HELP:) vif-common.sh call on xm shutdown / xm destroy

HELP:) vif-common.sh call on xm shutdown / xm destroy

[Sébastien RICCIO]

Dear list,

I'm currently modifying the vif-common.sh script in order to be able
to implement custom iptables rules for different guests.

As I can see, when a guest is created with xm create, vif-common.sh is
called with the "online" command. Perfect.

When the guest shutdown itself, vif-common.sh is not called, neither
when I shut down the guest with "xm shutdown" command.

But if I kill the guest with "xm destroy", the vif-common.sh is called
with command "offline".

Is it right that xm shutdown doesn't call vif-common.sh ?

I was expecting it to be executed when a shutdown is issued, in order
to clean the iptables rules for this particular guest.

Any ideas ?

btw: here is my custom vif-common.sh code:

frob_iptable()
{
if [ "$command" == "online" ]
then
   # Adding custom chain
   iptables -N "$vif"
   if [ -e /etc/xen/fw/$vif.rules ]
   then
     source /etc/xen/fw/$vif.rules
   else
     if [ -e /etc/xen/fw/default.rules ]
     then
       source /etc/xen/fw/default.rules
     else
       iptables -A "$vif" -j ACCEPT
     fi
   fi
    # Forwarding the packets to the right chain
   iptables -A FORWARD -m physdev --physdev-in "$vif" "$@" -j "$vif"
  else
   echo "debug" >>/tmp/debug.log
   # Removing the chain forward
   iptables -D FORWARD -m physdev --physdev-in "$vif" "$@" -j "$vif"
   # Flushing the custom chain
   iptables -F "$vif"
   # Removing the custom chain
   iptables -X "$vif"
fi
}




-- 
Sébastien Riccio
SwissCenter / OpenBusiness SA
sr@openbusiness.com
________________________________________________

OpenBusiness S.A.
World Trade Center
Av Gratta-Paille 1-2        Tel: +41 21 641 1010
CH-1000 Lausanne 30         FAX: +41 21 641 1011
Switzerland                  www.openbusiness.ch
__________________________________________________________________________
Disclaimer

This email is confidential and intended solely for the use of the
individual to whom it is addressed. Any views or opinions presented are
solely those of the author and do not necessarily represent those of the
OpenBusiness Group.
If you are not the intended recipient, be advised that you have received
this email in error and that any use, dissemination, forwarding,
printing, or copy-ing of this email is strictly prohibited.

If you have received this email in error please notify the OpenBusiness
help-desk by telephone on +41 21 641 10 10.


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel




-- 
Sébastien Riccio
SwissCenter / OpenBusiness SA
sr@openbusiness.com
________________________________________________

OpenBusiness S.A.
World Trade Center
Av Gratta-Paille 1-2        Tel: +41 21 641 1010
CH-1000 Lausanne 30         FAX: +41 21 641 1011
Switzerland                  www.openbusiness.ch
__________________________________________________________________________
Disclaimer

This email is confidential and intended solely for the use of the
individual to whom it is addressed. Any views or opinions presented are
solely those of the author and do not necessarily represent those of the
OpenBusiness Group.
If you are not the intended recipient, be advised that you have received
this email in error and that any use, dissemination, forwarding,
printing, or copy-ing of this email is strictly prohibited.

If you have received this email in error please notify the OpenBusiness
help-desk by telephone on +41 21 641 10 10.

Re: HELP:) vif-common.sh call on xm shutdown / xm destroy

[Ian Jackson]

Sébastien RICCIO writes ("[Xen-devel] HELP:) vif-common.sh call on xm shutdown / xm destroy"):
> Is it right that xm shutdown doesn't call vif-common.sh ?

shutdown just asks the guest to shut itself down so shouldn't bring
the interfaces down right away.  But I think the script should be
called when the domain indicates that its shutdown is complete,
destroying itself.  It's quite possible that this is buggy ...

Ian.

Re: HELP:) vif-common.sh call on xm shutdown / xm destroy

[Sébastien RICCIO]

Hi Ianm

Yes this is true. It should be called after the shutdown has been
completed, but this doesn't happen., so iptables rules are never
cleaned.

(on_shutdown = 'destroy') in the config files

buggy ?


Ian Jackson a écrit :
> Sébastien RICCIO writes ("[Xen-devel] HELP:) vif-common.sh call on xm shutdown / xm destroy"):
>   
>> Is it right that xm shutdown doesn't call vif-common.sh ?
>>     
>
> shutdown just asks the guest to shut itself down so shouldn't bring
> the interfaces down right away.  But I think the script should be
> called when the domain indicates that its shutdown is complete,
> destroying itself.  It's quite possible that this is buggy ...
>
> Ian.
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel
>
>
>   


-- 
Sébastien Riccio
SwissCenter / OpenBusiness SA
sr@openbusiness.com
________________________________________________

OpenBusiness S.A.
World Trade Center
Av Gratta-Paille 1-2        Tel: +41 21 641 1010
CH-1000 Lausanne 30         FAX: +41 21 641 1011
Switzerland                  www.openbusiness.ch
__________________________________________________________________________
Disclaimer

This email is confidential and intended solely for the use of the
individual to whom it is addressed. Any views or opinions presented are
solely those of the author and do not necessarily represent those of the
OpenBusiness Group.
If you are not the intended recipient, be advised that you have received
this email in error and that any use, dissemination, forwarding,
printing, or copy-ing of this email is strictly prohibited.

If you have received this email in error please notify the OpenBusiness
help-desk by telephone on +41 21 641 10 10.

Re: HELP:) vif-common.sh call on xm shutdown / xm destroy

[Christopher Thunes]

We've also seen this problem and have some more information. Looking 
into it we have found that the udev "offline" event is not being 
triggered by the kernel on paravirtual guest shutdowns. HVM guests seem 
to work just fine though. We can provide udevmonitor output and/or udev 
log output if it would help. Definitely seems like a bug though.

- Chris Thunes

Ian Jackson wrote:
> Sébastien RICCIO writes ("[Xen-devel] HELP:) vif-common.sh call on xm shutdown / xm destroy"):
>> Is it right that xm shutdown doesn't call vif-common.sh ?
> 
> shutdown just asks the guest to shut itself down so shouldn't bring
> the interfaces down right away.  But I think the script should be
> called when the domain indicates that its shutdown is complete,
> destroying itself.  It's quite possible that this is buggy ...
> 
> Ian.
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel