[libvirt] [Qemu-devel] Re: Libvirt debug API

Avi Kivity avi at redhat.com
Mon Apr 26 14:25:39 UTC 2010


On 04/26/2010 05:19 PM, Anthony Liguori wrote:
> On 04/26/2010 09:01 AM, Avi Kivity wrote:
>> On 04/26/2010 04:43 PM, Anthony Liguori wrote:
>>> The reason I lean toward the direct launch model is that it gives 
>>> the user a lot of flexibility in terms of using things like 
>>> namespaces, DAC, cgroups, capabilities, etc.  A lot of potential 
>>> features are lost when you do indirect launch because you have to 
>>> teach the daemon how to support each of these features.
>>
>> But what's the alternative?  Teach the user how to do all these things?
>
> You can expose layers of API.  The lowest layer makes no changes to 
> the security context.  A higher (optional) layer could do dynamic 
> labelling.

Or a library that the user-written launcher calls.  Or a plugin that 
qemud calls.

>> It's infinitely flexible, but it's not an API you can give to a 
>> management tool developer.
>
> I think the goal of a management API should be to make common things 
> very simple to do but not preclude doing even the most advanced things.

Agreed.

-- 
error compiling committee.c: too many arguments to function




More information about the libvir-list mailing list