[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mirari updates

On 5 Mar 2013, at 17:56, Vincent Bernardoff <vb@xxxxxxxxxxxxxx> wrote:

> On 27/02/2013 21:52, Anil Madhavapeddy wrote:
>> - In the UNIX backend, in mirage-platform/unix/runtime/tap_stubs_*.c,
>>   we currently hardcode an `ifconfig 10.0.0.1` to give the tap device
>>   a static IP address.  This has made it easy so far to get networking
>>   up and running, but the tap device setup really ought to be done by
>>   Mirari-run instead of the Mirage-platform libraries (which should just
>>   open a tun passed to them).
> 
> I don’t think mirari (and obviously even less Netif) should setup the tap 
> since it requires root access. Mirari should give instructions on how to do 
> so, but not issue root commands itself.

It doesn't necessarily need root: there are a bunch of platform-specific ways. 
For example, on Linux, you can set CAP_NET_ADMIN to the Mirari binary to gain 
access to tunctl.  There's a good summary of all the ways in the Erlang tuntap 
bindings here:

https://github.com/msantos/tunctl

(it might be worth creating a robust ocaml-tuntap that wraps these mechanisms)

> 
> About the Xen backend, we should decide on a standard way to execute kernels 
> (as Anil said). At the moment, I only tested the xl create -c config.cfg 
> kernel.xen method, which works well. If I understand well, it is better to 
> use libvirt as it is a library that could be better integrated with mirari. I 
> did not test it yet, but plan to do it asap.

Great. I know Dave has been experimenting with libvirt recently, but he's 
travelling this week.  Jon, Mike, do you have any opinions about this?

A (very) simple first start would be to just generate the minimal .conf file 
(as mir-run does at the moment) and directly call 'xl/xm create -c'.

The more interesting second backend is automating Amazon EC2, for which 
bindings exist on Github (but I haven't tried). This requires signing the Xen 
kernel as an AKI image, and calling the right HTTP calls to upload it and 
register it, before spinning it up.  I can give you delegate access to my 
Amazon account, Vincent, if you don't have access to an EC2 account within 
Citrix.

-anil

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.