SlideShare uma empresa Scribd logo

Guest Agents Support & Implementation Presentation

Mirantis
Mirantis

Brainstorming session for agents support in Nova code. Current state of agents, its support in Nova. New architecture of agents-Nova communication, agnostic to hypervisor, is suggested.

Tecnologia
1 de 14
Baixar para ler offline
Guest Agents Support & Implementation Presentation available at http://goo.gl/WRGep Brainstorming Session by Artem Andreev, Mirantis Inc.
What is a guest agent? A background process executed within the VM, which provides the controlling nova-compute service with various instance management capabilities in context of the guest operating system.
Session Goals ● Give an idea of the current status of guest agents in OpenStack ● Share the vision of what an ideal guest agent should be ● Discuss the sphere of it's responsibility and implementation details ● Collect tons of criticism and suggestions ● As a result prepare source material for a blue print
What do we have right now? Guest agents for XenServer ● Derivative from the original code by Rackspace ● XCP/XenServer support only ● Linux (Python+C) and Windows (C#) target OS ● Utilizes XenStore as a communication channel ● Uses simple JSON-based asynchronous protocol ● Launchpad project https://launchpad.net/openstack-guest-agents ● Able to ... ○ Configure network locally ○ Set root user password ○ Inject files ○ Update itself, etc
Under the hood of Guest Agent for XenServer
Existing OpenStack-side Support ● nova.virt.driver ○ agent_update ○ set_admin_password ○ reset_network ○ inject_file ● nova-manage agent command ○ agent version tracking and update ■ list ■ create ■ modify ■ delete ● nova root-password
There is always something to improve... Motivation ● Support for KVM, vmWare and other hypervisors ● There're lots of possible applications for agents waiting to be supported ● The current code is a mess of languages and technologies, there's a tiny piece of shared code base for different targets ● XenStore is definitely not the best way to communicate especially when it comes up to timings and security, we need a more reliable channel
Let's think of it! Session EtherPad http://goo.gl/IE8Hw
An ideal guest agent should be responsible for ... (1/2) ● Instance access recovery ○ Root password and network configuration reset ● Block device advanced management ○ Volume automounting and ejection preparation ○ Auto-creation of filesystem on newly attached volumes ● Advanced status monitoring ○ Detailed memory/disk usage statistics
An ideal guest agent should be responsible for ... (2/2) ● Software management ○ Updating itself and PV drivers ○ Chef/Puppet bootstrapping ● Spawn-time resize of Windows instances ● Guest-side support for snapshotting ○ Running sysprep in Windows guests ● Anything else?
An ideal guest agent implementation should be like... ● Development ○ Python as the primary development tool ■ http://github.com/Mirantis/osagent/ ■ Generally cross-platform Sharable code base ● Packaging ○ pyInstaller is a really good solution to create standalone software packages in Python, no system integration required ● Delivery ○ Explicit installation into golden image VMs for Windows ○ Automatic injection into Linux VMs on startup
An ideal channel for nova-compute <> agent communication would be ... ● A virtual serial port ○ Simple & Secure ○ Supported by KVM, ESX, XenServer ○ Complicated guest side port discovery :( ○ No channel-level connectivity tracking :( ● Cloud-init style metadata exchange ○ Vulnerable to spoofing and sniffing :( ○ Requires networking to be properly configured :( ● Configuration drives ○ Nice for one-shot startup time configuration but seems weird for continuous usage ○ Too visible to end-user, thus more vulnerable ● Anything else?
An ideal protocol for OpenStack <> agent communication would be ... ● QEMU Guest Agent Protocol ○ Supposed to be used with serial-port like channels ○ Lightweight, text-based, easy to parse data format ○ Asynchronous messages support (ie. events) ○ It works! ● Anything else? > { "execute": "guest-sync-delimited", "arguments": { "id": 123456 } } < { "return": 123456} > 7b 27 65 78 65 63 75 74 65 27 3a 27 67 75 65 73 74 2d 73 79 6e 63 2d 64 65 6c 69 6d 69 74 65 64 27 2c 27 61 72 67 75 6d 65 6e 74 73 27 3a 7b 27 69 64 27 3a 31 32 33 34 35 36 7d 7d 0a < ff 7b 22 72 65 74 75 72 6e 22 3a 20 31 32 33 34 35 36 7d 0a
Thank you for your cooperation! Artem Andreev, Mirantis Inc. aandreev@mirantis.com

Recomendados

Node in Real Time - The Beginning
Node in Real Time - The BeginningNode in Real Time - The Beginning
Node in Real Time - The BeginningAxilis
 
Multi-core Node.pdf
Multi-core Node.pdfMulti-core Node.pdf
Multi-core Node.pdfAhmed Hassan
 
DSSH: Innovation in SSH
DSSH: Innovation in SSHDSSH: Innovation in SSH
DSSH: Innovation in SSHJuraj Bednar
 
Dssh @ Confidence, Prague 2010
Dssh @ Confidence, Prague 2010Dssh @ Confidence, Prague 2010
Dssh @ Confidence, Prague 2010Juraj Bednar
 
Node
NodeNode
NodeArjun Raj
 
Построение простого REST сервера на Node.js | Odessa Frontend Code challenge
Построение простого REST сервера на Node.js | Odessa Frontend Code challengeПостроение простого REST сервера на Node.js | Odessa Frontend Code challenge
Построение простого REST сервера на Node.js | Odessa Frontend Code challengeOdessaFrontend
 
Vault w/ config injection kubernetes canada
Vault w/ config injection kubernetes canadaVault w/ config injection kubernetes canada
Vault w/ config injection kubernetes canadaJean-Philippe Bélanger
 
Unicorn: The Ultimate CPU Emulator by Akshay Ajayan
Unicorn: The Ultimate CPU Emulator by Akshay AjayanUnicorn: The Ultimate CPU Emulator by Akshay Ajayan
Unicorn: The Ultimate CPU Emulator by Akshay AjayanCysinfo Cyber Security Community
 

Recomendados

Node in Real Time - The Beginning
Node in Real Time - The BeginningNode in Real Time - The Beginning
Node in Real Time - The BeginningAxilis
 
Multi-core Node.pdf
Multi-core Node.pdfMulti-core Node.pdf
Multi-core Node.pdfAhmed Hassan
 
DSSH: Innovation in SSH
DSSH: Innovation in SSHDSSH: Innovation in SSH
DSSH: Innovation in SSHJuraj Bednar
 
Dssh @ Confidence, Prague 2010
Dssh @ Confidence, Prague 2010Dssh @ Confidence, Prague 2010
Dssh @ Confidence, Prague 2010Juraj Bednar
 
Node
NodeNode
NodeArjun Raj
 
Построение простого REST сервера на Node.js | Odessa Frontend Code challenge
Построение простого REST сервера на Node.js | Odessa Frontend Code challengeПостроение простого REST сервера на Node.js | Odessa Frontend Code challenge
Построение простого REST сервера на Node.js | Odessa Frontend Code challengeOdessaFrontend
 
Vault w/ config injection kubernetes canada
Vault w/ config injection kubernetes canadaVault w/ config injection kubernetes canada
Vault w/ config injection kubernetes canadaJean-Philippe Bélanger
 
Unicorn: The Ultimate CPU Emulator by Akshay Ajayan
Unicorn: The Ultimate CPU Emulator by Akshay AjayanUnicorn: The Ultimate CPU Emulator by Akshay Ajayan
Unicorn: The Ultimate CPU Emulator by Akshay AjayanCysinfo Cyber Security Community
 
Virtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureVirtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureTamas K Lengyel
 
Analyzing Data at Scale with Apache Spark
Analyzing Data at Scale with Apache SparkAnalyzing Data at Scale with Apache Spark
Analyzing Data at Scale with Apache SparkNicola Ferraro
 
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
DeViL - Detect Virtual Machine in Linux by SreelakshmiDeViL - Detect Virtual Machine in Linux by Sreelakshmi
DeViL - Detect Virtual Machine in Linux by SreelakshmiCysinfo Cyber Security Community
 
NodeJS overview
NodeJS overviewNodeJS overview
NodeJS overviewRoman Trukhin
 
Frontend Track NodeJS
Frontend Track NodeJSFrontend Track NodeJS
Frontend Track NodeJSMarcelo Serpa
 
OpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan Horacek
OpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan HoracekOpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan Horacek
OpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan HoracekNETWAYS
 
Real world blockchains
Real world blockchainsReal world blockchains
Real world blockchainsDmitry Meshkov
 
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and CloningNSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and CloningTamas K Lengyel
 
Introduction to Node.js
Introduction to Node.jsIntroduction to Node.js
Introduction to Node.jsSetyo Nugroho
 
Firewalls and Virtualization - pfSense Hangout June 2014
Firewalls and Virtualization - pfSense Hangout June 2014Firewalls and Virtualization - pfSense Hangout June 2014
Firewalls and Virtualization - pfSense Hangout June 2014Netgate
 
Intro to Node.js
Intro to Node.jsIntro to Node.js
Intro to Node.jsJames Carr
 
Brief introduction to php findsock-shell
Brief introduction to php findsock-shellBrief introduction to php findsock-shell
Brief introduction to php findsock-shellRishu Ranjan
 
AV Evasion with the Veil Framework
AV Evasion with the Veil FrameworkAV Evasion with the Veil Framework
AV Evasion with the Veil FrameworkVeilFramework
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration TestingUTD Computer Security Group
 
nebulaconf
nebulaconfnebulaconf
nebulaconfPedro Dias
 
Fundamental of Node.JS - Internship Presentation - Week7
Fundamental of Node.JS - Internship Presentation - Week7Fundamental of Node.JS - Internship Presentation - Week7
Fundamental of Node.JS - Internship Presentation - Week7Devang Garach
 
Pentesting ssh
Pentesting sshPentesting ssh
Pentesting sshVengatesh Nagarajan
 
Network Simulation NS3
Network Simulation NS3Network Simulation NS3
Network Simulation NS3baddi youssef
 
The State of the Veil Framework
The State of the Veil FrameworkThe State of the Veil Framework
The State of the Veil FrameworkVeilFramework
 
Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)Stephen Gordon
 
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a MonthUSENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a MonthNicolas Brousse
 
2012-03-15 What's New at Red Hat
2012-03-15 What's New at Red Hat2012-03-15 What's New at Red Hat
2012-03-15 What's New at Red HatShawn Wells
 

Mais conteúdo relacionado

Mais procurados

Virtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureVirtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureTamas K Lengyel
 
Analyzing Data at Scale with Apache Spark
Analyzing Data at Scale with Apache SparkAnalyzing Data at Scale with Apache Spark
Analyzing Data at Scale with Apache SparkNicola Ferraro
 
Frontend Track NodeJS
Frontend Track NodeJSFrontend Track NodeJS
Frontend Track NodeJSMarcelo Serpa
 
OpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan Horacek
OpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan HoracekOpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan Horacek
OpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan HoracekNETWAYS
 
Real world blockchains
Real world blockchainsReal world blockchains
Real world blockchainsDmitry Meshkov
 
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and CloningNSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and CloningTamas K Lengyel
 
Introduction to Node.js
Introduction to Node.jsIntroduction to Node.js
Introduction to Node.jsSetyo Nugroho
 
Firewalls and Virtualization - pfSense Hangout June 2014
Firewalls and Virtualization - pfSense Hangout June 2014Firewalls and Virtualization - pfSense Hangout June 2014
Firewalls and Virtualization - pfSense Hangout June 2014Netgate
 
Intro to Node.js
Intro to Node.jsIntro to Node.js
Intro to Node.jsJames Carr
 
Brief introduction to php findsock-shell
Brief introduction to php findsock-shellBrief introduction to php findsock-shell
Brief introduction to php findsock-shellRishu Ranjan
 
AV Evasion with the Veil Framework
AV Evasion with the Veil FrameworkAV Evasion with the Veil Framework
AV Evasion with the Veil FrameworkVeilFramework
 
Fundamental of Node.JS - Internship Presentation - Week7
Fundamental of Node.JS - Internship Presentation - Week7Fundamental of Node.JS - Internship Presentation - Week7
Fundamental of Node.JS - Internship Presentation - Week7Devang Garach
 
Network Simulation NS3
Network Simulation NS3Network Simulation NS3
Network Simulation NS3baddi youssef
 
The State of the Veil Framework
The State of the Veil FrameworkThe State of the Veil Framework
The State of the Veil FrameworkVeilFramework
 

Mais procurados (19)

Virtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureVirtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot Architecture
 
Analyzing Data at Scale with Apache Spark
Analyzing Data at Scale with Apache SparkAnalyzing Data at Scale with Apache Spark
Analyzing Data at Scale with Apache Spark
 
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
DeViL - Detect Virtual Machine in Linux by SreelakshmiDeViL - Detect Virtual Machine in Linux by Sreelakshmi
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
 
NodeJS overview
NodeJS overviewNodeJS overview
NodeJS overview
 
Frontend Track NodeJS
Frontend Track NodeJSFrontend Track NodeJS
Frontend Track NodeJS
 
OpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan Horacek
OpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan HoracekOpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan Horacek
OpenNebula Conf 2014 | Lightning talk: OpenNebula at Etnetera by Jan Horacek
 
Real world blockchains
Real world blockchainsReal world blockchains
Real world blockchains
 
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and CloningNSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
NSS 2013: Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning
 
Introduction to Node.js
Introduction to Node.jsIntroduction to Node.js
Introduction to Node.js
 
Firewalls and Virtualization - pfSense Hangout June 2014
Firewalls and Virtualization - pfSense Hangout June 2014Firewalls and Virtualization - pfSense Hangout June 2014
Firewalls and Virtualization - pfSense Hangout June 2014
 
Intro to Node.js
Intro to Node.jsIntro to Node.js
Intro to Node.js
 
Brief introduction to php findsock-shell
Brief introduction to php findsock-shellBrief introduction to php findsock-shell
Brief introduction to php findsock-shell
 
AV Evasion with the Veil Framework
AV Evasion with the Veil FrameworkAV Evasion with the Veil Framework
AV Evasion with the Veil Framework
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration Testing
 
nebulaconf
nebulaconfnebulaconf
nebulaconf
 
Fundamental of Node.JS - Internship Presentation - Week7
Fundamental of Node.JS - Internship Presentation - Week7Fundamental of Node.JS - Internship Presentation - Week7
Fundamental of Node.JS - Internship Presentation - Week7
 
Pentesting ssh
Pentesting sshPentesting ssh
Pentesting ssh
 
Network Simulation NS3
Network Simulation NS3Network Simulation NS3
Network Simulation NS3
 
The State of the Veil Framework
The State of the Veil FrameworkThe State of the Veil Framework
The State of the Veil Framework
 

Semelhante a Guest Agents Support & Implementation Presentation

Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)Stephen Gordon
 
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a MonthUSENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a MonthNicolas Brousse
 
2012-03-15 What's New at Red Hat
2012-03-15 What's New at Red Hat2012-03-15 What's New at Red Hat
2012-03-15 What's New at Red HatShawn Wells
 
Node.js Presentation
Node.js PresentationNode.js Presentation
Node.js PresentationExist
 
Netflix Open Source Meetup Season 4 Episode 2
Netflix Open Source Meetup Season 4 Episode 2Netflix Open Source Meetup Season 4 Episode 2
Netflix Open Source Meetup Season 4 Episode 2aspyker
 
Node.js Web Apps @ ebay scale
Node.js Web Apps @ ebay scaleNode.js Web Apps @ ebay scale
Node.js Web Apps @ ebay scaleDmytro Semenov
 
Rohit Yadav - The future of the CloudStack Virtual Router
Rohit Yadav - The future of the CloudStack Virtual RouterRohit Yadav - The future of the CloudStack Virtual Router
Rohit Yadav - The future of the CloudStack Virtual RouterShapeBlue
 
Build cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleBuild cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleJirayut Nimsaeng
 
FIWARE Developers Week_BootcampWeBUI_presentation1
FIWARE Developers Week_BootcampWeBUI_presentation1FIWARE Developers Week_BootcampWeBUI_presentation1
FIWARE Developers Week_BootcampWeBUI_presentation1FIWARE
 
Building a Pluggable, Cloud-native Event-driven Serverless Architecture - Rea...
Building a Pluggable, Cloud-native Event-driven Serverless Architecture - Rea...Building a Pluggable, Cloud-native Event-driven Serverless Architecture - Rea...
Building a Pluggable, Cloud-native Event-driven Serverless Architecture - Rea...Dan Farrelly
 
XPDS16: The OpenXT Project in 2016 - Christopher Clark, BAE Systems
XPDS16: The OpenXT Project in 2016 - Christopher Clark, BAE SystemsXPDS16: The OpenXT Project in 2016 - Christopher Clark, BAE Systems
XPDS16: The OpenXT Project in 2016 - Christopher Clark, BAE SystemsThe Linux Foundation
 
Second Skin: Real-Time Retheming a Legacy Web Application with Diazo in the C...
Second Skin: Real-Time Retheming a Legacy Web Application with Diazo in the C...Second Skin: Real-Time Retheming a Legacy Web Application with Diazo in the C...
Second Skin: Real-Time Retheming a Legacy Web Application with Diazo in the C...Chris Shenton
 
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messagesMulti-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messagesLINE Corporation
 
New Jersey Red Hat Users Group Presentation: Provisioning anywhere
New Jersey Red Hat Users Group Presentation: Provisioning anywhereNew Jersey Red Hat Users Group Presentation: Provisioning anywhere
New Jersey Red Hat Users Group Presentation: Provisioning anywhereRodrique Heron
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at DecisivTeleport
 
Kubernetes @ Squarespace: Kubernetes in the Datacenter
Kubernetes @ Squarespace: Kubernetes in the DatacenterKubernetes @ Squarespace: Kubernetes in the Datacenter
Kubernetes @ Squarespace: Kubernetes in the DatacenterKevin Lynch
 
A3Sec Advanced Deployment System
A3Sec Advanced Deployment SystemA3Sec Advanced Deployment System
A3Sec Advanced Deployment Systema3sec
 
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013dotCloud
 

Semelhante a Guest Agents Support & Implementation Presentation (20)

Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)Libvirt/KVM Driver Update (Kilo)
Libvirt/KVM Driver Update (Kilo)
 
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a MonthUSENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
 
2012-03-15 What's New at Red Hat
2012-03-15 What's New at Red Hat2012-03-15 What's New at Red Hat
2012-03-15 What's New at Red Hat
 
Node.js Presentation
Node.js PresentationNode.js Presentation
Node.js Presentation
 
Netflix Open Source Meetup Season 4 Episode 2
Netflix Open Source Meetup Season 4 Episode 2Netflix Open Source Meetup Season 4 Episode 2
Netflix Open Source Meetup Season 4 Episode 2
 
Node.js Web Apps @ ebay scale
Node.js Web Apps @ ebay scaleNode.js Web Apps @ ebay scale
Node.js Web Apps @ ebay scale
 
Rohit Yadav - The future of the CloudStack Virtual Router
Rohit Yadav - The future of the CloudStack Virtual RouterRohit Yadav - The future of the CloudStack Virtual Router
Rohit Yadav - The future of the CloudStack Virtual Router
 
Build cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack AnsibleBuild cloud like Rackspace with OpenStack Ansible
Build cloud like Rackspace with OpenStack Ansible
 
FIWARE Developers Week_BootcampWeBUI_presentation1
FIWARE Developers Week_BootcampWeBUI_presentation1FIWARE Developers Week_BootcampWeBUI_presentation1
FIWARE Developers Week_BootcampWeBUI_presentation1
 
Netty training
Netty trainingNetty training
Netty training
 
Building a Pluggable, Cloud-native Event-driven Serverless Architecture - Rea...
Building a Pluggable, Cloud-native Event-driven Serverless Architecture - Rea...Building a Pluggable, Cloud-native Event-driven Serverless Architecture - Rea...
Building a Pluggable, Cloud-native Event-driven Serverless Architecture - Rea...
 
XPDS16: The OpenXT Project in 2016 - Christopher Clark, BAE Systems
XPDS16: The OpenXT Project in 2016 - Christopher Clark, BAE SystemsXPDS16: The OpenXT Project in 2016 - Christopher Clark, BAE Systems
XPDS16: The OpenXT Project in 2016 - Christopher Clark, BAE Systems
 
Second Skin: Real-Time Retheming a Legacy Web Application with Diazo in the C...
Second Skin: Real-Time Retheming a Legacy Web Application with Diazo in the C...Second Skin: Real-Time Retheming a Legacy Web Application with Diazo in the C...
Second Skin: Real-Time Retheming a Legacy Web Application with Diazo in the C...
 
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messagesMulti-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
 
New Jersey Red Hat Users Group Presentation: Provisioning anywhere
New Jersey Red Hat Users Group Presentation: Provisioning anywhereNew Jersey Red Hat Users Group Presentation: Provisioning anywhere
New Jersey Red Hat Users Group Presentation: Provisioning anywhere
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at Decisiv
 
Kubernetes @ Squarespace: Kubernetes in the Datacenter
Kubernetes @ Squarespace: Kubernetes in the DatacenterKubernetes @ Squarespace: Kubernetes in the Datacenter
Kubernetes @ Squarespace: Kubernetes in the Datacenter
 
Netty training
Netty trainingNetty training
Netty training
 
A3Sec Advanced Deployment System
A3Sec Advanced Deployment SystemA3Sec Advanced Deployment System
A3Sec Advanced Deployment System
 
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
 

Mais de Mirantis

How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...
How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...
How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...Mirantis
 
Kubernetes Security Workshop
Kubernetes Security WorkshopKubernetes Security Workshop
Kubernetes Security WorkshopMirantis
 
Using Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M usersUsing Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M usersMirantis
 
How to Build a Basic Edge Cloud
How to Build a Basic Edge CloudHow to Build a Basic Edge Cloud
How to Build a Basic Edge CloudMirantis
 
Securing Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container DataSecuring Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container DataMirantis
 
What's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar SlidesWhat's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar SlidesMirantis
 
Comparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesComparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesMirantis
 
Your Application Deserves Better than Kubernetes Ingress: Istio vs. Kubernetes
Your Application Deserves Better than Kubernetes Ingress: Istio vs. KubernetesYour Application Deserves Better than Kubernetes Ingress: Istio vs. Kubernetes
Your Application Deserves Better than Kubernetes Ingress: Istio vs. KubernetesMirantis
 
Demystifying Cloud Security Compliance
Demystifying Cloud Security ComplianceDemystifying Cloud Security Compliance
Demystifying Cloud Security ComplianceMirantis
 
Mirantis life
Mirantis lifeMirantis life
Mirantis lifeMirantis
 
OpenStack and the IoT: Where we are, where we're going, what we need to get t...
OpenStack and the IoT: Where we are, where we're going, what we need to get t...OpenStack and the IoT: Where we are, where we're going, what we need to get t...
OpenStack and the IoT: Where we are, where we're going, what we need to get t...Mirantis
 
Boris Renski: OpenStack Summit Keynote Austin 2016
Boris Renski: OpenStack Summit Keynote Austin 2016Boris Renski: OpenStack Summit Keynote Austin 2016
Boris Renski: OpenStack Summit Keynote Austin 2016Mirantis
 
Digital Disciplines: Attaining Market Leadership through the Cloud
Digital Disciplines: Attaining Market Leadership through the CloudDigital Disciplines: Attaining Market Leadership through the Cloud
Digital Disciplines: Attaining Market Leadership through the CloudMirantis
 
Decomposing Lithium's Monolith with Kubernetes and OpenStack
Decomposing Lithium's Monolith with Kubernetes and OpenStackDecomposing Lithium's Monolith with Kubernetes and OpenStack
Decomposing Lithium's Monolith with Kubernetes and OpenStackMirantis
 
OpenStack: Changing the Face of Service Delivery
OpenStack: Changing the Face of Service DeliveryOpenStack: Changing the Face of Service Delivery
OpenStack: Changing the Face of Service DeliveryMirantis
 
Accelerating the Next 10,000 Clouds
Accelerating the Next 10,000 CloudsAccelerating the Next 10,000 Clouds
Accelerating the Next 10,000 CloudsMirantis
 
Containers for the Enterprise: It's Not That Simple
Containers for the Enterprise: It's Not That SimpleContainers for the Enterprise: It's Not That Simple
Containers for the Enterprise: It's Not That SimpleMirantis
 
Protecting Yourself from the Container Shakeout
Protecting Yourself from the Container ShakeoutProtecting Yourself from the Container Shakeout
Protecting Yourself from the Container ShakeoutMirantis
 
It's Not the Technology, It's You
It's Not the Technology, It's YouIt's Not the Technology, It's You
It's Not the Technology, It's YouMirantis
 
OpenStack as the Platform for Innovation
OpenStack as the Platform for InnovationOpenStack as the Platform for Innovation
OpenStack as the Platform for InnovationMirantis
 

Mais de Mirantis (20)

How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...
How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...
How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...
 
Kubernetes Security Workshop
Kubernetes Security WorkshopKubernetes Security Workshop
Kubernetes Security Workshop
 
Using Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M usersUsing Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M users
 
How to Build a Basic Edge Cloud
How to Build a Basic Edge CloudHow to Build a Basic Edge Cloud
How to Build a Basic Edge Cloud
 
Securing Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container DataSecuring Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container Data
 
What's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar SlidesWhat's New in Kubernetes 1.18 Webinar Slides
What's New in Kubernetes 1.18 Webinar Slides
 
Comparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesComparison of Current Service Mesh Architectures
Comparison of Current Service Mesh Architectures
 
Your Application Deserves Better than Kubernetes Ingress: Istio vs. Kubernetes
Your Application Deserves Better than Kubernetes Ingress: Istio vs. KubernetesYour Application Deserves Better than Kubernetes Ingress: Istio vs. Kubernetes
Your Application Deserves Better than Kubernetes Ingress: Istio vs. Kubernetes
 
Demystifying Cloud Security Compliance
Demystifying Cloud Security ComplianceDemystifying Cloud Security Compliance
Demystifying Cloud Security Compliance
 
Mirantis life
Mirantis lifeMirantis life
Mirantis life
 
OpenStack and the IoT: Where we are, where we're going, what we need to get t...
OpenStack and the IoT: Where we are, where we're going, what we need to get t...OpenStack and the IoT: Where we are, where we're going, what we need to get t...
OpenStack and the IoT: Where we are, where we're going, what we need to get t...
 
Boris Renski: OpenStack Summit Keynote Austin 2016
Boris Renski: OpenStack Summit Keynote Austin 2016Boris Renski: OpenStack Summit Keynote Austin 2016
Boris Renski: OpenStack Summit Keynote Austin 2016
 
Digital Disciplines: Attaining Market Leadership through the Cloud
Digital Disciplines: Attaining Market Leadership through the CloudDigital Disciplines: Attaining Market Leadership through the Cloud
Digital Disciplines: Attaining Market Leadership through the Cloud
 
Decomposing Lithium's Monolith with Kubernetes and OpenStack
Decomposing Lithium's Monolith with Kubernetes and OpenStackDecomposing Lithium's Monolith with Kubernetes and OpenStack
Decomposing Lithium's Monolith with Kubernetes and OpenStack
 
OpenStack: Changing the Face of Service Delivery
OpenStack: Changing the Face of Service DeliveryOpenStack: Changing the Face of Service Delivery
OpenStack: Changing the Face of Service Delivery
 
Accelerating the Next 10,000 Clouds
Accelerating the Next 10,000 CloudsAccelerating the Next 10,000 Clouds
Accelerating the Next 10,000 Clouds
 
Containers for the Enterprise: It's Not That Simple
Containers for the Enterprise: It's Not That SimpleContainers for the Enterprise: It's Not That Simple
Containers for the Enterprise: It's Not That Simple
 
Protecting Yourself from the Container Shakeout
Protecting Yourself from the Container ShakeoutProtecting Yourself from the Container Shakeout
Protecting Yourself from the Container Shakeout
 
It's Not the Technology, It's You
It's Not the Technology, It's YouIt's Not the Technology, It's You
It's Not the Technology, It's You
 
OpenStack as the Platform for Innovation
OpenStack as the Platform for InnovationOpenStack as the Platform for Innovation
OpenStack as the Platform for Innovation
 

Último

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Último (20)

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Guest Agents Support & Implementation Presentation

  • 1. Guest Agents Support & Implementation Presentation available at http://goo.gl/WRGep Brainstorming Session by Artem Andreev, Mirantis Inc.
  • 2. What is a guest agent? A background process executed within the VM, which provides the controlling nova-compute service with various instance management capabilities in context of the guest operating system.
  • 3. Session Goals ● Give an idea of the current status of guest agents in OpenStack ● Share the vision of what an ideal guest agent should be ● Discuss the sphere of it's responsibility and implementation details ● Collect tons of criticism and suggestions ● As a result prepare source material for a blue print
  • 4. What do we have right now? Guest agents for XenServer ● Derivative from the original code by Rackspace ● XCP/XenServer support only ● Linux (Python+C) and Windows (C#) target OS ● Utilizes XenStore as a communication channel ● Uses simple JSON-based asynchronous protocol ● Launchpad project https://launchpad.net/openstack-guest-agents ● Able to ... ○ Configure network locally ○ Set root user password ○ Inject files ○ Update itself, etc
  • 5. Under the hood of Guest Agent for XenServer
  • 6. Existing OpenStack-side Support ● nova.virt.driver ○ agent_update ○ set_admin_password ○ reset_network ○ inject_file ● nova-manage agent command ○ agent version tracking and update ■ list ■ create ■ modify ■ delete ● nova root-password
  • 7. There is always something to improve... Motivation ● Support for KVM, vmWare and other hypervisors ● There're lots of possible applications for agents waiting to be supported ● The current code is a mess of languages and technologies, there's a tiny piece of shared code base for different targets ● XenStore is definitely not the best way to communicate especially when it comes up to timings and security, we need a more reliable channel
  • 8. Let's think of it! Session EtherPad http://goo.gl/IE8Hw
  • 9. An ideal guest agent should be responsible for ... (1/2) ● Instance access recovery ○ Root password and network configuration reset ● Block device advanced management ○ Volume automounting and ejection preparation ○ Auto-creation of filesystem on newly attached volumes ● Advanced status monitoring ○ Detailed memory/disk usage statistics
  • 10. An ideal guest agent should be responsible for ... (2/2) ● Software management ○ Updating itself and PV drivers ○ Chef/Puppet bootstrapping ● Spawn-time resize of Windows instances ● Guest-side support for snapshotting ○ Running sysprep in Windows guests ● Anything else?
  • 11. An ideal guest agent implementation should be like... ● Development ○ Python as the primary development tool ■ http://github.com/Mirantis/osagent/ ■ Generally cross-platform Sharable code base ● Packaging ○ pyInstaller is a really good solution to create standalone software packages in Python, no system integration required ● Delivery ○ Explicit installation into golden image VMs for Windows ○ Automatic injection into Linux VMs on startup
  • 12. An ideal channel for nova-compute <> agent communication would be ... ● A virtual serial port ○ Simple & Secure ○ Supported by KVM, ESX, XenServer ○ Complicated guest side port discovery :( ○ No channel-level connectivity tracking :( ● Cloud-init style metadata exchange ○ Vulnerable to spoofing and sniffing :( ○ Requires networking to be properly configured :( ● Configuration drives ○ Nice for one-shot startup time configuration but seems weird for continuous usage ○ Too visible to end-user, thus more vulnerable ● Anything else?
  • 13. An ideal protocol for OpenStack <> agent communication would be ... ● QEMU Guest Agent Protocol ○ Supposed to be used with serial-port like channels ○ Lightweight, text-based, easy to parse data format ○ Asynchronous messages support (ie. events) ○ It works! ● Anything else? > { "execute": "guest-sync-delimited", "arguments": { "id": 123456 } } < { "return": 123456} > 7b 27 65 78 65 63 75 74 65 27 3a 27 67 75 65 73 74 2d 73 79 6e 63 2d 64 65 6c 69 6d 69 74 65 64 27 2c 27 61 72 67 75 6d 65 6e 74 73 27 3a 7b 27 69 64 27 3a 31 32 33 34 35 36 7d 7d 0a < ff 7b 22 72 65 74 75 72 6e 22 3a 20 31 32 33 34 35 36 7d 0a
  • 14. Thank you for your cooperation! Artem Andreev, Mirantis Inc. aandreev@mirantis.com