OpenStack Compute (nova)

Emulated network driver is not working when using xen over libvirt

Bug #1202199 reported by Tomasz Paszkowski
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Invalid
Undecided
Unassigned

Bug Description

When using XEN over libvirt, emulated network drivers (rtl8139,e1000) will not work as the interface name is too long.

By default XEN when running VMs in HVM creates two interfaces on host system:

vifX.X (for PV drivers)
vifX.X-emu (for emulated drives)

-emu suffix combined with 14 characters long tap interface name is too long for a linux system and it results that vifX.X-emu can't be renamed to openstack standard.

Additionally openstack expects tap interface to be without -emu suffix and all security groups settings will not also cover this interface (even if we will shortcut its name).

See original description
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (master)

Fix proposed to branch: master
Review: https://review.openstack.org/37477

Changed in nova:
assignee: nobody → Tomasz Paszkowski (tpaszkowski)
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: master
Review: https://review.openstack.org/37547

Adam Spiers (adam.spiers)
description: updated
Revision history for this message
Adam Spiers (adam.spiers) wrote :

I got some valuable info on this from our resident Xen / libvirt
expert Jim Fehlig:

For better or worse, Xen defers preferred network device selection to
the guest OS in the case of HVM domains. The Xen toolstack will
create both emulated and PV devices, and let the guest OS decide which
to use. If the guest OS contains an appropriate PV driver, it will
claim the device and tell qemu to unplug the emulated one. If the
guest OS has no appropriate PV driver, the PV device will be ignored
as unkown/unconfigured hardware, but the guest will still have a
network device via the emulated one. This is all fine except when it
comes to device naming. Only one device name can be specified in the
domain configuration, from which two devices are created internally -
hence the *-emu device.

Some would argue this a user-friendly approach accommodating guest
OSes that have no PV driver. Others would argue that this approach
wreaks havoc higher toolstacks that should determine such policy.
Most OSes have PV device drivers these days, but it may not be
possible to change this default behavior since there are many older
HVM configs in the wild with a model-less vif, e.g.

    vif=[ 'mac=aa:bb:cc:dd:ee:ff,bridge=br0', ]

where the guest OS does not have PV drivers. Providing only the PV
device, avoiding the *-emu one, would break networking in such guests.

BTW, sounds as though nova generates a maximum length vif name, which
Xen exceeds by appending '-emu'. Is that correct? Hmm, not to mention
breaking any filtering rules based on the nova generated name...

Jim is open to any suggestions on ways to fix this in the Xen
toolstack without introducing regressions. This issue should
disappear with the move to Xen's new libxl toolstack, where these
types of policy decisions have been removed.

Jim also pointed out that the only good reason *not* to prefer using
the PV network device is if the guest OS has no driver for it.

Revision history for this message
Adam Spiers (adam.spiers) wrote :

It seems that the maximum size allowed in Linux is 16:

  #define IFNAMSIZ 16

  -- http://lxr.linux.no/linux+v3.11.6/include/uapi/linux/if.h#L26

so I think the question becomes, why do we need tap interface names which are 14 bytes long in the first place?

Revision history for this message
Joe Gordon (jogo) wrote :

Related patch https://review.openstack.org/#/c/37477/4

Changed in nova:
status: In Progress → Incomplete
assignee: Tomasz Paszkowski (tpaszkowski) → nobody
Revision history for this message
Sean Dague (sdague) wrote :

I think this is an upstream xen issue and it's not clear we should be working around it based on the patch commentary

Changed in nova:
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.