Chapter 19. Virtualization
VT-d posted interrupts
Red Hat Enterprise Linux now supports the Intel Virtualization Technology for Directed I/O (VT-d) in CPU-side posted interrupts. With the VT-d posted interrupts feature enabled, external interrupts from direct-assigned devices can be delivered to guests without the need for assistance by the Virtual Machine Manager, even when the guests are running in non-root mode. (BZ#1172351)
Hyper-V storage driver (storvsc) updated
The Hyper-V storage driver (storvsc) was updated from upstream. This provides moderate performance improvement of I/O operations when using Hyper-V storvsc driver for certain workloads. (BZ#1287040)
Hyper-V clock source changed to use the TSC page
With this update, the Time Stamp Counter (TSC) page is used as the Hyper-V clock source. The TSC page provides a more efficient way of computing the per-guest reference counter value than the previously used model-specific register (MSR). As a result, kernel operations that involve reading time stamps are now faster. (BZ#1300325)
libguestfs rebased to version 1.32.7
The libguestfs packages have been upgraded to upstream version 1.32.6, which provides a number of bug fixes and enhancements over the previous version. Notable changes include the following:
- The
virt-get-kernel
utility has been added, which can be used to extract the kernel and initial RAM file system (initramfs) from a disk image file. For details, see the virt-get-kernel(1) man page. - The
virt-dib
utility has been added. Its capabilities include building disk image files and ramdisks. For more information, see the virt-dib(1) man page. - Multiple options have been added for the
virt-customize
,virt-builder
, andvirt-systprep
utilities. (BZ#1218766)
virt-v2v
and virt-p2v
add support for latest Windows releases
The
virt-v2v
utility now includes support for converting virtual machines that use Windows 8, 8.1 and 10, and Windows Server 2012 and 2012R2 from the VMWare hypervisor to run on KVM, Red Hat Enterprise Virtualization, and OpenStack. In addition, the virt-p2v
utility now includes support for converting physical machines that use the mentioned Windows systems to virtual machines compatible with KVM, Red Hat Enterprise Virtualization, and OpenStack. (BZ#1190669)
libvirt administration API added
This update enables an administration interface for the
libvirtd
service. Unlike persistent libvirtd
configuration, which can be adjusted using the libvirtd.conf
file and requires daemon restart each time it is modified, the administration interface enables users to change the daemon settings at any time. In addition, the administration interface provides multiple means of monitoring current daemon settings.
Specifically, the operations that the API enables include the following:
- Listing all daemon servers
- Listing all client connections
- Providing detailed information about a client connection
- Closing individual client connections in a forceful manner
- Reconfiguration of the limits to number of allowed clients and active worker threads on the host.
The administration interface can be controlled using the
virt-admin
utility, which is based on the existing virsh
client. For more information, see the virt-admin(1) man page. (BZ#735385)
virt-p2v
is fully supported
The
virt-p2v
tool, introduced in Red Hat Enterprise Linux 7.2 as a Technology Preview, is now fully supported. It enables converting physical machines to virtual machines compatible with the KVM hypervisor, and was previously available as a Technology Preview.
virt-p2v
is provided as an ISO image that contains a minimal Red Hat Enterprise Linux distribution and the tool itself. To convert a physical machine, burn the ISO image to a CD and use it to boot the physical machine. PXE booting and USB booting are also supported. Afterwards, follow the on-screen instructions to perform a manual conversion or activate the automated conversion.
For further information, install the virt-v2v package and see the virt-p2v(1) manual page, or refer to the following Knowledgebase article:
New package: libvirt-nss
Red Hat Enterprise Linux 7.3 adds the libvirt-nss package, which enables you to use the libvirt Network Security Services (NSS) module. This module makes it easier to connect to guests with TLS, SSL, SSH, as well as other remote login services. In addition, it benefits utilities that use host name translation, such as
ping
. For more information, see the Red Hat Enterprise Linux 7 Virtualization Deployment and Administration Guide. (BZ#1325996)
Intel Xeon v5 processors supported on KVM guests
Support for Intel Xeon v5 processors has now been added to the KVM hypervisor and kernel code, and to the
libvirt
API. This enables KVM guest virtual machines to use the following features: MPX, XSAVEC, XGETBV1. (BZ#1327599)
VirtIO 1.0 full support
VirtIO 1.0 devices, introduced in Red Hat Enterprise Linux 7.2 as a Technology Preview, are now fully supported. (BZ#1227339)
libvirt
iptables rules can be manually managed for a specified network
libvirt
automatically generates and applies iptables rules appropriate for each type of network it creates. The rules are controlled by forward mode
in the configuration of each network. Previously, there was no way for users to disable these automatically generated iptables rules and manually manage the iptables rules. In the current release, the open
network forward mode
was added. When specified for a network, libvirt
does not generate any iptables rules for the network. As a result, iptables rules added outside the scope of libvirt
are not disrupted and users can manually manage iptables rules. (BZ#846810)
open-vm-tools rebased to version 10.0.5
The open-vm-tools packages have been upgraded to upstream version 10.0.5, which provides a number of bug fixes and enhancements over the previous version. Notably, it introduces the guest OS customization (GOSC) and quiesce snapshot features. (BZ#1268537)
virt-who handles HTTP error 429 properly
When the Subscription Manager load is too big, it might return HTTP error code 429 to rate-limit communication with the client. Previously, virt-who did not handle this error code properly, resulting in sub-optimal behavior. With this update, virt-who now handles HTTP error code 429 properly and retries the communication with Subscription Manager later. (BZ#1286945)
Encrypted Hyper-V connections supported in virt-who
Previously, virt-who used unencrypted Hyper-V connections. All data was sent in plain text. This had security implications and needed special configuration on Hyper-V servers to be allowed. With this update, virt-who now uses Windows NT LAN Manager (NTLM) sealing and signing to protect communication with Hyper-V servers. (BZ#1278637)
New channel for registering hypervisors that are not based on Red Hat Enterprise Linux
Previously, virt-who consumed one Red Hat Enterprise Linux 6 subscription for each registered hypervisor, even when the registered hypervisor was not Red Hat Enterprise Linux-based. With this update, virt-who creates and uses a new channel named
Hypervisor Base
for hypervisor registration on Satellite 5. As a result, virt-who now uses the Hypervisor Base
channel for newly registered hypervisors and does not consume unnecessary Red Hat Enterprise Linux 6 subscriptions. (BZ#1245035)
Full support for Diag0c on IBM z Systems
Red Hat Enterprise Linux 7.3 provides full support for the Diag0c feature on IBM z Systems. Diag0c support makes it possible to read the CPU performance metrics provided by the z/VM hypervisor, and allows obtaining the management time for each online CPU of a Linux guest where the diagnose task is executed. (BZ#1278795)
The libvirt
API generates addresses for USB devices
With this update,
libvirt
generates addresses for USB devices. These devices, along with the libvirt
-generated address children can be found in the domain XML file. This ensures that future start, restore, and migrate operations have a consistent address for the guests' USB devices. As a result, you can migrate virtual machines to which USB devices have been attached. (BZ#1215968)
WALinuxAgent rebased to version 2.2.0
The Windows Azure Linux Agent has been upgraded to upstream version 2.2.0, which provides a number of bug fixes and enhancements over the previous version. This agent supports the provisioning and running of Linux Virtual Machines in the Windows Azure cloud and should be installed on Linux images that are built to run in the Windows Azure environment. The WALinuxAgent package is provided in the Extras channel. (BZ#1387783)