The NBD protocol previously runs in clear text, offering no security
protection for the data transferred, unless it is tunnelled over some
external transport like SSH. Such tunnelling is inefficient and
inconvenient to manage. Support for TLS to the NBD clients & servers
provided by QEMU was added. This adds support to configure ndb related
qemu.conf parameters.
Related-Bug: 1793093
Change-Id: I2c613faf55731af56735f8363b18e6c0e6185d9c
The libvirt driver now allows utilizing file backed memory for qemu/KVM
virtual machines, via a new configuration attribute
``[libvirt]/file_backed_memory``, defaulting to 0 (disabled).
``[libvirt]/file_backed_memory`` specifies the available capacity in MiB
for file backed memory, at the directory configured for
``memory_backing_dir`` in libvirt's ``qemu.conf``. When enabled, the
libvirt driver will report the configured value for the total memory
capacity of the node, and will report used memory as the sum of all
configured guest memory.
Running Nova with file_backed_memory requires libvirt version 4.0.0 and
qemu version 2.6.0
Related-Bug: 1793687
Change-Id: I0d9eb21fcab01266e501b7fc63c5b2bbb244956a
Adds parameters to configure TLS for the nova novnc-proxy to libvirt/qemu
now the support has landed in nova (bp/websocket-proxy-to-host-security).
Change-Id: I24a9841ba04c95df27599b4d7ac2da8416e751e5
Vhost user sockets are shared between qemu and ovs. Currently,
we are patching ovs service file to make ovs run as qemu user.
In order to avoid it, a new group 'hugetlbfs' has been introduced,
which will be used by ovs and qemu. This patch allows the users
to configure the group setting for qemu.conf file.
Change-Id: I0fa3934b345d51de85fd9d8a5a211b8e1bc50d86
This change adds a class meant to configure the max_files and
max_processes limits in libvirt/qemu.conf, it uses augeas and supports
config cleanup.
Change-Id: I5fa423a4b212d14f6e9ff6a270931b569558b54e
