Re: [Xen-API] Comments on VM and host classes

[Ewan Mellor <ewan@xxxxxxxxxxxxx>]

On Tue, Jun 27, 2006 at 04:04:52PM -0400, Stefan Berger wrote:

> I also have some comments regarding the VM class.
> Would it not be better to have a class TPM and a member TPMs ((TPM ref)
> Set) containing an array of zero or one references to TPMs? I assume that
> an empty array would make it clear that no TPM is associated with the VM
> instead of encoding its existence into TPM/instance or TPM/backend
> somehow. The current members instance and backend could then be moved into
> the TPM class.
>
> Also a Xen system can be running an access control policy where each VM's
> run-time access to resources is restricted by the label it has been given
> compared to those of the resources. Currently a VM's configuration file
> may contain a line like
> access_control[policy='<name of the system's policy>',label='<label given
> to VM>'].
> I think the identifiers 'policy' and 'label' should also be part of the VM
> class either directly in the form 'access_control/policy' or indirectly in
> an access_control class.

I'm afraid I don't really understand the TPM stuff at all.  What we've done is
copied the existing configuration file entries and the like from Xen.  If
that's not a good fit for some reason, then please, suggest a better data
model.  You, Reiner, Ramon, Bryan and whoever else is interested in this field
ought to stand up and define a model that suits you -- you know certainly
better than I do.

Ewan.

_______________________________________________
xen-api mailing list
xen-api@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-api