Fedora Weekly News Issue 165
Welcome to Fedora Weekly News Issue 165 for the week ending March 1, 2009.
http://fedoraproject.org/wiki/FWN/Issue165
In this week's issue, in announcements we're reminded about this month's Fedora Board meeting and updates on the Fedora 11 feature freeze and updates on upcoming Fedora events. News from the Fedora Planet includes summer internship opportunities at Red Hat, an interview with Matt Domsch in Red Hat Magazine, and reports from Fedora events in Egypt and India. In Ambassador news, many reports from the recent Southern California Linux Expo (SCaLE) meeting, and another update from a Fedora install fest in Texas. In the QA beat, updates from Fedora 11 testing and weekly planning, as well as helping new contributors with the BugZapper team. Art work brings more updates on the Echo icon theme and Fedora 11. In security news, updates on this week's fixes for Fedora 9 and 10, and ongoing conversation on the security of open and closed source systems. Finally, the issue wraps up with updates on Fedora 11 virtualization features, dom0 kernel experimentation, and some Q&A on Libvirt, VirtIO, KVM, and Xen.
If you are interested in contributing to Fedora Weekly News, please see our 'join' page[1]. We welcome reader feedback: fedora-news-list@redhat.com
FWN Editorial Team: Pascal Calarco, Oisin Feeley, Huzaifa Sidhpurwala
Announcements
In this section, we cover announcements from the Fedora Project.
http://www.redhat.com/archives/fedora-announce-list/
http://www.redhat.com/archives/fedora-devel-announce/
https://fedoraproject.org/wiki/FedoraEvents
Contributing Writer: Max Spevack
General
The Fedora Board is having its monthly meeting on Tuesday March 3rd at 1900 UTC on IRC[1].
- Join #fedora-board-meeting to see the Board's conversation. This channel is read-only for non-Board members.
- Join #fedora-board-public to discuss topics and post questions. This channel is read/write for everyone.
The moderator will direct questions from the #fedora-board-public channel to the Board members at #fedora-board-meeting. This should limit confusion and ensure our logs are useful to everyone.
Fedora 11
The Fedora 11 feature freeze is coming this week[1]. Feature owners should update their feature's status[2] on the wiki before March 3rd, as the feature list will be sent to FESCo on March 6th for review.
Mass rebuilds of all packages are ongoing for Fedora 11[3]. Package maintainers should check[4] to see whether or not they own any packages that still need to be rebuilt.
Finally, we need to ensure that any hard-coded i386 architectures in spec files are fixed, or else the package runs the risk of not being built in the 32bit Rawhide repository[5].
- ↑ http://www.redhat.com/archives/fedora-devel-announce/2009-February/msg00022.html
- ↑ http://fedoraproject.org/wiki/Releases/11/FeatureList
- ↑ http://www.redhat.com/archives/fedora-devel-announce/2009-February/msg00023.html
- ↑ http://www.redhat.com/archives/fedora-devel-announce/2009-February/msg00027.html
- ↑ http://www.redhat.com/archives/fedora-devel-announce/2009-March/msg00000.html
Upcoming Events
March 5-7: Computer Using Educators[1] in Palm Springs, CA.
March 9: Florida Linux Show[2] in Jacksonville, FL.
March 10-12: FOSE[3] in Washington, DC.
March 13-15: Chemnitzer Linux Tage[4] in Chemnitz, Germany.
FUDCon Berlin 2009
FUDCon Berlin[1] will be held from June 26 - 28 in Berlin, Germany.
Planet Fedora
In this section, we cover the highlights of Planet Fedora - an aggregation of blogs from Fedora contributors worldwide.
http://planet.fedoraproject.org
Contributing Writer: Adam Batkin
General
Harish Pillay disected[1] an interview regarding Oracle's rebuild of CentOS.
Martin Sourada showed off[2] some Echo Icon Theme eye candy.
Jeremy Katz mused[3] on some ideas to make sharing Git repositories easier.
Daniel Walsh announced[4] a summer internship at Red Hat working on SELinux.
Jef Spaleta discussed[5] Canonical's methodology for determining its userbase size and relative contributions to upstream projects (compared to Red Hat and Fedora). Yaakov Nemoy suggested [6] that usage of the word "canonical" should be increased, starting with changes like renaming the "Fedora Packaging Guidelines" to the "Packaging Canon".
Abhishek Rane posted[7] a screenshot tour of KDE 4.2.
Joseph Smidt wrote[8] about the massive number of new Features that Fedora 11 is slated to contain.
Cole Robinson demonstrated[9] the Fedora 11 virt-manager
"New VM" wizard.
Red Hat Magazine[10] interviewed[11] Matt Domsch to discuss the Fedora Mirror network.
Mark J. Wielaard explained[12] a new feature in Systemtap
0.9 that allows you to "collect data from any variable in scope at a probe point using the DWARF debug info. You can even dereference pointers, access struct members, array elements, etc."
- ↑ http://harishpillay.livejournal.com/142124.html
- ↑ http://mso-chronicles.blogspot.com/2009/02/weve-gone-long-way.html
- ↑ http://velohacker.com/fedora-notes/publishing-git-trees/
- ↑ http://danwalsh.livejournal.com/26904.html
- ↑ http://jspaleta.livejournal.com/35595.html
- ↑ http://loupgaroublond.blogspot.com/2009/02/taken-shamelessly-from-dictionary.html
- ↑ http://www.abhishekrane.com/2009/02/27/kde-42-screenshot-tour/
- ↑ http://californiaquantum.wordpress.com/2009/02/28/fedora-11-will-have-an-incredible-number-of-new-features/
- ↑ http://blog.wikichoon.com/2009/02/virt-manager-in-fedora-11-new-vm-wizard.html
- ↑ http://magazine.redhat.com/
- ↑ http://magazine.redhat.com/2009/02/27/video-spotlight-on-mirror-manager/
- ↑ http://gnu.wildebeest.org/diary/2009/03/01/systemtap-09-cast-away/
Events
Diaa Radwan posted[1] pictures and a report from Fedora Day at Misr University for Science and Technology.
Rangeen Basu Roy Chowdhury wrote[2] about the Kalyani Government Engineering College Install Fest and FAD.
Ambassadors
In this section, we cover Fedora Ambassadors Project.
http://fedoraproject.org/wiki/Ambassadors
Contributing Writer: Larry Cafiero
FAD, Fedora booth at SCaLE a success
Fedora Ambassadors hosted a Fedora Activity Day [1] at the Southern California Linux Expo (SCaLE)[2] as part of the many events at the expo. The FAD took place on Friday, February 20th at the Westin Airport Los Angeles, where a group of between 12 to 20 people worked on both font packaging and documentation. Not only did a significant amount of work get done, but it was great to have a face-to-face meeting with people who, on a daily basis, you are in contact with via IRC or by e-mail.
One sensation at the expo was the Fedora kids who walked around the show floor, dressed in Fedora shirts chanting about Fedora; they were Malakai and Saskia Wade (daughters of Karsten Wade), Shaun Savage (son of Clint Savage), and Mirano Cafiero (daughter of Larry Cafiero). Also, the Fedora booth had XOs on hand for demonstration, and the fact the kids were also using them brought the attention of the general public and the press covering the event.
Clint Savage presented on Fedora Remix on Saturday, which was well attended. Several media outlets, including a reporter for the Los Angeles Daily News, visited the booth and interviewed Karsten Wade.
A few hundred disks and other items of swag were handed out and many contacts were made for upcoming presentations about Fedora at LUGs throughout California in the next few months.
Thanks to all those who attended FAD and who helped in the booth at SCaLE.
Here are reports from the FAD and from the Southern California Linux Expo:
Larry Cafiero
- http://larrythefedoraguy.wordpress.com/2009/02/20/road-trip-of-the-penguins-part-1/
- http://larrythefedoraguy.wordpress.com/2009/02/20/road-trip-of-the-penguins-part-1a/
- http://larrythefedoraguy.wordpress.com/2009/02/21/road-trip-of-the-penguins-chapter-2/
- http://larrythefedoraguy.wordpress.com/2009/02/21/road-trip-of-the-penguins-part-2b/
- http://larrythefedoraguy.wordpress.com/2009/02/22/road-trip-of-the-penguins-chapter-3/
- http://larrythefedoraguy.wordpress.com/2009/02/23/road-trip-of-the-penguins-epilogue/
Karsten Wade
- http://iquaid.org/2009/02/21/its-more-than-a-passing-fad-the-good/
- http://iquaid.org/2009/02/23/its-more-than-a-passing-fad-the-bad/
- http://iquaid.org/2009/02/21/its-more-than-a-passing-fad-the-ugly/ (coming soon)
Clint Savage
- http://www.thebitsource.com/2009/02/28/scale-7x-clint-savage-of-fedora-project-on-spinning-your-own-linux-livecd/
- http://sexysexypenguins.com/2009/02/22/in-reply-to-larry-cafiero-about-swag/
- http://sexysexypenguins.com/2009/02/23/scale-7x-improving-the-fedora-remix-presentation/
Jon Stanley
Joseph Smidt
References
Fedora installed by users at KGEC
Kalyani Government Engineering College (KGEC) is on the Kalyani University Campus, Kalyani in West Bengal, India, and has quite a large base of students interested in Linux. An install fest event [1] took place on Feb. 21.
This install fest is a starting point for spreading the use of Linux and Fedora was the distro used. Around 150 students were shown how to install and administer a Fedora system and were helped to get Fedora installed on their systems.
Reports from the following individuals are available:
- ↑ https://fedoraproject.org/wiki/FedoraEvents/KGEC_Install_Fest
- ↑ http://arindamghosh.wordpress.com/2009/02/24/kgec-fad/
- ↑ http://subhodipbiswas.wordpress.com/2009/02/24/install-fest-kgec/
- ↑ http://ratnadeepdebnath.wordpress.com/2009/02/22/what-an-install-fest-in-kalyani-govt-engg-college-o/
- ↑ http://sherry151.blogspot.com/2009/02/not-just-another-install-fest.html
Fedora at Sam Houston State University
Adam Miller gave his first tech talk[1] as a Fedora Ambassador, presenting to the student organization at Sam Houston State University's "Sam Houston Association for Computer Scientist" (SHACS for short). Adam introduced his fellow classmates to the wonders of Free/Open Source Software, Linux, and most notably, Fedora.
Got Ambassador News?
Any Ambassador news tips from around the Fedora community can be submitted to me by e-mailing lcafiero-AT-fedoraproject-DOT-org and I'd be glad to put it in this weekly report.
Quality Assurance
In this section, we cover the activities of the QA team[1].
Contributing Writer: Adam Williamson
Test Days
This week's regular test day[1] was on CrashCatcher[2]. Zdenek Prikryl and Jiri Moskovcak were the developers present. Further results are still welcome from anyone - a full set of instructions for running tests is available on the Wiki page. As a result of the testing, over thirty issues were discovered and filed in the CrashCatcher trac system [3].
Next week's test day[4] will be on Anaconda's (the Fedora installer) interaction with block devices - especially RAID, LVM and encrypted devices. It will be held on Thursday (2009-03-05) in the #fedora-qa channel on Freenode IRC. Please drop by if you would like to help test this this area of Fedora.
Weekly meetings
The QA group weekly meeting[1] was held on 2009-02-25. The full log is available[2]. Josh Boyer reported epic news: the PPC build of Rawhide can now be successfully installed. Will Woods suggested that now is a good time to start putting bugs on to the tracker bug for the release of Fedora 11 Beta[3]. He also pointed out the tracker bug for Intel KMS-related issues[4]. Adam Williamson volunteered to organize a test day for the proposed new default NVIDIA driver, nouveau.
Will Woods and Jesse Keating discussed the progress of the autoqa system. Jesse would like to have more refined results output available soon, and a working example of a post tree-compose sanity test. Will Woods wants to aim to have a working verifytree test available by Fedora 11 Beta release.
James Laska gave a progress update on the Nitrate[5] test case management system, mostly on working with the developers of the internal Red Hat system to get the code publicly available. He also promised to get around to proposing the Semantic system developed by the Laptop.org project (also discussed in last week's meeting) to the Infrastructure group this week.
Will Woods pointed out the Fedora 11 feature list[6] and explained that the QA team must ensure, by feature freeze, that all accepted features have a workable test process. He asked for the group's help in ensuring that all proposed features are checked for this and a useful test plan is drawn up where possible. Adam Williamson volunteered to liaise with the developers of the Nouveau[7] and automatic font / MIME installer[8] features.
The Bugzappers group weekly meeting[9] was held on 2009-02-24. The full log is available[10]. There was some more discussion of goals for the group, and the group agreed with Christopher Beland's suggestion that the targetted components page[11] be updated to list the number of NEW bugs for each component.
Matej Cepl provided the new Greasemonkey script to add a standard signature to each comment posted by a Bugzapper group member[12]. John Poelstra wanted to have a single location for all necessary Greasemonkey scripts for triagers. Brennan Ashton reported that he is working on an RPM package which would contain Greasemonkey and the scripts.
Adam Williamson volunteered to organize a new series of triage days, to get the whole group together to work on triaging and training new members. Matej stated that he is happy to help mentor new triagers by email or IRC at any time.
The next QA weekly meeting will be held on 2009-03-04 at 1600 UTC in #fedora-meeting, and the next Bugzappers weekly meeting on 2009-03-03 at 1700 UTC in #fedora-meeting.
- ↑ http://fedoraproject.org/wiki/QA/Meetings
- ↑ http://wwoods.fedorapeople.org/fedora-qa/fedora-qa-20090225.log.html
- ↑ https://bugzilla.redhat.com/show_bug.cgi?id=F11Beta
- ↑ https://bugzilla.redhat.com/show_bug.cgi?id=F11IntelKMS
- ↑ http://fedorahosted.org/nitrate
- ↑ http://fedoraproject.org/wiki/Releases/11/FeatureList
- ↑ http://fedoraproject.org/wiki/Features/NouveauAsDefault
- ↑ http://fedoraproject.org/wiki/Features/AutoFontsAndMimeInstaller
- ↑ http://fedoraproject.org/wiki/BugZappers/Meetings
- ↑ http://fedoraproject.org/wiki/BugZappers/Meetings/Minutes-2009-Feb-24
- ↑ https://fedoraproject.org/wiki/BugZappers/components
- ↑ http://mcepl.fedorapeople.org/scripts/greasemonkey/add_bugzappers_signature.user.js
Goals
Christopher Beland wrapped up the discussion on group goals[1]. "The official goal is now to stabilize the number of NEW bugs for each key component. Counts from today have been copied into that page on the wiki[2], and there's a preformatted query from which you can get the current count."
Bugs filed against default component
Lex Hider pointed out[1] that the 0xFFFF component in Bugzilla gets many reports simply because it is the first component in the list. He reported that he has tried to clean up all the current reports against this component, and suggested creating a new component, owned by the Bugzappers group, to catch this problem in future.
QA review for feature pages
Will Woods asked the group[1] to work on reviewing the feature pages for Fedora 11, and help make sure they all have viable test procedures, as previously discussed at the weekly meeting. He later emphasized[2] that the aim is actively to help the development team produce viable test plans, not simply to reject or mark the features which do not yet have them.
Improving Bugzappers documentation for beginners
A new group member, Hunter Bukowski, agreed[1] with previous suggestions that the current Bugzappers documentation in the Wiki is not sufficient in quantity or organization to allow new Bugzappers to get started without other references. He volunteered to help improve this situation.
The CLA for Bugzappers
A new volunteer, Lalit Dhiri, introduced himself[1] and tried to join the FAS group for the Bugzappers team. Rahul Sundaram rejected his application, as he had not yet signed the CLA - the legal agreement all Fedora contributors are required to sign. Upon further discussion, it was agreed by Paul Frields and Tom 'spot' Callaway that signing the CLA should not be required for Bugzappers, as none of the work normally required in the Bugzappers group constitutes a 'contribution' to Fedora in this sense. The requirement for Bugzappers to sign the CLA was officially removed.
Translation
This section covers the news surrounding the Fedora Translation (L10n) Project.
http://fedoraproject.org/wiki/L10N
Contributing Writer: Runa Bhattacharjee
L10n Infrastructure Team Meeting
The first meeting of the Fedora L10n Infrastructure team[1] was held on 24th February 2009[2]. The discussion centered around the progress of the Transifex setup for Fedora 11, New features in Transifex to provide better statistics and submission on translate.fedoraproject.org, and Djamned Lies with Publican support to be ready for testing on 27th February. The discussion about branching of packages was marked for further talks with the devel team.
Common Content Files for Publican
A request for translation of Common Content files, used by Publican to give a uniform appearance for documents, was put forward by Ruediger Landmann[1]. The two files available for translation are Conventions.pot
[2] and Feedback.pot
[3]. The translated versions of these files are also available on the fedoraproject.org wiki[4]
Sponsor Upgrades Request
Due to a technical difficulty[1], the process of sending out notification messages on wiki-edits for watched pages was stalled. In view of this, NorikoMizumoto has requested[2] that Team Coordinators request sponsor upgrades via mail to the fedora-trans mailing list for the cvsl10n group via the fedoraproject.org wiki page[3].
Inconsistency in a Desktop string and GDM translations
IgorSoares brought forward the problem about locating a string that is displayed in the Fedora Gnome menu[1]. This string - About This Computer - was earlier translated and submitted via fedoraproject.org wiki page[2]. Additionally, he also raises the the issue about the inconsistency in the translations of GDM strings. This matter is also being currently discussed in a bug[3].
New Member in FLP
Mario Santagiuliana joined the Italian translation team[1].
Artwork
In this section, we cover the Fedora Artwork Project.
http://fedoraproject.org/wiki/Artwork
Contributing Writer: Nicu Buculei
A Lot of Folder Icons for Echo
Martin Sourada contributed[1] a large number of folder icons for the Echo Perspective[2] set, small variations of the base folder icon "I've began remaking the the whole folder set to have perspective projection". He also wrote a blog post[3] about those icons but also about the evolution of the Echo theme "we like Echo and would like to see it being default in Fedora sometime in the future, but we also need to keep up with others – and that means perspective projection" and *his* own evolution on working on them "And how far have I gone? In short very far. In longer – from an occasional contributor to main contributor and practically the Echo Icon Theme project leader... Also as you can see from the images above, my inkscape skills have improved a lot ;-)"
Closer to Fedora 11
With a bit of worry[1] ("Okay I am a bit worried at this point. I had no time at all this weekend to work on it, and I need to travel next weekend"), Máirín Duffy frontally attacked[2] with a number of new mock-ups[3] the development of the artwork for Fedora 11. Brian Hurren and Paolo Leoni came with useful ideas[4] [5] for the night version of the image.
- ↑ http://www.redhat.com/archives/fedora-art-list/2009-February/msg00087.html
- ↑ http://www.redhat.com/archives/fedora-art-list/2009-February/msg00109.html
- ↑ http://www.redhat.com/archives/fedora-art-list/2009-February/msg00127.html
- ↑ http://www.redhat.com/archives/fedora-art-list/2009-February/msg00106.html
- ↑ http://www.redhat.com/archives/fedora-art-list/2009-February/msg00116.html
Security Week
In this section, we highlight the security stories from the week in Fedora.
Contributing Writer: JoshBressers
Open Source Security
One of the dead horses that various security folks like to beat is claiming that Open Source software is less secure because anyone can look at it and analyse its security weaknesses. So what happens when a system should be closed, but is suddenly broken open? Marine One Data Breech[1]
It seems that Iran (the country), may have acquired sensitive information about the helicopter the President of the United States uses. When you're an organization with virtually limitless resources, the easy solution here is probably to just get a different helicopter, but suppose something similar happens to a piece of closed source software. Now you're at an elevated level of risk because people haven't been analysing your source code for weakness. Any good security system should still hold up even if complete details are made public. By purposely putting the source in public view, Open Source software has a very real advantage over a similar system that relies on obscurity as a feature.
Security Advisories
In this section, we cover Security Advisories from fedora-package-announce.
https://www.redhat.com/mailman/listinfo/fedora-package-announce
Contributing Writer: David Nalley
Fedora 10 Security Advisories
- gstreamer-plugins-good-0.10.13-1.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01010.html
- trickle-1.07-7.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01026.html
- perl-Crypt-OpenSSL-DSA-0.13-12.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01069.html
- optipng-0.6.2.1-1.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01078.html
- libpng-1.2.35-1.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01086.html
- mldonkey-2.9.7-3.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01094.html
- mingw32-libpng-1.2.35-1.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01101.html
- rubygem-actionpack-2.1.1-2.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01136.html
Fedora 9 Security Advisories
- gstreamer-plugins-good-0.10.8-10.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00924.html
- trickle-1.07-7.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00941.html
- optipng-0.6.2.1-1.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01077.html
- mldonkey-2.9.7-3.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01082.html
- libpng-1.2.35-1.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01096.html
- rubygem-actionpack-2.1.1-2.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg01117.html
Virtualization
In this section, we cover discussion on the @et-mgmnt-tools-list, @fedora-xen-list, @libvirt-list and @ovirt-devel-list of Fedora virtualization technologies.
Contributing Writer: Dale Bewley
Enterprise Management Tools List
This section contains the discussion happening on the et-mgmt-tools list
virt-manager Redesigned 'New VM' Wizard
Cole Robinson with the help of Tim Allen and Jeremy Perry
started[1] work on a redesign of the virt-manager
guest creation wizard, because
"The original design was largely based on xen
specific assumptions and the
state of libvirt
/virtinst
at the time: many of those assumptions don't
apply today, or require a bit more thought since we now support both
xen
and qemu
based VMs." See the post for full details on the long list of changes and screenshots[2].
Hot Add USB Device to Guest
Cole Robinson answered[1] a question about hot adding a USB device to a running guest. The steps are
"Use 'lsusb' to determine the bus and device", use this to create an XML
snippet[2], and then feed that snippet to 'virsh attach-device
.
Fedora Virtualization List
This section contains the discussion happening on the fedora-virt list.
Fedora Virt Status Update
Mark McLoughlin posted[1] another weekly status update including details on numerous virtualization developments and bugs.
Improved Guest Mouse Pointer Movement
Daniel P. Berrange announced[1] an improvement to mouse pointer movement in Fedora 10 and 11 KVM
guests.
"The default mouse for KVM guests is a PS/2 mouse. This causes pain for users because it only works with relative coordinates, which means we are forced to grab the mouse pointer in the VNC client.
KVM can emulate a USB graphics tablet which works in absolute coordinate mode, and thus gives flawless mouse motion tracking without needing any grab in the client." [2]
USB tablet will now be used by default python-virtinst
in F11.
Approved F11 Virtualization Features
Chris Lalancette relayed[1] the outcome of the FESCO meeting on February 27[2] as it relates to virtualization.
Features approved for inclusion in Fedora 11 at this time are:
- http://fedoraproject.org/wiki/Features/KVM_PCI_Device_Assignment
- http://fedoraproject.org/wiki/Features/SVirt_Mandatory_Access_Control
- http://fedoraproject.org/wiki/Features/VirtImprovedConsole
- http://fedoraproject.org/wiki/Features/VirtVNCAuth
Deferred to Fedora 12 was:
- http://fedoraproject.org/wiki/Features/Shared_Network_Interface
- http://fedoraproject.org/wiki/Features/KVM_and_QEMU_merge
On the KVM
and QEMU
merge, Daniel P. Berrange explained[3] that "The QEMU
upstream release will be so close to the feature freeze, that we don't
want to risk causing KVM
regressions by trying to then merge the two.
Hopefully come F12, more of the KVM
bits will be in QEMU
mainline, so
work we need todo to merge would be minimal."
Fedora Xen List
This section contains the discussion happening on the fedora-xen list.
dom0 Kernel Experimentation Continues
Michael Young made his work more accessible when he began[1] creating experimental dom0 kernel builds[2] within Koji. This latest kernel
has gotten as far as booting in single user mode.
Libvirt List
This section contains the discussion happening on the libvir-list.
About Libvirt VirtIO and Xen
Patrick Archibal had a few questions[1] about virtualization and the relation of libvirt
[2], VirtIO
[3], KVM
[4], and Xen
[5]. Daniel P. Berrange took the time to provide a detailed response[6] to each of Patrick's questions. A selection follows.
- What is the difference between
libvirt
andvirtio
? "libvirt
provides a API for the host OS, allowing management of virtual machines, storage, networking, host devices, etc."
virtio
is basically providing paravirtualized device drivers between guest and host, and has several aspects
- A generic infrastructure layer in guest kernel for writing device drivers that talk to the host
- A generic host<->guest data transport running as a PCI device
- A generic host<->guest data transport using a ring buffer
- Guest implementations for paravirt network, disk & memory balloon drivers
- QEMU host backends for network, disk & memory balloon drivers"
- Why must hypervisor developers (
Xen
andKVM
) develop drivers each time there are new devices? "Thevirtio
infrastructure is intended to provide generic drivers that can be used on any hypervisor. Currently supportsKVM
andLGuest
.Xen
has its own device drivers because they were developed years ago outside the context of the Linux kernel community just for Xen's needs."
- Can we use
VirtIO
withXen
?
"VirtIO is currently only supported for KVM and LGuest. It could in theory be implemented for Xen too, but its not clear if it is worth the effort."
Encrypted VNC to Guests and TLS
Michael Kress wanted[1] to encrypt the session between a windows VNC
client and a KVM
guest. The thread was long with a lot of back and forth touching on windows clients, certificate setup, and stunnel
.
Daniel P. Berrange pointed out libvirt
's RemoteTLS
[2] documentation and described[3] the Fedora 11 feature VirtVNCAuth[4] which dovetails with VeNCrypt
[5]
to "Define a mapping of SASL authentication into the VNC protocol, and implement it for QEMU and GTK-VNC, providing strongly authenticated, securely encrypted remote access of virtual guest consoles."
VirtualBox Support
Pritesh Kothari has been working[1] on adding Virtualbox
[2] support to libvirt
. Most of the functionality is complete, but Pritesh sought help with working out the domain XML format[3].
Run QEMU Guests Within a CGroup
Daniel P. Berrange posted[1] a proof of concept patch set with this explanation.
"Recent Linux kernels have a new concept of 'CGroups'[2] which is a way to group tasks on the system and apply policy to them as a whole. We already use this in the LXC container driver(FWN#146[3]), to control total memory usage of things running within a container.
This patch series is a proof of concept to make use of CGroups in the QEMU driver. The idea is that we have a 3 level cgroup hierarchy
- Top level; contains the libvirtd daemon itself
- 2nd level: one per libvirt driver, but dos not contain any processes.
- 3rd level: one per guest VM. Contains the QEMU process
The host admin can do control on the top level and 2nd level to set an overall system policy. libvirt will then provide APIs / capabilities to control individual VMs policy."