January 2012 - Users - libvirt List Archives

[libvirt-users] virsh list not working with xen 4
by Rogério Vinhal Nunes 21 Sep '12

21 Sep '12

Hi, I'm having some trouble to get libvirt to show the correct power state of my virtual machines. I'm using Ubuntu 10.04 + Xen 4.1.1 + libvirt 0.8.8. virsh list --all only shows turned off machines registered in xend. If I turn them on, they just "disappear", and when I start machines directly from xml, they just doesn't appear at all. Libvirt is correctly connecting to xen as I can use the other commands fine, just the list option doesn't seem to work at all. What can I do to change that? # virsh version Compiled against library: libvir 0.8.8 Using library: libvir 0.8.8 Using API: Xen 3.0.1 Running hypervisor: Xen 4.1.0

2 1

[libvirt-users] converting save/dump output into physical memory image
by Andrew Tappert 04 Jun '12

04 Jun '12

A lot of people in the security community, myself included, are interested in memory forensics these days. Virtualization is a natural fit with memory forensics because it allows one to get access to a guest's memory without having to introduce any extra software into the guest or otherwise interfere with it. Incident responders are particularly interested in getting memory dumps from systems they're investigating. Virsh has "save" and "dump" commands for storing the state of a guest to a file on disk, but memory of KVM guests doesn't get saved in the "standard" input format for memory forensics tools, which is a raw physical memory image. (This is what you'd get via the classical "dd /dev/mem" approach or the contemporary equivalent using the crash driver; and VMware Server and Workstation produce .vmem files, which are such raw physical memory images, when a guest is paused or snapshotted.) In order to analyze the memory of Libvirt/KVM guests with my Linux memory forensics software, Second Look, I've created a tool for converting Libvirt-QEMU-save files (output of virsh save command) or QEMU-savevm files (output of virsh dump command) to raw physical memory images. I've got a basic working capability, though I'm still tracking down some problems with a guest allocated 8GB RAM--not all the memory seems to be present in the save or dump file. And I haven't tested very extensively yet, version support is limited to what I myself am currently running, etc. I'd like to know if this is a capability that others are interested in. Is this something that would be of interest to the Libvirt project if I were to contribute the code, or to the KVM project, or do you think it best exists as a separate project? I've also got a proof-of-concept tool for converting hibernate images to raw physical memory images. Perhaps a collection of tools for converting various memory dump formats would be a good project. Anyone else interested in this kind of stuff? As an author of commercial memory forensics software I've got a vested interest in availability of good memory acquisition capabilities. But there are a number of people working on FOSS Linux memory analysis tools, too... Andrew

4 5

[libvirt-users] Thread-safety issues with vbox driver ?
by Jean-Baptiste Rouault 19 Apr '12

19 Apr '12

Hi, I'm experiencing weird things with the vbox driver when using multiple threads. Following is the snippet of code I experience problems with /*****************************************************/ #include <stdlib.h> #include <stdio.h> #include <pthread.h> #include <libvirt/libvirt.h> void *create_and_destroy(void *arg) { virDomainPtr dom = (virDomainPtr)arg; char buf[VIR_UUID_STRING_BUFLEN]; virDomainGetUUIDString(dom, buf); if (virDomainCreate(dom) != 0) { printf("failed to start %s\n", buf); goto end; } printf("%s started\n", buf); if (virDomainDestroy(dom) != 0) { printf("failed to destroy %s\n", buf); } printf("%s destroyed\n", buf); end: virDomainFree(dom); pthread_exit(NULL); } int main(int argc, char **argv) { virConnectPtr conn = virConnectOpen("vbox:///session"); int i; int count = virConnectNumOfDefinedDomains(conn); char **names = malloc(count * sizeof(char *)); virConnectListDefinedDomains(conn, names, count); virDomainPtr *doms = malloc(count * sizeof(virDomainPtr)); for (i = 0 ; i < count ; ++i) { doms[i] = virDomainLookupByName(conn, names[i]); } pthread_t *threads = malloc(count * sizeof(pthread_t)); pthread_attr_t attr; pthread_attr_init(&attr); pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE); for (i = 0 ; i < count ; ++i) { pthread_create(&threads[i], &attr, create_and_destroy, (void *)doms[i]); } pthread_attr_destroy(&attr); for (i = 0 ; i < count ; ++i) { pthread_join(threads[i], NULL); } virConnectClose(conn); pthread_exit(NULL); } /************************************************/ Here is the output of the program with 2 defined domains: > libvir: VBOX error : operation failed: OpenRemoteSession/LaunchVMProcess failed, domain can't be started > failed to start c538c89a-70da-42ab-a88a-5aeb15698c12 > 034cf837-abe7-4c48-8373-0ddcf480d416 started > 034cf837-abe7-4c48-8373-0ddcf480d416 destroyed Sometimes the first domain really fails to start, but sometimes it starts correctly but libvirt reports an error. Sometimes domains aren't destroyed but libvirt reports no error at all. If there is only one domain, no problem occurs at all. I also tried the same code (ie with multiple domains) but with only one thread and it works well. I managed to reproduce these issues with libvirt 0.9.4, 0.9.7, using VirtualBox 4.0 and 4.1. -- Jean-Baptiste ROUAULT Ingénieur R&D - diateam : Architectes de l'information Phone : +33 (0)9 53 16 02 70 Fax : +33 (0)2 98 050 051

3 6

[libvirt-users] Network questions
by paul.worner＠thomsonreuters.com 06 Feb '12

06 Feb '12

Hi all, When creating a new network: 1) Is there a way to disable automatic spawning of dnsmasq on network creation? I read that leaving out the <DHCP> section should accomplish this, but that is not what I am seeing. 2) Is there a way to disable automatic installation of iptables rules? 3) For that matter, what is the purpose of the default iptables rule set? Doesn't line 3 let all traffic pass anyway? Thanks, Paul Running libvirt 0.9.2 on Ubuntu 11.10 server. Here's the libvirt network config: RAW CONFIG <network> <name>test</name> <bridge name="virbr%d" stp="off" delay="0"/> <forward mode="route"/> <ip address="192.168.0.1" netmask="255.255.255.0"> </ip> </network> COMMAND virsh net-create test.xml RESULTS virsh net-dumpxml test <network> <name>test</name> <uuid>2eff5e7f-847a-1fbf-ec82-01a46ef0f6c2</uuid> <forward mode='route'/> <bridge name='virbr3' stp='off' delay='0' /> <mac address='52:54:00:47:E6:15'/> <ip address='192.168.0.1' netmask='255.255.255.0'> </ip> </network ps aux | grep dns nobody 4391 0.0 0.0 21616 916 ? S 09:45 0:00 dnsmasq --strict-order --bind-interfaces --pid-file=/var/run/libvirt/network/test.pid --conf-file= --except-interface lo --listen-address 192.168.0.1 iptables -L --line-numbers Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- anywhere 192.168.0.0/24 2 ACCEPT all -- 192.168.0.0/24 anywhere 3 ACCEPT all -- anywhere anywhere 4 REJECT all -- anywhere anywhere reject-with icmp-port-unreachable 5 REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

2 1

[libvirt-users] Libvirt migration issues (0.9.4 and 0.9.9)
by Daniel Espling 31 Jan '12

31 Jan '12

Dear all, we're having two different problems with migrations in libvirt, running as root user on host machines with CentOS release 5.5 (Final), kernel: Linux 2.6.32.24 #3 SMP Fri Oct 29 16:22:02 BST 2010 x86_64 x86_64 x86_64 GNU/Linux First case: virsh version Compiled against library: libvir 0.9.4 Using library: libvir 0.9.4 Using API: QEMU 0.9.4 Running hypervisor: QEMU 1.0.50 Migrations work well for a basic VM, but if we attach a disk to the usb bus migration is no longer possible and fails with the error message: "error: operation failed: migration job: is not active". This is regardless of if the device is mounted inside the VM or not (debian). Please find more information attached. If we attach the same (.iso based) disk to the scsi bus instead, migrations work as normal. ---- To mitigate this problem, we tried upgrading to a more recent libvirt version: Compiled against library: libvir 0.9.9 Using library: libvir 0.9.9 Using API: QEMU 0.9.9 Running hypervisor: QEMU 1.0.50 When trying to migrate a normal (debian) instance from one host to another using the same domain as in the previous successful case without any devices attached, migration fails with the error message "error: Unable to copy socket file handle: Invalid argument". The libvirt.log only has a similar single-line of information: 2012-01-30 15:44:46.772+0000: 7546: error : virNetSocketDupFD:787 : Unable to copy socket file handle: Invalid argument. The network configuration used here is the same as we successfully used in the 0.9.4 test case, using static ip's. Thankful for assistance, not really sure what to try next. :) Regards, Daniel Espling

2 3

[libvirt-users] libvir: error : cannot getpwuid_r(107): Success
by vipul borikar 31 Jan '12

31 Jan '12

I am on RHEL 6.1 running KVM. I am getting following error when i start a Ubuntu 11.10 Guest I am attaching my xml file . # virsh -c qemu:///system create Ubuntu-110.10.xml error: Failed to create domain from Ubuntu-110.10.xml error: internal error Process exited while reading console log output: 16:19:53.991: 2418: info : libvirt version: 0.8.7, package: 18.el6 (Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>, 2011-04-18-10:28:30, x86-008.build.bos.redhat.com) 16:19:53.991: 2418: error : virSetUIDGID:2905 : cannot getpwuid_r(107): Success libvir: error : cannot getpwuid_r(107): Success Where should i looks for more info??? -- Thanks Vipul Borikar "Our task must be to free ourselves...by widening our circle of compassion to embrace all living creatures and the whole of nature and its beauty."

2 3

[libvirt-users] How to change libvirt / cgroup interaction?
by Samuel Hassine 26 Jan '12

26 Jan '12

Hi there, Do you know if there is a way to modify how libvirt interacts with the cgroup? Because, I successfully add the /dev/net/tun support in my LXC container by doing: echo c 10:200 rwm >> /cgroup/libvirt/lxc/instance-00000005/devices.allow But when I restart the instance/LXC container, this option has gone. How can I make this persistant? Is there a configuration file? Thanks for your answers. Best regards. Sam

3 2

[libvirt-users] Preventing 'virsh start' while doing backup?
by Ken Coar 25 Jan '12

25 Jan '12

Is there any way to interface with virsh to keep it from executing a startup operation? Sort of like the /etc/nologin (man page nologin(5)) mechanism? Basically, I want to be able to shut down a VM in order to copy its disk images, and be reasonably assured that it won't be started before I'm finished. Is there any sort of hook or interlock file or other mechanism to accomplish this? Thanks! -- #ken B-)} Ken Coar, Sanagendamgagwedweinini IT Engineering Tower, Red Hat/RDU "Millennium hand and shrimp!"

2 1

[libvirt-users] how to change existing domain xml?
by p-man314＠mail.ru 25 Jan '12

25 Jan '12

Hi. I'm trying to change network settings for a domain via libvirt (the driver is xenapi) with no success. According to its sources, 'virsh edit' uses virDomainGetXMLDesc(), allows to edit the received xml and then use virDomainDefineXML(). In case of xenapi driver it leads to a new vm creation (with the same name and edited settings). Looking through the list of API functions I failed to find a function like virDomainUpdateXML() that would change configuration of existing domain. Could you please suggest a way to do it? Thanks in advance.

3 3

[libvirt-users] ANNOUNCE: oz 0.8.0 release
by Chris Lalancette 25 Jan '12

25 Jan '12

All, I'm pleased to announce release 0.8.0 of Oz. Oz is a program for doing automated installation of guest operating systems with limited input from the user. Release 0.8.0 is a (long overdue) bugfix and feature release for Oz. Some of the highlights between Oz 0.7.0 and 0.8.0 are: - Optional virtualenv make target - Conversion of unittests to py.test - Replace mkisofs with genisoimage - Debian package - Ability to change the root password for Debian installs - Add unittests for ozutil - Add some unittests for the Guest object - SSH tunnel (with SSL vhost) support for local repositories (mostly useful for imagefactory) - Add a new manpage for oz-examples - Make the output filename configurable with a command-line option to oz-install - Monitor both network and disk activity when looking for guest activity - Support for installing Ubuntu 11.10 - Support for SSL certificates for repositories - Support for an optional version in the TDL - Support for installling Mandrake 9.1, 9.2, 10.0, 10.1, 10.2 - Support for installing Mandriva 2006.0, 2007.0, 2008.0 - Support for Ubuntu customization - Support for installing RHEL 6.2 A tarball of this release is available, as well as packages for Fedora-16. Instructions on how to get and use Oz are available at http://aeolusproject.org/oz.html If you have any questions or comments about Oz, please feel free to contact aeolus-devel(a)lists.fedorahosted.org or me (clalancette(a)gmail.com) directly. Thanks to everyone who contributed to this release through bug reports, patches, and suggestions for improvement. -- Chris Lalancette

2 3