From mboxrd@z Thu Jan 1 00:00:00 1970 From: Moritz Duge Subject: Re: Having trouble with ballooning Date: Mon, 16 Aug 2010 17:17:12 +0200 Message-ID: <4C695678.9070200@artfiles.de> References: <4C5AA35C.8010502@artfiles.de> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit To: kvm@vger.kernel.org Return-path: Received: from mailout.artfiles.de ([80.252.97.80]:35410 "EHLO mailout.artfiles.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750861Ab0HPPRO (ORCPT ); Mon, 16 Aug 2010 11:17:14 -0400 Received: from [80.252.98.91] auth=md@artfiles.de by mailout.artfiles.de with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) id 1Ol1R2-0003TS-I5 for kvm@vger.kernel.org; Mon, 16 Aug 2010 17:17:12 +0200 In-Reply-To: <4C5AA35C.8010502@artfiles.de> Sender: kvm-owner@vger.kernel.org List-ID: Hi there again, just wanted to ask, why I'm getting no answers? Everyone's busy? Has this already been discussed (I wouldn't actually believe, if I see how Qemu behaves for example in scenario 1)? If you'd like to have more details about the issue or anything else, please contact me! Thanks! Moritz Duge 05.08.2010 13:41 by Moritz Duge: > Hi, > I had some trouble while using the ballooning feature of KVM (using > Ubuntu 10.04 with standard software versions). > > > The first scenario: > 1. Having a guest started by this command: qemu -enable-kvm -m 768 > -balloon virtio -cdrom linux_2.6.34.iso > The guest is running Linux 2.6.34 including the ballooning driver. > 2. Entering "balloon 256" and a few seconds later "info balloon" in > the Qemu monitor. Qemu will report, the guest uses 256mb of memory > now. The guest is reporting the same (using "free" for example). > 3. Entering "change ide1-cd0 linux_2.6.18.iso" to change the guests > CD-ROM to another image, containing a Linux kernel without ballooning > driver. > 4. Rebooting the guest. > 5. After booting the 2.6.18-OS, it will report it has 768mb memory > (using "free). But Qemu monitor will still tell 256, when entering > "info memory". > I know why this happens. But is this a good behaviour? Shouldn't Qemu > tell something like "maybe 256, but there is no more balloon driver in > the guest and maybe it uses the full 768 now"??? > > > The second scenario: > After the first scenario, the guest can also really start using the > additional 512mb of memory (768 - 256)!!! I think this shouldn't > happen or at least there should be an option to allow or deny this. Or > at least least least this should be printed in big letters in the > man-pages or somewhere else where everyone will read it! > Because before I experienced this, I assumed I can be sure the guest > can't get back the memory which was freed using ballooning. So if I > use the memory freed by ballooning for some other qemu-instances and > the first one starts to use those memory again, all Qemu instances > will crash (this is what actually happens in most cases). > What I'm asking for, is a way to force the guest to stay in the memory > I assigned by ballooning. And if the guest tries to use more memory > (maybe because it just unloaded the ballooning driver) the guest > should crash, but the host shouldn't get in any trouble!!! > This can be really annoying. I think a very common use-case for > virtualization is, to run untrusted software or unsecure webservices > in a vm, so the bad software can't do anything to the host or other > VMs on the host. But when using ballooning, the bad software can! It's > no "remote code execution", but the guest can consume a lot of memory > and cause the host or at least the other VMs on the host to crash. > > > The third scenario: > 1. Booting a machine with a guest not having a ballooning driver. > (e.g. qemu -enable-kvm -m 768 -balloon virtio -cdrom linux_2.6.18.iso) > 2. Adjusting the memory by "balloon 512" in the qemu monitor. > 3. Qemu won't report that it couldn't adjust the memory. Instead it > will wait until the guest loads a ballooning driver. Is this a good > behaviour? Shouldn't there be at least a switch in the qemu monitor > for the command "balloon". So if I use the switch when changing the > memory (e.g. "balloon -h 256"), qemu won't try to change the memory > later and it will tell me "error: no ballooning driver found". > > > Thanks for reading and thanks a lot, if there will be a solution for > this, specially for scenario two. > > Greetings > Moritz Duge