From patchwork Wed Apr 11 10:25:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Lam, Tiago" X-Patchwork-Id: 897138 X-Patchwork-Delegate: ian.stokes@intel.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=intel.com Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40LgrM1H3dz9s27 for ; Wed, 11 Apr 2018 20:53:39 +1000 (AEST) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 75EA5CB0; Wed, 11 Apr 2018 10:53:08 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id E593FCAA for ; Wed, 11 Apr 2018 10:53:07 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3510C673 for ; Wed, 11 Apr 2018 10:53:05 +0000 (UTC) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Apr 2018 03:53:04 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.48,435,1517904000"; d="scan'208";a="46027918" Received: from silpixa00399125.ir.intel.com ([10.237.223.34]) by fmsmga001.fm.intel.com with ESMTP; 11 Apr 2018 03:53:01 -0700 From: Tiago Lam To: dev@openvswitch.org Date: Wed, 11 Apr 2018 11:25:52 +0100 Message-Id: <1523442352-164297-2-git-send-email-tiago.lam@intel.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1523442352-164297-1-git-send-email-tiago.lam@intel.com> References: <1523442352-164297-1-git-send-email-tiago.lam@intel.com> X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [PATCH 2/2] dpdk docs: Drop file share in libvirt config. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org When explaining on how to add vhost-user ports to a guest, using libvirt, the following piece of configuration is used: This is used to facilitate sharing of a DPDK directory between the host and the guest. However, for this to work selinux also needs to be configured (or disabled). Furthermore, if one is using Ubuntu, libvirtd would need to be added to complain only in AppArmor. Instead, in [1] it is advised to use wget to get the DPDK sources over the internet, which avoids this differentiation. Thus, we drop this piece of configuration here as well and keep the example configuration as simple as possible. This has been verified on both a Fedora 27 image and a Ubuntu 16.04 LTS image. [1] http://docs.openvswitch.org/en/latest/topics/dpdk/vhost-user/#dpdk-in-the-guest Signed-off-by: Tiago Lam Acked-by: Stephen Finucane --- CC'ed Stephen, I took the liberty of removing your TODO from here, as I read it to be related to the (now removed) SELinux instruction below. If you think it should still be there let me know and I'll gladly send a v2. Documentation/topics/dpdk/vhost-user.rst | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/Documentation/topics/dpdk/vhost-user.rst b/Documentation/topics/dpdk/vhost-user.rst index 74bab78..6bf16f7 100644 --- a/Documentation/topics/dpdk/vhost-user.rst +++ b/Documentation/topics/dpdk/vhost-user.rst @@ -187,21 +187,14 @@ where: Adding vhost-user ports to the guest (libvirt) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.. TODO(stephenfin): This seems like something that wouldn't be acceptable in - production. Is this really required? - -To begin, you must change the user and group that libvirt runs under, configure -access control policy and restart libvirtd. +To begin, you must change the user and group that qemu runs under, and restart +libvirtd. - In ``/etc/libvirt/qemu.conf`` add/edit the following lines:: user = "root" group = "root" -- Disable SELinux or set to permissive mode:: - - $ setenforce 0 - - Finally, restart the libvirtd process, For example, on Fedora:: $ systemctl restart libvirtd.service @@ -407,12 +400,6 @@ Sample XML - - - - - -