vhostmd - virtio channel support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi

I would like to add virtio based communication to vhostmd.

The current vhostmd implementation writes the metric data of all VMs and the host to a single file. This file is mapped as a disk to all VMs and due to that every VM can see all VMs and also has access to the whole data set of all VMs.
>From security perspective this could be more restrictive and a ‘per  VM’ view on the data would help to improve the situation a bit.


So far I have implemented the virtio channel based communication between VMs and vhostmd and tested the feature in a local setup.

Let's start with the relevant VM config:
<domain type='kvm'>
  <name>vm_015</name>
  <uuid>cf335144-567d-11e7-000f-0000594d2d82</uuid>
...
    <channel type='unix'>
      <source mode='bind' path='/var/lib/libvirt/qemu/channels/cf335144-567d-11e7-000f-0000594d2d82'/>
      <target type='virtio' name='vhostmd'/>
      <address type='virtio-serial' controller='0' bus='0' port='1'/>
    </channel>

Based on that, the VM can access the virtio channel on /dev/vport1p1

On the host side, vhostmd regularly checks the '/var/lib/libvirt/qemu/channels /' directory and connects to new channels.
Metric updates are stored in a host buffer and a separate buffer per VM and as soon as a request 'GET XML\n\n' is received a response with host- and VM-buffer is send to the channel.
Request/response currently does not implement a full protocol, that's out of scope, but it might be a starting point to implement additional request types.
There is no additional thread or process involved, the virtio part is triggered in an additional call in
    /* Main run loop for vhostmd */
    static int vhostmd_run(int diskfd)
    ...
   while(!down) {

Channel I/O is nonblocking and in addition epoll is used to handle connections.

So far I've tested in a setup with 40 VMs for several days with a mix of continuously running/restarting VMs and a simple 'virtio client' inside each VM.

Well, before this gets to detailed I guess it's better to have a look into my changes ;-)

https://github.com/TrappM/vhostmd/commit/4e33175cd403bc1c4f5725b5fe68c74dc209e30a



Michael




_______________________________________________
virt-tools-list mailing list
virt-tools-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/virt-tools-list
[Index of Archives]     [Linux Virtualization]     [KVM Development]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux