Add locked_memory extra spec and image property

This change adds a new hw:locked_memory extra spec and hw_locked_memory image property to contol preventing guest memory from swapping. This change adds docs and extend the flavor validators for the new extra spec. Also add new image property. Blueprint: libvirt-viommu-device Change-Id: Id3779594f0078a5045031aded2ed68ee4301abbd
2021-03-03 00:49:22 +00:00 · 2021-03-03 00:49:22 +00:00 · 572c2b18e2
parent 85c9544444
commit 572c2b18e2
15 changed files with 237 additions and 7 deletions
--- a/doc/notification_samples/common_payloads/ImageMetaPropsPayload.json
+++ b/doc/notification_samples/common_payloads/ImageMetaPropsPayload.json
@ -4,5 +4,5 @@
        "hw_architecture": "x86_64"
    },
    "nova_object.name": "ImageMetaPropsPayload",
-    "nova_object.version": "1.10"
+    "nova_object.version": "1.11"
 }
--- a/doc/source/admin/libvirt-misc.rst
+++ b/doc/source/admin/libvirt-misc.rst
@ -138,3 +138,33 @@ For example, to hide your signature from the guest OS, run:
 .. code:: console
   $ openstack flavor set $FLAVOR --property hw:hide_hypervisor_id=true
 .. _extra-spec-locked_memory:
 Locked memory allocation
 ------------------------
 .. versionadded:: 26.0.0 (Zed)
 Locking memory marks the guest memory allocations as unmovable and
 unswappable. It is implicitly enabled in a number of cases such as SEV or
 realtime guests but can also be enabled explictly using the
 ``hw:locked_memory`` extra spec (or use ``hw_locked_memory`` image property).
 ``hw:locked_memory`` (also ``hw_locked_memory`` image property) accept
 boolean values in string format like 'true' or 'false' value.
 It will raise `FlavorImageLockedMemoryConflict` exception if both flavor and
 image property are specified but with different boolean values.
 This will only be allowed if you have also set ``hw:mem_page_size``,
 so we can ensure that the scheduler can actually account for this correctly
 and prevent out of memory events. Otherwise, will raise `LockMemoryForbidden`
 exception.
 .. code:: console
   $ openstack flavor set FLAVOR-NAME \
       --property hw:locked_memory=BOOLEAN_VALUE
 .. note::
   This is currently only supported by the libvirt driver.
--- a/nova/api/validation/extra_specs/hw.py
+++ b/nova/api/validation/extra_specs/hw.py
@ -163,6 +163,18 @@ hugepage_validators = [
            'pattern': r'(large|small|any|\d+([kKMGT]i?)?(b|bit|B)?)',
        },
    ),
    base.ExtraSpecValidator(
        name='hw:locked_memory',
        description=(
            'Determine if **guest** (instance) memory should be locked '
            'preventing swaping. This is required in rare cases for device '
            'DMA transfers. Only supported by the libvirt virt driver.'
        ),
        value={
            'type': bool,
            'description': 'Whether to lock **guest** (instance) memory.',
        },
    ),
 ]
 numa_validators = [
--- a/nova/exception.py
+++ b/nova/exception.py
@ -1861,6 +1861,17 @@ class MemoryPageSizeNotSupported(Invalid):
    msg_fmt = _("Page size %(pagesize)s is not supported by the host.")
 class LockMemoryForbidden(Forbidden):
    msg_fmt = _("locked_memory value in image or flavor is forbidden when "
                "mem_page_size is not set.")
 class FlavorImageLockedMemoryConflict(NovaException):
    msg_fmt = _("locked_memory value in image (%(image)s) and flavor "
                "(%(flavor)s) conflict. A consistent value is expected if "
                "both specified.")
 class CPUPinningInvalid(Invalid):
    msg_fmt = _("CPU set to pin %(requested)s must be a subset of "
                "free CPU set %(available)s")
--- a/nova/notifications/objects/image.py
+++ b/nova/notifications/objects/image.py
@ -128,7 +128,8 @@ class ImageMetaPropsPayload(base.NotificationPayloadBase):
    # Version 1.9: Added 'hw_emulation_architecture' field
    # Version 1.10: Added 'hw_ephemeral_encryption' and
    #                     'hw_ephemeral_encryption_format' fields
-    VERSION = '1.10'
+    # Version 1.11: Added 'hw_locked_memory' field
    VERSION = '1.11'
    SCHEMA = {
        k: ('image_meta_props', k) for k in image_meta.ImageMetaProps.fields}
--- a/nova/objects/image_meta.py
+++ b/nova/objects/image_meta.py
@ -190,14 +190,17 @@ class ImageMetaProps(base.NovaObject):
    # Version 1.31: Added 'hw_emulation_architecture' field
    # Version 1.32: Added 'hw_ephemeral_encryption' and
    #                     'hw_ephemeral_encryption_format' fields
    # Version 1.33: Added 'hw_locked_memory' field
    # NOTE(efried): When bumping this version, the version of
    # ImageMetaPropsPayload must also be bumped. See its docstring for details.
-    VERSION = '1.32'
+    VERSION = '1.33'
    def obj_make_compatible(self, primitive, target_version):
        super(ImageMetaProps, self).obj_make_compatible(primitive,
                                                        target_version)
        target_version = versionutils.convert_version_to_tuple(target_version)
        if target_version < (1, 33):
            primitive.pop('hw_locked_memory', None)
        if target_version < (1, 32):
            primitive.pop('hw_ephemeral_encryption', None)
            primitive.pop('hw_ephemeral_encryption_format', None)
@ -368,6 +371,10 @@ class ImageMetaProps(base.NovaObject):
        # image with a network boot image
        'hw_ipxe_boot': fields.FlexibleBooleanField(),
        # string - make sure ``locked`` element is present in the
        # ``memoryBacking``.
        'hw_locked_memory': fields.FlexibleBooleanField(),
        # There are sooooooooooo many possible machine types in
        # QEMU - several new ones with each new release - that it
        # is not practical to enumerate them all. So we use a free
--- a/nova/tests/functional/notification_sample_tests/test_instance.py
+++ b/nova/tests/functional/notification_sample_tests/test_instance.py
@ -1231,7 +1231,7 @@ class TestInstanceNotificationSample(
                    'nova_object.data': {},
                    'nova_object.name': 'ImageMetaPropsPayload',
                    'nova_object.namespace': 'nova',
-                    'nova_object.version': '1.10',
+                    'nova_object.version': '1.11',
                },
                'image.size': 58145823,
                'image.tags': [],
@ -1327,7 +1327,7 @@ class TestInstanceNotificationSample(
                    'nova_object.data': {},
                    'nova_object.name': 'ImageMetaPropsPayload',
                    'nova_object.namespace': 'nova',
-                    'nova_object.version': '1.10',
+                    'nova_object.version': '1.11',
                },
                'image.size': 58145823,
                'image.tags': [],
--- a/nova/tests/unit/notifications/objects/test_notification.py
+++ b/nova/tests/unit/notifications/objects/test_notification.py
@ -386,7 +386,7 @@ notification_object_data = {
    # ImageMetaProps, so when you see a fail here for that reason, you must
    # *also* bump the version of ImageMetaPropsPayload. See its docstring for
    # more information.
-    'ImageMetaPropsPayload': '1.10-44cf0030dc94a1a60ba7a0e222e854d6',
+    'ImageMetaPropsPayload': '1.11-938809cd33367c52cbc814fb9b6783dc',
    'InstanceActionNotification': '1.0-a73147b93b520ff0061865849d3dfa56',
    'InstanceActionPayload': '1.8-4fa3da9cbf0761f1f700ae578f36dc2f',
    'InstanceActionRebuildNotification':
--- a/nova/tests/unit/objects/test_image_meta.py
+++ b/nova/tests/unit/objects/test_image_meta.py
@ -108,6 +108,7 @@ class TestImageMetaProps(test.NoDBTestCase):
                 'hw_video_model': 'vga',
                 'hw_video_ram': '512',
                 'hw_qemu_guest_agent': 'yes',
                 'hw_locked_memory': 'true',
                 'trait:CUSTOM_TRUSTED': 'required',
                 # Fill sane values for the rest here
                 }
@ -116,6 +117,7 @@ class TestImageMetaProps(test.NoDBTestCase):
        self.assertEqual('vga', virtprops.hw_video_model)
        self.assertEqual(512, virtprops.hw_video_ram)
        self.assertTrue(virtprops.hw_qemu_guest_agent)
        self.assertTrue(virtprops.hw_locked_memory)
        self.assertIsNotNone(virtprops.traits_required)
        self.assertIn('CUSTOM_TRUSTED', virtprops.traits_required)
@ -285,6 +287,28 @@ class TestImageMetaProps(test.NoDBTestCase):
        self.assertEqual([set([0, 1, 2, 3])],
                         virtprops.hw_numa_cpus)
    def test_locked_memory_prop(self):
        props = {'hw_locked_memory': 'true'}
        virtprops = objects.ImageMetaProps.from_dict(props)
        self.assertTrue(virtprops.hw_locked_memory)
    def test_obj_make_compatible_hw_locked_memory(self):
        """Check 'hw_locked_memory' compatibility."""
        # assert that 'hw_locked_memory' is supported
        # on a suitably new version
        obj = objects.ImageMetaProps(
            hw_locked_memory='true',
        )
        primitive = obj.obj_to_primitive('1.33')
        self.assertIn('hw_locked_memory',
            primitive['nova_object.data'])
        self.assertTrue(primitive['nova_object.data']['hw_locked_memory'])
        # and is absent on older versions
        primitive = obj.obj_to_primitive('1.32')
        self.assertNotIn('hw_locked_memory',
                         primitive['nova_object.data'])
    def test_get_unnumbered_trait_fields(self):
        """Tests that only valid un-numbered required traits are parsed from
        the properties.
--- a/nova/tests/unit/objects/test_objects.py
+++ b/nova/tests/unit/objects/test_objects.py
@ -1072,7 +1072,7 @@ object_data = {
    'HyperVLiveMigrateData': '1.4-e265780e6acfa631476c8170e8d6fce0',
    'IDEDeviceBus': '1.0-29d4c9f27ac44197f01b6ac1b7e16502',
    'ImageMeta': '1.8-642d1b2eb3e880a367f37d72dd76162d',
-    'ImageMetaProps': '1.32-4967d35948af08b710b8b861f3fff0f9',
+    'ImageMetaProps': '1.33-6b7a29f769e6b8eee3f05832d78c85a2',
    'Instance': '2.7-d187aec68cad2e4d8b8a03a68e4739ce',
    'InstanceAction': '1.2-9a5abc87fdd3af46f45731960651efb5',
    'InstanceActionEvent': '1.4-5b1f361bd81989f8bb2c20bb7e8a4cb4',
--- a/nova/tests/unit/virt/libvirt/test_driver.py
+++ b/nova/tests/unit/virt/libvirt/test_driver.py
@ -3131,6 +3131,41 @@ class LibvirtConnTestCase(test.NoDBTestCase,
        self.assertTrue(membacking.locked)
        self.assertFalse(membacking.sharedpages)
    def test_get_guest_memory_backing_config_locked_flavor(self):
        extra_specs = {
            "hw:locked_memory": "True",
            "hw:mem_page_size": 1000,
        }
        flavor = objects.Flavor(
            name='m1.small', memory_mb=6, vcpus=28, root_gb=496,
            ephemeral_gb=8128, swap=33550336, extra_specs=extra_specs)
        image_meta = objects.ImageMeta.from_dict(self.test_image_meta)
        drvr = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
        membacking = drvr._get_guest_memory_backing_config(
            None, None, flavor, image_meta)
        self.assertTrue(membacking.locked)
    def test_get_guest_memory_backing_config_locked_image_meta(self):
        extra_specs = {}
        flavor = objects.Flavor(
            name='m1.small',
            memory_mb=6,
            vcpus=28,
            root_gb=496,
            ephemeral_gb=8128,
            swap=33550336,
            extra_specs=extra_specs)
        image_meta = objects.ImageMeta.from_dict({
            "disk_format": "raw",
            "properties": {
                "hw_locked_memory": "True",
                "hw_mem_page_size": 1000,
            }})
        drvr = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
        membacking = drvr._get_guest_memory_backing_config(
            None, None, flavor, image_meta)
        self.assertTrue(membacking.locked)
    def test_get_guest_memory_backing_config_realtime_invalid_share(self):
        """Test behavior when there is no pool of shared CPUS on which to place
        the emulator threads, isolating them from the instance CPU processes.
--- a/nova/tests/unit/virt/test_hardware.py
+++ b/nova/tests/unit/virt/test_hardware.py
@ -2814,6 +2814,54 @@ class NumberOfSerialPortsTest(test.NoDBTestCase):
                          flavor, image_meta)
 class VirtLockMemoryTestCase(test.NoDBTestCase):
    def _test_get_locked_memory_constraint(self, spec=None, props=None):
        flavor = objects.Flavor(vcpus=16, memory_mb=2048,
                                extra_specs=spec or {})
        image_meta = objects.ImageMeta.from_dict({"properties": props or {}})
        return hw.get_locked_memory_constraint(flavor, image_meta)
    def test_get_locked_memory_constraint_image(self):
        self.assertTrue(
            self._test_get_locked_memory_constraint(
                spec={"hw:mem_page_size": "small"},
                props={"hw_locked_memory": "True"}))
    def test_get_locked_memory_conflict(self):
        ex = self.assertRaises(
            exception.FlavorImageLockedMemoryConflict,
            self._test_get_locked_memory_constraint,
            spec={
                "hw:locked_memory": "False",
                "hw:mem_page_size": "small"
            },
            props={"hw_locked_memory": "True"}
        )
        ex_msg = ("locked_memory value in image (True) and flavor (False) "
                  "conflict. A consistent value is expected if both "
                  "specified.")
        self.assertEqual(ex_msg, str(ex))
    def test_get_locked_memory_constraint_forbidden(self):
        self.assertRaises(
            exception.LockMemoryForbidden,
            self._test_get_locked_memory_constraint,
            {"hw:locked_memory": "True"})
        self.assertRaises(
            exception.LockMemoryForbidden,
            self._test_get_locked_memory_constraint,
            {},
            {"hw_locked_memory": "True"})
    def test_get_locked_memory_constraint_image_false(self):
        # False value of locked_memory will not raise LockMemoryForbidden
        self.assertFalse(
            self._test_get_locked_memory_constraint(
                spec=None,
                props={"hw_locked_memory": "False"}))
 class VirtMemoryPagesTestCase(test.NoDBTestCase):
    def test_cell_instance_pagesize(self):
        cell = objects.InstanceNUMACell(
--- a/nova/virt/hardware.py
+++ b/nova/virt/hardware.py
@ -1337,6 +1337,48 @@ def _get_constraint_mappings_from_flavor(flavor, key, func):
    return hw_numa_map or None
 def get_locked_memory_constraint(
    flavor: 'objects.Flavor',
    image_meta: 'objects.ImageMeta',
 ) -> ty.Optional[bool]:
    """Validate and return the requested locked memory.
    :param flavor: ``nova.objects.Flavor`` instance
    :param image_meta: ``nova.objects.ImageMeta`` instance
    :raises: exception.LockMemoryForbidden if mem_page_size is not set
        while provide locked_memory value in image or flavor.
    :returns: The locked memory flag requested.
    """
    mem_page_size_flavor, mem_page_size_image = _get_flavor_image_meta(
        'mem_page_size', flavor, image_meta)
    locked_memory_flavor, locked_memory_image = _get_flavor_image_meta(
        'locked_memory', flavor, image_meta)
    if locked_memory_flavor is not None:
        # locked_memory_image is boolean type already
        locked_memory_flavor = strutils.bool_from_string(locked_memory_flavor)
        if locked_memory_image is not None and (
                locked_memory_flavor != locked_memory_image
        ):
            # We don't allow provide different value to flavor and image
            raise exception.FlavorImageLockedMemoryConflict(
                image=locked_memory_image, flavor=locked_memory_flavor)
        locked_memory = locked_memory_flavor
    else:
        locked_memory = locked_memory_image
    if locked_memory and not (
            mem_page_size_flavor or mem_page_size_image
    ):
        raise exception.LockMemoryForbidden()
    return locked_memory
 def _get_numa_cpu_constraint(
    flavor: 'objects.Flavor',
    image_meta: 'objects.ImageMeta',
@ -2107,6 +2149,8 @@ def numa_get_constraints(flavor, image_meta):
    pagesize = _get_numa_pagesize_constraint(flavor, image_meta)
    vpmems = get_vpmems(flavor)
    get_locked_memory_constraint(flavor, image_meta)
    # If 'hw:cpu_dedicated_mask' is not found in flavor extra specs, the
    # 'dedicated_cpus' variable is None, while we hope it being an empty set.
    dedicated_cpus = dedicated_cpus or set()
--- a/nova/virt/libvirt/driver.py
+++ b/nova/virt/libvirt/driver.py
@ -6342,6 +6342,11 @@ class LibvirtDriver(driver.ComputeDriver):
                membacking = vconfig.LibvirtConfigGuestMemoryBacking()
            membacking.locked = True
        if hardware.get_locked_memory_constraint(flavor, image_meta):
            if not membacking:
                membacking = vconfig.LibvirtConfigGuestMemoryBacking()
            membacking.locked = True
        return membacking
    def _get_memory_backing_hugepages_support(self, inst_topology, numatune):
--- a/releasenotes/notes/new_locked_memory_option-b68a031779366828.yaml
+++ b/releasenotes/notes/new_locked_memory_option-b68a031779366828.yaml
@ -0,0 +1,13 @@
 ---
 features:
  - |
    Add new ``hw:locked_memory`` extra spec and ``hw_locked_memory`` image
    property to lock memory on libvirt guest. Locking memory marks the guest
    memory allocations as unmovable and unswappable.
    ``hw:locked_memory`` extra spec and ``hw_locked_memory`` image property
    accept boolean values in string format like 'Yes' or 'false' value.
    Exception `LockMemoryForbidden` will raise, if you set lock memory value
    but not set either flavor extra spec
    ``hw:mem_page_size`` or image property ``hw_mem_page_size``,
    so we can ensure that the scheduler can actually account for this correctly
    and prevent out of memory events.