[fedora-virt] F12 feature: Host information

James Hubbard jameshubbard at gmail.com
Tue Jun 16 16:38:37 UTC 2009 

On Tue, Jun 16, 2009 at 12:20 PM, Daniel P. Berrange<berrange at redhat.com> wrote:
> On Tue, Jun 16, 2009 at 12:14:59PM -0400, James Hubbard wrote:
>> On Tue, Jun 16, 2009 at 12:08 PM, Richard W.M. Jones<rjones at redhat.com> wrote:
>> > On Tue, Jun 16, 2009 at 02:40:34PM +0100, Anand Kumria wrote:
>> >> For the guest side, it sounds like you will be inventing a text based
>> >> protocol to ask for statistical information about the host -- I just wonder
>> >> if such a protocol already exists. And if there is already a client for
>> >> that, then the guest side would just be the channel hookup, rather than any
>> >> client dev.
>> >
>> > I'm not aware of an existing protocol for that.  Does anyone
>> > have any suggestions?
>>
>> Can't the data be published via SNMP and the admin could configure
>> what ever method to expose that to potential users?
>
> It is not explicit in Richard's feature page, but a core goal of this
> hostinfo service is to avoid any use of networking. We don't want to
> presume that a guest has a NIC, nor that the host has a configured
> NIC on the same LAN as the guest.

So for the situation where there is no NIC/network you have the following:
a. Display, keyboard, mouse, sound exported in some way that allows
    use without the machine having network access.  (This could be
    useful for secure environments.)
b. VM starts image where batch processing occurs.  No user connectivity.
    I don't understand how providing that information to the batch processor
    could help, unless it decides to wait until the machine isn't loaded.

For not on the same LAN:
a. The admin still could provision snmp to send results to the appropriate
    host.

As far as it being a serial device, why not export a host serial
device that any guest could connect to and make it readonly from the
guest and not even allow the guest to send data to the host?  The host
would constantly send data to the serial device.

I'm not knocking the idea.   it just seems like a feature waiting for
abuse or a potential security  problem.

More information about the Fedora-virt mailing list