[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Guestinfo alike info polling from Guest via guest-agent
|
From: |
Florian Lohoff |
|
Subject: |
Re: Guestinfo alike info polling from Guest via guest-agent |
|
Date: |
Thu, 12 Dec 2024 18:00:58 +0100 |
|
User-agent: |
NeoMutt/20170113 (1.7.2) |
Hi,
On Thu, Dec 12, 2024 at 08:24:22AM -0800, Connor Kuehl wrote:
> Hmm, yeah, in this case, I don't see a more privacy-respecting
> alternative to doing this with the current version of qemu-ga.
>
> If the extent of your use case is limited to host ssh pubkeys, then
> I'd imagine it wouldn't be a hard sell to pitch the idea of adding
> some new RPCs to qemu-ga, like guest-ssh-get-host-publickeys, seeing
> as there's already commands like
> guest-ssh-{get,set,remove}-authorized-keys.
>
> Then your customer VMs' qemu-ga.conf can specify just
> guest-ssh-get-host-publickeys in the allowlist.
>
> Maybe upstream would also be amenable to a more minimal interface as
> you've already described of allowing the guest to assign key,value pairs
> and adding a RPC to allow the hypervisor to fetch bits of data that way.
> Though, it would probably require a fair bit more design before the
> implementation arrives.
What we tried now was writing a small addition on the hypervisor
listening on a serial on all VMs - so we simply create VMs with an
additional serial which had a minimalistic API to send key/value
pairs via a serial to the hypervisors service.
For obvious reasons one would rather like a more standardised approach.
Flo
--
Florian Lohoff f@zz.de
Any sufficiently advanced technology is indistinguishable from magic.
signature.asc
Description: PGP signature