===================== Terminology and goals ===================== To avoid ambiguity about the terms used, here are the definitions for some of the specific concepts used in libvirt documentation: - a **node** is a single physical machine - an **hypervisor** is a layer of software allowing to virtualize a node in a set of virtual machines with possibly different configurations than the node itself - a **domain** is an instance of an operating system (or subsystem in the case of container virtualization) running on a virtualized machine provided by the hypervisor Now we can define the goal of libvirt: **to provide a common and stable layer sufficient to securely manage domains on a node, possibly remote**. As a result, libvirt should provide all APIs needed to do the management, such as: provision, create, modify, monitor, control, migrate and stop the domains - within the limits of the support of the hypervisor for those operations. Not all hypervisors provide the same operations; but if an operation is useful for domain management of even one specific hypervisor it is worth providing in libvirt. Multiple nodes may be accessed with libvirt simultaneously, but the APIs are limited to single node operations. Node resource operations which are needed for the management and provisioning of domains are also in the scope of the libvirt API, such as interface setup, firewall rules, storage management and general provisioning APIs. Libvirt will also provide the state monitoring APIs needed to implement management policies, obviously checking domain state but also exposing local node resource consumption. This implies the following sub-goals: - All API can be carried remotely though secure APIs - While most API will be generic in term of hypervisor or Host OS, some API may be targeted to a single virtualization environment as long as the semantic for the operations from a domain management perspective is clear - the API should allow to do efficiently and cleanly all the operations needed to manage domains on a node, including resource provisioning and setup - the API will not try to provide high level virtualization policies or multi-nodes management features like load balancing, but the API should be sufficient so they can be implemented on top of libvirt - stability of the API is a big concern, libvirt should isolate applications from the frequent changes expected at the lower level of the virtualization framework - the node being managed may be on a different physical machine than the management program using libvirt, to this effect libvirt supports remote access, but should only do so by using secure protocols. - libvirt will provide APIs to enumerate, monitor and use the resources available on the managed node, including CPUs, memory, storage, networking, and NUMA partitions. So libvirt is intended to be a building block for higher level management tools and for applications focusing on virtualization of a single node (the only exception being domain migration between node capabilities which involves more than one node).