Audience: - libvirt developers Interested in: - what it is - new developments [---- OVERVIEW ----] Libguestfs is a C library for accessing and creating disk images. It has been in development for four and a half years, is very mature, and is used in many large projects such as: virt-v2v, OpenStack, Like libvirt, the C API is long term stable so a program written against the API four years ago will still work today. There are bindings in lots of programming languages. Here is an example of a Python program using the API to create a partitioned disk image with some content from a tar file. Show create.py Run create.py virt-filesystems -a disk.img --all --long -h virt-df -a disk.img -h guestfish --ro -a disk.img -m /dev/sda1 find / [---- TOOLS ----] We have a lot of tools associated with libguestfs: virt- Pick a few. Today I want to just mention virt-builder which is a tool for rapidly and safely customizing templates of virtual machines. virt-builder -l virt-builder fedora-19 \ --hostname f19.example.com \ --firstboot-install nmap \ --edit '/etc/yum.conf: s/gpgcheck=1/gpgcheck=0/' [---- LIBVIRT INTEGRATION ---] How libguestfs uses libvirt: Behind the scenes we create a captive appliance. Since Fedora 18 & RHEL 7, we use libvirt to manage the appliance and sVirt to protect the host from rogue filesystems. Our use of libvirt APIs is very simple: - virConnect* - "lifecycle APIs" like virDomainCreateXML - libvirt XML - hotplugging APIs - capabilities What we DON'T care about: - live migration - stable guest ABI - storage APIs - snapshots - NUMA Bugs in libvirt: - Tracker: 910269 - (WORKAROUND) - qemu: could not load kernel ... Permission denied - libvirt doesn't label backing sockets, eg. qcow2 using NBD backing - could not destroy libvirt domain: Requested operation is not valid: domain is not running - libvirt chown's file to root, but doesn't restore ownership - XML error: No PCI buses available (FIXED) - This QEMU doesn't support virtio scsi controller (qemu bug: FIXED) (example of non-obvious error message) - TMPDIR / environment variable handling is broken (WORKAROUND) Missing features in libvirt: - labelling backing sockets - no way to specify net= parameter to qemu - unnamed guests Things we don't like: - error messages are confusing, real information is hidden - logging/debugging is hard - fragile - regressions - essentially impossible to use libvirt/sVirt on anything except Fedora/RHEL Things we like: - sVirt - having someone else deal with qemu - hotplugging