This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] Xen API/libvirt & Remote

To: John Anderson <johnha@xxxxxxxxxx>
Subject: Re: [Xen-devel] Xen API/libvirt & Remote
From: Ewan Mellor <ewan@xxxxxxxxxxxxx>
Date: Tue, 8 Aug 2006 22:41:29 +0100
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 08 Aug 2006 14:41:51 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <A7F39817EC2477418A3AA053E69F835A3AA0F7@xxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <A7F39817EC2477418A3AA053E69F835A3AA0F7@xxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.9i
Hi John,

Sorry for the delay in replying.

On Wed, Aug 02, 2006 at 04:28:37PM -0700, John Anderson wrote:

> I've been reading through the Xen API wiki page and it's associated PDF,
> as well as checking out libvirt for a solution to remotely manage xend
> daemons.  Unless I missed something, it seems both the Xen API and libvirt
> only make xml-rpc calls to a local xend daemon.  Is this true or am I way
> off base?
> If the Xen API & libvirt can only connect to a local xend daemon, are
> there any alternatives short of providing your own transport (i.e.
> ssh/telnet to invoke the command locally) ?

As you've discussed with Daniel Veillard already, the reason we don't open a
port by default at the moment is that there's no authentication in the
protocol.  If you're in a secure environment, you could use XML-RPC/HTTP, with
a small patch to Xend.  Alternatively there is now XML-RPC/SSH support too, so
you can set up SSH keys and use that as your authentication layer.  I can dig
more information out if you're interested.

The plan for the future is to improve this aspect of the Xen API
significantly.  I posted new C bindings to the Xen-API mailing list today, and
these show how you would be able to manage Xend remotely using libcurl.  I
intend for all our bindings to work remotely, and over a number of transports,
and securely.  If you're interested in this work, you could join the Xen-API
mailing list, or simply wait until Xen 3.0.3 is released, at which point we're
going to start dropping this work into Xen unstable so that it can be released
with Xen 3.0.4.



Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>