From: Dominik Csapak <d.csapak@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH cluster/access-control/guest-common/qemu-server/manager v4] cluster mapping backend
Date: Thu, 25 May 2023 12:17:42 +0200 [thread overview]
Message-ID: <20230525101753.2078811-1-d.csapak@proxmox.com> (raw)
this series aims to add a cluster-wide device mapping for pci and usb
devices. so that an admin can configure a device to be availble for
migration and configuring for uses that are non-root
(the existing pattern can be copied easily for other types, e.g.
markus upcoming folder sharing)
note that this series requires the array support in api/section
config[0] but how the api is formed/where the data comes should not be
hard to change
also since the api changed quite drastically, the gui must be adapted,
and i'm not done with that yet, so sending the backend only for now
the series is a bigger change to the v3, so a closer look is probably
warranted
changes from v3:
* the configs are now split by type (for ease of use of the section
config) and live in pve-guest-common, to avoid a cyclic dependcy
* the configs are section configs now (with mentioned array support)
* the api is now only defined in /cluster/resource/{TYPE} and has
no nodespecific api anymore, besides a 'check-node' parameter
(see the pve-manager patch for more details on that)
* the internal structure of the pci parsing changed completely, making
the structure more understandable
* a single map entry now has the same semantic as the qemu-server
hostpci config entry, meaning if you want multiple mappings per host,
you have to add multiple map entries. this is a more flexible
approach, and the parsing code gets a bit simpler
* combined some properties in the config (e.g. vendor/device) so that
we don't have too many
* squashed some changes together, as they didn't make much sense
separately anyway (e.g. api/config patches) and it didn't make
reviewing easier
* changed the ACL paths & privileges to be more general
* surely some other changes i forgot..
changes from v2:
* some bug fixes (e.g use of unitialized variable)
* don't set mdev for multifunction devices
-> this should fix alexandres issue, since it's not possible anymore
to select a mediated device when having a multifunction device
selected
changes from v1:
* dropped 'check_hw_perm' (just use 'check_full' now)
* added some cleanups
* renamed the buttons in the ui (hopefully better now)
* added multi device mapping for each host
this includes a new 'multi pci' selector for that window, which
automatically adds entries for the whole slots which, when selected,
disabled the selection of the individual functions
* fixed some issues (e.g. missing entries in the 'caps' object, wrong
usb config parsing, etc.)
changes from the rfc:
* new cluster wide gui instead of node-local one (removed that, since
it's not necessary when we have a cluster-wide one)
* uses json instead of a section config
* api is quite different overall, i split the type into its own level
for configuring, similar to what we do in pbs
(e.g. /nodes/NODENAME/hardware/mapping/usb/)
* fixed quite some bugs the rfc had
* added patch for handling the gui with limited permissions better
* added a 'comment' field for mappings
dependencies are pretty straight forward this time around (if i'm not
overlooking something):
qemu-server/pve-manager -> new access-control/pve-guest-common -> new pve-cluster
0: https://lists.proxmox.com/pipermail/pve-devel/2023-May/056739.html
pve-cluster:
Dominik Csapak (1):
add cfg files for resource mapping
src/PVE/Cluster.pm | 2 ++
src/pmxcfs/status.c | 2 ++
2 files changed, 4 insertions(+)
pve-access-control:
Dominik Csapak (1):
add privileges and paths for cluster resource mapping
src/PVE/AccessControl.pm | 20 +++++++++++++++++++-
src/PVE/RPCEnvironment.pm | 7 +++++--
2 files changed, 24 insertions(+), 3 deletions(-)
pve-guest-common:
Dominik Csapak (1):
add PCI/USB Resource configs
src/Makefile | 3 +
src/PVE/Resource/PCI.pm | 226 ++++++++++++++++++++++++++++++++++++++++
src/PVE/Resource/USB.pm | 183 ++++++++++++++++++++++++++++++++
3 files changed, 412 insertions(+)
create mode 100644 src/PVE/Resource/PCI.pm
create mode 100644 src/PVE/Resource/USB.pm
qemu-server:
Dominik Csapak (6):
enable cluster mapped USB devices for guests
enable cluster mapped PCI devices for guests
check_local_resources: extend for mapped resources
api: migrate preconditions: use new check_local_resources info
migration: check for mapped resources
add test for mapped pci devices
PVE/API2/Qemu.pm | 110 +++++++-
PVE/QemuMigrate.pm | 23 +-
PVE/QemuServer.pm | 111 +++++---
PVE/QemuServer/PCI.pm | 243 +++++++++++++++---
PVE/QemuServer/USB.pm | 22 +-
test/MigrationTest/Shared.pm | 14 +
test/cfg2cmd/q35-linux-hostpci-mapping.conf | 17 ++
.../q35-linux-hostpci-mapping.conf.cmd | 36 +++
test/cfg2cmd/q35-linux-hostpci.conf | 2 +-
test/cfg2cmd/q35-linux-hostpci.conf.cmd | 2 +-
test/run_config2command_tests.pl | 83 ++++++
11 files changed, 575 insertions(+), 88 deletions(-)
create mode 100644 test/cfg2cmd/q35-linux-hostpci-mapping.conf
create mode 100644 test/cfg2cmd/q35-linux-hostpci-mapping.conf.cmd
pve-manager:
Dominik Csapak (2):
pvesh: fix parameters for proxyto_callback
api: add resource map api endpoints for PCI and USB
PVE/API2/Cluster.pm | 8 +
PVE/API2/Cluster/Makefile | 5 +
PVE/API2/Cluster/Resource.pm | 53 +++++
PVE/API2/Cluster/Resource/Makefile | 18 ++
PVE/API2/Cluster/Resource/PCI.pm | 297 +++++++++++++++++++++++++++++
PVE/API2/Cluster/Resource/USB.pm | 262 +++++++++++++++++++++++++
PVE/API2/Hardware.pm | 1 -
PVE/API2/Nodes.pm | 1 +
PVE/CLI/pvesh.pm | 10 +-
9 files changed, 650 insertions(+), 5 deletions(-)
create mode 100644 PVE/API2/Cluster/Resource.pm
create mode 100644 PVE/API2/Cluster/Resource/Makefile
create mode 100644 PVE/API2/Cluster/Resource/PCI.pm
create mode 100644 PVE/API2/Cluster/Resource/USB.pm
--
2.30.2
next reply other threads:[~2023-05-25 10:18 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-25 10:17 Dominik Csapak [this message]
2023-05-25 10:17 ` [pve-devel] [PATCH cluster v4 1/1] add cfg files for resource mapping Dominik Csapak
2023-06-05 9:11 ` [pve-devel] applied: " Thomas Lamprecht
2023-05-25 10:17 ` [pve-devel] [PATCH access-control v4 1/1] add privileges and paths for cluster " Dominik Csapak
2023-05-25 10:17 ` [pve-devel] [PATCH guest-common v4 1/1] add PCI/USB Resource configs Dominik Csapak
2023-05-25 10:40 ` Dominik Csapak
2023-05-25 10:17 ` [pve-devel] [PATCH qemu-server v4 1/6] enable cluster mapped USB devices for guests Dominik Csapak
2023-05-25 10:17 ` [pve-devel] [PATCH qemu-server v4 2/6] enable cluster mapped PCI " Dominik Csapak
2023-05-25 10:17 ` [pve-devel] [PATCH qemu-server v4 3/6] check_local_resources: extend for mapped resources Dominik Csapak
2023-05-25 10:17 ` [pve-devel] [PATCH qemu-server v4 4/6] api: migrate preconditions: use new check_local_resources info Dominik Csapak
2023-05-25 10:17 ` [pve-devel] [PATCH qemu-server v4 5/6] migration: check for mapped resources Dominik Csapak
2023-05-25 10:17 ` [pve-devel] [PATCH qemu-server v4 6/6] add test for mapped pci devices Dominik Csapak
2023-05-25 10:17 ` [pve-devel] [PATCH manager v4 1/2] pvesh: fix parameters for proxyto_callback Dominik Csapak
2023-05-25 10:17 ` [pve-devel] [PATCH manager v4 2/2] api: add resource map api endpoints for PCI and USB Dominik Csapak
2023-05-26 16:09 ` [pve-devel] [PATCH cluster/access-control/guest-common/qemu-server/manager v4] cluster mapping backend DERUMIER, Alexandre
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230525101753.2078811-1-d.csapak@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox