On Wed, May 23, 2007 at 09:11:46AM +0100, Keir Fraser wrote:
> > xend has a timeout such that if an 'xm shutdown' request does not result
> > in the domain shutting down within a certain time period, the domain is
> > violently destroyed.
> >
> > This seems like a strange choice - if the domain isn't responding
> > properly to such requests, then it must be in a buggy state, and should
> > surely be preserved for administrator action (dumping core, destroying,
> > whatever).
> >
> > Is there any other purpose to this timeout?
>
> Hmmm... Actually it may be that we unconditionally kill the domain if it
> ignores shutdown.
if timeout < 0:
log.info(
"Domain shutdown timeout expired: name=%s id=%s",
self.info['name_label'], self.domid)
self.destroy()
> If that is the case, we should instead force it into whatever the the
> target of the 'sm shutdown' command was, and then execute the action
> specified in the config file.
But this still isn't right. Normally I want the domain destroyed when I
do a shutdown (it is, after all, a shutdown). However, if the domain
/does not shutdown cleanly/, there are a number of things I might want:
- I might want a core dump, so I can log a bug
- I might want to keep the domain running so I can grab the console and
poke around
- it might be some known bug or some strange configuration, and I want
it destroyed
This is an abnormal situation and the default on_poweroff/on_reboot
settings can't cover it. I believe something along the lines of:
-self.destroy()
is exactly the correct thing to do.
regards,
john
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
Home