Synnefo » snf-ganeti

#

#

# Copyright (C) 2008, 2009, 2010, 2011, 2012, 2013 Google Inc.

#

# This program is free software; you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation; either version 2 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful, but

# WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

# General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA

# 02110-1301, USA.

"""KVM hypervisor

"""

import errno

import os

import os.path

import re

import tempfile

import time

import logging

import pwd

import struct

import fcntl

import shutil

import socket

import stat

import StringIO

from bitarray import bitarray

try:

  import affinity   # pylint: disable=F0401

except ImportError:

  affinity = None

try:

  import fdsend   # pylint: disable=F0401

except ImportError:

  fdsend = None

from ganeti import utils

from ganeti import constants

from ganeti import errors

from ganeti import serializer

from ganeti import objects

from ganeti import uidpool

from ganeti import ssconf

from ganeti import netutils

from ganeti import pathutils

from ganeti.hypervisor import hv_base

from ganeti.utils import wrapper as utils_wrapper

_KVM_NETWORK_SCRIPT = pathutils.CONF_DIR + "/kvm-vif-bridge"

_KVM_START_PAUSED_FLAG = "-S"

# TUN/TAP driver constants, taken from <linux/if_tun.h>

# They are architecture-independent and already hardcoded in qemu-kvm source,

# so we can safely include them here.

TUNSETIFF = 0x400454ca

TUNGETIFF = 0x800454d2

TUNGETFEATURES = 0x800454cf

IFF_TAP = 0x0002

IFF_NO_PI = 0x1000

IFF_VNET_HDR = 0x4000

#: SPICE parameters which depend on L{constants.HV_KVM_SPICE_BIND}

_SPICE_ADDITIONAL_PARAMS = frozenset([

  constants.HV_KVM_SPICE_IP_VERSION,

  constants.HV_KVM_SPICE_PASSWORD_FILE,

  constants.HV_KVM_SPICE_LOSSLESS_IMG_COMPR,

  constants.HV_KVM_SPICE_JPEG_IMG_COMPR,

  constants.HV_KVM_SPICE_ZLIB_GLZ_IMG_COMPR,

  constants.HV_KVM_SPICE_STREAMING_VIDEO_DETECTION,

  constants.HV_KVM_SPICE_USE_TLS,

  ])

# Constant bitarray that reflects to a free pci slot

# Use it with bitarray.search()

_AVAILABLE_PCI_SLOT = bitarray("0")

# below constants show the format of runtime file

# the nics are in second possition, while the disks in 4th (last)

# moreover disk entries are stored in tupples of L{objects.Disk}, dev_path

_KVM_NICS_RUNTIME_INDEX = 1

_KVM_DISKS_RUNTIME_INDEX = 3

_DEVICE_RUNTIME_INDEX = {

  constants.HOTPLUG_TARGET_DISK: _KVM_DISKS_RUNTIME_INDEX,

  constants.HOTPLUG_TARGET_NIC: _KVM_NICS_RUNTIME_INDEX

  }

_FIND_RUNTIME_ENTRY = {

  constants.HOTPLUG_TARGET_NIC:

    lambda nic, kvm_nics: [n for n in kvm_nics if n.uuid == nic.uuid],

  constants.HOTPLUG_TARGET_DISK:

    lambda disk, kvm_disks: [(d, l) for (d, l) in kvm_disks

                             if d.uuid == disk.uuid]

  }

_RUNTIME_DEVICE = {

  constants.HOTPLUG_TARGET_NIC: lambda d: d,

  constants.HOTPLUG_TARGET_DISK: lambda (d, e): d

  }

_RUNTIME_ENTRY = {

  constants.HOTPLUG_TARGET_NIC: lambda d, e: d,

  constants.HOTPLUG_TARGET_DISK: lambda d, e: (d, e)

  }

def _GenerateDeviceKVMId(dev_type, dev):

  """Helper function to generate a unique device name used by KVM

  QEMU monitor commands use names to identify devices. Here we use their pci

  slot and a part of their UUID to name them. dev.pci might be None for old

  devices in the cluster.

  @type dev_type: sting

  @param dev_type: device type of param dev

  @type dev: L{objects.Disk} or L{objects.NIC}

  @param dev: the device object for which we generate a kvm name

  @raise errors.HotplugError: in case a device has no pci slot (old devices)

  """

  if not dev.pci:

    raise errors.HotplugError("Hotplug is not supported for %s with UUID %s" %

                              (dev_type, dev.uuid))

  return "%s-%s-pci-%d" % (dev_type.lower(), dev.uuid.split("-")[0], dev.pci)

def _UpdatePCISlots(dev, pci_reservations):

  """Update pci configuration for a stopped instance

  If dev has a pci slot then reserve it, else find first available

  in pci_reservations bitarray. It acts on the same objects passed

  as params so there is no need to return anything.

  @type dev: L{objects.Disk} or L{objects.NIC}

  @param dev: the device object for which we update its pci slot

  @type pci_reservations: bitarray

  @param pci_reservations: existing pci reservations for an instance

  @raise errors.HotplugError: in case an instance has all its slot occupied

  """

  if dev.pci:

    free = dev.pci

  else: # pylint: disable=E1103

    [free] = pci_reservations.search(_AVAILABLE_PCI_SLOT, 1)

    if not free:

      raise errors.HypervisorError("All PCI slots occupied")

    dev.pci = int(free)

  pci_reservations[free] = True

def _GetExistingDeviceInfo(dev_type, device, runtime):

  """Helper function to get an existing device inside the runtime file

  Used when an instance is running. Load kvm runtime file and search

  for a device based on its type and uuid.

  @type dev_type: sting

  @param dev_type: device type of param dev

  @type device: L{objects.Disk} or L{objects.NIC}

  @param device: the device object for which we generate a kvm name

  @type runtime: tuple (cmd, nics, hvparams, disks)

  @param runtime: the runtime data to search for the device

  @raise errors.HotplugError: in case the requested device does not

    exist (e.g. device has been added without --hotplug option) or

    device info has not pci slot (e.g. old devices in the cluster)

  """

  index = _DEVICE_RUNTIME_INDEX[dev_type]

  found = _FIND_RUNTIME_ENTRY[dev_type](device, runtime[index])

  if not found:

    raise errors.HotplugError("Cannot find runtime info for %s with UUID %s" %

                              (dev_type, device.uuid))

  return found[0]

def _AnalyzeSerializedRuntime(serialized_runtime):

  """Return runtime entries for a serialized runtime file

  @type serialized_runtime: string

  @param serialized_runtime: raw text data read from actual runtime file

  @return: (cmd, nics, hvparams, bdevs)

  @rtype: list

  """

  loaded_runtime = serializer.Load(serialized_runtime)

  if len(loaded_runtime) == 3:

    serialized_blockdevs = []

    kvm_cmd, serialized_nics, hvparams = loaded_runtime

  else:

    kvm_cmd, serialized_nics, hvparams, serialized_blockdevs = loaded_runtime

  kvm_nics = [objects.NIC.FromDict(snic) for snic in serialized_nics]

  block_devices = [(objects.Disk.FromDict(sdisk), link)

                   for sdisk, link in serialized_blockdevs]

  return (kvm_cmd, kvm_nics, hvparams, block_devices)

def _GetTunFeatures(fd, _ioctl=fcntl.ioctl):

  """Retrieves supported TUN features from file descriptor.

  @see: L{_ProbeTapVnetHdr}

  """

  req = struct.pack("I", 0)

  try:

    buf = _ioctl(fd, TUNGETFEATURES, req)

  except EnvironmentError, err:

    logging.warning("ioctl(TUNGETFEATURES) failed: %s", err)

    return None

  else:

    (flags, ) = struct.unpack("I", buf)

    return flags

def _ProbeTapVnetHdr(fd, _features_fn=_GetTunFeatures):

  """Check whether to enable the IFF_VNET_HDR flag.

  To do this, _all_ of the following conditions must be met:

   1. TUNGETFEATURES ioctl() *must* be implemented

   2. TUNGETFEATURES ioctl() result *must* contain the IFF_VNET_HDR flag

   3. TUNGETIFF ioctl() *must* be implemented; reading the kernel code in

      drivers/net/tun.c there is no way to test this until after the tap device

      has been created using TUNSETIFF, and there is no way to change the

      IFF_VNET_HDR flag after creating the interface, catch-22! However both

      TUNGETIFF and TUNGETFEATURES were introduced in kernel version 2.6.27,

      thus we can expect TUNGETIFF to be present if TUNGETFEATURES is.

   @type fd: int

   @param fd: the file descriptor of /dev/net/tun

  """

  flags = _features_fn(fd)

  if flags is None:

    # Not supported

    return False

  result = bool(flags & IFF_VNET_HDR)

  if not result:

    logging.warning("Kernel does not support IFF_VNET_HDR, not enabling")

  return result

def _OpenTap(vnet_hdr=True):

  """Open a new tap device and return its file descriptor.

  This is intended to be used by a qemu-type hypervisor together with the -net

  tap,fd=<fd> command line parameter.

  @type vnet_hdr: boolean

  @param vnet_hdr: Enable the VNET Header

  @return: (ifname, tapfd)

  @rtype: tuple

  """

  try:

    tapfd = os.open("/dev/net/tun", os.O_RDWR)

  except EnvironmentError:

    raise errors.HypervisorError("Failed to open /dev/net/tun")

  flags = IFF_TAP | IFF_NO_PI

  if vnet_hdr and _ProbeTapVnetHdr(tapfd):

    flags |= IFF_VNET_HDR

  # The struct ifreq ioctl request (see netdevice(7))

  ifr = struct.pack("16sh", "", flags)

  try:

    res = fcntl.ioctl(tapfd, TUNSETIFF, ifr)

  except EnvironmentError, err:

    raise errors.HypervisorError("Failed to allocate a new TAP device: %s" %

                                 err)

  # Get the interface name from the ioctl

  ifname = struct.unpack("16sh", res)[0].strip("\x00")

  return (ifname, tapfd)

class QmpMessage:

  """QEMU Messaging Protocol (QMP) message.

  """

  def __init__(self, data):

    """Creates a new QMP message based on the passed data.

    """

    if not isinstance(data, dict):

      raise TypeError("QmpMessage must be initialized with a dict")

    self.data = data

  def __getitem__(self, field_name):

    """Get the value of the required field if present, or None.

    Overrides the [] operator to provide access to the message data,

    returning None if the required item is not in the message

    @return: the value of the field_name field, or None if field_name

             is not contained in the message

    """

    return self.data.get(field_name, None)

  def __setitem__(self, field_name, field_value):

    """Set the value of the required field_name to field_value.

    """

    self.data[field_name] = field_value

  @staticmethod

  def BuildFromJsonString(json_string):

    """Build a QmpMessage from a JSON encoded string.

    @type json_string: str

    @param json_string: JSON string representing the message

    @rtype: L{QmpMessage}

    @return: a L{QmpMessage} built from json_string

    """

    # Parse the string

    data = serializer.LoadJson(json_string)

    return QmpMessage(data)

  def __str__(self):

    # The protocol expects the JSON object to be sent as a single line.

    return serializer.DumpJson(self.data)

  def __eq__(self, other):

    # When comparing two QmpMessages, we are interested in comparing

    # their internal representation of the message data

    return self.data == other.data

class QmpConnection:

  """Connection to the QEMU Monitor using the QEMU Monitor Protocol (QMP).

  """

  _FIRST_MESSAGE_KEY = "QMP"

  _EVENT_KEY = "event"

  _ERROR_KEY = "error"

  _RETURN_KEY = RETURN_KEY = "return"

  _ACTUAL_KEY = ACTUAL_KEY = "actual"

  _ERROR_CLASS_KEY = "class"

  _ERROR_DATA_KEY = "data"

  _ERROR_DESC_KEY = "desc"

  _EXECUTE_KEY = "execute"

  _ARGUMENTS_KEY = "arguments"

  _CAPABILITIES_COMMAND = "qmp_capabilities"

  _MESSAGE_END_TOKEN = "\r\n"

  _SOCKET_TIMEOUT = 5

  def __init__(self, monitor_filename):

    """Instantiates the QmpConnection object.

    @type monitor_filename: string

    @param monitor_filename: the filename of the UNIX raw socket on which the

                             QMP monitor is listening

    """

    self.monitor_filename = monitor_filename

    self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)

    # We want to fail if the server doesn't send a complete message

    # in a reasonable amount of time

    self.sock.settimeout(self._SOCKET_TIMEOUT)

    self._connected = False

    self._buf = ""

  def _check_socket(self):

    sock_stat = None

    try:

      sock_stat = os.stat(self.monitor_filename)

    except EnvironmentError, err:

      if err.errno == errno.ENOENT:

        raise errors.HypervisorError("No qmp socket found")

      else:

        raise errors.HypervisorError("Error checking qmp socket: %s",

                                     utils.ErrnoOrStr(err))

    if not stat.S_ISSOCK(sock_stat.st_mode):

      raise errors.HypervisorError("Qmp socket is not a socket")

  def _check_connection(self):

    """Make sure that the connection is established.

    """

    if not self._connected:

      raise errors.ProgrammerError("To use a QmpConnection you need to first"

                                   " invoke connect() on it")

  def connect(self):

    """Connects to the QMP monitor.

    Connects to the UNIX socket and makes sure that we can actually send and

    receive data to the kvm instance via QMP.

    @raise errors.HypervisorError: when there are communication errors

    @raise errors.ProgrammerError: when there are data serialization errors

    """

    if self._connected:

      raise errors.ProgrammerError("Cannot connect twice")

    self._check_socket()

    # Check file existance/stuff

    try:

      self.sock.connect(self.monitor_filename)

    except EnvironmentError:

      raise errors.HypervisorError("Can't connect to qmp socket")

    self._connected = True

    # Check if we receive a correct greeting message from the server

    # (As per the QEMU Protocol Specification 0.1 - section 2.2)

    greeting = self._Recv()

    if not greeting[self._FIRST_MESSAGE_KEY]:

      self._connected = False

      raise errors.HypervisorError("kvm: QMP communication error (wrong"

                                   " server greeting")

    # Let's put the monitor in command mode using the qmp_capabilities

    # command, or else no command will be executable.

    # (As per the QEMU Protocol Specification 0.1 - section 4)

    self.Execute(self._CAPABILITIES_COMMAND)

  def _ParseMessage(self, buf):

    """Extract and parse a QMP message from the given buffer.

    Seeks for a QMP message in the given buf. If found, it parses it and

    returns it together with the rest of the characters in the buf.

    If no message is found, returns None and the whole buffer.

    @raise errors.ProgrammerError: when there are data serialization errors

    """

    message = None

    # Check if we got the message end token (CRLF, as per the QEMU Protocol

    # Specification 0.1 - Section 2.1.1)

    pos = buf.find(self._MESSAGE_END_TOKEN)

    if pos >= 0:

      try:

        message = QmpMessage.BuildFromJsonString(buf[:pos + 1])

      except Exception, err:

        raise errors.ProgrammerError("QMP data serialization error: %s" % err)

      buf = buf[pos + 1:]

    return (message, buf)

  def _Recv(self):

    """Receives a message from QMP and decodes the received JSON object.

    @rtype: QmpMessage

    @return: the received message

    @raise errors.HypervisorError: when there are communication errors

    @raise errors.ProgrammerError: when there are data serialization errors

    """

    self._check_connection()

    # Check if there is already a message in the buffer

    (message, self._buf) = self._ParseMessage(self._buf)

    if message:

      return message

    recv_buffer = StringIO.StringIO(self._buf)

    recv_buffer.seek(len(self._buf))

    try:

      while True:

        data = self.sock.recv(4096)

        if not data:

          break

        recv_buffer.write(data)

        (message, self._buf) = self._ParseMessage(recv_buffer.getvalue())

        if message:

          return message

    except socket.timeout, err:

      raise errors.HypervisorError("Timeout while receiving a QMP message: "

                                   "%s" % (err))

    except socket.error, err:

      raise errors.HypervisorError("Unable to receive data from KVM using the"

                                   " QMP protocol: %s" % err)

  def _Send(self, message):

    """Encodes and sends a message to KVM using QMP.

    @type message: QmpMessage

    @param message: message to send to KVM

    @raise errors.HypervisorError: when there are communication errors

    @raise errors.ProgrammerError: when there are data serialization errors

    """

    self._check_connection()

    try:

      message_str = str(message)

    except Exception, err:

      raise errors.ProgrammerError("QMP data deserialization error: %s" % err)

    try:

      self.sock.sendall(message_str)

    except socket.timeout, err:

      raise errors.HypervisorError("Timeout while sending a QMP message: "

                                   "%s (%s)" % (err.string, err.errno))

    except socket.error, err:

      raise errors.HypervisorError("Unable to send data from KVM using the"

                                   " QMP protocol: %s" % err)

  def Execute(self, command, arguments=None):

    """Executes a QMP command and returns the response of the server.

    @type command: str

    @param command: the command to execute

    @type arguments: dict

    @param arguments: dictionary of arguments to be passed to the command

    @rtype: dict

    @return: dictionary representing the received JSON object

    @raise errors.HypervisorError: when there are communication errors

    @raise errors.ProgrammerError: when there are data serialization errors

    """

    self._check_connection()

    message = QmpMessage({self._EXECUTE_KEY: command})

    if arguments:

      message[self._ARGUMENTS_KEY] = arguments

    self._Send(message)

    # Events can occur between the sending of the command and the reception

    # of the response, so we need to filter out messages with the event key.

    while True:

      response = self._Recv()

      err = response[self._ERROR_KEY]

      if err:

        raise errors.HypervisorError("kvm: error executing the %s"

                                     " command: %s (%s, %s):" %

                                     (command,

                                      err[self._ERROR_DESC_KEY],

                                      err[self._ERROR_CLASS_KEY],

                                      err[self._ERROR_DATA_KEY]))

      elif not response[self._EVENT_KEY]:

        return response

class KVMHypervisor(hv_base.BaseHypervisor):

  """KVM hypervisor interface

  """

  CAN_MIGRATE = True

  _ROOT_DIR = pathutils.RUN_DIR + "/kvm-hypervisor"

  _PIDS_DIR = _ROOT_DIR + "/pid" # contains live instances pids

  _UIDS_DIR = _ROOT_DIR + "/uid" # contains instances reserved uids

  _CTRL_DIR = _ROOT_DIR + "/ctrl" # contains instances control sockets

  _CONF_DIR = _ROOT_DIR + "/conf" # contains instances startup data

  _NICS_DIR = _ROOT_DIR + "/nic" # contains instances nic <-> tap associations

  _KEYMAP_DIR = _ROOT_DIR + "/keymap" # contains instances keymaps

  # KVM instances with chroot enabled are started in empty chroot directories.

  _CHROOT_DIR = _ROOT_DIR + "/chroot" # for empty chroot directories

  # After an instance is stopped, its chroot directory is removed.

  # If the chroot directory is not empty, it can't be removed.

  # A non-empty chroot directory indicates a possible security incident.

  # To support forensics, the non-empty chroot directory is quarantined in

  # a separate directory, called 'chroot-quarantine'.

  _CHROOT_QUARANTINE_DIR = _ROOT_DIR + "/chroot-quarantine"

  _DIRS = [_ROOT_DIR, _PIDS_DIR, _UIDS_DIR, _CTRL_DIR, _CONF_DIR, _NICS_DIR,

           _CHROOT_DIR, _CHROOT_QUARANTINE_DIR, _KEYMAP_DIR]

  PARAMETERS = {

    constants.HV_KVM_PATH: hv_base.REQ_FILE_CHECK,

    constants.HV_KERNEL_PATH: hv_base.OPT_FILE_CHECK,

    constants.HV_INITRD_PATH: hv_base.OPT_FILE_CHECK,

    constants.HV_ROOT_PATH: hv_base.NO_CHECK,

    constants.HV_KERNEL_ARGS: hv_base.NO_CHECK,

    constants.HV_ACPI: hv_base.NO_CHECK,

    constants.HV_SERIAL_CONSOLE: hv_base.NO_CHECK,

    constants.HV_SERIAL_SPEED: hv_base.NO_CHECK,

    constants.HV_VNC_BIND_ADDRESS:

      (False, lambda x: (netutils.IP4Address.IsValid(x) or

                         utils.IsNormAbsPath(x)),

       "The VNC bind address must be either a valid IP address or an absolute"

       " pathname", None, None),

    constants.HV_VNC_TLS: hv_base.NO_CHECK,

    constants.HV_VNC_X509: hv_base.OPT_DIR_CHECK,

    constants.HV_VNC_X509_VERIFY: hv_base.NO_CHECK,

    constants.HV_VNC_PASSWORD_FILE: hv_base.OPT_FILE_CHECK,

    constants.HV_KVM_SPICE_BIND: hv_base.NO_CHECK, # will be checked later

    constants.HV_KVM_SPICE_IP_VERSION:

      (False, lambda x: (x == constants.IFACE_NO_IP_VERSION_SPECIFIED or

                         x in constants.VALID_IP_VERSIONS),

       "The SPICE IP version should be 4 or 6",

       None, None),

    constants.HV_KVM_SPICE_PASSWORD_FILE: hv_base.OPT_FILE_CHECK,

    constants.HV_KVM_SPICE_LOSSLESS_IMG_COMPR:

      hv_base.ParamInSet(

        False, constants.HT_KVM_SPICE_VALID_LOSSLESS_IMG_COMPR_OPTIONS),

    constants.HV_KVM_SPICE_JPEG_IMG_COMPR:

      hv_base.ParamInSet(

        False, constants.HT_KVM_SPICE_VALID_LOSSY_IMG_COMPR_OPTIONS),

    constants.HV_KVM_SPICE_ZLIB_GLZ_IMG_COMPR:

      hv_base.ParamInSet(

        False, constants.HT_KVM_SPICE_VALID_LOSSY_IMG_COMPR_OPTIONS),

    constants.HV_KVM_SPICE_STREAMING_VIDEO_DETECTION:

      hv_base.ParamInSet(

        False, constants.HT_KVM_SPICE_VALID_VIDEO_STREAM_DETECTION_OPTIONS),

    constants.HV_KVM_SPICE_AUDIO_COMPR: hv_base.NO_CHECK,

    constants.HV_KVM_SPICE_USE_TLS: hv_base.NO_CHECK,

    constants.HV_KVM_SPICE_TLS_CIPHERS: hv_base.NO_CHECK,

    constants.HV_KVM_SPICE_USE_VDAGENT: hv_base.NO_CHECK,

    constants.HV_KVM_FLOPPY_IMAGE_PATH: hv_base.OPT_FILE_CHECK,

    constants.HV_CDROM_IMAGE_PATH: hv_base.OPT_FILE_CHECK,

    constants.HV_KVM_CDROM2_IMAGE_PATH: hv_base.OPT_FILE_CHECK,

    constants.HV_BOOT_ORDER:

      hv_base.ParamInSet(True, constants.HT_KVM_VALID_BO_TYPES),

    constants.HV_NIC_TYPE:

      hv_base.ParamInSet(True, constants.HT_KVM_VALID_NIC_TYPES),

    constants.HV_DISK_TYPE:

      hv_base.ParamInSet(True, constants.HT_KVM_VALID_DISK_TYPES),

    constants.HV_KVM_CDROM_DISK_TYPE:

      hv_base.ParamInSet(False, constants.HT_KVM_VALID_DISK_TYPES),

    constants.HV_USB_MOUSE:

      hv_base.ParamInSet(False, constants.HT_KVM_VALID_MOUSE_TYPES),

    constants.HV_KEYMAP: hv_base.NO_CHECK,

    constants.HV_MIGRATION_PORT: hv_base.REQ_NET_PORT_CHECK,

    constants.HV_MIGRATION_BANDWIDTH: hv_base.REQ_NONNEGATIVE_INT_CHECK,

    constants.HV_MIGRATION_DOWNTIME: hv_base.REQ_NONNEGATIVE_INT_CHECK,

    constants.HV_MIGRATION_MODE: hv_base.MIGRATION_MODE_CHECK,

    constants.HV_USE_LOCALTIME: hv_base.NO_CHECK,

    constants.HV_DISK_CACHE:

      hv_base.ParamInSet(True, constants.HT_VALID_CACHE_TYPES),

    constants.HV_SECURITY_MODEL:

      hv_base.ParamInSet(True, constants.HT_KVM_VALID_SM_TYPES),

    constants.HV_SECURITY_DOMAIN: hv_base.NO_CHECK,

    constants.HV_KVM_FLAG:

      hv_base.ParamInSet(False, constants.HT_KVM_FLAG_VALUES),

    constants.HV_VHOST_NET: hv_base.NO_CHECK,

    constants.HV_KVM_USE_CHROOT: hv_base.NO_CHECK,

    constants.HV_MEM_PATH: hv_base.OPT_DIR_CHECK,

    constants.HV_REBOOT_BEHAVIOR:

      hv_base.ParamInSet(True, constants.REBOOT_BEHAVIORS),

    constants.HV_CPU_MASK: hv_base.OPT_MULTI_CPU_MASK_CHECK,

    constants.HV_CPU_TYPE: hv_base.NO_CHECK,

    constants.HV_CPU_CORES: hv_base.OPT_NONNEGATIVE_INT_CHECK,

    constants.HV_CPU_THREADS: hv_base.OPT_NONNEGATIVE_INT_CHECK,

    constants.HV_CPU_SOCKETS: hv_base.OPT_NONNEGATIVE_INT_CHECK,

    constants.HV_SOUNDHW: hv_base.NO_CHECK,

    constants.HV_USB_DEVICES: hv_base.NO_CHECK,

    constants.HV_VGA: hv_base.NO_CHECK,

    constants.HV_KVM_EXTRA: hv_base.NO_CHECK,

    constants.HV_KVM_MACHINE_VERSION: hv_base.NO_CHECK,

    constants.HV_VNET_HDR: hv_base.NO_CHECK,

    }

  _VIRTIO = "virtio"

  _VIRTIO_NET_PCI = "virtio-net-pci"

  _VIRTIO_BLK_PCI = "virtio-blk-pci"

  _MIGRATION_STATUS_RE = re.compile("Migration\s+status:\s+(\w+)",

                                    re.M | re.I)

  _MIGRATION_PROGRESS_RE = \

    re.compile(r"\s*transferred\s+ram:\s+(?P<transferred>\d+)\s+kbytes\s*\n"

               r"\s*remaining\s+ram:\s+(?P<remaining>\d+)\s+kbytes\s*\n"

               r"\s*total\s+ram:\s+(?P<total>\d+)\s+kbytes\s*\n", re.I)

  _MIGRATION_INFO_MAX_BAD_ANSWERS = 5

  _MIGRATION_INFO_RETRY_DELAY = 2

  _VERSION_RE = re.compile(r"\b(\d+)\.(\d+)(\.(\d+))?\b")

  _CPU_INFO_RE = re.compile(r"cpu\s+\#(\d+).*thread_id\s*=\s*(\d+)", re.I)

  _CPU_INFO_CMD = "info cpus"

  _CONT_CMD = "cont"

  _DEFAULT_MACHINE_VERSION_RE = re.compile(r"^(\S+).*\(default\)", re.M)

  _CHECK_MACHINE_VERSION_RE = \

    staticmethod(lambda x: re.compile(r"^(%s)[ ]+.*PC" % x, re.M))

  _QMP_RE = re.compile(r"^-qmp\s", re.M)

  _SPICE_RE = re.compile(r"^-spice\s", re.M)

  _VHOST_RE = re.compile(r"^-net\s.*,vhost=on|off", re.M)

  _ENABLE_KVM_RE = re.compile(r"^-enable-kvm\s", re.M)

  _DISABLE_KVM_RE = re.compile(r"^-disable-kvm\s", re.M)

  _NETDEV_RE = re.compile(r"^-netdev\s", re.M)

  _DISPLAY_RE = re.compile(r"^-display\s", re.M)

  _MACHINE_RE = re.compile(r"^-machine\s", re.M)

  _VIRTIO_NET_RE = re.compile(r"^name \"%s\"" % _VIRTIO_NET_PCI, re.M)

  _VIRTIO_BLK_RE = re.compile(r"^name \"%s\"" % _VIRTIO_BLK_PCI, re.M)

  # match  -drive.*boot=on|off on different lines, but in between accept only

  # dashes not preceeded by a new line (which would mean another option

  # different than -drive is starting)

  _BOOT_RE = re.compile(r"^-drive\s([^-]|(?<!^)-)*,boot=on\|off", re.M | re.S)

  _INFO_PCI_RE = re.compile(r'Bus.*device[ ]*(\d+).*')

  _INFO_PCI_CMD = "info pci"

  _INFO_VERSION_RE = \

    re.compile(r'^QEMU (\d+)\.(\d+)(\.(\d+))?.*monitor.*', re.M)

  _INFO_VERSION_CMD = "info version"

  _DEFAULT_PCI_RESERVATIONS = "11110000000000000000000000000000"

  ANCILLARY_FILES = [

    _KVM_NETWORK_SCRIPT,

    ]

  ANCILLARY_FILES_OPT = [

    _KVM_NETWORK_SCRIPT,

    ]

  # Supported kvm options to get output from

  _KVMOPT_HELP = "help"

  _KVMOPT_MLIST = "mlist"

  _KVMOPT_DEVICELIST = "devicelist"

  # Command to execute to get the output from kvm, and whether to

  # accept the output even on failure.

  _KVMOPTS_CMDS = {

    _KVMOPT_HELP: (["--help"], False),

    _KVMOPT_MLIST: (["-M", "?"], False),

    _KVMOPT_DEVICELIST: (["-device", "?"], True),

  }

  def __init__(self):

    hv_base.BaseHypervisor.__init__(self)

    # Let's make sure the directories we need exist, even if the RUN_DIR lives

    # in a tmpfs filesystem or has been otherwise wiped out.

    dirs = [(dname, constants.RUN_DIRS_MODE) for dname in self._DIRS]

    utils.EnsureDirs(dirs)

  @classmethod

  def _InstancePidFile(cls, instance_name):

    """Returns the instance pidfile.

    """

    return utils.PathJoin(cls._PIDS_DIR, instance_name)

  @classmethod

  def _InstanceUidFile(cls, instance_name):

    """Returns the instance uidfile.

    """

    return utils.PathJoin(cls._UIDS_DIR, instance_name)

  @classmethod

  def _InstancePidInfo(cls, pid):

    """Check pid file for instance information.

    Check that a pid file is associated with an instance, and retrieve

    information from its command line.

    @type pid: string or int

    @param pid: process id of the instance to check

    @rtype: tuple

    @return: (instance_name, memory, vcpus)

    @raise errors.HypervisorError: when an instance cannot be found

    """

    alive = utils.IsProcessAlive(pid)

    if not alive:

      raise errors.HypervisorError("Cannot get info for pid %s" % pid)

    cmdline_file = utils.PathJoin("/proc", str(pid), "cmdline")

    try:

      cmdline = utils.ReadFile(cmdline_file)

    except EnvironmentError, err:

      raise errors.HypervisorError("Can't open cmdline file for pid %s: %s" %

                                   (pid, err))

    instance = None

    memory = 0

    vcpus = 0

    arg_list = cmdline.split("\x00")

    while arg_list:

      arg = arg_list.pop(0)

      if arg == "-name":

        instance = arg_list.pop(0)

      elif arg == "-m":

        memory = int(arg_list.pop(0))

      elif arg == "-smp":

        vcpus = int(arg_list.pop(0).split(",")[0])

    if instance is None:

      raise errors.HypervisorError("Pid %s doesn't contain a ganeti kvm"

                                   " instance" % pid)

    return (instance, memory, vcpus)

  def _InstancePidAlive(self, instance_name):

    """Returns the instance pidfile, pid, and liveness.

    @type instance_name: string

    @param instance_name: instance name

    @rtype: tuple

    @return: (pid file name, pid, liveness)

    """

    pidfile = self._InstancePidFile(instance_name)

    pid = utils.ReadPidFile(pidfile)

    alive = False

    try:

      cmd_instance = self._InstancePidInfo(pid)[0]

      alive = (cmd_instance == instance_name)

    except errors.HypervisorError:

      pass

    return (pidfile, pid, alive)

  def _CheckDown(self, instance_name):

    """Raises an error unless the given instance is down.

    """

    alive = self._InstancePidAlive(instance_name)[2]

    if alive:

      raise errors.HypervisorError("Failed to start instance %s: %s" %

                                   (instance_name, "already running"))

  @classmethod

  def _InstanceMonitor(cls, instance_name):

    """Returns the instance monitor socket name

    """

    return utils.PathJoin(cls._CTRL_DIR, "%s.monitor" % instance_name)

  @classmethod

  def _InstanceSerial(cls, instance_name):

    """Returns the instance serial socket name

    """

    return utils.PathJoin(cls._CTRL_DIR, "%s.serial" % instance_name)

  @classmethod

  def _InstanceQmpMonitor(cls, instance_name):

    """Returns the instance serial QMP socket name

    """

    return utils.PathJoin(cls._CTRL_DIR, "%s.qmp" % instance_name)

  @staticmethod

  def _SocatUnixConsoleParams():

    """Returns the correct parameters for socat

    If we have a new-enough socat we can use raw mode with an escape character.

    """

    if constants.SOCAT_USE_ESCAPE:

      return "raw,echo=0,escape=%s" % constants.SOCAT_ESCAPE_CODE

    else:

      return "echo=0,icanon=0"

  @classmethod

  def _InstanceKVMRuntime(cls, instance_name):

    """Returns the instance KVM runtime filename

    """

    return utils.PathJoin(cls._CONF_DIR, "%s.runtime" % instance_name)

  @classmethod

  def _InstanceChrootDir(cls, instance_name):

    """Returns the name of the KVM chroot dir of the instance

    """

    return utils.PathJoin(cls._CHROOT_DIR, instance_name)

  @classmethod

  def _InstanceNICDir(cls, instance_name):

    """Returns the name of the directory holding the tap device files for a

    given instance.

    """

    return utils.PathJoin(cls._NICS_DIR, instance_name)

  @classmethod

  def _InstanceNICFile(cls, instance_name, seq):

    """Returns the name of the file containing the tap device for a given NIC

    """

    return utils.PathJoin(cls._InstanceNICDir(instance_name), str(seq))

  @classmethod

  def _InstanceKeymapFile(cls, instance_name):

    """Returns the name of the file containing the keymap for a given instance

    """

    return utils.PathJoin(cls._KEYMAP_DIR, instance_name)

  @classmethod

  def _TryReadUidFile(cls, uid_file):

    """Try to read a uid file

    """

    if os.path.exists(uid_file):

      try:

        uid = int(utils.ReadOneLineFile(uid_file))

        return uid

      except EnvironmentError:

        logging.warning("Can't read uid file", exc_info=True)

      except (TypeError, ValueError):

        logging.warning("Can't parse uid file contents", exc_info=True)

    return None

  @classmethod

  def _RemoveInstanceRuntimeFiles(cls, pidfile, instance_name):

    """Removes an instance's rutime sockets/files/dirs.

    """

    utils.RemoveFile(pidfile)

    utils.RemoveFile(cls._InstanceMonitor(instance_name))

    utils.RemoveFile(cls._InstanceSerial(instance_name))

    utils.RemoveFile(cls._InstanceQmpMonitor(instance_name))

    utils.RemoveFile(cls._InstanceKVMRuntime(instance_name))

    utils.RemoveFile(cls._InstanceKeymapFile(instance_name))

    uid_file = cls._InstanceUidFile(instance_name)

    uid = cls._TryReadUidFile(uid_file)

    utils.RemoveFile(uid_file)

    if uid is not None:

      uidpool.ReleaseUid(uid)

    try:

      shutil.rmtree(cls._InstanceNICDir(instance_name))

    except OSError, err:

      if err.errno != errno.ENOENT:

        raise

    try:

      chroot_dir = cls._InstanceChrootDir(instance_name)

      utils.RemoveDir(chroot_dir)

    except OSError, err:

      if err.errno == errno.ENOTEMPTY:

        # The chroot directory is expected to be empty, but it isn't.

        new_chroot_dir = tempfile.mkdtemp(dir=cls._CHROOT_QUARANTINE_DIR,

                                          prefix="%s-%s-" %

                                          (instance_name,

                                           utils.TimestampForFilename()))

        logging.warning("The chroot directory of instance %s can not be"

                        " removed as it is not empty. Moving it to the"

                        " quarantine instead. Please investigate the"

                        " contents (%s) and clean up manually",

                        instance_name, new_chroot_dir)

        utils.RenameFile(chroot_dir, new_chroot_dir)

      else:

        raise

  @staticmethod

  def _ConfigureNIC(instance, seq, nic, tap):

    """Run the network configuration script for a specified NIC

    @param instance: instance we're acting on

    @type instance: instance object

    @param seq: nic sequence number

    @type seq: int

    @param nic: nic we're acting on

    @type nic: nic object

    @param tap: the host's tap interface this NIC corresponds to

    @type tap: str

    """

    if instance.tags:

      tags = " ".join(instance.tags)

    else:

      tags = ""

    env = {

      "PATH": "%s:/sbin:/usr/sbin" % os.environ["PATH"],

      "INSTANCE": instance.name,

      "MAC": nic.mac,

      "MODE": nic.nicparams[constants.NIC_MODE],

      "INTERFACE": tap,

      "INTERFACE_INDEX": str(seq),

      "TAGS": tags,

    }

    if nic.ip:

      env["IP"] = nic.ip

    if nic.nicparams[constants.NIC_LINK]:

      env["LINK"] = nic.nicparams[constants.NIC_LINK]

    if nic.network:

      n = objects.Network.FromDict(nic.netinfo)

      env.update(n.HooksDict())

    if nic.nicparams[constants.NIC_MODE] == constants.NIC_MODE_BRIDGED:

      env["BRIDGE"] = nic.nicparams[constants.NIC_LINK]

    result = utils.RunCmd([pathutils.KVM_IFUP, tap], env=env)

    if result.failed:

      raise errors.HypervisorError("Failed to configure interface %s: %s;"

                                   " network configuration script output: %s" %

                                   (tap, result.fail_reason, result.output))

  @staticmethod

  def _VerifyAffinityPackage():

    if affinity is None:

      raise errors.HypervisorError("affinity Python package not"

                                   " found; cannot use CPU pinning under KVM")

  @staticmethod

  def _BuildAffinityCpuMask(cpu_list):

    """Create a CPU mask suitable for sched_setaffinity from a list of

    CPUs.

    See man taskset for more info on sched_setaffinity masks.

    For example: [ 0, 2, 5, 6 ] will return 101 (0x65, 0..01100101).

    @type cpu_list: list of int

    @param cpu_list: list of physical CPU numbers to map to vCPUs in order

    @rtype: int

    @return: a bit mask of CPU affinities

    """

    if cpu_list == constants.CPU_PINNING_OFF:

      return constants.CPU_PINNING_ALL_KVM

    else:

      return sum(2 ** cpu for cpu in cpu_list)

  @classmethod

  def _AssignCpuAffinity(cls, cpu_mask, process_id, thread_dict):

    """Change CPU affinity for running VM according to given CPU mask.

    @param cpu_mask: CPU mask as given by the user. e.g. "0-2,4:all:1,3"

    @type cpu_mask: string

    @param process_id: process ID of KVM process. Used to pin entire VM

                       to physical CPUs.

    @type process_id: int

    @param thread_dict: map of virtual CPUs to KVM thread IDs

    @type thread_dict: dict int:int

    """

    # Convert the string CPU mask to a list of list of int's

    cpu_list = utils.ParseMultiCpuMask(cpu_mask)

    if len(cpu_list) == 1:

      all_cpu_mapping = cpu_list[0]

      if all_cpu_mapping == constants.CPU_PINNING_OFF:

        # If CPU pinning has 1 entry that's "all", then do nothing

        pass

      else:

        # If CPU pinning has one non-all entry, map the entire VM to

        # one set of physical CPUs

        cls._VerifyAffinityPackage()

        affinity.set_process_affinity_mask(

          process_id, cls._BuildAffinityCpuMask(all_cpu_mapping))

    else:

      # The number of vCPUs mapped should match the number of vCPUs

      # reported by KVM. This was already verified earlier, so

      # here only as a sanity check.

      assert len(thread_dict) == len(cpu_list)

      cls._VerifyAffinityPackage()

      # For each vCPU, map it to the proper list of physical CPUs

      for vcpu, i in zip(cpu_list, range(len(cpu_list))):

        affinity.set_process_affinity_mask(thread_dict[i],