[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [fedora-virt] customizing VMM on a per-user basis to use libguestfs?



Daniel P. Berrange wrote:
On Fri, Apr 24, 2009 at 12:00:13PM -0400, Bill Davidsen wrote:
Daniel P. Berrange wrote:
There are two classes of libvirt driver connection

- Privileged, per-host connections
- Unprivileged, per-user connections


Xen provides a per-host connection. UserModeLinux and QEMU provide both (qemu:///system and qemu:///session). VirtualBox just proivides
a per-user instance (vbox:///session) and so on.

Now by default in Fedora, when connecting to QEMU, virt-manager will
use the privileged per-host connection, so VMs end up in the system
directory /var/lib/libvirt/images.

Our goal (perhaps for F12) should be for local desktop virt use
cases to use the unprivileged  QEMU connection qemu://session
by default, and have VM disk images stored in your home directory
I'm not sure that home directory is where people would want images, I suspect that an arbitrary location would be far more flexible. Using KVM without a VMM, I can put images in someplace obvious, like $HOME/virtual/Images (with install ISO images in ~/virtual/ISO) so my virtual machines are not co-mingled with other things. My system stuff is in /mnt/virtual/Images and people use it by using qemu-img to make a local qcow2 images for their personal machines (including test config, obviously).

I hinted earlier, but there are 2 core use cases too

 - Local desktop virtualization. eg developers / Vmware workstation use case
 - Server virtualization

Thes respectively map onto the 2 types of libvirt connection I talk about
above

 - Unprivileged, per-user connections
 - Privileged, per-host connections

Now, when I then talk about directories, we're only talking about
the 'default' out of the box config, which respectively will be
something like

 - $HOME/VirtualImages
 - /var/lib/libvirt/images

Libvirt (and virt-manager) has extensive storage management APIs now,
and can easily deal with alternative locations for storing images.
So if these default ones aren't suitable, then it'll be perectly
fine to tell virt-manager all images should live in /mnt/virtual/Images
instead.

No, those look like fine default choices, and as you note below labeling can now be automated to solve problems like this before they happen. I'm sadly aware of labeling problems, since I run a fair number of off-label programs I have to setup myself.

Sounds as if the problem is addresses, thanks.
Questions:
- did I make clear why some flexibility is desirable?

We've nothing against flexibility - we're really just considering the
default out of the box config.
- is there any technical reason not to make this an arbitrary path?

Historically SELinux has wanted images in particular locations. With
the introduction of SVirt in libvirt, we have much more advanced
SELinux integration and will in fact automatically re-label images
to match the needs of a VM. So allowing arbitary locations *and*
still being in compliance with SELinux policy is now practical

Daniel


--
bill davidsen <davidsen tmr com>
 CTO TMR Associates, Inc

"You are disgraced professional losers. And by the way, give us our money back."
   - Representative Earl Pomeroy,  Democrat of North Dakota
on the A.I.G. executives who were paid bonuses  after a federal bailout.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]