On Wed, Sep 26, 2007 at 11:47:40PM +0200, Guillaume Rousse wrote:
Hello.
I'm trying to use ssh tunnel for remote hypervisor access. However, I'm
can't make it working...
[guillaume@oberkampf ~]$ LC_ALL=C virsh --connect
xen+ssh://root@acacia.futurs.inria.fr list --all
You are missing a trailing '/' on the URI - when strip the hostname to
make the remote uri, we end up with xen:// which is rejected by libxml's
URI parser. Simply add a '/' after the hostname and you should be fine.
It is rather annoying that libxml's parser rejects uris only ending in
two /, but not three. We should probably automatically add an extra
trailing / if we find we only have two, because its a common mistake.
libvir: error : could not connect to xen://
error: failed to connect to the hypervisor
error: no valid connection
On the remote host:
[root@acacia ~]# libvirtd --verbose
libvir: error : could not connect to xen://
It seems the error lies between libvirtd and the local hypervisor. And
indeed, local usage of virsh with xen:// URLs fail:
[root@acacia ~]# LC_ALL=C virsh -c xen:// list
Yep, xen:// is not a valid URI for libxml parser.
libvir: error : could not connect to xen://
error: failed to connect to the hypervisor
error: no valid connection
Using xen:///, instead of xen://, as explained at
http://libvirt.org/uri.html, is OK, despite a few error messages:
[root@acacia ~]# LC_ALL=C virsh -c xen:/// list
libvir: Remote error : No such file or directory
libvir: warning : Failed to find the network: Is the daemon running ?
That is harmless unless you want to use the networking APIs.
From the documentation, it seems xen:// transport implies TLS, and
requires an host name, so it is quite normal it fails here (I didn't
generated any certificate). But how can I force libvirtd to use xen:///
transport then ? I don't see anything related in libvirt configuration
documentation at
http://libvirt.org/remote.html ? Neither about how to
configure it for listening on unix transport, as explained in svn+ssh
transport requirements on the same page (but I presume it is the default) ?
The daemon libvirtd will always listen for UNIX socket connections. You
have to explicitly turn on TCP support, after having setup certificates.
If using SSH, then we simply tunnel to the UNIX socket over SSH so all
you need do is start the libvirtd daemon on the remote host.
Also, from where does those error and warning come ?
[root@acacia ~]# LC_ALL=C virsh -c xen:/// list
libvir: Remote error : No such file or directory
libvir: warning : Failed to find the network: Is the daemon running ?
That is a sign that the libvirtd daemon is notrunning on the host in
questions.
Regards,
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules:
http://search.cpan.org/~danberr/ -=|
|=- Projects:
http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|