[ovirt-users] Thinking loud about VM's serial console access

Dan Yasny dyasny at gmail.com
Fri Oct 17 11:23:49 EDT 2014


I have posted a ready script and a VDSM hook for this exact use case a
couple of years ago.

http://www.ovirt.org/Features/Serial_Console_in_CLI

The actual locateVM.py script is missing from there, but it's an elementary
API script that will receive a VM name, find the VM's host location and
start the shell


Hope this helps,
Dan

On Fri, Oct 17, 2014 at 11:15 AM, Jiri Belka <jbelka at redhat.com> wrote:

> Hi,
>
> on KVM forum VM's serial console access was raised. I'd like to make
> some comments, hopefully it would help to think about how we would
> access VM's serial consoles in oVirt.
>
> 1. encrypted access (ssh preferable) is a must
>
> 2. not to type any automatically generated password to access
>    serial console should be possible (like for spice)
>
>    i can imagine a centralized console server could be used to
>    manage all serial console accesses. usually such console servers are
>    access via ssh and then a connection is spawned and sysadmin's ssh
>    session is connected to remote serial console without any action
>
> 3. not to see a interactive menu should be possible
>
>    there can be serial console output parser/monitor persistently
>    running to catch kernel outputs and alerts in console. if kernel
>    crashes, the output is on console and thus a monitoring can catch it
>
> 4. access to VM's serial console should not require to know where a VM
>    is running (thus to know host fqdn/IP)
>
>    this is obvious, a sysadmin wants to just get serial console without
>    manual kung-fu
>
> 5. multi-user access to one VM's serial console
>
>    in some paranoid environment there must be two people working
>    together, each controlling other. whatever. multi-user concurrency
>    should be possible, there can be passive serial console output
>    parser/monitor and sysadmin's interactive session
>
> Hopefully the above will contribute to implementation design. All above
> is possible with open source tools while using real hw serial consoles,
> thus it would be expected that implementation for VM's serial console
> would work similarly.
>
> FYI I created RFE for qemu for TLS mode for chardev socket
>  https://bugzilla.redhat.com/show_bug.cgi?id=1154115, so there could be
> a way not to use ssh to host as this has been not preferred by
> alonbl@ for other functionality in the past :)
>
> j.
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20141017/870fa5d1/attachment.html>


More information about the Users mailing list