Embed Size (px)
DESCRIPTION
China OpenStack User Group
Citation preview
Status
● First release on Dec 19 2005
● 1.0.0 in two weeks. (Finally)
● 25 maitainers/commiters.
● 200 ~ 300 patches per release
● Less than 300 APIs
Why libvirt?● Long term API/ABI/XML back-compact
● Portable between various HVs
● Hides complex interfaces of HV
● Hides HV's API changes
● Available on Linux, Solaris, Windows & OS-X
● Secure access (TLS, SASL, SSH, PolicyKit)
● Open, LGPLv2+ license
What libvirt manages
● Domain
● Virtual network
● Host network interface
● Node device
● Storage pool/volume
● Network filter
● Secret
Supported hypervisors
● QEMU/KVM
● XEN: XenD, XenStored, XM, libxenlight
● VMWare: ESX, GSX server, Workstation,
Player
● Linux container: LXC, OpenVZ
● Test, Remote
● UML, VirtualBox, Hyper-V, Parallels, etc
Virtual network
● Nat (dnsmasq/Radvd, iptables)
● Route
● Isolated
● Bridge (Open vSwitch, Macvtap)
● Host network interface passthrough (SR-IOV VFs pool)
Host network interface
● Based on netcf -> augeas
● Enumerate
● Management(ethernets, bonds, bridges, vlan interfaces)
● Transaction support – revert/commit config changes
● Report status (libnl, ioctl, sysfs)
Network filter
● iptables
● ebtables
● Ip6tables
● E.g. allow-incoming-ipv4 no-ip-multicast
Storage
● pool, volume
● fs (dir, fs, netfs)
● scsi
● Iscsi
● Disk
● lvm
● mpath
● sheepdog, rbd
Node device
● Enumerate host devices
● Backends (udev, HAL)
● vHBA create/destroy
Secret
● Encrypt storage
● Can be used to encrypt a storage volume or domain disk
● Only support qcow disks
Miscellaneous
● Hooks (Daemon, QEMU, LXC, Migration)
● Audit
● Security (Selinux/Apparmor, sVirt)
● Locking (libsanlock, POSIX fcntl)
● Zero-conf (Avahi)
● etc...
How to talk with QEMU
● Monitor (HMP, QMP)
● Guest agent monitor
● Serial/Parrell console
● Graphic console (vnc/spice)
● Network
Domain APIs (libvirt.h)
● Lifecyle (define/undefine, start/destroy, suspend/resume), list, lookup.
● Save, restore, core dump, suspend, resume
● Migration
● Snapshot (Internal/External, Disk-only/ System checkpoint/VM state)
● Guest resource management (memory, network, memory, cpu, NUMA tuning)
Domain APIs (libvirt.h)
● Host device passthrough
● Detach/reattach node devices
● Async events
● Node resource management (memory)
● APIs based on guest agent (E.g. S3/S4)
● Guest block/network I/O statistics
● ...more...
libvirt architecture
client
public API
remote
Node
libvirtdRPC
uri = “qemu://$hostname/system"
$URI
libvirt-qemu
monito
r
guestGuestagent
Agent m
onito
r
qem
u-k
vm
The stack
public API
KVM XEN ESX LXC UML ......
Network Storage Iface nwfilter Secret Nodedev
cgroup
devmap
netcf iptables ebtables tc libnl
lvm selinux sysfs udev HAL
iscsiadm ioctl libnuma numad sanlock qemu-img
libvirtd
virshvirsh bindings SNMP AMQP ......
Stuffs around
● Language bindings (Python, Perl, Ruby, Jave, OCaml, C#, PHP)
● Libvirt-snmp
● Libvirt-qpid
● Libvirt-cim
● l ibvirt-glib (libvirt-glib, libvirt-gconf, libvirt-gobject)
Stuffs around
● Virt-manager
● virt-viewer
● python-virtinst
● Libosinfo
● Libvirt-designer
● Libvirt-sandbox
● Gnome Boxes
Stuffs around
● Virt-manager, virt-viewer
● python-virtinst
● Libosinfo
● Libvirt-designer
● Libvirt-sandbox
● Gnome Boxes
● Eucalyptus, openstack
● Plugins for collectd, munin, Nagios, Zenoss
l ibguestfs● For accessing and modifying virtual machine
(VM) disk images
● View and edit files inside guests
● Scripting changes to VM
● Monitoring disk used/free statistics
● P2V, V2V
● Performing partial backups
● Cloning VMs, etc..
How libguestfs works
l ibguestfs
client
qemu
guestfsd
Linux kernel
Device orDisk image
Appliance
virt-v2v
● Convert VMs on XEN/ESX to RH virt stack
● Support guests of RHEL, Fedora, Windows
● Based on libguestfs and libvirt
How virt-v2v works
● Shutdown guest on source host
● Use libvirt to get domain XML config
● Copy storage
● Convert storage and modify XML
● Use libvirt to define and start the domain on dest host
The conversion - RHEL/FC
● Remove XEN/ESX specific stuffs (E.g.
xenpv kernel/drivers, VMWare tools)
● Install or update kernel, try best to let it
support virtio
● Update block and network drivers
Ongoing or TODO
● Snapshot improvements
● Storage driver improvements (glusterfs,
job, inotify)
● LXC driver improvements
● Persistent vHBA
● Migration with NPIV
● Associate storage with domain
● Improve device hotplug
Ongoing or TODO
● Lifecycle events for all objects
● Role based access control on all public APIs
● Isolate QEMU process with Linux Container
namespaces.
● APIs to expose host/hypervior's capabilities
● Etc...
