hypervisor: add hot plugging support for Qemu Q35

[devimc]

Qemu Q35 machine type does not support to hot plug devices
directly on pcie.0, hence we have to find a way to allow users
hot plug N devices.
The only way to hot plug devices in Qemu Q35 is through PCI brdiges.
Each PCI bridge is able to support until 32 devices, therefore we have a
limitation in the amount of devices we can hot plug.
This patch adds support for hot plugging devices on PCI bridges in
pc and q35 machine types.

Signed-off-by: Julio Montes julio.montes@intel.com

[devimc]

@mcastelino @amshinde can you please review it ?

[jodh-intel]

• Where does this limit come from?
• Is there any way to avoid hard-coding this?

[devimc]

Where does this limit come from?

Qemu's documentation is not very good, I found this [1], but I'm not able to hot plug 32 devices,
I guess because of SHPC is enabled.

Is there any way to avoid hard-coding this?

I don't think so

[1] https://github.com/qemu/qemu/blob/master/docs/pcie.txt#L76

[grahamwhaley]

Having a peek at: https://en.wikipedia.org/wiki/PCI_configuration_space
looks like the per-bus device space is defined by a 5-bit field.
Maybe 0 and 0x1F are reserved - leaving 30 ? Just a guess. We could add a note saying this is part of the PCI spec I guess etc.

[jodh-intel]

typo: "address".

[jodh-intel]

Am I missing something? This function and hotplugRemovePCIDevice() don't seem to be used?

[devimc]

ouch!, sorry I forgot to push some patches

[devimc]

PR updated, thanks

[mcastelino]

@devimc this function says hotplugAddPCIDevice. But this seems to be a specific implementation for a disk.

[sboeuf]

Please fix errors in your commit message:

hotplug: Implement Bridge structure

Bridge represents a PCI or PCIE bridge and can be used
to hot plug PCI devices for pc and q35 machine types.

Signed-off-by: Julio Montes <julio.montes@intel.com>

[devimc]

fixed, thanks

[sboeuf]

The title of the commit message is still wrong.

[devimc]

ahh ok s/Implements/Implement/
done, thanks

[sboeuf]

I am not sure this is the right way to implement it inside virtcontainers. This should be called from the hypervisor implementation since different hypervisors might handle this in a different way.

[sboeuf]

@devimc you have not taken this comment into account.

[sboeuf]

Ditto

[devimc]

why Ditto [1]?

[1] https://bulbapedia.bulbagarden.net/wiki/Ditto_(Pok%C3%A9mon) 😄

[sboeuf]

This should be an hypervisor resource IMO.

[devimc]

I think a bridge is also a resource, same as memory and CPU

[mcastelino]

@sboeuf what do you mean by hypervisor resource. This is a VM/podlevel resource as @devimc indicates.

[devimc]

@sboeuf @jodh-intel changes applied

[sboeuf]

That's exactly what I am pointing in a previous commit as not the right way to proceed. hotplugAddPCIDevice() should be called from the hypervisor implementation (no need for h as parameter in that case), and we should not modify the call here. Hypervisor implementation should be able to detect if it needs to hotplug a PCI device or not I think.

[devimc]

we need to save PCI bridges in the pod state, because of before trying to hot plug any device, we must know what slots are available, is the hypervisor structure saved in the pod state?

[sboeuf]

@devimc currently, we don't save any data related to hypervisor in a state file (relates to run-time which is different from config files storing the Hypervisor config). But I think that if you need to store some informations so that you can reuse them across different containers, you should maybe create a new state file for the hypervisor.
Before you do that, I'd like to make sure I understand properly what you need.

[mcastelino]

@sboeuf do we store the POD state somewhere? also where do we store details about the devices attached to the PODs and containers.

[amshinde]

You are updating drive here. Wouldn't you require to pass pointer to the drive for the update?

[amshinde]

You are reusing the pci slot here, have you checked if the predicted drive name you get is correct after doing this.
You may have to change the logic to predict names based on the pci slot address, rather than index at which the drive is attached on the main bus that is being done currently. I had avoided it earlier, due to the differences in addresses that are available on pci and pcie bus. But now that we are using bridges with explicit pci addresses, we may need to revisit predicting the drive names.

[mcastelino]

@amshinde that is a good idea. This will ensure we are fully OS independent.

[mcastelino]

@devimc this function says hotplugAddPCIDevice. But this seems to be a specific implementation for a disk.

[mcastelino]

@sboeuf what do you mean by hypervisor resource. This is a VM/podlevel resource as @devimc indicates.

[mcastelino]

@devimc does it make sense to store the chassis id in the bridge structure for tracking. If not it becomes implicit.

[devimc]

I think it is not needed, we already have an ID to identify the bridge

[mcastelino]

Best to make this function specific PCIBlockDeviceAdd or make it truly generic. Right now the function name does not match the implementation

[mcastelino]

Can we also add the chassis information here.

[mcastelino]

@amshinde that is a good idea. This will ensure we are fully OS independent.

[mcastelino]

@sboeuf do we store the POD state somewhere? also where do we store details about the devices attached to the PODs and containers.

[devimc]

@mcastelino @amshinde @sboeuf I did some changes in order to handle Sebastien's comments,
now:

• hypervisor is who plug and unplug devices
• hypervisor updates the bridges and its addresses
• All bridges are part of the hypervisor state
• hypervisor state is part of pod state

could you please re-review it? thanks

[sboeuf]

@devimc thanks for the update, I am gonna take a look

[sboeuf]

Still some changes, and I am sorry but I need to think about the best way to get this information stored for the bridges.
BTW, could you rebase your PR on latest master, and merge some of your commits. It would help to understand better. Having too many commits makes it complicated IMO. One commit per feature is usually a good thing.

[sboeuf]

Correct me if I am wrong but no need for a very specific uint32 type here since that's only an index, right ?
uint should be okay. But on the other hand, if you really think about saving space, then you might want to go with uint8 which is gonna be enough for 30 possible entries.

[devimc]

pcie has more capacity, for this reason I'd like to keep uint32

[sboeuf]

Once again, if we really want to limit the memory, then let's use uint8.

[sboeuf]

It's more a key than an address.

[sboeuf]

It's more a key than an address. Let's call it key.

[sboeuf]

s/Bridges/bridges/

[sboeuf]

s/bridges/Bridges/

[sboeuf]

I think you can remove this commit. There is no point in using c.pod.hypervisor instead of the provided hypervisor.

[sboeuf]

Again, I don't see the point with this, hypervisor object is provided, it is better to use this than c.pod.hypervisor.

[sboeuf]

You cannot do that unfortunately... The thing here is that you want to store this information through a file on the host filesystem. If you store a list of pointers, then when another instance of cc-runtime will read this file, those pointers will certainly not contain the data you expect.
You need a list of real objects

type HypervisorState struct {
        Bridges []Bridge
}

[sboeuf]

This is not the way we have implemented the state files on virtcontainers. Let me think about it, I'll try to come up with a clean solution for this storage purpose (now that I am clear about what we expect).
@amshinde please take a look and give some inputs about this too.

[sboeuf]

@devimc I have discussed with @amshinde about the options we have to implement the storage of this list of bridges. I know what we want to store is at a Pod level (because it depends on the VM), but I don't want to store this through the pod state since this is very specific to the hypervisor implementation. Indeed, let's take the exemple of Xen hypervisor, and let's say we want to hotplug a new device. In case Xen does not need a bridge because the hotplug works as expected, we don't want to update the Pod state for nothing. What we need is to let every hypervisor implementation decide if they want to store something into hypervisor.json and what they want to store.

In our case this means several changes, let me try to summarize this:

1. Update Qemu structure

type qemu struct {
        pod *Pod
        ...
        bridges []Bridges
}

2. Update hypervisor interface
Change this:

type hypervisor interface {
        init(config HypervisorConfig) error
        ...
}

to that:

type hypervisor interface {
        init(pod *Pod) error
        ...
}

The explanation is that we need the pod to be stored inside qemu structure so that we can access storage anytime we want from the qemu implementation. Xen implementation would do nothing with this pod actually since it would not need to store anything.
This pod handler is also going to be used to retrieve the HypervisorConfig through pod.config.HypervisorConfig.

Of course, you're gonna have to update the mock implementation, but that's nothing.

3. Modify doFetchPod() sequence
Change this:

func doFetchPod(podConfig PodConfig) (*Pod, error) {
	...
	if err := hypervisor.init(podConfig.HypervisorConfig); err != nil {
		return nil, err
	}
	...
	p := &Pod{
		id:              podConfig.ID,
		hypervisor:      hypervisor,
		...
	}
        ...

to that:

func doFetchPod(podConfig PodConfig) (*Pod, error) {
	...
	p := &Pod{
		id:              podConfig.ID,
		hypervisor:      hypervisor,
		...
	}

        if err := hypervisor.init(pod); err != nil {
		return nil, err
	}
        ...

We need this, otherwise we cannot provide the pod to the hypervisor.init().

4. Create a new hypervisor.json file
For this one, follow what we have inside filesystem.go and duplicate what is needed for creating a hypervisorFileType.

5. Fetch hypervisor info

func (q *qemu) init(pod *Pod) error {
        q.pod = pod
        ...
        // Fetch the hypervisor.json if it exists and assign q.bridges with what we read.
}

Every time the hypervisor is gonna be created from doFetchPod(), the call to hypervisor.init() will fetch the info from the storage in the specific case of Qemu. Also, we save the pod handler to be able to reuse it later for storage purpose.

6. Store hypervisor info
Both createPod(), hotplugAddDevice() and hotplugRemoveDevice() are gonna be responsible for updating the storage since they will modify the list of bridges.

@devimc I am trying to think of everything here, but I might have forgotten some details. @amshinde, @sameo please let me know what you think about this proposal and let me know if something is missing.

[devimc]

@sboeuf your proposal is good and feasible

[amshinde]

@sboeuf you have captured almost everything that we discussed. Another point to note, we should consider storing the hypervisor.json at the end of a container lifecycle event vs having it done immediately after a device is added.

[sboeuf]

@amshinde oh yes you're right, and this should come as a second step (as an improvement).

[sboeuf]

@devimc I am glad that's clear :)

[devimc]

@sboeuf just one question, if hypervisor.json is hypervisor specific then filesystem fetch method should return []byte and store should receive interface{}, right?
because filesystem doesn't know how to unmarshall the data

[sboeuf]

@devimc oh yeah let me clarify this. So basically I think you'll have the fetch method returning an interface{} and the store method receiving an interface{}. And from qemu implementation, you will provide QemuState (make sure the struct and all its fields are public otherwise marshalling won't work) through the interface{} parameter (that's for the store() and it should be straightforward). For the fetch(), you will receive an interface{} that you're going to cast into the expected structure from every hypervisor implementation that needs to retrieve hypervisor.json.
Is that clearer ? Don't hesitate if you still have questions ;)

[devimc]

@sboeuf changes applied

[sboeuf]

@devimc thanks, I am going to review this !

[sboeuf]

@devimc few comments but this is getting better :)

[sboeuf]

This is not needed. There is no point in creating this type since we know that what comes out of marshalling is always an array of bytes.

[sboeuf]

This must be an exported structure, otherwise the JSON marshalling won't work.

[sboeuf]

No need for this cast here, we can simplify this function like this:

func (fs *filesystem) fetchHypervisorState(podID string, state interface{}) error {
        data, err := fs.fetchResource(true, podID, "", hypervisorFileType)
	if err != nil {
		return err
	}

        if err = json.Unmarshal(data, state); err != nil {
                return err
        }

        return nil
}

data being a simple []byte type.

[devimc]

I'll cast data to []byte, if not, I get this error

# github.com/containers/virtcontainers
./filesystem.go:735:25: cannot use data (type interface {}) as type []byte in argument to json.Unmarshal: need type assertion
Makefile:27: recipe for target 'build' failed
make: *** [build] Error 2

func (fs *filesystem) fetchHypervisorState(podID string, state interface{}) error {
        data, err := fs.fetchResource(true, podID, "", hypervisorFileType)
	if err != nil {
		return err
	}

        if err = json.Unmarshal(data.([]byte), state); err != nil {
                return err
        }

        return nil
}

[sboeuf]

@devimc you're right but there is an underlying problem here and it's not related to your PR, but to the way the storage (and the fetch specifically) is implemented in virtcontainers.
I have submitted #472 in order to make this more flexible and it should solve your issues. I am waiting for @sameo to review this PR and hopefully this will get merged soon.

[sboeuf]

#472 and #477 have been merged! You can rebase your PR on top of it, and simplify the storage part :)

[sboeuf]

This can be improved later (moving this to container.go where we actually add the devices), but that's fine for now.

[sboeuf]

Ditto.

[sboeuf]

One comment, but everything else looks fine

[sboeuf]

This is perfect, but look at commonResourceChecks(), you have to update the list of known file type.

[devimc]

change applied, thanks

[sboeuf]

LGTM