[libvirt] [PATCH 0/3] Forbid migration with cache != none

Daniel P. Berrange berrange at redhat.com
Tue Feb 21 16:25:37 UTC 2012


On Tue, Feb 21, 2012 at 05:17:20PM +0100, Jiri Denemark wrote:
> Migrating qemu domains with disks using cache != none is unsafe unless
> the disk images are stored on coherent clustered filesystem. Thus we
> forbid migrating such domains unless VIR_MIGRATE_UNSAFE flags is used.
> 
> This series uses similar aproach to forbidding unsafe PCI passthrough
> or disk format probing when we forbade those by default with the
> possibility to force them.
> 
> Domain configuration is only checked on source, which makes migrating
> affected domains from an old libvirt to the new one possible. Migrating
> back is impossible since destination libvirtd would complain about
> unknown flag (the flag is not filtered so it gets to the destination
> even though it's not really used there).
> 
> However, users of clustered filesystems now have to always pass the new
> flag to be able to migrate because libvirtd would think they are doing
> something unsafe. Perhaps we should provide a system wide (i.e.,
> /etc/libvirt/qemu.conf) tunable which would disable cache mode checking
> for all domains at once?

I think we should add a virStorageFileIsClusterFS(const char *path)
and whitelist the filesystem magic that we know is ok. I expect GFS,
GFS2, OCFS2 would be a good starting point. We already do this for
virStorageFileIsSharedFS() in migration, so this is no worse


Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|




More information about the libvir-list mailing list