On 16.02.2016 17:48, Guido Günther wrote:
> On Mon, Feb 15, 2016 at 05:38:37PM +0100, Michal Privoznik wrote:
>> Are you tired of remembering IP addresses for your domains? Do
>> you have enough of configuring static IPs so that you can add
>> them to your hosts file? Then libvirt NSS module is exactly what
>> you need!
>>
>> NSS does a lot in a Linux host. These patches aim at translating
>> domain names into IP addresses. All you need to do, is install
>> libnss_libvirt.so.2 (e.g. via 'make install' ran from source
>> dir), enable the module in nsswitch.conf:
>>
>> $ grep libvirt /etc/nsswitch.conf
>> hosts: files dns libvirt
>>
>> and you're all set. Now you can just:
>>
>> $ ping $mydomain
>> $ ssh user@$mydomain
>>
>> or anything you'd like. The only limitation is that it has to be
>> libvirt who has assigned the domain IP address. The limitation
>> comes from implementation in which
>> '/var/lib/libvirt/dnsmasq/*.status' files are parsed when looking
>> up a hostname.
>>
>> What's beautiful on this feature is that it helps any users
>> regardless of their systemd attitude. On systemd hosts there
>> already exists a similar module 'mymachines' which takes its data
>> from machined. And libvirt does communicate with machined when
>> creating a domain. But unfortunately at that time we know nothing
>> about guest's IPs and therefore do not tell them to machined,
>> which in turn can't tell anything to mymachines module. To make
>> things worse, machined seems to be lacking an API to tell it the
>> addresses later on when libvirt finds out. Therefore even systemd
>> distros will benefit from this feature.
>
> Nice. For a similar purpose I hacked up simplec a while ago:
>
>
https://github.com/agx/simplec
>
> it works by fetching domain IPs using our APIs and stores them in a file
> for a dnsmasq instance to read. This allows to even collect IPs from
> remote URIs.
>
Interesting. Esp. the remote URIs part. That's what I was wondering when
writing my module, whether I should actually open a libvirt connection
and use public API to retrieve IPs or parsing an internal file is just
enough. But I could not think of any useful use case where I'd need to
resolve remote IPs. I mean, either those IPs are in a private network so
they are useless, or they come from the same subnet as host ones and in
that case external DHCP server has assigned them and hopefully set DNS
records too. What's your use case?
IMHO opening a libvirt connection would be a pretty bad idea - this
code runs in pretty much any process on the host so you want to keep
the code in the NSS module small and simple with as little performance
overhead, nor potential with slow response.
Regards,
Daniel
--
|: