From: Chris <hap10@tycho.ncsc.mil>
To: xen-devel@lists.xensource.com
Subject: [PATCH 0/8] Domain Groups: Introduction
Date: Tue, 20 Feb 2007 14:55:33 -0500 [thread overview]
Message-ID: <45DB5235.6000507@tycho.ncsc.mil> (raw)
This patchset allows the user to define and manage groups of domains.
The patch augments the xm utility with the following commands:
grp-create, grp-shutdown, grp-destroy, grp-reboot, grp-pause,
grp-unpause, grp-save, grp-restore, grp-join, and grp-migrate.
A goal during development of group operations was to match support for
common domain operations: create, shutdown, destroy, reboot, pause,
unpause, save, restore, and migrate. Their group-specific counterparts
do what you would expect, but operate on a group of domains instead of
on a single domain.
Groups are defined using a configuration file (similar to the domain
configuration file) that specifies member domains. Groups have names,
IDs, and UUIDs, much like domains. Group membership is dynamic; running
domains can be moved between groups using the 'xm grp-join' command.
Domains can be a member of one and only one group at any time.
We also made use of the Xen API, so third party developers should find
it feasible to drive group operations without relying solely on the xm
interface.
To achieve grouping functionality we chose to augment both the control
stack and the hypervisor. Augmenting the hypervisor allows, among other
things, integration with a MAC framework (either the proposed XSM
framework or existing the ACM framework), which will produce a powerful
policy mechanism to define access control properties in terms of domain
groups.
Two default groups are defined: Group-0 and the Null-Group. Domain-0
is, by default, the only domain in Group-0. It is our hope that Group-0
will be a useful way to collect and isolate privileged domains,
particularly during the decomposition of domain 0. The Null-Group is
used for domains that have not been explicitly put into a group. Upon
integration with a MAC framework it would be possible to impose rules on
the Null-Group to make it a jail where no two members can communicate;
it should also be equally feasible to make the Null-Group a "don't care"
zone where any inter-domain interactions are allowed.
On the purely practical side, we believe group migration will be an
attractive tool allowing system administrators to move groups of domains
between machines. Live migration is also supported. For usage we
envision, for example, a group of interdependent database, web, and mail
servers, where migrating these domains as a group has obvious
operational advantages. Also, for hosting service providers, it seems
useful to group domains belonging to a specific customer.
Future Work:
1. Currently lacking is support for grp-suspend/grp-resume. Work is
underway on this feature.
2. Operation ordering: it is advantageous to guarantee the order of
group operations. A practical example is to ensure that the group's
database server is always running before and after the group's web server.
Patch Application:
- Patches should apply cleanly to cs 14006
- Apply patches in any order.
----
b/tools/examples/xmexample.grp | 20 +
b/tools/libxc/xc_domain_group.c | 100 +++++++
b/tools/python/xen/xend/XendDomainGroup.py | 345
+++++++++++++++++++++++++
b/tools/python/xen/xend/XendDomainGroupInfo.py | 239 +++++++++++++++++
b/tools/python/xen/xm/group.py | 274 +++++++++++++++++++
b/xen/common/domgrp.c | 317
++++++++++++++++++++++
b/xen/common/domgrpctl.c | 134 +++++++++
b/xen/include/public/domgrpctl.h | 86 ++++++
b/xen/include/xen/domgrp.h | 36 ++
tools/examples/Makefile | 1
tools/libxc/Makefile | 1
tools/libxc/xc_domain.c | 4
tools/libxc/xc_private.h | 31 ++
tools/libxc/xenctrl.h | 31 ++
tools/python/xen/lowlevel/xc/xc.c | 241 +++++++++++++++--
tools/python/xen/xend/XendCheckpoint.py | 49 +++
tools/python/xen/xend/XendClient.py | 1
tools/python/xen/xend/XendConfig.py | 25 +
tools/python/xen/xend/XendConstants.py | 11
tools/python/xen/xend/XendDomain.py | 10
tools/python/xen/xend/XendDomainInfo.py | 26 +
tools/python/xen/xend/XendError.py | 4
tools/python/xen/xend/server/XMLRPCServer.py | 34 ++
tools/python/xen/xm/create.py | 8
tools/python/xen/xm/main.py | 161 +++++++++++
xen/arch/ia64/xen/xensetup.c | 7
xen/arch/powerpc/powerpc64/hypercall_table.S | 1
xen/arch/powerpc/setup.c | 7
xen/arch/x86/setup.c | 7
xen/arch/x86/x86_32/entry.S | 2
xen/arch/x86/x86_64/entry.S | 2
xen/common/Makefile | 2
xen/common/domain.c | 8
xen/common/domctl.c | 11
xen/include/public/domctl.h | 2
xen/include/public/xen.h | 5
xen/include/xen/hypercall.h | 5
xen/include/xen/sched.h | 21 +
38 files changed, 2220 insertions(+), 49 deletions(-)
next reply other threads:[~2007-02-20 19:55 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-02-20 19:55 Chris [this message]
2007-02-20 20:45 ` [PATCH 0/8] Domain Groups: Introduction Daniel P. Berrange
2007-02-20 21:32 ` Chris
2007-02-20 22:56 ` Keir Fraser
2007-02-20 23:01 ` Ian Pratt
2007-02-20 23:23 ` Keir Fraser
2007-02-21 17:17 ` Chris
2007-02-21 17:27 ` Keir Fraser
2007-02-22 20:39 ` Chris
2007-02-22 21:01 ` Keir Fraser
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45DB5235.6000507@tycho.ncsc.mil \
--to=hap10@tycho.ncsc.mil \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.