Merge branch 'zsv-ldap@@2' into 'feature-zsv-5.0.0-vm-support-vtpm-and-secuceboot'

<feature>[kvm]: periodic check and sync for VM host files

See merge request zstackio/zstack!9555

Author: gitlab

conf/db/zsv/V5.0.0__schema.sql

@@ -16,6 +16,8 @@ CREATE TABLE IF NOT EXISTS `zstack`.`VmHostFileVO` (
     `type` varchar(64) NOT NULL COMMENT 'NvRam, TpmState',
     `path` varchar(1024) NOT NULL COMMENT 'Absolute path of the file on the host',
     `lastSyncReason` varchar(255) DEFAULT NULL COMMENT 'The reason for the last sync operation',
+    `changeDate` timestamp NULL DEFAULT NULL COMMENT 'Timestamp when file was reported changed, null after sync',
+    `lastSyncDate` timestamp NULL DEFAULT NULL COMMENT 'Timestamp of the last successful sync',
     `lastOpDate` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
     `createDate` timestamp NOT NULL DEFAULT '1999-12-31 23:59:59',
     PRIMARY KEY (`uuid`),

header/src/main/java/org/zstack/header/vm/VmCanonicalEvents.java

@@ -3,6 +3,7 @@
 import org.zstack.header.message.NeedJsonSchema;
 import org.zstack.header.errorcode.ErrorCode;
 import java.util.Date;
+import java.util.List;
 import java.time.LocalDateTime;
 
 /**
@@ -19,6 +20,8 @@ public class VmCanonicalEvents {
     public static final String VM_NIC_INFO_CHANGED_PATH = "/vm/nicinfo/change";
     public static final String VM_NIC_INFO_DUPLICATE_PATH = "/vm/nicinfo/duplicate";
     public static final String VM_NIC_INFO_IPRANGE_CONFLICT_PATH = "/vm/nicinfo/iprangeConflict";
+    public static final String VM_HOST_FILE_CHANGED_PATH = "/vm/hostfile/changed";
+    public static final String KVM_REPORT_VM_HOST_FILE_CHANGED = "/kvm/reportvmhostfilechanged";
 
     @NeedJsonSchema
     public static class VmCrashReportData {
@@ -317,4 +320,35 @@ public void setInternalIp(String internalIp) {
             this.internalIp = internalIp;
         }
     }
+
+    @NeedJsonSchema
+    public static class VmHostFileChangedData {
+        private String hostUuid;
+        private String vmUuid;
+        private List<String> types;
+
+        public String getHostUuid() {
+            return hostUuid;
+        }
+
+        public void setHostUuid(String hostUuid) {
+            this.hostUuid = hostUuid;
+        }
+
+        public String getVmUuid() {
+            return vmUuid;
+        }
+
+        public void setVmUuid(String vmUuid) {
+            this.vmUuid = vmUuid;
+        }
+
+        public List<String> getTypes() {
+            return types;
+        }
+
+        public void setTypes(List<String> types) {
+            this.types = types;
+        }
+    }
 }

header/src/main/java/org/zstack/header/vm/additions/VmHostFileInventory.java

@@ -17,6 +17,8 @@ public class VmHostFileInventory {
     private String type;
     private String path;
     private String lastSyncReason;
+    private Timestamp changeDate;
+    private Timestamp lastSyncDate;
     private Timestamp createDate;
     private Timestamp lastOpDate;
 
@@ -31,6 +33,8 @@ public static VmHostFileInventory valueOf(VmHostFileVO vo) {
         inv.setType(vo.getType().toString());
         inv.setPath(vo.getPath());
         inv.setLastSyncReason(vo.getLastSyncReason());
+        inv.setChangeDate(vo.getChangeDate());
+        inv.setLastSyncDate(vo.getLastSyncDate());
         inv.setCreateDate(vo.getCreateDate());
         inv.setLastOpDate(vo.getLastOpDate());
         return inv;
@@ -88,6 +92,22 @@ public void setLastSyncReason(String lastSyncReason) {
         this.lastSyncReason = lastSyncReason;
     }
 
+    public Timestamp getChangeDate() {
+        return changeDate;
+    }
+
+    public void setChangeDate(Timestamp changeDate) {
+        this.changeDate = changeDate;
+    }
+
+    public Timestamp getLastSyncDate() {
+        return lastSyncDate;
+    }
+
+    public void setLastSyncDate(Timestamp lastSyncDate) {
+        this.lastSyncDate = lastSyncDate;
+    }
+
     public Timestamp getCreateDate() {
         return createDate;
     }

header/src/main/java/org/zstack/header/vm/additions/VmHostFileSyncReason.java

@@ -12,6 +12,8 @@ public enum VmHostFileSyncReason {
     RevertSnapshot("revert snapshot"),
     VolumeBackup("volume backup"),
     BeforeHaStart("on before HA start (from last host)"),
+    PeriodicDirtyCheck("on periodic dirty check"),
+    PeriodicForceSync("on periodic force sync"),
     ;
 
     public final String detail;

header/src/main/java/org/zstack/header/vm/additions/VmHostFileVO.java

@@ -42,6 +42,10 @@ public class VmHostFileVO extends ResourceVO {
     @Column
     private String lastSyncReason;
     @Column
+    private Timestamp changeDate;
+    @Column
+    private Timestamp lastSyncDate;
+    @Column
     private Timestamp createDate;
     @Column
     private Timestamp lastOpDate;
@@ -86,6 +90,22 @@ public void setLastSyncReason(String lastSyncReason) {
         this.lastSyncReason = lastSyncReason;
     }
 
+    public Timestamp getChangeDate() {
+        return changeDate;
+    }
+
+    public void setChangeDate(Timestamp changeDate) {
+        this.changeDate = changeDate;
+    }
+
+    public Timestamp getLastSyncDate() {
+        return lastSyncDate;
+    }
+
+    public void setLastSyncDate(Timestamp lastSyncDate) {
+        this.lastSyncDate = lastSyncDate;
+    }
+
     public Timestamp getCreateDate() {
         return createDate;
     }
@@ -111,6 +131,8 @@ public String toString() {
         ", type=" + type +
         ", path='" + path + '\'' +
         ", lastSyncReason='" + lastSyncReason + '\'' +
+        ", changeDate=" + changeDate +
+        ", lastSyncDate=" + lastSyncDate +
         ", createDate=" + createDate +
         ", lastOpDate=" + lastOpDate +
         '}';

header/src/main/java/org/zstack/header/vm/additions/VmHostFileVO_.java

@@ -13,6 +13,8 @@ public class VmHostFileVO_ extends ResourceVO_ {
     public static volatile SingularAttribute<VmHostFileVO, VmHostFileType> type;
     public static volatile SingularAttribute<VmHostFileVO, String> path;
     public static volatile SingularAttribute<VmHostFileVO, String> lastSyncReason;
+    public static volatile SingularAttribute<VmHostFileVO, Timestamp> changeDate;
+    public static volatile SingularAttribute<VmHostFileVO, Timestamp> lastSyncDate;
     public static volatile SingularAttribute<VmHostFileVO, Timestamp> createDate;
     public static volatile SingularAttribute<VmHostFileVO, Timestamp> lastOpDate;
 }

plugin/kvm/src/main/java/org/zstack/kvm/KVMGlobalConfig.java

@@ -168,8 +168,8 @@ public class KVMGlobalConfig {
     public static GlobalConfig VM_EDK_VERSION_CONFIG = new GlobalConfig(CATEGORY, "vm.edk.version");
 
     @GlobalConfigValidation(numberGreaterThan = 1, numberLessThan = 86400)
-    @GlobalConfigDef(defaultValue = "1800", type = Long.class,
-            description = "Interval in seconds for syncing VM host files (NvRam, TpmState) from KVM hosts")
+    @GlobalConfigDef(defaultValue = "15", type = Long.class,
+            description = "Interval in seconds for checking VM host files (NvRam, TpmState) on KVM hosts")
     public static GlobalConfig VM_HOST_FILE_SYNC_INTERVAL = new GlobalConfig(CATEGORY, "vm.host.file.sync.interval");
 
     @GlobalConfigValidation(numberGreaterThan = 1, numberLessThan = 30)

plugin/kvm/src/main/java/org/zstack/kvm/efi/KvmSecureBootManager.java

@@ -12,6 +12,7 @@
 import org.zstack.core.db.Q;
 import org.zstack.core.db.SQL;
 import org.zstack.core.db.SQLBatch;
+import org.zstack.core.timeout.TimeHelper;
 import org.zstack.core.workflow.SimpleFlowChain;
 import org.zstack.header.AbstractService;
 import org.zstack.header.core.ReturnValueCompletion;
@@ -101,6 +102,8 @@ public class KvmSecureBootManager extends AbstractService {
     private ResourceConfigFacade resourceConfigFacade;
     @Autowired
     private KvmVmHostFileFactory vmHostFileFactory;
+    @Autowired
+    private TimeHelper timeHelper;
 
     @Override
     public boolean start() {
@@ -217,6 +220,7 @@ private void handle(SyncVmHostFilesFromHostMsg msg) {
             to.setType(VmHostFileType.NvRam.toString());
             cmd.getHostFiles().add(to);
         }
+        long now = timeHelper.getCurrentTimeMillis();
 
         SyncVmHostFilesFromHostReply reply = new SyncVmHostFilesFromHostReply();
         sender.send(cmd, READ_VM_HOST_FILE_PATH, wrapper -> {
@@ -237,7 +241,7 @@ public void success(KvmResponseWrapper wrapper) {
                 if (msg.isSyncToBackup()) {
                     error = syncToBackupFiles(msg, readRsp);
                 } else {
-                    error = syncToHostFiles(msg, cmd, readRsp);
+                    error = syncToHostFiles(msg, cmd, readRsp, now);
                 }
 
                 if (error != null) {
@@ -256,7 +260,8 @@ public void fail(ErrorCode errorCode) {
 
     private ErrorCode syncToHostFiles(SyncVmHostFilesFromHostMsg msg,
                                       KVMAgentCommands.ReadVmHostFileContentCmd cmd,
-                                      KVMAgentCommands.ReadVmHostFileContentResponse readRsp) {
+                                      KVMAgentCommands.ReadVmHostFileContentResponse readRsp,
+                                      long timeBeforeSync) {
         final List<VmHostFileVO> existsFiles = Q.New(VmHostFileVO.class)
                 .eq(VmHostFileVO_.vmInstanceUuid, msg.getVmUuid())
                 .eq(VmHostFileVO_.hostUuid, msg.getHostUuid())
@@ -272,6 +277,7 @@ private ErrorCode syncToHostFiles(SyncVmHostFilesFromHostMsg msg,
             existsContentUuid = Collections.emptyList();
         }
 
+        Timestamp syncTime = new Timestamp(timeBeforeSync);
         List<ErrorCode> errors = new ArrayList<>();
         for (String path : cmd.getPaths()) {
             KVMAgentCommands.VmHostFileTO to = findOneOrNull(readRsp.getHostFiles(), item -> item.getPath().equals(path));
@@ -291,13 +297,25 @@ private ErrorCode syncToHostFiles(SyncVmHostFilesFromHostMsg msg,
             VmHostFileVO file = findOneOrNull(existsFiles, item -> item.getPath().equals(path));
             boolean fileExists = file != null;
 
-            Timestamp now = Timestamp.from(Instant.now());
             if (fileExists) {
-                SQL.New(VmHostFileVO.class)
-                        .eq(VmHostFileVO_.uuid, file.getUuid())
-                        .set(VmHostFileVO_.lastOpDate, now)
-                        .set(VmHostFileVO_.lastSyncReason, msg.getSyncReason())
-                        .update();
+                String fileUuid = file.getUuid();
+                new SQLBatch() {
+                    @Override
+                    protected void scripts() {
+                        sql(VmHostFileVO.class)
+                                .eq(VmHostFileVO_.uuid, fileUuid)
+                                .set(VmHostFileVO_.lastSyncReason, msg.getSyncReason())
+                                .set(VmHostFileVO_.lastSyncDate, syncTime)
+                                .set(VmHostFileVO_.lastOpDate, syncTime)
+                                .update();
+                        sql(VmHostFileVO.class)
+                                .eq(VmHostFileVO_.uuid, fileUuid)
+                                .lt(VmHostFileVO_.changeDate, syncTime)
+                                .set(VmHostFileVO_.changeDate, null) // CAS update
+                                .update();
+                    }
+                }.execute();
+
             } else {
                 file = new VmHostFileVO();
                 file.setUuid(Platform.getUuid());
@@ -306,8 +324,10 @@ private ErrorCode syncToHostFiles(SyncVmHostFilesFromHostMsg msg,
                 file.setPath(path);
                 file.setType(type);
                 file.setLastSyncReason(msg.getSyncReason());
-                file.setCreateDate(now);
-                file.setLastOpDate(now);
+                file.setLastSyncDate(syncTime);
+                file.setChangeDate(null);
+                file.setLastOpDate(syncTime);
+                file.setCreateDate(syncTime);
                 file.setResourceName(String.format("%s file for %s", type, msg.getVmUuid()));
                 databaseFacade.persist(file);
             }
@@ -318,15 +338,15 @@ private ErrorCode syncToHostFiles(SyncVmHostFilesFromHostMsg msg,
                         .eq(VmHostFileContentVO_.uuid, file.getUuid())
                         .set(VmHostFileContentVO_.content, bytes)
                         .set(VmHostFileContentVO_.format, VmHostFileContentFormat.valueOf(to.getFileFormat()))
-                        .set(VmHostFileContentVO_.lastOpDate, now)
+                        .set(VmHostFileContentVO_.lastOpDate, syncTime)
                         .update();
             } else {
                 VmHostFileContentVO content = new VmHostFileContentVO();
                 content.setUuid(file.getUuid());
                 content.setContent(bytes);
                 content.setFormat(VmHostFileContentFormat.valueOf(to.getFileFormat()));
-                content.setCreateDate(now);
-                content.setLastOpDate(now);
+                content.setCreateDate(syncTime);
+                content.setLastOpDate(syncTime);
                 databaseFacade.persist(content);
             }
 
@@ -489,7 +509,7 @@ public void run(FlowTrigger trigger, Map data) {
                     VmHostFileVO file = Q.New(VmHostFileVO.class)
                             .eq(VmHostFileVO_.vmInstanceUuid, msg.getSrcVmUuid())
                             .eq(VmHostFileVO_.type, type)
-                            .orderByDesc(VmHostFileVO_.lastOpDate)
+                            .orderByDesc(VmHostFileVO_.lastSyncDate)
                             .limit(1)
                             .find();
                     if (file == null) {
@@ -884,6 +904,7 @@ public void fail(ErrorCode errorCode) {
                                         .eq(VmHostFileVO_.uuid, currentFile.getUuid())
                                         .set(VmHostFileVO_.lastSyncReason, Restore.reason(msg.getSyncReason()))
                                         .set(VmHostFileVO_.lastOpDate, now)
+                                        .set(VmHostFileVO_.lastSyncDate, now)
                                         .update();
 
                                 VmHostFileContentVO existingContent = contentMap.get(currentFile.getUuid());
@@ -913,6 +934,7 @@ public void fail(ErrorCode errorCode) {
                                 newFile.setType(type);
                                 newFile.setPath(buildPathForVmHostFileType(type, msg.getVmInstanceUuid()));
                                 newFile.setLastSyncReason(Restore.reason(msg.getSyncReason()));
+                                newFile.setLastSyncDate(now);
                                 newFile.setCreateDate(now);
                                 newFile.setLastOpDate(now);
                                 databaseFacade.persist(newFile);