From Fedora Project Wiki

< FWN‎ | Beats

Line 32: Line 32:


"The purpose of this release is to establish a proof of concept of applying  
"The purpose of this release is to establish a proof of concept of applying  
security labels to VMs, and for discussion of the underlying technical  
security labels to VMs, and for discussion of the underlying technical approach."
approach.
 
With this release, it is possible to define a security label for a
kvm/qemu domain in its XML configuration ('virsh edit'), launch the domain
and have it transition to the specified security label ('virsh start'),
then query the security label of the running domain ('virsh dominfo')."


"With this release, it is possible to define a security label for a
<code>KVM</code>/<code>QEMU</code> domain in its XML configuration ('<code>virsh edit</code>'), launch the domain
and have it transition to the specified security label ('<code>virsh start</code>'),
then query the security label of the running domain ('<code>virsh dominfo</code>')."


[1] https://www.redhat.com/archives/libvir-list/2008-October/msg00478.html
[1] https://www.redhat.com/archives/libvir-list/2008-October/msg00478.html

Revision as of 22:23, 26 October 2008

Virtualization

In this section, we cover discussion on the @et-mgmnt-tools-list, @fedora-xen-list, @libvirt-list and @ovirt-devel-list of Fedora virtualization technologies.

Contributing Writer: Dale Bewley

Enterprise Management Tools List

This section contains the discussion happening on the et-mgmt-tools list

Fedora Xen List

This section contains the discussion happening on the fedora-xen list.

DomU I/O Performance Sanity Check

Ask Bjørn Hansen asked[1] if the disk throughput he experienced matched what others see. The dom0 host achieved 120MB/sec sequential write speed, and a domU only 22MB/sec.

Troels Arvin's experiences with paravirt Xen on raw devices were fine for normal I/O but bad for low-level operations like file system creation. Troel also posted[3] some benchmark results in 2007.

[1] https://www.redhat.com/archives/fedora-xen/2008-October/msg00012.html

[2] https://www.redhat.com/archives/fedora-xen/2008-October/msg00013.html

[3] http://article.gmane.org/gmane.comp.emulators.xen.user/29483

Libvirt List

This section contains the discussion happening on the libvir-list.

sVirt Initial Prototype Release

James Morris requested[1] comments on an initial prototype of sVirt[2] v0.10. sVirt was first mentioned in FWN #138[3].

"The purpose of this release is to establish a proof of concept of applying security labels to VMs, and for discussion of the underlying technical approach."

"With this release, it is possible to define a security label for a KVM/QEMU domain in its XML configuration ('virsh edit'), launch the domain and have it transition to the specified security label ('virsh start'), then query the security label of the running domain ('virsh dominfo')."

[1] https://www.redhat.com/archives/libvir-list/2008-October/msg00478.html

[2] http://www.selinuxproject.org/page/SVirt

[3] http://fedoraproject.org/wiki/FWN/Issue138#sVirt_project_to_Integrate_SELinux_and_Linux-based_Virtualization

Hot-add SCSI/VirtIO Disks for KVM Guests

Guido Günther supplied[1] a patch to add hot plugging and unplugging[2] of SCSI/VirtIO disks for KVM guests.

[1] https://www.redhat.com/archives/libvir-list/2008-October/msg00391.html

[2] https://www.redhat.com/archives/libvir-list/2008-October/msg00427.html

Domain Events Support Completed

After three[1] rounds, Ben Guthro's domain events patches have been committed. This major API addition led[2] Daniel Veillard to speculate that the next release version number may jump to 0.5.0. Domain events are only emitted from KVM guests. The other hypervisor drivers will require more work to properly emit domain events.

The python bindings are forthcoming. [3]

[1] https://www.redhat.com/archives/libvir-list/2008-October/msg00537.html

[2] https://www.redhat.com/archives/libvir-list/2008-October/msg00594.html

[3] https://www.redhat.com/archives/libvir-list/2008-October/msg00598.html

oVirt Devel List

This section contains the discussion happening on the ovirt-devel list.