2014/4/9 10:13, Zhou Zheng Sheng:
on 2014/04/08 23:21, Sheldon wrote:
> Currently, stopping guests in Kimchi is not graceful in the sense that
> the guest becomes 'shut down' immediately. This could be be problematic
> because guest file systems could become corrupted. Perhaps a warning
> should be added before a guest is immediately stopped or reset.
>
> kimchi can does not support shutdown by agent, so we can not guarantee
> we can shutdown graceful.
> User should install agent manully
>
> We can use acpi shutdown a VM. But not all guest os will shutdown the VM
> even it receive acpi shutdown.
>
> So I have 2 proposal:
>
> 1. only one shutdown API and one shutdown button for UI.
> when user click shutdown, the backend will try to shutdown VM by acpi.
> if 1 minutes timeout, kimchi will destroy the VM forcefully.
>
> 2. support ACPI shutdown and destroy two APIs. support "force off" and
> "shutdown" 2 buttons in UI.
> "shutdown" means ACPI shutdown. but we can not guarantee it can shutdown
> the VM.
That bring another idea to my head. As to emulate the real world as
possible as we can, we can have only one button in the UI, say 'power'
button. The user can click the 'power' button in the first try to see
if the vm can be shutdown gracefully. If that fails, the user can click
and hold the button for a while to force the system off.
> If the user find the VM is not shutdown for some time, he can try
to
> force power off the VM
>
>
I'd prefer option 2. Only the user knows what's inside the VM, and we
should not force a power off. Furthermore, option 1 makes the back-end
complicated. Option 2 is better, because it's up to the user to
determine what to do. In real world computers, pressing the power button
once sends an ACPI shutdown signal to the OS. If the OS hangs, the user
can keep pressing the power button till the computer power off. We
should mimic this behavior. We can have two buttons, "Gracefully
Shutdown" and "Hard Stop".