[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] libxl: made vm mac address assignment deterministic


  • To: Marcus Granado <marcus.granado@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
  • From: George Dunlap <george.dunlap@xxxxxxxxxx>
  • Date: Wed, 12 Sep 2018 11:52:32 +0100
  • Autocrypt: addr=george.dunlap@xxxxxxxxxx; prefer-encrypt=mutual; keydata= xsFNBFPqG+MBEACwPYTQpHepyshcufo0dVmqxDo917iWPslB8lauFxVf4WZtGvQSsKStHJSj 92Qkxp4CH2DwudI8qpVbnWCXsZxodDWac9c3PordLwz5/XL41LevEoM3NWRm5TNgJ3ckPA+J K5OfSK04QtmwSHFP3G/SXDJpGs+oDJgASta2AOl9vPV+t3xG6xyfa2NMGn9wmEvvVMD44Z7R W3RhZPn/NEZ5gaJhIUMgTChGwwWDOX0YPY19vcy5fT4bTIxvoZsLOkLSGoZb/jHIzkAAznug Q7PPeZJ1kXpbW9EHHaUHiCD9C87dMyty0N3TmWfp0VvBCaw32yFtM9jUgB7UVneoZUMUKeHA fgIXhJ7I7JFmw3J0PjGLxCLHf2Q5JOD8jeEXpdxugqF7B/fWYYmyIgwKutiGZeoPhl9c/7RE Bf6f9Qv4AtQoJwtLw6+5pDXsTD5q/GwhPjt7ohF7aQZTMMHhZuS52/izKhDzIufl6uiqUBge 0lqG+/ViLKwCkxHDREuSUTtfjRc9/AoAt2V2HOfgKORSCjFC1eI0+8UMxlfdq2z1AAchinU0 eSkRpX2An3CPEjgGFmu2Je4a/R/Kd6nGU8AFaE8ta0oq5BSFDRYdcKchw4TSxetkG6iUtqOO ZFS7VAdF00eqFJNQpi6IUQryhnrOByw+zSobqlOPUO7XC5fjnwARAQABzSRHZW9yZ2UgVy4g RHVubGFwIDxkdW5sYXBnQHVtaWNoLmVkdT7CwYAEEwEKACoCGwMFCwkIBwMFFQoJCAsFFgID AQACHgECF4ACGQEFAlpk2IEFCQo9I54ACgkQpjY8MQWQtG1A1BAAnc0oX3+M/jyv4j/ESJTO U2JhuWUWV6NFuzU10pUmMqpgQtiVEVU2QbCvTcZS1U/S6bqAUoiWQreDMSSgGH3a3BmRNi8n HKtarJqyK81aERM2HrjYkC1ZlRYG+jS8oWzzQrCQiTwn3eFLJrHjqowTbwahoiMw/nJ+OrZO /VXLfNeaxA5GF6emwgbpshwaUtESQ/MC5hFAFmUBZKAxp9CXG2ZhTP6ROV4fwhpnHaz8z+BT NQz8YwA4gkmFJbDUA9I0Cm9D/EZscrCGMeaVvcyldbMhWS+aH8nbqv6brhgbJEQS22eKCZDD J/ng5ea25QnS0fqu3bMrH39tDqeh7rVnt8Yu/YgOwc3XmgzmAhIDyzSinYEWJ1FkOVpIbGl9 uR6seRsfJmUK84KCScjkBhMKTOixWgNEQ/zTcLUsfTh6KQdLTn083Q5aFxWOIal2hiy9UyqR VQydowXy4Xx58rqvZjuYzdGDdAUlZ+D2O3Jp28ez5SikA/ZaaoGI9S1VWvQsQdzNfD2D+xfL qfd9yv7gko9eTJzv5zFr2MedtRb/nCrMTnvLkwNX4abB5+19JGneeRU4jy7yDYAhUXcI/waS /hHioT9MOjMh+DoLCgeZJYaOcgQdORY/IclLiLq4yFnG+4Ocft8igp79dbYYHkAkmC9te/2x Kq9nEd0Hg288EO/OwE0EVFq6vQEIAO2idItaUEplEemV2Q9mBA8YmtgckdLmaE0uzdDWL9To 1PL+qdNe7tBXKOfkKI7v32fe0nB4aecRlQJOZMWQRQ0+KLyXdJyHkq9221sHzcxsdcGs7X3c 17ep9zASq+wIYqAdZvr7pN9a3nVHZ4W7bzezuNDAvn4EpOf/o0RsWNyDlT6KECs1DuzOdRqD oOMJfYmtx9hMzqBoTdr6U20/KgnC/dmWWcJAUZXaAFp+3NYRCkk7k939VaUpoY519CeLrymd Vdke66KCiWBQXMkgtMGvGk5gLQLy4H3KXvpXoDrYKgysy7jeOccxI8owoiOdtbfM8TTDyWPR Ygjzb9LApA8AEQEAAcLBZQQYAQoADwIbDAUCWmTXMwUJB+tP9gAKCRCmNjwxBZC0bb+2D/9h jn1k5WcRHlu19WGuH6q0Kgm1LRT7PnnSz904igHNElMB5a7wRjw5kdNwU3sRm2nnmHeOJH8k Yj2Hn1QgX5SqQsysWTHWOEseGeoXydx9zZZkt3oQJM+9NV1VjK0bOXwqhiQyEUWz5/9l467F S/k4FJ5CHNRumvhLa0l2HEEu5pxq463HQZHDt4YE/9Y74eXOnYCB4nrYxQD/GSXEZvWryEWr eDoaFqzq1TKtzHhFgQG7yFUEepxLRUUtYsEpT6Rks2l4LCqG3hVD0URFIiTyuxJx3VC2Ta4L H3hxQtiaIpuXqq2D4z63h6vCx2wxfZc/WRHGbr4NAlB81l35Q/UHyMocVuYLj0llF0rwU4Aj iKZ5qWNSEdvEpL43fTvZYxQhDCjQTKbb38omu5P4kOf1HT7s+kmQKRtiLBlqHzK17D4K/180 ADw7a3gnmr5RumcZP3NGSSZA6jP5vNqQpNu4gqrPFWNQKQcW8HBiYFgq6SoLQQWbRxJDHvTR YJ2ms7oCe870gh4D1wFFqTLeyXiVqjddENGNaP8ZlCDw6EU82N8Bn5LXKjR1GWo2UK3CjrkH pTt3YYZvrhS2MO2EYEcWjyu6LALF/lS6z6LKeQZ+t9AdQUcILlrx9IxqXv6GvAoBLJY1jjGB q+/kRPrWXpoaQn7FXWGfMqU+NkY9enyrlw==
  • Cc: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Wei Liu <wei.liu2@xxxxxxxxxx>, joshua Perrett 256 <jperrett256@xxxxxxxxx>
  • Delivery-date: Wed, 12 Sep 2018 10:52:44 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Openpgp: preference=signencrypt

On 09/12/2018 10:54 AM, Marcus Granado wrote:
>> Wei Liu writes ("Re: [PATCH] libxl: made vm mac address assignment
>> deterministic"):
>>> On Wed, Sep 05, 2018 at 12:25:55PM +0000, Joshua Perrett wrote:
>>> > Uses MD5 on the host mac address, vm name and vif index to generate
>>> the
>>> > last three bytes of the vm mac address (for each vm).
>>
>> There is no such thing as "the" host mac address.  The host might
>> have several.  However, generally there is a specific interface that
>> will be used for this guest, depending on the vif connection mode.  In
>> bridge mode, for example, there is the mac address of the bridge.  I
>> think you should make sure to use the right interface.
>>
>> I think you need to add something to the documentation.  You should
>> mention that this approach is only deterministic *on the same host*
>> (so in setups where the guest might be started on multiple hosts, with
>> networked storage, it won't work) and only *with the same physical
>> nic* (so swapping out the physical nic will change all the guests'
>> addresses).
> 
> As discussed, it looks like the use of a mac address from one of the
> host physical nics is actually a sort of fixed seed to create a
> non-changing context for the vm name and the vif index. I noticed two
> different, simpler to obtain seeds that are designed to be unique,
> non-changing values for a specific host:
> 
> - systemd-based systems use /etc/machine-id as a unique
> id:https://www.freedesktop.org/software/systemd/man/machine-id.html
> - libc-based systems use gethostid() as a unique id:
> http://man7.org/linux/man-pages/man3/gethostid.3.html
> 
> 
> I wonder if it is sufficient for the purposes of
> https://xenproject.atlassian.net/browse/XEN-110 to create the
> non-changing seed using the following algorithm, instead of using a mac
> address:
> 
> 1) if the seed is in the libxl config file, then use it. Useful to
> create a logical group of hosts sharing the same seed, so that the mac
> address won't change when vm migrates to another host in this group. Not
> to be added to the current patch being worked out, but can be easily
> added in the future.
> 
> 2) if the seed is not present in the libxl config file, then use
> /etc/machine-id if present as the seed.
> 
> 3) if /etc/machine-id is not present, then fall back to gethostid() as
> the seed. This call seems to be present in both linux and bsds' libc, so
> I believe this means it's always available for libxl. The reason for
> using gethostid() only as a fallback is that its man page says it
> attempts to return a unique id but it doesn't guarantee this in some
> situations.

This sounds like a good plan; unfortunately, I'm not sure gethostid() is
fit for purpose.

So it looks like the `hostid` command, part of coreutils, calls this and
returns the result [1].  I just ran `hostid` on both my desktop and
another machine under my desk, and got the same value:

---
$ hostname && hostid
elijah
007f0101
---
# hostname && hostid
immortal
007f0101
---

It looks like if /etc/hostid isn't set (which it doesn't seem to be on
three of my systems), this is actually derived from one of the host IP
addresses [2]; and in the above two cases for some reason it's picked up
127.0.1.1 as the IP address.

So although the description looks like exactly what we want, I don't
think we can rely on it to be unique.

 -George

[1] https://github.com/coreutils/coreutils/blob/master/src/hostid.c
[2]
https://www.redhat.com/archives/redhat-install-list/2001-December/msg00014.html


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.