Branch 'f12' - en-US/Virtualization.xml
Zach Oglesby
zoglesby at fedoraproject.org
Wed Sep 16 21:30:24 UTC 2009
en-US/Virtualization.xml | 189 ++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 188 insertions(+), 1 deletion(-)
New commits:
commit 74c80451fe018902a873b115963b471ac7ffbaf3
Author: Zach Oglesby <zoglesby at fedoraproject.org>
Date: Wed Sep 16 23:11:13 2009 +0200
Updated Virtualization XML
diff --git a/en-US/Virtualization.xml b/en-US/Virtualization.xml
index 98faccb..8ffa9ac 100644
--- a/en-US/Virtualization.xml
+++ b/en-US/Virtualization.xml
@@ -323,7 +323,194 @@
</itemizedlist>
</para>
</section>
-
+ <section>
+ <title>Virt Privileges</title>
+ <para>
+ Changes have been introduced for QEMU/KVM virtual machines to improve host security in the event of a flaw in the QEMU binary.
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Permissions on /dev/kvm have been updated to allow unprivileged
+ users to utilize KVM hardware acceleration.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ QEMU processes spawned by virt-manager on a local desktop install
+ now run as the desktop user.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ QEMU processes spawned by the privileged libvirtd daemon now run
+ as an unprivileged account, user 'qemu', group 'qemu'.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ libvirtd will change ownership of any disks assigned to a virtual
+ machine at startup, to user 'qemu', group 'qemu', except for
+ readonly/shared disks.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ To revert to previous Fedora behaviour of running all QEMU
+ instances as 'root', two config parameters are introduced in
+ /etc/libvirt/qemu.conf. It is not recommended to change these.
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ For further details refer to:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <ulink type="http" url=
+ "http://fedoraproject.org/wiki/Features/VirtPrivileges" />
+ </para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section>
+ <title>Virt Storage Management</title>
+ <para>
+ Fibre Channel N_Port ID Virtualization or NPIV allows the creation of
+ multiple virtual N_Ports on a single physical host bus adapter. The
+ libvirt node device APIs have been extended to create and destroy virtual
+ adapters using NPIV.
+ </para>
+ <para>
+ The APIs permitting storage discovery and pool creation have been extended
+ to discover and rescan storage on a per-SCSI-host basis. Administrators
+ may now discover, configure, and provision storage for virtual machines
+ without the need for multiple tools.
+ </para>
+ <para>
+ For further details refer to:
+ <itemizedlist>
+ <listitem>
+ <para>
+ <ulink type="http" url=
+ "http://fedoraproject.org/wiki/Features/VirtStorageManagement" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <ulink type="http" url=
+ "http://libvirt.org/storage.html" />
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </section>
+ <section>
+ <title>Other Improvements</title>
+ <section>
+ <title>Libvirt Technology Compatibility Kit</title>
+ <para>
+ Fedora now includes the libvirt Technology Compatibility Kit
+ (TCK). The TCK is a functional test suite which provides detailed
+ reports on functionality available for each libvirt driver and can
+ be used to quickly identify failures or regressions in the
+ development of Fedora's virtualization features.
+ </para>
+ <para>
+ For further details refer to:
+ <itemizedlist>
+ <listitem>
+ <para>
+ <ulink type="http" url=
+ "http://fedoraproject.org/wiki/Features/VirtTCK" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <ulink type="http" url=
+ "http://libvirt.org/drivers.html" />
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </section>
+ <section>
+ <title>Virtualization Technology Preview Repo</title>
+ <para>
+ The Virtualization Preview Repository has been created for people who
+ would like to test the very latest virtualization related
+ packages. This repo is intended primarily as an aid to testing and
+ early experimentation. It is not intended for 'production' deployment.
+ </para>
+ <para>
+ For further details refer to:
+ <itemizedlist>
+ <listitem>
+ <para>
+ <ulink type="http" url=
+ "http://fedoraproject.org/wiki/Virtualization_Preview_Repository"
+ />
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </section>
+ <section>
+ <title>Xen Kernel Support</title>
+ <para>
+ The kernel package in Fedora 12 supports booting as a guest domU, but
+ will not function as a dom0 until such support is provided
+ upstream. Work is ongoing and hopes are high that support will be
+ included in kernel 2.6.33 and Fedora 13.
+ </para>
+ <para>
+ The most recent Fedora release with dom0 support is Fedora 8.
+ </para>
+ <para>
+ Booting a Xen domU guest within a Fedora 12 host requires the KVM
+ based xenner. Xenner runs the guest kernel and a small Xen emulator
+ together as a KVM guest.
+ </para>
+ <important>
+ <title>KVM requires hardware virtualization features in the host
+ system.</title>
+ <para>
+ Systems lacking hardware virtualization do not support Xen guests at
+ this time.
+ </para>
+ </important>
+ <para>
+ For further details refer to:
+ <itemizedlist>
+ <listitem>
+ <para>
+ <ulink type="http" url=
+ "http://sourceforge.net/projects/kvm" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <ulink type="http" url=
+ "http://kraxel.fedorapeople.org/xenner/" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <ulink type="http" url=
+ "http://fedoraproject.org/wiki/Features/XenPvops" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <ulink type="http" url=
+ "http://fedoraproject.org/wiki/Features/XenPvopsDom0" />
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </section>
+ </section>
</section>
More information about the Fedora-docs-commits
mailing list