Blueprint "libvirt-virtlogd" [1] intents to make use of the libvirt
feature Daniel mentioned in comment #51.
[1] https://blueprints.launchpad.net/nova/+spec/libvirt-virtlogd
** Changed in: nova
Assignee: Tony Breeds (o-tony) => (unassigned)
--
You received this bug notification because
Libvirt releases once a month, and QEMU is in feature freeze for its
next release. So this will easily be ready before Newton
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
ah that is good to hear.
i assume this will be fixed then before the newton release.
what is the time frame of libvirt 1.3.3 and qemu 2.6?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
Patches are ready to solve this entirely in the libvirt layer one & for
all. It'll be fixed with libvirt 1.3.3
https://www.redhat.com/archives/libvir-list/2016-February/msg01449.html
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
this has been around a really long time now
is the aproch suggested here a suitable solution.
https://bugs.launchpad.net/charms/+source/nova-compute/+bug/1460197
really it is the installation tool change but prehaps we can do someting from
the nova side also.
perhaps just document how to
Long time bug, it's confirmed, not triaged, as the path forward remains
unclear.
** Changed in: nova
Status: Triaged = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
Re comment #44:
There has been a ring buffer char device named ringbuf available
upstream in QEMU as Anthony suggested in comment #23 like following:
qemu -chardev ringbuf,size=640k,id=foo -serial chardev:foo
And the QMP commands have already been exposed by QEMU like:
{ 'command':
It's now (UTC) Thursday.
** Changed in: ossa
Status: Incomplete = Won't Fix
** Tags added: security
** Information type changed from Public Security to Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
Agreed, this is class C2 (a vulnerability in some dependency, not in
OpenStack code, and so nothing we're going to fix with a patch to
OpenStack security supported projects nor anything for which we should
issue a security advisory). If there are no disagreements, I'll switch
this to a regular
Proposing class C2
https://wiki.openstack.org/wiki/Vulnerability_Management#Incident_report_taxonomy
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows
I think it's legitimate to consider that the flaw is in qemu or libvirt,
for copying console data from guest to host without much possibilities
of controlling it. My recommendation would be to fix it there so that
all cases of hostile VMs are covered, rather than just the Nova use
case. If we
** Changed in: ossa
Assignee: hzxiongwenwu (xwwzzy) = (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
** Changed in: qemu-kvm (Ubuntu)
Assignee: (unassigned) = Tony Breeds (o-tony)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To
** Changed in: nova
Assignee: (unassigned) = Tony Breeds (o-tony)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
** Tags added: ops
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this bug go to:
I think the blueprint https://blueprints.launchpad.net/nova/+spec
/serial-ports is just a workaround for this bug, and currently we have
no way to disable console.log .
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
@John Haller: Great news!
Do you think the associated code could be proposed as backport for
Havana and Icehouse too ?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
See the following blueprint, the associated code has passed the gate for Juno:
https://blueprints.launchpad.net/nova/+spec/serial-ports
This only addresses KVM hosts, which support access console access via
SPICE, which is the solution adopted in above blueprint.
--
You received this bug
** Changed in: ossa
Assignee: (unassigned) = hzxiongwenwu (xwwzzy)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
@Rob: if we can document relatively-efficient workarounds, yes, that
would make a good OSSN. The fix has been delayed for quite some
releases now, so I'd not hold my breath for juno :)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
@robert-clark, the fixes to date have been band-aids. This is currently
targeted to be fixed properly in Juno with
https://blueprints.launchpad.net/nova/+spec/fix-libvirt-console-logging
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
I've just read through this thread with a view to wether we should
release a related OSSN.
From what I can tell, no fix was ever agreed on, is this likely to
change?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
Putting back in OSSA scope so that we discuss what to do with this
** Also affects: ossa
Importance: Undecided
Status: New
** Changed in: ossa
Status: New = Incomplete
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
** Changed in: nova
Milestone: icehouse-3 = None
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this
** Changed in: nova
Milestone: icehouse-2 = icehouse-3
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about
** Changed in: nova
Status: In Progress = Triaged
** Changed in: nova
Assignee: Michael Still (mikalstill) = (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
** Changed in: nova
Milestone: havana-rc1 = icehouse-1
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about
Fix proposed to branch: master
Review: https://review.openstack.org/47634
** Changed in: nova
Status: Triaged = In Progress
** Changed in: nova
Assignee: (unassigned) = Michael Still (mikalstill)
--
You received this bug notification because you are a member of Ubuntu
Server Team,
** Changed in: nova
Assignee: Michael Still (mikalstill) = (unassigned)
** Changed in: nova
Status: In Progress = Triaged
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
** Changed in: nova
Milestone: None = havana-rc1
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this
should we first fix it in nova before kvm and libvirt have better fix
on this ?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
Fix proposed to branch: master
Review: https://review.openstack.org/39048
** Changed in: nova
Status: Confirmed = In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
** Changed in: nova
Assignee: (unassigned) = Michael Still (mikalstill)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
Just to brainstorm:
Are any of the following possible??
1. Correctly have libvirtd configure and manage the console log file size. Some
new XML configuration for the domain.xml format could be provided to alter the
behavior? How much of the libvirt code would have to change for this?
2. If #1
Can we please move this to wish list?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this bug go to:
** Branch linked: lp:~openstack-ubuntu-testing/nova/raring-grizzly
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications
A more permanent solution needs to be discussed for this. Mikal wants to
have a session about it at the next Summit.
** Changed in: nova
Importance: Medium = High
** Changed in: nova
Status: In Progress = Confirmed
** Changed in: nova
Assignee: Chuck Short (zulcss) = (unassigned)
We recently had a console log grow to 5.5GB
When a user tries to get the console via the API it in turn packs this into a
message and sends it off to rabbitmq.
For us this completely killed our rabbitmq cluster. The user kept trying to get
the console knocking out a rabbitmq server each time
It certainly seems like we should only send the last N lines of the
console to the user (although that might be computationally expensive to
generate on such a large file). That's a separate bug though I suspect.
I've filed bug 1081436 for that.
--
You received this bug notification because you
I would really like us to find a real (and upstreamable) solution for this,
but I lack the KVM/libvirt expertise to make it happen.
Subscribing Daniel Berrange to see if he has another idea.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
The reason for the qemu-kvm task is that we think qemu-kvm is really the
ultimate right place to add a '-serial ringbuffer:640k,file=/path/to/file'
flag.
All the other attempts are more hacky, but if upstream kvm had this ,
libvirt could expose it, and openstack could use it.
I do
I don't understand what the file argument would mean. Once you write()
to a file, QEMU no longer can implement a ring buffer (it cannot discard
written data). You would need to do something like the following:
qemu -chardev memchr,max-capacity=640k,id=foo -serial chardev:foo
And then introduce
Anthony,
The file would be a disk-based ringbuffer. There would need to be a
well-known disk-based ringbuffer format, which currently doesn't exist.
Perhaps a libringbuffer to encapsulate it. The format would need head
and tail indexes and then the data, together with some thought for
concurrent
Having examined the idea of the libvirt_consoled a bit more, I think it
is not actually required. It is possible to get good support for console
logging, max bounded size, rollover, secure remote access, simply by
dropping in the standard 'conserver' daemon with a suitable
configuration file.
conserver is in Debian non-free, and thus unsuitable.
conserver would still needed to receive the log output from qemu via a
FIFO or similar, and this introduces the problem of what qemu should do
when it is blocked on writing to conserver, which is where I think my
previous patch failed (and I
IMHO having fixed size rotated logs per VM with max number of files, is
a better solution that a ringbuffer. It really doesn't complicate the
code that much to have to potentially just read a few lines from a
second rotated logfile.
While I agree that conserver is overkill if satisfying the
Marking invalid in qemu-kvm assuming there is nothing to do there.
Please switch back and rebuke me if I misunderstood.
** Changed in: qemu-kvm (Ubuntu)
Status: Confirmed = Invalid
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed
Serge,
The reason for the qemu-kvm task is that we think qemu-kvm is really the
ultimate right place to add a '-serial ringbuffer:640k,file=/path/to/file' flag.
All the other attempts are more hacky, but if upstream kvm had this , libvirt
could expose it, and openstack could use it.
I do
Serge,
The reason for the qemu-kvm task is that we think qemu-kvm is really the
ultimate right place to add a '-serial ringbuffer:640k,file=/path/to/file'
flag.
All the other attempts are more hacky, but if upstream kvm had this ,
libvirt could expose it, and openstack could use it.
I think this would need a libringbuffer as nova would need to read the
same file in get_console_output. When I first looked at this in
September, I could not find such a thing, or any accepted on-disk
format. The python code in my patch could be a good starting point, but
there a couple of things
On Wed, 11 Apr 2012, Serge Hallyn wrote:
Serge,
The reason for the qemu-kvm task is that we think qemu-kvm is really the
ultimate right place to add a '-serial ringbuffer:640k,file=/path/to/file'
flag.
All the other attempts are more hacky, but if upstream kvm had this ,
** Also affects: qemu-kvm (Ubuntu)
Importance: Undecided
Status: New
** Changed in: qemu-kvm (Ubuntu)
Status: New = Confirmed
** Changed in: qemu-kvm (Ubuntu)
Importance: Undecided = High
--
You received this bug notification because you are a member of Ubuntu
Server Team,
Fix proposed to branch: master
Review: https://review.openstack.org/4932
** Changed in: nova
Status: Confirmed = In Progress
** Changed in: nova
Assignee: (unassigned) = Chuck Short (zulcss)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which
The review has gone stale... What's the status on this ? You have the
fix in Ubuntu but it was refused upstream ? Or is that a different fix
that you have in Ubuntu ?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
** Changed in: nova
Importance: Low = Medium
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this bug go
Fixed in Ubuntu, refused upstream.
** Changed in: nova
Assignee: Robie Basak (racb) = (unassigned)
** Changed in: nova
Status: In Progress = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
review was here:
https://review.openstack.org/#change,706
Last request was if the ringbuffer handling could be done by a separate
helper binary so nova-compute could go down for a bit without locking up
instances.
--
You received this bug notification because you are a member of Ubuntu
Server
** Branch linked: lp:ubuntu/libvirt
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this bug go to:
Proposed to essex: https://review.openstack.org/706
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this bug
** Branch linked: lp:~james-page/ubuntu/oneiric/nova/fix-new-installs
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
This bug was fixed in the package nova - 2011.3-0ubuntu4
---
nova (2011.3-0ubuntu4) oneiric; urgency=low
[James Page]
* debian/nova-common.postinst:
- Exclude mounted LXC rootfs filesystems within /var/lib/nova from
user/group ownership changes (LP: #861260).
-
** Branch linked: lp:ubuntu/nova
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this bug go to:
** Branch linked: lp:~ubuntu-server-dev/nova/diablo
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this bug
** Branch linked: lp:~james-page/nova/fix-lxc-and-primary-group
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications
** Changed in: libvirt (Ubuntu)
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
This bug was fixed in the package libvirt - 0.9.2-4ubuntu14
---
libvirt (0.9.2-4ubuntu14) oneiric; urgency=low
* debian/patches/lp832507.patch: update virt-aa-helper to use the correct
paths for character devices that are pipes. This can be removed in
0.9.7. (LP: #832507)
** Changed in: nova
Assignee: Dave Walker (davewalker) = Robie Basak (racb)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
** Changed in: nova
Assignee: (unassigned) = Dave Walker (davewalker)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
** Changed in: libvirt (Ubuntu)
Status: Triaged = In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
** Changed in: nova (Ubuntu)
Milestone: ubuntu-11.10-beta-2 = ubuntu-11.10
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
What I have so far: everything except point 6 in the plan above.
Problems:
1) libvirt creates an AppArmor profile for console.fifo and not
console.fifo.{in,out}.
Other things to check:
1) Console logging gets resumed correctly on restart.
2) Correct management of live migration.
3) Correct
** Tags added: apparmor
** Also affects: libvirt (Ubuntu)
Importance: Undecided
Status: New
** Changed in: libvirt (Ubuntu)
Status: New = Triaged
** Changed in: libvirt (Ubuntu)
Importance: Undecided = High
** Changed in: libvirt (Ubuntu)
Assignee: (unassigned) = Jamie
** Tags added: rls-mgr-o-tracking
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this bug go to:
The plan is:
1) Create a FIFO, open it persistently and use this as the console log
destination
2) Write a handler that will write to a ring buffer on disk
3) Periodically read data out of the FIFO and give it to the handler
4) Also do step 3 before processing get_console_output
5)
It turns out that kvm gracefully handles it a listener on a named pipe
close()s its connection and opens it again (and buffers whatever output
would have been read in the mean time). This should make this a much
simpler fix.
--
You received this bug notification because you are a member of
** Changed in: nova (Ubuntu)
Milestone: None = ubuntu-11.10-beta-2
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
** Changed in: nova (Ubuntu)
Status: Confirmed = In Progress
** Changed in: nova (Ubuntu)
Assignee: (unassigned) = Dave Walker (davewalker)
** Changed in: nova
Status: Confirmed = In Progress
** Changed in: nova
Assignee: (unassigned) = Dave Walker (davewalker)
--
You
** Branch linked: lp:~davewalker/nova/832507_with_emlog
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage notifications about this
** Also affects: nova (Ubuntu)
Importance: Undecided
Status: New
** Changed in: nova (Ubuntu)
Importance: Undecided = High
** Changed in: nova (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
* Using named pipes / fifo would seem to re-introduce the same issue
differently.
* Logging to unix socket would mean there needs to be a listener within nova to
suck in the log to file, but means it's handled in userspace (good).
* Using a non-standard kernel module called emlog is interesting,
80 matches
Mail list logo
