Open Stack

On Mon, Jan 12, 2015 at 06:28:53PM +0300, Dmitry Guryanov wrote:
> On 01/05/2015 02:30 PM, Daniel P. Berrange wrote:
> >On Tue, Dec 30, 2014 at 05:18:19PM +0300, Dmitry Guryanov wrote:
> >>Hello,
> >>
> >>Libvirt can create loop or nbd device for LXC container and mount it by
> >>itself, for instance, you can add something like this to xml config:
> >>
> >><filesystem type='file'>
> >>   <driver type='loop' format='raw'/>
> >>   <source file='/fedora-20-raw'/>
> >>   <target dir='/'/>
> >></filesystem>
> >>
> >>But nova mounts filesystem for container by itself. Is this because rhel-6
> >>doesn't support filesystems with type='file' or there are some other reasons?
> >The support for mounting using NBD in OpenStack pre-dated the support
> >for doing this in Libvirt. In faact the reason I added this feature to
> >libvirt was precisely because OpenStack was doing this.
> >
> >We haven't switched Nova over to use this new syntax yet though, because
> >that would imply a change to the min required libvirt version for LXC.
> >That said we should probably make such a change, because honestly no
> >one should be using LXC without using user namespaces, othewise their
> >cloud is horribly insecure. This would imply making the min libvirt for
> >LXC much much newer than it is today.
> >
> 
> It's not very hard to replace mounting in nova with generating proper xml
> config. Can we do it before kilo release? Are there any people, who use
> openstack with LXC in production?

Looking at libvirt history, it would mean we mandate 1.0.6 as the min
libvirt for use with the LXC driver.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|