|
|
Line 1: |
Line 1: |
− | .. | + | ovirt: |
− | This work is licensed under a Creative Commons Attribution 3.0 Unported
| + | https://github.com/oVirt/ovirt-node |
− | License.
| + | kimchi |
| + | https://github.com/kimchi-project/kimchi |
| | | |
− | http://creativecommons.org/licenses/by/3.0/legalcode
| + | autoconf、automake、createrepo、livecd-tools、appliance-tools-minimizer |
| | | |
− | ===================================
| + | (1)selinux common-install.ks.in selinux --disabled |
− | Support function of USB-redirection
| + | (2)recipe/Make.am |
− | ===================================
| + | printf "repo --name=fedora20 --baseurl=http://186.100.8.148/repo/fedora/releases/$(FEDORA)/Everything/${ARCH}/os\n" > repos.ks ;\ |
− | | + | printf "repo --name=ovirt-node --baseurl=file:///root/rpmbuild/RPMS/noarch\n" >> repos.ks ;\ |
− | We provide VDI(Virtual Desktop)solution for customers, our customers have strong
| + | printf "repo --name=kimchi --baseurl=file:///home/kimchi/kimchi-master/rpm/RPMS/x86_64\n" >> repos.ks ;\ |
− | requirements for using USB devices.
| |
− | | |
− | The typical use cases and our solutions are described as below:
| |
− | Customers want to use local USB printers or USB scanners with
| |
− | TC(Thin-Client), because remote desktop protocol like ICA have already supported
| |
− | USB-redirection, so customers only need to attach USB device to TC, the protocol
| |
− | can map USB device to VM.
| |
− | | |
− | | |
− | Problem description
| |
− | ===================
| |
− | | |
− | Use cases:
| |
− | | |
− | A end user wants to print some documents in cloud environments, him perform the
| |
− | following steps:
| |
− | | |
− | 1. Create a VM with virtual USB-redirection devices.
| |
− | | |
− | 2. Use TC with spice client to connect to VM, insert USB printer to TC, select
| |
− | printer to redirect to VM in GUI of spice client.
| |
− | | |
− | 3. User can see printer in VM and use printer to print documents.
| |
− | | |
− | A end user wants to take a video chat with friends in cloud environments, him
| |
− | perform the following steps:
| |
− | | |
− | 1. Create a VM with virtual USB-redirection devices.
| |
− | | |
− | 2. Use TC with spice client to connect to VM, insert USB camera to TC, select
| |
− | camera to redirect to VM in GUI of spice client.
| |
− | | |
− | 3. User can see camera in VM and take video chat with friends.
| |
− | | |
− | Proposed change
| |
− | ===============
| |
− | | |
− | 1. Add function of create USB-redirection device in libvirt driver.
| |
− | | |
− | 2. Support specify USB-redirection device in flavor and create VM with this kind
| |
− | of flavor.
| |
− | | |
− | Alternatives
| |
− | ------------
| |
− | | |
− | None
| |
− | | |
− | Data model impact
| |
− | -----------------
| |
− | | |
− | 1. Add USB-redirection device data object in libvirt driver, the libvirt xml may
| |
− | like:
| |
− | <redirdev bus='usb' type='spicevmc'>
| |
− | <alias name='redir0'/>
| |
− | </redirdev>
| |
− | | |
− | 2. Use key-value to specify USB-redirection device in flavor, the schema may like:
| |
− | {"usb_redirection_devices":{["bus": usb, "type": "spicevmc"]}}
| |
− | | |
− | REST API impact
| |
− | --------------- | |
− | | |
− | None
| |
− | | |
− | Security impact
| |
− | ---------------
| |
− | | |
− | None
| |
− | | |
− | Notifications impact
| |
− | --------------------
| |
− | | |
− | None
| |
− | | |
− | Other end user impact
| |
− | ---------------------
| |
− | | |
− | None
| |
− | | |
− | | |
− | Performance Impact
| |
− | ------------------
| |
− | | |
− | None
| |
− | | |
− | | |
− | Other deployer impact
| |
− | ---------------------
| |
− | | |
− | None
| |
− | | |
− | | |
− | Developer impact
| |
− | ----------------
| |
− | | |
− | None
| |
− | | |
− | Implementation
| |
− | ==============
| |
− | | |
− | Assignee(s)
| |
− | ----------- | |
− | | |
− | Primary assignee:
| |
− | <Jing Yuan>
| |
− | | |
− | | |
− | Work Items
| |
− | ----------
| |
− | Step 1: Add object of USB-redirection device in libvirt driver.
| |
− | | |
− | Step 2: Create VM with flvor which contains USB-redirection device.
| |
− | | |
− | Dependencies
| |
− | ============
| |
− | | |
− | None
| |
− | | |
− | | |
− | Testing
| |
− | ======= | |
− | | |
− | None
| |
− | | |
− | | |
− | Documentation Impact
| |
− | ====================
| |
− | | |
− | It is necessary to add doc for how to use this new function.
| |
− | | |
− | | |
− | References
| |
− | ==========
| |
− | | |
− | None
| |
− | | |
− | | |
− | ..
| |
− | This work is licensed under a Creative Commons Attribution 3.0 Unported
| |
− | License.
| |
− | | |
− | http://creativecommons.org/licenses/by/3.0/legalcode
| |
− | | |
− | ==============================
| |
− | Support hot-plug of USB device
| |
− | ==============================
| |
− | | |
− | Users have requirements of using USB device, the detailed information can refer
| |
− | to BP https://blueprints.launchpad.net/nova/+spec/usb-passthrough.
| |
− | | |
− | There maybe some VMs which need to use USB device, so I think it is
| |
− | necessary to provide function of hot-plug USB device.
| |
− | | |
− | Problem description
| |
− | ===================
| |
− | | |
− | Use cases:
| |
− | | |
− | A user wants to install ERP software which needs USB-KEY for authentication in a
| |
− | running VM. he proposes request to system administrator and they perform the
| |
− | following steps:
| |
− | | |
− | 1. The administrator goes to the machine room and insert USB-KEY to host where
| |
− | the VM is running in.
| |
− | | |
− | 2. The administrator adds some configuration(like white-list with USB-KEY's product
| |
− | and vendor information) to nova-compute, restart nova-compute to trigger it to
| |
− | discovery new devices and save them to DB.
| |
− | | |
− | 3. The end user queries USB-KEY information from API or portal.
| |
− | | |
− | 4. The end user attaches USB-KEY to VM.
| |
− | | |
− | Proposed change
| |
− | ===============
| |
− | | |
− | The idea of how to implement this function can refer to pci-passthrough.
| |
− | | |
− | We should add the following functions to nova:
| |
− | | |
− | 1. Add API to query USB device information of a hypervisor.
| |
− | | |
− | 2. Add API to attach USB device to a VM.
| |
− | | |
− | 3. Add API to detach USB device from a VM.
| |
− | | |
− | Alternatives
| |
− | ------------
| |
− | | |
− | None
| |
− | | |
− | Data model impact
| |
− | -----------------
| |
− | | |
− | It can refer to https://review.openstack.org/#/c/86118/
| |
− | | |
− | | |
− | REST API impact
| |
− | ---------------
| |
− | | |
− | * API for attach USB device to VM
| |
− | V2 API specification:
| |
− | Post v2/{tenant_id}/servers/{server_id}/action
| |
− | {
| |
− | "attach_usb_devices": {"usb_devices_requests":[{"id": 1}]}
| |
− | }
| |
− | V3 API specification:
| |
− | Post v3/servers/{server_id}/action
| |
− | | |
− | * API for attach USB device to VM
| |
− | V2 API specification:
| |
− | Post v2/{tenant_id}/servers/{server_id}/action
| |
− | {
| |
− | "detach_usb_devices": {"usb_devices_requests":[{"id": 1}]}
| |
− | }
| |
− | V3 API specification:
| |
− | Post v3/servers/{server_id}/action
| |
− | | |
− | Security impact
| |
− | --------------- | |
− | | |
− | None
| |
− | | |
− | Notifications impact
| |
− | --------------------
| |
− | | |
− | None
| |
− | | |
− | Other end user impact
| |
− | ---------------------
| |
− | | |
− | It can refer to https://review.openstack.org/#/c/86118/
| |
− | | |
− | | |
− | Performance Impact
| |
− | ------------------
| |
− | | |
− | None
| |
− | | |
− | | |
− | Other deployer impact
| |
− | ---------------------
| |
− | | |
− | None
| |
− | | |
− | | |
− | Developer impact
| |
− | ----------------
| |
− | | |
− | It can refer to https://review.openstack.org/#/c/86118/
| |
− | | |
− | Implementation
| |
− | ==============
| |
− | | |
− | Assignee(s)
| |
− | -----------
| |
− | | |
− | Primary assignee:
| |
− | <Jing Yuan>
| |
− | | |
− | | |
− | Work Items
| |
− | ----------
| |
− | Step 1:
| |
− | | |
− | | |
− | Dependencies
| |
− | ============ | |
− | | |
− | None
| |
− | | |
− | | |
− | Testing
| |
− | =======
| |
− | | |
− | It is necessary to add tempest for this new function.
| |
− | | |
− | | |
− | Documentation Impact
| |
− | ====================
| |
− | | |
− | It is necessary to add doc for how to use this new function.
| |
− | | |
− | | |
− | References
| |
− | ==========
| |
− | | |
− | None
| |
− | | |
− | | |
− | ..
| |
− | This work is licensed under a Creative Commons Attribution 3.0 Unported
| |
− | License.
| |
− | | |
− | http://creativecommons.org/licenses/by/3.0/legalcode
| |
− | | |
− | =================================
| |
− | Support passthrough of USB device
| |
− | =================================
| |
− | | |
− | We provide VDI(Virtual Desktop) and server virtualization solutions for customers,
| |
− | our customers have strong requirements for using USB devices.
| |
− | | |
− | The typical use cases and our solutions are described as below:
| |
− | 1.In VDI solution, customers want to use local USB printers or USB scanners with
| |
− | TC(Thin-Client), because remote desktop protocol like ICA have already support
| |
− | USB-redirection, so customers only need to attach USB device to TC, the protocol
| |
− | can map USB device to VM.
| |
− | | |
− | 2. In virtualization solution, when starting or restarting some business-critical
| |
− | applications, a connected USB-KEY is needed for authentication, some applications
| |
− | even need a daily authentication by USB-KEY. we suggest the following solutions:
| |
− | (1) Using physical 'USB-HUB' box and technology of USB-redirection over TCP/IP.
| |
− | Customers need to buy USB-HUB and install software in guest os, the software helps
| |
− | redirecting USB device to VM.
| |
− | | |
− | (2) Using USB-Passthrough functions provided by our virtualization software.
| |
− | The end users(normally application or system administrators) insert USB devices
| |
− | to host that containing the VM, then can see USB device list in portal and choose
| |
− | USB device to attach.
| |
− | | |
− | This solution has advantages that
| |
− | | |
− | 1. It doesn't need additional physical devices.
| |
− | | |
− | 2. It doesn't need a special server to run spice client for USB-Redirection.
| |
− | | |
− | 3. Business-critical applications commonly need stable and long-standing USB-KEY
| |
− | to attach, USB-Passthrough maybe more stable than USB-Redirection over TCP/IP or
| |
− | remote desktop protocol.
| |
− | | |
− | As described above, I think USB-Passthrough is valuable in Openstack.
| |
− | | |
− | This BP is focus on how to provide USB-Passthrough function in Openstack.
| |
− | | |
− | | |
− | Problem description
| |
− | ===================
| |
− | | |
− | Use cases:
| |
− | | |
− | In private cloud, a end user wants to create a VM to run ERP software which needs
| |
− | a USB-KEY for authentication, he proposes request to system administrator, they
| |
− | perform the following steps:
| |
− | | |
− | 1. The administrator goes to the machine room and chooses a host to insert USB-KEY
| |
− | to.
| |
− | | |
− | 2. The administrator adds some configuration(like white-list with USB-KEY's product
| |
− | and vendor information) to nova-compute, restart nova-compute to trigger it to
| |
− | discovery new devices and save them to DB.
| |
− | | |
− | 3. The administrator queries USB-KEY information from API or portal
| |
− | | |
− | 4. The administrator creates a flavor with USB-KEY information queried by above.
| |
− | | |
− | 5. The end user creates a VM with above flavor, the system chooses the host which
| |
− | contains the USB-KEY to run VM and attach USB-KEY to it.
| |
− | | |
− | Proposed change
| |
− | =============== | |
− | | |
− | The idea of how to implement this function can reference to pci-passthrough.
| |
− | | |
− | We should add the following functions to nova:
| |
− | | |
− | 1. Nova should support to auto-discover usb devices and save them in DB.
| |
− | | |
− | 2. Nova should support to create a flavor which contains usb device information.
| |
− | | |
− | 3. Nova should support to create VM with a flavor which contains usb device
| |
− | information.
| |
− | | |
− | Alternatives
| |
− | ------------
| |
− | | |
− | None
| |
− | | |
− | Data model impact
| |
− | -----------------
| |
− | | |
− | The idea of how to implement this function can reference to pci-passthrough.
| |
− | | |
− | 1. In libvirt driver layer, add function to discover USB devices. A white-list
| |
− | maybe needed here to filter proper devices.
| |
− | | |
− | 2. In DB layer, (1) add a new table 'usb_devices' to store USB device information.
| |
− | (2) add a key-value pair to instance_system_metadata table to store USB device
| |
− | information which have been assigned to the VM.
| |
− | | |
− | tag
| |
− | The definition of usb_devices:
| |
− | +-----------------+--------------+------+-----+---------+----------------+
| |
− | | Field | Type | Null | Key | Default | Extra |
| |
− | +-----------------+--------------+------+-----+---------+----------------+
| |
− | | created_at | datetime | YES | | NULL | |
| |
− | | updated_at | datetime | YES | | NULL | |
| |
− | | deleted_at | datetime | YES | | NULL | |
| |
− | | deleted | int(11) | NO | | NULL | |
| |
− | | id | int(11) | NO | PRI | NULL | auto_increment |
| |
− | | compute_node_id | int(11) | NO | MUL | NULL | |
| |
− | | address | varchar(12) | NO | | NULL | |
| |
− | | product_id | varchar(4) | YES | | NULL | |
| |
− | | vendor_id | varchar(4) | YES | | NULL | |
| |
− | | bus_id | int(10) | YES | | NULL | |
| |
− | | device_id | int(10) | YES | | NULL | |
| |
− | | port_id | int(10) | YES | | NULL | |
| |
− | | status | varchar(36) | NO | | NULL | |
| |
− | | extra_info | text | YES | | NULL | |
| |
− | | instance_uuid | varchar(36) | YES | MUL | NULL | |
| |
− | +-----------------+--------------+------+-----+---------+----------------+
| |
− | | |
− | 3. In scheduler layer, add a filter to find host which contains the usb devices.
| |
− | | |
− | tag
| |
− | 4. The schema of flavor which contains USB device information may like this:
| |
− | {"usb_devices":[{"id": 5}]}
| |
− | | |
− | | |
− | REST API impact
| |
− | ---------------
| |
− | | |
− | tag
| |
− | * API for query USB device information of a hypervisor
| |
− | V2 API specification:
| |
− | GET v2/{tenant_id}/os-hypervisors/{hypervisor_hostname}
| |
− | V3 API specification:
| |
− | GET v3/os-hypervisors/{hypervisor_hostname}
| |
− | | |
− | The response JSON contains the variable "usb_device_stats"
| |
− | {"hypervisor":
| |
− | {"usb_device_stats":
| |
− | [
| |
− | {
| |
− | "id": 1,
| |
− | "compute_node_id": 1,
| |
− | "address": "usb_2_3",
| |
− | "product_id": "1520",
| |
− | "vendor_id": "8086",
| |
− | "bus_id": "2",
| |
− | "device_id": "3",
| |
− | "port_id": "",
| |
− | "status":"available",
| |
− | "extra_info": ""
| |
− | "instance_uuid":""
| |
− | }
| |
− | ]
| |
− | }
| |
− | }
| |
− | | |
− | Security impact
| |
− | --------------- | |
− | | |
− | None
| |
− | | |
− | Notifications impact
| |
− | --------------------
| |
− | | |
− | None
| |
− | | |
− | Other end user impact
| |
− | ---------------------
| |
− | | |
− | This new function may have restrictions and have impaction on other functions,
| |
− | I recognise the followings:
| |
− | | |
− | tag
| |
− | 1. A VM with USB device doesn't support to do migration(live-migration, with shared
| |
− | storage or not).
| |
− | | |
− | 2. When detach/re-attach USB device from/to host or restart host, the physical
| |
− | identifier of USB device may change, then VM can not use USB device. To start VM
| |
− | with wrong bus id may fail too. If this happen ser can detach wrong USB device,
| |
− | re-attach the new USB device
| |
− | | |
− | 3. When delete a VM with USB device, system should detach USB device from VM and
| |
− | update USB device information.
| |
− | | |
− | 4. Currently we plan to provide this function in KVM environment but not consider
| |
− | too much for xen.
| |
− | | |
− | | |
− | Performance Impact
| |
− | ------------------
| |
− | | |
− | None
| |
− | | |
− | | |
− | Other deployer impact
| |
− | ---------------------
| |
− | | |
− | None
| |
− | | |
− | | |
− | Developer impact
| |
− | ----------------
| |
− | | |
− | tag
| |
− | | |
− | How to distinguish USB device is important because user wants to specify
| |
− | which USB device to which VM.
| |
− | | |
− | I consider this issue as follows:
| |
− | | |
− | 1. The key information of USB device which are supported by libvirt are
| |
− | vendor id, product id, bus and device. Bellow is a example:
| |
− | | |
− | <hostdev mode='subsystem' type='usb'>
| |
− | <source>
| |
− | <vendor id='0x136b'/>
| |
− | <product id='0x0003'/>
| |
− | <address bus='2' device='3'/>
| |
− | </source>
| |
− | </hostdev>
| |
− | | |
− | Different USB devices may have the same vendor id and product id, so they are not
| |
− | appropriate for distinguish devices.
| |
− | | |
− | The bus+device maybe a good choice to distinguish devices, but device id may
| |
− | change every time detach/reattach USB device from/to host.
| |
− | | |
− | The 'port id' by which USB device attach to physical USB controller can keep
| |
− | constant but libvirt doesn't support it by now.
| |
− | | |
− | So I think bus+device maybe the best choice by now. Once 'port id' changes, USB
| |
− | device will been recognized as new device, user can re-attach the new device.
| |
− | | |
− | 2. Add usb_white_list and usb_white_list_switch parameters to nova-compute
| |
− | configuration file.
| |
− | | |
− | The usb_white_list_switch is used to control if open white-list function and the
| |
− | default value is "off".
| |
− | | |
− | The usb_white_list is used to provide more specific control. The schema may like:
| |
− | usb_passthrough_whitelist = [{"product": "0x0003", "vendor": "0x136b", "bus": "2",
| |
− | "device": "2"}]
| |
− | | |
− | Implementation
| |
− | ==============
| |
− | | |
− | Assignee(s)
| |
− | -----------
| |
− | | |
− | Primary assignee:
| |
− | <Jing Yuan>
| |
− | | |
− | | |
− | Work Items
| |
− | ----------
| |
− | Step 1: Implement function of discover usb device in libvirt driver.
| |
− | | |
− | Step 2: Implement function of periodically update USB device information from
| |
− | nova-compute to DB.
| |
− | | |
− | Step 3: Implement function of create VM with USB device.
| |
− | | |
− | Step 4: Make changes to other functions which are affected by this new function.
| |
− | | |
− | Dependencies
| |
− | ============
| |
− | | |
− | None
| |
− | | |
− | | |
− | Testing
| |
− | =======
| |
− | | |
− | It is necessary to add tempest for this new function.
| |
− | | |
− | | |
− | Documentation Impact
| |
− | ====================
| |
− | | |
− | It is necessary to add doc for how to use this new function.
| |
− | | |
− | | |
− | References
| |
− | ==========
| |
− | | |
− | None
| |
(1)selinux common-install.ks.in selinux --disabled
(2)recipe/Make.am
printf "repo --name=fedora20 --baseurl=http://186.100.8.148/repo/fedora/releases/$(FEDORA)/Everything/${ARCH}/os\n" > repos.ks ;\
printf "repo --name=ovirt-node --baseurl=file:///root/rpmbuild/RPMS/noarch\n" >> repos.ks ;\
printf "repo --name=kimchi --baseurl=file:///home/kimchi/kimchi-master/rpm/RPMS/x86_64\n" >> repos.ks ;\