[libvirt] [PATCH 00/15] qemu: Implement non-shared storage migration via TLS (blockdev-add saga)

Wed May 23 00:36:38 UTC 2018

On 05/18/2018 07:28 AM, Peter Krempa wrote:
> Implement the non-shared storage migration when TLS is enabled. This is
> done by using blockdev-add to add the NBD endpoint with the TLS
> environment alias configured properly.
> 
> Peter Krempa (15):
>   qemu: block: Don't nest storage layer properties into format layer
>   conf: domain: Export virDomainStorageSourceParse
>   qemu: migration: Don't access disk members without lock
>   qemu: caps: Add capability for blockdev-add/blockdev-del
>   qemu: monitor: Factor out and document code to format QMP command
>   qemu: monitor: Add implementation for blockdev-add and blockdev-del
>   qemu: monitor: Introduce support for blockdev-mirror
>   qemu: block: Add helpers for hot-adding virStorageSource via blockdev
>   qemu: domain: Extract NBD disk migration private data formatting
>   qemu: domain: Extract parsing of NBD status XML
>   qemu: domain: Add private data for NBD migration storage source
>     definition
>   test: Add status XML test for NBD tls storage migration
>   qemu: migration: Rename NBD migration functions
>   qemu: migration: Extract code responsible for calling drive-mirror
>   qemu: migration: Add support for transporting NBD over TLS
> 
>  src/conf/domain_conf.c                             |   2 +-
>  src/conf/domain_conf.h                             |   6 +
>  src/libvirt_private.syms                           |   1 +
>  src/qemu/qemu_block.c                              | 163 +++++++-
>  src/qemu/qemu_block.h                              |  34 ++
>  src/qemu/qemu_capabilities.c                       |   2 +
>  src/qemu/qemu_capabilities.h                       |   1 +
>  src/qemu/qemu_domain.c                             | 242 +++++++++--
>  src/qemu/qemu_domain.h                             |   1 +
>  src/qemu/qemu_migration.c                          | 306 ++++++++++----
>  src/qemu/qemu_monitor.c                            |  59 +++
>  src/qemu/qemu_monitor.h                            |  16 +
>  src/qemu/qemu_monitor_json.c                       | 164 +++++++-
>  src/qemu/qemu_monitor_json.h                       |  18 +
>  tests/qemublocktest.c                              |  11 +-
>  .../xml2json/block-raw-noopts.json                 |  15 +-
>  .../qemublocktestdata/xml2json/dir-fat-cache.json  |  27 +-
>  .../qemublocktestdata/xml2json/dir-fat-floppy.json |  19 +-
>  .../xml2json/dir-fat-readonly.json                 |  19 +-
>  .../xml2json/file-backing_basic-aio_threads.json   |  82 ++--
>  .../file-backing_basic-cache-directsync.json       | 108 ++---
>  .../xml2json/file-backing_basic-cache-none.json    | 108 ++---
>  .../xml2json/file-backing_basic-cache-unsafe.json  | 108 ++---
>  .../file-backing_basic-cache-writeback.json        | 108 ++---
>  .../file-backing_basic-cache-writethrough.json     | 108 ++---
>  .../xml2json/file-backing_basic-detect.json        |  76 ++--
>  .../xml2json/file-backing_basic-noopts.json        |  60 +--
>  .../xml2json/file-backing_basic-unmap-detect.json  |  76 ++--
>  .../xml2json/file-backing_basic-unmap-ignore.json  |  76 ++--
>  .../xml2json/file-backing_basic-unmap.json         |  76 ++--
>  .../xml2json/file-bochs-noopts.json                |  15 +-
>  .../xml2json/file-cloop-noopts.json                |  15 +-
>  .../xml2json/file-dmg-noopts.json                  |  15 +-
>  .../xml2json/file-ploop-noopts.json                |  15 +-
>  .../file-qcow2-backing-chain-encryption.json       |  30 +-
>  .../xml2json/file-qcow2-backing-chain-noopts.json  | 150 +++----
>  .../file-qcow2-backing-chain-unterminated.json     |  30 +-
>  .../xml2json/file-raw-aio_native.json              |  25 +-
>  .../qemublocktestdata/xml2json/file-raw-luks.json  |  15 +-
>  .../xml2json/file-raw-noopts.json                  |  15 +-
>  .../xml2json/file-vdi-noopts.json                  |  15 +-
>  .../xml2json/file-vhd-noopts.json                  |  15 +-
>  .../xml2json/file-vpc-noopts.json                  |  15 +-
>  .../network-qcow2-backing-chain-cache-unsafe.json  |  74 ++--
>  ...etwork-qcow2-backing-chain-encryption_auth.json |  64 +--
>  tests/qemucapabilitiesdata/caps_2.10.0.aarch64.xml |   1 +
>  tests/qemucapabilitiesdata/caps_2.10.0.ppc64.xml   |   1 +
>  tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml   |   1 +
>  tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml  |   1 +
>  tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml   |   1 +
>  tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml |   1 +
>  tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml   |   1 +
>  tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml   |   1 +
>  tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml  |   1 +
>  tests/qemucapabilitiesdata/caps_2.9.0.ppc64.xml    |   1 +
>  tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml    |   1 +
>  tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml   |   1 +
>  .../migration-out-nbd-tls-in.xml                   | 464 +++++++++++++++++++++
>  .../migration-out-nbd-tls-out.xml                  |   1 +
>  tests/qemuxml2xmltest.c                            |   1 +
>  60 files changed, 2172 insertions(+), 906 deletions(-)
>  create mode 100644 tests/qemustatusxml2xmldata/migration-out-nbd-tls-in.xml
>  create mode 120000 tests/qemustatusxml2xmldata/migration-out-nbd-tls-out.xml
> 

There's a couple things noted, but otherwise looks good to me.

Reviewed-by: John Ferlan <jferlan at redhat.com>
(series)

John

I tried running through my Coverity checker, but the license server is
down - hopefully by morning it's back.