Re: qemu:///embed and isolation from global components

2020-03-19 Thread Daniel P . Berrangé
On Thu, Mar 19, 2020 at 10:21:39AM +0100, Andrea Bolognani wrote: > On Wed, 2020-03-18 at 18:01 +0100, Michal Prívozník wrote: > > On 18. 3. 2020 16:47, Andrea Bolognani wrote: > > > if I use either one of > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > both

Re: qemu:///embed and isolation from global components

2020-03-19 Thread Andrea Bolognani
On Wed, 2020-03-18 at 18:01 +0100, Michal Prívozník wrote: > On 18. 3. 2020 16:47, Andrea Bolognani wrote: > > if I use either one of > > > > > > > > > > > > > > > > > > > > both qemu:///embed instances try to use the same paths: > > > >

Re: qemu:///embed and isolation from global components

2020-03-18 Thread Michal Prívozník
On 18. 3. 2020 16:47, Andrea Bolognani wrote: > On Mon, 2020-03-09 at 18:04 +, Daniel P. Berrangé wrote: >> At a high level the embedded QEMU driver >> >> - Isolated from any other instance of the QEMU driver > > Replying here because it looks as good a place as any. > > Now that Michal has

Re: qemu:///embed and isolation from global components

2020-03-18 Thread Andrea Bolognani
On Mon, 2020-03-09 at 18:04 +, Daniel P. Berrangé wrote: > At a high level the embedded QEMU driver > > - Isolated from any other instance of the QEMU driver Replying here because it looks as good a place as any. Now that Michal has made it so that identically-name domains defined under

Re: qemu:///embed and isolation from global components

2020-03-12 Thread Andrea Bolognani
On Wed, 2020-03-11 at 09:53 +, Daniel P. Berrangé wrote: > On Tue, Mar 10, 2020 at 07:25:46PM +0100, Andrea Bolognani wrote: > > In your scenario, when you don't specify a scope you get the same > > one as the primary driver is using (this matches the current > > behavior): so if you are using

Re: qemu:///embed and isolation from global components

2020-03-12 Thread Daniel P . Berrangé
On Thu, Mar 12, 2020 at 01:50:49PM +0100, Andrea Bolognani wrote: > On Thu, 2020-03-12 at 12:09 +, Daniel P. Berrangé wrote: > > On Thu, Mar 12, 2020 at 12:57:36PM +0100, Andrea Bolognani wrote: > > > Honestly, so far I haven't been able to figure out the use case for > > > registering libvirt

Re: qemu:///embed and isolation from global components

2020-03-12 Thread Andrea Bolognani
On Thu, 2020-03-12 at 12:09 +, Daniel P. Berrangé wrote: > On Thu, Mar 12, 2020 at 12:57:36PM +0100, Andrea Bolognani wrote: > > Honestly, so far I haven't been able to figure out the use case for > > registering libvirt VMs with machined either :) > > > > Most of the operations are either

Re: qemu:///embed and isolation from global components

2020-03-12 Thread Daniel P . Berrangé
On Thu, Mar 12, 2020 at 12:57:36PM +0100, Andrea Bolognani wrote: > On Wed, 2020-03-11 at 17:32 +0100, Michal Privoznik wrote: > > I still don't quite see the value in machinectl (maybe because I'm not > > using systemd :-D) > > Honestly, so far I haven't been able to figure out the use case for

Re: qemu:///embed and isolation from global components

2020-03-12 Thread Andrea Bolognani
On Wed, 2020-03-11 at 17:32 +0100, Michal Privoznik wrote: > I still don't quite see the value in machinectl (maybe because I'm not > using systemd :-D) Honestly, so far I haven't been able to figure out the use case for registering libvirt VMs with machined either :) Most of the operations are

Re: qemu:///embed and isolation from global components

2020-03-11 Thread Michal Privoznik
On 3/10/20 4:42 PM, Andrea Bolognani wrote: On Mon, 2020-03-09 at 18:04 +, Daniel P. Berrangé wrote: On Mon, Mar 09, 2020 at 06:09:13PM +0100, Andrea Bolognani wrote: On Fri, 2020-03-06 at 17:49 +, Daniel P. Berrangé wrote: On Fri, Mar 06, 2020 at 06:24:15PM +0100, Andrea Bolognani

Re: qemu:///embed and isolation from global components

2020-03-11 Thread Christophe de Dinechin
Le 9 mars 2020 à 14:03, Michal Privoznik a écrit : > > On 3/6/20 6:49 PM, Daniel P. Berrangé wrote: >>> On Fri, Mar 06, 2020 at 06:24:15PM +0100, Andrea Bolognani wrote: >>> Recently I've been working on integrating qemu:///embed into an >>> application. It's been reasonably smooth so far :)

Re: qemu:///embed and isolation from global components

2020-03-11 Thread Daniel P . Berrangé
On Tue, Mar 10, 2020 at 07:25:46PM +0100, Andrea Bolognani wrote: > On Tue, 2020-03-10 at 16:00 +, Daniel P. Berrangé wrote: > > The split daemon model is intended to allow us to address this > > long standing design flaw, by allowing the QEMU session driver > > to optionally talk to a

Re: qemu:///embed and isolation from global components

2020-03-10 Thread Andrea Bolognani
On Tue, 2020-03-10 at 16:00 +, Daniel P. Berrangé wrote: > The split daemon model is intended to allow us to address this > long standing design flaw, by allowing the QEMU session driver > to optionally talk to a secondary driver running with different > privileges, instead of the instance

Re: qemu:///embed and isolation from global components

2020-03-10 Thread Daniel P . Berrangé
On Tue, Mar 10, 2020 at 04:42:57PM +0100, Andrea Bolognani wrote: > On Mon, 2020-03-09 at 18:04 +, Daniel P. Berrangé wrote: > > Of course when we do connect to virnetworkd, we MUST ensure that > > anything we do preserves isolation from other QEMU driver instances. > > > > I would also note

Re: qemu:///embed and isolation from global components

2020-03-10 Thread Andrea Bolognani
On Mon, 2020-03-09 at 18:04 +, Daniel P. Berrangé wrote: > On Mon, Mar 09, 2020 at 06:09:13PM +0100, Andrea Bolognani wrote: > > On Fri, 2020-03-06 at 17:49 +, Daniel P. Berrangé wrote: > > > On Fri, Mar 06, 2020 at 06:24:15PM +0100, Andrea Bolognani wrote: [...] > > Aside: instead of a

Re: qemu:///embed and isolation from global components

2020-03-09 Thread Daniel P . Berrangé
On Mon, Mar 09, 2020 at 06:09:13PM +0100, Andrea Bolognani wrote: > On Fri, 2020-03-06 at 17:49 +, Daniel P. Berrangé wrote: > > On Fri, Mar 06, 2020 at 06:24:15PM +0100, Andrea Bolognani wrote: > > > * it does, however, show up in the output of 'machinectl', with > > > class=vm and

Re: qemu:///embed and isolation from global components

2020-03-09 Thread Andrea Bolognani
On Fri, 2020-03-06 at 17:49 +, Daniel P. Berrangé wrote: > On Fri, Mar 06, 2020 at 06:24:15PM +0100, Andrea Bolognani wrote: > > * it does, however, show up in the output of 'machinectl', with > > class=vm and service=libvirt-qemu; > > This is bad. It is one of the gaps we need to deal

Re: qemu:///embed and isolation from global components

2020-03-09 Thread Michal Privoznik
On 3/6/20 6:49 PM, Daniel P. Berrangé wrote: On Fri, Mar 06, 2020 at 06:24:15PM +0100, Andrea Bolognani wrote: Recently I've been working on integrating qemu:///embed into an application. It's been reasonably smooth so far :) There's one thing, however, that has caused a bit of confusion, and

Re: qemu:///embed and isolation from global components

2020-03-06 Thread Daniel P . Berrangé
On Fri, Mar 06, 2020 at 06:24:15PM +0100, Andrea Bolognani wrote: > Recently I've been working on integrating qemu:///embed into an > application. It's been reasonably smooth so far :) > > There's one thing, however, that has caused a bit of confusion, and > I would like to clarify whether my

qemu:///embed and isolation from global components

2020-03-06 Thread Andrea Bolognani
Recently I've been working on integrating qemu:///embed into an application. It's been reasonably smooth so far :) There's one thing, however, that has caused a bit of confusion, and I would like to clarify whether my expectations are incorrect, there are genuine bugs in the implementation that