WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] Xen API/libvirt & Remote

To: John Anderson <johnha@xxxxxxxxxx>
Subject: Re: [Xen-devel] Xen API/libvirt & Remote
From: Daniel Veillard <veillard@xxxxxxxxxx>
Date: Thu, 3 Aug 2006 04:45:59 -0400
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 03 Aug 2006 01:46:29 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <A7F39817EC2477418A3AA053E69F835A3AA0F7@xxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <A7F39817EC2477418A3AA053E69F835A3AA0F7@xxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: veillard@xxxxxxxxxx
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.4.1i
On Wed, Aug 02, 2006 at 04:28:37PM -0700, John Anderson wrote:
> I've been reading through the Xen API wiki page and it's associated PDF,
> as well as checking out libvirt for a solution to remotely manage xend
> daemons.  Unless I missed something, it seems both the Xen API and
> libvirt only make xml-rpc calls to a local xend daemon.  Is this true or
> am I way off base? 

  It's a bit more complex, first libvirt does not (yet) make xml-rpc calls
it currently does more ad-hoc HTTP based calls when talking to xend. Second
libvirt interract with Xen in more ways than just with xend. 

> If the Xen API & libvirt can only connect to a local xend daemon, are
> there any alternatives short of providing your own transport (i.e.
> ssh/telnet to invoke the command locally) ?

  I think libvirt 0.1.3 should be able to connect to remote xend daemons
using the HTTP protocol. It will be limited to xend based accesses and
there is unfortunately no authentication.
  Security wise opening the HTTP port is a big no-no in my opinion, anybody
getting access to the network one way or another would instantly get control
over every domain running. Using SSH or other secure authenticated transport
to then connect to the local service sounds way saner, that's why I didn't
really pushed or tested the remote access. But passing an URL pointing to
the remote service when opening the libvirt connection may work, though as
said I don't really recommend this.

Daniel

-- 
Daniel Veillard      | Red Hat http://redhat.com/
veillard@xxxxxxxxxx  | libxml GNOME XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>