7:47 p.m.
I'm looking at building a framework which makes use of KVM's
pseudo-migration support for snapshot management. To my knowledge, this
functionality is not presently available through libvirt.
Is it possible to send arbitrary qemu/kvm admin console commands to a VM
started and controlled by libvirt, or does any requirement for
funtionality not presently exposed through libvirt conflict with its use?
Thanks!
1:22 a.m.
On Mon, Jun 02, 2008 at 07:47:52PM -0500, Charles Duffy wrote:
I'm looking at building a framework which makes use of KVM's
pseudo-migration support for snapshot management. To my knowledge, this
functionality is not presently available through libvirt.
Is it possible to send arbitrary qemu/kvm admin console commands to a VM
started and controlled by libvirt, or does any requirement for
funtionality not presently exposed through libvirt conflict with its use?
My recollection is that it's not allowed because it's a huge security hole.
Daniel
--
Red Hat Virtualization group http://redhat.com/virtualization/
Daniel Veillard | virtualization library http://libvirt.org/
veillard(a)redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
3:06 a.m.
On Mon, Jun 02, 2008 at 07:47:52PM -0500, Charles Duffy wrote:
I'm looking at building a framework which makes use of KVM's
pseudo-migration support for snapshot management. To my knowledge, this
functionality is not presently available through libvirt.
Is it possible to send arbitrary qemu/kvm admin console commands to a VM
started and controlled by libvirt, or does any requirement for funtionality
not presently exposed through libvirt conflict with its use?
We'd really like you to send commands via libvirt.
Which commands in particular do you want to send? I have an
outstanding patch [1] to support KVM migration which just needs much
more testing. Perhaps it does what you need already?
Rich.
[1] http://www.redhat.com/archives/libvir-list/2008-May/msg00276.html
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/
6:42 a.m.
Richard W.M. Jones wrote:
On Mon, Jun 02, 2008 at 07:47:52PM -0500, Charles Duffy wrote:
> I'm looking at building a framework which makes use of KVM's
> pseudo-migration support for snapshot management. To my knowledge, this
> functionality is not presently available through libvirt.
>
> Is it possible to send arbitrary qemu/kvm admin console commands to a VM
> started and controlled by libvirt, or does any requirement for funtionality
> not presently exposed through libvirt conflict with its use?
We'd really like you to send commands via libvirt.
Which commands in particular do you want to send? I have an
outstanding patch [1] to support KVM migration which just needs much
more testing. Perhaps it does what you need already?
It looks to me like that patch only supports migrating to a tcp://
socket, not what I was looking to do... but looking at the qemu driver's
implementation of save and restore, I should be able to use those
commands as they already exist.
My apologies for the noise.
3:40 a.m.
On Mon, Jun 02, 2008 at 07:47:52PM -0500, Charles Duffy wrote:
I'm looking at building a framework which makes use of KVM's
pseudo-migration support for snapshot management. To my knowledge, this
functionality is not presently available through libvirt.
Is it possible to send arbitrary qemu/kvm admin console commands to a VM
started and controlled by libvirt, or does any requirement for
funtionality not presently exposed through libvirt conflict with its use?
Providing access to the monitor console is a huge security hole - the guest
admin would be able to access any file on the host. There was a previous
CVE issued for such a security flaw in Xen.
Dan.
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
6018
days inactive
6018
days old
4 comments
4 participants
participants (4)
-
Charles Duffy -
Daniel P. Berrange -
Daniel Veillard -
Richard W.M. Jones