[libvirt] [PATCH v1 2/2] network: Introduce start and shutdown hooks

Daniel P. Berrange berrange at redhat.com
Mon Feb 3 11:40:19 UTC 2014


On Mon, Feb 03, 2014 at 12:36:32PM +0100, Michal Privoznik wrote:
> On 31.01.2014 17:43, Michal Privoznik wrote:
> >There might be some use cases, where user wants to prepare the host or
> >its environment prior to starting a network and do some cleanup after
> >the network has been shut down. Consider all the functionality that
> >libvirt doesn't currently have as an example what a hook script can
> >possibly do.
> >
> >Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> >---
> >  docs/hooks.html.in          | 43 +++++++++++++++++++++++++++++--------------
> >  src/network/bridge_driver.c | 29 +++++++++++++++++++++++++++++
> >  src/util/virhook.c          | 10 +++++++++-
> >  src/util/virhook.h          |  8 ++++++++
> >  4 files changed, 75 insertions(+), 15 deletions(-)
> >
> 
> >diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
> >index 53c2274..2bca5bc 100644
> >--- a/src/network/bridge_driver.c
> >+++ b/src/network/bridge_driver.c
> >@@ -71,6 +71,7 @@
> >  #include "virstring.h"
> >  #include "viraccessapicheck.h"
> >  #include "network_event.h"
> >+#include "virhook.h"
> >
> >  #define VIR_FROM_THIS VIR_FROM_NETWORK
> >
> >@@ -2011,6 +2012,23 @@ networkStartNetwork(virNetworkDriverStatePtr driver,
> >      if (virNetworkObjSetDefTransient(network, true) < 0)
> >          goto cleanup;
> >
> >+    /* Run an early hook to set-up missing devices */
> >+    if (virHookPresent(VIR_HOOK_DRIVER_NETWORK)) {
> >+        char *xml = virNetworkDefFormat(network->def, 0);
> >+        int hookret;
> >+
> >+        hookret = virHookCall(VIR_HOOK_DRIVER_NETWORK, network->def->name,
> >+                              VIR_HOOK_NETWORK_OP_START, VIR_HOOK_SUBOP_BEGIN,
> >+                              NULL, xml, NULL);
> >+        VIR_FREE(xml);
> >+
> >+        /*
> >+         * If the script raised an error abort the launch
> >+         */
> >+        if (hookret < 0)
> >+            goto cleanup;
> >+    }
> >+
> >      switch (network->def->forward.type) {
> 
> I've just realized, that if the hook is going to be used to
> insert/delete some iptables rules or some tc work, maybe it's
> desired to have yet another hook that is executed *after*
> networkStartNetworkVirtual or networkStartNetworkExternal. Moreover,
> do we want to taint such networks that use hook scripts (bearing in
> mind that we don't do nothing like that for domains)? Any thoughts?

We use 'tainting' as a way to identify anything which could alter the
operation/behaviour of the VM in a way that isn't obvious from the XML
config. As such I'd say that use of hooks should cause tainting, and
likewise we should have a tainting concept for networks too.

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|




More information about the libvir-list mailing list