[libvirt] [PATCH v3] nwfilter: extend nwfilter reload support

Mon Aug 16 16:09:48 UTC 2010

On Fri, Aug 13, 2010 at 04:36:32PM -0400, Stefan Berger wrote:
> 
> 
> This time with a proper title.
> 
> v3:
>     - Fixed an indentation problem
> 
>     - added bool parameter to function terminating the IP address 
> learner threads to determine whether future threads may still run 
> (needed in case of driver reload) or all must terminate (need in case of 
> libvirtd termination)
> 
> v2:
> 
>     - Fixes to the nwfilter driver reload function that also needs a 
> valid virConnectPtr.
> 
> In this patch I am extending and fixing the nwfilter module's reload 
> support to stop all ongoing threads (for learning IP addresses of 
> interfaces) and rebuild the filtering rules of all interfaces of all VMs 
> when libvirt is started. Now libvirtd rebuilds the filters upon the 
> SIGHUP signal and libvirtd restart.
> 
> About the patch: The nwfilter functions require a virConnectPtr. 
> Therefore I am opening a connection in qemudStartup, which later on 
> needs to be closed outside where the driver lock is held since otherwise 
> it ends up in a deadlock due to virConnectClose() trying to lock the 
> driver as well.
> 
> I have tested this now for a while with several machines running and 
> needing the IP address learner thread(s). The rebuilding of the firewall 
> rules seems to work fine following libvirtd restart or a SIGHUP. Also 
> the termination of libvirtd worked fine.
> 
> 
> Signed-off-by: Stefan Berger<stefanb at us.ibm.com>
> 
> ---
>  src/nwfilter/nwfilter_driver.c      |   21 +++++++++++---
>  src/nwfilter/nwfilter_learnipaddr.c |   16 ++++++++---
>  src/nwfilter/nwfilter_learnipaddr.h |    1
>  src/qemu/qemu_driver.c              |   52 
> +++++++++++++++++++++++++++++++++---
>  4 files changed, 77 insertions(+), 13 deletions(-)
> 
> Index: libvirt-acl/src/nwfilter/nwfilter_driver.c
> ===================================================================
> --- libvirt-acl.orig/src/nwfilter/nwfilter_driver.c
> +++ libvirt-acl/src/nwfilter/nwfilter_driver.c
> @@ -143,15 +143,26 @@ conf_init_err:
>   */
>  static int
>  nwfilterDriverReload(void) {
> +    virConnectPtr conn;
> +
>      if (!driverState) {
>          return -1;
>      }
> 
> -    nwfilterDriverLock(driverState);
> -    virNWFilterPoolLoadAllConfigs(NULL,
> - &driverState->pools,
> -                                  driverState->configDir);
> -    nwfilterDriverUnlock(driverState);
> +    conn = virConnectOpen("qemu:///system");
> +
> +    if (conn) {
> +        /* shut down all threads -- qemud for example will restart them */
> +        virNWFilterLearnThreadsTerminate(true);
> +
> +        nwfilterDriverLock(driverState);
> +        virNWFilterPoolLoadAllConfigs(conn,
> + &driverState->pools,
> +                                      driverState->configDir);
> +        nwfilterDriverUnlock(driverState);
> +
> +        virConnectClose(conn);
> +    }

This identation still seems to be wrong - so was the code being
replaced. ACK aside from that

Daniel
-- 
|: Red Hat, Engineering, London    -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org        -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|