On Wed, May 08, 2024 at 03:00:30PM +0200, Paolo Bonzini wrote: > On Wed, May 8, 2024 at 2:51 PM Daniel P. Berrangé <[email protected]> wrote: > > Designwise, a native VSOCK backend in QEMU really should implement the > > same approach defined by firecracker, so that we have interoperability > > with systemd, firecracker and cloud-hypervisor. See > > > > https://gitlab.com/qemu-project/qemu/-/issues/2095 > > > > https://github.com/firecracker-microvm/firecracker/blob/main/docs/vsock.md#firecracker-virtio-vsock-design > > > > This involves multiple UNIX sockets on the host > > > > 1 * /some/path - QEMU listens on this, and accepts connections > > from other host processes. The client sends > > "PORT <num>" to indicate that guest port it > > is connecting to > > > > n * /some/path_$PORT - QEMU connect to this for outgoing connections > > from the guest. Other host processes need > > to listen on whatever path_$PORT need to be > > serviced > > The former is quite horrible, but okay. Out of curiosity, which > clients are using that convention?
I've no idea. The RFE above came out of a discussion with systemd upstream when they were implementing their SSH-over-vsock host SSH plugin https://github.com/systemd/systemd/pull/30777 where it was noted that their code for using AF_VSOCK natively wouldn't work with firecracker or cloud-hypervisor. Although they've got native AF_VSOCK support there merged, conceptually it looks desirable to have a common way of exposing AF_VSOCK on the host. Also, aside from cross-OS portability, this has the other benefit that arbitarary users on the same host can make use of AF_VSOCK, without worrying about CID clashes in the host kernel between guests they're not aware of. All guests can just use the same fixed CID and the UNIX socket exposure on the host namespaces them. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
