[ovirt-users] Thinking loud about VM's serial console access
Alon Bar-Lev
alonbl at redhat.com
Sat Oct 18 18:39:12 UTC 2014
Please read [1].
I am unsure about concurrent access, this should be done using ssh bridge and now low level solution.
Thanks,
Alon
[1] http://www.ovirt.org/Features/Serial_Console
----- Original Message -----
> From: "Jiri Belka" <jbelka at redhat.com>
> To: users at ovirt.org
> Sent: Friday, October 17, 2014 6:15:43 PM
> Subject: [ovirt-users] Thinking loud about VM's serial console access
>
> Hi,
>
> on KVM forum VM's serial console access was raised. I'd like to make
> some comments, hopefully it would help to think about how we would
> access VM's serial consoles in oVirt.
>
> 1. encrypted access (ssh preferable) is a must
>
> 2. not to type any automatically generated password to access
> serial console should be possible (like for spice)
>
> i can imagine a centralized console server could be used to
> manage all serial console accesses. usually such console servers are
> access via ssh and then a connection is spawned and sysadmin's ssh
> session is connected to remote serial console without any action
>
> 3. not to see a interactive menu should be possible
>
> there can be serial console output parser/monitor persistently
> running to catch kernel outputs and alerts in console. if kernel
> crashes, the output is on console and thus a monitoring can catch it
>
> 4. access to VM's serial console should not require to know where a VM
> is running (thus to know host fqdn/IP)
>
> this is obvious, a sysadmin wants to just get serial console without
> manual kung-fu
>
> 5. multi-user access to one VM's serial console
>
> in some paranoid environment there must be two people working
> together, each controlling other. whatever. multi-user concurrency
> should be possible, there can be passive serial console output
> parser/monitor and sysadmin's interactive session
>
> Hopefully the above will contribute to implementation design. All above
> is possible with open source tools while using real hw serial consoles,
> thus it would be expected that implementation for VM's serial console
> would work similarly.
>
> FYI I created RFE for qemu for TLS mode for chardev socket
> https://bugzilla.redhat.com/show_bug.cgi?id=1154115, so there could be
> a way not to use ssh to host as this has been not preferred by
> alonbl@ for other functionality in the past :)
>
> j.
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
More information about the Users
mailing list