From: Eric Blake <eblake@redhat.com> To: David Marchand <david.marchand@6wind.com>, Stefan Hajnoczi <stefanha@gmail.com>, Paolo Bonzini <pbonzini@redhat.com> Cc: kvm@vger.kernel.org, claudio.fontana@huawei.com, qemu-devel@nongnu.org, armbru@redhat.com, jani.kokkonen@huawei.com, cam@cs.ualberta.ca Subject: Re: [PATCH v3 2/2] docs: update ivshmem device spec Date: Tue, 09 Sep 2014 13:04:35 -0600 [thread overview] Message-ID: <540F4F43.7020104@redhat.com> (raw) In-Reply-To: <540441E4.7080203@6wind.com> [-- Attachment #1: Type: text/plain, Size: 3951 bytes --] On 09/01/2014 03:52 AM, David Marchand wrote: >>> What about upgrading QEMU and ivshmem-server while you have existing >>> guests? You cannot restart ivshmem-server, and the new QEMU would have >>> to talk to the old ivshmem-server. >> >> Version negotiation also helps avoid confusion if someone combines >> ivshmem-server and QEMU from different origins (e.g. built from source >> and distro packaged). Don't underestimate the likelihood of this happening. Any long-running process (which an ivshmem-server will be) continues running at the old version, even when a package upgrade installs a new qemu binary; the new binary should still be able to manage connections to the already-running server. Even neater would be a solution where an existing ivshmem-server could re-exec an updated ivshmem-server binary that resulted from a distro upgrade, hand over all state required for the new server to take over from the point managed by the old server, so that you aren't stuck running the old binary forever. But that's a lot trickier to write, so it is not necessary for a first implementation; and if you do that, then you have the reverse situation to worry about (the new server must still accept communication from existing old qemu binaries). Note that the goal here is to support upgrades; it is probably okay if downgrading from a new binary back to an old doesn't work correctly (because the new software was using a feature not present in the old). >> >> It's a safeguard to prevent hard-to-diagnose failures when the system is >> misconfigured. >> > > Hum, so you want the code to be defensive against mis-use, why not. > > I wanted to keep modifications on ivshmem as little as possible in a > first phase (all the more so as there are potential ivshmem users out > there that I think will be impacted by a protocol change). Existing ivshmem users MUST be aware that they are using something that is not yet polished, and be prepared to make the upgrade to the polished version. It's best to minimize the hassle by making them upgrade exactly once to a fully-robust version, rather than to have them upgrade to a slightly-more robust version only to find out we didn't plan ahead well enough to make further extensions in a back-compatible manner. > > Sending the version as the first "vm_id" with an associated fd to -1 > before sending the real client id should work with existing QEMU client > code (hw/misc/ivshmem.c). > > Do you have a better idea ? > Is there a best practice in QEMU for "version negotiation" that could > work with ivshmem protocol ? QMP starts off with a mandatory "qmp_capabilities" handshake, although we haven't yet had to define any capabilities where cross-versioned communication differs as a result. Migration is somewhat of an example, except that it is one-directional (we don't have a feedback path), so it is somewhat best effort. The qcow2 v3 file format is an example of declaring features, rather than version numbers, and making decisions about whether a feature is compatible (older clients can safely ignore the bit, without corrupting the image but possibly having worse performance) vs. incompatible (older clients must reject the image, because not handling the feature correctly would corrupt the image). The best handshakes are bi-directional - both sides advertise their version (or better, their features), and a well-defined algorithm for settling on the common subset of advertised features then ensures that the two sides know how to talk to each other, or give a reason for either side to disconnect early because of a missing feature. > > I have a v4 ready with this (and all the pending comments), I will send > it later unless a better idea is exposed. > > > Thanks. > -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 539 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Eric Blake <eblake@redhat.com> To: David Marchand <david.marchand@6wind.com>, Stefan Hajnoczi <stefanha@gmail.com>, Paolo Bonzini <pbonzini@redhat.com> Cc: kvm@vger.kernel.org, claudio.fontana@huawei.com, qemu-devel@nongnu.org, armbru@redhat.com, jani.kokkonen@huawei.com, cam@cs.ualberta.ca Subject: Re: [Qemu-devel] [PATCH v3 2/2] docs: update ivshmem device spec Date: Tue, 09 Sep 2014 13:04:35 -0600 [thread overview] Message-ID: <540F4F43.7020104@redhat.com> (raw) In-Reply-To: <540441E4.7080203@6wind.com> [-- Attachment #1: Type: text/plain, Size: 3951 bytes --] On 09/01/2014 03:52 AM, David Marchand wrote: >>> What about upgrading QEMU and ivshmem-server while you have existing >>> guests? You cannot restart ivshmem-server, and the new QEMU would have >>> to talk to the old ivshmem-server. >> >> Version negotiation also helps avoid confusion if someone combines >> ivshmem-server and QEMU from different origins (e.g. built from source >> and distro packaged). Don't underestimate the likelihood of this happening. Any long-running process (which an ivshmem-server will be) continues running at the old version, even when a package upgrade installs a new qemu binary; the new binary should still be able to manage connections to the already-running server. Even neater would be a solution where an existing ivshmem-server could re-exec an updated ivshmem-server binary that resulted from a distro upgrade, hand over all state required for the new server to take over from the point managed by the old server, so that you aren't stuck running the old binary forever. But that's a lot trickier to write, so it is not necessary for a first implementation; and if you do that, then you have the reverse situation to worry about (the new server must still accept communication from existing old qemu binaries). Note that the goal here is to support upgrades; it is probably okay if downgrading from a new binary back to an old doesn't work correctly (because the new software was using a feature not present in the old). >> >> It's a safeguard to prevent hard-to-diagnose failures when the system is >> misconfigured. >> > > Hum, so you want the code to be defensive against mis-use, why not. > > I wanted to keep modifications on ivshmem as little as possible in a > first phase (all the more so as there are potential ivshmem users out > there that I think will be impacted by a protocol change). Existing ivshmem users MUST be aware that they are using something that is not yet polished, and be prepared to make the upgrade to the polished version. It's best to minimize the hassle by making them upgrade exactly once to a fully-robust version, rather than to have them upgrade to a slightly-more robust version only to find out we didn't plan ahead well enough to make further extensions in a back-compatible manner. > > Sending the version as the first "vm_id" with an associated fd to -1 > before sending the real client id should work with existing QEMU client > code (hw/misc/ivshmem.c). > > Do you have a better idea ? > Is there a best practice in QEMU for "version negotiation" that could > work with ivshmem protocol ? QMP starts off with a mandatory "qmp_capabilities" handshake, although we haven't yet had to define any capabilities where cross-versioned communication differs as a result. Migration is somewhat of an example, except that it is one-directional (we don't have a feedback path), so it is somewhat best effort. The qcow2 v3 file format is an example of declaring features, rather than version numbers, and making decisions about whether a feature is compatible (older clients can safely ignore the bit, without corrupting the image but possibly having worse performance) vs. incompatible (older clients must reject the image, because not handling the feature correctly would corrupt the image). The best handshakes are bi-directional - both sides advertise their version (or better, their features), and a well-defined algorithm for settling on the common subset of advertised features then ensures that the two sides know how to talk to each other, or give a reason for either side to disconnect early because of a missing feature. > > I have a v4 ready with this (and all the pending comments), I will send > it later unless a better idea is exposed. > > > Thanks. > -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 539 bytes --]
next prev parent reply other threads:[~2014-09-09 19:04 UTC|newest] Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top 2014-08-08 8:55 [PATCH v3 0/2] ivshmem: update documentation, add client/server tools David Marchand 2014-08-08 8:55 ` [Qemu-devel] " David Marchand 2014-08-08 8:55 ` [PATCH v3 1/2] contrib: add ivshmem client and server David Marchand 2014-08-08 8:55 ` [Qemu-devel] " David Marchand 2014-08-08 14:51 ` Stefan Hajnoczi 2014-08-08 14:51 ` Stefan Hajnoczi 2014-08-18 12:09 ` David Marchand 2014-08-18 12:09 ` David Marchand 2014-08-10 3:57 ` Gonglei 2014-08-10 3:57 ` [Qemu-devel] " Gonglei 2014-08-18 12:19 ` David Marchand 2014-08-18 12:19 ` David Marchand 2014-08-08 8:55 ` [PATCH v3 2/2] docs: update ivshmem device spec David Marchand 2014-08-08 8:55 ` [Qemu-devel] " David Marchand 2014-08-08 9:04 ` Claudio Fontana 2014-08-08 9:04 ` [Qemu-devel] " Claudio Fontana 2014-08-08 9:32 ` David Marchand 2014-08-08 9:32 ` [Qemu-devel] " David Marchand 2014-08-08 15:02 ` Stefan Hajnoczi 2014-08-08 15:02 ` Stefan Hajnoczi 2014-08-26 6:47 ` David Marchand 2014-08-26 6:47 ` David Marchand 2014-08-26 11:04 ` Paolo Bonzini 2014-08-26 11:04 ` Paolo Bonzini 2014-08-28 9:49 ` Stefan Hajnoczi 2014-08-28 9:49 ` Stefan Hajnoczi 2014-09-01 9:52 ` David Marchand 2014-09-01 9:52 ` David Marchand 2014-09-09 19:04 ` Eric Blake [this message] 2014-09-09 19:04 ` Eric Blake 2014-08-08 9:30 ` [Qemu-devel] [PATCH v3 0/2] ivshmem: update documentation, add client/server tools Gonglei (Arei) 2014-08-08 9:30 ` Gonglei (Arei) 2014-08-08 9:54 ` David Marchand 2014-08-08 9:54 ` David Marchand 2014-08-08 10:26 ` Gonglei (Arei) 2014-08-08 10:26 ` Gonglei (Arei)
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=540F4F43.7020104@redhat.com \ --to=eblake@redhat.com \ --cc=armbru@redhat.com \ --cc=cam@cs.ualberta.ca \ --cc=claudio.fontana@huawei.com \ --cc=david.marchand@6wind.com \ --cc=jani.kokkonen@huawei.com \ --cc=kvm@vger.kernel.org \ --cc=pbonzini@redhat.com \ --cc=qemu-devel@nongnu.org \ --cc=stefanha@gmail.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.