Re: [Qemu-devel] [PATCH RFC 00/14] vhost-user: shutdown and reconnection

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Tetsuya Mukawa <mukawa@igel.co.jp>
To: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Cc: "Marc-André Lureau" <marcandre.lureau@gmail.com>,
	QEMU <qemu-devel@nongnu.org>,
	"Michael S. Tsirkin" <mst@redhat.com>
Subject: Re: [Qemu-devel] [PATCH RFC 00/14] vhost-user: shutdown and reconnection
Date: Mon, 28 Mar 2016 11:06:19 +0900	[thread overview]
Message-ID: <56F8919B.6050405@igel.co.jp> (raw)
In-Reply-To: <56F88E87.2030704@igel.co.jp>

On 2016/03/28 10:53, Tetsuya Mukawa wrote:
> On 2016/03/26 3:00, Marc-André Lureau wrote:
>> Hi
>>
>> On Thu, Mar 24, 2016 at 8:10 AM, Yuanhan Liu
>> <yuanhan.liu@linux.intel.com> wrote:
>>>>> The following series starts from the idea that the slave can request a
>>>>> "managed" shutdown instead and later recover (I guess the use case for
>>>>> this is to allow for example to update static dispatching/filter rules
>>>>> etc)
>>> What if the backend crashes, that no such request will be sent? And
>>> I'm wondering why this request is needed, as we are able to detect
>>> the disconnect now (with your patches).
>> I don't think trying to handle backend crashes is really a thing we
>> need to take care of. If the backend is bad enough to crash, it may as
>> well corrupt the guest memory (mst: my understanding of vhost-user is
>> that backend must be trusted, or it could just throw garbage in the
>> queue descriptors with surprising consequences or elsewhere in the
>> guest memory actually, right?).
>>
>>> BTW, you meant to let QEMU as the server and the backend as the client
>>> here, right? Honestly, that's what we've thought of, too, in the first
>>> time.
>>> However, I'm wondering could we still go with the QEMU as the client
>>> and the backend as the server (the default and the only way DPDK
>>> supports), and let QEMU to try to reconnect when the backend crashes
>>> and restarts. In such case, we need enable the "reconnect" option
>>> for vhost-user, and once I have done that, it basically works in my
>>> test:
>>>
>> Conceptually, I think if we allow the backend to disconnect, it makes
>> sense that qemu is actually the socket server. But it doesn't matter
>> much, it's simple to teach qemu to reconnect a timer... So we should
>> probably allow both cases anyway.
>>
>>> - start DPDK vhost-switch example
>>>
>>> - start QEMU, which will connect to DPDK vhost-user
>>>
>>>   link is good now.
>>>
>>> - kill DPDK vhost-switch
>>>
>>>   link is broken at this stage
>>>
>>> - start DPDK vhost-switch again
>>>
>>>   you will find that the link is back again.
>>>
>>>
>>> Will that makes sense to you? If so, we may need do nothing (or just
>>> very few) changes at all to DPDK to get the reconnect work.
>> The main issue with handling crashes (gone at any time) is that the
>> backend my not have time to sync the used idx (at the least). It may
>> already have processed incoming packets, so on reconnect, it may
>> duplicate the receiving/dispatching work. Similarly, on the backend
>> receiving end, some packets may be lost, never received by the VM, and
>> later overwritten by the backend after reconnect (for the same used
>> idx update reason). This may not be a big deal for unreliable
>> protocols, but I am not familiar enough with network usage to know if
>> that's fine in all cases. It may be fine for some packets, such as
>> udp.
>>
>> However, in general, vhost-user should not be specific to network
>> transmission, and it would be nice to have a reliable way for the the
>> backend to reconnect. That's what I try to do in this series. I'll
>> repost it after I have done more testing.
>>
>> thanks
>>
> Hi Yuanhan,
>
> Probably, we have 2 options here.
> One is using DEVICE_NEEDS_RESET, or adding one more new status like
> QUEUE_NEEDS_RESET to virtio specification.
> In this case, we will need to fix virtio-net drivers and virtio-net
> device of QEMU, so it might need to fix a lot of code, but we can handle
> unexpected shutdown of vhost-user backend.
> The other option is Marc's simple solution. In this case, we don't need
> to change virtio-net drivers, but we cannot handle unexpected shutdown.

Let me add a bit.
Actually we can use both options at the same.
For example, only when vhost-user backend closes unexpectedly, use
DEVICE_NEEDS_RESET status.
So probably it's nice to start merging Marc's patches first.

Anyway, if we want to handle unexpected shutdown properly , we may need
to use a kind of DEVICE_NEEDS_RESET status.

Tetsuya

> Thanks,
> Tetsuya
>
>
>

next prev parent reply	other threads:[~2016-03-28  2:06 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-09-08 23:09 [Qemu-devel] [PATCH RFC 00/14] vhost-user: shutdown and reconnection marcandre.lureau
2015-09-08 23:09 ` [Qemu-devel] [PATCH RFC 01/14] vhost-user: Add ability to know vhost-user backend disconnection marcandre.lureau
2015-09-08 23:09 ` [Qemu-devel] [PATCH RFC 02/14] vhost-user: remove useless is_server field marcandre.lureau
2015-09-08 23:09 ` [Qemu-devel] [PATCH RFC 03/14] qemu-char: avoid potential double-free marcandre.lureau
2015-09-08 23:09 ` [Qemu-devel] [PATCH RFC 04/14] qemu-char: remove all msgfds on disconnect marcandre.lureau
2015-09-08 23:09 ` [Qemu-devel] [PATCH RFC 05/14] qemu-char: make tcp_chr_disconnect() reentrant-safe marcandre.lureau
2015-09-08 23:09 ` [Qemu-devel] [PATCH RFC 06/14] vhost-net: keep VIRTIO_NET_F_STATUS for vhost-user marcandre.lureau
2015-09-08 23:09 ` [Qemu-devel] [PATCH RFC 07/14] virtio-net: enable tx notification if up and vhost started marcandre.lureau
2015-09-08 23:10 ` [Qemu-devel] [PATCH RFC 08/14] vhost: add vhost_dev stop callback marcandre.lureau
2015-09-08 23:10 ` [Qemu-devel] [PATCH RFC 09/14] vhost-user: add vhost_user to hold the chr marcandre.lureau
2015-09-08 23:10 ` [Qemu-devel] [PATCH RFC 10/14] qemu-char: add qemu_chr_free() marcandre.lureau
2015-09-08 23:10 ` [Qemu-devel] [PATCH RFC 11/14] vhost-user: add slave-fd support marcandre.lureau
2015-09-08 23:10 ` [Qemu-devel] [PATCH RFC 12/14] vhost-user: add shutdown support marcandre.lureau
2015-09-08 23:10 ` [Qemu-devel] [PATCH RFC 13/14] qemu-char: Add qemu_chr_disconnect to close a fd accepted by listen fd marcandre.lureau
2015-09-08 23:10 ` [Qemu-devel] [PATCH RFC 14/14] test: start vhost-user reconnect test marcandre.lureau
2015-11-26 10:33 ` [Qemu-devel] [PATCH RFC 00/14] vhost-user: shutdown and reconnection Michael S. Tsirkin
2016-02-23 18:00   ` Marc-André Lureau
2016-03-02  6:44     ` Michael S. Tsirkin
2016-03-24  7:10   ` Yuanhan Liu
2016-03-25 18:00     ` Marc-André Lureau
2016-03-28  1:53       ` Tetsuya Mukawa
2016-03-28  2:06         ` Tetsuya Mukawa [this message]
2016-03-29  8:10       ` Yuanhan Liu
2016-03-29 10:52         ` Marc-André Lureau
2016-03-29 14:28           ` Yuanhan Liu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=56F8919B.6050405@igel.co.jp \
    --to=mukawa@igel.co.jp \
    --cc=marcandre.lureau@gmail.com \
    --cc=mst@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=yuanhan.liu@linux.intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.