Open Stack

>  - virtio-vsock - think of this as UNIX domain sockets between the host and
>    guest.  This is to deal with the valid use case of people wanting to use
>    a network protocol, but not wanting an real NIC exposed to the guest/host
>    for security concerns. As such I think it'd be useful to run the metadata
>    service over virtio-vsock as an option. It'd likely address at lesat some
>    people's security concerns wrt metadata service. It would also fix the
>    ability to use the metadat service in IPv6-only environments, as we would
>    not be using IP at all :-)

Is this currently exposed by libvirt? I had a look at [1] and couldn't
find any mention of 'vsock' or anything that resembles what you've
described.

[1] https://libvirt.org/formatdomain.html