Domain capabilities XML format

Overview

Sometimes, when a new domain is to be created it may come handy to know the capabilities of the hypervisor so the correct combination of devices and drivers is used. For example, when management application is considering the mode for a host device's passthrough there are several options depending not only on host, but on hypervisor in question too. If the hypervisor is qemu then it needs to be more recent to support VFIO, while legacy KVM is achievable just fine with older qemus.

The main difference between virConnectGetCapabilities and the emulator capabilities API is, the former one aims more on the host capabilities (e.g. NUMA topology, security models in effect, etc.) while the latter one specializes on the hypervisor capabilities.

While the Driver Capabilities provides the host capabilities (e.g NUMA topology, security models in effect, etc.), the Domain Capabilities provides the hypervisor specific capabilities for Management Applications to query and make decisions regarding what to utilize.

The Domain Capabilities can provide information such as the correct combination of devices and drivers that are supported. Knowing which host and hypervisor specific options are available or supported would allow the management application to choose an appropriate mode for a pass-through host device as well as which adapter to utilize.

Element and attribute overview

A new query interface was added to the virConnect API's to retrieve the XML listing of the set of domain capabilities (Since 1.2.7):

          virConnectGetDomainCapabilities

The root element that emulator capability XML document starts with has name domainCapabilities. It contains at least four direct child elements:

<domainCapabilities>
  <path>/usr/bin/qemu-system-x86_64</path>
  <domain>kvm</domain>
  <machine>pc-i440fx-2.1</machine>
  <arch>x86_64</arch>
  ...
</domainCapabilities>
path
The full path to the emulator binary.
domain
Describes the virtualization type (or so called domain type).
machine
The domain's machine type. Since not every hypervisor has a sense of machine types this element might be omitted in such drivers.
arch
The domain's architecture.

CPU Allocation

Before any devices capability occurs, there might be a info on domain wide capabilities, e.g. virtual CPUs:

<domainCapabilities>
  ...
  <vcpu max='255'/>
  ...
</domainCapabilities>
vcpu
The maximum number of supported virtual CPUs

BIOS bootloader

Sometimes users might want to tweak some BIOS knobs or use UEFI. For cases like that, os element exposes what values can be passed to its children.

<domainCapabilities>
  ...
  <os supported='yes'>
    <loader supported='yes'>
      <value>/usr/share/OVMF/OVMF_CODE.fd</value>
      <enum name='type'>
        <value>rom</value>
        <value>pflash</value>
      </enum>
      <enum name='readonly'>
        <value>yes</value>
        <value>no</value>
      </enum>
    </loader>
  </os>
  ...
<domainCapabilities>

For the loader element, the following can occur:

value
List of known loader paths. Currently this is only used to advertise known locations of OVMF binaries for qemu. Binaries will only be listed if they actually exist on disk.
type
Whether loader is a typical BIOS (rom) or an UEFI binary (pflash). This refers to type attribute of the <loader/> element.
readonly
Options for the readonly attribute of the <loader/> element.

CPU configuration

The cpu element exposes options usable for configuring guest CPUs. 

<domainCapabilities>
  ...
  <cpu>
    <mode name='host-passthrough' supported='yes'/>
    <mode name='host-model' supported='yes'>
      <model fallback='allow'>Broadwell</model>
      <vendor>Intel</vendor>
      <feature policy='disable' name='aes'/>
      <feature policy='require' name='vmx'/>
    </mode>
    <mode name='custom' supported='yes'>
      <model usable='no'>Broadwell</model>
      <model usable='yes'>Broadwell-noTSX</model>
      <model usable='no'>Haswell</model>
      ...
    </mode>
  </cpu>
  ...
<domainCapabilities>

Each CPU mode understood by libvirt is described with a mode element which tells whether the particular mode is supported and provides (when applicable) more details about it:

host-passthrough
No mode specific details are provided.
host-model
If host-model is supported by the hypervisor, the mode describes the guest CPU which will be used when starting a domain with host-model CPU. The hypervisor specifics (such as unsupported CPU models or features, machine type, etc.) may be accounted for in this guest CPU specification and thus the CPU can be different from the one shown in host capabilities XML. This is indicated by the fallback attribute of the model sub element: allow means not all specifics were accounted for and thus the CPU a guest will see may be different; forbid indicates that the CPU a guest will see should match this CPU definition.
custom
The mode element contains a list of supported CPU models, each described by a dedicated model element. The usable attribute specifies whether the model can be used on the host. A special value unknown indicates libvirt does not have enough information to provide the usability data.

Devices

Another set of XML elements describe the supported devices and their capabilities. All devices occur as children of the main devices element. 

<domainCapabilities>
  ...
  <devices>
    <disk supported='yes'>
      <enum name='diskDevice'>
        <value>disk</value>
        <value>cdrom</value>
        <value>floppy</value>
        <value>lun</value>
      </enum>
      ...
    </disk>
    <hostdev supported='no'/>
  </devices>
</domainCapabilities>

Reported capabilities are expressed as an enumerated list of available options for each of the element or attribute. For example, the <disk/> element has an attribute device which can support the values disk, cdrom, floppy, or lun.

Hard drives, floppy disks, CDROMs

Disk capabilities are exposed under the disk element. For instance:

<domainCapabilities>
  ...
  <devices>
    <disk supported='yes'>
      <enum name='diskDevice'>
        <value>disk</value>
        <value>cdrom</value>
        <value>floppy</value>
        <value>lun</value>
      </enum>
      <enum name='bus'>
        <value>ide</value>
        <value>fdc</value>
        <value>scsi</value>
        <value>virtio</value>
        <value>xen</value>
        <value>usb</value>
        <value>uml</value>
        <value>sata</value>
        <value>sd</value>
      </enum>
    </disk>
    ...
  </devices>
</domainCapabilities>
diskDevice
Options for the device attribute of the <disk/> element.
bus
Options for the bus attribute of the <target/> element for a <disk/>.

Graphical framebuffers

Graphics device capabilities are exposed under the graphics element. For instance:

<domainCapabilities>
  ...
  <devices>
    <graphics supported='yes'>
      <enum name='type'>
        <value>sdl</value>
        <value>vnc</value>
        <value>spice</value>
      </enum>
    </graphics>
    ...
  </devices>
</domainCapabilities>
type
Options for the type attribute of the <graphics/> element.

Video device

Video device capabilities are exposed under the video element. For instance:

<domainCapabilities>
  ...
  <devices>
    <video supported='yes'>
      <enum name='modelType'>
        <value>vga</value>
        <value>cirrus</value>
        <value>vmvga</value>
        <value>qxl</value>
        <value>virtio</value>
      </enum>
    </video>
    ...
  </devices>
</domainCapabilities>
modelType
Options for the type attribute of the <video><model> element.

Host device assignment

Some host devices can be passed through to a guest (e.g. USB, PCI and SCSI). Well, only if the following is enabled:

<domainCapabilities>
  ...
  <devices>
    <hostdev supported='yes'>
      <enum name='mode'>
        <value>subsystem</value>
        <value>capabilities</value>
      </enum>
      <enum name='startupPolicy'>
        <value>default</value>
        <value>mandatory</value>
        <value>requisite</value>
        <value>optional</value>
      </enum>
      <enum name='subsysType'>
        <value>usb</value>
        <value>pci</value>
        <value>scsi</value>
      </enum>
      <enum name='capsType'>
        <value>storage</value>
        <value>misc</value>
        <value>net</value>
      </enum>
      <enum name='pciBackend'>
        <value>default</value>
        <value>kvm</value>
        <value>vfio</value>
        <value>xen</value>
      </enum>
    </hostdev>
  </devices>
</domainCapabilities>
mode
Options for the mode attribute of the <hostdev/> element.
startupPolicy
Options for the startupPolicy attribute of the <hostdev/> element.
subsysType
Options for the type attribute of the <hostdev/> element in case of mode="subsystem".
capsType
Options for the type attribute of the <hostdev/> element in case of mode="capabilities".
pciBackend
Options for the name attribute of the <driver/> element.

Features

One more set of XML elements describe the supported features and their capabilities. All features occur as children of the main features element.

<domainCapabilities>
  ...
  <features>
    <gic supported='yes'>
      <enum name='version'>
        <value>2</value>
        <value>3</value>
      </enum>
    </gic>
  </features>
</domainCapabilities>

Reported capabilities are expressed as an enumerated list of possible values for each of the elements or attributes. For example, the gic element has an attribute version which can support the values 2 or 3.

For information about the purpose of each feature, see the relevant section in the domain XML documentation.

GIC capabilities

GIC capabilities are exposed under the gic element.

version
Options for the version attribute of the gic element.