Re: [libvirt-users] Accessing libvirtd from multiple agents
On 04/11/2013 11:47 AM, arvind viswanathan wrote:
Hi,
I was wondering if multiple remote agents can access the same libvirtd. How
do we prevent conflicting commands from the different agents. Can different
access permission be set for the agents? (The documentation usually goes
over the case where one agent can access multiple libvirtd and not this
case)
Yes, multiple connections can access the same libvirtd (up to
max_clients in /etc/libvirt/libvirtd.conf), whether local or remote. In
fact, for some APIs, such as migration, you HAVE to have two connections
if you want to track progress of a long-running command (the second
connection can issue non-blocking queries while the first connection is
still blocked). Conflict between connection is prevented by using
proper mutex locking around critical sections within libvirtd.
As for differing permissions per connection, we aren't quite there yet.
Daniel Berrange is working on a patch series that will add fine-grained
ACL (access control list) permissions per connection, but it is not yet
complete; read the libvir-list(a)redhat.com archives for more details on
what will be added sometime in the future.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 621 bytes)