[libvirt] libvirt tls vnc
by Michael Kress
Hi, is there a comprehensive howto/tutorial you can recommend me on how
to set up libvirt with vnc over tls properly?
What I'm trying to do is to use vnc for production use outside my local
network and therefore I'd like to secure the vnc sessions. I already
made some attempts with ssvnc and Ultr@VNC (both windows clients) but
these attemps all failed. I can't get the vnc server (launched by
virt-install / kvm) to be displayed via tls. It all runs perfectly
without tls.
Thanx for any hints!
Michael
15 years, 9 months
[libvirt] using virsh remotely
by Andreas Rittershofer
I can use virsh as a command line tool, for exampe
virsh list
gives me the list of the running machines and I am back to the prompt.
When I make
virsh -c qemu+ssh://maschine-2/system list
I get the list of the running machine on the remote machine-2 - but
that's it, I am not back to the prompt automatically.
I want virsh to behave used remotely as used locally - execute the
command and go back to the prompt.
How this can be done?
mfg ar
--
Hier könnte keine Signatur stehen.
15 years, 9 months
[libvirt] adding bandwidth control support
by Max Zhen
My last post failed, resend...
Max Zhen at 2008-12-24 18:39 wrote:
> Hi,
>
> I'm working on adding bandwidth control support in
> virt-install/virsh/libvirt on Xen.
> This support can allow setting bandwidth control in dom0 (I'm working on
> Solaris dom0 now) for virtual nic devices used in a domU.
> I've attached my design in this email.
> Basically, this design is about how to represent bandwidth limit
> information in command line for virsh/virt-install and how to represent
> it in current XML configuration file for a domU.
>
> Your comments will be highly appreciated :).
>
> Thanks,
> Max
>
>
There are a few things to do to achieve this goal:
1. extend current command line syntax of 'virsh attach-interface'
2. extend current command line syntax of 'virt-install'
3. define bandwidth representation in XML format
For 1.
I will change the current command line syntax to:
virsh attach-interface <domain> <type> <source> [--target <target>]
[--mac <mac>] [--script <script>] [--rate <rate-string>]
So that we are able to specify bandwidth as "--rate 100M" in command line, like:
#virsh attach-interface domu bridge bge0 --rate 100M
In this case, bandwidth is specified as an integer with one of the scale
suffixes K, M, or G for Kbps, Mbps, or Gbps.
For 2.
I will add one more option "--rate=rate-string" to current option set of
virt-install command. Users can repeatedly add more than one 'rate' options
to set bandwidth for multiple nic devices respectively, if needed.
For example, with below command line, we start installing a domain with two
nic devices whose bandwidth are set to 100Mb/s and 200Mb/s respectively:
#virt-install -n snv105 -r 2048 -p --file=/root/snv105
--location=/solarisdvd.iso -b bge0 --rate=100M -b bge1 --rate=200M
In this case, bandwidth is specified as an integer with one of the scale
suffixes K, M, or G for Kbps, Mbps, or Gbps.
For 3.
All user specified bandwidth will be represented as part of interface
element currently defined in XML configuration file.
The new format looks like:
<interface type='bridge'>
<source bridge='e1000g1'/>
<flowcontrol>
<rate unit='megabit' period='second' value='100'/>
</flowcontrol>
</interface>
So, I create a new element, "flowcontrol", inside "interface" element. Inside
"flowcontrol", I provide bandwidth by setting "rate" element with three
attributes, "unit", "period" and "value" to express the bandwidth limit.
The supported unit can be 'gigabit', 'megabit' and 'kilobit'.
The supported period can be 'second', 'millisecond' and 'microsecond'.
And value is an integer to express the amount of data in unit allowed to be
transfered in period of time.
More elements can be added inside "flowcontrol" element, if we want to add more
flow control policies in the future.
15 years, 9 months
[libvirt] Help with bridged networking
by watcher lines
Hi,
I have setup my virtual networks with initscripts like in this link: http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shar..., but there is no networking whitin any system either between vms or with the host and the vms.
This setup is for kvm, but with Xen in Fedora 8 it works perfect, but xen is now deprecated in Fedora.
This is my setup:
/etc/sysconfig/network-scripts/ifcfg-worknet:
# worknet bridge
DEVICE=worknet
BOOTPROTO=none
BROADCAST=172.16.1.255
#HWADDR=00:50:56:C0:00:01
IPADDR=172.16.1.1
NETMASK=255.255.255.0
NETWORK=172.16.1.0
ONBOOT=yes
TYPE=Bridge
STP=off
DELAY=0
With Xen this alone lets ip traffic pass between host and to allow dhcp and other protocols i have this line in my iptables:
-A FORWARD -i worknet -j ACCEPT
This is the software I'm using:
libvirt-0.4.4-2.fc8
kvm-60-7.fc8
Thanks for your attention.
_________________________________________________________________
Consigue gratis el nuevo Messenger. ¡Descárgatelo!
http://download.live.com/
15 years, 9 months
[libvirt] networking with two hosts
by Andreas Rittershofer
The following situation is given:
Host A with VM1 and VM2 running.
Host B with VM3 und VM4 running.
Task 1.) Each VM must have network access to each other VM and to the
outside.
Task 2.) When one host fails, all VMs are running on the remainig host
and 1.) must still be fulfilled.
Does somebody has any hints about realising this scenario with libvirt
and KVM?
mfg ar
--
Hier könnte keine Signatur stehen.
15 years, 9 months
[libvirt] Adding VirtualBox support to libvirt
by Pritesh Kothari
Hi,
I am in the process of adding support for virtualbox in libvirt.
Basically Virtualbox exports its API through XPCOM. Now to simplify
things I was thinking of using C++ and already existing xpcom component
in virtualbox but since libvirt exports C API i am not sure if i should
use C++ or stick to plain C.
I would like to request the libvirt community for its comment
on this.
Regards,
Pritesh
15 years, 9 months
[libvirt] PATCH: Support memory balloon device in QEMU (incomplete)
by Daniel P. Berrange
This is an incomplete patch starting to support the memory balloon device
in QEMU guests. This requires the VirtIO Balloon driver be present in the
guest. In much the same way as with Xen guests, this lets you adjust the
memory allocation of the guest on the fly, ceiling limited by the initial
memory allocation when booted.
The missing bit is to use 'info balloon' to fetch the current allocation
for the virDomainGetInfo() API call.
Regards,
Daniel
diff -r 2662c220efc8 src/qemu_driver.c
--- a/src/qemu_driver.c Thu Feb 26 15:31:11 2009 +0000
+++ b/src/qemu_driver.c Thu Feb 26 15:31:23 2009 +0000
@@ -2223,6 +2223,46 @@ cleanup:
return ret;
}
+
+static int qemudDomainSetMemoryBalloon(virConnectPtr conn,
+ virDomainObjPtr vm,
+ unsigned long newmem) {
+ char *cmd;
+ char *reply;
+
+ /*
+ * 'newmem' is in KB, QEMU monitor works in MB, and we all wish
+ * we just worked in bytes with unsigned long long everywhere.
+ */
+ if (virAsprintf(&cmd, "balloon %lu", (newmem / 1024)) < 0) {
+ virReportOOMError(conn);
+ return -1;
+ }
+
+ if (qemudMonitorCommand(vm, cmd, &reply) < 0) {
+ qemudReportError(conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
+ "%s", _("could not balloon memory allocation"));
+ VIR_FREE(cmd);
+ return -1;
+ }
+ VIR_FREE(cmd);
+
+ /* If the command failed qemu prints:
+ * device not found, device is locked ...
+ * No message is printed on success it seems */
+ DEBUG ("balloon reply: %s", reply);
+ if (strstr(reply, "\nunknown command:")) {
+ qemudReportError (conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
+ _("memory ballooning is not supported %s"), reply);
+ VIR_FREE(reply);
+ return -1;
+ }
+ VIR_FREE(reply);
+
+ return 0;
+}
+
+
static int qemudDomainSetMemory(virDomainPtr dom, unsigned long newmem) {
struct qemud_driver *driver = dom->conn->privateData;
virDomainObjPtr vm;
@@ -2240,20 +2280,18 @@ static int qemudDomainSetMemory(virDomai
goto cleanup;
}
+ if (newmem > vm->def->maxmem) {
+ qemudReportError(dom->conn, dom, NULL, VIR_ERR_INVALID_ARG,
+ "%s", _("cannot set memory higher than max memory"));
+ goto cleanup;
+ }
+
if (virDomainIsActive(vm)) {
- qemudReportError(dom->conn, dom, NULL, VIR_ERR_NO_SUPPORT,
- "%s", _("cannot set memory of an active domain"));
- goto cleanup;
- }
-
- if (newmem > vm->def->maxmem) {
- qemudReportError(dom->conn, dom, NULL, VIR_ERR_INVALID_ARG,
- "%s", _("cannot set memory higher than max memory"));
- goto cleanup;
- }
-
- vm->def->memory = newmem;
- ret = 0;
+ ret = qemudDomainSetMemoryBalloon(dom->conn, vm, newmem);
+ } else {
+ vm->def->memory = newmem;
+ ret = 0;
+ }
cleanup:
if (vm)
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 9 months
[libvirt] [PATCH]: Fix non-live migration failure case
by Chris Lalancette
All,
There was a logic error in the Qemu driver when doing a non-live migrate.
During a non-live migrate, on the source host during the Perform step, we
pause the domain; however, if there was ever a failure, we were forgetting
to unpause the domain, meaning that the domain was paused forever. Add a
flag to tell us when we should unpause the domain after a failure.
Signed-off-by: Chris Lalancette <clalance(a)redhat.com>
15 years, 9 months
[libvirt] PATCH: Fix autostart of session daemon
by Daniel P. Berrange
When connecting qemu:///session we can autostart the libvirtd daemon.
With the node device APIs present, it can take upto a second to start
up while talking to dbus. The remote driver was only waiting for a
fraction of a second. This changes it to wait for upto 2 seconds, and
also not to spawn multiple instances of the daemon.
Daniel
diff -rup libvirt-0.6.0.orig/src/remote_internal.c libvirt-0.6.0.new/src/remote_internal.c
--- libvirt-0.6.0.orig/src/remote_internal.c 2009-02-18 10:56:34.000000000 +0000
+++ libvirt-0.6.0.new/src/remote_internal.c 2009-02-18 13:35:26.000000000 +0000
@@ -654,12 +654,13 @@ doRemoteOpen (virConnectPtr conn,
*/
if (errno == ECONNREFUSED &&
flags & VIR_DRV_OPEN_REMOTE_AUTOSTART &&
- trials < 5) {
+ trials < 20) {
close(priv->sock);
priv->sock = -1;
- if (remoteForkDaemon(conn) == 0) {
+ if (trials > 0 ||
+ remoteForkDaemon(conn) == 0) {
trials++;
- usleep(5000 * trials * trials);
+ usleep(1000 * 100 * trials);
goto autostart_retry;
}
}
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 9 months
