[ovirt-users] Thinking loud about VM's serial console access

Alon Bar-Lev alonbl at redhat.com
Sat Oct 18 18:39:12 UTC 2014 

Please read [1].

I am unsure about concurrent access, this should be done using ssh bridge and now low level solution.

Thanks,
Alon

[1] http://www.ovirt.org/Features/Serial_Console

----- Original Message -----
> From: "Jiri Belka" <jbelka at redhat.com>
> To: users at ovirt.org
> Sent: Friday, October 17, 2014 6:15:43 PM
> Subject: [ovirt-users] Thinking loud about VM's serial console access
> 
> Hi,
> 
> on KVM forum VM's serial console access was raised. I'd like to make
> some comments, hopefully it would help to think about how we would
> access VM's serial consoles in oVirt.
> 
> 1. encrypted access (ssh preferable) is a must
> 
> 2. not to type any automatically generated password to access
>    serial console should be possible (like for spice)
> 
>    i can imagine a centralized console server could be used to
>    manage all serial console accesses. usually such console servers are
>    access via ssh and then a connection is spawned and sysadmin's ssh
>    session is connected to remote serial console without any action
> 
> 3. not to see a interactive menu should be possible
> 
>    there can be serial console output parser/monitor persistently
>    running to catch kernel outputs and alerts in console. if kernel
>    crashes, the output is on console and thus a monitoring can catch it
> 
> 4. access to VM's serial console should not require to know where a VM
>    is running (thus to know host fqdn/IP)
> 
>    this is obvious, a sysadmin wants to just get serial console without
>    manual kung-fu
> 
> 5. multi-user access to one VM's serial console
> 
>    in some paranoid environment there must be two people working
>    together, each controlling other. whatever. multi-user concurrency
>    should be possible, there can be passive serial console output
>    parser/monitor and sysadmin's interactive session
> 
> Hopefully the above will contribute to implementation design. All above
> is possible with open source tools while using real hw serial consoles,
> thus it would be expected that implementation for VM's serial console
> would work similarly.
> 
> FYI I created RFE for qemu for TLS mode for chardev socket
>  https://bugzilla.redhat.com/show_bug.cgi?id=1154115, so there could be
> a way not to use ssh to host as this has been not preferred by
> alonbl@ for other functionality in the past :)
> 
> j.
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>

More information about the Users mailing list