Re: [libvirt] RFC: An "embedded" mode for QEMU/LXC drivers
On 01/02/2013 09:55 PM, Richard W.M. Jones wrote:
On Wed, Jan 02, 2013 at 03:36:54PM +0000, Daniel P. Berrange wrote:
> This is something I was thinking about a little over the christmas
> break. I've no intention of implementing this in the immediate
> future, but wanted to post it while it was fresh in my mind.
>
> Historically we have had 2 ways of using the stateful drivers like
> QEMU/LXC/UML/etc.
>
> - "system mode" - privileged libvirtd, one per host, started at boot
> - "session mode" - unprivileged libvirtd, one per non-root user,
autostarted
>
> This leads me to wonder whether it is worth exploring the idea of
a new
> type of libvirt connection.
>
> - "embed mode" - no libvirtd, driver runs in application context
Seems like an excellent idea.
Seconded. But I also have to wonder if Dan's work-in-progress on
fine-grain ACLs could also be used for the case of isolating domains
under the control of libguestfs so that virt-manager/oVirt/what-not
can't control the libguestfs domains, even though all the domains are
managed by the same libvirtd. In other words, you may be able to
achieve embedded semantics by means of ACLs.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 619 bytes)