search

ganeti / ganeti

Ganeti is a virtual machine cluster management tool built on top of existing virtualization technologies such as Xen or KVM and other open source software.
http://www.ganeti.org
BSD 2-Clause "Simplified" License
512 stars 111 forks source link

Move away from i440fx as the default machine model on x86 #1388

Open apoikos opened 5 years ago

apoikos commented 5 years ago

Most of our KVM hypervisor is designed around QEMU's default machine model, i440fx, which emulates a Pentium Pro class system with a [https://en.wikipedia.org/wiki/Intel_440FX](440FX northbridge) and a PIIX3 southbridge. This system has a single 32-slot PCI host bus, an ISA bridge and a couple of IDE buses. The IDE and ISA buses are of little use today; the limited space available on the PCI bus has implications on the hotplugging system, which unfortunately cannot be amended using additional PCI-to-PCI bridges (which do not support hotplugging).

Apart from i440fx, QEMU also emulates q35, an ICH9-class system with native PCIe support. PCIe is more flexible than PCI, offering the ability to add as many root ports as we like, with proper hotplugging support throughout the board. We should look into using Q35 as the base model, or build our own model starting with -M none and then adding devices as needed.

pboguslawski commented 5 months ago

Tried to create VM with -machine q35,smm=on in Debian 11 (ganeti 3.0.2-1~deb11u1) to test secure booting:

# gnt-instance add [...] --hypervisor-parameters kvm:machine_version='q35\,smm=on' [...] myvm.mydomain
[...]
Failure: command execution error:
Hypervisor parameter validation failed on node mynode.mydomain: Unsupported machine version: q35,smm=on

Tried to create VM with just -machine q35 in the same environment:

# gnt-instance [...] --hypervisor-parameters kvm:machine_version='q35' [...] myvm.mydomain

# gnt-instance start myvm.mydomain
Waiting for job 123 for myvm.mydomain ...
Job 123 for myvm.mydomain has failed: Failure: command execution error:
Could not start instance 'myvm.mydomain': Hypervisor error: Failed to start instance myvm.mydomain: exited with exit code 1 ()

# cat /var/log/ganeti/kvm/myvm.mydomain.log
kvm: -device virtio-net-pci,id=nic-44444444-5555-2222,bus=pci.0,addr=0xd,netdev=nic-44444444-5555-2222,mac=12:12:12:11:11:11: Bus 'pci.0' not found

Would be nice to have q35 with machine properties supported in ganeti (i.e. for guest secure booting).

lbteoth commented 2 weeks ago

In RHEL 8 the pc-i440fx machine type has been deprecated. See https://bugzilla.redhat.com/show_bug.cgi?id=1946898

The q35 machine type works with Ganeti, if the _PCI_BUS variable in lib/hypervisor/hv_kvm/kvm_runtime.py:42 is changed from pci.0 to pcie.0.

alfonso-escribano commented 2 weeks ago

Instead changing _PCI_BUS variable, you can use a pcie to pci bridge as default in ganeti, if you only change that variable, hotplug doesn't work properly. An example of using q35 with ganeti as a dafault for a cluster with anhother modifications to have a q35 machine similar to libvirt definition:

# gnt-cluster modify -H kvm:machine_version="q35",kvm_extra="-enable-kvm\ -global isa-fdc.fdtypeA=none\ \
-device qxl-vga\,id=video0\,ram_size=67108864\,vram_size=67108864\,vram64_size_mb=0\,vgamem_mb=16 \
\,max_outputs=1\,bus=pcie.0\ -device pcie-pci-bridge\,id=pcie_pci_bridge1\,bus=pcie.0\ -device pci-  \
bridge\,id=pci.0\,bus=pcie_pci_bridge1\,chassis_nr=1\ -global ICH9-LPC\.disable_s3=1\ \
-global ICH9- LPC\.disable_s4=1\ -machine usb=off\ \
-object rng-random\,id=objrng0\,filename=/dev/urandom\ \
-device virtio-rng-pci\,rng=objrng0\,id=rng0\,bus=pcie.0 -boot menu=on"

You can see pcie specifications of qemu for q35 here: https://github.com/qemu/qemu/blob/master/docs/pcie.txt https://wiki.qemu.org/images/4/4e/Q35.pdf

If you use that default definition, you don't need any pci_reservation for qemu in ganeti, due to qemu uses pcie bus for its devices