diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-12 03:50:42 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-12 03:50:42 +0000 |
commit | 78e9bb837c258ac0ec7712b3d612cc2f407e731e (patch) | |
tree | f515d16b6efd858a9aeb5b0ef5d6f90bf288283d /docs/VM_INTERFACE.md | |
parent | Adding debian version 255.5-1. (diff) | |
download | systemd-78e9bb837c258ac0ec7712b3d612cc2f407e731e.tar.xz systemd-78e9bb837c258ac0ec7712b3d612cc2f407e731e.zip |
Merging upstream version 256.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'docs/VM_INTERFACE.md')
-rw-r--r-- | docs/VM_INTERFACE.md | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/docs/VM_INTERFACE.md b/docs/VM_INTERFACE.md new file mode 100644 index 0000000..abe7067 --- /dev/null +++ b/docs/VM_INTERFACE.md @@ -0,0 +1,54 @@ +--- +title: VM Interface +category: Interfaces +layout: default +SPDX-License-Identifier: LGPL-2.1-or-later +--- + +# The VM Interface + +Also consult [Writing Virtual Machine or Container +Managers](https://systemd.io/WRITING_VM_AND_CONTAINER_MANAGERS). + +systemd has a number of interfaces for interacting with virtual machine +managers, when systemd is used inside of a VM. If you work on a VM manager, +please consider supporting the following interfaces. + +1. systemd supports passing immutable binary data blobs with limited size and + restricted access to services via the `ImportCredential=`, `LoadCredential=` + and `SetCredential=` settings. These credentials may be passed into a system + via SMBIOS Type 11 vendor strings, see + [systemd(1)](https://www.freedesktop.org/software/systemd/man/latest/systemd.html) + for details. This concept may be used to flexibly configure various facets + ot the guest system. See + [systemd.system-credentials(7)](https://www.freedesktop.org/software/systemd/man/latest/systemd.system-credentials.html) + for a list of system credentials implemented by various systemd components. + +2. Readiness, information about various system properties and functionality, as + well as progress of boot may be reported by systemd to a machine manager via + the `sd_notify()` protocol via `AF_VSOCK` sockets. The address of this + socket may be configured via the `vmm.notify_socket` system credential. See + [systemd(1)](https://www.freedesktop.org/software/systemd/man/latest/systemd.html). + +3. The + [systemd-ssh-generator(8)](https://www.freedesktop.org/software/systemd/man/latest/systemd-ssh-generator.html) + functionality will automatically bind SSH login functionality to `AF_VSOCK` + port 22, if the system runs in a VM. + +4. If not initialized yet the system's + [machine-id(5)](https://www.freedesktop.org/software/systemd/man/latest/machine-id.html) + is automatically set to the SMBIOS product UUID if available and invocation + in an VM environment is detected. + +5. The + [`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-boot.html) + and + [`systemd-stub(7)`](https://www.freedesktop.org/software/systemd/man/latest/systemd-stub.html) + components support two SMBIOS Type 11 vendor strings that may be used to + extend the kernel command line of booted Linux environments: + `io.systemd.stub.kernel-cmdline-extra=` and + `io.systemd.boot.kernel-cmdline-extra=`. + +Also see +[smbios-type-11(7)](https://www.freedesktop.org/software/systemd/man/latest/smbios-type-11.html) +for a list of supported SMBIOS Type 11 vendor strings. |