X-Git-Url: https://code.grnet.gr/git/ganeti-local/blobdiff_plain/3c286190a94c93de556e82fd2d84362b9e52a8d3..a8e8c0c6afd0a8c124571d47b07b1998d2aefc78:/lib/hypervisor/hv_kvm.py

diff --git a/lib/hypervisor/hv_kvm.py b/lib/hypervisor/hv_kvm.py
index da8c183..98b271f 100644
--- a/lib/hypervisor/hv_kvm.py
+++ b/lib/hypervisor/hv_kvm.py
@@ -68,6 +68,17 @@ IFF_TAP = 0x0002
 IFF_NO_PI = 0x1000
 IFF_VNET_HDR = 0x4000
 
+#: SPICE parameters which depend on L{constants.HV_KVM_SPICE_BIND}
+_SPICE_ADDITIONAL_PARAMS = frozenset([
+  constants.HV_KVM_SPICE_IP_VERSION,
+  constants.HV_KVM_SPICE_PASSWORD_FILE,
+  constants.HV_KVM_SPICE_LOSSLESS_IMG_COMPR,
+  constants.HV_KVM_SPICE_JPEG_IMG_COMPR,
+  constants.HV_KVM_SPICE_ZLIB_GLZ_IMG_COMPR,
+  constants.HV_KVM_SPICE_STREAMING_VIDEO_DETECTION,
+  constants.HV_KVM_SPICE_USE_TLS,
+  ])
+
 
 def _ProbeTapVnetHdr(fd):
   """Check whether to enable the IFF_VNET_HDR flag.
@@ -136,6 +147,31 @@ def _OpenTap(vnet_hdr=True):
   return (ifname, tapfd)
 
 
+def _BuildNetworkEnv(name, network, gateway, network6, gateway6,
+                     network_type, mac_prefix, tags, env):
+  """Build environment variables concerning a Network.
+
+  """
+  if name:
+    env["NETWORK_NAME"] = name
+  if network:
+    env["NETWORK_SUBNET"] = network
+  if gateway:
+    env["NETWORK_GATEWAY"] = gateway
+  if network6:
+    env["NETWORK_SUBNET6"] = network6
+  if gateway6:
+    env["NETWORK_GATEWAY6"] = gateway6
+  if mac_prefix:
+    env["NETWORK_MAC_PREFIX"] = mac_prefix
+  if network_type:
+    env["NETWORK_TYPE"] = network_type
+  if tags:
+    env["NETWORK_TAGS"] = " ".join(tags)
+
+  return env
+
+
 class QmpMessage:
   """QEMU Messaging Protocol (QMP) message.
 
@@ -424,12 +460,14 @@ class KVMHypervisor(hv_base.BaseHypervisor):
            _CHROOT_DIR, _CHROOT_QUARANTINE_DIR, _KEYMAP_DIR]
 
   PARAMETERS = {
+    constants.HV_KVM_PATH: hv_base.REQ_FILE_CHECK,
     constants.HV_KERNEL_PATH: hv_base.OPT_FILE_CHECK,
     constants.HV_INITRD_PATH: hv_base.OPT_FILE_CHECK,
     constants.HV_ROOT_PATH: hv_base.NO_CHECK,
     constants.HV_KERNEL_ARGS: hv_base.NO_CHECK,
     constants.HV_ACPI: hv_base.NO_CHECK,
     constants.HV_SERIAL_CONSOLE: hv_base.NO_CHECK,
+    constants.HV_SERIAL_SPEED: hv_base.NO_CHECK,
     constants.HV_VNC_BIND_ADDRESS:
       (False, lambda x: (netutils.IP4Address.IsValid(x) or
                          utils.IsNormAbsPath(x)),
@@ -477,8 +515,8 @@ class KVMHypervisor(hv_base.BaseHypervisor):
       hv_base.ParamInSet(False, constants.HT_KVM_VALID_MOUSE_TYPES),
     constants.HV_KEYMAP: hv_base.NO_CHECK,
     constants.HV_MIGRATION_PORT: hv_base.REQ_NET_PORT_CHECK,
-    constants.HV_MIGRATION_BANDWIDTH: hv_base.NO_CHECK,
-    constants.HV_MIGRATION_DOWNTIME: hv_base.NO_CHECK,
+    constants.HV_MIGRATION_BANDWIDTH: hv_base.REQ_NONNEGATIVE_INT_CHECK,
+    constants.HV_MIGRATION_DOWNTIME: hv_base.REQ_NONNEGATIVE_INT_CHECK,
     constants.HV_MIGRATION_MODE: hv_base.MIGRATION_MODE_CHECK,
     constants.HV_USE_LOCALTIME: hv_base.NO_CHECK,
     constants.HV_DISK_CACHE:
@@ -495,6 +533,14 @@ class KVMHypervisor(hv_base.BaseHypervisor):
       hv_base.ParamInSet(True, constants.REBOOT_BEHAVIORS),
     constants.HV_CPU_MASK: hv_base.OPT_MULTI_CPU_MASK_CHECK,
     constants.HV_CPU_TYPE: hv_base.NO_CHECK,
+    constants.HV_CPU_CORES: hv_base.OPT_NONNEGATIVE_INT_CHECK,
+    constants.HV_CPU_THREADS: hv_base.OPT_NONNEGATIVE_INT_CHECK,
+    constants.HV_CPU_SOCKETS: hv_base.OPT_NONNEGATIVE_INT_CHECK,
+    constants.HV_SOUNDHW: hv_base.NO_CHECK,
+    constants.HV_USB_DEVICES: hv_base.NO_CHECK,
+    constants.HV_VGA: hv_base.NO_CHECK,
+    constants.HV_KVM_EXTRA: hv_base.NO_CHECK,
+    constants.HV_KVM_MACHINE_VERSION: hv_base.NO_CHECK,
     }
 
   _MIGRATION_STATUS_RE = re.compile("Migration\s+status:\s+(\w+)",
@@ -513,6 +559,21 @@ class KVMHypervisor(hv_base.BaseHypervisor):
   _CPU_INFO_CMD = "info cpus"
   _CONT_CMD = "cont"
 
+  _DEFAULT_MACHINE_VERSION_RE = re.compile(r"^(\S+).*\(default\)", re.M)
+  _CHECK_MACHINE_VERSION_RE = \
+    staticmethod(lambda x: re.compile(r"^(%s)[ ]+.*PC" % x, re.M))
+
+  _QMP_RE = re.compile(r"^-qmp\s", re.M)
+  _SPICE_RE = re.compile(r"^-spice\s", re.M)
+  _VHOST_RE = re.compile(r"^-net\s.*,vhost=on|off", re.M)
+  _ENABLE_KVM_RE = re.compile(r"^-enable-kvm\s", re.M)
+  _DISABLE_KVM_RE = re.compile(r"^-disable-kvm\s", re.M)
+  _NETDEV_RE = re.compile(r"^-netdev\s", re.M)
+  # match  -drive.*boot=on|off on different lines, but in between accept only
+  # dashes not preceeded by a new line (which would mean another option
+  # different than -drive is starting)
+  _BOOT_RE = re.compile(r"^-drive\s([^-]|(?<!^)-)*,boot=on\|off", re.M | re.S)
+
   ANCILLARY_FILES = [
     _KVM_NETWORK_SCRIPT,
     ]
@@ -578,7 +639,7 @@ class KVMHypervisor(hv_base.BaseHypervisor):
       elif arg == "-m":
         memory = int(arg_list.pop(0))
       elif arg == "-smp":
-        vcpus = int(arg_list.pop(0))
+        vcpus = int(arg_list.pop(0).split(",")[0])
 
     if instance is None:
       raise errors.HypervisorError("Pid %s doesn't contain a ganeti kvm"
@@ -775,27 +836,6 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     if nic.nicparams[constants.NIC_LINK]:
       env["LINK"] = nic.nicparams[constants.NIC_LINK]
 
-    def _BuildNetworkEnv(name, network, gateway, network6, gateway6,
-                         network_type, mac_prefix, tags, env):
-      if name:
-        env["NETWORK_NAME"] = name
-      if network:
-        env["NETWORK_SUBNET"] = network
-      if gateway:
-        env["NETWORK_GATEWAY"] = gateway
-      if network6:
-        env["NETWORK_SUBNET6"] = network6
-      if gateway6:
-        env["NETWORK_GATEWAY6"] = gateway6
-      if mac_prefix:
-        env["NETWORK_MAC_PREFIX"] = mac_prefix
-      if network_type:
-        env["NETWORK_TYPE"] = network_type
-      if tags:
-        env["NETWORK_TAGS"] = " ".join(tags)
-
-      return env
-
     if nic.network:
       n = objects.Network.FromDict(nic.netinfo)
       _BuildNetworkEnv(nic.network, n.network, n.gateway,
@@ -971,9 +1011,12 @@ class KVMHypervisor(hv_base.BaseHypervisor):
         data.append(info)
     return data
 
-  def _GenerateKVMRuntime(self, instance, block_devices, startup_paused):
+  def _GenerateKVMRuntime(self, instance, block_devices, startup_paused,
+                          kvmhelp):
     """Generate KVM information to start an instance.
 
+    @type kvmhelp: string
+    @param kvmhelp: output of kvm --help
     @attention: this function must not have any side-effects; for
         example, it must not write to the filesystem, or read values
         from the current system the are expected to differ between
@@ -982,16 +1025,26 @@ class KVMHypervisor(hv_base.BaseHypervisor):
         done in L{_ExecuteKVMRuntime}
 
     """
-    # pylint: disable=R0914,R0915
-    _, v_major, v_min, _ = self._GetKVMVersion()
+    # pylint: disable=R0912,R0914,R0915
+    hvp = instance.hvparams
 
     pidfile = self._InstancePidFile(instance.name)
-    kvm = constants.KVM_PATH
+    kvm = hvp[constants.HV_KVM_PATH]
     kvm_cmd = [kvm]
     # used just by the vnc server, if enabled
     kvm_cmd.extend(["-name", instance.name])
     kvm_cmd.extend(["-m", instance.beparams[constants.BE_MAXMEM]])
-    kvm_cmd.extend(["-smp", instance.beparams[constants.BE_VCPUS]])
+
+    smp_list = ["%s" % instance.beparams[constants.BE_VCPUS]]
+    if hvp[constants.HV_CPU_CORES]:
+      smp_list.append("cores=%s" % hvp[constants.HV_CPU_CORES])
+    if hvp[constants.HV_CPU_THREADS]:
+      smp_list.append("threads=%s" % hvp[constants.HV_CPU_THREADS])
+    if hvp[constants.HV_CPU_SOCKETS]:
+      smp_list.append("sockets=%s" % hvp[constants.HV_CPU_SOCKETS])
+
+    kvm_cmd.extend(["-smp", ",".join(smp_list)])
+
     kvm_cmd.extend(["-pidfile", pidfile])
     kvm_cmd.extend(["-balloon", "virtio"])
     kvm_cmd.extend(["-daemonize"])
@@ -1001,7 +1054,11 @@ class KVMHypervisor(hv_base.BaseHypervisor):
         constants.INSTANCE_REBOOT_EXIT:
       kvm_cmd.extend(["-no-reboot"])
 
-    hvp = instance.hvparams
+    mversion = hvp[constants.HV_KVM_MACHINE_VERSION]
+    if not mversion:
+      mversion = self._GetDefaultMachineVersion(kvm)
+    kvm_cmd.extend(["-M", mversion])
+
     kernel_path = hvp[constants.HV_KERNEL_PATH]
     if kernel_path:
       boot_disk = boot_cdrom = boot_floppy = boot_network = False
@@ -1016,9 +1073,11 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     if startup_paused:
       kvm_cmd.extend([_KVM_START_PAUSED_FLAG])
 
-    if hvp[constants.HV_KVM_FLAG] == constants.HT_KVM_ENABLED:
+    if (hvp[constants.HV_KVM_FLAG] == constants.HT_KVM_ENABLED and
+        self._ENABLE_KVM_RE.search(kvmhelp)):
       kvm_cmd.extend(["-enable-kvm"])
-    elif hvp[constants.HV_KVM_FLAG] == constants.HT_KVM_DISABLED:
+    elif (hvp[constants.HV_KVM_FLAG] == constants.HT_KVM_DISABLED and
+          self._DISABLE_KVM_RE.search(kvmhelp)):
       kvm_cmd.extend(["-disable-kvm"])
 
     if boot_network:
@@ -1026,7 +1085,7 @@ class KVMHypervisor(hv_base.BaseHypervisor):
 
     # whether this is an older KVM version that uses the boot=on flag
     # on devices
-    needs_boot_flag = (v_major, v_min) < (0, 14)
+    needs_boot_flag = self._BOOT_RE.search(kvmhelp)
 
     disk_type = hvp[constants.HV_DISK_TYPE]
     if disk_type == constants.HT_DISK_PARAVIRTUAL:
@@ -1117,7 +1176,8 @@ class KVMHypervisor(hv_base.BaseHypervisor):
       root_append = ["root=%s" % hvp[constants.HV_ROOT_PATH],
                      hvp[constants.HV_KERNEL_ARGS]]
       if hvp[constants.HV_SERIAL_CONSOLE]:
-        root_append.append("console=ttyS0,38400")
+        serial_speed = hvp[constants.HV_SERIAL_SPEED]
+        root_append.append("console=ttyS0,%s" % serial_speed)
       kvm_cmd.extend(["-append", " ".join(root_append)])
 
     mem_path = hvp[constants.HV_MEM_PATH]
@@ -1139,8 +1199,9 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     spice_bind = hvp[constants.HV_KVM_SPICE_BIND]
     spice_ip_version = None
 
+    kvm_cmd.extend(["-usb"])
+
     if mouse_type:
-      kvm_cmd.extend(["-usb"])
       kvm_cmd.extend(["-usbdevice", mouse_type])
     elif vnc_bind_address:
       kvm_cmd.extend(["-usbdevice", constants.HT_MOUSE_TABLET])
@@ -1271,9 +1332,6 @@ class KVMHypervisor(hv_base.BaseHypervisor):
       logging.info("KVM: SPICE will listen on port %s", instance.network_port)
       kvm_cmd.extend(["-spice", spice_arg])
 
-      # Tell kvm to use the paravirtualized graphic card, optimized for SPICE
-      kvm_cmd.extend(["-vga", "qxl"])
-
     else:
       kvm_cmd.extend(["-nographic"])
 
@@ -1287,6 +1345,25 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     if hvp[constants.HV_CPU_TYPE]:
       kvm_cmd.extend(["-cpu", hvp[constants.HV_CPU_TYPE]])
 
+    # As requested by music lovers
+    if hvp[constants.HV_SOUNDHW]:
+      kvm_cmd.extend(["-soundhw", hvp[constants.HV_SOUNDHW]])
+
+    # Pass a -vga option if requested, or if spice is used, for backwards
+    # compatibility.
+    if hvp[constants.HV_VGA]:
+      kvm_cmd.extend(["-vga", hvp[constants.HV_VGA]])
+    elif spice_bind:
+      kvm_cmd.extend(["-vga", "qxl"])
+
+    # Various types of usb devices, comma separated
+    if hvp[constants.HV_USB_DEVICES]:
+      for dev in hvp[constants.HV_USB_DEVICES].split(","):
+        kvm_cmd.extend(["-usbdevice", dev])
+
+    if hvp[constants.HV_KVM_EXTRA]:
+      kvm_cmd.extend([hvp[constants.HV_KVM_EXTRA]])
+
     # Save the current instance nics, but defer their expansion as parameters,
     # as we'll need to generate executable temp files for them.
     kvm_nics = instance.nics
@@ -1357,11 +1434,13 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     if not self._InstancePidAlive(name)[2]:
       raise errors.HypervisorError("Failed to start instance %s" % name)
 
-  def _ExecuteKVMRuntime(self, instance, kvm_runtime, incoming=None):
+  def _ExecuteKVMRuntime(self, instance, kvm_runtime, kvmhelp, incoming=None):
     """Execute a KVM cmd, after completing it with some last minute data.
 
     @type incoming: tuple of strings
     @param incoming: (target_host_ip, port)
+    @type kvmhelp: string
+    @param kvmhelp: output of kvm --help
 
     """
     # Small _ExecuteKVMRuntime hv parameters programming howto:
@@ -1381,7 +1460,7 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     kvm_cmd, kvm_nics, up_hvp = kvm_runtime
     up_hvp = objects.FillDict(conf_hvp, up_hvp)
 
-    _, v_major, v_min, _ = self._GetKVMVersion()
+    _, v_major, v_min, _ = self._ParseKVMVersion(kvmhelp)
 
     # We know it's safe to run as a different user upon migration, so we'll use
     # the latest conf, from conf_hvp.
@@ -1419,8 +1498,8 @@ class KVMHypervisor(hv_base.BaseHypervisor):
           nic_model = "virtio"
 
         if up_hvp[constants.HV_VHOST_NET]:
-          # vhost_net is only available from version 0.13.0 or newer
-          if (v_major, v_min) >= (0, 13):
+          # check for vhost_net support
+          if self._VHOST_RE.search(kvmhelp):
             tap_extra = ",vhost=on"
           else:
             raise errors.HypervisorError("vhost_net is configured"
@@ -1432,7 +1511,7 @@ class KVMHypervisor(hv_base.BaseHypervisor):
         tapname, tapfd = _OpenTap(vnet_hdr)
         tapfds.append(tapfd)
         taps.append(tapname)
-        if (v_major, v_min) >= (0, 12):
+        if self._NETDEV_RE.search(kvmhelp):
           nic_val = "%s,mac=%s,netdev=netdev%s" % (nic_model, nic.mac, nic_seq)
           tap_val = "type=tap,id=netdev%s,fd=%d%s" % (nic_seq, tapfd, tap_extra)
           kvm_cmd.extend(["-netdev", tap_val, "-device", nic_val])
@@ -1463,7 +1542,7 @@ class KVMHypervisor(hv_base.BaseHypervisor):
                          constants.SECURE_DIR_MODE)])
 
     # Automatically enable QMP if version is >= 0.14
-    if (v_major, v_min) >= (0, 14):
+    if self._QMP_RE.search(kvmhelp):
       logging.debug("Enabling QMP")
       kvm_cmd.extend(["-qmp", "unix:%s,server,nowait" %
                       self._InstanceQmpMonitor(instance.name)])
@@ -1562,10 +1641,12 @@ class KVMHypervisor(hv_base.BaseHypervisor):
 
     """
     self._CheckDown(instance.name)
+    kvmpath = instance.hvparams[constants.HV_KVM_PATH]
+    kvmhelp = self._GetKVMHelpOutput(kvmpath)
     kvm_runtime = self._GenerateKVMRuntime(instance, block_devices,
-                                           startup_paused)
+                                           startup_paused, kvmhelp)
     self._SaveKVMRuntime(instance, kvm_runtime)
-    self._ExecuteKVMRuntime(instance, kvm_runtime)
+    self._ExecuteKVMRuntime(instance, kvm_runtime, kvmhelp)
 
   def _CallMonitorCommand(self, instance_name, command):
     """Invoke a command on the instance monitor.
@@ -1609,17 +1690,52 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     return (v_all, v_maj, v_min, v_rev)
 
   @classmethod
-  def _GetKVMVersion(cls):
+  def _GetKVMHelpOutput(cls, kvm_path):
+    """Return the KVM help output.
+
+    @return: output of kvm --help
+    @raise errors.HypervisorError: when the KVM help output cannot be retrieved
+
+    """
+    result = utils.RunCmd([kvm_path, "--help"])
+    if result.failed:
+      raise errors.HypervisorError("Unable to get KVM help output")
+    return result.output
+
+  @classmethod
+  def _GetKVMVersion(cls, kvm_path):
     """Return the installed KVM version.
 
     @return: (version, v_maj, v_min, v_rev)
     @raise errors.HypervisorError: when the KVM version cannot be retrieved
 
     """
-    result = utils.RunCmd([constants.KVM_PATH, "--help"])
+    return cls._ParseKVMVersion(cls._GetKVMHelpOutput(kvm_path))
+
+  @classmethod
+  def _GetKVMSupportedMachinesOutput(cls, kvm_path):
+    """Return the output regarding supported machine versions.
+
+    @return: output of kvm -M ?
+    @raise errors.HypervisorError: when the KVM help output cannot be retrieved
+
+    """
+    result = utils.RunCmd([kvm_path, "-M", "?"])
     if result.failed:
-      raise errors.HypervisorError("Unable to get KVM version")
-    return cls._ParseKVMVersion(result.output)
+      raise errors.HypervisorError("Unable to get kvm -M ? output")
+    return result.output
+
+  @classmethod
+  def _GetDefaultMachineVersion(cls, kvm_path):
+    """Return the default hardware revision (e.g. pc-1.1)
+
+    """
+    output = cls._GetKVMSupportedMachinesOutput(kvm_path)
+    match = cls._DEFAULT_MACHINE_VERSION_RE.search(output)
+    if match:
+      return match.group(1)
+    else:
+      return "pc"
 
   def StopInstance(self, instance, force=False, retry=False, name=None):
     """Stop an instance.
@@ -1667,7 +1783,9 @@ class KVMHypervisor(hv_base.BaseHypervisor):
       self.StopInstance(instance, force=True)
     # ...and finally we can save it again, and execute it...
     self._SaveKVMRuntime(instance, kvm_runtime)
-    self._ExecuteKVMRuntime(instance, kvm_runtime)
+    kvmpath = instance.hvparams[constants.HV_KVM_PATH]
+    kvmhelp = self._GetKVMHelpOutput(kvmpath)
+    self._ExecuteKVMRuntime(instance, kvm_runtime, kvmhelp)
 
   def MigrationInfo(self, instance):
     """Get instance information to perform a migration.
@@ -1693,7 +1811,10 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     """
     kvm_runtime = self._LoadKVMRuntime(instance, serialized_runtime=info)
     incoming_address = (target, instance.hvparams[constants.HV_MIGRATION_PORT])
-    self._ExecuteKVMRuntime(instance, kvm_runtime, incoming=incoming_address)
+    kvmpath = instance.hvparams[constants.HV_KVM_PATH]
+    kvmhelp = self._GetKVMHelpOutput(kvmpath)
+    self._ExecuteKVMRuntime(instance, kvm_runtime, kvmhelp,
+                            incoming=incoming_address)
 
   def FinalizeMigrationDst(self, instance, info, success):
     """Finalize the instance migration on the target node.
@@ -1840,7 +1961,10 @@ class KVMHypervisor(hv_base.BaseHypervisor):
 
     """
     result = self.GetLinuxNodeInfo()
-    _, v_major, v_min, v_rev = self._GetKVMVersion()
+    # FIXME: this is the global kvm version, but the actual version can be
+    # customized as an hv parameter. we should use the nodegroup's default kvm
+    # path parameter here.
+    _, v_major, v_min, v_rev = self._GetKVMVersion(constants.KVM_PATH)
     result[constants.HV_NODEINFO_KEY_VERSION] = (v_major, v_min, v_rev)
     return result
 
@@ -1888,6 +2012,9 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     Check that the binary exists.
 
     """
+    # FIXME: this is the global kvm version, but the actual version can be
+    # customized as an hv parameter. we should use the nodegroup's default kvm
+    # path parameter here.
     if not os.path.exists(constants.KVM_PATH):
       return "The kvm binary ('%s') does not exist." % constants.KVM_PATH
     if not os.path.exists(constants.SOCAT_PATH):
@@ -1916,6 +2043,14 @@ class KVMHypervisor(hv_base.BaseHypervisor):
                                    (constants.HV_VNC_X509,
                                     constants.HV_VNC_X509_VERIFY))
 
+    if hvparams[constants.HV_SERIAL_CONSOLE]:
+      serial_speed = hvparams[constants.HV_SERIAL_SPEED]
+      valid_speeds = constants.VALID_SERIAL_SPEEDS
+      if not serial_speed or serial_speed not in valid_speeds:
+        raise errors.HypervisorError("Invalid serial console speed, must be"
+                                     " one of: %s" %
+                                     utils.CommaJoin(valid_speeds))
+
     boot_order = hvparams[constants.HV_BOOT_ORDER]
     if (boot_order == constants.HT_BO_CDROM and
         not hvparams[constants.HV_CDROM_IMAGE_PATH]):
@@ -1953,16 +2088,7 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     else:
       # All the other SPICE parameters depend on spice_bind being set. Raise an
       # error if any of them is set without it.
-      spice_additional_params = frozenset([
-        constants.HV_KVM_SPICE_IP_VERSION,
-        constants.HV_KVM_SPICE_PASSWORD_FILE,
-        constants.HV_KVM_SPICE_LOSSLESS_IMG_COMPR,
-        constants.HV_KVM_SPICE_JPEG_IMG_COMPR,
-        constants.HV_KVM_SPICE_ZLIB_GLZ_IMG_COMPR,
-        constants.HV_KVM_SPICE_STREAMING_VIDEO_DETECTION,
-        constants.HV_KVM_SPICE_USE_TLS,
-        ])
-      for param in spice_additional_params:
+      for param in _SPICE_ADDITIONAL_PARAMS:
         if hvparams[param]:
           raise errors.HypervisorError("spice: %s requires %s to be set" %
                                        (param, constants.HV_KVM_SPICE_BIND))
@@ -1978,6 +2104,8 @@ class KVMHypervisor(hv_base.BaseHypervisor):
     """
     super(KVMHypervisor, cls).ValidateParameters(hvparams)
 
+    kvm_path = hvparams[constants.HV_KVM_PATH]
+
     security_model = hvparams[constants.HV_SECURITY_MODEL]
     if security_model == constants.HT_SM_USER:
       username = hvparams[constants.HV_SECURITY_DOMAIN]
@@ -1995,11 +2123,11 @@ class KVMHypervisor(hv_base.BaseHypervisor):
                                      " only one of them can be used at a"
                                      " given time.")
 
-      # KVM version should be >= 0.14.0
-      _, v_major, v_min, _ = cls._GetKVMVersion()
-      if (v_major, v_min) < (0, 14):
+      # check that KVM supports SPICE
+      kvmhelp = cls._GetKVMHelpOutput(kvm_path)
+      if not cls._SPICE_RE.search(kvmhelp):
         raise errors.HypervisorError("spice is configured, but it is not"
-                                     " available in versions of KVM < 0.14")
+                                     " supported according to kvm --help")
 
       # if spice_bind is not an IP address, it must be a valid interface
       bound_to_addr = (netutils.IP4Address.IsValid(spice_bind)
@@ -2009,6 +2137,13 @@ class KVMHypervisor(hv_base.BaseHypervisor):
                                      " a valid IP address or interface name" %
                                      constants.HV_KVM_SPICE_BIND)
 
+    machine_version = hvparams[constants.HV_KVM_MACHINE_VERSION]
+    if machine_version:
+      output = cls._GetKVMSupportedMachinesOutput(kvm_path)
+      if not cls._CHECK_MACHINE_VERSION_RE(machine_version).search(output):
+        raise errors.HypervisorError("Unsupported machine version: %s" %
+                                     machine_version)
+
   @classmethod
   def PowercycleNode(cls):
     """KVM powercycle, just a wrapper over Linux powercycle.