[libvirt RFCv8 00/27] multifd save restore prototype

Claudio Fontana cfontana at suse.de
Wed May 11 11:47:13 UTC 2022 

On 5/11/22 10:27 AM, Christophe Marie Francois Dupont de Dinechin wrote:
> 
> 
>> On 10 May 2022, at 20:38, Daniel P. Berrangé <berrange at redhat.com> wrote:
>>
>> On Sat, May 07, 2022 at 03:42:53PM +0200, Claudio Fontana wrote:
>>> This is v8 of the multifd save prototype, which fixes a few bugs,
>>> adds a few more code splits, and records the number of channels
>>> as well as the compression algorithm, so the restore command is
>>> more user-friendly.
>>>
>>> It is now possible to just say:
>>>
>>> virsh save mydomain /mnt/saves/mysave --parallel
>>>
>>> virsh restore /mnt/saves/mysave --parallel
>>>
>>> and things work with the default of 2 channels, no compression.
>>>
>>> It is also possible to say of course:
>>>
>>> virsh save mydomain /mnt/saves/mysave --parallel
>>>      --parallel-connections 16 --parallel-compression zstd
>>>
>>> virsh restore /mnt/saves/mysave --parallel
>>>
>>> and things also work fine, due to channels and compression
>>> being stored in the main save file.
>>
>> For the sake of people following along, the above commands will
>> result in creation of multiple files
>>
>>  /mnt/saves/mysave
>>  /mnt/saves/mysave.0
>>  /mnt/saves/mysave.1
>>  ....
>>  /mnt/saves/mysave.n
>>
>> Where 'n' is the number of threads used.
>>
>> Overall I'm not very happy with the approach of doing any of this
>> on the libvirt side.
>>
>> Backing up, we know that QEMU can directly save to disk faster than
>> libvirt can. We mitigated alot of that overhead with previous patches
>> to increase the pipe buffer size, but some still remains due to the
>> extra copies inherant in handing this off to libvirt.
>>
>> Using multifd on the libvirt side, IIUC, gets us better performance
>> than QEMU can manage if doing non-multifd write to file directly,
>> but we still have the extra copies in there due to the hand off
>> to libvirt. If QEMU were to be directly capable to writing to
>> disk with multifd, it should beat us again.
>>
>> As a result of how we integrate with QEMU multifd, we're taking the
>> approach of saving the state across multiple files, because it is
>> easier than trying to get multiple threads writing to the same file.
>> It could be solved by using file range locking on the save file.
>> eg a thread can reserve say 500 MB of space, fill it up, and then
>> reserve another 500 MB, etc, etc. It is a bit tedious though and
>> won't align nicely. eg a 1 GB huge page, would be 1 GB + a few
>> bytes of QEMU RAM ave state header.


I am not familiar enough to know if this approach would work with multifd without breaking
the existing format, maybe David could answer this.

> 
> First, I do not understand why you would write things that are
> not page-aligned to start with? (As an aside, I don’t know
> how any dirty tracking would work if you do not keep things
> page-aligned).

Yes, alignment is one issue I encountered, and that in my view would _still_ need to be solved,
and that is _whatever_ we put inside QEMU in the future,
as it breaks also any attempt to be more efficient (using alternative APIs to read/write etc),

and is the reason why iohelper is still needed in my patchset at all for the main file, causing one extra copy for the main channel.

The libvirt header, including metadata, domain xml etc, that wraps the QEMU VM ends at an arbitrary address, f.e:

00000000: 4c69 6276 6972 7451 656d 7564 5361 7665  LibvirtQemudSave
00000010: 0300 0000 5b13 0100 0100 0000 0000 0000  ....[...........
00000020: 3613 0000 0200 0000 0000 0000 0000 0000  6...............
00000030: 0000 0000 0000 0000 0000 0000 0000 0000  ................
00000040: 0000 0000 0000 0000 0000 0000 0000 0000  ................
00000050: 0000 0000 0000 0000 0000 0000 3c64 6f6d  ............<dom
00000060: 6169 6e20 7479 7065 3d27 6b76 6d27 3e0a  ain type='kvm'>.



000113a0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
000113b0: 0000 0000 0000 0051 4556 4d00 0000 0307  .......QEVM.....
000113c0: 0000 000d 7063 2d69 3434 3066 782d 362e  ....pc-i440fx-6.
000113d0: 3201 0000 0003 0372 616d 0000 0000 0000  2......ram......
000113e0: 0004 0000 0008 c00c 2004 0670 632e 7261  ........ ..pc.ra
000113f0: 6d00 0000 08c0 0000 0014 2f72 6f6d 4065  m........./rom at e
00011400: 7463 2f61 6370 692f 7461 626c 6573 0000  tc/acpi/tables..
00011410: 0000 0002 0000 0770 632e 6269 6f73 0000  .......pc.bios..
00011420: 0000 0004 0000 1f30 3030 303a 3030 3a30  .......0000:00:0
00011430: 322e 302f 7669 7274 696f 2d6e 6574 2d70  2.0/virtio-net-p
00011440: 6369 2e72 6f6d 0000 0000 0004 0000 0670  ci.rom.........p
00011450: 632e 726f 6d00 0000 0000 0200 0015 2f72  c.rom........./r
00011460: 6f6d 4065 7463 2f74 6162 6c65 2d6c 6f61  om at etc/table-loa
00011470: 6465 7200 0000 0000 0010 0012 2f72 6f6d  der........./rom
00011480: 4065 7463 2f61 6370 692f 7273 6470 0000  @etc/acpi/rsdp..
00011490: 0000 0000 1000 0000 0000 0000 0010 7e00  ..............~.
000114a0: 0000 0302 0000 0003 0000 0000 0000 2002  .............. .
000114b0: 0670 632e 7261 6d00 0000 0000 0000 3022  .pc.ram.......0"


in my view at the minimum we have to start by adding enough padding before starting the QEMU VM (QEVM magic)
to be at a page-aligned address.

I would add one patch to this effect to my prototype, as this should not be very controversial I think.

Regarding migrating the channels to a single file, with the suggestion of Daniel or some other method,
the obvious comment from me is if we have some way to know in advance the size of each channel that would be feasible,
but especially considering compression that seems pretty hard to know beforehand, so some trick is needed.


> 
> Could uffd_register_memory accept a memory range that is
> not aligned? If so, when? Should that be specified in the
> interface?
> 
> Second, instead of creating multiple files, why not write blocks
> at a location determined by an variable that you increment using
> atomic operations each time you need a new block? If you want to
> keep the blocks page-aligned in the file as well (which might help
> if you want to mmap the file at some point), then you need to
> build a map of the blocks that you tack at the end of the file.


Just wanted to throw the simplest idea in the basket,
where we could interleave the file with each channel writing, for example, 4 MB at a time at
a channel-specific offset, and again, starting at a nicely aligned address.

4MB being just an example here, it would need to be determined by the best balance considering nvme architecture and performance,
and could even be a parameter. Storage gurus could advise on this part.

The biggest issue there would be that the main channel does not have the same requirements like the other channels,
so likely we would waste space reserving for the main channel, as the "main" channel is much, much smaller than the others.

(Dave, could the size of the main channel be determined before the transfer roughly? Based on guest ram size?)

So the layout for a --parallel --parallel-connections 2 --parallel-interleave 4MB save _could_ be something like:

libvirt header 0 to 4MB-aligned address (most likely 0 to 4MB)
main channel ( 4MB to 20MB)
channel 0    (20MB to 24MB)
channel 1    (24MB to 28MB)
channel 0    (28MB to 32MB)
channel 1    (32MB to 36MB)
...

for example. The multifd helper could do this and feed the channels properly during save and restore...

Thanks,

CLaudio

> 
> There may be good reasons not to do it that way, of course, but
> I am not familiar enough with the problem to know them.
> 
>>
>> The other downside of multiple files is that it complicates life
>> for both libvirt and apps using libvirt. They need to be aware of
>> multiple files and move them around together. This is not a simple
>> as it might sound. For example, IIRC OpenStack would upload a save
>> image state into a glance bucket for later use. Well, now it needs
>> multiple distinct buckets and keep track of them all. It also means
>> we're forced to use the same concurrency level when restoring, which
>> is not neccessarily desirable if the host environment is different
>> when restoring. ie The original host might have had 8 CPUs, but the
>> new host might only have 4 available, or vica-verca.
>>
>>
>> I know it is appealing to do something on the libvirt side, because
>> it is quicker than getting an enhancement into new QEMU release. We
>> have been down this route before with the migration support in libvirt
>> in the past though, when we introduced the tunnelled live migration
>> in order to workaround QEMU's inability to do TLS encryption. I very
>> much regret that we ever did this, because tunnelled migration was
>> inherantly limited, so for example failed to work with multifd,
>> and failed to work with NBD based disk migration. In the end I did
>> what I should have done at the beginning and just added TLS support
>> to QEMU, making tunnelled migration obsolete, except we still have
>> to carry the code around in libvirt indefinitely due to apps using
>> it.
>>
>> So I'm very concerned about not having history repeat itself and
>> give us a long term burden for  a solution that turns out to be a
>> evolutionary dead end.
>>
>> I like the idea of parallel saving, but I really think we need to
>> implement this directly in QEMU, not libvirt. As previously
>> mentioned I think QEMU needs to get a 'file' migration protocol,
>> along with ability to directly map RAM  segments into fixed
>> positions in the file. The benefits are many
>>
>> - It will save & restore faster because we're eliminating data
>>   copies that libvirt imposes via the iohelper
>>
>> - It is simple for libvirt & mgmt apps as we still only
>>   have one file to manage
>>
>> - It is space efficient because if a guest dirties a
>>   memory page, we just overwrite the existing contents
>>   at the fixed location in the file, instead of appending
>>   new contents to the file
>>
>> - It will restore faster too because we only restore
>>   each memory page once, due to always overwriting the
>>   file in-place when the guest dirtied a page during save
>>
>> - It can save and restore with differing number of threads,
>>   and can even dynamically change the number of threads
>>   in the middle of the save/restore operation 
>>
>> As David G has pointed out the impl is not trivial on the QEMU
>> side, but from what I understand of the migration code, it is
>> certainly viable. Most importantly I think it puts us in a
>> better position for long term feature enhancements later by
>> taking the middle man (libvirt) out of the equation, letting
>> QEMU directly know what medium it is saving/restoring to/from.
>>
>>
>> With regards,
>> Daniel
>> -- 
>> |: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
>> |: https://libvirt.org         -o-            https://fstop138.berrange.com :|
>> |: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|
>>
>

More information about the libvir-list mailing list