Tag Archives: kvm

FUDCon Pune: My talk on ‘Linux Virtualization’

Posted on by
1

My second talk at FUDCon Pune was on Virtualization (slides) on day 2.  While I had registered the talk well in advance, I wasn’t quite sure what really to talk about: should I talk about the basics of virtualization?  Should I talk about what’s latest (coming up in Fedora 16)?  Should I talk about how KVM works in detail?  My first talk on git had gone well, and as expected for this FUDCon, majority of the participants were students.  Expecting a similar student-heavy audience for the 2nd talk as well, I decided on discussing the basics of the Linux Virt Stack.  Kashyap had a session lined up after me on libvirt, so I thought I could give an overview of virt-manager, libvirt, QEMU and Linux (KVM).

And since my registered talk title was ‘Latest in Linux Virtualization’, I did leave a few slides on upcoming enhancements in Fedora 16 (mostly concentrating on the QEMU side of things) at the end of the slide deck, to cover those things if I had time left.

As with the previous git talk, I didn’t get around to making the slides and deciding on the flow of the talk till the night before the day of the talk, and that left me with much less sleep than normal.  The video for the talk is available online; I haven’t seen it myself, but if you do, you’ll find I was almost sleep-talking through the session.

To make it interactive as well as keep me awake, I asked the audience to stop me and ask questions any time during the talk.  What was funny about that was the talk was also being live streamed, and the audio signal for the live streaming was carried via one mic and the audio stream for the audience as well as the recorded talk was on a different mic.  So even though the audience questions were taken on the audience mic, I had to repeat the questions for the people who were catching the talk live.

I got some feedback later from a few people — I missed to introduce myself, and I should have put some performance graphs in the slides, as almost all users would be interested in KVM performance vs other hypervisors.  Both good points.  The performance slides I hadn’t thought about earlier, I’ll try to incorporate some such graphs in future presentations.  Interestingly, I hadn’t also thought of introducing myself.  Previously, I was used to someone else introducing me and then me picking up from there.  At the FUDCon, we (the organisers) missed on getting speaker bios, and didn’t have volunteers introduce each speaker before their sessions.  So no matter which way I look at it, I take the blame as speaker and organiser for not having done this.

There was some time before my session to start and there were a few people in the auditorium (the room where the talk was to be held), so Kashyap thought of playing some Fedora / FOSS / Red Hat videos.  (People generally like the Truth Happens video, and that one was played as well.)  These, and many more are available on the Red Hat Videos channel on YouTube. There was also some time between my session and Kashyap’s (to allow for people to move around, take a break, etc.), so we played the F16 release video that Jared gave us.

Overall, I think the talk went quite well (though I may have just dreamed that).  I tried to stay awake for Kashyap’s session on libvirt to answer any questions directed my way; I know I did answer a couple of them, so I must have managed to stay up.

This is a post from http://log.amitshah.net/, licensed CC BY-SA.

KVM Forum 2011

Posted on by
3

This year’s KVM Forum, like last year’s, was co-located with LinuxCon NA.  Vancouver city played the host this year.

The interest in KVM has been rising over the years; from the first Forum in 2008, when we were just about 30 developers in a single room presenting work done and chatting about directions to take (the virtio design was hashed out during this conference), this year there were about 150 attendees, discussing optimising KVM instances and tracing the guests.  That’s a really big leap in three years.

Due to lots and lots of good talk submissions, not all of which could be rejected, the talk slots were reduced to 30 minutes per talk and there were parallel tracks in the afternoon sessions.  This allowed for more talks, but small Q&A sessions, and obviously, having to miss out on some talks due to another talk happening at the same time. All the talks have been video-recorded, though, and they should appear soon on the Forum page.

Some brief notes on the talks I attended:

Avi’s keynote started off the Forum. One of the main points was the lack of marketing in KVM, and how the formation of the Open Virtualization Alliance to bridge the gap.  He also talked about an ARM port finally getting some development (on his 2008 prediction of an ARM port coming soon not materialising, he said in his 2010 keynote: “this is a case of reality not catching up with predictions”).

Paul Mackerras then talked about KVM on the POWER7 processor, another processor to get virt extensions. He talked of replacing pHype with KVM and the challenges to run custom firmware and Linux directly on the machines, as opposed to the default firmware which can only run pHype.

Alex Williamson talked about VFIO-based PCI device assignment.  The current device assignment code makes the kvm.ko module a device driver for the device to be assigned to the guest (I’m to blame for that, I wrote that code). The idea with VFIO is to move the complexity of device assignment into userspace.  VFIO is a device driver which exposes devices in /dev/vfio*, via which the device can be configured and controlled.  This is a much more cleaner and secure way of doing device assignment.

Kevin Wolf talked on the current state of block file formats, and the next-gen block file format.  He criticised the NIH syndrome of people developing new formats in isolation instead of enhancing the current ones.  He’s working on collecting the best ideas from QED and FVD, the newest formats, and putting them into QCOW3 while retaining the features from QCOW2, which the other formats dropped.

Stefan Hajnoczi and Paolo Bonzini then talked of a new virtio-scsi transport, Stefan is working on the new in-kernel SCSI target and using vhost to accelerate communication.  Paolo has already written the virtio-scsi spec.

Asias He presented the Native Linux KVM tool. My reaction on the presentation was that they started out as a toy project to run Linux guests, but their planned feature set sounds like they are going to replicate qemu.  That’s not a bad thing, though, KVM (the kernel module) was designed to be able to drive multiple userspace hypervisors, and this is the first one that’s making some news.

That ended the first day’s morning session.  The afternoon session had parallel tracks, I attended the following:

Andrea Arcangeli’s talk on the future of Memory Management in KVM had quite a lot of TODO items.  He particularly talked on NUMA management and his ongoing work on it. Current NUMA policies are static; he wants to make them dynamic, with the guest moving to the node where RAM is allocated, and vice-versa.

Rik van Riel then talked about some more MM work: free page hinting, which can improve the memory utilisation both in the host and guest, and automatic memory resizing.  There might be some drawbacks to this as free page hinting may not consider THP and end up breaking huge pages.

Next was “experiences porting KVM to SmartOS“, a lively and animated talk by Bryan Cantrill. This talked about porting the kvm module and qemu-kvm to Illumos, a Solaris clone.  They primarily want the benefits of ZFS, DTrace, Zones and KVM. No matter how much interesting it sounds, the question on licensing was addressed vaguely (if at all) during the talk.  In a private chat later, Bryan mentioned there’s no violation at all.  There’s some talk at lwn.net on licensing as well.

Michael Tsirkin talked on new virtio networking features. Main was the event indexing feature which reduces the exit interrupts to host if there are pending exits and a new buffer is queued in the vring.  Sort of like NAPI for virtio. He also talked about zero-copy TX and filtering, and the security pitfalls of doing so.

Ryan Harper then talked of IO throttling in QEMU, a feature that uses cgroups to ensure guests don’t go over their allocated quota of IO activity.

A couple of lightning talks were held, where Dan Magenheimer talked of Transcendent memory, and how that can help with the work that Rik is doing.

A few BOF sessions were lined up, people gathered in groups to discuss.  I caught hold of Hans de Goede, Alon Levy, Anthony Liguori and Gerd Hoffmann to discuss the state of chardevs in QEMU.  Hans had initiated a discussion just prior to the Forum on the non-upstream RHEL and Fedora patches that we carry for chardev flow control.  Anthony mentioned some races in the existing implementation and came up with his own.  He promised to merge the cleanup patchset soon and float the flow control patches to the mailing list.

My other topic, on guest – host communication, got fizzled out, partly due to my jet lag not allowing me to concentrate much, and the other interesting topic, moving qemu away from C.  I used that time to talk with other people.

That ended day 1 of talks. All the attendees then headed out to a pub nearby to exchange stories over beer.

The second day started with Anthony Liguori presenting the keynote on QEMU development. He mentioned how the project has been doing very well with sub-maintainers doing pull requests. A lot of patches have been committed since the last year. Things indeed have improved since the last year, when many people were complaining of patches bit-rotting on the mailing list for ages.

Avi then took stage again to talk of performance monitoring in KVM guests. He talked of providing a Performance Monitoring Unit to the guest via several ways: pass-through, emulating a virtual PMU and emulating a real-life PMU. He also talked of some new PMU features which are not model-specific which can be safely exposed to all guests.

Alex Graf then presented on AHCI.  This was a very cool presentation with nice animation effects (too sad it used non-free software to do that — I don’t know if free software can match those effects, though). He showed how AHCI performed much better than the default IDE storage type.  Performance is half-way between virtio-blk and IDE, but since most OSes support AHCI out of the box (notable exception being Windows XP), he made a case for making AHCI the default.  There is some work to be done before we can do that, though.

Anthony Liguori next talked about QAPI and QOM, the QEMU Object Model.  These refactorings will make QEMU machines much easier to generate, and present a much saner interface to higher-level management tools like libvirt.  The plan is to get as much work done for the impending 1.0 release.  It was refreshing to hear Anthony not talk of replacing code in one big patch (or one big series), and rather work in incremental steps in-tree.  His last year’s main point of developing code in separate trees and doing merges had not gone down well with many developers.

Markus Armbruster then talked on qdev, on where we are, what’s left, and what are the major pain points.  qdev conversion still remains one of the TODO items from last year, and the more it gets delayed, the more everything else gets delayed in QEMU (including QOM conversion, which could be an incremental step from qdev).

Alon Levy then presented on SPICE, the current status as well as the future. The SPICE protocol is an alternative to VNC with a much better focus on high-latency links and more than just video over network.

Gerd Hoffmann described his work on the USB subsystem. QEMU could go from the last project to support USB 2 to the first one to support USB 3. He also highlighted the work done on bringing down the CPU usage with USB tablet devices to minimal, a common complaint that was heard from users.

That ended the first session; the talks I attended in the parallel tracks were:

KVM Graphics Device Assignment by Allen Kay. We had worked together on PCI device assignment a few years back, and now Allen Kay talked of some roadblocks and ideas in implementing graphics device assignment and experiences from doing so in Xen.

Live block copy in QEMU is being worked on by a few people, Marcelo Tosatti presented the work done so far and the direction in the future. He talked of how the two seemingly independent features of live block copy and snapshot merges can share code.

Joerg Roedel then talked of AMD IOMMU v2 support in KVM: the new feature set makes it possible to not pin all the guest memory pages on the host.  This alone is a very important feature for the future of device assignment.

Next up was Juan Quintela’s session on Live Migration.  It was an entertaining ride on the challenges faced and the new directions to take.  One of them was post-copy migration, where the guest memory is faulted over the network after the guest is running on the destination host, since the amount of guest RAM has been increasing over time.

I missed out on the next two sesions, talking to people.

I rejoined for postcopy live migration by Takahiro Hirofuchi. As promising as it may sound, Anthony wanted to ensure we have eked out maximum performance from the current pre-copy implementation and then look at post-copy.  He also asked for benchmarking results for post-copy migration.  An interesting case here may be to guess the working set of a guest, perform a pre-copy using this set of pages, and then switch to post-copy.  The guessing of working set could be done via a guest agent or using MMU notifiers in the host.

That ended a very very long two days of the KVM Forum. We Red Hat folks had a dinner hosted by CTO Brian Stevens, so we headed out to the nearby brewery and enjoyed the fresh lager there.

This is a post from http://log.amitshah.net/, licensed CC BY-SA.

KVM Forum 2011

Posted on by
Reply

The KVM Forum for this year is happening in Vancouver, Canada:

http://www.linux-kvm.org/page/KVM_Forum_2011

The schedule’s jam-packed; this is the first time we’re going to have parallel tracks (which sucks, since one can’t attend all the talks).

There has always been interest from developers in KVM, being the nice, clean, modular solution that it is. But now that it’s been dominating the SPECVirt results, businesses are looking at it as well, so there are a few end-user talks on the schedule this time, which is nice to see.

I’m going to be running a BoF session on guest agents and guest-host communication protocols.

I’m looking forward to meet the team.  I’m not staying back for the co-located LinuxCon Vancouver (though KVM Forum participants get a free entry; so you could register for KVM Forum instead of registering for LinuxCon if you haven’t done so yet).

.

This is a post from http://log.amitshah.net/, licensed CC BY-SA.

Fedora Miniconf and foss.in/2010

Posted on by
2

A very delayed post on the Fedora Miniconf and foss.in/2010.

foss.in/2010 was held on the 15th, 16th and 17th of this month in Bengaluru. I could confirm my attendance very late, so I missed out on the CfP and a chance at speaking in the main conference, but I could manage to get a speaking slot in the Fedora miniconf. Thanks to Rahul for accomodating me at a short notice.

One of the main things I was looking forward to was meeting my team-mate Juan Quintela. Though we met recently at the KVM Forum 2010, I was going to use this opportunity to catch him and discuss some of the things I’m working on that overlap with his domain, virtual machine live migration, and get things going.

The other thing was to get to know more people — Fedora users and developers from India who I’ve spoken with on the irc channel but not met, other developers and users of free software from around the world. Add to that a few people who I’ve worked with and not met and also people whose software I use daily and who I want to thank for working on what they do.  It was also nice meeting the old known faces from the IBM LTC in Bengaluru — Balbir Singh, Kamalesh Babulal, Vaidy, Aneesh K. V., et al.

It’s always a certainty that there will be users of virtualization (particularly kvm) stack and it’s nice to get a feel of how many people are using kvm, in what ways, how well it works for them, and so on. That’s always a motivation.

The Fedora miniconf was on the 16th. The schedules for talks for miniconfs aren’t published by the foss.in people, so it was left to us to do our advertising and crowd-pulling. Rahul had listed the speakers and the talks on the Fedora foss.in/2010 wiki page. I went ahead and took out a few print-outs for the talks and assigned time slots for each talk depending on the suggested length given by the speakers for their talks as well as the slot allotted to the Fedora Project for the miniconf. The print-outs of the schedules were meant to be pasted around the venue to attract attention to the remotest section that was to host the miniconf, Hall C. However, we just ended up keeping the printouts as handouts at the Fedora stall that we set up. The Fedora stall was quite a crowd-puller. And since it was set up on the second day, we didn’t have to compete with the other stalls since they had their share of attendance on the first day.

The other members of the Fedora crowd, Rahul, Saleem, Arun, Shreyank, Aditya, Suchakra, Siddhesh, Neependra, … have written about the Fedora stall and their experiences earlier (and linked to from the Fedora foss.in/2010 page).

The Fedora miniconf was a great success, going by the attendance and the participation we had. My talk was the first, and I could see we had a full house. I think my talk went quite well. It could have been a little disappointing for people who expected demos, but I wanted to aim this talk towards people who had a general sense of using and deploying Fedora virt as well as Fedora on the cloud and also at people who would go and do stuff themselves rather than being given everything on a silver platter. This does resonate also with the foss.in philosophy of recent years of being a contributor-oriented conference rather than a user-originted one, so I didn’t mind doing that. Gauging by the response I got after the talk, I believe I was right in doing that. (I even got one email mentioning it was a great talk by the CEO of a company).

The other talks from the Fedora miniconf were engaging, I learnt quite a bit from what the others are up to. Arun’s talk on packaging emacs extensions was entertaining. He connects with the audience, I liked that about him.

Aditya’s talk on Fedora Summer Coding was a good call to students to participate in the free software world via Fedora’s internship programme. He narrated his own experience as a Fedora Project intern, which touches the right chords of the intended audience. I think doing more such talks will get him over the jitters of presenting to a big crowd.

Suchakra’s doing good work on accessing an embedded Linux box via a console inside a browser tab — it’s a very interesting project.

Neependra’s talk was a good walk-through of using tracing commands to see what really happens in the kernel when a userspace program runs. He walked through the ‘mkdir’ command and showed the call trace. This was a good demo. He spoke about the various situations in which tracing tools could be used, not just for debugging, and that should have set people’s thoughts in motion as to how they could get more information on how the system behaves instead of just using a system.

Shreyank’s talk on creating a web tool for managing student projects and the Fedora Summer of Code was interesting as well. It was nice to see the way an actual student project was designed and developed and how it’s going to make future students’ and mentors’ lives easier. This talk should have served as a good introduction to the flow and process students have to go through in applying, starting, reviewing and completing their project.

Apart from the Fedora miniconf, I attended a few sessions in the main conf. James Morris’s keynote on the history of the security subsytem in the Linux kernel was very informative. Rahul’s keynote on the ‘Failures of Fedora‘ was totally packed with anecdotes and analyses of the decisions taken by the Fedora project and their impact on the users and developers. Fedora (earlier Red Hat Linux) is one of the oldest distributions around, and any insights into the functioning and data as to what works and what does not is a great source of information to look for building engaging communities of users and contributors.

Lennart‘s two talks on systemd and the state of surround sound on Linux were not very new to me. However, there were a few bits in there that provided some food for thought.

Juan‘s talk on live migration was packed full of experiences in getting qemu to a state where migration works fairly well. He also spoke about all the work that’s left to do. It was totally technical and I think the people who were misguided by it being labelled as a ‘sysadmin’ talk or by the title (expecting to migrate from an older physical machine to a newer physical machine w/o downtime) quickly left the hall. Whoever stayed back were either people who work on QEMU/KVM (esp. the folks from the IBM LTC) or people too polite to walk out.

Dimitris Glezos‘s talk on building large-scale web applications was a very informative one for me. I’ve never done web programming (except for html, css and a bit of php ages ago), and this was a good intro for me to understand what various web development frameworks there are, their pros and cons, the way to deploy them, the way to structure them, etc. It was evident he took a lot of effort to prepare the slides and the talk, it was totally worth it.

Danese Cooper‘s keynote on the Wikimedia Foundation was an equally informative talk. She spoke on a wide range of topics, including the team that makes up Wikimedia, their servers and datacentres, their load balancing strategy, their backup systems, their editing process, their localisation efforts, their search for a new mirror site in the APAC region, etc. I was interested in one aspect, machine-readable wikipedia content, to which they had a satisfactory answer: they’re migrating to semantic web content and would look at a machine-readable API once they’re done adding semantics to their content.

The other time was spent at the Fedora booth and talking to Juan and the other friends.

The foss.in team announced this would be the last foss.in, so thanks to them for hanging around so long. To fill the void, we’re going to have to step up and organise a platform for like-minded people from the free/open source software community around here. I’ve been part of organising some events earlier in different capacities, and I’m looking forward to being part of an effort that provides such a platform. There’s a FUDCon being planned for next year in Pune, I’ll be involved in it, and will take things along from there.

This is a post from http://log.amitshah.net/, licensed CC BY-SA.

Communication between Guests and Hosts

Posted on by
2

Guest and Host communication should be a simple affair — the venerable TCP/IP sockets should be the first answer to any remote communication.  However, it’s not so simple once some special virtualisation-related constraints are added to the mix:

  • the guest and host are different machines, managed differently
  • the guest administrator and the host administrator may be different people
  • the guest administrator might inadvertently block IP-based communication channels to the host via firewall rules, rendering the TCP/IP-based communication channels unusable

The last point needs some elaboration: system administrators want to be really conservative in what they “open” to the outside world.  In this sense, the guest and host administrators are actively hostile to each other.  Also, rightly, neither should trust each other, given that a lot of the data stored in operating systems are now stored within clouds and any leak of the data could prove disastrous to the administrators and their employers.

So what’s really needed is a special communication channel between guests and hosts that are not susceptible to being blocked out by guests or hosts as well as being a very special-purpose low-bandwidth channel that doesn’t look to re-implement TCP/IP.  Some other requirements are mentioned on this page.

After several iterations, we settled on one particular implementation: virtio-serial.  The virtio-serial infrastructure rides on top of virtio, a generic para-virtual bus that enables exposing custom devices to guests.  virtio devices are abstracted enough so that guest drivers need not know what kind of bus they’re actually riding on: they are PCI devices on x86 and native devices on s390 under the hood.  What this means is the same guest driver can be used to communicate with a virtio-serial device under x86 as well as s390.  Behind the scenes, the virtio layer, depending on the guest architecture type, works with the host virtio-pci device or virtio-s390 device.

The host device is coded in qemu.  One host virtio-serial device is capable of hosting multiple channels or ports on the same device.  The number of ports that can ride on top of a virtio-serial device is currently arbitrarily limited to 31, but one device can very well support 2^31 ports.  The device is available since upstream qemu release 0.13 as well as in Fedora from release 13 onwards.

The guest driver is written for Linux and Windows guests.  The API exposed includes open, read, write, poll, close calls.  For the Linux guest, ports can be opened in blocking as well as non-blocking modes.  The driver is included upstream from Linux kernel version 2.6.35.  Kernel 2.6.37 will also have asynchronous IO support — ie, SIGIO will be delivered to interested userspace apps whenever the host-side connection is established or closed, or when a port gets hot-unplugged.

Using the ports is simple: when using qemu from the command line directly, add:

-chardev socket,path=/tmp/port0,server,nowait,id=port0-char
-device virtio-serial
-device virtserialport,id=port1,name=org.fedoraproject.port.0,chardev=port0-char

this creates one device with one port and exposes to the guest the name ‘org.fedoraproject.port.0‘.  Guest apps can then open /dev/virtio-ports/org.fedoraproject.port.0 and start communicating with the host.  Host apps can open the /tmp/port0 unix domain socket to communicate with the guest.  Of course, there are other qemu chardev backends that can be used other than unix domain sockets.  There also is an in-qemu API that can be used.

More invocation options and examples are given in the invocation and how to test sections. 

There is sample C code for the guest as well as sample python code from the test suites.  The original test suite, written to verify the functionality of the user-kernel interface, will in the near future be moved to autotest, enabling faster addition of more tests and tests that not just check for correctness, but also regressions and bugs.

virtio-serial is already in use by the Matahari, Spice, libguestfs and Anaconda projects.  I’ll briefly mention how Anaconda is going to use virtio-serial: starting Fedora 14, guest installs of Fedora will automatically send Anaconda logs to the host if a virtio-serial port with the name of ‘org.fedoraproject.anaconda.log.0‘ is found.  virt-install is modified to create such a virtio-serial port.  This means debugging early anaconda output will be easier with the logs available on the host (and not worrying about guest file system corruptions during install or network drivers not available before a crash).

Further use: There are many more uses of virtio-serial, which should be pretty easy to code:

  • shutting down or suspending VMs when a host is shut down
  • clipboard copy/paste between hosts and guests (this is under progress  by the Spice team)
  • lock a desktop session in the guest when a vnc/spice connection is closed
  • fetch cpu/memory/power usage rates at regular intervals for monitoring

This is a post from http://log.amitshah.net/, licensed CC BY-SA.

Virtualisation (on Fedora)

Posted on by
2

A few volunteers from India associated with the Fedora Project wrote articles for Linux For You‘s March 2010 Virtualisation Special. Those articles, and a few others, are put up on the Fedora wiki space at Magazine Articles on Virtualization. Thanks to LFY for letting us upload the pdfs!

We’re always looking for more content, in the form of how-tos, articles, experiences, tips, etc., so feel free to upload content to the wiki or blog about it.

We also have contact with some magazine publishers so if you’re interested in writing for online or print magazines, let the marketing folks know!

This is a post from http://log.amitshah.net/, licensed CC BY-SA.

KVM: Disabled by BIOS

Posted on by
1

I spent some time fixing this on a Dell Optiplex 755. I thought it was a BIOS update that was necesary and had to hunt for a DOS bootable that could run the EXE given by Dell. FreeDOS wouldn’t work. Finally found a disk given by Dell (with some other machine) that was a bootable. Even the updated BIOS didn’t solve this issue.

I then searched around the net and found this post that mentioned to disable Trusted Execution. Well, if you have an option that enables virtualization and then give another option that effectively disables it, what good is this UI?

This, however, sounds like something that I don’t yet understand. So I should go read what that is and how to make KVM run with it enabled.

This is a post from http://log.amitshah.net/, licensed CC BY-SA.