Hi Doug, Thanks for your help. qemu+tcp could work now after enabling listen_tcp in /etc/libvirt/libvirtd.conf. user@x86:~$ virsh -c qemu+tcp://10.193.20.109/system list --all Id Name State ---------------------------------------------------- 2 test running For qemu+ssh, it seemed that we need build standalone netcat instead use nc in busybox. For qemu+tls, we need generate many pem files on both server and client. http://wiki.libvirt.org/page/TLSCreateServerCerts Server: /etc/pki/CA/cacert.pem /etc/pki/libvirt/servercert.pem /etc/pki/libvirt/private/serverkey.pem Client: /etc/pki/CA/cacert.pem /etc/pki/libvirt/clientcert.pem /etc/pki/libvirt/private/clientkey.pem But one question is that how does a client know the server name if without DNS service. Our scenario is a ppc board as server. Could we use IP address as the CN in template file? # cat host1_server_template.info organization = libvirt.org cn = host1 tls_www_server encryption_key signing_key Best Regards, Olivia
-----Original Message----- From: cardoe@cardoe.com [mailto:cardoe@cardoe.com] On Behalf Of Doug Goldstein Sent: Friday, March 22, 2013 1:59 AM To: Yin Olivia-R63875 Cc: libvir-list@redhat.com; libvirt-users@redhat.com Subject: Re: [libvirt] remote connection issue 'virsh -c qemu+ssh:///root@localhost/system list'
On Thu, Mar 21, 2013 at 6:23 AM, Yin Olivia-R63875 <r63875@freescale.com> wrote:
Hi,
I'm trying remote connection with qemu hypervisor on FSL PPC board.
The libvirt server is the PPC board.
root@ppc:~# ifconfig eth0 10.193.20.109 root@ppc:~# libvirtd -d root@ppc:~# virsh -c qemu:///system define test.xml root@ppc:~# virsh -c qemu:///system start test root@ppc:~# virsh -c qemu:///system list --all Id Name State ---------------------------------------------------- 2 test running
Connect from an X86 PC (Ubuntu 10.04) to the PPC board.
user@x86:~$ virsh -c qemu+ssh://root@10.193.20.109/system list --all The authenticity of host '10.193.20.109 (10.193.20.109)' can't be established. RSA key fingerprint is 2f:56:07:08:da:7d:ac:41:45:57:d2:12:15:19:67:e0. Are you sure you want to continue connecting (yes/no)? yes root@10.193.20.109's password: error: failed to connect to the hypervisor error: End of file while reading data: Warning: Permanently added '10.193.20.109' (RSA) to the list of known hosts. nc: invalid option -- 'U' BusyBox v1.19.4 (2013-03-08 13:08:18 CST) multi-call binary.
Usage: nc [-iN] [-wN] [-l] [-p PORT] [-f FILE|IPADDR PORT] [-e PROG]: Input/output error
I tried to verify the remote connection on localhost. But it also failed as below:
root@mpc8572ds:~# virsh -c qemu+ssh:///root@localhost/system list --all root@localhost's password: error: failed to connect to the hypervisor error: End of file while reading data: nc: invalid option -- 'U' BusyBox v1.19.4 (2013-03-08 13:08:18 CST) multi-call binary.
Usage: nc [-iN] [-wN] [-l] [-p PORT] [-f FILE|IPADDR PORT] [-e PROG]: Input/output error
Could anyone give suggestion on this issue?
Best Regards, Olivia
You're using busybox's nc (netcat) implementation. It does not support UNIX sockets which is a requirement of libvirt when using the qemu+ssh:// scheme to connect.
I'd suggest looking into generating some certificates and using qemu+tls:// (the default when using qemu:// to a remote system). If you don't care about any authentication or encryption for testing purposes you can use qemu+tcp://
-- Doug Goldstein