OVERVIEW:
Virtproxy proxies and multiplexes network/unix socket streams over a data
channel between a host and a guest (currently network connections, emulated
serial, or virtio-serial channels are supported). This allows for services such
as guest data collection agents, host/guest file transfer, and event
generation/handling to be implemented/deployed as basic socket-based daemons,
independently of the actual data channel. This is especially useful in
environments where there is no network connectivity between the host and the
guest, allowing for standard services to be utilized without modification or
knowledge about the nature of the data connection.
This code is intended to provide a channel-independent abstraction layer for
communicating with a QEMU-specific guest agent (in particular, the virtagent
RPC guest agent which will follow this in a seperate patchset), but may have
general utility beyond this (for instance: ssh/sftp/other guest agents/etc over
isa/virtio serial), and so is submitted here as a seperate patchset.
It should be noted that the proposed guest agent, virtagent, is not
fundamentally dependent on this code, but by leveraging it we provide both the
benefits of a closely-integrated QEMU guest agent as well as the flexibility to
utilize other services in network-limited environments with this single guest
daemon.
CHANGES IN V3:
- virtproxy chardev options added to support specification of forwarding
ports/sockets (examples below). code base is testable again now.
- various cleanups
CHANGES IN V2:
- host daemon deprecated, virtproxy now integrated into qemu via a virtproxy
chardev. The command-line options have not yet been converted over so for now
the virtproxy layer is no longer testable directly. This will be addressed
soon. Virtagent will hook into this chardev via a boolean chardev option. That
patchset will follow this one shortly.
- deadlocking issue resolved
BUILD/USAGE INFO:
# build guest daemon
make qemu-vp
./qemu-vp -h
EXAMPLE USAGE:
note: oforward/iforward chardev options have not yet been converted over from
original standalone host daemon implementation so this won't work till then.
The examples however have been updated for reference.
- Proxy http and ssh connections from a host to a guest over a virtio-serial
connection:
# start guest with virtio-serial. for example (RHEL6s13):
qemu \
-device virtio-serial \
-chardev virtproxy,id=test0, \
oforward=http:127.0.0.1:9080,oforward=ssh:127.0.0.1:22 \
-device virtconsole,chardev=test0,name=test0 \
...
# in the guest:
./qemu-vp -c virtserial-open:/dev/virtio-ports/test2:- -i http:127.0.0.1:80
\
-i ssh:127.0.0.1:22
# from host, access guest http server
wget http://locahost:9080
# from host, access guest ssh server
ssh localhost -p 9022
By specifying -i and -o options in the host and guest, respectively, the
channel can also be used to establish connections from a guest to a host. Unix
sockets can be specified by providing a pathname in place of the hostname/ip,
and a '-' in place of the port number.
KNOWN ISSUES:
- Sync issues with virtio-serial: This may or may not be related to the issue
above, but I noticed some cases where proxied ssh sessions from the guest to
the host would "lag" by a few bytes. For instance typing "top" would result in
"to" being displayed, and the "p" wouldn't show up till I hit another key. This
could be related to how I'm handling the buffering, but I haven't been able to
reproduce using a network-based channel. UPDATE: this issue seems to be fixed
here:
http://git.kernel.org/?p=linux/kernel/git/rusty/linux-2.6-for-linus.git;a=commit;h=6df7aadcd9290807c464675098b5dd2dc9da5075
TODO:
- Better channel negotiation to gracefully handle guest reboots/disconnects/etc
- Add monitor commands to add/remove virtproxy channels/oforwards/iforwards on
the fly
.gitignore | 1 +
Makefile | 4 +-
Makefile.target | 2 +-
configure | 1 +
qemu-char.c | 130 +++++++
qemu-config.c | 6 +
qemu-vp.c | 517 ++++++++++++++++++++++++++++
roms/seabios | 2 +-
virtproxy-builtin.c | 38 ++
virtproxy.c | 950 +++++++++++++++++++++++++++++++++++++++++++++++++++
virtproxy.h | 49 +++
11 files changed, 1697 insertions(+), 3 deletions(-)
