]> git.proxmox.com Git - qemu-server.git/blob - PVE/QemuMigrate.pm
projects / qemu-server.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
migrate: allow arbitrary source->target storage maps
[qemu-server.git] / PVE / QemuMigrate.pm
1 package PVE::QemuMigrate;
2
3 use strict;
4 use warnings;
5
6 use IO::File;
7 use IPC::Open2;
8 use POSIX qw( WNOHANG );
9 use Time::HiRes qw( usleep );
10
11 use PVE::Cluster;
12 use PVE::INotify;
13 use PVE::RPCEnvironment;
14 use PVE::Replication;
15 use PVE::ReplicationConfig;
16 use PVE::ReplicationState;
17 use PVE::Storage;
18 use PVE::Tools;
19
20 use PVE::QemuServer::Drive;
21 use PVE::QemuServer::Helpers qw(min_version);
22 use PVE::QemuServer::Machine;
23 use PVE::QemuServer::Monitor qw(mon_cmd);
24 use PVE::QemuServer;
25
26 use PVE::AbstractMigrate;
27 use base qw(PVE::AbstractMigrate);
28
29 sub fork_command_pipe {
30 my ($self, $cmd) = @_;
31
32 my $reader = IO::File->new();
33 my $writer = IO::File->new();
34
35 my $orig_pid = $$;
36
37 my $cpid;
38
39 eval { $cpid = open2($reader, $writer, @$cmd); };
40
41 my $err = $@;
42
43 # catch exec errors
44 if ($orig_pid != $$) {
45 $self->log('err', "can't fork command pipe\n");
46 POSIX::_exit(1);
47 kill('KILL', $$);
48 }
49
50 die $err if $err;
51
52 return { writer => $writer, reader => $reader, pid => $cpid };
53 }
54
55 sub finish_command_pipe {
56 my ($self, $cmdpipe, $timeout) = @_;
57
58 my $cpid = $cmdpipe->{pid};
59 return if !defined($cpid);
60
61 my $writer = $cmdpipe->{writer};
62 my $reader = $cmdpipe->{reader};
63
64 $writer->close();
65 $reader->close();
66
67 my $collect_child_process = sub {
68 my $res = waitpid($cpid, WNOHANG);
69 if (defined($res) && ($res == $cpid)) {
70 delete $cmdpipe->{cpid};
71 return 1;
72 } else {
73 return 0;
74 }
75 };
76
77 if ($timeout) {
78 for (my $i = 0; $i < $timeout; $i++) {
79 return if &$collect_child_process();
80 sleep(1);
81 }
82 }
83
84 $self->log('info', "ssh tunnel still running - terminating now with SIGTERM\n");
85 kill(15, $cpid);
86
87 # wait again
88 for (my $i = 0; $i < 10; $i++) {
89 return if &$collect_child_process();
90 sleep(1);
91 }
92
93 $self->log('info', "ssh tunnel still running - terminating now with SIGKILL\n");
94 kill 9, $cpid;
95 sleep 1;
96
97 $self->log('err', "ssh tunnel child process (PID $cpid) couldn't be collected\n")
98 if !&$collect_child_process();
99 }
100
101 sub read_tunnel {
102 my ($self, $tunnel, $timeout) = @_;
103
104 $timeout = 60 if !defined($timeout);
105
106 my $reader = $tunnel->{reader};
107
108 my $output;
109 eval {
110 PVE::Tools::run_with_timeout($timeout, sub { $output = <$reader>; });
111 };
112 die "reading from tunnel failed: $@\n" if $@;
113
114 chomp $output;
115
116 return $output;
117 }
118
119 sub write_tunnel {
120 my ($self, $tunnel, $timeout, $command) = @_;
121
122 $timeout = 60 if !defined($timeout);
123
124 my $writer = $tunnel->{writer};
125
126 eval {
127 PVE::Tools::run_with_timeout($timeout, sub {
128 print $writer "$command\n";
129 $writer->flush();
130 });
131 };
132 die "writing to tunnel failed: $@\n" if $@;
133
134 if ($tunnel->{version} && $tunnel->{version} >= 1) {
135 my $res = eval { $self->read_tunnel($tunnel, 10); };
136 die "no reply to command '$command': $@\n" if $@;
137
138 if ($res eq 'OK') {
139 return;
140 } else {
141 die "tunnel replied '$res' to command '$command'\n";
142 }
143 }
144 }
145
146 sub fork_tunnel {
147 my ($self, $tunnel_addr) = @_;
148
149 my @localtunnelinfo = ();
150 foreach my $addr (@$tunnel_addr) {
151 push @localtunnelinfo, '-L', $addr;
152 }
153
154 my $cmd = [@{$self->{rem_ssh}}, '-o ExitOnForwardFailure=yes', @localtunnelinfo, '/usr/sbin/qm', 'mtunnel' ];
155
156 my $tunnel = $self->fork_command_pipe($cmd);
157
158 eval {
159 my $helo = $self->read_tunnel($tunnel, 60);
160 die "no reply\n" if !$helo;
161 die "no quorum on target node\n" if $helo =~ m/^no quorum$/;
162 die "got strange reply from mtunnel ('$helo')\n"
163 if $helo !~ m/^tunnel online$/;
164 };
165 my $err = $@;
166
167 eval {
168 my $ver = $self->read_tunnel($tunnel, 10);
169 if ($ver =~ /^ver (\d+)$/) {
170 $tunnel->{version} = $1;
171 $self->log('info', "ssh tunnel $ver\n");
172 } else {
173 $err = "received invalid tunnel version string '$ver'\n" if !$err;
174 }
175 };
176
177 if ($err) {
178 $self->finish_command_pipe($tunnel);
179 die "can't open migration tunnel - $err";
180 }
181 return $tunnel;
182 }
183
184 sub finish_tunnel {
185 my ($self, $tunnel) = @_;
186
187 eval { $self->write_tunnel($tunnel, 30, 'quit'); };
188 my $err = $@;
189
190 $self->finish_command_pipe($tunnel, 30);
191
192 if ($tunnel->{sock_addr}) {
193 # ssh does not clean up on local host
194 my $cmd = ['rm', '-f', @{$tunnel->{sock_addr}}]; #
195 PVE::Tools::run_command($cmd);
196
197 # .. and just to be sure check on remote side
198 unshift @{$cmd}, @{$self->{rem_ssh}};
199 PVE::Tools::run_command($cmd);
200 }
201
202 die $err if $err;
203 }
204
205 sub lock_vm {
206 my ($self, $vmid, $code, @param) = @_;
207
208 return PVE::QemuConfig->lock_config($vmid, $code, @param);
209 }
210
211 sub prepare {
212 my ($self, $vmid) = @_;
213
214 my $online = $self->{opts}->{online};
215
216 $self->{storecfg} = PVE::Storage::config();
217
218 # test if VM exists
219 my $conf = $self->{vmconf} = PVE::QemuConfig->load_config($vmid);
220
221 PVE::QemuConfig->check_lock($conf);
222
223 my $running = 0;
224 if (my $pid = PVE::QemuServer::check_running($vmid)) {
225 die "can't migrate running VM without --online\n" if !$online;
226 $running = $pid;
227
228 $self->{forcemachine} = PVE::QemuServer::Machine::qemu_machine_pxe($vmid, $conf);
229
230 }
231 my $loc_res = PVE::QemuServer::check_local_resources($conf, 1);
232 if (scalar @$loc_res) {
233 if ($self->{running} || !$self->{opts}->{force}) {
234 die "can't migrate VM which uses local devices: " . join(", ", @$loc_res) . "\n";
235 } else {
236 $self->log('info', "migrating VM which uses local devices");
237 }
238 }
239
240 my $vollist = PVE::QemuServer::get_vm_volumes($conf);
241
242 my $need_activate = [];
243 foreach my $volid (@$vollist) {
244 my ($sid, $volname) = PVE::Storage::parse_volume_id($volid, 1);
245
246 # check if storage is available on both nodes
247 my $targetsid = PVE::QemuServer::map_storage($self->{opts}->{storagemap}, $sid);
248
249 my $scfg = PVE::Storage::storage_check_node($self->{storecfg}, $sid);
250 PVE::Storage::storage_check_node($self->{storecfg}, $targetsid, $self->{node});
251
252 if ($scfg->{shared}) {
253 # PVE::Storage::activate_storage checks this for non-shared storages
254 my $plugin = PVE::Storage::Plugin->lookup($scfg->{type});
255 warn "Used shared storage '$sid' is not online on source node!\n"
256 if !$plugin->check_connection($sid, $scfg);
257 } else {
258 # only activate if not shared
259 next if ($volid =~ m/vm-\d+-cloudinit/);
260 push @$need_activate, $volid;
261 }
262 }
263
264 # activate volumes
265 PVE::Storage::activate_volumes($self->{storecfg}, $need_activate);
266
267 # test ssh connection
268 my $cmd = [ @{$self->{rem_ssh}}, '/bin/true' ];
269 eval { $self->cmd_quiet($cmd); };
270 die "Can't connect to destination address using public key\n" if $@;
271
272 return $running;
273 }
274
275 sub sync_disks {
276 my ($self, $vmid) = @_;
277
278 my $conf = $self->{vmconf};
279
280 # local volumes which have been copied
281 $self->{volumes} = [];
282
283 my $storecfg = $self->{storecfg};
284 eval {
285
286 # found local volumes and their origin
287 my $local_volumes = {};
288 my $local_volumes_errors = {};
289 my $other_errors = [];
290 my $abort = 0;
291
292 my $log_error = sub {
293 my ($msg, $volid) = @_;
294
295 if (defined($volid)) {
296 $local_volumes_errors->{$volid} = $msg;
297 } else {
298 push @$other_errors, $msg;
299 }
300 $abort = 1;
301 };
302
303 my @sids = PVE::Storage::storage_ids($storecfg);
304 foreach my $storeid (@sids) {
305 my $scfg = PVE::Storage::storage_config($storecfg, $storeid);
306 next if $scfg->{shared};
307 next if !PVE::Storage::storage_check_enabled($storecfg, $storeid, undef, 1);
308
309 # get list from PVE::Storage (for unused volumes)
310 my $dl = PVE::Storage::vdisk_list($storecfg, $storeid, $vmid);
311
312 next if @{$dl->{$storeid}} == 0;
313
314 my $targetsid = PVE::QemuServer::map_storage($self->{opts}->{storagemap}, $storeid);
315 # check if storage is available on target node
316 PVE::Storage::storage_check_node($storecfg, $targetsid, $self->{node});
317
318 # grandfather in existing mismatches
319 if ($targetsid ne $storeid) {
320 my $target_scfg = PVE::Storage::storage_config($storecfg, $targetsid);
321 die "content type 'images' is not available on storage '$targetsid'\n"
322 if !$target_scfg->{content}->{images};
323 }
324
325 PVE::Storage::foreach_volid($dl, sub {
326 my ($volid, $sid, $volinfo) = @_;
327
328 $local_volumes->{$volid}->{ref} = 'storage';
329
330 # If with_snapshots is not set for storage migrate, it tries to use
331 # a raw+size stream, but on-the-fly conversion from qcow2 to raw+size
332 # back to qcow2 is currently not possible.
333 $local_volumes->{$volid}->{snapshots} = ($volinfo->{format} =~ /^(?:qcow2|vmdk)$/);
334 $local_volumes->{$volid}->{format} = $volinfo->{format};
335 });
336 }
337
338 my $rep_cfg = PVE::ReplicationConfig->new();
339 my $replication_jobcfg = $rep_cfg->find_local_replication_job($vmid, $self->{node});
340 my $replicatable_volumes = !$replication_jobcfg ? {}
341 : PVE::QemuConfig->get_replicatable_volumes($storecfg, $vmid, $conf, 0, 1);
342
343 my $test_volid = sub {
344 my ($volid, $attr) = @_;
345
346 if ($volid =~ m|^/|) {
347 return if $attr->{shared};
348 $local_volumes->{$volid}->{ref} = 'config';
349 die "local file/device\n";
350 }
351
352 my $snaprefs = $attr->{referenced_in_snapshot};
353
354 if ($attr->{cdrom}) {
355 if ($volid eq 'cdrom') {
356 my $msg = "can't migrate local cdrom drive";
357 if (defined($snaprefs) && !$attr->{referenced_in_config}) {
358 my $snapnames = join(', ', sort keys %$snaprefs);
359 $msg .= " (referenced in snapshot - $snapnames)";
360 }
361 &$log_error("$msg\n");
362 return;
363 }
364 return if $volid eq 'none';
365 }
366
367 my ($sid, $volname) = PVE::Storage::parse_volume_id($volid);
368
369 my $targetsid = PVE::QemuServer::map_storage($self->{opts}->{storagemap}, $sid);
370 # check if storage is available on both nodes
371 my $scfg = PVE::Storage::storage_check_node($storecfg, $sid);
372 PVE::Storage::storage_check_node($storecfg, $targetsid, $self->{node});
373
374 return if $scfg->{shared};
375
376 $local_volumes->{$volid}->{ref} = $attr->{referenced_in_config} ? 'config' : 'snapshot';
377
378 if ($attr->{cdrom}) {
379 if ($volid =~ /vm-\d+-cloudinit/) {
380 $local_volumes->{$volid}->{ref} = 'generated';
381 return;
382 }
383 die "local cdrom image\n";
384 }
385
386 my ($path, $owner) = PVE::Storage::path($storecfg, $volid);
387
388 die "owned by other VM (owner = VM $owner)\n"
389 if !$owner || ($owner != $vmid);
390
391 if (defined($snaprefs)) {
392 $local_volumes->{$volid}->{snapshots} = 1;
393
394 # we cannot migrate shapshots on local storage
395 # exceptions: 'zfspool' or 'qcow2' files (on directory storage)
396
397 die "online storage migration not possible if snapshot exists\n" if $self->{running};
398 if (!($scfg->{type} eq 'zfspool' || $local_volumes->{$volid}->{format} eq 'qcow2')) {
399 die "non-migratable snapshot exists\n";
400 }
401 }
402
403 die "referenced by linked clone(s)\n"
404 if PVE::Storage::volume_is_base_and_used($storecfg, $volid);
405 };
406
407 PVE::QemuServer::foreach_volid($conf, sub {
408 my ($volid, $attr) = @_;
409 eval { $test_volid->($volid, $attr); };
410 if (my $err = $@) {
411 &$log_error($err, $volid);
412 }
413 });
414
415 foreach my $vol (sort keys %$local_volumes) {
416 my $type = $replicatable_volumes->{$vol} ? 'local, replicated' : 'local';
417 my $ref = $local_volumes->{$vol}->{ref};
418 if ($ref eq 'storage') {
419 $self->log('info', "found $type disk '$vol' (via storage)\n");
420 } elsif ($ref eq 'config') {
421 &$log_error("can't live migrate attached local disks without with-local-disks option\n", $vol)
422 if $self->{running} && !$self->{opts}->{"with-local-disks"};
423 $self->log('info', "found $type disk '$vol' (in current VM config)\n");
424 } elsif ($ref eq 'snapshot') {
425 $self->log('info', "found $type disk '$vol' (referenced by snapshot(s))\n");
426 } elsif ($ref eq 'generated') {
427 $self->log('info', "found generated disk '$vol' (in current VM config)\n");
428 } else {
429 $self->log('info', "found $type disk '$vol'\n");
430 }
431 }
432
433 foreach my $vol (sort keys %$local_volumes_errors) {
434 $self->log('warn', "can't migrate local disk '$vol': $local_volumes_errors->{$vol}");
435 }
436 foreach my $err (@$other_errors) {
437 $self->log('warn', "$err");
438 }
439
440 if ($abort) {
441 die "can't migrate VM - check log\n";
442 }
443
444 # additional checks for local storage
445 foreach my $volid (keys %$local_volumes) {
446 my ($sid, $volname) = PVE::Storage::parse_volume_id($volid);
447 my $scfg = PVE::Storage::storage_config($storecfg, $sid);
448
449 my $migratable = $scfg->{type} =~ /^(?:dir|zfspool|lvmthin|lvm)$/;
450
451 die "can't migrate '$volid' - storage type '$scfg->{type}' not supported\n"
452 if !$migratable;
453
454 # image is a linked clone on local storage, se we can't migrate.
455 if (my $basename = (PVE::Storage::parse_volname($storecfg, $volid))[3]) {
456 die "can't migrate '$volid' as it's a clone of '$basename'";
457 }
458 }
459
460 if ($replication_jobcfg) {
461 if ($self->{running}) {
462
463 my $version = PVE::QemuServer::kvm_user_version();
464 if (!min_version($version, 4, 2)) {
465 die "can't live migrate VM with replicated volumes, pve-qemu to old (< 4.2)!\n"
466 }
467
468 my $live_replicatable_volumes = {};
469 PVE::QemuServer::foreach_drive($conf, sub {
470 my ($ds, $drive) = @_;
471
472 my $volid = $drive->{file};
473 $live_replicatable_volumes->{$ds} = $volid
474 if defined($replicatable_volumes->{$volid});
475 });
476 foreach my $drive (keys %$live_replicatable_volumes) {
477 my $volid = $live_replicatable_volumes->{$drive};
478
479 my $bitmap = "repl_$drive";
480
481 # start tracking before replication to get full delta + a few duplicates
482 $self->log('info', "$drive: start tracking writes using block-dirty-bitmap '$bitmap'");
483 mon_cmd($vmid, 'block-dirty-bitmap-add', node => "drive-$drive", name => $bitmap);
484
485 # other info comes from target node in phase 2
486 $self->{target_drive}->{$drive}->{bitmap} = $bitmap;
487 }
488 }
489 $self->log('info', "replicating disk images");
490
491 my $start_time = time();
492 my $logfunc = sub { $self->log('info', shift) };
493 $self->{replicated_volumes} = PVE::Replication::run_replication(
494 'PVE::QemuConfig', $replication_jobcfg, $start_time, $start_time, $logfunc);
495 }
496
497 # sizes in config have to be accurate for remote node to correctly
498 # allocate disks, rescan to be sure
499 my $volid_hash = PVE::QemuServer::scan_volids($storecfg, $vmid);
500 PVE::QemuServer::foreach_drive($conf, sub {
501 my ($key, $drive) = @_;
502 my ($updated, $old_size, $new_size) = PVE::QemuServer::Drive::update_disksize($drive, $volid_hash);
503 if (defined($updated)) {
504 $conf->{$key} = PVE::QemuServer::print_drive($updated);
505 $self->log('info', "size of disk '$updated->{file}' ($key) updated from $old_size to $new_size\n");
506 }
507 });
508
509 # we want to set the efidisk size in the config to the size of the
510 # real OVMF_VARS.fd image, else we can create a too big image, which does not work
511 if (defined($conf->{efidisk0})) {
512 PVE::QemuServer::update_efidisk_size($conf);
513 }
514
515 $self->log('info', "copying local disk images") if scalar(%$local_volumes);
516
517 foreach my $volid (keys %$local_volumes) {
518 my ($sid, $volname) = PVE::Storage::parse_volume_id($volid);
519 my $targetsid = PVE::QemuServer::map_storage($self->{opts}->{storagemap}, $sid);
520 my $ref = $local_volumes->{$volid}->{ref};
521 if ($self->{running} && $ref eq 'config') {
522 push @{$self->{online_local_volumes}}, $volid;
523 } elsif ($ref eq 'generated') {
524 die "can't live migrate VM with local cloudinit disk. use a shared storage instead\n" if $self->{running};
525 # skip all generated volumes but queue them for deletion in phase3_cleanup
526 push @{$self->{volumes}}, $volid;
527 next;
528 } else {
529 next if $self->{replicated_volumes}->{$volid};
530 push @{$self->{volumes}}, $volid;
531 my $opts = $self->{opts};
532 my $insecure = $opts->{migration_type} eq 'insecure';
533 my $with_snapshots = $local_volumes->{$volid}->{snapshots};
534 # use 'migrate' limit for transfer to other node
535 my $bwlimit = PVE::Storage::get_bandwidth_limit('migration', [$targetsid, $sid], $opts->{bwlimit});
536 # JSONSchema and get_bandwidth_limit use kbps - storage_migrate bps
537 $bwlimit = $bwlimit * 1024 if defined($bwlimit);
538
539 PVE::Storage::storage_migrate($storecfg, $volid, $self->{ssh_info}, $targetsid,
540 undef, undef, undef, $bwlimit, $insecure, $with_snapshots);
541 }
542 }
543 };
544 die "Failed to sync data - $@" if $@;
545 }
546
547 sub cleanup_remotedisks {
548 my ($self) = @_;
549
550 foreach my $target_drive (keys %{$self->{target_drive}}) {
551 my $drivestr = $self->{target_drive}->{$target_drive}->{drivestr};
552 next if !defined($drivestr);
553
554 my $drive = PVE::QemuServer::parse_drive($target_drive, $drivestr);
555
556 # don't clean up replicated disks!
557 next if defined($self->{replicated_volumes}->{$drive->{file}});
558
559 my ($storeid, $volname) = PVE::Storage::parse_volume_id($drive->{file});
560
561 my $cmd = [@{$self->{rem_ssh}}, 'pvesm', 'free', "$storeid:$volname"];
562
563 eval{ PVE::Tools::run_command($cmd, outfunc => sub {}, errfunc => sub {}) };
564 if (my $err = $@) {
565 $self->log('err', $err);
566 $self->{errors} = 1;
567 }
568 }
569 }
570
571 sub cleanup_bitmaps {
572 my ($self) = @_;
573 foreach my $drive (keys %{$self->{target_drive}}) {
574 my $bitmap = $self->{target_drive}->{$drive}->{bitmap};
575 next if !$bitmap;
576 $self->log('info', "$drive: removing block-dirty-bitmap '$bitmap'");
577 mon_cmd($self->{vmid}, 'block-dirty-bitmap-remove', node => "drive-$drive", name => $bitmap);
578 }
579 }
580
581 sub phase1 {
582 my ($self, $vmid) = @_;
583
584 $self->log('info', "starting migration of VM $vmid to node '$self->{node}' ($self->{nodeip})");
585
586 my $conf = $self->{vmconf};
587
588 # set migrate lock in config file
589 $conf->{lock} = 'migrate';
590 PVE::QemuConfig->write_config($vmid, $conf);
591
592 sync_disks($self, $vmid);
593
594 # sync_disks fixes disk sizes to match their actual size, write changes so
595 # target allocates correct volumes
596 PVE::QemuConfig->write_config($vmid, $conf);
597 };
598
599 sub phase1_cleanup {
600 my ($self, $vmid, $err) = @_;
601
602 $self->log('info', "aborting phase 1 - cleanup resources");
603
604 my $conf = $self->{vmconf};
605 delete $conf->{lock};
606 eval { PVE::QemuConfig->write_config($vmid, $conf) };
607 if (my $err = $@) {
608 $self->log('err', $err);
609 }
610
611 if ($self->{volumes}) {
612 foreach my $volid (@{$self->{volumes}}) {
613 $self->log('err', "found stale volume copy '$volid' on node '$self->{node}'");
614 # fixme: try to remove ?
615 }
616 }
617
618 eval { $self->cleanup_bitmaps() };
619 if (my $err =$@) {
620 $self->log('err', $err);
621 }
622
623 }
624
625 sub phase2 {
626 my ($self, $vmid) = @_;
627
628 my $conf = $self->{vmconf};
629
630 $self->log('info', "starting VM $vmid on remote node '$self->{node}'");
631
632 my $raddr;
633 my $rport;
634 my $ruri; # the whole migration dst. URI (protocol:address[:port])
635 my $nodename = PVE::INotify::nodename();
636
637 ## start on remote node
638 my $cmd = [@{$self->{rem_ssh}}];
639
640 my $spice_ticket;
641 if (PVE::QemuServer::vga_conf_has_spice($conf->{vga})) {
642 my $res = mon_cmd($vmid, 'query-spice');
643 $spice_ticket = $res->{ticket};
644 }
645
646 push @$cmd , 'qm', 'start', $vmid, '--skiplock', '--migratedfrom', $nodename;
647
648 my $migration_type = $self->{opts}->{migration_type};
649
650 push @$cmd, '--migration_type', $migration_type;
651
652 push @$cmd, '--migration_network', $self->{opts}->{migration_network}
653 if $self->{opts}->{migration_network};
654
655 if ($migration_type eq 'insecure') {
656 push @$cmd, '--stateuri', 'tcp';
657 } else {
658 push @$cmd, '--stateuri', 'unix';
659 }
660
661 if ($self->{forcemachine}) {
662 push @$cmd, '--machine', $self->{forcemachine};
663 }
664
665 if ($self->{online_local_volumes}) {
666 push @$cmd, '--targetstorage', ($self->{opts}->{targetstorage} // '1');
667 }
668
669 my $spice_port;
670 my $tunnel_addr = [];
671 my $sock_addr = [];
672 # version > 0 for unix socket support
673 my $nbd_protocol_version = 1;
674 # TODO change to 'spice_ticket: <ticket>\n' in 7.0
675 my $input = $spice_ticket ? "$spice_ticket\n" : "\n";
676 $input .= "nbd_protocol_version: $nbd_protocol_version\n";
677 foreach my $volid (keys %{$self->{replicated_volumes}}) {
678 $input .= "replicated_volume: $volid\n";
679 }
680
681 my $target_replicated_volumes = {};
682
683 # Note: We try to keep $spice_ticket secret (do not pass via command line parameter)
684 # instead we pipe it through STDIN
685 my $exitcode = PVE::Tools::run_command($cmd, input => $input, outfunc => sub {
686 my $line = shift;
687
688 if ($line =~ m/^migration listens on tcp:(localhost|[\d\.]+|\[[\d\.:a-fA-F]+\]):(\d+)$/) {
689 $raddr = $1;
690 $rport = int($2);
691 $ruri = "tcp:$raddr:$rport";
692 }
693 elsif ($line =~ m!^migration listens on unix:(/run/qemu-server/(\d+)\.migrate)$!) {
694 $raddr = $1;
695 die "Destination UNIX sockets VMID does not match source VMID" if $vmid ne $2;
696 $ruri = "unix:$raddr";
697 }
698 elsif ($line =~ m/^migration listens on port (\d+)$/) {
699 $raddr = "localhost";
700 $rport = int($1);
701 $ruri = "tcp:$raddr:$rport";
702 }
703 elsif ($line =~ m/^spice listens on port (\d+)$/) {
704 $spice_port = int($1);
705 }
706 elsif ($line =~ m/^storage migration listens on nbd:(localhost|[\d\.]+|\[[\d\.:a-fA-F]+\]):(\d+):exportname=(\S+) volume:(\S+)$/) {
707 my $drivestr = $4;
708 my $nbd_uri = "nbd:$1:$2:exportname=$3";
709 my $targetdrive = $3;
710 $targetdrive =~ s/drive-//g;
711
712 $self->{target_drive}->{$targetdrive}->{drivestr} = $drivestr;
713 $self->{target_drive}->{$targetdrive}->{nbd_uri} = $nbd_uri;
714 } elsif ($line =~ m!^storage migration listens on nbd:unix:(/run/qemu-server/(\d+)_nbd\.migrate):exportname=(\S+) volume:(\S+)$!) {
715 my $drivestr = $4;
716 die "Destination UNIX socket's VMID does not match source VMID" if $vmid ne $2;
717 my $nbd_unix_addr = $1;
718 my $nbd_uri = "nbd:unix:$nbd_unix_addr:exportname=$3";
719 my $targetdrive = $3;
720 $targetdrive =~ s/drive-//g;
721
722 $self->{target_drive}->{$targetdrive}->{drivestr} = $drivestr;
723 $self->{target_drive}->{$targetdrive}->{nbd_uri} = $nbd_uri;
724 push @$tunnel_addr, "$nbd_unix_addr:$nbd_unix_addr";
725 push @$sock_addr, $nbd_unix_addr;
726 } elsif ($line =~ m/^re-using replicated volume: (\S+) - (.*)$/) {
727 my $drive = $1;
728 my $volid = $2;
729 $target_replicated_volumes->{$volid} = $drive;
730 } elsif ($line =~ m/^QEMU: (.*)$/) {
731 $self->log('info', "[$self->{node}] $1\n");
732 }
733 }, errfunc => sub {
734 my $line = shift;
735 $self->log('info', "[$self->{node}] $line");
736 }, noerr => 1);
737
738 die "remote command failed with exit code $exitcode\n" if $exitcode;
739
740 die "unable to detect remote migration address\n" if !$raddr;
741
742 if (scalar(keys %$target_replicated_volumes) != scalar(keys %{$self->{replicated_volumes}})) {
743 die "number of replicated disks on source and target node do not match - target node too old?\n"
744 }
745
746 $self->log('info', "start remote tunnel");
747
748 if ($migration_type eq 'secure') {
749
750 if ($ruri =~ /^unix:/) {
751 unlink $raddr;
752 push @$tunnel_addr, "$raddr:$raddr";
753 $self->{tunnel} = $self->fork_tunnel($tunnel_addr);
754 push @$sock_addr, $raddr;
755
756 my $unix_socket_try = 0; # wait for the socket to become ready
757 while ($unix_socket_try <= 100) {
758 $unix_socket_try++;
759 my $available = 0;
760 foreach my $sock (@$sock_addr) {
761 if (-S $sock) {
762 $available++;
763 }
764 }
765
766 if ($available == @$sock_addr) {
767 last;
768 }
769
770 usleep(50000);
771 }
772 if ($unix_socket_try > 100) {
773 $self->{errors} = 1;
774 $self->finish_tunnel($self->{tunnel});
775 die "Timeout, migration socket $ruri did not get ready";
776 }
777
778 } elsif ($ruri =~ /^tcp:/) {
779 my $tunnel_addr;
780 if ($raddr eq "localhost") {
781 # for backwards compatibility with older qemu-server versions
782 my $pfamily = PVE::Tools::get_host_address_family($nodename);
783 my $lport = PVE::Tools::next_migrate_port($pfamily);
784 $tunnel_addr = "$lport:localhost:$rport";
785 }
786
787 $self->{tunnel} = $self->fork_tunnel($tunnel_addr);
788
789 } else {
790 die "unsupported protocol in migration URI: $ruri\n";
791 }
792 } else {
793 #fork tunnel for insecure migration, to send faster commands like resume
794 $self->{tunnel} = $self->fork_tunnel();
795 }
796 $self->{tunnel}->{sock_addr} = $sock_addr if (@$sock_addr);
797
798 my $start = time();
799
800 my $opt_bwlimit = $self->{opts}->{bwlimit};
801
802 if (defined($self->{online_local_volumes})) {
803 $self->{storage_migration} = 1;
804 $self->{storage_migration_jobs} = {};
805 $self->log('info', "starting storage migration");
806
807 die "The number of local disks does not match between the source and the destination.\n"
808 if (scalar(keys %{$self->{target_drive}}) != scalar @{$self->{online_local_volumes}});
809 foreach my $drive (keys %{$self->{target_drive}}){
810 my $target = $self->{target_drive}->{$drive};
811 my $nbd_uri = $target->{nbd_uri};
812
813 my $source_drive = PVE::QemuServer::parse_drive($drive, $conf->{$drive});
814 my $target_drive = PVE::QemuServer::parse_drive($drive, $target->{drivestr});
815
816 my $source_sid = PVE::Storage::Plugin::parse_volume_id($source_drive->{file});
817 my $target_sid = PVE::Storage::Plugin::parse_volume_id($target_drive->{file});
818
819 my $bwlimit = PVE::Storage::get_bandwidth_limit('migration', [$source_sid, $target_sid], $opt_bwlimit);
820 my $bitmap = $target->{bitmap};
821
822 $self->log('info', "$drive: start migration to $nbd_uri");
823 PVE::QemuServer::qemu_drive_mirror($vmid, $drive, $nbd_uri, $vmid, undef, $self->{storage_migration_jobs}, 'skip', undef, $bwlimit, $bitmap);
824 }
825 }
826
827 $self->log('info', "starting online/live migration on $ruri");
828 $self->{livemigration} = 1;
829
830 # load_defaults
831 my $defaults = PVE::QemuServer::load_defaults();
832
833 $self->log('info', "set migration_caps");
834 eval {
835 PVE::QemuServer::set_migration_caps($vmid);
836 };
837 warn $@ if $@;
838
839 my $qemu_migrate_params = {};
840
841 # migrate speed can be set via bwlimit (datacenter.cfg and API) and via the
842 # migrate_speed parameter in qm.conf - take the lower of the two.
843 my $bwlimit = PVE::Storage::get_bandwidth_limit('migration', undef, $opt_bwlimit) // 0;
844 my $migrate_speed = $conf->{migrate_speed} // $bwlimit;
845 # migrate_speed is in MB/s, bwlimit in KB/s
846 $migrate_speed *= 1024;
847
848 $migrate_speed = ($bwlimit < $migrate_speed) ? $bwlimit : $migrate_speed;
849
850 # always set migrate speed (overwrite kvm default of 32m) we set a very high
851 # default of 8192m which is basically unlimited
852 $migrate_speed ||= ($defaults->{migrate_speed} || 8192) * 1024;
853
854 # qmp takes migrate_speed in B/s.
855 $migrate_speed *= 1024;
856 $self->log('info', "migration speed limit: $migrate_speed B/s");
857 $qemu_migrate_params->{'max-bandwidth'} = int($migrate_speed);
858
859 my $migrate_downtime = $defaults->{migrate_downtime};
860 $migrate_downtime = $conf->{migrate_downtime} if defined($conf->{migrate_downtime});
861 # migrate-set-parameters expects limit in ms
862 $migrate_downtime *= 1000;
863 $self->log('info', "migration downtime limit: $migrate_downtime ms");
864 $qemu_migrate_params->{'downtime-limit'} = int($migrate_downtime);
865
866 # set cachesize to 10% of the total memory
867 my $memory = $conf->{memory} || $defaults->{memory};
868 my $cachesize = int($memory * 1048576 / 10);
869 $cachesize = round_powerof2($cachesize);
870
871 $self->log('info', "migration cachesize: $cachesize B");
872 $qemu_migrate_params->{'xbzrle-cache-size'} = int($cachesize);
873
874 $self->log('info', "set migration parameters");
875 eval {
876 mon_cmd($vmid, "migrate-set-parameters", %{$qemu_migrate_params});
877 };
878 $self->log('info', "migrate-set-parameters error: $@") if $@;
879
880 if (PVE::QemuServer::vga_conf_has_spice($conf->{vga})) {
881 my $rpcenv = PVE::RPCEnvironment::get();
882 my $authuser = $rpcenv->get_user();
883
884 my (undef, $proxyticket) = PVE::AccessControl::assemble_spice_ticket($authuser, $vmid, $self->{node});
885
886 my $filename = "/etc/pve/nodes/$self->{node}/pve-ssl.pem";
887 my $subject = PVE::AccessControl::read_x509_subject_spice($filename);
888
889 $self->log('info', "spice client_migrate_info");
890
891 eval {
892 mon_cmd($vmid, "client_migrate_info", protocol => 'spice',
893 hostname => $proxyticket, 'port' => 0, 'tls-port' => $spice_port,
894 'cert-subject' => $subject);
895 };
896 $self->log('info', "client_migrate_info error: $@") if $@;
897
898 }
899
900 $self->log('info', "start migrate command to $ruri");
901 eval {
902 mon_cmd($vmid, "migrate", uri => $ruri);
903 };
904 my $merr = $@;
905 $self->log('info', "migrate uri => $ruri failed: $merr") if $merr;
906
907 my $lstat = 0;
908 my $usleep = 1000000;
909 my $i = 0;
910 my $err_count = 0;
911 my $lastrem = undef;
912 my $downtimecounter = 0;
913 while (1) {
914 $i++;
915 my $avglstat = $lstat/$i if $lstat;
916
917 usleep($usleep);
918 my $stat;
919 eval {
920 $stat = mon_cmd($vmid, "query-migrate");
921 };
922 if (my $err = $@) {
923 $err_count++;
924 warn "query migrate failed: $err\n";
925 $self->log('info', "query migrate failed: $err");
926 if ($err_count <= 5) {
927 usleep(1000000);
928 next;
929 }
930 die "too many query migrate failures - aborting\n";
931 }
932
933 if (defined($stat->{status}) && $stat->{status} =~ m/^(setup)$/im) {
934 sleep(1);
935 next;
936 }
937
938 if (defined($stat->{status}) && $stat->{status} =~ m/^(active|completed|failed|cancelled)$/im) {
939 $merr = undef;
940 $err_count = 0;
941 if ($stat->{status} eq 'completed') {
942 my $delay = time() - $start;
943 if ($delay > 0) {
944 my $mbps = sprintf "%.2f", $memory / $delay;
945 my $downtime = $stat->{downtime} || 0;
946 $self->log('info', "migration speed: $mbps MB/s - downtime $downtime ms");
947 }
948 }
949
950 if ($stat->{status} eq 'failed' || $stat->{status} eq 'cancelled') {
951 $self->log('info', "migration status error: $stat->{status}");
952 die "aborting\n"
953 }
954
955 if ($stat->{status} ne 'active') {
956 $self->log('info', "migration status: $stat->{status}");
957 last;
958 }
959
960 if ($stat->{ram}->{transferred} ne $lstat) {
961 my $trans = $stat->{ram}->{transferred} || 0;
962 my $rem = $stat->{ram}->{remaining} || 0;
963 my $total = $stat->{ram}->{total} || 0;
964 my $xbzrlecachesize = $stat->{"xbzrle-cache"}->{"cache-size"} || 0;
965 my $xbzrlebytes = $stat->{"xbzrle-cache"}->{"bytes"} || 0;
966 my $xbzrlepages = $stat->{"xbzrle-cache"}->{"pages"} || 0;
967 my $xbzrlecachemiss = $stat->{"xbzrle-cache"}->{"cache-miss"} || 0;
968 my $xbzrleoverflow = $stat->{"xbzrle-cache"}->{"overflow"} || 0;
969 # reduce sleep if remainig memory is lower than the average transfer speed
970 $usleep = 100000 if $avglstat && $rem < $avglstat;
971
972 $self->log('info', "migration status: $stat->{status} (transferred ${trans}, " .
973 "remaining ${rem}), total ${total})");
974
975 if (${xbzrlecachesize}) {
976 $self->log('info', "migration xbzrle cachesize: ${xbzrlecachesize} transferred ${xbzrlebytes} pages ${xbzrlepages} cachemiss ${xbzrlecachemiss} overflow ${xbzrleoverflow}");
977 }
978
979 if (($lastrem && $rem > $lastrem ) || ($rem == 0)) {
980 $downtimecounter++;
981 }
982 $lastrem = $rem;
983
984 if ($downtimecounter > 5) {
985 $downtimecounter = 0;
986 $migrate_downtime *= 2;
987 $self->log('info', "auto-increased downtime to continue migration: $migrate_downtime ms");
988 eval {
989 # migrate-set-parameters does not touch values not
990 # specified, so this only changes downtime-limit
991 mon_cmd($vmid, "migrate-set-parameters", 'downtime-limit' => int($migrate_downtime));
992 };
993 $self->log('info', "migrate-set-parameters error: $@") if $@;
994 }
995
996 }
997
998
999 $lstat = $stat->{ram}->{transferred};
1000
1001 } else {
1002 die $merr if $merr;
1003 die "unable to parse migration status '$stat->{status}' - aborting\n";
1004 }
1005 }
1006 }
1007
1008 sub phase2_cleanup {
1009 my ($self, $vmid, $err) = @_;
1010
1011 return if !$self->{errors};
1012 $self->{phase2errors} = 1;
1013
1014 $self->log('info', "aborting phase 2 - cleanup resources");
1015
1016 $self->log('info', "migrate_cancel");
1017 eval {
1018 mon_cmd($vmid, "migrate_cancel");
1019 };
1020 $self->log('info', "migrate_cancel error: $@") if $@;
1021
1022 my $conf = $self->{vmconf};
1023 delete $conf->{lock};
1024 eval { PVE::QemuConfig->write_config($vmid, $conf) };
1025 if (my $err = $@) {
1026 $self->log('err', $err);
1027 }
1028
1029 # cleanup ressources on target host
1030 if ($self->{storage_migration}) {
1031 eval { PVE::QemuServer::qemu_blockjobs_cancel($vmid, $self->{storage_migration_jobs}) };
1032 if (my $err = $@) {
1033 $self->log('err', $err);
1034 }
1035 }
1036
1037 eval { $self->cleanup_bitmaps() };
1038 if (my $err =$@) {
1039 $self->log('err', $err);
1040 }
1041
1042 my $nodename = PVE::INotify::nodename();
1043
1044 my $cmd = [@{$self->{rem_ssh}}, 'qm', 'stop', $vmid, '--skiplock', '--migratedfrom', $nodename];
1045 eval{ PVE::Tools::run_command($cmd, outfunc => sub {}, errfunc => sub {}) };
1046 if (my $err = $@) {
1047 $self->log('err', $err);
1048 $self->{errors} = 1;
1049 }
1050
1051 # cleanup after stopping, otherwise disks might be in-use by target VM!
1052 eval { PVE::QemuMigrate::cleanup_remotedisks($self) };
1053 if (my $err = $@) {
1054 $self->log('err', $err);
1055 }
1056
1057
1058 if ($self->{tunnel}) {
1059 eval { finish_tunnel($self, $self->{tunnel}); };
1060 if (my $err = $@) {
1061 $self->log('err', $err);
1062 $self->{errors} = 1;
1063 }
1064 }
1065 }
1066
1067 sub phase3 {
1068 my ($self, $vmid) = @_;
1069
1070 my $volids = $self->{volumes};
1071 return if $self->{phase2errors};
1072
1073 # destroy local copies
1074 foreach my $volid (@$volids) {
1075 eval { PVE::Storage::vdisk_free($self->{storecfg}, $volid); };
1076 if (my $err = $@) {
1077 $self->log('err', "removing local copy of '$volid' failed - $err");
1078 $self->{errors} = 1;
1079 last if $err =~ /^interrupted by signal$/;
1080 }
1081 }
1082 }
1083
1084 sub phase3_cleanup {
1085 my ($self, $vmid, $err) = @_;
1086
1087 my $conf = $self->{vmconf};
1088 return if $self->{phase2errors};
1089
1090 my $tunnel = $self->{tunnel};
1091
1092 if ($self->{storage_migration}) {
1093 # finish block-job with block-job-cancel, to disconnect source VM from NBD
1094 # to avoid it trying to re-establish it. We are in blockjob ready state,
1095 # thus, this command changes to it to blockjob complete (see qapi docs)
1096 eval { PVE::QemuServer::qemu_drive_mirror_monitor($vmid, undef, $self->{storage_migration_jobs}, 'cancel'); };
1097
1098 if (my $err = $@) {
1099 eval { PVE::QemuServer::qemu_blockjobs_cancel($vmid, $self->{storage_migration_jobs}) };
1100 eval { PVE::QemuMigrate::cleanup_remotedisks($self) };
1101 die "Failed to complete storage migration: $err\n";
1102 } else {
1103 foreach my $target_drive (keys %{$self->{target_drive}}) {
1104 my $drive = PVE::QemuServer::parse_drive($target_drive, $self->{target_drive}->{$target_drive}->{drivestr});
1105 $conf->{$target_drive} = PVE::QemuServer::print_drive($drive);
1106 PVE::QemuConfig->write_config($vmid, $conf);
1107 }
1108 }
1109 }
1110
1111 # transfer replication state before move config
1112 $self->transfer_replication_state() if $self->{replicated_volumes};
1113
1114 # move config to remote node
1115 my $conffile = PVE::QemuConfig->config_file($vmid);
1116 my $newconffile = PVE::QemuConfig->config_file($vmid, $self->{node});
1117
1118 die "Failed to move config to node '$self->{node}' - rename failed: $!\n"
1119 if !rename($conffile, $newconffile);
1120
1121 $self->switch_replication_job_target() if $self->{replicated_volumes};
1122
1123 if ($self->{livemigration}) {
1124 if ($self->{storage_migration}) {
1125 # stop nbd server on remote vm - requirement for resume since 2.9
1126 my $cmd = [@{$self->{rem_ssh}}, 'qm', 'nbdstop', $vmid];
1127
1128 eval{ PVE::Tools::run_command($cmd, outfunc => sub {}, errfunc => sub {}) };
1129 if (my $err = $@) {
1130 $self->log('err', $err);
1131 $self->{errors} = 1;
1132 }
1133 }
1134
1135 # config moved and nbd server stopped - now we can resume vm on target
1136 if ($tunnel && $tunnel->{version} && $tunnel->{version} >= 1) {
1137 eval {
1138 $self->write_tunnel($tunnel, 30, "resume $vmid");
1139 };
1140 if (my $err = $@) {
1141 $self->log('err', $err);
1142 $self->{errors} = 1;
1143 }
1144 } else {
1145 my $cmd = [@{$self->{rem_ssh}}, 'qm', 'resume', $vmid, '--skiplock', '--nocheck'];
1146 my $logf = sub {
1147 my $line = shift;
1148 $self->log('err', $line);
1149 };
1150 eval { PVE::Tools::run_command($cmd, outfunc => sub {}, errfunc => $logf); };
1151 if (my $err = $@) {
1152 $self->log('err', $err);
1153 $self->{errors} = 1;
1154 }
1155 }
1156
1157 if ($self->{storage_migration} && PVE::QemuServer::parse_guest_agent($conf)->{fstrim_cloned_disks} && $self->{running}) {
1158 my $cmd = [@{$self->{rem_ssh}}, 'qm', 'guest', 'cmd', $vmid, 'fstrim'];
1159 eval{ PVE::Tools::run_command($cmd, outfunc => sub {}, errfunc => sub {}) };
1160 }
1161 }
1162
1163 # close tunnel on successful migration, on error phase2_cleanup closed it
1164 if ($tunnel) {
1165 eval { finish_tunnel($self, $tunnel); };
1166 if (my $err = $@) {
1167 $self->log('err', $err);
1168 $self->{errors} = 1;
1169 }
1170 }
1171
1172 eval {
1173 my $timer = 0;
1174 if (PVE::QemuServer::vga_conf_has_spice($conf->{vga}) && $self->{running}) {
1175 $self->log('info', "Waiting for spice server migration");
1176 while (1) {
1177 my $res = mon_cmd($vmid, 'query-spice');
1178 last if int($res->{'migrated'}) == 1;
1179 last if $timer > 50;
1180 $timer ++;
1181 usleep(200000);
1182 }
1183 }
1184 };
1185
1186 # always stop local VM
1187 eval { PVE::QemuServer::vm_stop($self->{storecfg}, $vmid, 1, 1); };
1188 if (my $err = $@) {
1189 $self->log('err', "stopping vm failed - $err");
1190 $self->{errors} = 1;
1191 }
1192
1193 # always deactivate volumes - avoid lvm LVs to be active on several nodes
1194 eval {
1195 my $vollist = PVE::QemuServer::get_vm_volumes($conf);
1196 PVE::Storage::deactivate_volumes($self->{storecfg}, $vollist);
1197 };
1198 if (my $err = $@) {
1199 $self->log('err', $err);
1200 $self->{errors} = 1;
1201 }
1202
1203 if($self->{storage_migration}) {
1204 # destroy local copies
1205 my $volids = $self->{online_local_volumes};
1206
1207 foreach my $volid (@$volids) {
1208 # keep replicated volumes!
1209 next if $self->{replicated_volumes}->{$volid};
1210
1211 eval { PVE::Storage::vdisk_free($self->{storecfg}, $volid); };
1212 if (my $err = $@) {
1213 $self->log('err', "removing local copy of '$volid' failed - $err");
1214 $self->{errors} = 1;
1215 last if $err =~ /^interrupted by signal$/;
1216 }
1217 }
1218
1219 }
1220
1221 # clear migrate lock
1222 my $cmd = [ @{$self->{rem_ssh}}, 'qm', 'unlock', $vmid ];
1223 $self->cmd_logerr($cmd, errmsg => "failed to clear migrate lock");
1224 }
1225
1226 sub final_cleanup {
1227 my ($self, $vmid) = @_;
1228
1229 # nothing to do
1230 }
1231
1232 sub round_powerof2 {
1233 return 1 if $_[0] < 2;
1234 return 2 << int(log($_[0]-1)/log(2));
1235 }
1236
1237 1;
Virtual Machine Manager