Changes between Version 3 and Version 4 of DVMimpl


Ignore:
Timestamp:
Aug 30, 2011 2:40:53 PM (21 months ago)
Author:
rafal
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • DVMimpl

    v3 v4  
    11= DisposableVM implementation in Qubes =  
    22== DisposableVM image preparation == 
    3 DisposableVM is not started like other VMs, by executing equivalent of ''xm  
     3DisposableVM is not started like other VMs, by executing equivalent of ''xl  
    44create'' - it would be too slow. Instead, DisposableVM are started by restore 
    55from a savefile. 
     
    1919 1. when `qubes_used_mem` key appears, the domain memory is reduced to this amount, to make the savefile smaller.  
    2020 1. APPVM private image is detached 
    21  1. the domain is saved via ''xm save'' 
    22  1. the COW files for root fs and swap are packed to `saved_cows.tar` archive 
     21 1. the domain is saved via ''xl save'' 
     22 1. the COW file volatile.img (cow for for root fs and swap) is packed to `saved_cows.tar` archive 
    2323 
    2424''qubes_prepare_saved_domain.sh'' script is somehow lowlevel. It is usually called by ''qvm-create-default-dvm'' script, that takes care of creating a  
     
    2727 
    2828== Restoring a DisposableVM from the savefile == 
    29 When ''qfilexchgd'' daemon, described [wiki:Qfileexchgd here], sees a request to create a DVM, it executes ''/usr/lib/qubes/qubes_restore'' script. It is crucial that this script executes quickly, to make DisposableVM creation overhead bearable for the user. Its main steps are: 
     29Normally, disposable VM is created when qubes rpc request with target //$dispvm// is received. Then, as a part of rpc connection setup, the //qfile-daemon-dvm// program is executed; it executes ''/usr/lib/qubes/qubes_restore'' program. It is crucial that this program executes quickly, to make DisposableVM creation overhead bearable for the user. Its main steps are: 
    3030 1. modify the savefile so that the VM name, VM UUID, MAC address and IP address are unique 
    3131 1. restore the COW files from the `saved_cows.tar`  
    3232 1. create the `/var/run/qubes/fast_block_attach` file, whose presence tells the ''/etc/xen/scripts/block'' script to bypass some redundant checks and execute as fast as possible. 
    33  1. tell Xend to restore domain. In order to be as quick as possible, raw xmlrpc request is sent to the Xend socket, instead of calling ''xm'' program or using XendAPI 
     33 1. execute "xl restore" in order to restore a domain. 
    3434 1. create the same xenstore keys as normally created when AppVM boots (e.g. `qubes_ip`) 
    3535 1. create the `qubes_restore_complete` xenstore key. This allows the boot process in DisposableVM to continue. 
    3636 
    37 The actual passing of files between AppVM and a DisposableVM is implemented in ''qfilexchgd'' daemon and accordingly described [wiki:Qfileexchgd here]. 
     37The actual passing of files between AppVM and a DisposableVM is implemented via qubes rpc. 
    3838 
    3939== Validating the DisposableVM savefile == 
    4040DisposableVM savefile contains references to template rootfs and to COW files. The COW files are restored before each DisposableVM start, so they cannot change. On the other hand, if templateVM is started, the template rootfs will change, and it may not be coherent with the COW files.  
    4141 
    42 Therefore, the check for template rootfs modification time being older than DisposableVM savefile modification time is required. It is done in two places: 
    43  * in the ''/etc/init.d/qubes_dvm'' script 
    44  * in ''qfilexchgd'' daemon, just before restoring DisposableVM 
    45 In both cases, an attempt is made to recreate the DisposableVM savefile, using the default template and the default prerun script, residing at ''/var/lib/qubes/vm-templates/templatename/dispvm_prerun.sh''. Unfortunately, the prerun script takes a lot of time to execute - therefore, after template rootfs modification, the next DisposableVM creation or system boot can be longer by about 2.5 minutes. Also, if nondefault template or nondefault prerun script is intended to be used to create DisposableVM savefile, the  ''qvm-create-default-dvm'' script must be run manually with respective arguments everytime the template rootfs changes. 
     42Therefore, the check for template rootfs modification time being older than DisposableVM savefile modification time is required. It is done in ''qfilexchgd'' daemon, just before restoring DisposableVM. If necassary, an attempt is made to recreate the DisposableVM savefile, using the last template used (or default template, if run for the first time) and the default prerun script, residing at ''/var/lib/qubes/vm-templates/templatename/dispvm_prerun.sh''. Unfortunately, the prerun script takes a lot of time to execute - therefore, after template rootfs modification, the next DisposableVM creation can be longer by about 2.5 minutes.