Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-10-08 Thread Daniel P. Berrange
On Wed, Oct 02, 2013 at 11:07:23AM -0700, Ravi Chunduru wrote:
 Hi Daniel,
   I will modify the blueprint as per your suggestions. Actually, we can use
 state_path in nova.conf if set or the default location.

This set of config vars:

  - Enable unix channels
  - No of Unix Channels
  - Target name


is really overkill. All you need is a list of target names really.
The 'enable unix channels' option is obviously 'true' if you have
any target names listed. And likewise the number of channels is
just the number of target names listed.

Also all hardware related config properties should have a 'hw_'
prefix on their name eg

   # glance image-update \
 --property hw_channels=name1,name2,name3 \
 f16-x86_64-openstack-sda

I still don't see clear enough information in the blueprint about
how this is actually going to be used. In particular the interaction
between neutron  nova.

eg you talk about neutron agents, which implies that the admins who
run the OpenStack instance are in charge. But then the image meta
stuff is really end user facing. In the talk of 'appliance vendors'
is unclear who is deploying the stuff provided by the vendors.

I'd like to see the blueprint outline the complete process of how
each part is configured from end-to-end and who is responsible for
each bit. If this is intended to be completely internal to the
admins running the neutron/nova services, then we don't want the
glance image properties to be exposed to end users.

Regards,
Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-10-02 Thread Ravi Chunduru
Hi Daniel,
  I will modify the blueprint as per your suggestions. Actually, we can use
state_path in nova.conf if set or the default location.

Thanks,
-Ravi.


On Tue, Oct 1, 2013 at 1:57 AM, Daniel P. Berrange berra...@redhat.comwrote:

 On Mon, Sep 30, 2013 at 02:25:30PM -0700, Ravi Chunduru wrote:
  Alessandro,
   I agree with you. I created a Blueprint. Let us collaborate and achieve
  this on all types of hypervisors.
 
  All,
 
  Here is the link for the BP as discussed.
 
 https://blueprints.launchpad.net/nova/+spec/appliance-communication-channel

 That needs to be expanded to describe more about the intended usage
 of the setup, and consider any security issues. IMHO we really do
 not want this exposed to end users - particularly not whuen you are
 proposing the ability to set arbitrary file paths for the UNIX
 sockets against images. That woudl be a security flaw as proposed
 in that doc.


 Daniel
 --
 |: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/:|
 |: http://libvirt.org  -o- http://virt-manager.org:|
 |: http://autobuild.org   -o- http://search.cpan.org/~danberr/:|
 |: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc:|

 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev




-- 
Ravi
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-10-02 Thread Bob Ball
The blueprint currently seems libvirt specific to me?  Is there a common - 
perhaps abstracted - interface that we can provide through Nova / image 
meta-data which will be implemented by each driver in their own way?

Otherwise I can see a bigger mess of metadata values where libvirt uses 
enable_unix_channels, Xen uses enable_cross_domain_channel - each with their 
corresponding and custom ways of configuring the behaviour.



Bob




From: Ravi Chunduru [ravi...@gmail.com]
Sent: 02 October 2013 19:07
To: Daniel P. Berrange; OpenStack Development Mailing List
Subject: Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova 
libvirt driver

Hi Daniel,
  I will modify the blueprint as per your suggestions. Actually, we can use 
state_path in nova.conf if set or the default location.

Thanks,
-Ravi.


On Tue, Oct 1, 2013 at 1:57 AM, Daniel P. Berrange 
berra...@redhat.commailto:berra...@redhat.com wrote:
On Mon, Sep 30, 2013 at 02:25:30PM -0700, Ravi Chunduru wrote:
 Alessandro,
  I agree with you. I created a Blueprint. Let us collaborate and achieve
 this on all types of hypervisors.

 All,

 Here is the link for the BP as discussed.
 https://blueprints.launchpad.net/nova/+spec/appliance-communication-channel

That needs to be expanded to describe more about the intended usage
of the setup, and consider any security issues. IMHO we really do
not want this exposed to end users - particularly not whuen you are
proposing the ability to set arbitrary file paths for the UNIX
sockets against images. That woudl be a security flaw as proposed
in that doc.


Daniel
--
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.orgmailto:OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



--
Ravi
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-10-02 Thread Ravi Chunduru
Hi Bob,
 Are we talking about naming convention, if so - I am open to suggestions.
 We are defining  metadata for Image - Based on it, virt drivers can
consume it appropriately.

Thanks,
-Ravi.


On Wed, Oct 2, 2013 at 3:17 PM, Bob Ball bob.b...@citrix.com wrote:

  The blueprint currently seems libvirt specific to me?  Is there a common
 - perhaps abstracted - interface that we can provide through Nova / image
 meta-data which will be implemented by each driver in their own way?

 Otherwise I can see a bigger mess of metadata values where libvirt uses
 enable_unix_channels, Xen uses enable_cross_domain_channel - each with
 their corresponding and custom ways of configuring the behaviour.



 Bob


  --
 *From:* Ravi Chunduru [ravi...@gmail.com]
 *Sent:* 02 October 2013 19:07
 *To:* Daniel P. Berrange; OpenStack Development Mailing List

 *Subject:* Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for
 Nova libvirt driver

   Hi Daniel,
   I will modify the blueprint as per your suggestions. Actually, we can
 use state_path in nova.conf if set or the default location.

  Thanks,
 -Ravi.


 On Tue, Oct 1, 2013 at 1:57 AM, Daniel P. Berrange berra...@redhat.comwrote:

 On Mon, Sep 30, 2013 at 02:25:30PM -0700, Ravi Chunduru wrote:
  Alessandro,
   I agree with you. I created a Blueprint. Let us collaborate and achieve
  this on all types of hypervisors.
 
  All,
 
  Here is the link for the BP as discussed.
 
 https://blueprints.launchpad.net/nova/+spec/appliance-communication-channel

  That needs to be expanded to describe more about the intended usage
 of the setup, and consider any security issues. IMHO we really do
 not want this exposed to end users - particularly not whuen you are
 proposing the ability to set arbitrary file paths for the UNIX
 sockets against images. That woudl be a security flaw as proposed
 in that doc.


 Daniel
 --
 |: http://berrange.com  -o-
 http://www.flickr.com/photos/dberrange/ :|
 |: http://libvirt.org  -o-
 http://virt-manager.org :|
 |: http://autobuild.org   -o-
 http://search.cpan.org/~danberr/ :|
 |: http://entangle-photo.org   -o-
 http://live.gnome.org/gtk-vnc :|

 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev




  --
 Ravi

 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev




-- 
Ravi
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-10-01 Thread Daniel P. Berrange
On Mon, Sep 30, 2013 at 02:25:30PM -0700, Ravi Chunduru wrote:
 Alessandro,
  I agree with you. I created a Blueprint. Let us collaborate and achieve
 this on all types of hypervisors.
 
 All,
 
 Here is the link for the BP as discussed.
 https://blueprints.launchpad.net/nova/+spec/appliance-communication-channel

That needs to be expanded to describe more about the intended usage
of the setup, and consider any security issues. IMHO we really do
not want this exposed to end users - particularly not whuen you are
proposing the ability to set arbitrary file paths for the UNIX
sockets against images. That woudl be a security flaw as proposed
in that doc.


Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread P Balaji-B37839
Hi Daniel,

Thanks for comments and examples.

As you already know that for any application running on Host platform can 
communicate with Guest through Virtio-Serial device. What we are looking at is 
the security provided by Apparmor is crucial so that the Host will not allow 
any software running in Guest can access outside of the directories/files 
dynamically added in the libvirt-qemue configuration file of apparmor.

As this file is created dynamically from Libvirt XML file, We are thinking that 
if we can expose Virtio-serial device of Guest through Dashboard [Horizon], 
Then it will be good from host security perspective and as well it is upto the 
User to enable virtio-serial interface based on his requirements like 
Application software requirement in Guest.

Appreciate your comments or suggestions on this.

Regards,
Balaji.P
-Original Message-
From: Daniel P. Berrange [mailto:berra...@redhat.com] 
Sent: Thursday, September 26, 2013 1:41 PM
To: P Balaji-B37839
Cc: OpenStack Development Mailing List
Subject: Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova 
libvirt driver

On Thu, Sep 26, 2013 at 03:05:16AM +, P Balaji-B37839 wrote:
 Hi Ravi,
 
 We did this as part of PoC few months back.
 
 Daniel can give us more comments on this as he is the lead for Libvirt 
 support in Nova.

Just adding the ability to expose virtio-serial devices to the guest doesn't do 
much. You need to have a credible story for what connects and deals with the 
host side of the device in Nova. For the QEMU guest agent, libvirt will own the 
host side and use it for various APIs it supports. For the SPICE agent, QEMU 
owns the host side and uses it to support functionality used by the SPICE 
client.

Regards,
Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread Daniel P. Berrange
On Mon, Sep 30, 2013 at 08:32:51AM +, P Balaji-B37839 wrote:
 Hi Daniel,
 
 Thanks for comments and examples.
 
 As you already know that for any application running on Host platform
 can communicate with Guest through Virtio-Serial device. What we are
 looking at is the security provided by Apparmor is crucial so that the
 Host will not allow any software running in Guest can access outside of
 the directories/files dynamically added in the libvirt-qemue configuration
 file of apparmor.
 
 As this file is created dynamically from Libvirt XML file, We are thinking
 that if we can expose Virtio-serial device of Guest through Dashboard
 [Horizon], Then it will be good from host security perspective and as
 well it is upto the User to enable virtio-serial interface based on his
 requirements like Application software requirement in Guest.

This doesn't really answer my question. There are 2 commonly available
agents (SPICE agent + QEMU guest agent) in the KVM world and we have
support for those in Nova at least. There may be UI missing in Horizon
to enable though. Any further agents would require some kind of software
integration on the host with either qemu, libvirt or Nova itself. So any
blueprint should specify what that new agent is, and how it will be
integrated in the Nova compute host.

Regards,
Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread P Balaji-B37839
On Mon, Sep 30, 2013 at 08:32:51AM +, P Balaji-B37839 wrote:
 Hi Daniel,
 
 Thanks for comments and examples.
 
 As you already know that for any application running on Host platform 
 can communicate with Guest through Virtio-Serial device. What we are 
 looking at is the security provided by Apparmor is crucial so that the 
 Host will not allow any software running in Guest can access outside 
 of the directories/files dynamically added in the libvirt-qemue 
 configuration file of apparmor.
 
 As this file is created dynamically from Libvirt XML file, We are 
 thinking that if we can expose Virtio-serial device of Guest through 
 Dashboard [Horizon], Then it will be good from host security 
 perspective and as well it is upto the User to enable virtio-serial 
 interface based on his requirements like Application software requirement in 
 Guest.

This doesn't really answer my question. There are 2 commonly available agents 
(SPICE agent + QEMU guest agent) in the KVM world and we have support for those 
in Nova at least. There may be UI missing in Horizon to enable though. Any 
further agents would require some kind of software integration on the host with 
either qemu, libvirt or Nova itself. So any blueprint should specify what that 
new agent is, and how it will be integrated in the Nova compute host.
[P Balaji-B37839]  Correct. Nova has support for the commonly available agents 
as listed above. We are thinking about generic interface which can be used by 
any application software in Guest. More precisely, it will be like there won't 
be any agent in VM, Instead any Application Software can use this generic 
Virtio-Serial Interface to make use of communicating with Host. Using libvirt 
frame work might be best option, so that security aspects of exposing this 
interface can be taken care.

Please comment.

Regards,
Balaji.P

Regards,
Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread Daniel P. Berrange
On Mon, Sep 30, 2013 at 08:59:47AM +, P Balaji-B37839 wrote:
 On Mon, Sep 30, 2013 at 08:32:51AM +, P Balaji-B37839 wrote:
  Hi Daniel,
  
  Thanks for comments and examples.
  
  As you already know that for any application running on Host platform 
  can communicate with Guest through Virtio-Serial device. What we are 
  looking at is the security provided by Apparmor is crucial so that the 
  Host will not allow any software running in Guest can access outside 
  of the directories/files dynamically added in the libvirt-qemue 
  configuration file of apparmor.
  
  As this file is created dynamically from Libvirt XML file, We are 
  thinking that if we can expose Virtio-serial device of Guest through 
  Dashboard [Horizon], Then it will be good from host security 
  perspective and as well it is upto the User to enable virtio-serial 
  interface based on his requirements like Application software requirement 
  in Guest.
 
 This doesn't really answer my question. There are 2 commonly available
 agents (SPICE agent + QEMU guest agent) in the KVM world and we have
 support for those in Nova at least. There may be UI missing in Horizon
 to enable though. Any further agents would require some kind of software
 integration on the host with either qemu, libvirt or Nova itself. So any
 blueprint should specify what that new agent is, and how it will be 
 integrated in the Nova compute host.
 [P Balaji-B37839]  Correct. Nova has support for the commonly available
 agents as listed above. We are thinking about generic interface which can
 be used by any application software in Guest. More precisely, it will be
 like there won't be any agent in VM, Instead any Application Software
 can use this generic Virtio-Serial Interface to make use of communicating
 with Host. Using libvirt frame work might be best option, so that security
 aspects of exposing this interface can be taken care.

Please fix your email client so that it properly indents text you are
quoting with ' '. It makes it very hard to follow replies as your do
it now.

Communicating with *what* on the host ?

Regards,
Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread P Balaji-B37839
   Hi Daniel,
  
   Thanks for comments and examples.
  
   As you already know that for any application running on Host
   platform can communicate with Guest through Virtio-Serial device.
   What we are looking at is the security provided by Apparmor is
   crucial so that the Host will not allow any software running in
   Guest can access outside of the directories/files dynamically added
   in the libvirt-qemue configuration file of apparmor.
  
   As this file is created dynamically from Libvirt XML file, We are
   thinking that if we can expose Virtio-serial device of Guest through
   Dashboard [Horizon], Then it will be good from host security
   perspective and as well it is upto the User to enable virtio-serial
   interface based on his requirements like Application software
 requirement in Guest.
 
  This doesn't really answer my question. There are 2 commonly available
  agents (SPICE agent + QEMU guest agent) in the KVM world and we have
  support for those in Nova at least. There may be UI missing in Horizon
  to enable though. Any further agents would require some kind of
  software integration on the host with either qemu, libvirt or Nova
  itself. So any blueprint should specify what that new agent is, and
  how it will be integrated in the Nova compute host.
  [P Balaji-B37839]  Correct. Nova has support for the commonly
  available agents as listed above. We are thinking about generic
  interface which can be used by any application software in Guest. More
  precisely, it will be like there won't be any agent in VM, Instead any
  Application Software can use this generic Virtio-Serial Interface to
  make use of communicating with Host. Using libvirt frame work might be
  best option, so that security aspects of exposing this interface can be
 taken care.
 
 Please fix your email client so that it properly indents text you are
 quoting with ' '. It makes it very hard to follow replies as your do it
 now.
 
 Communicating with *what* on the host ?
[P Balaji-B37839] Here *what* refers to any daemon/agent which is proprietary 
based on the Application architecture inside Guest using the Virtio-Serial 
Interface created for VM.
 
 Regards,
 Daniel
 --
 |: http://berrange.com  -o-
 http://www.flickr.com/photos/dberrange/ :|
 |: http://libvirt.org  -o- http://virt-
 manager.org :|
 |: http://autobuild.org   -o-
 http://search.cpan.org/~danberr/ :|
 |: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-
 vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread Daniel P. Berrange
On Mon, Sep 30, 2013 at 11:31:58AM +, P Balaji-B37839 wrote:
Hi Daniel,
   
Thanks for comments and examples.
   
As you already know that for any application running on Host
platform can communicate with Guest through Virtio-Serial device.
What we are looking at is the security provided by Apparmor is
crucial so that the Host will not allow any software running in
Guest can access outside of the directories/files dynamically added
in the libvirt-qemue configuration file of apparmor.
   
As this file is created dynamically from Libvirt XML file, We are
thinking that if we can expose Virtio-serial device of Guest through
Dashboard [Horizon], Then it will be good from host security
perspective and as well it is upto the User to enable virtio-serial
interface based on his requirements like Application software
  requirement in Guest.
  
   This doesn't really answer my question. There are 2 commonly available
   agents (SPICE agent + QEMU guest agent) in the KVM world and we have
   support for those in Nova at least. There may be UI missing in Horizon
   to enable though. Any further agents would require some kind of
   software integration on the host with either qemu, libvirt or Nova
   itself. So any blueprint should specify what that new agent is, and
   how it will be integrated in the Nova compute host.
   [P Balaji-B37839]  Correct. Nova has support for the commonly
   available agents as listed above. We are thinking about generic
   interface which can be used by any application software in Guest. More
   precisely, it will be like there won't be any agent in VM, Instead any
   Application Software can use this generic Virtio-Serial Interface to
   make use of communicating with Host. Using libvirt frame work might be
   best option, so that security aspects of exposing this interface can be
  taken care.
  
  Please fix your email client so that it properly indents text you are
  quoting with ' '. It makes it very hard to follow replies as your do it
  now.
  
  Communicating with *what* on the host ?
 [P Balaji-B37839] Here *what* refers to any daemon/agent which is
 proprietary based on the Application architecture inside Guest using
 the Virtio-Serial Interface created for VM.

I'm not convinced that we should be in the business of adding features to
Nova for integration with arbitrary, closed source host components which
we have no information about.

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread Sean Dague

On 09/30/2013 07:51 AM, Daniel P. Berrange wrote:
snip

I'm not convinced that we should be in the business of adding features to
Nova for integration with arbitrary, closed source host components which
we have no information about.


+1

-Sean

--
Sean Dague
http://dague.net

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread Russell Bryant
On 09/30/2013 07:57 AM, Sean Dague wrote:
 On 09/30/2013 07:51 AM, Daniel P. Berrange wrote:
 snip
 I'm not convinced that we should be in the business of adding features to
 Nova for integration with arbitrary, closed source host components which
 we have no information about.
 
 +1

+2

-- 
Russell Bryant

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread Ravi Chunduru
Let me present an use case.
Today Nova enables to launch guests of different types.  For real
deployments we would need appliances from various vendors to run as
instances.  Appliances can be Loadbalancer, Firewall, IPsec, Routers  or
UTM etc.,

These appliances can be tied up with Neutron Services and would need
configuration from various services like FWaaS, LBaaS, VPNaaS etc.,
One way to configure these appliances from Neutron Agents is by opening up
the so needed virtio unix channel socket and reach the configuration daemon
in the appliance.
Other approach is by having a separate network for management activities
and having agent to communicate to a daemon in netns to reach out to
appliance.

For us, it means additional daemon in the second approach. In case of first
approach it is similar to Vmware way of configuring appliance.

Check this for reference
http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd=displayKCexternalId=1010806

Please look from Network appliance perspective to enable this featue. I
welcome if you can suggest us if spicevm or generic qemu guest agent can
help. If so, how the adaptability with vendors can be solved.

Let me know if you need more information.

Thanks,
-Ravi.



On Mon, Sep 30, 2013 at 8:05 AM, Russell Bryant rbry...@redhat.com wrote:

 On 09/30/2013 07:57 AM, Sean Dague wrote:
  On 09/30/2013 07:51 AM, Daniel P. Berrange wrote:
  snip
  I'm not convinced that we should be in the business of adding features
 to
  Nova for integration with arbitrary, closed source host components which
  we have no information about.
 
  +1

 +2

 --
 Russell Bryant

 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev




-- 
Ravi
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread P Balaji-B37839
Hi Daniel,

Not sure that I conveyed the use case of this in Nova clearly. Please find the 
below as few more data points on this.

i)  Host to Guest Communication feature is good to have through 
Nova-Libvirt. Using generic Virtio-Serial Interface for this will be a better 
option because the dynamic apparmor abstractions file created for libvirt-qemu 
will take care of security aspects of Host.

ii) KVM Hypervisor using Libvirt needs VMCI [VMWare] kind of library which can 
support secure way of host-guest communication. Though this kind of library 
support in Libvirt is not available now, Using the existing Virtio-Serial 
Interface will be good to start with.

iii) We want to make KVM hypervisor with Libvirt more flexible enough so that 
different Networking Vendors can make use of it based on their Network 
Application Software Architecture.

iv)Though we can make use of Guest Agent, But it will add another daemon in 
Guest which is not optimal.

Regards,
Balaji.P




 -Original Message-
 From: Daniel P. Berrange [mailto:berra...@redhat.com]
 Sent: Monday, September 30, 2013 5:21 PM
 To: P Balaji-B37839
 Cc: OpenStack Development Mailing List
 Subject: Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for
 Nova libvirt driver
 
 On Mon, Sep 30, 2013 at 11:31:58AM +, P Balaji-B37839 wrote:
 Hi Daniel,

 Thanks for comments and examples.

 As you already know that for any application running on Host
 platform can communicate with Guest through Virtio-Serial device.
 What we are looking at is the security provided by Apparmor is
 crucial so that the Host will not allow any software running in
 Guest can access outside of the directories/files dynamically
 added in the libvirt-qemue configuration file of apparmor.

 As this file is created dynamically from Libvirt XML file, We
 are thinking that if we can expose Virtio-serial device of Guest
 through Dashboard [Horizon], Then it will be good from host
 security perspective and as well it is upto the User to enable
 virtio-serial interface based on his requirements like
 Application software
   requirement in Guest.
   
This doesn't really answer my question. There are 2 commonly
available agents (SPICE agent + QEMU guest agent) in the KVM world
and we have support for those in Nova at least. There may be UI
missing in Horizon to enable though. Any further agents would
require some kind of software integration on the host with either
qemu, libvirt or Nova itself. So any blueprint should specify what
that new agent is, and how it will be integrated in the Nova
 compute host.
[P Balaji-B37839]  Correct. Nova has support for the commonly
available agents as listed above. We are thinking about generic
interface which can be used by any application software in Guest.
More precisely, it will be like there won't be any agent in VM,
Instead any Application Software can use this generic
Virtio-Serial Interface to make use of communicating with Host.
Using libvirt frame work might be best option, so that security
aspects of exposing this interface can be
   taken care.
  
   Please fix your email client so that it properly indents text you
   are quoting with ' '. It makes it very hard to follow replies as
   your do it now.
  
   Communicating with *what* on the host ?
  [P Balaji-B37839] Here *what* refers to any daemon/agent which is
  proprietary based on the Application architecture inside Guest using
  the Virtio-Serial Interface created for VM.
 
 I'm not convinced that we should be in the business of adding features to
 Nova for integration with arbitrary, closed source host components which
 we have no information about.
 
 Daniel
 --
 |: http://berrange.com  -o-
 http://www.flickr.com/photos/dberrange/ :|
 |: http://libvirt.org  -o- http://virt-
 manager.org :|
 |: http://autobuild.org   -o-
 http://search.cpan.org/~danberr/ :|
 |: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-
 vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread P Balaji-B37839
Hi Ravi,

Thanks for giving reference examples.

Though I tried to give very generic use case without referring to Networking 
use cases. It is good that you referred to examples so that the community can 
understand the need for it.

Regards,
Balaji.P

From: Ravi Chunduru [mailto:ravi...@gmail.com]
Sent: Monday, September 30, 2013 10:16 PM
To: OpenStack Development Mailing List; Palanisamy, Anand
Cc: Sean Dague
Subject: Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova 
libvirt driver

Let me present an use case.
Today Nova enables to launch guests of different types.  For real deployments 
we would need appliances from various vendors to run as instances.  Appliances 
can be Loadbalancer, Firewall, IPsec, Routers  or UTM etc.,

These appliances can be tied up with Neutron Services and would need 
configuration from various services like FWaaS, LBaaS, VPNaaS etc.,
One way to configure these appliances from Neutron Agents is by opening up the 
so needed virtio unix channel socket and reach the configuration daemon in the 
appliance.
Other approach is by having a separate network for management activities and 
having agent to communicate to a daemon in netns to reach out to appliance.

For us, it means additional daemon in the second approach. In case of first 
approach it is similar to Vmware way of configuring appliance.

Check this for reference 
http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd=displayKCexternalId=1010806

Please look from Network appliance perspective to enable this featue. I welcome 
if you can suggest us if spicevm or generic qemu guest agent can help. If so, 
how the adaptability with vendors can be solved.

Let me know if you need more information.

Thanks,
-Ravi.


On Mon, Sep 30, 2013 at 8:05 AM, Russell Bryant 
rbry...@redhat.commailto:rbry...@redhat.com wrote:
On 09/30/2013 07:57 AM, Sean Dague wrote:
 On 09/30/2013 07:51 AM, Daniel P. Berrange wrote:
 snip
 I'm not convinced that we should be in the business of adding features to
 Nova for integration with arbitrary, closed source host components which
 we have no information about.

 +1
+2

--
Russell Bryant

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.orgmailto:OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



--
Ravi
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread Daniel P. Berrange
On Mon, Sep 30, 2013 at 09:46:02AM -0700, Ravi Chunduru wrote:
 Let me present an use case.
 Today Nova enables to launch guests of different types.  For real
 deployments we would need appliances from various vendors to run as
 instances.  Appliances can be Loadbalancer, Firewall, IPsec, Routers  or
 UTM etc.,
 
 These appliances can be tied up with Neutron Services and would need
 configuration from various services like FWaaS, LBaaS, VPNaaS etc.,
 One way to configure these appliances from Neutron Agents is by opening up
 the so needed virtio unix channel socket and reach the configuration daemon
 in the appliance.
 Other approach is by having a separate network for management activities
 and having agent to communicate to a daemon in netns to reach out to
 appliance.

Thanks, this is the kind of usage information I was asking for, wrt
host integration. This shows the use case for virtio-serial is as a
mechanism for integration between infrastructure pieces controlled by
the cloud admin, not as something that is targetted towards end users
of the cloud.

I think we need to have a detailed blueprint for this, describing the
use case(s) to be addressed and proposing some possible design(s).


Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread Ravi Chunduru
Alessandro,
 I agree with you. I created a Blueprint. Let us collaborate and achieve
this on all types of hypervisors.

All,

Here is the link for the BP as discussed.
https://blueprints.launchpad.net/nova/+spec/appliance-communication-channel

Thanks,
-Ravi.


On Mon, Sep 30, 2013 at 12:56 PM, Alessandro Pilotti 
apilo...@cloudbasesolutions.com wrote:

  Hi all,

  A host / guest communication channel can be useful in a lot of
 scenarios. What about thinking on a common interface to be implemented on
 other hypervisors as well and not only on KVM?
 We're planning to start working on something similar for Hyper-V and there
 were some chats about ideas related to XenServer as well (John?).

  Each hypervisor provides different ways of achieving this goal, but IMO
 it'd be fairly easy to define a common adapter interface.


  Alessandro


  On Sep 30, 2013, at 20:21 , Daniel P. Berrange berra...@redhat.com
 wrote:

 On Mon, Sep 30, 2013 at 09:46:02AM -0700, Ravi Chunduru wrote:

 Let me present an use case.
 Today Nova enables to launch guests of different types.  For real
 deployments we would need appliances from various vendors to run as
 instances.  Appliances can be Loadbalancer, Firewall, IPsec, Routers  or
 UTM etc.,

 These appliances can be tied up with Neutron Services and would need
 configuration from various services like FWaaS, LBaaS, VPNaaS etc.,
 One way to configure these appliances from Neutron Agents is by opening up
 the so needed virtio unix channel socket and reach the configuration daemon
 in the appliance.
 Other approach is by having a separate network for management activities
 and having agent to communicate to a daemon in netns to reach out to
 appliance.


 Thanks, this is the kind of usage information I was asking for, wrt
 host integration. This shows the use case for virtio-serial is as a
 mechanism for integration between infrastructure pieces controlled by
 the cloud admin, not as something that is targetted towards end users
 of the cloud.

 I think we need to have a detailed blueprint for this, describing the
 use case(s) to be addressed and proposing some possible design(s).


 Daniel
 --
 |: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/:|
 |: http://libvirt.org  -o- http://virt-manager.org:|
 |: http://autobuild.org   -o- http://search.cpan.org/~danberr/:|
 |: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc:|

 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev




-- 
Ravi
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-30 Thread P Balaji-B37839
Hi Ravi and Daniel,

Good that we all converged on the need for this support in Nova Libvirt Driver.

We will collaborate together on this blueprint and make it upstream for 
IceHouse.

Regards,
Balaji.P

 -Original Message-
 From: Daniel P. Berrange [mailto:berra...@redhat.com]
 Sent: Monday, September 30, 2013 11:52 PM
 To: OpenStack Development Mailing List
 Cc: Sean Dague
 Subject: Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for
 Nova libvirt driver
 
 On Mon, Sep 30, 2013 at 09:46:02AM -0700, Ravi Chunduru wrote:
  Let me present an use case.
  Today Nova enables to launch guests of different types.  For real
  deployments we would need appliances from various vendors to run as
  instances.  Appliances can be Loadbalancer, Firewall, IPsec, Routers
  or UTM etc.,
 
  These appliances can be tied up with Neutron Services and would need
  configuration from various services like FWaaS, LBaaS, VPNaaS etc.,
  One way to configure these appliances from Neutron Agents is by
  opening up the so needed virtio unix channel socket and reach the
  configuration daemon in the appliance.
  Other approach is by having a separate network for management
  activities and having agent to communicate to a daemon in netns to
  reach out to appliance.
 
 Thanks, this is the kind of usage information I was asking for, wrt host
 integration. This shows the use case for virtio-serial is as a mechanism
 for integration between infrastructure pieces controlled by the cloud
 admin, not as something that is targetted towards end users of the cloud.
 
 I think we need to have a detailed blueprint for this, describing the use
 case(s) to be addressed and proposing some possible design(s).
 
 
 Daniel
 --
 |: http://berrange.com  -o-
 http://www.flickr.com/photos/dberrange/ :|
 |: http://libvirt.org  -o- http://virt-
 manager.org :|
 |: http://autobuild.org   -o-
 http://search.cpan.org/~danberr/ :|
 |: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-
 vnc :|
 
 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-26 Thread Daniel P. Berrange
On Thu, Sep 26, 2013 at 03:05:16AM +, P Balaji-B37839 wrote:
 Hi Ravi,
 
 We did this as part of PoC few months back.
 
 Daniel can give us more comments on this as he is the lead for Libvirt
 support in Nova.

Just adding the ability to expose virtio-serial devices to the guest
doesn't do much. You need to have a credible story for what connects
and deals with the host side of the device in Nova. For the QEMU guest
agent, libvirt will own the host side and use it for various APIs it
supports. For the SPICE agent, QEMU owns the host side and uses it to
support functionality used by the SPICE client.

Regards,
Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova][libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-25 Thread P Balaji-B37839
Hi,

If anyone is already working on the below support for Nova, Please let us know.

Regards,
Balaji.P

-Original Message-
From: P Balaji-B37839 
Sent: Tuesday, September 24, 2013 4:10 PM
To: openstack-dev@lists.openstack.org
Cc: Addepalli Srini-B22160; Mannidi Purandhar Sairam-B39209; Lingala Srikanth 
Kumar-B37208; Somanchi Trinath-B39208; B Veera-B37207
Subject: [openstack-dev][Nova] Virtio-Serial support for Nova libvirt driver

Hi,

Virtio-Serial interface support for Nova - Libvirt is not available now. Some 
VMs who wants to access the Host may need like running qemu-guest-agent or any 
proprietary software want to use this mode of communication with Host.

Qemu-GA uses virtio-serial communication.

We want to propose a blue-print on this for IceHouse Release.

Anybody interested on this.

Regards,
Balaji.P


___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-25 Thread balaji patnala
Hi Haomai,

Thanks for your interest on this.

The code check-ins done against the below bp are more specific to Qemu
Guest Agent.

 https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support


Our requirement is to enable Virtio-Serial Interface to the applications
running in VM.

Do you have the same requirement?

We will share the draft BP on this.


Any comments on this approach will be helpful.

Regards,
Balaji.P


On Tue, Sep 24, 2013 at 8:10 PM, Haomai Wang hao...@unitedstack.com wrote:


 On Sep 24, 2013, at 6:40 PM, P Balaji-B37839 b37...@freescale.com wrote:

  Hi,
 
  Virtio-Serial interface support for Nova - Libvirt is not available now.
 Some VMs who wants to access the Host may need like running
 qemu-guest-agent or any proprietary software want to use this mode of
 communication with Host.
 
  Qemu-GA uses virtio-serial communication.
 
  We want to propose a blue-print on this for IceHouse Release.
 
  Anybody interested on this.

 Great! We have common interest and I hope we can promote it for IceHouse.

 BTW, do you have a initial plan or description about it.

 And I think this bp may invoke.
 https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support

 
  Regards,
  Balaji.P
 
 
  ___
  OpenStack-dev mailing list
  OpenStack-dev@lists.openstack.org
  http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

 Best regards,
 Haomai Wang, UnitedStack Inc.


 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-25 Thread P Balaji-B37839
Hi Wangpan,
Thanks for Information and suggestions.
We want to have generic virtio-serial interface for Libvirt  and applications 
can use this irrespective of Qemu Guest Agent in VM.
As suggested, Daniel can throw some light on this and help us.
Regards,
Balaji.P



From: Wangpan [mailto:hzwang...@corp.netease.com]
Sent: Wednesday, September 25, 2013 3:24 PM
To: OpenStack Development Mailing List
Subject: Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova 
libvirt driver

Hi all,

I'm the owner of this bp 
https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support
and Daniel Berrange gave me lots of help about implementing this bp, and the 
original idea of mine is the same as yours.
So I think the opinion of Daniel will be very useful.

2013-09-25

Wangpan

发件人:balaji patnala patnala...@gmail.com
发送时间:2013-09-25 22:36
主题:Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt 
driver
收件人:OpenStack Development Mailing Listopenstack-dev@lists.openstack.org
抄送:

Hi Haomai,

Thanks for your interest on this.

The code check-ins done against the below bp are more specific to Qemu Guest 
Agent.

 https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support


Our requirement is to enable Virtio-Serial Interface to the applications 
running in VM.

Do you have the same requirement?

We will share the draft BP on this.


Any comments on this approach will be helpful.

Regards,
Balaji.P

On Tue, Sep 24, 2013 at 8:10 PM, Haomai Wang 
hao...@unitedstack.commailto:hao...@unitedstack.com wrote:

On Sep 24, 2013, at 6:40 PM, P Balaji-B37839 
b37...@freescale.commailto:b37...@freescale.com wrote:

 Hi,

 Virtio-Serial interface support for Nova - Libvirt is not available now. Some 
 VMs who wants to access the Host may need like running qemu-guest-agent or 
 any proprietary software want to use this mode of communication with Host.

 Qemu-GA uses virtio-serial communication.

 We want to propose a blue-print on this for IceHouse Release.

 Anybody interested on this.
Great! We have common interest and I hope we can promote it for IceHouse.

BTW, do you have a initial plan or description about it.

And I think this bp may invoke. 
https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support


 Regards,
 Balaji.P


 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.orgmailto:OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Best regards,
Haomai Wang, UnitedStack Inc.


___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.orgmailto:OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-25 Thread Ravi Chunduru
I am working on this generic virtio-serial interface for appliances. To
start with I experimented on existing Wangpan's added feature on
hw_qemu_guest agent. I am preparing to propose a blueprint to modify it for
generic use and open to collaborate.

I could bring up VM with generic source path(say /tmp/appliance_port) and
target name(appliance_port). But I see qemu listening on the unix socket in
host as soon as I start the VM. If we want to have our server program on
host listening, that should not happen. How do I overcome that?

Thanks,
-Ravi.



On Wed, Sep 25, 2013 at 3:01 AM, P Balaji-B37839 b37...@freescale.comwrote:

 

 Hi Wangpan,

 Thanks for Information and suggestions.

 We want to have generic virtio-serial interface for Libvirt  and
 applications can use this irrespective of Qemu Guest Agent in VM.

 As suggested, Daniel can throw some light on this and help us.

 Regards,

 Balaji.P

 ** **

 ** **

 ** **

 *From:* Wangpan [mailto:hzwang...@corp.netease.com]
 *Sent:* Wednesday, September 25, 2013 3:24 PM
 *To:* OpenStack Development Mailing List
 *Subject:* Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for
 Nova libvirt driver

 ** **

 Hi all,

  

 I'm the owner of this bp
 https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support

 and Daniel Berrange gave me lots of help about implementing this bp, and
 the original idea of mine is the same as yours.

 So I think the opinion of Daniel will be very useful.

  

 2013-09-25
  --

 Wangpan
   --

 *发件人:*balaji patnala patnala...@gmail.com

 *发送时间:*2013-09-25 22:36

 *主**题:*Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for
 Nova libvirt driver

 *收件人:*OpenStack Development Mailing List
 openstack-dev@lists.openstack.org

 *抄送:*

  

 Hi Haomai, 

 ** **

 Thanks for your interest on this.

 ** **

 The code check-ins done against the below bp are more specific to Qemu
 Guest Agent.

 ** **

  https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support

 ** **

 ** **

 Our requirement is to enable Virtio-Serial Interface to the applications
 running in VM.

 ** **

 Do you have the same requirement?

 ** **

 We will share the draft BP on this.

 ** **

 ** **

 Any comments on this approach will be helpful.

 ** **

 Regards,

 Balaji.P

 ** **

 On Tue, Sep 24, 2013 at 8:10 PM, Haomai Wang hao...@unitedstack.com
 wrote:


 On Sep 24, 2013, at 6:40 PM, P Balaji-B37839 b37...@freescale.com wrote:

  Hi,
 
  Virtio-Serial interface support for Nova - Libvirt is not available now.
 Some VMs who wants to access the Host may need like running
 qemu-guest-agent or any proprietary software want to use this mode of
 communication with Host.
 
  Qemu-GA uses virtio-serial communication.
 
  We want to propose a blue-print on this for IceHouse Release.
 
  Anybody interested on this.

 Great! We have common interest and I hope we can promote it for IceHouse.

 BTW, do you have a initial plan or description about it.

 And I think this bp may invoke.
 https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support


 
  Regards,
  Balaji.P
 
 
  ___
  OpenStack-dev mailing list
  OpenStack-dev@lists.openstack.org
  http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

 Best regards,
 Haomai Wang, UnitedStack Inc.



 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

 ** **

 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev




-- 
Ravi
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-25 Thread Ravi Chunduru
I got this working after I made guest to behave as serial device and host
side program as unix socket based client.
Now all set to collaborate the BP  with the use case.

Thanks,
-Ravi.


On Wed, Sep 25, 2013 at 8:09 AM, Ravi Chunduru ravi...@gmail.com wrote:

 I am working on this generic virtio-serial interface for appliances. To
 start with I experimented on existing Wangpan's added feature on
 hw_qemu_guest agent. I am preparing to propose a blueprint to modify it for
 generic use and open to collaborate.

 I could bring up VM with generic source path(say /tmp/appliance_port) and
 target name(appliance_port). But I see qemu listening on the unix socket in
 host as soon as I start the VM. If we want to have our server program on
 host listening, that should not happen. How do I overcome that?

 Thanks,
 -Ravi.



 On Wed, Sep 25, 2013 at 3:01 AM, P Balaji-B37839 b37...@freescale.comwrote:

 

 Hi Wangpan,

 Thanks for Information and suggestions.

 We want to have generic virtio-serial interface for Libvirt  and
 applications can use this irrespective of Qemu Guest Agent in VM.

 As suggested, Daniel can throw some light on this and help us.

 Regards,

 Balaji.P

 ** **

 ** **

 ** **

 *From:* Wangpan [mailto:hzwang...@corp.netease.com]
 *Sent:* Wednesday, September 25, 2013 3:24 PM
 *To:* OpenStack Development Mailing List
 *Subject:* Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support
 for Nova libvirt driver

 ** **

 Hi all,

  

 I'm the owner of this bp
 https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support

 and Daniel Berrange gave me lots of help about implementing this bp, and
 the original idea of mine is the same as yours.

 So I think the opinion of Daniel will be very useful.

  

 2013-09-25
  --

 Wangpan
   --

 *发件人:*balaji patnala patnala...@gmail.com

 *发送时间:*2013-09-25 22:36

 *主**题:*Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for
 Nova libvirt driver

 *收件人:*OpenStack Development Mailing List
 openstack-dev@lists.openstack.org

 *抄送:*

  

 Hi Haomai, 

 ** **

 Thanks for your interest on this.

 ** **

 The code check-ins done against the below bp are more specific to Qemu
 Guest Agent.

 ** **

  https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support

 ** **

 ** **

 Our requirement is to enable Virtio-Serial Interface to the applications
 running in VM.

 ** **

 Do you have the same requirement?

 ** **

 We will share the draft BP on this.

 ** **

 ** **

 Any comments on this approach will be helpful.

 ** **

 Regards,

 Balaji.P

 ** **

 On Tue, Sep 24, 2013 at 8:10 PM, Haomai Wang hao...@unitedstack.com
 wrote:


 On Sep 24, 2013, at 6:40 PM, P Balaji-B37839 b37...@freescale.com
 wrote:

  Hi,
 
  Virtio-Serial interface support for Nova - Libvirt is not available
 now. Some VMs who wants to access the Host may need like running
 qemu-guest-agent or any proprietary software want to use this mode of
 communication with Host.
 
  Qemu-GA uses virtio-serial communication.
 
  We want to propose a blue-print on this for IceHouse Release.
 
  Anybody interested on this.

 Great! We have common interest and I hope we can promote it for IceHouse.

 BTW, do you have a initial plan or description about it.

 And I think this bp may invoke.
 https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support


 
  Regards,
  Balaji.P
 
 
  ___
  OpenStack-dev mailing list
  OpenStack-dev@lists.openstack.org
  http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

 Best regards,
 Haomai Wang, UnitedStack Inc.



 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

 ** **

 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev




 --
 Ravi




-- 
Ravi
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt driver

2013-09-25 Thread P Balaji-B37839
Hi Ravi,

We did this as part of PoC few months back.

Daniel can give us more comments on this as he is the lead for Libvirt support 
in Nova.

Regards,
Balaji.P



From: Ravi Chunduru [mailto:ravi...@gmail.com]
Sent: Thursday, September 26, 2013 12:35 AM
To: OpenStack Development Mailing List
Subject: Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova 
libvirt driver

I got this working after I made guest to behave as serial device and host side 
program as unix socket based client.
Now all set to collaborate the BP  with the use case.

Thanks,
-Ravi.

On Wed, Sep 25, 2013 at 8:09 AM, Ravi Chunduru 
ravi...@gmail.commailto:ravi...@gmail.com wrote:
I am working on this generic virtio-serial interface for appliances. To start 
with I experimented on existing Wangpan's added feature on hw_qemu_guest agent. 
I am preparing to propose a blueprint to modify it for generic use and open to 
collaborate.

I could bring up VM with generic source path(say /tmp/appliance_port) and 
target name(appliance_port). But I see qemu listening on the unix socket in 
host as soon as I start the VM. If we want to have our server program on host 
listening, that should not happen. How do I overcome that?

Thanks,
-Ravi.


On Wed, Sep 25, 2013 at 3:01 AM, P Balaji-B37839 
b37...@freescale.commailto:b37...@freescale.com wrote:
Hi Wangpan,
Thanks for Information and suggestions.
We want to have generic virtio-serial interface for Libvirt  and applications 
can use this irrespective of Qemu Guest Agent in VM.
As suggested, Daniel can throw some light on this and help us.
Regards,
Balaji.P



From: Wangpan 
[mailto:hzwang...@corp.netease.commailto:hzwang...@corp.netease.com]
Sent: Wednesday, September 25, 2013 3:24 PM
To: OpenStack Development Mailing List
Subject: Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova 
libvirt driver

Hi all,

I'm the owner of this bp 
https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support
and Daniel Berrange gave me lots of help about implementing this bp, and the 
original idea of mine is the same as yours.
So I think the opinion of Daniel will be very useful.

2013-09-25

Wangpan

发件人:balaji patnala patnala...@gmail.commailto:patnala...@gmail.com
发送时间:2013-09-25 22tel:2013-09-25%C2%A022:36
主题:Re: [openstack-dev] [Nova] [Libvirt] Virtio-Serial support for Nova libvirt 
driver
收件人:OpenStack Development Mailing 
Listopenstack-dev@lists.openstack.orgmailto:openstack-dev@lists.openstack.org
抄送:

Hi Haomai,

Thanks for your interest on this.

The code check-ins done against the below bp are more specific to Qemu Guest 
Agent.

 https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support


Our requirement is to enable Virtio-Serial Interface to the applications 
running in VM.

Do you have the same requirement?

We will share the draft BP on this.


Any comments on this approach will be helpful.

Regards,
Balaji.P

On Tue, Sep 24, 2013 at 8:10 PM, Haomai Wang 
hao...@unitedstack.commailto:hao...@unitedstack.com wrote:

On Sep 24, 2013, at 6:40 PM, P Balaji-B37839 
b37...@freescale.commailto:b37...@freescale.com wrote:

 Hi,

 Virtio-Serial interface support for Nova - Libvirt is not available now. Some 
 VMs who wants to access the Host may need like running qemu-guest-agent or 
 any proprietary software want to use this mode of communication with Host.

 Qemu-GA uses virtio-serial communication.

 We want to propose a blue-print on this for IceHouse Release.

 Anybody interested on this.
Great! We have common interest and I hope we can promote it for IceHouse.

BTW, do you have a initial plan or description about it.

And I think this bp may invoke. 
https://blueprints.launchpad.net/nova/+spec/qemu-guest-agent-support


 Regards,
 Balaji.P


 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.orgmailto:OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Best regards,
Haomai Wang, UnitedStack Inc.


___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.orgmailto:OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.orgmailto:OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



--
Ravi



--
Ravi
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev