|
|
| (8 intermediate revisions by one other user not shown) |
| Line 1: |
Line 1: |
| {{header|docs}}
| | [[Category:Docs Project]] |
| | | [[Category:Draft documentation]] |
| ==Libvirt Client Access Control==
| | [[Category:Documentation beats]] |
|
| |
|
| The '''libvirt''' client allows for the setting of permission rules which can be applied to all managed objects and API operations, thus allowing for all client connections to be limited to a minimal set of rules and privileges.
| | == AArch64 QEMU/KVM VM installation with libvirt and virt-manager support == |
| There are three levels of access which can be assigned:
| | You may now use '''libvirt''' and '''virt-manager''' to install a virtual machine on the AArch64 architecture with the KVM hypervisor. |
|
| |
|
| * Unauthenticated - used for all connections, this state allows all API operations that are required to complete authentication. Following a successful authentication, two more levels can be assigned:
| | Instructions are available here: |
| ** Unrestricted - full access to all API operations | | * https://fedoraproject.org/wiki/Architectures/AArch64/Install_with_QEMU |
| ** Restricted - read only access | | * https://fedoraproject.org/wiki/QA:Testcase_Virt_AArch64_on_x86 |
|
| |
|
| System administrators can set permission rules for authenticated connections. Every API call in '''libvirt''' has a set of permissions that are validated against the object that is being used. For example, User A wants to change a parameter in the '''domain''' object. When the user tries to save the change, '''virDomainSetSchedulerParametersFlags''' method will check whether the client has write permissions on the '''domain''' object. Additional checks and permission settings can be processed as well. Filtering can also be done to see which clients have permissions on which objects to allow for smother administration of permissions.
| | == UEFI VMs installation with libvirt and virt-manager support == |
| The '''libvirtd.conf''' configuration file is responsible for setting the access permissions. It uses the ''access_drivers'' parameter to enable this operation. Note that if more than one access driver is requested, all must succeed in order for permission to be granted.
| | UEFI install options are now automatically available if UEFI/OVMF binaries are installed. |
| More information can be found here:
| |
|
| |
|
| * https://fedoraproject.org/wiki/Changes/Virt_ACLs
| | Instructions are available here: |
| * http://libvirt.org/acl.html
| |
|
| |
|
| ==Virt-manager Snapshots==
| | * https://fedoraproject.org/wiki/QA:Testcase_Virtualization_UEFI |
| Virtual Machine Manager ('''virt-manager''') allows for easy management and monitoring of KVM guest virtual machine snapshots. Note that '''virt-manager''' will pause the guest virtual machine for a few seconds while taking the snapshot.
| | * https://fedoraproject.org/wiki/Using_UEFI_with_QEMU |
| More information is available here:
| |
| * https://fedoraproject.org/wiki/Changes/Virt_Manager_Snapshots | |
| * http://fedoraproject.org/wiki/Features/Virt_Live_Snapshots
| |
| * http://libvirt.org/formatsnapshot.html
| |
| * Snapshot section here: http://linux.die.net/man/1/virsh
| |
| * https://fedoraproject.org/wiki/QA:Testcase_Virt_Snapshot_UI | |
|
| |
|
| ==ARM emulation on x86 Host Physical Machines== | | == RBD and Gluster support with virt-install and virt-manager == |
| Changes have been made to have smoother emulation of ARM guest virtual machines running on x86 hosts using standard '''libvirt''' tools, including '''virsh''', '''virt-manager''' and '''virt-install'''.
| |
| '''qemu''' has an ARM emulator that works well and is actively used in the Fedora ARM effort. However '''libvirt''' and '''virt-manager''' currently have issues launching '''qemu-system-arm''' VMs, mostly by encoding x86 assumptions in the generated command line that cause '''qemu-system-arm''' to fail to start. Changes have been made to fix this issue.
| |
| More information can be found here: https://fedoraproject.org/wiki/Changes/Virt_ARM_on_x86
| |
|
| |
|
| ==Ryu Software Defined Networking==
| | '''virt-manager''' and '''virt-install''' is now supported for RBD and Gluster storage. Both tools can now |
| Fedora 20 features Ryu, software that enables effective, software defined networking for OpenStack virtualization. As a building block of an OpenFlow controller, Ryu provides a Layer 2 isolated network for Openstack. For more information, read:
| | easily use pre-configured gluster and rbd storage volumes. |
| | |
| * http://osrg.github.com/ryu/
| |
| * https://github.com/osrg/ryu/wiki
| |
| * http://osrg.github.com/ryu/doc/index.html
| |
| | |
| | |
| | |
| [[Category:Docs Project]]
| |
| [[Category:Draft documentation]]
| |
| [[Category:Documentation beats]]
| |
