On Fri, Apr 05, 2019 at 09:56:29AM +0100, Dr. David Alan Gilbert wrote:
* Jens Freimann (jfreim...@redhat.com) wrote:
[...]
> To summarize concerns/feedback from previous discussion:
> 1.- guest OS can reject or worse _delay_ unplug by any amount of time.
> Migration might get stuck for unpredictable time with unclear reason.
> This approach combines two tricky things, hot/unplug and migration.
> -> We can surprise-remove the PCI device and in QEMU we can do all
> necessary rollbacks transparent to management software. Will it be
> easy, probably not.
This sounds 'fun' - bonus cases are things like what happens if the
guest gets rebooted somewhere during the process or if it's currently
sitting in the bios/grub/etc
Yeah, I have to think about this...
> 2. PCI devices are a precious ressource. The primary device should never
> be added to QEMU if it won't be used by guest instead of hiding it in
> QEMU.
> -> We only hotplug the device when the standby feature bit was
> negotiated. We save the device cmdline options until we need it for
> qdev_device_add()
> Hiding a device can be a useful concept to model. For example a
> pci device in a powered-off slot could be marked as hidden until the slot
is
> powered on (mst).
Are they really that precious? Personally it's not something I'd worry
about.
> 3. Management layer software should handle this. Open Stack already has
> components/code to handle unplug/replug VFIO devices and metadata to
> provide to the guest for detecting which devices should be paired.
> -> An approach that includes all software from firmware to
> higher-level management software wasn't tried in the last years. This is
> an attempt to keep it simple and contained in QEMU as much as possible.
> 4. Hotplugging a device and then making it part of a failover setup is
> not possible
> -> addressed by extending qdev hotplug functions to check for hidden
> attribute, so e.g. device_add can be used to plug a device.
>
> There are still some open issues:
>
> Migration: I'm looking for something like a pre-migration hook that I
> could use to unplug the vfio-pci device. I tried with a migration
> notifier but it is called to late, i.e. after migration is aborted due
> to vfio-pci marked unmigrateable. I worked around this by setting it
> to migrateable and used a migration notifier on the virtio-net device.
Why not just let this happen at the libvirt level; then you do the
hotunplug etc before you actually tell qemu anything about starting a
migration?
Yes...the goal was to see if we can contain changes to QEMU (to keep
it simple, although it seems that covering all error cases won't be that simple
:).
But I don't see a mechanism to trigger the unplug at the right moment
yet. So yes, maybe there's no way around involving libvirt at least
for this part...
> Commandline: There is a dependency between vfio-pci and virtio-net
> devices. One points to the other via new parameters
> primar=<primary qdev id> and standby='<standby qdev id>'. This means
> that the primary device needs to be specified after standby device on
> the qemu command line. Not sure how to solve this.
>
> Error handling: Patches don't cover all possible error scenarios yet.
>
> I have tested this with a mlx5 NIC and was able to migrate the VM with
> above mentioned workarounds for open problems.
>
> Command line example:
>
> qemu-system-x86_64 -enable-kvm -m 3072 -smp 3 \
> -machine q35,kernel-irqchip=split -cpu host \
> -k fr \
> -serial stdio \
> -net none \
> -qmp unix:/tmp/qmp.socket,server,nowait \
> -monitor telnet:127.0.0.1:5555,server,nowait \
> -device pcie-root-port,id=root0,multifunction=on,chassis=0,addr=0xa \
> -device pcie-root-port,id=root1,bus=pcie.0,chassis=1 \
> -device pcie-root-port,id=root2,bus=pcie.0,chassis=2 \
> -netdev
tap,script=/root/bin/bridge.sh,downscript=no,id=hostnet1,vhost=on \
> -device
virtio-net-pci,netdev=hostnet1,id=net1,mac=52:54:00:6f:55:cc,bus=root2,primary=hostdev0
\
> -device vfio-pci,host=5e:00.2,id=hostdev0,bus=root1,standby=net1 \
Yes, that's a bit grim; it's circular dependency on the 'hostdev0' and
'net1' id's. cc'ing in Markus.
Dan had an idea how to avoid having to specify the id for the
virtio-net device. I'm currently looking into it, but it seems like it
should work.
regards,
Jens
