Re: [Libvir] [RFC] Life-cycle Management of the domain take2
Hi,
Thank you for your comment.
On Fri, 11 May 2007 19:29:48 +0100 "Daniel P. Berrange" wrote:
On Fri, May 11, 2007 at 07:15:33PM +0100, Daniel P. Berrange wrote:
>
> If the guest was created by libvirt, then I consider it a bug if the XML
> dump does not allow re-creation in exact same config.
>
> If the guest was created by non-libvirt app, then there may be some xen
> specific bits we don't support in libvirt. So be it - there are some things
> we simply don't want to support. For any of the latter case, we can at
> least evaluate whether it makes sense to support them throughout libvirt,
> and/or accept patches.
That means the libvirt basically supports a guest that was created by libvirt
( or virt-install ), right ?
I think that would be a waste because we would miss an opportunity to get
new customers. I personally want to support the guest was created by non-libvirt
app too.
> The main flaw I see currently is that the vncpassword is missing
from the
> XML. We left that out for security obviously. We definitely have to exclude
> it if using a read-only connection. For a read-write connection we should
> probably continue to exclude it by default, since apps often write the XML
> dump to logfiles. We do fortunately have a (currently unused) flags argument
> to virDomainGetXMLDesc
>
> char * virDomainGetXMLDesc (virDomainPtr domain,
> int flags);
>
> I propose we add a flag LIBVIRT_XML_INCLUDE_SENSITIVE or something like
> that. If that flag were used, then we could include the password in the
> returned XML. Any apps using that flag would be aware that the XML should
> be treated as sensitive & thus not logged.
On this subject of XML dumps for live VMs, there is the option that the
live VM config will be different from the one on disk. Currently the
virDomainGetXMLDesc will always give you the live config if the guest
is running, and the disk config if the guest is not running. The option
missing here is obviously a way to get the disk config if the guest is
running. Now we have this convenient flags arg here still which we could
use:
char *livexml = virDomainGetXMLDesc(dom, 0);
char *diskxml = virDomainGetXMLDesc(dom, VIR_DOMAIN_XML_INACTIVE);
Once you have the real diskxml, then you can update it & use the
virDomainDefineXML(dom, diskxml)
to re-write it on disk,
virDomainCreate(dom, diskxml)
if you want to create a VM with the new config, without actually updating
the config on disk
It is good idea to use that flags. I would like to use your idea when the fix of
domainDumpXML is needed.
But I am afraid that I am not in a position to go further, because I have not
had a discussion about this RFC still enough.
This is a important things, so I keep your idea in my mind !
Thanks,
Saori Fukuta