[libvirt] [PATCH 2/3] virsh: prevent destroying a in-used network for net-destroy
Daniel P. Berrange
berrange at redhat.com
Wed Feb 4 09:07:10 UTC 2015
On Tue, Feb 03, 2015 at 08:21:42PM -0500, Laine Stump wrote:
> On 02/02/2015 09:08 AM, Lin Ma wrote:
> > * add --system flag for net-dumpxml to show information about the
> > attached interfaces of the virtual network.
>
> I don't like this extra flag - I think it is unnecessary. If we're going
> to more info to the status, then we can just always add it to the status.
>
> As to how it can be provided in the status XML (getting back to patch
> 1/3 which was using the netcf API in a way that I didn't like), better
> data can be gathered into a list in the network object as guests are
> created - this would be done in networkAllocateActualDevice() (and
> networkNotifyActualDevice()) at the points where connections is
> incremented for the network, and removed from the list in
> networkReleaseActualDevice() where connections is decremented. You'll
> notice that those functions get both the virDomainDefPtr and the
> virDomainNetDefPtr, so they have enough information to store the name of
> the domain as well as the namne of the interface.
>
> I recall a long time ago considering adding this information to the
> network XML, but I was dissuaded for some reason; unfortunately I don't
> remember why...
>
> >
> > * call virNetworkGetXMLDesc in cmdNetworkDestroy to get the live state
> > info to check whether the virtual network is in use.
> >
> > * add --force flag for net-destroy to forcibly destroy the virtual
> > network even if it's in use.
>
> As Michal points out (and I pointed out when you sent your previous
> patchset), this does change behavior that some scripts may be dependent
> on. I too like the increased safety, but am concerned about breaking
> functionality. In cases like this, I always like to hear the learned
> advice of Dan Berrange - Daniel, what do you say about changing the
> default behavior of virsh net-destroy? Safe enough?
I don't think it is acceptable to change the behaviour. The 'destroy'
commands are unambiguous about the fact that they are a forceful
operation that will always succeed. Note that for the 'virsh destroy'
command we added a 'graceful' option, thus preserving default behaviour
> > -=item B<net-dumpxml> I<network> [I<--inactive>]
> > +=item B<net-dumpxml> I<network> [I<--inactive>] [I<--system>]
> >
> > Output the virtual network information as an XML dump to stdout.
> > If I<--inactive> is specified, then physical functions are not
> > expanded into their associated virtual functions.
> > +If I<--system> is specified, then directly output the current
> > +live state corresponding to this network from system.
This description of the 'system' flag just makes it sound like it is
the same as not specifying the --inactive flag. ie If the network is
running, the XML we emit is always the live XML state
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list