[PATCH for discussion only] launch: Add add_drive 'serial' option.
by Richard W.M. Jones
These two patches are for discussion of the proposed API only (in
fact, it doesn't compile).
virtio-scsi allows you to name drives (using the qemu serial=...
option or libvirt <serial/>). Let's allow users to specify a serial
when adding a drive, and then map that to a well-known name in the
libguestfs API (/dev/disk/guests/SERIAL[PARTNUM]).
Note that I chose not to change list-devices / list-partitions. These
still return raw device names (which still exist, even if the serial
is used). Instead there is a new API called list-serial-names which
returns a mapping of the serial names to raw device names.
This patch is in preparation for hotplugging. The plan would be to
remove the restriction that add_drive{_opts} has to be called before
launch. If it's called after launch (ie. hotplugging) then we
strongly recommend that users specify the serial option so the disk
has a predictable name.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/
12 years, 3 months
Passphrases for libguestfs disks
by Richard W.M. Jones
Dan:
Couple of points I forgot to raise at the meeting:
(1) Libguestfs identifies keys differently from strings in the
generator (Key vs String), but DOESN'T mlock keys into memory.
This is (or *was* -- see below) for a good reason: Because we pass
these keys into the appliance, and because the appliance runs in
regular qemu, there's not much point in going to the trouble in
libguestfs when qemu is just going to spill them to swap anyway.
(2) Libguestfs has historically never supported host-encrypted
devices, eg. encrypted qcow2 files. Mainly because no one has ever
asked for it. With the libvirt backend we ought to be able to support
these.
We could create a transient secret, in which case we would modify
libguestfs to do the necessary mlocking.
Or (perhaps better) we might pass the UUID of the secret to libvirt,
and let libvirt manage the secret entirely. I'm not sure this latter
method will work given that essentially most of the time we are using
the session libvirtd.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top
12 years, 3 months
no man page for guestfsd
by Olaf Hering
rpmlint complains that guestfsd has no man page. I think its a good
idea to provide one also for guestfsd.
Olaf
12 years, 3 months