Commit graph

184 commits

Author SHA1 Message Date
Hannes Mehnert d83986cab4 vmmd: initialise nocrypto 2018-04-05 02:14:49 +02:00
Hannes Mehnert 9696953cd7 revise force-restart: now with wait for kill and resource cleanup before start
allows to cleanup various hacks, such as checking for pid in vmm_resources
or removing temporarily the allocated resources from the resource map in vmm_engine

semantics is now slightly different, but for sure enhanced.
- each VM has a Lwt.wait () task attached in Vmm_engine.t (tasks : 'c String.Map.t)
- normal create shouldn't be much different, apart from memoizing the sleeper
- after waitpid is done in vmmd, and vmm_engine.shutdown succeeded, Lwt.wakeup is called for the sleeper
- force create now:
 - checks static policies
 - looks for existing VM (and task), if present: kill and wait for task in vmmd
 - continue with presence checking of vm name, dynamic policies, allocate resources (tap, img, fifo)

this means the whole randomness in filenames can be removed, and the
communication between vmm_console and vmm_client is working again (attach/detach
could not work since vmm_console knew only about "albatross.AAA.BBB.RANDOM",
whereas vmm_client insisted on "AAA.BBB"

resource overcommitment (and races in e.g. block device closing + opening) are
gone now, only if the old vm is cleanup up, resources for the new one are
allocated and it is executed
2018-04-05 01:02:45 +02:00
Hannes Mehnert a89b2925fd Vmm_core.cmd is now a variant (no longer polymorphic variant), some renames in Vmm_wire.Stats and Vmm_wire.Console to disambiguate 2018-04-04 22:16:31 +02:00
Hannes Mehnert fdab43aed6 vmm_engine: finish renaming Destroy_image -> Destroy_vm (broken since bb61388cfc) 2018-04-04 21:46:37 +02:00
Hannes Mehnert 7a4661b2e1 style: require lwt 3.0.0, fix warnings, disable 4 (fragile pattern matching) and 48 (implicit elimination of optional argument) 2018-04-03 22:58:31 +02:00
Hannes Mehnert 54179f55fc vmmd: failure semantics of stats socket the same as others (raise exception), no silent dropping of statistics 2018-04-03 22:49:50 +02:00
Hannes Mehnert d9f8f10b04 vmm_stats_lwt: accept command line option for interval 2018-04-03 22:49:00 +02:00
Hannes Mehnert a0c0f39734 vmm_stats: more debug, ignore vmmapi_open failure
vmm_stats_lwt: drop all pids on socket disconnect
vmmd: setup statistics slightly later (after the chmod on FreeBSD)
2018-04-01 23:59:12 +02:00
Hannes Mehnert 66df394d36 vmm_stats: allow vmmapi to fail (and report nothing), more convenient for linux code path 2018-03-24 23:39:16 +01:00
Hannes Mehnert 51d1dc63dc vmm_stats: fix fd leaks (fixes #10)
- vm_open only once per vm (vmmapi_open), returning vmctx
 - get stats descriptions only once in lifetime (vmmapi_statnames)
 - close file descriptor on `remove_pid` (vmmapi_close)

vmm_stats_once: command line utility (for debugging) for stats gathering
2018-03-24 22:33:51 +01:00
Hannes Mehnert 26f8734235 no need to run tests via travis, they don't exist (yet) 2018-03-23 17:04:35 +01:00
Hannes Mehnert c978dcfb14 less debug output of resources 2018-03-22 23:30:15 +01:00
Hannes Mehnert e48d3b3457 vmm_lwt/vmm_tls: less debug output of read/write stuff 2018-03-22 17:00:08 +01:00
Hannes Mehnert ceab24948d vmmd: poor mans statistics about uptime. created and destroyed vms 2018-03-22 17:00:08 +01:00
Hannes Mehnert 42ca0670c9 vmm_stats: guard vmmapi_stats 2018-03-22 17:00:08 +01:00
Hannes Mehnert d3941e70c6 style 2018-03-22 17:00:08 +01:00
Hannes Mehnert b9d5fa94f9 call waitpid() earlier, separate freebsd kludge (chmod g+rw), fixes #9 2018-03-22 17:00:08 +01:00
Hannes Mehnert db8ae1ee37 compression, fixes #6 2018-03-22 17:00:08 +01:00
Hannes Mehnert cfa7ccd1e0 safer and clearer error semantics for all processes, fixes #5 2018-03-22 17:00:08 +01:00
Hannes Mehnert 88012094f8 remove unused Vmm_commands.waitpid, catch EINTR in call to Lwt_unix.waitpid (in Vmm_lwt) 2018-03-22 17:00:08 +01:00
Hannes Mehnert 2b19d3eaf0 [ci skip] add travis badge 2018-03-22 17:00:08 +01:00
Hannes Mehnert 81b2ee9963 travis 2018-03-22 17:00:08 +01:00
Hannes Mehnert bb61388cfc new permission: force_create
a client certificate may either contain `Create or `Force_create permission.  If
the latter is used (vmm_req_vm --force), and a VM with the same name already
exists, this is destroyed (if the dynamic resources without the existing would
allow the new one to be deployed) and the new one is started.

I had this concrete deployment scenario, where kill ; create takes some minutes
since it is 10MB data which needs to be transferred from my laptop to a remote
server (me behind dialup).

- renamed `Image to `Create
- renamed `Destroy_image to `Destroy_vm
2018-03-22 17:00:08 +01:00
Hannes Mehnert 0052c3dc84 replace vmimage (Cstruct) with 0 after we wrote it to disk to avoid
the host process from referencing the whole vmimage
2018-03-22 13:54:33 +01:00
Hannes Mehnert 8807150c86 use a random temporary file instead of the serial numbers of the certificate chain for temporary host resources 2018-03-22 13:54:33 +01:00
Hannes Mehnert b403d11969 vmm_provision: when private key is on disk, use it! 2018-01-06 14:20:23 +01:00
Stefan Grundmann b3d27d5bb5 minor changes to README.md (#4)
* minor changes to README.md
2018-01-04 02:51:07 +01:00
Hannes Mehnert 411307d978 topkg 2017-12-25 04:02:24 +01:00
Hannes Mehnert 8407d13b15 port to new asn + x509 2017-12-23 15:03:56 +01:00
Hannes Mehnert bd8cc0ad22 style 2017-12-20 22:29:22 +01:00
Hannes Mehnert 19c37d2ca1 pass --mem to ukvm-bin, now that is merged in master 2017-10-26 23:07:29 +02:00
Hannes Mehnert 1d3cf484c4 use SIGTERM, not SIGKILL - now solo5 ukvm has the ability to execute atexit functions 2017-10-26 22:21:15 +02:00
Hannes Mehnert bdedadf689 vmmd:
- fix fd leak (always close socket)
 - send first message (login) after renegotiation

vmm_stats:
 - remove unneeded functionality (keeping old statistics around)
 - translate internal tap names to bridge names
 - gather statistics from vmmapi as well

vmm_prometheus_stats:
 - new exporter of statistics to prometheus

*:
 - fix typo in README
 - style
2017-09-14 21:47:07 +01:00
Hannes Mehnert 02be3f4528 initial 2017-07-10 10:38:25 +01:00