[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] Allow a user-settable number of VNC autoports.



On Thu, Mar 11, 2010 at 06:00:55PM -0500, Chris Lalancette wrote:
> Currently we have a hard-coded maximum of 100 VNC autoports
> that the qemu driver can use.  This may not be enough for
> running large numbers of guests on larger machines.
> However, we don't necessarily necessarily want to make
> it an open-ended number; that could lead to Denial of
> Service.  Allow a user-settable option to control the
> number of autoports we will assign.  The default is still
> 100, but now users can increase that if they wish.
> 
> Signed-off-by: Chris Lalancette <clalance redhat com>
> ---
>  src/qemu/libvirtd_qemu.aug      |    3 +++
>  src/qemu/qemu.conf              |    4 ++++
>  src/qemu/qemu_conf.c            |    6 ++++++
>  src/qemu/qemu_conf.h            |    2 ++
>  src/qemu/qemu_driver.c          |    5 +++--
>  src/qemu/test_libvirtd_qemu.aug |   14 ++++++++++++++
>  6 files changed, 32 insertions(+), 2 deletions(-)
> 
> diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
> index 5bd60b3..0dd89ae 100644
> --- a/src/qemu/libvirtd_qemu.aug
> +++ b/src/qemu/libvirtd_qemu.aug
> @@ -13,11 +13,13 @@ module Libvirtd_qemu =
>  
>     let str_val = del /\"/ "\"" . store /[^\"]*/ . del /\"/ "\""
>     let bool_val = store /0|1/
> +   let int_val = store /[0-9]+/
>     let str_array_element = [ seq "el" . str_val ] . del /[ \t\n]*/ ""
>     let str_array_val = counter "el" . array_start . ( str_array_element . ( array_sep . str_array_element ) * ) ? . array_end
>  
>     let str_entry       (kw:string) = [ key kw . value_sep . str_val ]
>     let bool_entry      (kw:string) = [ key kw . value_sep . bool_val ]
> +   let int_entry       (kw:string) = [ key kw . value_sep . int_val ]
>     let str_array_entry (kw:string) = [ key kw . value_sep . str_array_val ]
>  
>  
> @@ -29,6 +31,7 @@ module Libvirtd_qemu =
>                   | str_entry "vnc_password"
>                   | bool_entry "vnc_sasl"
>                   | str_entry "vnc_sasl_dir"
> +                 | int_entry "vnc_max_connections"
>                   | str_entry "security_driver"
>                   | str_entry "user"
>                   | str_entry "group"
> diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
> index 3da332f..edcf083 100644
> --- a/src/qemu/qemu.conf
> +++ b/src/qemu/qemu.conf
> @@ -79,6 +79,10 @@
>  # vnc_sasl_dir = "/some/directory/sasl2"
>  
>  
> +# The maximum number of VNC connections we will allow.  Once
> +# libvirtd has created this many qemu guests with VNC ports,
> +# no more guests can be started.  The default is 100 guests.
> +# vnc_max_connections = 100
>  
>  
>  # The default security driver is SELinux. If SELinux is disabled
> diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
> index 40ca221..02186fd 100644
> --- a/src/qemu/qemu_conf.c
> +++ b/src/qemu/qemu_conf.c
> @@ -113,6 +113,8 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
>          return -1;
>      }
>  
> +    driver->vncMaxConnections = 100;
> +
>  #ifdef HAVE_MNTENT_H
>      /* For privileged driver, try and find hugepage mount automatically.
>       * Non-privileged driver requires admin to create a dir for the
> @@ -211,6 +213,10 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
>          }
>      }
>  
> +    p = virConfGetValue (conf, "vnc_max_connections");
> +    CHECK_TYPE ("vnc_max_connections", VIR_CONF_LONG);
> +    if (p) driver->vncMaxConnections = p->l;
> +
>      p = virConfGetValue (conf, "user");
>      CHECK_TYPE ("user", VIR_CONF_STRING);
>      if (!(user = strdup(p && p->str ? p->str : QEMU_USER))) {
> diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
> index 6a9de5e..e0c4a9b 100644
> --- a/src/qemu/qemu_conf.h
> +++ b/src/qemu/qemu_conf.h
> @@ -122,6 +122,8 @@ struct qemud_driver {
>      char *vncListen;
>      char *vncPassword;
>      char *vncSASLdir;
> +    unsigned int vncMaxConnections;
> +
>      char *hugetlbfs_mount;
>      char *hugepage_path;
>  
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index 49983dd..8324075 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -2147,10 +2147,11 @@ qemuInitPCIAddresses(struct qemud_driver *driver,
>      return ret;
>  }
>  
> -static int qemudNextFreeVNCPort(struct qemud_driver *driver ATTRIBUTE_UNUSED) {
> +static int qemudNextFreeVNCPort(struct qemud_driver *driver)
> +{
>      int i;
>  
> -    for (i = 5900 ; i < 6000 ; i++) {
> +    for (i = 5900 ; i < (5900 + driver->vncMaxConnections) ; i++) {

I would just simplify the whole patch to just
  +    for (i = 5900 ; i < 65535 ; i++) {

>          int fd;
>          int reuse = 1;
>          struct sockaddr_in addr;
> diff --git a/src/qemu/test_libvirtd_qemu.aug b/src/qemu/test_libvirtd_qemu.aug
> index 2feedc0..3c2190a 100644
> --- a/src/qemu/test_libvirtd_qemu.aug
> +++ b/src/qemu/test_libvirtd_qemu.aug
> @@ -80,6 +80,13 @@ vnc_sasl = 1
>  #
>  vnc_sasl_dir = \"/some/directory/sasl2\"
>  
> +
> +# The maximum number of VNC connections we will allow.  Once
> +# libvirtd has created this many qemu guests with VNC ports,
> +# no more guests can be started.  The default is 100 guests.
> +#
> +vnc_max_connections = 100
> +
>  security_driver = \"selinux\"
>  
>  user = \"root\"
> @@ -180,6 +187,13 @@ relaxed_acs_check = 1
>  { "#comment" = "" }
>  { "vnc_sasl_dir" = "/some/directory/sasl2" }
>  { "#empty" }
> +{ "#empty" }
> +{ "#comment" = "The maximum number of VNC connections we will allow.  Once" }
> +{ "#comment" = "libvirtd has created this many qemu guests with VNC ports," }
> +{ "#comment" = "no more guests can be started.  The default is 100 guests." }
> +{ "#comment" = "" }
> +{ "vnc_max_connections" = "100" }
> +{ "#empty" }
>  { "security_driver" = "selinux" }
>  { "#empty" }
>  { "user" = "root" }

  Hum, why do we need any hardcoded limit ? If someone can exhaust
the node capacity just by creating as many VMs as he likes I think
trying to protect the port set is really not the right approach, plus
that's yet another tuneable which will get in the way for normal uses.
My instinct would be to just drop that upper limit (well we will be
limited by 2^^16 in any case, but the day we manage to run that many
VM the port exhaution will be a fairly minor draback :-)

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel veillard com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]