Re: RFC: An "embedded" mode for QEMU/LXC drivers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 01/02/2013 09:55 PM, Richard W.M. Jones wrote:
> On Wed, Jan 02, 2013 at 03:36:54PM +0000, Daniel P. Berrange wrote:
>> This is something I was thinking about a little over the christmas
>> break. I've no intention of implementing this in the immediate
>> future, but wanted to post it while it was fresh in my mind.
>>
>> Historically we have had 2 ways of using the stateful drivers like
>> QEMU/LXC/UML/etc.
>>
>>  - "system mode"  - privileged libvirtd, one per host, started at boot
>>  - "session mode" - unprivileged libvirtd, one per non-root user, autostarted
>>

>> This leads me to wonder whether it is worth exploring the idea of a new
>> type of libvirt connection.
>>
>>  - "embed mode" - no libvirtd, driver runs in application context
> 
> Seems like an excellent idea.

Seconded.  But I also have to wonder if Dan's work-in-progress on
fine-grain ACLs could also be used for the case of isolating domains
under the control of libguestfs so that virt-manager/oVirt/what-not
can't control the libguestfs domains, even though all the domains are
managed by the same libvirtd.  In other words, you may be able to
achieve embedded semantics by means of ACLs.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]