quarantined in
  # a separate directory, called 'chroot-quarantine'.
  _CHROOT_QUARANTINE_DIR = _ROOT_DIR + "/chroot-quarantine"
673
  _DIRS = [_ROOT_DIR, _PIDS_DIR, _UIDS_DIR, _CTRL_DIR, _CONF_DIR, _NICS_DIR,
674
           _CHROOT_DIR, _CHROOT_QUARANTINE_DIR, _KEYMAP_DIR]
Guido Trotter's avatar
Guido Trotter committed
675

676
  PARAMETERS = {
677
    constants.HV_KVM_PATH: hv_base.REQ_FILE_CHECK,
678
679
680
681
682
683
    constants.HV_KERNEL_PATH: hv_base.OPT_FILE_CHECK,
    constants.HV_INITRD_PATH: hv_base.OPT_FILE_CHECK,
    constants.HV_ROOT_PATH: hv_base.NO_CHECK,
    constants.HV_KERNEL_ARGS: hv_base.NO_CHECK,
    constants.HV_ACPI: hv_base.NO_CHECK,
    constants.HV_SERIAL_CONSOLE: hv_base.NO_CHECK,
Guido Trotter's avatar
Guido Trotter committed
684
    constants.HV_SERIAL_SPEED: hv_base.NO_CHECK,
685
    constants.HV_VNC_BIND_ADDRESS: hv_base.NO_CHECK, # will be checked later
686
687
688
    constants.HV_VNC_TLS: hv_base.NO_CHECK,
    constants.HV_VNC_X509: hv_base.OPT_DIR_CHECK,
    constants.HV_VNC_X509_VERIFY: hv_base.NO_CHECK,
689
    constants.HV_VNC_PASSWORD_FILE: hv_base.OPT_FILE_CHECK,
690
691
692
693
    constants.HV_KVM_SPICE_BIND: hv_base.NO_CHECK, # will be checked later
    constants.HV_KVM_SPICE_IP_VERSION:
      (False, lambda x: (x == constants.IFACE_NO_IP_VERSION_SPECIFIED or
                         x in constants.VALID_IP_VERSIONS),
694
       "The SPICE IP version should be 4 or 6",
695
       None, None),
696
    constants.HV_KVM_SPICE_PASSWORD_FILE: hv_base.OPT_FILE_CHECK,
697
    constants.HV_KVM_SPICE_LOSSLESS_IMG_COMPR:
Iustin Pop's avatar
Iustin Pop committed
698
699
      hv_base.ParamInSet(
        False, constants.HT_KVM_SPICE_VALID_LOSSLESS_IMG_COMPR_OPTIONS),
700
    constants.HV_KVM_SPICE_JPEG_IMG_COMPR:
Iustin Pop's avatar
Iustin Pop committed
701
702
      hv_base.ParamInSet(
        False, constants.HT_KVM_SPICE_VALID_LOSSY_IMG_COMPR_OPTIONS),
703
    constants.HV_KVM_SPICE_ZLIB_GLZ_IMG_COMPR:
Iustin Pop's avatar
Iustin Pop committed
704
705
      hv_base.ParamInSet(
        False, constants.HT_KVM_SPICE_VALID_LOSSY_IMG_COMPR_OPTIONS),
706
    constants.HV_KVM_SPICE_STREAMING_VIDEO_DETECTION:
Iustin Pop's avatar
Iustin Pop committed
707
708
      hv_base.ParamInSet(
        False, constants.HT_KVM_SPICE_VALID_VIDEO_STREAM_DETECTION_OPTIONS),
709
    constants.HV_KVM_SPICE_AUDIO_COMPR: hv_base.NO_CHECK,
710
    constants.HV_KVM_SPICE_USE_TLS: hv_base.NO_CHECK,
711
712
    constants.HV_KVM_SPICE_TLS_CIPHERS: hv_base.NO_CHECK,
    constants.HV_KVM_SPICE_USE_VDAGENT: hv_base.NO_CHECK,
713
    constants.HV_KVM_FLOPPY_IMAGE_PATH: hv_base.OPT_FILE_CHECK,
Jose A. Lopes's avatar
Jose A. Lopes committed
714
    constants.HV_CDROM_IMAGE_PATH: hv_base.OPT_FILE_OR_URL_CHECK,
715
    constants.HV_KVM_CDROM2_IMAGE_PATH: hv_base.OPT_FILE_OR_URL_CHECK,
Michael Hanselmann's avatar
Michael Hanselmann committed
716
717
718
719
720
721
    constants.HV_BOOT_ORDER:
      hv_base.ParamInSet(True, constants.HT_KVM_VALID_BO_TYPES),
    constants.HV_NIC_TYPE:
      hv_base.ParamInSet(True, constants.HT_KVM_VALID_NIC_TYPES),
    constants.HV_DISK_TYPE:
      hv_base.ParamInSet(True, constants.HT_KVM_VALID_DISK_TYPES),
722
723
    constants.HV_KVM_CDROM_DISK_TYPE:
      hv_base.ParamInSet(False, constants.HT_KVM_VALID_DISK_TYPES),
Michael Hanselmann's avatar
Michael Hanselmann committed
724
725
    constants.HV_USB_MOUSE:
      hv_base.ParamInSet(False, constants.HT_KVM_VALID_MOUSE_TYPES),
726
    constants.HV_KEYMAP: hv_base.NO_CHECK,
727
    constants.HV_MIGRATION_PORT: hv_base.REQ_NET_PORT_CHECK,
728
729
    constants.HV_MIGRATION_BANDWIDTH: hv_base.REQ_NONNEGATIVE_INT_CHECK,
    constants.HV_MIGRATION_DOWNTIME: hv_base.REQ_NONNEGATIVE_INT_CHECK,
730
    constants.HV_MIGRATION_MODE: hv_base.MIGRATION_MODE_CHECK,
731
    constants.HV_USE_LOCALTIME: hv_base.NO_CHECK,
732
733
    constants.HV_DISK_CACHE:
      hv_base.ParamInSet(True, constants.HT_VALID_CACHE_TYPES),
734
735
736
    constants.HV_SECURITY_MODEL:
      hv_base.ParamInSet(True, constants.HT_KVM_VALID_SM_TYPES),
    constants.HV_SECURITY_DOMAIN: hv_base.NO_CHECK,
Guido Trotter's avatar
Guido Trotter committed
737
738
    constants.HV_KVM_FLAG:
      hv_base.ParamInSet(False, constants.HT_KVM_FLAG_VALUES),
739
    constants.HV_VHOST_NET: hv_base.NO_CHECK,
Balazs Lecz's avatar
Balazs Lecz committed
740
    constants.HV_KVM_USE_CHROOT: hv_base.NO_CHECK,
741
    constants.HV_KVM_USER_SHUTDOWN: hv_base.NO_CHECK,
742
    constants.HV_MEM_PATH: hv_base.OPT_DIR_CHECK,
743
    constants.HV_REBOOT_BEHAVIOR:
744
745
      hv_base.ParamInSet(True, constants.REBOOT_BEHAVIORS),
    constants.HV_CPU_MASK: hv_base.OPT_MULTI_CPU_MASK_CHECK,
746
    constants.HV_CPU_TYPE: hv_base.NO_CHECK,
747
748
749
    constants.HV_CPU_CORES: hv_base.OPT_NONNEGATIVE_INT_CHECK,
    constants.HV_CPU_THREADS: hv_base.OPT_NONNEGATIVE_INT_CHECK,
    constants.HV_CPU_SOCKETS: hv_base.OPT_NONNEGATIVE_INT_CHECK,
Guido Trotter's avatar
Guido Trotter committed
750
    constants.HV_SOUNDHW: hv_base.NO_CHECK,
Guido Trotter's avatar
Guido Trotter committed
751
    constants.HV_USB_DEVICES: hv_base.NO_CHECK,
Guido Trotter's avatar
Guido Trotter committed
752
    constants.HV_VGA: hv_base.NO_CHECK,
Guido Trotter's avatar
Guido Trotter committed
753
    constants.HV_KVM_EXTRA: hv_base.NO_CHECK,
754
    constants.HV_KVM_MACHINE_VERSION: hv_base.NO_CHECK,
755
    constants.HV_KVM_MIGRATION_CAPS: hv_base.NO_CHECK,
756
    constants.HV_VNET_HDR: hv_base.NO_CHECK,
757
    }
758

759
760
  _VIRTIO = "virtio"
  _VIRTIO_NET_PCI = "virtio-net-pci"
761
  _VIRTIO_BLK_PCI = "virtio-blk-pci"
762

Michele Tartara's avatar
Michele Tartara committed
763
  _MIGRATION_STATUS_RE = re.compile(r"Migration\s+status:\s+(\w+)",
Guido Trotter's avatar
Guido Trotter committed
764
                                    re.M | re.I)
Michael Hanselmann's avatar
Michael Hanselmann committed
765
  _MIGRATION_PROGRESS_RE = \
766
767
768
    re.compile(r"\s*transferred\s+ram:\s+(?P<transferred>\d+)\s+kbytes\s*\n"
               r"\s*remaining\s+ram:\s+(?P<remaining>\d+)\s+kbytes\s*\n"
               r"\s*total\s+ram:\s+(?P<total>\d+)\s+kbytes\s*\n", re.I)
769

770
771
  _MIGRATION_INFO_MAX_BAD_ANSWERS = 5
  _MIGRATION_INFO_RETRY_DELAY = 2
Guido Trotter's avatar
Guido Trotter committed
772

773
  _VERSION_RE = re.compile(r"\b(\d+)\.(\d+)(\.(\d+))?\b")
774

775
776
777
778
  _CPU_INFO_RE = re.compile(r"cpu\s+\#(\d+).*thread_id\s*=\s*(\d+)", re.I)
  _CPU_INFO_CMD = "info cpus"
  _CONT_CMD = "cont"

779
  _DEFAULT_MACHINE_VERSION_RE = re.compile(r"^(\S+).*\(default\)", re.M)
780
781
  _CHECK_MACHINE_VERSION_RE = \
    staticmethod(lambda x: re.compile(r"^(%s)[ ]+.*PC" % x, re.M))
782

783
784
785
786
787
788
  _QMP_RE = re.compile(r"^-qmp\s", re.M)
  _SPICE_RE = re.compile(r"^-spice\s", re.M)
  _VHOST_RE = re.compile(r"^-net\s.*,vhost=on|off", re.M)
  _ENABLE_KVM_RE = re.compile(r"^-enable-kvm\s", re.M)
  _DISABLE_KVM_RE = re.compile(r"^-disable-kvm\s", re.M)
  _NETDEV_RE = re.compile(r"^-netdev\s", re.M)
789
  _DISPLAY_RE = re.compile(r"^-display\s", re.M)
790
  _MACHINE_RE = re.compile(r"^-machine\s", re.M)
791
792
  _VIRTIO_NET_RE = re.compile(r"^name \"%s\"" % _VIRTIO_NET_PCI, re.M)
  _VIRTIO_BLK_RE = re.compile(r"^name \"%s\"" % _VIRTIO_BLK_PCI, re.M)
793
794
795
796
  # match  -drive.*boot=on|off on different lines, but in between accept only
  # dashes not preceeded by a new line (which would mean another option
  # different than -drive is starting)
  _BOOT_RE = re.compile(r"^-drive\s([^-]|(?<!^)-)*,boot=on\|off", re.M | re.S)
797
  _UUID_RE = re.compile(r"^-uuid\s", re.M)
798

799
800
  _INFO_PCI_RE = re.compile(r'Bus.*device[ ]*(\d+).*')
  _INFO_PCI_CMD = "info pci"
801
802
803
804
805
  _FIND_PCI_DEVICE_RE = \
    staticmethod(
      lambda pci, devid: re.compile(r'Bus.*device[ ]*%d,(.*\n){5,6}.*id "%s"' %
                                    (pci, devid), re.M))

806
807
808
809
  _INFO_VERSION_RE = \
    re.compile(r'^QEMU (\d+)\.(\d+)(\.(\d+))?.*monitor.*', re.M)
  _INFO_VERSION_CMD = "info version"

810
811
812
  # Slot 0 for Host bridge, Slot 1 for ISA bridge, Slot 2 for VGA controller
  _DEFAULT_PCI_RESERVATIONS = "11100000000000000000000000000000"
  _SOUNDHW_WITH_PCI_SLOT = ["ac97", "es1370", "hda"]
813

814
815
816
  ANCILLARY_FILES = [
    _KVM_NETWORK_SCRIPT,
    ]
817
818
819
  ANCILLARY_FILES_OPT = [
    _KVM_NETWORK_SCRIPT,
    ]
820

821
822
823
  # Supported kvm options to get output from
  _KVMOPT_HELP = "help"
  _KVMOPT_MLIST = "mlist"
824
  _KVMOPT_DEVICELIST = "devicelist"
825
826
827

  # Command to execute to get the output from kvm, and whether to
  # accept the output even on failure.
828
  _KVMOPTS_CMDS = {
829
830
831
    _KVMOPT_HELP: (["--help"], False),
    _KVMOPT_MLIST: (["-M", "?"], False),
    _KVMOPT_DEVICELIST: (["-device", "?"], True),
832
833
  }

Guido Trotter's avatar
Guido Trotter committed
834
835
836
837
  def __init__(self):
    hv_base.BaseHypervisor.__init__(self)
    # Let's make sure the directories we need exist, even if the RUN_DIR lives
    # in a tmpfs filesystem or has been otherwise wiped out.
Iustin Pop's avatar
Iustin Pop committed
838
    dirs = [(dname, constants.RUN_DIRS_MODE) for dname in self._DIRS]
Guido Trotter's avatar
Guido Trotter committed
839
    utils.EnsureDirs(dirs)
Guido Trotter's avatar
Guido Trotter committed
840

841
842
  @classmethod
  def _InstancePidFile(cls, instance_name):
843
844
845
    """Returns the instance pidfile.

    """
846
    return utils.PathJoin(cls._PIDS_DIR, instance_name)
847

848
849
850
851
852
853
854
  @classmethod
  def _InstanceUidFile(cls, instance_name):
    """Returns the instance uidfile.

    """
    return utils.PathJoin(cls._UIDS_DIR, instance_name)

855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
  @classmethod
  def _InstancePidInfo(cls, pid):
    """Check pid file for instance information.

    Check that a pid file is associated with an instance, and retrieve
    information from its command line.

    @type pid: string or int
    @param pid: process id of the instance to check
    @rtype: tuple
    @return: (instance_name, memory, vcpus)
    @raise errors.HypervisorError: when an instance cannot be found

    """
    alive = utils.IsProcessAlive(pid)
    if not alive:
      raise errors.HypervisorError("Cannot get info for pid %s" % pid)

    cmdline_file = utils.PathJoin("/proc", str(pid), "cmdline")
    try:
      cmdline = utils.ReadFile(cmdline_file)
    except EnvironmentError, err:
      raise errors.HypervisorError("Can't open cmdline file for pid %s: %s" %
                                   (pid, err))

    instance = None
    memory = 0
    vcpus = 0

Iustin Pop's avatar
Iustin Pop committed
884
    arg_list = cmdline.split("\x00")
885
    while arg_list:
Michael Hanselmann's avatar
Michael Hanselmann committed
886
      arg = arg_list.pop(0)
887
888
889
890
891
      if arg == "-name":
        instance = arg_list.pop(0)
      elif arg == "-m":
        memory = int(arg_list.pop(0))
      elif arg == "-smp":
892
        vcpus = int(arg_list.pop(0).split(",")[0])
893
894
895
896
897
898
899

    if instance is None:
      raise errors.HypervisorError("Pid %s doesn't contain a ganeti kvm"
                                   " instance" % pid)

    return (instance, memory, vcpus)

900
901
  @classmethod
  def _InstancePidAlive(cls, instance_name):
902
903
904
905
906
907
    """Returns the instance pidfile, pid, and liveness.

    @type instance_name: string
    @param instance_name: instance name
    @rtype: tuple
    @return: (pid file name, pid, liveness)
908
909

    """
910
    pidfile = cls._InstancePidFile(instance_name)
911
    pid = utils.ReadPidFile(pidfile)
912
913
914

    alive = False
    try:
915
      cmd_instance = cls._InstancePidInfo(pid)[0]
916
917
918
      alive = (cmd_instance == instance_name)
    except errors.HypervisorError:
      pass
919
920
921

    return (pidfile, pid, alive)

922
923
  @classmethod
  def _CheckDown(cls, instance_name):
924
925
926
    """Raises an error unless the given instance is down.

    """
927
    alive = cls._InstancePidAlive(instance_name)[2]
928
929
930
931
    if alive:
      raise errors.HypervisorError("Failed to start instance %s: %s" %
                                   (instance_name, "already running"))

932
933
  @classmethod
  def _InstanceMonitor(cls, instance_name):
934
935
936
    """Returns the instance monitor socket name

    """
937
    return utils.PathJoin(cls._CTRL_DIR, "%s.monitor" % instance_name)
938

939
940
  @classmethod
  def _InstanceSerial(cls, instance_name):
941
942
943
    """Returns the instance serial socket name

    """
944
    return utils.PathJoin(cls._CTRL_DIR, "%s.serial" % instance_name)
945

946
947
948
949
950
951
952
  @classmethod
  def _InstanceQmpMonitor(cls, instance_name):
    """Returns the instance serial QMP socket name

    """
    return utils.PathJoin(cls._CTRL_DIR, "%s.qmp" % instance_name)

953
954
955
956
957
958
959
  @classmethod
  def _InstanceShutdownMonitor(cls, instance_name):
    """Returns the instance QMP output filename

    """
    return utils.PathJoin(cls._CTRL_DIR, "%s.shutdown" % instance_name)

960
961
962
963
964
965
966
  @staticmethod
  def _SocatUnixConsoleParams():
    """Returns the correct parameters for socat

    If we have a new-enough socat we can use raw mode with an escape character.

    """
967
    if constants.SOCAT_USE_ESCAPE:
968
969
970
971
      return "raw,echo=0,escape=%s" % constants.SOCAT_ESCAPE_CODE
    else:
      return "echo=0,icanon=0"

972
973
  @classmethod
  def _InstanceKVMRuntime(cls, instance_name):
974
975
976
    """Returns the instance KVM runtime filename

    """
977
    return utils.PathJoin(cls._CONF_DIR, "%s.runtime" % instance_name)
978

Balazs Lecz's avatar
Balazs Lecz committed
979
980
981
982
983
984
985
  @classmethod
  def _InstanceChrootDir(cls, instance_name):
    """Returns the name of the KVM chroot dir of the instance

    """
    return utils.PathJoin(cls._CHROOT_DIR, instance_name)

986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
  @classmethod
  def _InstanceNICDir(cls, instance_name):
    """Returns the name of the directory holding the tap device files for a
    given instance.

    """
    return utils.PathJoin(cls._NICS_DIR, instance_name)

  @classmethod
  def _InstanceNICFile(cls, instance_name, seq):
    """Returns the name of the file containing the tap device for a given NIC

    """
    return utils.PathJoin(cls._InstanceNICDir(instance_name), str(seq))

1001
1002
1003
1004
1005
1006
1007
  @classmethod
  def _InstanceKeymapFile(cls, instance_name):
    """Returns the name of the file containing the keymap for a given instance

    """
    return utils.PathJoin(cls._KEYMAP_DIR, instance_name)

1008
1009
1010
1011
1012
1013
1014
  @classmethod
  def _TryReadUidFile(cls, uid_file):
    """Try to read a uid file

    """
    if os.path.exists(uid_file):
      try:
1015
        uid = int(utils.ReadOneLineFile(uid_file))
1016
        return uid
1017
1018
1019
1020
      except EnvironmentError:
        logging.warning("Can't read uid file", exc_info=True)
      except (TypeError, ValueError):
        logging.warning("Can't parse uid file contents", exc_info=True)
1021
    return None
1022

1023
1024
  @classmethod
  def _RemoveInstanceRuntimeFiles(cls, pidfile, instance_name):
Balazs Lecz's avatar
Balazs Lecz committed
1025
    """Removes an instance's rutime sockets/files/dirs.
1026
1027
1028
1029
1030

    """
    utils.RemoveFile(pidfile)
    utils.RemoveFile(cls._InstanceMonitor(instance_name))
    utils.RemoveFile(cls._InstanceSerial(instance_name))
1031
    utils.RemoveFile(cls._InstanceQmpMonitor(instance_name))
1032
    utils.RemoveFile(cls._InstanceKVMRuntime(instance_name))
1033
    utils.RemoveFile(cls._InstanceKeymapFile(instance_name))
1034
1035
1036
1037
1038
    uid_file = cls._InstanceUidFile(instance_name)
    uid = cls._TryReadUidFile(uid_file)
    utils.RemoveFile(uid_file)
    if uid is not None:
      uidpool.ReleaseUid(uid)
1039
1040
1041
1042
1043
    try:
      shutil.rmtree(cls._InstanceNICDir(instance_name))
    except OSError, err:
      if err.errno != errno.ENOENT:
        raise
Balazs Lecz's avatar
Balazs Lecz committed
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
    try:
      chroot_dir = cls._InstanceChrootDir(instance_name)
      utils.RemoveDir(chroot_dir)
    except OSError, err:
      if err.errno == errno.ENOTEMPTY:
        # The chroot directory is expected to be empty, but it isn't.
        new_chroot_dir = tempfile.mkdtemp(dir=cls._CHROOT_QUARANTINE_DIR,
                                          prefix="%s-%s-" %
                                          (instance_name,
                                           utils.TimestampForFilename()))
        logging.warning("The chroot directory of instance %s can not be"
                        " removed as it is not empty. Moving it to the"
                        " quarantine instead. Please investigate the"
                        " contents (%s) and clean up manually",
                        instance_name, new_chroot_dir)
        utils.RenameFile(chroot_dir, new_chroot_dir)
      else:
        raise
1062

1063
  @staticmethod
1064
1065
  def _ConfigureNIC(instance, seq, nic, tap):
    """Run the network configuration script for a specified NIC
Guido Trotter's avatar
Guido Trotter committed
1066
1067
1068
1069
1070
1071
1072

    @param instance: instance we're acting on
    @type instance: instance object
    @param seq: nic sequence number
    @type seq: int
    @param nic: nic we're acting on
    @type nic: nic object
1073
1074
    @param tap: the host's tap interface this NIC corresponds to
    @type tap: str
Guido Trotter's avatar
Guido Trotter committed
1075
1076

    """
1077
1078
1079
1080
1081
1082
1083
    env = {
      "PATH": "%s:/sbin:/usr/sbin" % os.environ["PATH"],
      "INSTANCE": instance.name,
      "MAC": nic.mac,
      "MODE": nic.nicparams[constants.NIC_MODE],
      "INTERFACE": tap,
      "INTERFACE_INDEX": str(seq),
1084
      "INTERFACE_UUID": nic.uuid,
1085
      "TAGS": " ".join(instance.GetTags()),
1086
1087
1088
1089
1090
    }

    if nic.ip:
      env["IP"] = nic.ip

1091
1092
1093
    if nic.name:
      env["INTERFACE_NAME"] = nic.name

1094
1095
1096
    if nic.nicparams[constants.NIC_LINK]:
      env["LINK"] = nic.nicparams[constants.NIC_LINK]

1097
1098
1099
    if nic.nicparams[constants.NIC_VLAN]:
      env["VLAN"] = nic.nicparams[constants.NIC_VLAN]

1100
    if nic.network:
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1101
      n = objects.Network.FromDict(nic.netinfo)
1102
      env.update(n.HooksDict())
1103

1104
1105
1106
    if nic.nicparams[constants.NIC_MODE] == constants.NIC_MODE_BRIDGED:
      env["BRIDGE"] = nic.nicparams[constants.NIC_LINK]

1107
    result = utils.RunCmd([pathutils.KVM_IFUP, tap], env=env)
1108
    if result.failed:
1109
1110
      raise errors.HypervisorError("Failed to configure interface %s: %s;"
                                   " network configuration script output: %s" %
1111
                                   (tap, result.fail_reason, result.output))
Guido Trotter's avatar
Guido Trotter committed
1112

1113
1114
1115
1116
  @staticmethod
  def _VerifyAffinityPackage():
    if affinity is None:
      raise errors.HypervisorError("affinity Python package not"
Iustin Pop's avatar
Iustin Pop committed
1117
                                   " found; cannot use CPU pinning under KVM")
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162

  @staticmethod
  def _BuildAffinityCpuMask(cpu_list):
    """Create a CPU mask suitable for sched_setaffinity from a list of
    CPUs.

    See man taskset for more info on sched_setaffinity masks.
    For example: [ 0, 2, 5, 6 ] will return 101 (0x65, 0..01100101).

    @type cpu_list: list of int
    @param cpu_list: list of physical CPU numbers to map to vCPUs in order
    @rtype: int
    @return: a bit mask of CPU affinities

    """
    if cpu_list == constants.CPU_PINNING_OFF:
      return constants.CPU_PINNING_ALL_KVM
    else:
      return sum(2 ** cpu for cpu in cpu_list)

  @classmethod
  def _AssignCpuAffinity(cls, cpu_mask, process_id, thread_dict):
    """Change CPU affinity for running VM according to given CPU mask.

    @param cpu_mask: CPU mask as given by the user. e.g. "0-2,4:all:1,3"
    @type cpu_mask: string
    @param process_id: process ID of KVM process. Used to pin entire VM
                       to physical CPUs.
    @type process_id: int
    @param thread_dict: map of virtual CPUs to KVM thread IDs
    @type thread_dict: dict int:int

    """
    # Convert the string CPU mask to a list of list of int's
    cpu_list = utils.ParseMultiCpuMask(cpu_mask)

    if len(cpu_list) == 1:
      all_cpu_mapping = cpu_list[0]
      if all_cpu_mapping == constants.CPU_PINNING_OFF:
        # If CPU pinning has 1 entry that's "all", then do nothing
        pass
      else:
        # If CPU pinning has one non-all entry, map the entire VM to
        # one set of physical CPUs
        cls._VerifyAffinityPackage()
Iustin Pop's avatar
Iustin Pop committed
1163
1164
        affinity.set_process_affinity_mask(
          process_id, cls._BuildAffinityCpuMask(all_cpu_mapping))
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
    else:
      # The number of vCPUs mapped should match the number of vCPUs
      # reported by KVM. This was already verified earlier, so
      # here only as a sanity check.
      assert len(thread_dict) == len(cpu_list)
      cls._VerifyAffinityPackage()

      # For each vCPU, map it to the proper list of physical CPUs
      for vcpu, i in zip(cpu_list, range(len(cpu_list))):
        affinity.set_process_affinity_mask(thread_dict[i],
Iustin Pop's avatar
Iustin Pop committed
1175
                                           cls._BuildAffinityCpuMask(vcpu))
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196

  def _GetVcpuThreadIds(self, instance_name):
    """Get a mapping of vCPU no. to thread IDs for the instance

    @type instance_name: string
    @param instance_name: instance in question
    @rtype: dictionary of int:int
    @return: a dictionary mapping vCPU numbers to thread IDs

    """
    result = {}
    output = self._CallMonitorCommand(instance_name, self._CPU_INFO_CMD)
    for line in output.stdout.splitlines():
      match = self._CPU_INFO_RE.search(line)
      if not match:
        continue
      grp = map(int, match.groups())
      result[grp[0]] = grp[1]

    return result

1197
1198
  def _ExecuteCpuAffinity(self, instance_name, cpu_mask):
    """Complete CPU pinning.
1199
1200
1201
1202
1203
1204
1205

    @type instance_name: string
    @param instance_name: name of instance
    @type cpu_mask: string
    @param cpu_mask: CPU pinning mask as entered by user

    """
1206
1207
1208
1209
1210
1211
    # Get KVM process ID, to be used if need to pin entire VM
    _, pid, _ = self._InstancePidAlive(instance_name)
    # Get vCPU thread IDs, to be used if need to pin vCPUs separately
    thread_dict = self._GetVcpuThreadIds(instance_name)
    # Run CPU pinning, based on configured mask
    self._AssignCpuAffinity(cpu_mask, pid, thread_dict)
1212

1213
  def ListInstances(self, hvparams=None):
Guido Trotter's avatar
Guido Trotter committed
1214
1215
    """Get the list of running instances.

Iustin Pop's avatar
Iustin Pop committed
1216
1217
    We can do this by listing our live instances directory and
    checking whether the associated kvm process is still alive.
Guido Trotter's avatar
Guido Trotter committed
1218
1219
1220
1221

    """
    result = []
    for name in os.listdir(self._PIDS_DIR):
1222
      if self._InstancePidAlive(name)[2] or self._IsUserShutdown(name):
Guido Trotter's avatar
Guido Trotter committed
1223
1224
1225
        result.append(name)
    return result

1226
1227
1228
1229
1230
1231
1232
1233
  @classmethod
  def _IsUserShutdown(cls, instance_name):
    return os.path.exists(cls._InstanceShutdownMonitor(instance_name))

  @classmethod
  def _ClearUserShutdown(cls, instance_name):
    utils.RemoveFile(cls._InstanceShutdownMonitor(instance_name))

1234
  def GetInstanceInfo(self, instance_name, hvparams=None):
Guido Trotter's avatar
Guido Trotter committed
1235
1236
    """Get instance properties.

1237
    @type instance_name: string
Iustin Pop's avatar
Iustin Pop committed
1238
    @param instance_name: the instance name
1239
1240
    @type hvparams: dict of strings
    @param hvparams: hvparams to be used with this instance
1241
1242
    @rtype: tuple of strings
    @return: (name, id, memory, vcpus, stat, times)
Guido Trotter's avatar
Guido Trotter committed
1243
1244

    """
1245
    _, pid, alive = self._InstancePidAlive(instance_name)
1246
    if not alive:
1247
1248
1249
1250
      if self._IsUserShutdown(instance_name):
        return (instance_name, -1, 0, 0, hv_base.HvInstanceState.SHUTDOWN, 0)
      else:
        return None
Guido Trotter's avatar
Guido Trotter committed
1251

1252
    _, memory, vcpus = self._InstancePidInfo(pid)
1253
    istat = hv_base.HvInstanceState.RUNNING
1254
    times = 0
Guido Trotter's avatar
Guido Trotter committed
1255

1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
    try:
      qmp = QmpConnection(self._InstanceQmpMonitor(instance_name))
      qmp.connect()
      vcpus = len(qmp.Execute("query-cpus")[qmp.RETURN_KEY])
      # Will fail if ballooning is not enabled, but we can then just resort to
      # the value above.
      mem_bytes = qmp.Execute("query-balloon")[qmp.RETURN_KEY][qmp.ACTUAL_KEY]
      memory = mem_bytes / 1048576
    except errors.HypervisorError:
      pass

1267
    return (instance_name, pid, memory, vcpus, istat, times)
Guido Trotter's avatar
Guido Trotter committed
1268

1269
  def GetAllInstancesInfo(self, hvparams=None):
Guido Trotter's avatar
Guido Trotter committed
1270
1271
    """Get properties of all instances.

1272
1273
    @type hvparams: dict of strings
    @param hvparams: hypervisor parameter
Iustin Pop's avatar
Iustin Pop committed
1274
1275
    @return: list of tuples (name, id, memory, vcpus, stat, times)

Guido Trotter's avatar
Guido Trotter committed
1276
1277
1278
    """
    data = []
    for name in os.listdir(self._PIDS_DIR):
1279
1280
1281
      try:
        info = self.GetInstanceInfo(name)
      except errors.HypervisorError:
1282
        # Ignore exceptions due to instances being shut down
1283
1284
1285
        continue
      if info:
        data.append(info)
Guido Trotter's avatar
Guido Trotter committed
1286
1287
    return data

1288
  def _GenerateKVMBlockDevicesOptions(self, instance, kvm_disks,
1289
1290
1291
1292
1293
                                      kvmhelp, devlist):
    """Generate KVM options regarding instance's block devices.

    @type instance: L{objects.Instance}
    @param instance: the instance object
1294
1295
    @type kvm_disks: list of tuples
    @param kvm_disks: list of tuples [(disk, link_name, uri)..]
1296
1297
1298
1299
1300
1301
    @type kvmhelp: string
    @param kvmhelp: output of kvm --help
    @type devlist: string
    @param devlist: output of kvm -device ?
    @rtype: list
    @return: list of command line options eventually used by kvm executable
1302

1303
    """
1304
    hvp = instance.hvparams
1305
1306
1307
1308
1309
    kernel_path = hvp[constants.HV_KERNEL_PATH]
    if kernel_path:
      boot_disk = False
    else:
      boot_disk = hvp[constants.HV_BOOT_ORDER] == constants.HT_BO_DISK
1310
1311
1312
1313
1314
1315

    # whether this is an older KVM version that uses the boot=on flag
    # on devices
    needs_boot_flag = self._BOOT_RE.search(kvmhelp)

    dev_opts = []
1316
    device_driver = None
1317
1318
1319
    disk_type = hvp[constants.HV_DISK_TYPE]
    if disk_type == constants.HT_DISK_PARAVIRTUAL:
      if_val = ",if=%s" % self._VIRTIO
1320
1321
      try:
        if self._VIRTIO_BLK_RE.search(devlist):
1322
          if_val = ",if=none"
1323
1324
1325