Look into libvirt

                     Osier Yang  <jyang@redhat.com>

Status

● First release on Dec 19 2005

● 1.0.0 in two weeks. (Finally)

● 25 maitainers/commiters.

● 200 ~ 300 patches per release

● Less than 300 APIs

Why libvirt?● Long term API/ABI/XML back-compact

● Portable between various HVs

● Hides complex interfaces of HV

● Hides HV's API changes

● Available on Linux, Solaris, Windows & OS-X

● Secure access (TLS, SASL, SSH, PolicyKit)

● Open, LGPLv2+ license

What libvirt manages

● Domain

● Virtual network

● Host network interface

● Node device

● Storage pool/volume

● Network filter

● Secret

Supported hypervisors

● QEMU/KVM

● XEN: XenD, XenStored, XM, libxenlight

● VMWare: ESX, GSX server, Workstation,

Player

● Linux container: LXC, OpenVZ

● Test, Remote

● UML, VirtualBox, Hyper-V, Parallels, etc

Virtual network

● Nat (dnsmasq/Radvd, iptables)

● Route

● Isolated

● Bridge (Open vSwitch, Macvtap)

● Host network interface passthrough (SR-IOV VFs pool)

Host network interface

● Based on netcf -> augeas

● Enumerate

● Management(ethernets, bonds, bridges, vlan interfaces)

● Transaction support – revert/commit config changes

● Report status (libnl, ioctl, sysfs)

Network filter

● iptables

● ebtables

● Ip6tables

● E.g. allow-incoming-ipv4 no-ip-multicast

Storage

● pool, volume

● fs (dir, fs, netfs)

● scsi

● Iscsi

● Disk

● lvm

● mpath

● sheepdog, rbd

Node device

● Enumerate host devices

● Backends (udev, HAL)

● vHBA create/destroy

Secret

● Encrypt storage

● Can be used to encrypt a storage volume or domain disk

● Only support qcow disks

Miscellaneous

● Hooks (Daemon, QEMU, LXC, Migration)

● Audit

● Security (Selinux/Apparmor, sVirt)

● Locking (libsanlock, POSIX fcntl)

● Zero-conf (Avahi)

● etc...

How to talk with QEMU

● Monitor (HMP, QMP)

● Guest agent monitor

● Serial/Parrell console

● Graphic console (vnc/spice)

● Network

Domain APIs (libvirt.h)

● Lifecyle (define/undefine, start/destroy, suspend/resume), list, lookup.

● Save, restore, core dump, suspend, resume

● Migration

● Snapshot (Internal/External, Disk-only/ System checkpoint/VM state)

● Guest resource management (memory, network, memory, cpu, NUMA tuning)

Domain APIs (libvirt.h)

● Host device passthrough

● Detach/reattach node devices

● Async events

● Node resource management (memory)

● APIs based on guest agent (E.g. S3/S4)

● Guest block/network I/O statistics

● ...more...

libvirt architecture

client

public API

remote

Node

libvirtdRPC

uri = “qemu://$hostname/system"

$URI

libvirt-qemu

monito

r

guestGuestagent

Agent m

onito

r

qem

u-k

vm

The stack

public API

KVM XEN ESX LXC UML ......

Network Storage Iface nwfilter Secret Nodedev

cgroup

devmap

netcf iptables ebtables tc libnl

lvm selinux sysfs udev HAL

iscsiadm ioctl libnuma numad sanlock qemu-img

libvirtd

virshvirsh bindings SNMP AMQP ......

Stuffs around

● Language bindings (Python, Perl, Ruby, Jave, OCaml, C#, PHP)

● Libvirt-snmp

● Libvirt-qpid

● Libvirt-cim

● l ibvirt-glib (libvirt-glib, libvirt-gconf, libvirt-gobject)

Stuffs around

● Virt-manager

● virt-viewer

● python-virtinst

● Libosinfo

● Libvirt-designer

● Libvirt-sandbox

● Gnome Boxes

Stuffs around

● Virt-manager, virt-viewer

● python-virtinst

● Libosinfo

● Libvirt-designer

● Libvirt-sandbox

● Gnome Boxes

● Eucalyptus, openstack

● Plugins for collectd, munin, Nagios, Zenoss

l ibguestfs● For accessing and modifying virtual machine

(VM) disk images

● View and edit files inside guests

● Scripting changes to VM

● Monitoring disk used/free statistics

● P2V, V2V

● Performing partial backups

● Cloning VMs, etc..

How libguestfs works

l ibguestfs

client

qemu

guestfsd

Linux kernel

Device orDisk image

Appliance

virt-v2v

● Convert VMs on XEN/ESX to RH virt stack

● Support guests of RHEL, Fedora, Windows

● Based on libguestfs and libvirt

How virt-v2v works

● Shutdown guest on source host

● Use libvirt to get domain XML config

● Copy storage

● Convert storage and modify XML

● Use libvirt to define and start the domain on dest host

The conversion - RHEL/FC

● Remove XEN/ESX specific stuffs (E.g.

xenpv kernel/drivers, VMWare tools)

● Install or update kernel, try best to let it

support virtio

● Update block and network drivers

Ongoing or TODO

● Snapshot improvements

● Storage driver improvements (glusterfs,

job, inotify)

● LXC driver improvements

● Persistent vHBA

● Migration with NPIV

● Associate storage with domain

● Improve device hotplug

Ongoing or TODO

● Lifecycle events for all objects

● Role based access control on all public APIs

● Isolate QEMU process with Linux Container

namespaces.

● APIs to expose host/hypervior's capabilities

● Etc...

http://libvirt.org libvir­list@redhat.com

libvirt­user@redhat.com#virt on OFTC