[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libvir] PATCH: Allow libvirtd configuration for QEMU VNC server



On Thu, Oct 11, 2007 at 10:52:13PM +0100, Daniel P. Berrange wrote:
> The QEMU VNC server spawned by the QEMU driver in libvirt is hardcoded to
> start off on 127.0.0.1, unless the person creating a guest overides this in
> the XML passed to libvirt. If wanting to setup off-host VNC access, it is
> much much more convenient to be able to set the system wide default to be
> 0.0.0.0 than to specify 0.0.0.0 for each VM created. 
> 
> In addition, it is desirable to be able to configure use of TLS and x509
> certificates for the VNC servers system wide.
> 
> In Xen world this is already possible through the /etc/xen/xend-config.sxp
> configuration file.
> 
> In QEMU world, libvirtd takes the place of XenD. The /etc/libvirt/libvirtd.conf
> file though is for the daemon as a whole. There is no config file for the 
> QEMU driver in libvirt itself. So this patch extends the QEMU driver to be
> able to load /etc/libvirt/qemu.conf and configure a handful of options.
> 
>   - vnc_listen = "0.0.0.0"   - the address for VNC to listen on. Defaults
>                                to 127.0.0.1 for security sake
>   - vnc_tls = 1              - turn on use of TLS extension
>   - vnc_tls_x509_verify      - request client certificates for auth
>   - vnc_tls_cert_dir         - the location of the VNC server certs.
>                                Defaults to /etc/pki/libvirt-vnc
> 
> The code for building command line args for the -vnc flag to QEMU takes
> care to look at these options & add approprivate syntax.

  Sounds sensible, but shouldn't we provide a default qemu.conf example with
a detail of the options, in which case the file should also be added,
and the Makefile.am/libvirt.spec.in should be extended for it, no ?. We don't
do this apparently for libvirtd.conf maybe that should be fixed too, I'm a
bit worried if configuration files start to pop out and the user can't easilly
find out they exist and how they should be used, default templates sounds
the best approach to me.

  +1

Daniel

-- 
Red Hat Virtualization group http://redhat.com/virtualization/
Daniel Veillard      | virtualization library  http://libvirt.org/
veillard redhat com  | libxml GNOME XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine  http://rpmfind.net/


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]