RFC 7666
Management Information Base for Virtual Machines Controlled by a Hypervisor
Internet Engineering Task Force (IETF) H. Asai Request for Comments: 7666 Univ. of Tokyo Category: Standards Track M. MacFaden ISSN: 2070-1721 VMware Inc. J. Schoenwaelder Jacobs University K. Shima IIJ Innovation Institute Inc. T. Tsou Huawei Technologies (USA) October 2015 Management Information Base for Virtual Machines Controlled by a HypervisorAbstract
This document defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, this specifies objects for managing virtual machines controlled by a hypervisor (a.k.a. virtual machine monitor). Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7666.
Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. The Internet-Standard Management Framework . . . . . . . . . 3 3. Overview and Objectives . . . . . . . . . . . . . . . . . . . 3 4. Structure of the VM-MIB Module . . . . . . . . . . . . . . . 5 5. Relationship to Other MIB Modules . . . . . . . . . . . . . . 7 6. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 8 6.1. VM-MIB . . . . . . . . . . . . . . . . . . . . . . . . . 8 6.2. IANA-STORAGE-MEDIA-TYPE-MIB . . . . . . . . . . . . . . . 43 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 45 8. Security Considerations . . . . . . . . . . . . . . . . . . . 45 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 46 9.1. Normative References . . . . . . . . . . . . . . . . . . 46 9.2. Informative References . . . . . . . . . . . . . . . . . 47 Appendix A. State Transition Table . . . . . . . . . . . . . . . 49 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 51 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 521. Introduction
This document defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, this specifies objects for managing virtual machines controlled by a hypervisor (a.k.a. virtual machine monitor). A hypervisor controls multiple virtual machines on a single physical machine by allocating resources to each virtual machine using virtualization technologies. Therefore, this MIB module contains information on virtual machines and their resources controlled by a hypervisor as well as information about a hypervisor's hardware and software.
The design of this MIB module has been derived from product-specific MIB modules -- namely, a MIB module for managing guests of the Xen hypervisor [Xen], a MIB module for managing virtual machines controlled by the VMware hypervisor [VMware], and a MIB module using the libvirt programming interface [libvirt] to access different hypervisors. However, this MIB module attempts to generalize the managed objects to support other implementations of hypervisors. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].2. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].3. Overview and Objectives
This document defines a portion of MIB for the management of virtual machines controlled by a hypervisor. This MIB module consists of the managed objects related to system and software information of a hypervisor, the list of virtual machines controlled by the hypervisor, and information of virtual resources allocated to virtual machines by the hypervisor. This document specifies four specific types of virtual resources that are common to many hypervisor implementations: processors (CPUs), memory, network interfaces (NICs), and storage devices. These managed objects are independent of the families of hypervisors or operating systems running on virtual machines.
+------------------------------------------------------------------+ | +-------------------------------------------------+ | | | Virtual machine | | | | | | | | +---------+ +---------+ +---------+ +---------+ | ....... | | | | Virtual | | Virtual | | Virtual | | Virtual | | | | +-| CPU |-| memory |-| storage |-| NIC |-+ | | +---------+ +---------+ +---------+ +---------+ | | Virtual resources | | ^ | | | Allocation using virtualization technologies | | | | | +-- Physical resources ._____. | | +--------+ .--------. / \ +--^--+ | +- - - - - - - | | - /________/| - *\_______/* - | | - -+ | Hypervisor | CPU | | Memory |/ | Storage | | NIC | | | +--------+ +--------+ \_______/ +-----+ | | +-----------------------+ | | || MIB objects || | | +-----------------------+ | +------------------------------------------------------------------+ Figure 1: An Example of a Virtualization Environment On the common implementations of hypervisors, a hypervisor allocates virtual resources from physical resources: virtual CPUs, virtual memory, virtual storage devices, and virtual network interfaces to virtual machines as shown in Figure 1. Since the virtual resources allocated to virtual machines are managed by the hypervisor, the MIB objects are managed at the hypervisor. In case that the objects are accessed through the SNMP, an SNMP agent is launched at the hypervisor to provide access to the objects. The objects are managed from the viewpoint of the operators of hypervisors, but not the operators of virtual machines; that is, the objects do not take into account the actual resource utilization on each virtual machine but rather the resource allocation from the physical resources. For example, vmNetworkIfIndex indicates the virtual interface associated with an interface of a virtual machine at the hypervisor, and consequently, the 'in' and 'out' directions denote 'from a virtual machine to the hypervisor' and 'from the hypervisor to a virtual machine', respectively. Moreover, vmStorageAllocatedSize denotes the size allocated by the hypervisor, but not the size actually used by the operating system on the virtual machine. This means that vmStorageDefinedSize and vmStorageAllocatedSize do not take different values when the vmStorageSourceType is 'block' or 'raw'.
The objectives of this document are the following: 1) this document defines the MIB objects common to many hypervisors for the management of virtual machines controlled by a hypervisor, and 2) this document clarifies the relationship with other MIB modules for managing host computers and network devices.4. Structure of the VM-MIB Module
The MIB module is organized into a group of scalars and tables. The scalars below 'vmHypervisor' provide basic information about the hypervisor. The 'vmTable' lists the virtual machines (guests) that are known to the hypervisor. The 'vmCpuTable' provides the mapping table of virtual CPUs to virtual machines, including CPU time used by each virtual CPU. The 'vmCpuAffinityTable' provides the affinity of each virtual CPU to a physical CPU. The 'vmStorageTable' provides the list of virtual storage devices and their mapping to virtual machines. In case that an entry in the 'vmStorageTable' has a corresponding parent physical storage device managed in 'vmStorageTable' of HOST-RESOURCES-MIB [RFC2790], the entry contains a pointer 'vmStorageParent' to the physical storage device. The 'vmNetworkTable' provides the list of virtual network interfaces and their mapping to virtual machines. Each entry in the 'vmNetworkTable' also provides a pointer 'vmNetworkIfIndex' to the corresponding entry in the 'ifTable' of IF-MIB [RFC2863]. In case that an entry in the 'vmNetworkTable' has a corresponding parent physical network interface managed in the 'ifTable' of IF-MIB, the entry contains a pointer 'vmNetworkParent' to the physical network interface.
Notation: +-------------+ | vmOperState | : Finite state; the first line presents the | | 'vmOperState', and the second line presents a +-------------+ notification generated if applicable. + - - - - - - + | vmOperState | : Transient state; first line presents the | | 'vmOperState', and the second line presents a + - - - - - - + notification generated if applicable. ! : Notification; a text followed by the symbol "!" denotes a notification generated. ===================================================================== +---------------+ + - - - - - - - -+ +------------+ | suspended(6) |<--| suspending(5) | | paused(8) | | !vmSuspended | | !vmSuspending | | !vmPaused | +---------------+ + - - - - - - - -+ +------------+ | ^ ^ | | | v | | + - - - - - - -+ +-------------+<----------+ + - - - - - - - + | resuming(7) |-->| running(4) |<-------------->| migrating(9) | | !vmResuming | | !vmRunning | | !vmMigrating | + - - - - - - -+ +-------------+ + - - - - - - - + | ^ ^ | | | | +-------------------+ | | | | v v v + - - - - - - - - - + +---------------+ | shuttingdown(10) |--------->| shutdown(11) | | !vmShuttingdown | | !vmShutdown | + - - - - - - - - - + +---------------+ ^ | | v !vmDeleted +--------------+ + - - - - - - - -+ (Deleted from | crashed(12) | | preparing(3) | vmTable) | !vmCrashed | | | +--------------+ + - - - - - - - -+ Figure 2: State Transition of a Virtual Machine
The 'vmAdminState' and 'vmOperState' textual conventions define an administrative state and an operational state model for virtual machines. Events causing transitions between major operational states will cause the generation of notifications. Per virtual machine (per-VM) notifications (vmRunning, vmShutdown, vmPaused, vmSuspended, vmCrashed, vmDeleted) are generated if vmPerVMNotificationsEnabled is true(1). Bulk notifications (vmBulkRunning, vmBulkShutdown, vmBulkPaused, vmBulkSuspended, vmBulkCrashed, vmBulkDeleted) are generated if vmBulkNotificationsEnabled is true(1). The overview of the transition of 'vmOperState' by the write access to 'vmAdminState' and the notifications generated by the operational state changes are illustrated in Figure 2. The detailed state transition is summarized in Appendix A. Note that the notifications shown in this figure are per-VM notifications. In the case of Bulk notifications, the prefix 'vm' is replaced with 'vmBulk'. The bulk notification mechanism is designed to reduce the number of notifications that are trapped by an SNMP manager. This is because the number of virtual machines managed by a bunch of hypervisors in a data center possibly becomes several thousands or more, and consequently, many notifications could be trapped if these virtual machines frequently change their administrative state. The per-VM notifications carry more detailed information, but the scalability is a problem. The notification filtering mechanism described in Section 6 of RFC 3413 [RFC3413] is used by the management applications to control the notifications.5. Relationship to Other MIB Modules
The HOST-RESOURCES-MIB [RFC2790] defines the MIB objects for managing host systems. On systems implementing the HOST-RESOURCES-MIB, the objects of HOST-RESOURCES-MIB indicate resources of a hypervisor. Some objects of HOST-RESOURCES-MIB are used to indicate physical resources through indexes. On systems implementing HOST-RESOURCES-MIB, the 'vmCpuPhysIndex' points to the processor's 'hrDeviceIndex' in the 'hrProcessorTable'. The 'vmStorageParent' also points to the storage device's 'hrStorageIndex' in the 'hrStorageTable'. The IF-MIB [RFC2863] defines the MIB objects for managing network interfaces. Both physical and virtual network interfaces are required to be contained in the 'ifTable' of IF-MIB. The virtual network interfaces in the 'ifTable' of IF-MIB are pointed from the 'vmNetworkTable' defined in this document through a pointer 'vmNetworkIfIndex'. In case that an entry in the 'vmNetworkTable'
has a corresponding parent physical network interface managed in the 'ifTable' of IF-MIB, the entry contains a pointer 'vmNetworkParent' to the physical network interface. The objects related to virtual switches are not included in the MIB module defined in this document though virtual switches MAY be placed on a hypervisor. This is because the virtual network interfaces are the lowest abstraction of network resources allocated to a virtual machine. Instead of including the objects related to virtual switches, for example, IEEE8021-BRIDGE-MIB [IEEE8021-BRIDGE-MIB] and IEEE8021-Q-BRIDGE-MIB [IEEE8021-Q-BRIDGE-MIB] could be used. The other objects related to virtual machines such as management IP addresses of a virtual machine are not included in this MIB module because this MIB module defines the objects common to general hypervisors, but they are specific to some hypervisors. They may be included in the entLogicalTable of ENTITY-MIB [RFC6933]. The SNMPv2-MIB [RFC3418] provides an object 'sysObjectID' that identifies the network management subsytem and an object 'sysUpTime' that reports the uptime of the network management portion of the system. The HOST-RESOURCES-MIB [RFC2790] provides an object 'hrSystemUptime' that reports the uptime of the host's operating system. To complement these objects, the new 'vmHvUpTime' object reports the time since the hypervisor was last re-initialized, and the new 'vmHvObjectID' provides an identification of the hypervisor software.
(page 8 continued on part 2)
