X-Git-Url: https://code.grnet.gr/git/ganeti-local/blobdiff_plain/a900a30cdd660f04ccc4526303f9d1ccb0fbd284..e8b5640eed3fca60a7b8c7373637baa5f6bb0704:/lib/hypervisor/hv_kvm.py diff --git a/lib/hypervisor/hv_kvm.py b/lib/hypervisor/hv_kvm.py index f222f59..14c5807 100644 --- a/lib/hypervisor/hv_kvm.py +++ b/lib/hypervisor/hv_kvm.py @@ -1,7 +1,7 @@ # # -# Copyright (C) 2008, 2009, 2010, 2011, 2012 Google Inc. +# Copyright (C) 2008, 2009, 2010, 2011, 2012, 2013 Google Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -80,7 +80,24 @@ _SPICE_ADDITIONAL_PARAMS = frozenset([ ]) -def _ProbeTapVnetHdr(fd): +def _GetTunFeatures(fd, _ioctl=fcntl.ioctl): + """Retrieves supported TUN features from file descriptor. + + @see: L{_ProbeTapVnetHdr} + + """ + req = struct.pack("I", 0) + try: + buf = _ioctl(fd, TUNGETFEATURES, req) + except EnvironmentError, err: + logging.warning("ioctl(TUNGETFEATURES) failed: %s", err) + return None + else: + (flags, ) = struct.unpack("I", buf) + return flags + + +def _ProbeTapVnetHdr(fd, _features_fn=_GetTunFeatures): """Check whether to enable the IFF_VNET_HDR flag. To do this, _all_ of the following conditions must be met: @@ -97,20 +114,19 @@ def _ProbeTapVnetHdr(fd): @param fd: the file descriptor of /dev/net/tun """ - req = struct.pack("I", 0) - try: - res = fcntl.ioctl(fd, TUNGETFEATURES, req) - except EnvironmentError: - logging.warning("TUNGETFEATURES ioctl() not implemented") - return False + flags = _features_fn(fd) - tunflags = struct.unpack("I", res)[0] - if tunflags & IFF_VNET_HDR: - return True - else: - logging.warning("Host does not support IFF_VNET_HDR, not enabling") + if flags is None: + # Not supported return False + result = bool(flags & IFF_VNET_HDR) + + if not result: + logging.warning("Kernel does not support IFF_VNET_HDR, not enabling") + + return result + def _OpenTap(vnet_hdr=True): """Open a new tap device and return its file descriptor. @@ -139,39 +155,15 @@ def _OpenTap(vnet_hdr=True): try: res = fcntl.ioctl(tapfd, TUNSETIFF, ifr) - except EnvironmentError: - raise errors.HypervisorError("Failed to allocate a new TAP device") + except EnvironmentError, err: + raise errors.HypervisorError("Failed to allocate a new TAP device: %s" % + err) # Get the interface name from the ioctl ifname = struct.unpack("16sh", res)[0].strip("\x00") return (ifname, tapfd) -def _BuildNetworkEnv(name, network, gateway, network6, gateway6, - network_type, mac_prefix, tags, env): - """Build environment variables concerning a Network. - - """ - if name: - env["NETWORK_NAME"] = name - if network: - env["NETWORK_SUBNET"] = network - if gateway: - env["NETWORK_GATEWAY"] = gateway - if network6: - env["NETWORK_SUBNET6"] = network6 - if gateway6: - env["NETWORK_GATEWAY6"] = gateway6 - if mac_prefix: - env["NETWORK_MAC_PREFIX"] = mac_prefix - if network_type: - env["NETWORK_TYPE"] = network_type - if tags: - env["NETWORK_TAGS"] = " ".join(tags) - - return env - - class QmpMessage: """QEMU Messaging Protocol (QMP) message. @@ -308,7 +300,7 @@ class QmpConnection: greeting = self._Recv() if not greeting[self._FIRST_MESSAGE_KEY]: self._connected = False - raise errors.HypervisorError("kvm: qmp communication error (wrong" + raise errors.HypervisorError("kvm: QMP communication error (wrong" " server greeting") # Let's put the monitor in command mode using the qmp_capabilities @@ -460,6 +452,7 @@ class KVMHypervisor(hv_base.BaseHypervisor): _CHROOT_DIR, _CHROOT_QUARANTINE_DIR, _KEYMAP_DIR] PARAMETERS = { + constants.HV_KVM_PATH: hv_base.REQ_FILE_CHECK, constants.HV_KERNEL_PATH: hv_base.OPT_FILE_CHECK, constants.HV_INITRD_PATH: hv_base.OPT_FILE_CHECK, constants.HV_ROOT_PATH: hv_base.NO_CHECK, @@ -467,11 +460,7 @@ class KVMHypervisor(hv_base.BaseHypervisor): constants.HV_ACPI: hv_base.NO_CHECK, constants.HV_SERIAL_CONSOLE: hv_base.NO_CHECK, constants.HV_SERIAL_SPEED: hv_base.NO_CHECK, - constants.HV_VNC_BIND_ADDRESS: - (False, lambda x: (netutils.IP4Address.IsValid(x) or - utils.IsNormAbsPath(x)), - "the VNC bind address must be either a valid IP address or an absolute" - " pathname", None, None), + constants.HV_VNC_BIND_ADDRESS: hv_base.NO_CHECK, # will be checked later constants.HV_VNC_TLS: hv_base.NO_CHECK, constants.HV_VNC_X509: hv_base.OPT_DIR_CHECK, constants.HV_VNC_X509_VERIFY: hv_base.NO_CHECK, @@ -480,7 +469,7 @@ class KVMHypervisor(hv_base.BaseHypervisor): constants.HV_KVM_SPICE_IP_VERSION: (False, lambda x: (x == constants.IFACE_NO_IP_VERSION_SPECIFIED or x in constants.VALID_IP_VERSIONS), - "the SPICE IP version should be 4 or 6", + "The SPICE IP version should be 4 or 6", None, None), constants.HV_KVM_SPICE_PASSWORD_FILE: hv_base.OPT_FILE_CHECK, constants.HV_KVM_SPICE_LOSSLESS_IMG_COMPR: @@ -535,8 +524,17 @@ class KVMHypervisor(hv_base.BaseHypervisor): constants.HV_CPU_CORES: hv_base.OPT_NONNEGATIVE_INT_CHECK, constants.HV_CPU_THREADS: hv_base.OPT_NONNEGATIVE_INT_CHECK, constants.HV_CPU_SOCKETS: hv_base.OPT_NONNEGATIVE_INT_CHECK, + constants.HV_SOUNDHW: hv_base.NO_CHECK, + constants.HV_USB_DEVICES: hv_base.NO_CHECK, + constants.HV_VGA: hv_base.NO_CHECK, + constants.HV_KVM_EXTRA: hv_base.NO_CHECK, + constants.HV_KVM_MACHINE_VERSION: hv_base.NO_CHECK, + constants.HV_VNET_HDR: hv_base.NO_CHECK, } + _VIRTIO = "virtio" + _VIRTIO_NET_PCI = "virtio-net-pci" + _MIGRATION_STATUS_RE = re.compile("Migration\s+status:\s+(\w+)", re.M | re.I) _MIGRATION_PROGRESS_RE = \ @@ -553,7 +551,24 @@ class KVMHypervisor(hv_base.BaseHypervisor): _CPU_INFO_CMD = "info cpus" _CONT_CMD = "cont" - _DEFAULT_MACHINE_VERSION_RE = re.compile(r"(\S+).*\(default\)") + _DEFAULT_MACHINE_VERSION_RE = re.compile(r"^(\S+).*\(default\)", re.M) + _CHECK_MACHINE_VERSION_RE = \ + staticmethod(lambda x: re.compile(r"^(%s)[ ]+.*PC" % x, re.M)) + + _QMP_RE = re.compile(r"^-qmp\s", re.M) + _SPICE_RE = re.compile(r"^-spice\s", re.M) + _VHOST_RE = re.compile(r"^-net\s.*,vhost=on|off", re.M) + _ENABLE_KVM_RE = re.compile(r"^-enable-kvm\s", re.M) + _DISABLE_KVM_RE = re.compile(r"^-disable-kvm\s", re.M) + _NETDEV_RE = re.compile(r"^-netdev\s", re.M) + _DISPLAY_RE = re.compile(r"^-display\s", re.M) + _MACHINE_RE = re.compile(r"^-machine\s", re.M) + _NEW_VIRTIO_RE = re.compile(r"^name \"%s\"" % _VIRTIO_NET_PCI, re.M) + # match -drive.*boot=on|off on different lines, but in between accept only + # dashes not preceeded by a new line (which would mean another option + # different than -drive is starting) + _BOOT_RE = re.compile(r"^-drive\s([^-]|(? constants.VNC_BASE_PORT: display = instance.network_port - constants.VNC_BASE_PORT @@ -1188,9 +1243,9 @@ class KVMHypervisor(hv_base.BaseHypervisor): else: vnc_arg = "%s:%d" % (vnc_bind_address, display) else: - logging.error("Network port is not a valid VNC display (%d < %d)." - " Not starting VNC", instance.network_port, - constants.VNC_BASE_PORT) + logging.error("Network port is not a valid VNC display (%d < %d)," + " not starting VNC", + instance.network_port, constants.VNC_BASE_PORT) vnc_arg = "none" # Only allow tls and other option when not binding to a file, for now. @@ -1226,7 +1281,7 @@ class KVMHypervisor(hv_base.BaseHypervisor): # have that kind of IP addresses, throw an exception if spice_ip_version != constants.IFACE_NO_IP_VERSION_SPECIFIED: if not addresses[spice_ip_version]: - raise errors.HypervisorError("spice: unable to get an IPv%s address" + raise errors.HypervisorError("SPICE: Unable to get an IPv%s address" " for %s" % (spice_ip_version, spice_bind)) @@ -1243,7 +1298,7 @@ class KVMHypervisor(hv_base.BaseHypervisor): elif addresses[constants.IP6_VERSION]: spice_ip_version = constants.IP6_VERSION else: - raise errors.HypervisorError("spice: unable to get an IP address" + raise errors.HypervisorError("SPICE: Unable to get an IP address" " for %s" % (spice_bind)) spice_address = addresses[spice_ip_version][0] @@ -1298,18 +1353,22 @@ class KVMHypervisor(hv_base.BaseHypervisor): # Enable the spice agent communication channel between the host and the # agent. kvm_cmd.extend(["-device", "virtio-serial-pci"]) - kvm_cmd.extend(["-device", "virtserialport,chardev=spicechannel0," - "name=com.redhat.spice.0"]) + kvm_cmd.extend([ + "-device", + "virtserialport,chardev=spicechannel0,name=com.redhat.spice.0", + ]) kvm_cmd.extend(["-chardev", "spicevmc,id=spicechannel0,name=vdagent"]) logging.info("KVM: SPICE will listen on port %s", instance.network_port) kvm_cmd.extend(["-spice", spice_arg]) - # Tell kvm to use the paravirtualized graphic card, optimized for SPICE - kvm_cmd.extend(["-vga", "qxl"]) - else: - kvm_cmd.extend(["-nographic"]) + # From qemu 1.4 -nographic is incompatible with -daemonize. The new way + # also works in earlier versions though (tested with 1.1 and 1.3) + if self._DISPLAY_RE.search(kvmhelp): + kvm_cmd.extend(["-display", "none"]) + else: + kvm_cmd.extend(["-nographic"]) if hvp[constants.HV_USE_LOCALTIME]: kvm_cmd.extend(["-localtime"]) @@ -1321,6 +1380,29 @@ class KVMHypervisor(hv_base.BaseHypervisor): if hvp[constants.HV_CPU_TYPE]: kvm_cmd.extend(["-cpu", hvp[constants.HV_CPU_TYPE]]) + # As requested by music lovers + if hvp[constants.HV_SOUNDHW]: + kvm_cmd.extend(["-soundhw", hvp[constants.HV_SOUNDHW]]) + + # Pass a -vga option if requested, or if spice is used, for backwards + # compatibility. + if hvp[constants.HV_VGA]: + kvm_cmd.extend(["-vga", hvp[constants.HV_VGA]]) + elif spice_bind: + kvm_cmd.extend(["-vga", "qxl"]) + + # Various types of usb devices, comma separated + if hvp[constants.HV_USB_DEVICES]: + for dev in hvp[constants.HV_USB_DEVICES].split(","): + kvm_cmd.extend(["-usbdevice", dev]) + + # Set system UUID to instance UUID + if self._UUID_RE.search(kvmhelp): + kvm_cmd.extend(["-uuid", instance.uuid]) + + if hvp[constants.HV_KVM_EXTRA]: + kvm_cmd.extend(hvp[constants.HV_KVM_EXTRA].split(" ")) + # Save the current instance nics, but defer their expansion as parameters, # as we'll need to generate executable temp files for them. kvm_nics = instance.nics @@ -1391,11 +1473,13 @@ class KVMHypervisor(hv_base.BaseHypervisor): if not self._InstancePidAlive(name)[2]: raise errors.HypervisorError("Failed to start instance %s" % name) - def _ExecuteKVMRuntime(self, instance, kvm_runtime, incoming=None): + def _ExecuteKVMRuntime(self, instance, kvm_runtime, kvmhelp, incoming=None): """Execute a KVM cmd, after completing it with some last minute data. @type incoming: tuple of strings @param incoming: (target_host_ip, port) + @type kvmhelp: string + @param kvmhelp: output of kvm --help """ # Small _ExecuteKVMRuntime hv parameters programming howto: @@ -1413,10 +1497,10 @@ class KVMHypervisor(hv_base.BaseHypervisor): temp_files = [] kvm_cmd, kvm_nics, up_hvp = kvm_runtime + # the first element of kvm_cmd is always the path to the kvm binary + kvm_path = kvm_cmd[0] up_hvp = objects.FillDict(conf_hvp, up_hvp) - _, v_major, v_min, _ = self._GetKVMVersion() - # We know it's safe to run as a different user upon migration, so we'll use # the latest conf, from conf_hvp. security_model = conf_hvp[constants.HV_SECURITY_MODEL] @@ -1445,16 +1529,20 @@ class KVMHypervisor(hv_base.BaseHypervisor): tap_extra = "" nic_type = up_hvp[constants.HV_NIC_TYPE] if nic_type == constants.HT_NIC_PARAVIRTUAL: - # From version 0.12.0, kvm uses a new sintax for network configuration. - if (v_major, v_min) >= (0, 12): - nic_model = "virtio-net-pci" - vnet_hdr = True - else: - nic_model = "virtio" + nic_model = self._VIRTIO + try: + devlist = self._GetKVMOutput(kvm_path, self._KVMOPT_DEVICELIST) + if self._NEW_VIRTIO_RE.search(devlist): + nic_model = self._VIRTIO_NET_PCI + vnet_hdr = up_hvp[constants.HV_VNET_HDR] + except errors.HypervisorError, _: + # Older versions of kvm don't support DEVICE_LIST, but they don't + # have new virtio syntax either. + pass if up_hvp[constants.HV_VHOST_NET]: - # vhost_net is only available from version 0.13.0 or newer - if (v_major, v_min) >= (0, 13): + # check for vhost_net support + if self._VHOST_RE.search(kvmhelp): tap_extra = ",vhost=on" else: raise errors.HypervisorError("vhost_net is configured" @@ -1462,11 +1550,13 @@ class KVMHypervisor(hv_base.BaseHypervisor): else: nic_model = nic_type + kvm_supports_netdev = self._NETDEV_RE.search(kvmhelp) + for nic_seq, nic in enumerate(kvm_nics): - tapname, tapfd = _OpenTap(vnet_hdr) + tapname, tapfd = _OpenTap(vnet_hdr=vnet_hdr) tapfds.append(tapfd) taps.append(tapname) - if (v_major, v_min) >= (0, 12): + if kvm_supports_netdev: nic_val = "%s,mac=%s,netdev=netdev%s" % (nic_model, nic.mac, nic_seq) tap_val = "type=tap,id=netdev%s,fd=%d%s" % (nic_seq, tapfd, tap_extra) kvm_cmd.extend(["-netdev", tap_val, "-device", nic_val]) @@ -1497,7 +1587,7 @@ class KVMHypervisor(hv_base.BaseHypervisor): constants.SECURE_DIR_MODE)]) # Automatically enable QMP if version is >= 0.14 - if (v_major, v_min) >= (0, 14): + if self._QMP_RE.search(kvmhelp): logging.debug("Enabling QMP") kvm_cmd.extend(["-qmp", "unix:%s,server,nowait" % self._InstanceQmpMonitor(instance.name)]) @@ -1596,25 +1686,33 @@ class KVMHypervisor(hv_base.BaseHypervisor): """ self._CheckDown(instance.name) + kvmpath = instance.hvparams[constants.HV_KVM_PATH] + kvmhelp = self._GetKVMOutput(kvmpath, self._KVMOPT_HELP) kvm_runtime = self._GenerateKVMRuntime(instance, block_devices, - startup_paused) + startup_paused, kvmhelp) self._SaveKVMRuntime(instance, kvm_runtime) - self._ExecuteKVMRuntime(instance, kvm_runtime) + self._ExecuteKVMRuntime(instance, kvm_runtime, kvmhelp) def _CallMonitorCommand(self, instance_name, command): """Invoke a command on the instance monitor. """ + # TODO: Replace monitor calls with QMP once KVM >= 0.14 is the minimum + # version. The monitor protocol is designed for human consumption, whereas + # QMP is made for programmatic usage. In the worst case QMP can also + # execute monitor commands. As it is, all calls to socat take at least + # 500ms and likely more: socat can't detect the end of the reply and waits + # for 500ms of no data received before exiting (500 ms is the default for + # the "-t" parameter). socat = ("echo %s | %s STDIO UNIX-CONNECT:%s" % (utils.ShellQuote(command), constants.SOCAT_PATH, utils.ShellQuote(self._InstanceMonitor(instance_name)))) result = utils.RunCmd(socat) if result.failed: - msg = ("Failed to send command '%s' to instance %s." - " output: %s, error: %s, fail_reason: %s" % - (command, instance_name, - result.stdout, result.stderr, result.fail_reason)) + msg = ("Failed to send command '%s' to instance '%s', reason '%s'," + " output: %s" % + (command, instance_name, result.fail_reason, result.output)) raise errors.HypervisorError(msg) return result @@ -1643,17 +1741,48 @@ class KVMHypervisor(hv_base.BaseHypervisor): return (v_all, v_maj, v_min, v_rev) @classmethod - def _GetKVMVersion(cls): + def _GetKVMOutput(cls, kvm_path, option): + """Return the output of a kvm invocation + + @type kvm_path: string + @param kvm_path: path to the kvm executable + @type option: a key of _KVMOPTS_CMDS + @param option: kvm option to fetch the output from + @return: output a supported kvm invocation + @raise errors.HypervisorError: when the KVM help output cannot be retrieved + + """ + assert option in cls._KVMOPTS_CMDS, "Invalid output option" + + optlist, can_fail = cls._KVMOPTS_CMDS[option] + + result = utils.RunCmd([kvm_path] + optlist) + if result.failed and not can_fail: + raise errors.HypervisorError("Unable to get KVM %s output" % + " ".join(cls._KVMOPTS_CMDS[option])) + return result.output + + @classmethod + def _GetKVMVersion(cls, kvm_path): """Return the installed KVM version. @return: (version, v_maj, v_min, v_rev) @raise errors.HypervisorError: when the KVM version cannot be retrieved """ - result = utils.RunCmd([constants.KVM_PATH, "--help"]) - if result.failed: - raise errors.HypervisorError("Unable to get KVM version") - return cls._ParseKVMVersion(result.output) + return cls._ParseKVMVersion(cls._GetKVMOutput(kvm_path, cls._KVMOPT_HELP)) + + @classmethod + def _GetDefaultMachineVersion(cls, kvm_path): + """Return the default hardware revision (e.g. pc-1.1) + + """ + output = cls._GetKVMOutput(kvm_path, cls._KVMOPT_MLIST) + match = cls._DEFAULT_MACHINE_VERSION_RE.search(output) + if match: + return match.group(1) + else: + return "pc" def StopInstance(self, instance, force=False, retry=False, name=None): """Stop an instance. @@ -1673,21 +1802,6 @@ class KVMHypervisor(hv_base.BaseHypervisor): else: self._CallMonitorCommand(name, "system_powerdown") - @classmethod - def _GetDefaultMachineVersion(cls): - """Return the default hardware revision (e.g. pc-1.1) - - """ - result = utils.RunCmd([constants.KVM_PATH, "-M", "?"]) - if result.failed: - raise errors.HypervisorError("Unable to get default hardware revision") - for line in result.output.splitlines(): - match = cls._DEFAULT_MACHINE_VERSION_RE.match(line) - if match: - return match.group(1) - - return "pc" - def CleanupInstance(self, instance_name): """Cleanup after a stopped instance @@ -1716,7 +1830,9 @@ class KVMHypervisor(hv_base.BaseHypervisor): self.StopInstance(instance, force=True) # ...and finally we can save it again, and execute it... self._SaveKVMRuntime(instance, kvm_runtime) - self._ExecuteKVMRuntime(instance, kvm_runtime) + kvmpath = instance.hvparams[constants.HV_KVM_PATH] + kvmhelp = self._GetKVMOutput(kvmpath, self._KVMOPT_HELP) + self._ExecuteKVMRuntime(instance, kvm_runtime, kvmhelp) def MigrationInfo(self, instance): """Get instance information to perform a migration. @@ -1742,7 +1858,10 @@ class KVMHypervisor(hv_base.BaseHypervisor): """ kvm_runtime = self._LoadKVMRuntime(instance, serialized_runtime=info) incoming_address = (target, instance.hvparams[constants.HV_MIGRATION_PORT]) - self._ExecuteKVMRuntime(instance, kvm_runtime, incoming=incoming_address) + kvmpath = instance.hvparams[constants.HV_KVM_PATH] + kvmhelp = self._GetKVMOutput(kvmpath, self._KVMOPT_HELP) + self._ExecuteKVMRuntime(instance, kvm_runtime, kvmhelp, + incoming=incoming_address) def FinalizeMigrationDst(self, instance, info, success): """Finalize the instance migration on the target node. @@ -1776,12 +1895,14 @@ class KVMHypervisor(hv_base.BaseHypervisor): else: self.StopInstance(instance, force=True) - def MigrateInstance(self, instance, target, live): + def MigrateInstance(self, cluster_name, instance, target, live): """Migrate an instance to a target node. The migration will not be attempted if the instance is not currently running. + @type cluster_name: string + @param cluster_name: name of the cluster @type instance: L{objects.Instance} @param instance: the instance to be migrated @type target: string @@ -1877,24 +1998,28 @@ class KVMHypervisor(hv_base.BaseHypervisor): """ self._CallMonitorCommand(instance.name, "balloon %d" % mem) - def GetNodeInfo(self): + def GetNodeInfo(self, hvparams=None): """Return information about the node. - @return: a dict with the following keys (values in MiB): - - memory_total: the total memory size on the node - - memory_free: the available memory on the node for instances - - memory_dom0: the memory used by the node itself, if available + @type hvparams: dict of strings + @param hvparams: hypervisor parameters, not used in this class + + @return: a dict as returned by L{BaseHypervisor.GetLinuxNodeInfo} plus + the following keys: - hv_version: the hypervisor version in the form (major, minor, revision) """ result = self.GetLinuxNodeInfo() - _, v_major, v_min, v_rev = self._GetKVMVersion() + # FIXME: this is the global kvm version, but the actual version can be + # customized as an hv parameter. we should use the nodegroup's default kvm + # path parameter here. + _, v_major, v_min, v_rev = self._GetKVMVersion(constants.KVM_PATH) result[constants.HV_NODEINFO_KEY_VERSION] = (v_major, v_min, v_rev) return result @classmethod - def GetInstanceConsole(cls, instance, hvparams, beparams): + def GetInstanceConsole(cls, instance, primary_node, hvparams, beparams): """Return a command for connecting to the console of an instance. """ @@ -1906,7 +2031,7 @@ class KVMHypervisor(hv_base.BaseHypervisor): "UNIX-CONNECT:%s" % cls._InstanceSerial(instance.name)] return objects.InstanceConsole(instance=instance.name, kind=constants.CONS_SSH, - host=instance.primary_node, + host=primary_node.name, user=constants.SSH_CONSOLE_USER, command=cmd) @@ -1931,16 +2056,28 @@ class KVMHypervisor(hv_base.BaseHypervisor): message=("No serial shell for instance %s" % instance.name)) - def Verify(self): + def Verify(self, hvparams=None): """Verify the hypervisor. - Check that the binary exists. + Check that the required binaries exist. + + @type hvparams: dict of strings + @param hvparams: hypervisor parameters to be verified against, not used here + + @return: Problem description if something is wrong, C{None} otherwise """ + msgs = [] + # FIXME: this is the global kvm binary, but the actual path can be + # customized as an hv parameter; we should use the nodegroup's + # default kvm path parameter here. if not os.path.exists(constants.KVM_PATH): - return "The kvm binary ('%s') does not exist." % constants.KVM_PATH + msgs.append("The KVM binary ('%s') does not exist" % constants.KVM_PATH) if not os.path.exists(constants.SOCAT_PATH): - return "The socat binary ('%s') does not exist." % constants.SOCAT_PATH + msgs.append("The socat binary ('%s') does not exist" % + constants.SOCAT_PATH) + + return self._FormatVerifyResults(msgs) @classmethod def CheckParameterSyntax(cls, hvparams): @@ -1998,13 +2135,13 @@ class KVMHypervisor(hv_base.BaseHypervisor): # IP of that family if (netutils.IP4Address.IsValid(spice_bind) and spice_ip_version != constants.IP4_VERSION): - raise errors.HypervisorError("spice: got an IPv4 address (%s), but" + raise errors.HypervisorError("SPICE: Got an IPv4 address (%s), but" " the specified IP version is %s" % (spice_bind, spice_ip_version)) if (netutils.IP6Address.IsValid(spice_bind) and spice_ip_version != constants.IP6_VERSION): - raise errors.HypervisorError("spice: got an IPv6 address (%s), but" + raise errors.HypervisorError("SPICE: Got an IPv6 address (%s), but" " the specified IP version is %s" % (spice_bind, spice_ip_version)) else: @@ -2012,7 +2149,7 @@ class KVMHypervisor(hv_base.BaseHypervisor): # error if any of them is set without it. for param in _SPICE_ADDITIONAL_PARAMS: if hvparams[param]: - raise errors.HypervisorError("spice: %s requires %s to be set" % + raise errors.HypervisorError("SPICE: %s requires %s to be set" % (param, constants.HV_KVM_SPICE_BIND)) @classmethod @@ -2026,6 +2163,8 @@ class KVMHypervisor(hv_base.BaseHypervisor): """ super(KVMHypervisor, cls).ValidateParameters(hvparams) + kvm_path = hvparams[constants.HV_KVM_PATH] + security_model = hvparams[constants.HV_SECURITY_MODEL] if security_model == constants.HT_SM_USER: username = hvparams[constants.HV_SECURITY_DOMAIN] @@ -2034,32 +2173,52 @@ class KVMHypervisor(hv_base.BaseHypervisor): except KeyError: raise errors.HypervisorError("Unknown security domain user %s" % username) + vnc_bind_address = hvparams[constants.HV_VNC_BIND_ADDRESS] + if vnc_bind_address: + bound_to_addr = netutils.IP4Address.IsValid(vnc_bind_address) + is_interface = netutils.IsValidInterface(vnc_bind_address) + is_path = utils.IsNormAbsPath(vnc_bind_address) + if not bound_to_addr and not is_interface and not is_path: + raise errors.HypervisorError("VNC: The %s parameter must be either" + " a valid IP address, an interface name," + " or an absolute path" % + constants.HV_KVM_SPICE_BIND) spice_bind = hvparams[constants.HV_KVM_SPICE_BIND] if spice_bind: # only one of VNC and SPICE can be used currently. if hvparams[constants.HV_VNC_BIND_ADDRESS]: - raise errors.HypervisorError("both SPICE and VNC are configured, but" + raise errors.HypervisorError("Both SPICE and VNC are configured, but" " only one of them can be used at a" - " given time.") + " given time") - # KVM version should be >= 0.14.0 - _, v_major, v_min, _ = cls._GetKVMVersion() - if (v_major, v_min) < (0, 14): - raise errors.HypervisorError("spice is configured, but it is not" - " available in versions of KVM < 0.14") + # check that KVM supports SPICE + kvmhelp = cls._GetKVMOutput(kvm_path, cls._KVMOPT_HELP) + if not cls._SPICE_RE.search(kvmhelp): + raise errors.HypervisorError("SPICE is configured, but it is not" + " supported according to 'kvm --help'") # if spice_bind is not an IP address, it must be a valid interface - bound_to_addr = (netutils.IP4Address.IsValid(spice_bind) - or netutils.IP6Address.IsValid(spice_bind)) + bound_to_addr = (netutils.IP4Address.IsValid(spice_bind) or + netutils.IP6Address.IsValid(spice_bind)) if not bound_to_addr and not netutils.IsValidInterface(spice_bind): - raise errors.HypervisorError("spice: the %s parameter must be either" + raise errors.HypervisorError("SPICE: The %s parameter must be either" " a valid IP address or interface name" % constants.HV_KVM_SPICE_BIND) + machine_version = hvparams[constants.HV_KVM_MACHINE_VERSION] + if machine_version: + output = cls._GetKVMOutput(kvm_path, cls._KVMOPT_MLIST) + if not cls._CHECK_MACHINE_VERSION_RE(machine_version).search(output): + raise errors.HypervisorError("Unsupported machine version: %s" % + machine_version) + @classmethod - def PowercycleNode(cls): + def PowercycleNode(cls, hvparams=None): """KVM powercycle, just a wrapper over Linux powercycle. + @type hvparams: dict of strings + @param hvparams: hypervisor params to be used on this node + """ cls.LinuxPowercycle()