On Wed, Nov 06, 2013 at 01:59:14PM -0500, mrhi...@linux.vnet.ibm.com wrote: > From: "Michael R. Hines" <mrhi...@us.ibm.com> > > As far as we can tell, all known bugs have been fixed:
[snip] > 3. Libvirt patches are ready [snip] > Objections? There was a first round of patches posted to the libvirt list back in July, but those were rejected since QEMU side was still in flux. More seriously though, from discussions at the KVM Forum it sounds like there is a significant problem in actually using the RDMA code. Unfortunately I can't remember who I was talking with about it, but I was told that it requires the QEMU process to run as root in order to talk to some of the kernel interfaces, and requires manual updates to the cgroups device ACL to allow QEMU access to some RMDA related device nodes. For this to be supportable in libvirt, we need this to work when QEMU is running as an unprivileged user/group ID. If access to any privileged resources is required, then there needs to be a way to get privilege separation. Either libvirtd would need to change file ownership to grant QEMU access to resources, or libvirtd would need to open the resources & pass a FD across to QEMU. Running QEMU as root is a non-starter. I don't recall any new version of the patches being posted since then to address this problem, so from the libvirt POV I don't think this is ready, unelss I was mis-informed about this permission problem. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|