Re: [libvirt] vmfork in KVM
On 05/08/2015 03:55 AM, Zhi Yong Wu wrote:
HI, all guys
Why does vmfork not get supported by KVM project? What is the
drawback? It's very cool if it's used in some scenario, e.g. HPC. It
will be appreciated for your comments, thanks.
In general, live cloning of a VM is a security nightmare - you have to
make sure that either both sides of the fork will never be exposed to
the same network, or that you figure out how to scrub everything such as
IP addresses and random number state so that the two VMs are independent
enough as to not be able to guess the behavior of one guest by observing
the other. Offline cloning is a much more tractable problem.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 604 bytes)