[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] vmfork in KVM
From: |
Eric Blake |
Subject: |
Re: [Qemu-devel] vmfork in KVM |
Date: |
Fri, 08 May 2015 09:07:18 -0600 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 |
On 05/08/2015 03:55 AM, Zhi Yong Wu wrote:
> HI, all guys
>
> Why does vmfork not get supported by KVM project? What is the
> drawback? It's very cool if it's used in some scenario, e.g. HPC. It
> will be appreciated for your comments, thanks.
In general, live cloning of a VM is a security nightmare - you have to
make sure that either both sides of the fork will never be exposed to
the same network, or that you figure out how to scrub everything such as
IP addresses and random number state so that the two VMs are independent
enough as to not be able to guess the behavior of one guest by observing
the other. Offline cloning is a much more tractable problem.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature