From: "Daniel P. Berrange" <berrange@redhat.com>
To: Stefan Hajnoczi <stefanha@redhat.com>
Cc: Jeff Layton <jlayton@redhat.com>,
Matt Benjamin <mbenjami@redhat.com>,
Steven Whitehouse <swhiteho@redhat.com>,
"J. Bruce Fields" <bfields@fieldses.org>,
Chuck Lever <chuck.lever@oracle.com>,
Steve Dickson <SteveD@redhat.com>,
Linux NFS Mailing List <linux-nfs@vger.kernel.org>,
Justin Mitchell <jumitche@redhat.com>
Subject: Re: [PATCH nfs-utils v3 00/14] add NFS over AF_VSOCK support
Date: Fri, 22 Sep 2017 17:23:20 +0100 [thread overview]
Message-ID: <20170922162320.GS12725@redhat.com> (raw)
In-Reply-To: <20170922152855.GD13709@stefanha-x1.localdomain>
On Fri, Sep 22, 2017 at 04:28:55PM +0100, Stefan Hajnoczi wrote:
> On Fri, Sep 22, 2017 at 08:26:39AM -0400, Jeff Layton wrote:
> > I'm not sure there is a strong one. I most just thought it sounded like
> > a possible solution here.
> >
> > There's already a standard in place for doing RPC over AF_LOCAL, so
> > there's less work to be done there. We also already have AF_LOCAL
> > transport in the kernel (mostly for talking to rpcbind), so there's
> > helps reduce the maintenance burden there.
> >
> > It utilizes something that looks like a traditional unix socket, which
> > may make it easier to alter other applications to use it.
> >
> > There's also a clear way to "firewall" this -- just don't mount hvsockfs
> > (or whatever), or don't build it into the kernel. No filesystem, no
> > sockets.
> >
> > I'm not sure I'd agree about this being more restrictive, necessarily.
> > If we did this, you could envision eventually building something that
> > looks like this to a running host, but where the remote end is something
> > else entirely. Whether that's truly useful, IDK...
>
> This approach where communications channels appear on the file system is
> similar to the existing virtio-serial device. The guest driver creates
> a character device for each serial communications channel configured on
> the host. It's a character device node though and not a UNIX domain
> socket.
>
> One of the main reasons for adding virtio-vsock was to get native
> Sockets API communications that most applications expect (including
> NFS!). Serial char device semantics are awkward.
>
> Sticking with AF_LOCAL for a moment, another approach is for AF_VSOCK
> tunnel to the NFS traffic:
>
> (host)# vsock-proxy-daemon --unix-domain-socket path/to/local.sock
> --listen --port 2049
> (host)# nfsd --local path/to/local.sock ...
>
> (guest)# vsock-proxy-daemon --unix-domain-socket path/to/local.sock
> --cid 2 --port 2049
> (guest)# mount -t nfs -o proto=local path/to/local.sock /mnt
>
> It has drawbacks over native AF_VSOCK support:
>
> 1. Certain NFS protocol features become impossible to implement since
> there is no meaningful address information that can be exchanged
> between client and server (e.g. separate backchannel connection,
> pNFS, etc). Are you sure AF_LOCAL makes sense for NFS?
>
> 2. Performance is worse due to extra proxy daemon.
>
> If I understand correctly both Linux and nfs-utils lack NFS AF_LOCAL
> support although it is present in sunrpc. For example, today
> fs/nfsd/nfsctl.c cannot add UNIX domain sockets. Similarly, the
> nfs-utils nsfd program has no command-line syntax for UNIX domain
> sockets.
>
> Funnily enough making AF_LOCAL work for NFS requires similar changes to
> the patches I've posted for AF_VSOCK. I think AF_LOCAL tunnelling is a
> technically inferior solution than native AF_VSOCK support (for the
> reasons mentioned above), but I appreciate that it insulates NFS from
> AF_VSOCK specifics and could be used in other use cases too.
In the virt world using AF_LOCAL would be less portable than AF_VSOCK,
because AF_VSOCK is a technology implemented by both VMWare and KVM,
whereas an AF_LOCAL approach would likely be KVM only. In practice it
probably doesn't matter, since I doubt VMWare would end up using
NFS over AF_VSOCK, but conceptually I think AF_VSOCK makes more sense
for a virt scenario.
Using AF_LOCAL would not be solving the hard problems for virt like
migration either - it would just be hiding them under the carpet
and pretending they don't exist. Again preferrable to actually use
AF_VSOCK and define what the expected semantics are for migration.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2017-09-22 16:23 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-13 10:26 [PATCH nfs-utils v3 00/14] add NFS over AF_VSOCK support Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 01/14] mount: don't use IPPROTO_UDP for address resolution Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 02/14] nfs-utils: add vsock.h Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 03/14] nfs-utils: add AF_VSOCK support to sockaddr.h Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 04/14] mount: present AF_VSOCK addresses Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 05/14] mount: accept AF_VSOCK in nfs_verify_family() Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 06/14] mount: generate AF_VSOCK clientaddr Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 07/14] getport: recognize "vsock" netid Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 08/14] mount: AF_VSOCK address parsing Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 09/14] exportfs: introduce host_freeaddrinfo() Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 10/14] exportfs: add AF_VSOCK address parsing and printing Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 11/14] exportfs: add AF_VSOCK support to set_addrlist() Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 12/14] exportfs: add support for "vsock:" exports(5) syntax Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 13/14] nfsd: add --vsock (-v) option to nfsd Stefan Hajnoczi
2017-09-13 10:26 ` [PATCH nfs-utils v3 14/14] tests: add "vsock:" exports(5) test case Stefan Hajnoczi
2017-09-13 16:21 ` [PATCH nfs-utils v3 00/14] add NFS over AF_VSOCK support Christoph Hellwig
2017-09-13 18:18 ` [nfsv4] " David Noveck
2017-09-13 18:21 ` Chuck Lever
2017-09-15 11:52 ` Stefan Hajnoczi
2017-09-13 22:39 ` NeilBrown
2017-09-14 15:39 ` Steve Dickson
2017-09-14 15:55 ` Steve Dickson
2017-09-14 17:37 ` J . Bruce Fields
2017-09-15 11:07 ` Jeff Layton
2017-09-15 15:17 ` J . Bruce Fields
2017-09-15 23:29 ` NeilBrown
2017-09-16 14:55 ` J . Bruce Fields
2017-09-15 13:12 ` Stefan Hajnoczi
2017-09-15 13:31 ` J . Bruce Fields
2017-09-15 13:59 ` Chuck Lever
2017-09-15 16:42 ` J. Bruce Fields
2017-09-16 15:55 ` Chuck Lever
2017-09-18 18:09 ` Stefan Hajnoczi
2017-09-19 9:31 ` Daniel P. Berrange
2017-09-19 14:35 ` Chuck Lever
2017-09-19 15:10 ` Daniel P. Berrange
2017-09-19 15:48 ` Chuck Lever
2017-09-19 16:44 ` Daniel P. Berrange
2017-09-19 17:24 ` J. Bruce Fields
2017-09-21 17:00 ` Stefan Hajnoczi
2017-09-22 9:55 ` Steven Whitehouse
2017-09-22 11:32 ` Jeff Layton
2017-09-22 12:08 ` Matt Benjamin
2017-09-22 12:26 ` Jeff Layton
2017-09-22 15:28 ` Stefan Hajnoczi
2017-09-22 16:23 ` Daniel P. Berrange [this message]
2017-09-22 18:31 ` Chuck Lever
2017-09-25 8:14 ` Daniel P. Berrange
2017-09-25 10:31 ` Chuck Lever
2017-09-22 11:43 ` Chuck Lever
2017-09-22 11:55 ` Daniel P. Berrange
2017-09-22 12:00 ` Chuck Lever
2017-09-22 12:10 ` Daniel P. Berrange
2017-09-22 19:14 ` J. Bruce Fields
2017-09-25 8:30 ` Daniel P. Berrange
2017-09-26 2:08 ` NeilBrown
2017-09-26 3:40 ` J. Bruce Fields
2017-09-26 10:56 ` Stefan Hajnoczi
2017-09-26 11:07 ` Daniel P. Berrange
2017-09-26 18:32 ` J. Bruce Fields
2017-09-27 0:45 ` NeilBrown
2017-09-27 13:05 ` Stefan Hajnoczi
2017-09-27 22:21 ` NeilBrown
2017-09-28 10:44 ` Stefan Hajnoczi
2017-09-27 13:35 ` J. Bruce Fields
2017-09-27 22:25 ` NeilBrown
2017-09-26 13:39 ` J. Bruce Fields
2017-09-26 13:42 ` J. Bruce Fields
2017-09-27 12:22 ` Stefan Hajnoczi
2017-09-27 13:46 ` J. Bruce Fields
2017-09-28 10:34 ` Stefan Hajnoczi
2017-09-19 17:37 ` Stefan Hajnoczi
2017-09-19 19:56 ` Chuck Lever
2017-09-19 20:42 ` J. Bruce Fields
2017-09-19 21:09 ` Chuck Lever
2017-09-20 13:16 ` J. Bruce Fields
2017-09-20 14:40 ` Chuck Lever
2017-09-20 14:45 ` J. Bruce Fields
2017-09-20 14:59 ` Chuck Lever
2017-09-20 15:25 ` Frank Filz
2017-09-20 18:17 ` Trond Myklebust
2017-09-20 18:34 ` bfields
2017-09-20 18:38 ` Trond Myklebust
2017-09-21 16:20 ` Stefan Hajnoczi
2017-09-20 14:58 ` Daniel P. Berrange
2017-09-20 16:39 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170922162320.GS12725@redhat.com \
--to=berrange@redhat.com \
--cc=SteveD@redhat.com \
--cc=bfields@fieldses.org \
--cc=chuck.lever@oracle.com \
--cc=jlayton@redhat.com \
--cc=jumitche@redhat.com \
--cc=linux-nfs@vger.kernel.org \
--cc=mbenjami@redhat.com \
--cc=stefanha@redhat.com \
--cc=swhiteho@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).