The libvirt qemu hypervisor driver has long supported protecting disk devices from concurrent use via libvirt's lock manager interface. Xen used to support the same functionality in the old xend toolstack, but dropped support in the new libxl toolstack. The Xen community decided, rightly so, that this functionality is best provided by a higher-level management tool, e.g. libvirt.

This project aims to provide integration between libvirt's lock manager and the libxl hypervisor driver, essentially reintroducing support for disk device protection in the Xen management stack.

Looking for hackers with the skills:

virtualization c

This project is part of:

Hack Week 12

Activity

  • over 9 years ago: mlatimer liked this project.
  • over 9 years ago: jfehlig added keyword "c" to this project.
  • over 9 years ago: jfehlig added keyword "virtualization" to this project.
  • over 9 years ago: jfehlig started this project.
  • over 9 years ago: jfehlig originated this project.

  • Comments

    • jfehlig
      over 9 years ago by jfehlig | Reply

      I've made quite a bit of progress on this project thus far. First I had to introduce a conf file (/etc/libvirt/libxl.conf) to control behavior of the libxl driver. I needed to add a knob to go with the new conf file and decided on something simple: a bool to control autoballooning of domain0.

      On top of this patch I have a rather large patch that provides integration with libvirt's LockManager. sanlock or virtlockd can be used as the lock manager. Using virtlockd, I've been able to successfully prevent starting a domain on a host when the image used by the domain is in use by another domain on the same (or another) host.

      There is still lots of cleanup to do and corner cases to handle before I can send a V1 of the patch series to libvirt devel mail list. E.g. acquiring and dropping locks needs to be handled in migration, save, restore, pause, etc.

    • jfehlig
      over 9 years ago by jfehlig | Reply

      It has been a successful week for this project! I'm able to prevent starting a domain that contains a disk being used by another domain:

      host1 # virsh create sles12pv.xml

      Domain sles12gm-pv created from sles12pv.xml

      host2 # virsh create sles12pv.xml

      error: Failed to create domain from sles12pv.xml

      And prevent attaching a disk that is being used by another domain:

      error: resource busy: Lockspace resource '/mnt1/sles12gm-pv/disk0.raw' is locked

      host1 # virsh attach-device sles12pv disk.xml --live

      Device attached successfully

      host2 # virsh attach-device sles12hvm disk.xml --live

      error: Failed to attach device from disk.xml

      error: resource busy: Lockspace resource '/mnt1/images/blank-raw.disk' is locked

      I had time to cleanup the patch series and make it presentable as a V1 upstream

      https://www.redhat.com/archives/libvir-list/2015-April/msg00845.html

    Similar Projects

    SUSE KVM Best Practices by roseswe

    Description

    SUSE Best Practices around KVM, especially for SAP workloads. Early Google presentation already made from various customer projects and SUSE sources.

    Goals

    Complete presentation we can reuse in SUSE Consulting projects

    Resources

    KVM (virt-manager) images

    SUSE/SAP/KVM Best Practices

    • https://documentation.suse.com/en-us/sles/15-SP6/single-html/SLES-virtualization/
    • SAP Note 1522993 - "Linux: SAP on SUSE KVM - Kernel-based Virtual Machine" && 2284516 - SAP HANA virtualized on SUSE Linux Enterprise hypervisors https://me.sap.com/notes/2284516
    • SUSECon24: [TUTORIAL-1253] Virtualizing SAP workloads with SUSE KVM || https://youtu.be/PTkpRVpX2PM
    • SUSE Best Practices for SAP HANA on KVM - https://documentation.suse.com/sbp/sap-15/html/SBP-SLES4SAP-HANAonKVM-SLES15SP4/index.html


    Contribute to terraform-provider-libvirt by pinvernizzi

    Description

    The SUSE Manager (SUMA) teams' main tool for infrastructure automation, Sumaform, largely relies on terraform-provider-libvirt. That provider is also widely used by other teams, both inside and outside SUSE.

    It would be good to help the maintainers of this project and give back to the community around it, after all the amazing work that has been already done.

    If you're interested in any of infrastructure automation, Terraform, virtualization, tooling development, Go (...) it is also a good chance to learn a bit about them all by putting your hands on an interesting, real-use-case and complex project.

    Goals

    • Get more familiar with Terraform provider development and libvirt bindings in Go
    • Solve some issues and/or implement some features
    • Get in touch with the community around the project

    Resources


    Harvester Packer Plugin by mrohrich

    Description

    Hashicorp Packer is an automation tool that allows automatic customized VM image builds - assuming the user has a virtualization tool at their disposal. To make use of Harvester as such a virtualization tool a plugin for Packer needs to be written. With this plugin users could make use of their Harvester cluster to build customized VM images, something they likely want to do if they have a Harvester cluster.

    Goals

    Write a Packer plugin bridging the gap between Harvester and Packer. Users should be able to create customized VM images using Packer and Harvester with no need to utilize another virtualization platform.

    Resources

    Hashicorp documentation for building custom plugins for Packer https://developer.hashicorp.com/packer/docs/plugins/creation/custom-builders

    Source repository of the Harvester Packer plugin https://github.com/m-ildefons/harvester-packer-plugin


    Extending KubeVirtBMC's capability by adding Redfish support by zchang

    Description

    In Hack Week 23, we delivered a project called KubeBMC (renamed to KubeVirtBMC now), which brings the good old-fashioned IPMI ways to manage virtual machines running on KubeVirt-powered clusters. This opens the possibility of integrating existing bare-metal provisioning solutions like Tinkerbell with virtualized environments. We even received an inquiry about transferring the project to the KubeVirt organization. So, a proposal was filed, which was accepted by the KubeVirt community, and the project was renamed after that. We have many tasks on our to-do list. Some of them are administrative tasks; some are feature-related. One of the most requested features is Redfish support.

    Goals

    Extend the capability of KubeVirtBMC by adding Redfish support. Currently, the virtbmc component only exposes IPMI endpoints. We need to implement another simulator to expose Redfish endpoints, as we did with the IPMI module. We aim at a basic set of functionalities:

    • Power management
    • Boot device selection
    • Virtual media mount (this one is not so basic add-emoji )

    Resources


    ESETv2 Emulator / interpreter by m.crivellari

    Description

    ESETv2 is an intriguing challenge developed by ESET, available on their website under the "Challenge" menu. The challenge involves an "assembly-like" language and a Python compiler that generates .evm binary files.

    This is an example using one of their samples (it prints N Fibonacci numbers):

    .dataSize 0
    .code
    
    loadConst 0, r1 # first
    loadConst 1, r2 # second
    
    loadConst 1, r14 # loop helper
    
    consoleRead r3
    
    loop:
        jumpEqual end, r3, r15
    
        add r1, r2, r4
        mov r2, r1
        mov r4, r2
    
        consoleWrite r1
    
        sub r3, r14, r3
        jump loop
    end:
    hlt
    

    This language also supports multi-threading. It includes instructions such as createThread to start a new thread, joinThread to wait until a thread completes, and lock/unlock to facilitate synchronization between threads.

    Goals

    • create a full interpreter able to run all the available samples provided by ESET.
    • improve / optimize memory (eg. using bitfields where needed as well as avoid unnecessary memory allocations)

    Resources

    Achivements

    Project still not complete. Added lock / unlock instruction implementation but further debug is needed; there is a bug somewhere. Actually the code it works for almost all the examples in the samples folder. 1 of them is not yet runnable (due to a missing "write" opcode implementation), another will cause the bug to show up; still not investigated, anyhow.


    Add a machine-readable output to dmidecode by jdelvare

    Description

    There have been repeated requests for a machine-friendly dmidecode output over the last decade. During Hack Week 19, 5 years ago, I prepared the code to support alternative output formats, but didn't have the time to go further. Last year, Jiri Hnidek from Red Hat Linux posted a proof-of-concept implementation to add JSON output support. This is a fairly large pull request which needs to be carefully reviewed and tested.

    Goals

    Review Jiri's work and provide constructive feedback. Merge the code if acceptable. Evaluate the costs and benefits of using a library such as json-c.


    FastFileCheck work by pstivanin

    Description

    FastFileCheck is a high-performance, multithreaded file integrity checker for Linux. Designed for speed and efficiency, it utilizes parallel processing and a lightweight database to quickly hash and verify large volumes of files, ensuring their integrity over time.

    https://github.com/paolostivanin/FastFileCheck

    Goals

    • Release v1.0.0

    Design overwiew:

    • Main thread (producer): traverses directories and feeds the queue (one thread is more than enough for most use cases)
    • Dedicated consumer thread: manages queue and distributes work to threadpool
    • Worker threads: compute hashes in parallel

    This separation of concerns is efficient because:

    • Directory traversal is I/O bound and works well in a single thread
    • Queue management is centralized, preventing race conditions
    • Hash computation is CPU-intensive and properly parallelized


    FizzBuzz OS by mssola

    Project Description

    FizzBuzz OS (or just fbos) is an idea I've had in order to better grasp the fundamentals of the low level of a RISC-V machine. In practice, I'd like to build a small Operating System kernel that is able to launch three processes: one that simply prints "Fizz", another that prints "Buzz", and the third which prints "FizzBuzz". These processes are unaware of each other and it's up to the kernel to schedule them by using the timer interrupts as given on openSBI (fizz on % 3 seconds, buzz on % 5 seconds, and fizzbuzz on % 15 seconds).

    This kernel provides just one system call, write, which allows any program to pass the string to be written into stdout.

    This project is free software and you can find it here.

    Goal for this Hackweek

    • Better understand the RISC-V SBI interface.
    • Better understand RISC-V in privileged mode.
    • Have fun.

    Resources

    Results

    The project was a resounding success add-emoji Lots of learning, and the initial target was met.