2017-05-26 14:30:34 +00:00
|
|
|
(* (c) 2017 Hannes Mehnert, all rights reserved *)
|
|
|
|
|
|
|
|
open Astring
|
|
|
|
|
|
|
|
open Rresult.R.Infix
|
|
|
|
|
2018-04-25 11:15:53 +00:00
|
|
|
let tmpdir = Fpath.(v "/var" / "run" / "albatross")
|
|
|
|
let dbdir = Fpath.(v "/var" / "db" / "albatross")
|
|
|
|
|
2018-10-23 22:03:36 +00:00
|
|
|
type service = [ `Console | `Log | `Stats | `Vmmd ]
|
|
|
|
|
2018-10-12 23:05:21 +00:00
|
|
|
let socket_path t =
|
|
|
|
let path name = Fpath.(tmpdir / "util" / name + "sock") in
|
|
|
|
let path = match t with
|
|
|
|
| `Console -> path "console"
|
|
|
|
| `Vmmd -> Fpath.(tmpdir / "vmmd" + "sock")
|
|
|
|
| `Stats -> path "stat"
|
|
|
|
| `Log -> path "log"
|
|
|
|
in
|
|
|
|
Fpath.to_string path
|
2018-09-19 19:16:44 +00:00
|
|
|
|
|
|
|
let pp_socket ppf t =
|
|
|
|
let name = socket_path t in
|
|
|
|
Fmt.pf ppf "socket: %s" name
|
|
|
|
|
|
|
|
|
2017-05-26 14:30:34 +00:00
|
|
|
module I = struct
|
|
|
|
type t = int
|
|
|
|
let compare : int -> int -> int = compare
|
|
|
|
end
|
|
|
|
|
|
|
|
module IS = Set.Make(I)
|
|
|
|
module IM = Map.Make(I)
|
|
|
|
|
2018-09-21 20:31:04 +00:00
|
|
|
type vmtype = [ `Hvt_amd64 | `Hvt_arm64 | `Hvt_amd64_compressed ]
|
2017-05-26 14:30:34 +00:00
|
|
|
|
|
|
|
let pp_vmtype ppf = function
|
2018-09-21 20:31:04 +00:00
|
|
|
| `Hvt_amd64 -> Fmt.pf ppf "hvt-amd64"
|
|
|
|
| `Hvt_amd64_compressed -> Fmt.pf ppf "hvt-amd64-compressed"
|
|
|
|
| `Hvt_arm64 -> Fmt.pf ppf "hvt-arm64"
|
2017-05-26 14:30:34 +00:00
|
|
|
|
|
|
|
type id = string list
|
|
|
|
|
|
|
|
let string_of_id ids = String.concat ~sep:"." ids
|
|
|
|
|
|
|
|
let id_of_string str = String.cuts ~sep:"." str
|
|
|
|
|
|
|
|
let drop_super ~super ~sub =
|
|
|
|
let rec go sup sub = match sup, sub with
|
|
|
|
| [], xs -> Some (List.rev xs)
|
|
|
|
| _, [] -> None
|
|
|
|
| x::xs, z::zs -> if String.equal x z then go xs zs else None
|
|
|
|
in
|
|
|
|
go (List.rev super) (List.rev sub)
|
|
|
|
|
|
|
|
let is_sub_id ~super ~sub =
|
|
|
|
match drop_super ~super ~sub with None -> false | Some _ -> true
|
|
|
|
|
2018-10-12 23:05:21 +00:00
|
|
|
let domain id = match List.rev id with
|
|
|
|
| _::prefix -> List.rev prefix
|
|
|
|
| [] -> []
|
|
|
|
|
2017-05-26 14:30:34 +00:00
|
|
|
let pp_id ppf ids =
|
|
|
|
Fmt.(pf ppf "%a" (list ~sep:(unit ".") string) ids)
|
|
|
|
|
|
|
|
let pp_is ppf is = Fmt.pf ppf "%a" Fmt.(list ~sep:(unit ",") int) (IS.elements is)
|
|
|
|
|
|
|
|
type bridge = [
|
|
|
|
| `Internal of string
|
|
|
|
| `External of string * Ipaddr.V4.t * Ipaddr.V4.t * Ipaddr.V4.t * int
|
|
|
|
]
|
|
|
|
|
|
|
|
let pp_bridge ppf = function
|
|
|
|
| `Internal name -> Fmt.pf ppf "%s (internal)" name
|
|
|
|
| `External (name, l, h, gw, nm) ->
|
|
|
|
Fmt.pf ppf "%s: %a - %a, GW: %a/%d"
|
|
|
|
name Ipaddr.V4.pp_hum l Ipaddr.V4.pp_hum h Ipaddr.V4.pp_hum gw nm
|
|
|
|
|
2018-10-12 18:34:00 +00:00
|
|
|
type policy = {
|
2017-05-26 14:30:34 +00:00
|
|
|
vms : int ;
|
|
|
|
cpuids : IS.t ;
|
|
|
|
memory : int ;
|
|
|
|
block : int option ;
|
|
|
|
bridges : bridge String.Map.t ;
|
|
|
|
}
|
|
|
|
|
2018-10-12 18:34:00 +00:00
|
|
|
let pp_policy ppf res =
|
|
|
|
Fmt.pf ppf "policy: %d vms %a cpus %d MB memory %a MB block bridges: %a"
|
2017-05-26 14:30:34 +00:00
|
|
|
res.vms pp_is res.cpuids res.memory
|
|
|
|
Fmt.(option ~none:(unit "no") int) res.block
|
|
|
|
Fmt.(list ~sep:(unit ", ") pp_bridge)
|
|
|
|
(List.map snd (String.Map.bindings res.bridges))
|
|
|
|
|
|
|
|
let sub_bridges super sub =
|
|
|
|
String.Map.for_all (fun idx v ->
|
|
|
|
match String.Map.find idx super, v with
|
|
|
|
| None, _ -> false
|
|
|
|
| Some (`Internal nam), `Internal nam' -> String.compare nam nam' = 0
|
|
|
|
| Some (`External (nam, supf, supl, gw, nm)),
|
|
|
|
`External (nam', subf, subl, gw', nm') ->
|
|
|
|
String.compare nam nam' = 0 && nm = nm' &&
|
2018-04-03 20:58:31 +00:00
|
|
|
Ipaddr.V4.compare supf subf <= 0 && Ipaddr.V4.compare supl subl >= 0 &&
|
|
|
|
Ipaddr.V4.compare gw gw' = 0
|
2017-05-26 14:30:34 +00:00
|
|
|
| _ -> false)
|
|
|
|
sub
|
|
|
|
|
|
|
|
let sub_block super sub =
|
|
|
|
match super, sub with
|
|
|
|
| None, None -> true
|
|
|
|
| Some _, None -> true
|
|
|
|
| Some x, Some y -> x >= y
|
|
|
|
| None, Some _ -> false
|
|
|
|
|
|
|
|
let sub_cpu super sub = IS.subset sub super
|
|
|
|
|
|
|
|
let is_sub ~super ~sub =
|
|
|
|
sub.vms <= super.vms && sub_cpu super.cpuids sub.cpuids &&
|
|
|
|
sub.memory <= super.memory &&
|
|
|
|
sub_bridges super.bridges sub.bridges && sub_block super.block sub.block
|
|
|
|
|
|
|
|
type vm_config = {
|
|
|
|
cpuid : int ;
|
2018-04-03 20:58:31 +00:00
|
|
|
requested_memory : int ;
|
2017-05-26 14:30:34 +00:00
|
|
|
block_device : string option ;
|
|
|
|
network : string list ;
|
|
|
|
vmimage : vmtype * Cstruct.t ;
|
|
|
|
argv : string list option ;
|
|
|
|
}
|
|
|
|
|
|
|
|
let pp_image ppf (typ, blob) =
|
|
|
|
let l = Cstruct.len blob in
|
|
|
|
Fmt.pf ppf "%a: %d bytes" pp_vmtype typ l
|
|
|
|
|
2018-04-03 20:58:31 +00:00
|
|
|
let pp_vm_config ppf (vm : vm_config) =
|
2018-10-22 22:54:05 +00:00
|
|
|
Fmt.pf ppf "cpu %d, %d MB memory, block device %a@ bridge %a, image %a, argv %a"
|
|
|
|
vm.cpuid vm.requested_memory
|
2017-05-26 14:30:34 +00:00
|
|
|
Fmt.(option ~none:(unit "no") string) vm.block_device
|
|
|
|
Fmt.(list ~sep:(unit ", ") string) vm.network
|
|
|
|
pp_image vm.vmimage
|
|
|
|
Fmt.(option ~none:(unit "no") (list ~sep:(unit " ") string)) vm.argv
|
|
|
|
|
|
|
|
let good_bridge idxs nets =
|
|
|
|
(* TODO: uniqueness of n -- it should be an ordered set? *)
|
|
|
|
List.for_all (fun n -> String.Map.mem n nets) idxs
|
|
|
|
|
2018-10-12 18:34:00 +00:00
|
|
|
let vm_matches_res (res : policy) (vm : vm_config) =
|
2017-05-26 14:30:34 +00:00
|
|
|
res.vms >= 1 && IS.mem vm.cpuid res.cpuids &&
|
2018-04-03 20:58:31 +00:00
|
|
|
vm.requested_memory <= res.memory &&
|
2017-05-26 14:30:34 +00:00
|
|
|
good_bridge vm.network res.bridges
|
|
|
|
|
|
|
|
let check_policies vm res =
|
|
|
|
let rec climb = function
|
|
|
|
| super :: sub :: xs ->
|
|
|
|
if is_sub ~super ~sub then climb (sub :: xs)
|
|
|
|
else Error (`Msg "policy violation")
|
|
|
|
| [x] -> Ok x
|
|
|
|
| [] -> Error (`Msg "empty resource list")
|
|
|
|
in
|
|
|
|
climb res >>= fun res ->
|
|
|
|
if vm_matches_res res vm then Ok () else Error (`Msg "VM does not match policy")
|
|
|
|
|
|
|
|
type vm = {
|
|
|
|
config : vm_config ;
|
|
|
|
cmd : Bos.Cmd.t ;
|
|
|
|
pid : int ;
|
|
|
|
taps : string list ;
|
revise force-restart: now with wait for kill and resource cleanup before start
allows to cleanup various hacks, such as checking for pid in vmm_resources
or removing temporarily the allocated resources from the resource map in vmm_engine
semantics is now slightly different, but for sure enhanced.
- each VM has a Lwt.wait () task attached in Vmm_engine.t (tasks : 'c String.Map.t)
- normal create shouldn't be much different, apart from memoizing the sleeper
- after waitpid is done in vmmd, and vmm_engine.shutdown succeeded, Lwt.wakeup is called for the sleeper
- force create now:
- checks static policies
- looks for existing VM (and task), if present: kill and wait for task in vmmd
- continue with presence checking of vm name, dynamic policies, allocate resources (tap, img, fifo)
this means the whole randomness in filenames can be removed, and the
communication between vmm_console and vmm_client is working again (attach/detach
could not work since vmm_console knew only about "albatross.AAA.BBB.RANDOM",
whereas vmm_client insisted on "AAA.BBB"
resource overcommitment (and races in e.g. block device closing + opening) are
gone now, only if the old vm is cleanup up, resources for the new one are
allocated and it is executed
2018-04-04 23:02:45 +00:00
|
|
|
stdout : Unix.file_descr (* ringbuffer thingy *)
|
2017-05-26 14:30:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
let pp_vm ppf vm =
|
revise force-restart: now with wait for kill and resource cleanup before start
allows to cleanup various hacks, such as checking for pid in vmm_resources
or removing temporarily the allocated resources from the resource map in vmm_engine
semantics is now slightly different, but for sure enhanced.
- each VM has a Lwt.wait () task attached in Vmm_engine.t (tasks : 'c String.Map.t)
- normal create shouldn't be much different, apart from memoizing the sleeper
- after waitpid is done in vmmd, and vmm_engine.shutdown succeeded, Lwt.wakeup is called for the sleeper
- force create now:
- checks static policies
- looks for existing VM (and task), if present: kill and wait for task in vmmd
- continue with presence checking of vm name, dynamic policies, allocate resources (tap, img, fifo)
this means the whole randomness in filenames can be removed, and the
communication between vmm_console and vmm_client is working again (attach/detach
could not work since vmm_console knew only about "albatross.AAA.BBB.RANDOM",
whereas vmm_client insisted on "AAA.BBB"
resource overcommitment (and races in e.g. block device closing + opening) are
gone now, only if the old vm is cleanup up, resources for the new one are
allocated and it is executed
2018-04-04 23:02:45 +00:00
|
|
|
Fmt.pf ppf "pid %d@ taps %a cmdline %a"
|
2017-05-26 14:30:34 +00:00
|
|
|
vm.pid Fmt.(list ~sep:(unit ", ") string) vm.taps
|
revise force-restart: now with wait for kill and resource cleanup before start
allows to cleanup various hacks, such as checking for pid in vmm_resources
or removing temporarily the allocated resources from the resource map in vmm_engine
semantics is now slightly different, but for sure enhanced.
- each VM has a Lwt.wait () task attached in Vmm_engine.t (tasks : 'c String.Map.t)
- normal create shouldn't be much different, apart from memoizing the sleeper
- after waitpid is done in vmmd, and vmm_engine.shutdown succeeded, Lwt.wakeup is called for the sleeper
- force create now:
- checks static policies
- looks for existing VM (and task), if present: kill and wait for task in vmmd
- continue with presence checking of vm name, dynamic policies, allocate resources (tap, img, fifo)
this means the whole randomness in filenames can be removed, and the
communication between vmm_console and vmm_client is working again (attach/detach
could not work since vmm_console knew only about "albatross.AAA.BBB.RANDOM",
whereas vmm_client insisted on "AAA.BBB"
resource overcommitment (and races in e.g. block device closing + opening) are
gone now, only if the old vm is cleanup up, resources for the new one are
allocated and it is executed
2018-04-04 23:02:45 +00:00
|
|
|
Bos.Cmd.pp vm.cmd
|
2017-05-26 14:30:34 +00:00
|
|
|
|
2017-08-17 17:53:36 +00:00
|
|
|
let translate_tap vm tap =
|
2018-04-03 20:58:31 +00:00
|
|
|
match List.filter (fun (t, _) -> tap = t) (List.combine vm.taps vm.config.network) with
|
2017-08-17 17:53:36 +00:00
|
|
|
| [ (_, b) ] -> Some b
|
|
|
|
| _ -> None
|
|
|
|
|
2018-10-23 22:03:36 +00:00
|
|
|
module Stats = struct
|
|
|
|
type rusage = {
|
|
|
|
utime : (int64 * int) ;
|
|
|
|
stime : (int64 * int) ;
|
|
|
|
maxrss : int64 ;
|
|
|
|
ixrss : int64 ;
|
|
|
|
idrss : int64 ;
|
|
|
|
isrss : int64 ;
|
|
|
|
minflt : int64 ;
|
|
|
|
majflt : int64 ;
|
|
|
|
nswap : int64 ;
|
|
|
|
inblock : int64 ;
|
|
|
|
outblock : int64 ;
|
|
|
|
msgsnd : int64 ;
|
|
|
|
msgrcv : int64 ;
|
|
|
|
nsignals : int64 ;
|
|
|
|
nvcsw : int64 ;
|
|
|
|
nivcsw : int64 ;
|
|
|
|
}
|
|
|
|
|
|
|
|
let pp_rusage ppf r =
|
|
|
|
Fmt.pf ppf "utime %Lu.%d stime %Lu.%d maxrss %Lu ixrss %Lu idrss %Lu isrss %Lu minflt %Lu majflt %Lu nswap %Lu inblock %Lu outblock %Lu msgsnd %Lu msgrcv %Lu signals %Lu nvcsw %Lu nivcsw %Lu"
|
|
|
|
(fst r.utime) (snd r.utime) (fst r.stime) (snd r.stime) r.maxrss r.ixrss r.idrss r.isrss r.minflt r.majflt r.nswap r.inblock r.outblock r.msgsnd r.msgrcv r.nsignals r.nvcsw r.nivcsw
|
|
|
|
|
|
|
|
|
|
|
|
type vmm = (string * int64) list
|
|
|
|
let pp_vmm ppf vmm =
|
2018-10-23 23:07:12 +00:00
|
|
|
Fmt.(list ~sep:(unit "@.") (pair ~sep:(unit ": ") string int64)) ppf vmm
|
2018-10-23 22:03:36 +00:00
|
|
|
|
|
|
|
type ifdata = {
|
|
|
|
name : string ;
|
|
|
|
flags : int32 ;
|
|
|
|
send_length : int32 ;
|
|
|
|
max_send_length : int32 ;
|
|
|
|
send_drops : int32 ;
|
|
|
|
mtu : int32 ;
|
|
|
|
baudrate : int64 ;
|
|
|
|
input_packets : int64 ;
|
|
|
|
input_errors : int64 ;
|
|
|
|
output_packets : int64 ;
|
|
|
|
output_errors : int64 ;
|
|
|
|
collisions : int64 ;
|
|
|
|
input_bytes : int64 ;
|
|
|
|
output_bytes : int64 ;
|
|
|
|
input_mcast : int64 ;
|
|
|
|
output_mcast : int64 ;
|
|
|
|
input_dropped : int64 ;
|
|
|
|
output_dropped : int64 ;
|
|
|
|
}
|
|
|
|
|
|
|
|
let pp_ifdata ppf i =
|
|
|
|
Fmt.pf ppf "name %s flags %lX send_length %lu max_send_length %lu send_drops %lu mtu %lu baudrate %Lu input_packets %Lu input_errors %Lu output_packets %Lu output_errors %Lu collisions %Lu input_bytes %Lu output_bytes %Lu input_mcast %Lu output_mcast %Lu input_dropped %Lu output_dropped %Lu"
|
|
|
|
i.name i.flags i.send_length i.max_send_length i.send_drops i.mtu i.baudrate i.input_packets i.input_errors i.output_packets i.output_errors i.collisions i.input_bytes i.output_bytes i.input_mcast i.output_mcast i.input_dropped i.output_dropped
|
|
|
|
|
|
|
|
type t = rusage * vmm option * ifdata list
|
|
|
|
let pp ppf (ru, vmm, ifs) =
|
|
|
|
Fmt.pf ppf "%a@.%a@.%a"
|
|
|
|
pp_rusage ru
|
|
|
|
Fmt.(option ~none:(unit "no vmm stats") pp_vmm) vmm
|
|
|
|
Fmt.(list ~sep:(unit "@.@.") pp_ifdata) ifs
|
|
|
|
end
|
2017-05-26 14:30:34 +00:00
|
|
|
|
2018-10-23 22:03:36 +00:00
|
|
|
type process_exit = [ `Exit of int | `Signal of int | `Stop of int ]
|
2017-05-26 14:30:34 +00:00
|
|
|
|
2018-10-23 22:03:36 +00:00
|
|
|
let pp_process_exit ppf = function
|
|
|
|
| `Exit n -> Fmt.pf ppf "exit %a (%d)" Fmt.Dump.signal n n
|
|
|
|
| `Signal n -> Fmt.pf ppf "signal %a (%d)" Fmt.Dump.signal n n
|
|
|
|
| `Stop n -> Fmt.pf ppf "stop %a (%d)" Fmt.Dump.signal n n
|
2018-10-23 19:53:44 +00:00
|
|
|
|
2017-05-26 14:30:34 +00:00
|
|
|
module Log = struct
|
2018-10-23 22:03:36 +00:00
|
|
|
type log_event = [
|
|
|
|
| `Login of id * Ipaddr.V4.t * int
|
|
|
|
| `Logout of id * Ipaddr.V4.t * int
|
|
|
|
| `Startup
|
|
|
|
| `Vm_start of id * int * string list * string option
|
|
|
|
| `Vm_stop of id * int * process_exit
|
|
|
|
]
|
|
|
|
|
|
|
|
let name = function
|
|
|
|
| `Startup -> []
|
|
|
|
| `Login (name, _, _) -> name
|
|
|
|
| `Logout (name, _, _) -> name
|
|
|
|
| `Vm_start (name, _, _ ,_) -> name
|
|
|
|
| `Vm_stop (name, _, _) -> name
|
|
|
|
|
|
|
|
let pp_log_event ppf = function
|
|
|
|
| `Startup -> Fmt.(pf ppf "startup")
|
|
|
|
| `Login (name, ip, port) -> Fmt.pf ppf "%a login %a:%d" pp_id name Ipaddr.V4.pp_hum ip port
|
|
|
|
| `Logout (name, ip, port) -> Fmt.pf ppf "%a logout %a:%d" pp_id name Ipaddr.V4.pp_hum ip port
|
|
|
|
| `Vm_start (name, pid, taps, block) ->
|
|
|
|
Fmt.pf ppf "%a started %d (tap %a, block %a)"
|
|
|
|
pp_id name pid Fmt.(list ~sep:(unit "; ") string) taps
|
2017-05-26 14:30:34 +00:00
|
|
|
Fmt.(option ~none:(unit "no") string) block
|
2018-10-23 22:03:36 +00:00
|
|
|
| `Vm_stop (name, pid, code) ->
|
|
|
|
Fmt.pf ppf "%a stopped %d with %a" pp_id name pid pp_process_exit code
|
|
|
|
|
|
|
|
type t = Ptime.t * log_event
|
|
|
|
|
|
|
|
let pp ppf (ts, ev) =
|
|
|
|
Fmt.pf ppf "%a: %a" (Ptime.pp_rfc3339 ()) ts pp_log_event ev
|
2017-05-26 14:30:34 +00:00
|
|
|
end
|