March 2012 - Users - Libvirt List Archives

[libvirt-users] Specifying the KVM binary to use with libvirt

by Alexander Lyakas

Greetings everybody, I am running stock ubuntu-natty with kernel 2.6.38-8, KVM 0.14.0 and libvirt 0.8.8. I am spawning virtual machines with libvirt. I would like to test a new KVM version built aside without installing it over existing KVM. Is there a way to tell libvirt which KVM binary to pick up? I've been searching and saw that QEMU driver looks in /usr/bin for KVM executable. Is there a way to adjust that? Thanks, Alex.

12 years, 8 months

2
2
0 / 0

[libvirt-users] Constantly changing USB product ID

by Jaap Winius

Hi folks, Recently I learned how to configure libvirt with USB pass-though functionality. In my case I configured my guest domain with this block of code: <hostdev mode='subsystem' type='usb' managed='yes'> <source> <vendor id='0x0c93'/> <product id='0x1772'/> <address bus='1' device='4'/> </source> </hostdev> At first this worked fine, but then later the guest domain refused to start because the USB device was absent. When I checked, I found that its product ID had mysteriously changed to 1771. Later it was back at 1772. Now it appears that the USB device I am dealing with has a product ID that changes back and forth between 1771 and 1772 at random. Apparently, the Windows program running on the guest domain is designed to deal with this nonsense, but the question is, Can the guest domain be configured to deal with it? Something like <product id='0x177?'/> would be useful, but that doesn't work, nor does omitting the product tag. Any ideas would be much appreciated. Thanks, Jaap

12 years, 8 months

1
2
0 / 0

[libvirt-users] Problems with nwfilters/iptables

by Nicolai Stange

Hi all, I've got a problem with nwfilters/iptables. For one of my guest's interfaces, I have established the following filter: --8<---------------cut here---------------start------------->8--- <filter name='p-mgmt' chain='root'> <uuid>94fdd15b-b380-ba8c-6685-91206829adc7</uuid> <filterref filter='clean-traffic'/> <rule action='accept' direction='in' priority='500'> <tcp dstportstart='22'/> </rule> <rule action='drop' direction='inout' priority='1000'> <all/> </rule> </filter> </filter>--8<---------------cut here---------------end--------------->8--- The intent is to allow incoming ssh only. However, ssh from my host to my guest does not work. This is the relevant iptables excerpt with the filter given as above: --8<---------------cut here---------------start------------->8--- root:~# iptables -L HI-vnet5 Chain HI-vnet5 (1 references) target prot opt source destination RETURN tcp -- anywhere anywhere tcp spt:ssh state ESTABLISHED ctdir ORIGINAL DROP all -- anywhere anywhere root:~# --8<---------------cut here---------------end--------------->8--- The chain relations are: INPUT -> libvirt-host-in -> HI-vnet5. The interesting thing is: If I insert the same rule again, but with ctdir reversed, everything works just fine: --8<---------------cut here---------------start------------->8--- root:~# iptables -I HI-vnet5 1 -p tcp --sport 22 -m state --state ESTABLISHED -m conntrack --ctdir REPLY -j RETURN root:~# iptables -L HI-vnet5 Chain HI-vnet5 (1 references) target prot opt source destination RETURN tcp -- anywhere anywhere tcp spt:ssh state ESTABLISHED ctdir REPLY RETURN tcp -- anywhere anywhere tcp spt:ssh state ESTABLISHED ctdir ORIGINAL DROP all -- anywhere anywhere root:~# --8<---------------cut here---------------end--------------->8--- I am not an iptables expert, but if my guest's ssh daemon replies to my host's requests (and thus the packets are traversing my host's INPUT chain), I would guess that the direction is "REPLY" rather than "ORIGINAL". I'm really stuck with this and it would be really great if someone could clarify things to me! I'm running Ubuntu 12.04 (kernel 3.2.0-20-generic) coming with libvirt 0.9.8-2ubuntu1. Best, Nicolai

12 years, 8 months

1
0
0 / 0

[libvirt-users] Problem using virt-manager to create a VM remotely

by Dale Amon

Well, not that remote. I'm trying to get it working from my laptop to an ancient workstation behind me I use for testing. I appear to get the connection okay. virt-manager --connect qemu+ssh://root@<host_ip>/system I can click on the entry on the panel that comes up and see facts about the remote machine. I then tried the "Create a new virtual machine" item on the tool bar. Fine so far. I get a nice looking panel for New VM and since this is just an experiment, I call it "test". The correct Connection is showing, ie the host ip (QEMU). I accept the default "Local install media (ISO or CDROM)" and go to the next panel. I take the "Use ISO Image" and then give it the full directory path and name of the iso on the remote machine <host_ip>. I have tried leaving OS Type and version Generic; I have also tried setting them to match the iso (an 11.10 i386 server). When I attempt to go forward, it gives me an error panel, "Error Setting install media location. Checking installer location failed: Could not find media '/KdevArchive1/ubuntu-11.10-server-i386.iso' On the off chance that it was trying to mount the iso from my laptop instead of the test machine, I have also tried pointing to the path of the same iso there as well with no joy. I am finding very little documentation on the GUI mode and none of it seems to give me any indication of what is going wrong. Ideas?

12 years, 8 months

2
2
0 / 0

[libvirt-users] ARP entry intermittently is incorrect for guest - lose connectivity

by Trey Dockendorf

I've run into a problem on my KVM host where a single guest will be unreachable to other guests on the same host. This host has 2 bridged devices and guests assigned to each have the same issue. I've noticed that when I can't reach the problematic guest, the ARP entry for that system is incorrect. This issue seems to only be a problem about 75% of the time when making connections between the guests. I've checked the logs and haven't seen anything indicating a problem. Here's relavant information, if more is needed please let me know CentOS 6.2 x86_64 libvirt-0.9.4-23.el6_2.4 kernel-2.6.32-220.4.1.el6 # brctl show bridge name bridge id STP enabled interfaces br0 8000.001b21a1cf76 no eth3 vnet0 # Problematic host vnet1 vnet3 vnet4 vnet5 br1 8000.001b21a1ce4d no eth2 vnet6 virbr0 8000.525400a050ba yes virbr0-nic vnet2 # ARP entry when it's the correct MAC <omitted>.tamu.edu ether 52:54:00:e0:1e:6f C eth0 # ARP entry when it's wrong and ping or other connections time out <omitted>.tamu.edu ether 00:1e:c9:bb:cd:d4 C eth0 The MAC ending in cd:d4 does not exist on any system on this network. I've confirmed this with my campus IT who manages the switches and routers. # cat ifcfg-eth3 DEVICE="eth3" HWADDR="00:1B:21:A1:CF:76" NM_CONTROLLED="no" ONBOOT="yes" BRIDGE="br0" # cat ifcfg-br0 DEVICE="br0" ONBOOT="yes" TYPE=Bridge IPADDR="<omitted>" NETMASK="255.255.255.192" GATEWAY="<omitted>" DOMAIN="tamu.edu" # service iptables status Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 13 ACCEPT tcp -- <omitted> 0.0.0.0/0 multiport dports 10050 /* 001 zabbix agent port */ 14 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 15 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 16 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 17 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 18 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:16509 19 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:16514 20 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:8002:8012 21 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3493 22 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 23 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 24 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 25 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 26 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTABLISHED 2 ACCEPT all -- 192.168.122.0/24 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 6 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-bridged 7 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) num target prot opt source destination Table: mangle Chain PREROUTING (policy ACCEPT) num target prot opt source destination Chain INPUT (policy ACCEPT) num target prot opt source destination Chain FORWARD (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination Chain POSTROUTING (policy ACCEPT) num target prot opt source destination 1 CHECKSUM udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68 CHECKSUM fill Table: nat Chain PREROUTING (policy ACCEPT) num target prot opt source destination Chain POSTROUTING (policy ACCEPT) num target prot opt source destination 1 MASQUERADE tcp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535 2 MASQUERADE udp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535 3 MASQUERADE all -- 192.168.122.0/24 !192.168.122.0/24 Chain OUTPUT (policy ACCEPT) num target prot opt source destination Thanks - Trey

12 years, 8 months

1
0
0 / 0

[libvirt-users] VM Migration error: got unknown HTTP error code

by vipul borikar

Hi, I am trying to migrate Fedora12 VM from one RHEL 5.5 host to another RHEL 5.5 Host running Xen Hypervisor I am getting the error : error: got unknown HTTP error code -599690112 I have enabled the (xend-relocation-server yes) on the destination machine. I am able to telnet the 8002 default port from source machine but the connection drops down immediately. I have stopped the firewall on both the machines. I am attaching the Debug log of for libvirt command : virsh -c xen:/// migrate Fedora12 xen://megha/ Any Ideas??? -- Thanks Vipul Borikar "Our task must be to free ourselves...by widening our circle of compassion to embrace all living creatures and the whole of nature and its beauty."

12 years, 8 months

1
0
0 / 0

[libvirt-users] qemu-monitor-command

by Shawn Davis

Hello Everyone, I am working on a grad school project for virtual introspection. I have a vm running (with 512mb of memory) and want to access the pmemsave function through virsh with the qemu-monitor-command. I am typing the following: virsh qemu-monitor-command --hmp Shawn 'pmemsave 0 536870912 image.dump' Shawn is the name of my vm and image.dump is the name of my output file. No matter what I do, I keep getting: Could not open 'image.dump' I have tried the above with sudo and with the absolute path of where the newly created dump file should go and I still get that error. Any help is appreciated as to how I should enter this command. If I type in virsh qemu-monitor-command --hmp Shawn 'info mem' or any other command without an output path, it works fine and brings up information about my running vm. Regards, Shawn

12 years, 8 months

4
18
0 / 0

[libvirt-users] Cant Update libvirt on fedora 15 i686

by siddharth jain

I am running Fedora15 on a i386 machine, and using libvirt 0.8.7. I cant update libvirt to 0.9.10 as they have not released 0.9.10 for i386 or i686 machines. need help . -- Siddharth Jain Final year,B.Tech Computer Engineering M.N.I.T Jaipur

12 years, 8 months

3
3
0 / 0

[libvirt-users] simulate "network cable unplugged"

by David Mansfield

Hi All, Using the virt-manager/libvirtd/qemu-kvm stack (centos 6), is it possible to leave a NIC "installed" but cause it to simulate that the network cable is unplugged? Preferably this could be "hot" plugged/unplugged but otherwise doing it cold. Guest os is also centos 6, in case it matters (shouldn't). Any pointers? Thanks, David Mansfield Cobite, INC.

12 years, 8 months

2
1
0 / 0

Re: [libvirt-users] [libvirt] Problem with Open vSwitch and dnsmasq

by Daniele Milani

Date: Thu, 22 Mar 2012 11:43:03 -0700 Subject: Re: [libvirt] Problem with Open vSwitch and dnsmasq From: aatteka(a)nicira.com To: dano1988(a)hotmail.it CC: libvir-list(a)redhat.com; roberto.sassu(a)polito.it; paolo.smiraglia(a)polito.it; dev(a)openvswitch.org On Thu, Mar 22, 2012 at 11:11 AM, Daniele Milani <dano1988(a)hotmail.it> wrote: I think I could try the first solution. Can you explain me how do I create the port used by dnsmasq? For example, is it correct to execute # ovs-vsctl add-port virbr1 port2 tag=2 to create a port for the vLan whose tag is 2 named "port2"? Try something like this: ovs-vsctl add-port virbr1 port2 tag=2 ovs-vsctl set Interface port2 type=internal ifconfig port2 10.0.0.1 ifconfig port2 up /usr/sbin/dnsmasq --strict-order --bind-interfaces --except-interface lo --listen-address 10.0.0.1 --dhcp-range 10.0.0.10,10.0.0.20 --dhcp-leasefile=/var/lib/libvirt/dnsmasq/vlan2.leases --dhcp-lease-max=253 --dhcp-no-override Though I have not tested it... I tried the configuration you suggest; and the request is now received by dnsmasq. I executed: ifconfig port2 192.168.100.128 netmask 255.255.255.0 ifconfig port2 up /usr/sbin/dnsmasq --strict-order --bind-interfaces --except-interface lo --listen-address 192.168.100.128 --dhcp-range 192.168.100.129,192.168.100.139 --dhcp-leasefile=/var/lib/libvirt/dnsmasq/vlan2.leases --dhcp-lease-max=11 --dhcp-no-override --log-queries --log-facilities=/path_to_my_file/my_file tailf /path_to_my_file/my_file obtaining the following output: dnsmasq-dhcp[]: DHCPDISCOVER(port2) 52:94:00:02:a7:1e dnsmasq-dhcp[]: DHCPOFFER(port2) 192.168.100.129 52:94:00:02:a7:1e ... dnsmasq-dhcp[]: DHCPDISCOVER(port2) 52:94:00:02:a7:1e dnsmasq-dhcp[]: DHCPOFFER(port2) 192.168.100.129 52:94:00:02:a7:1e ... Now I have a different problem: none DHCP Offer is sent by port2. Do someone know why does it happen and what to do about it? Thanks, Daniele Milani Daniele Milani Date: Thu, 22 Mar 2012 10:54:21 -0700 Subject: Re: [libvirt] Problem with Open vSwitch and dnsmasq From: aatteka(a)nicira.com To: dano1988(a)hotmail.it CC: libvir-list(a)redhat.com; roberto.sassu(a)polito.it On Thu, Mar 22, 2012 at 6:10 AM, Daniele Milani <dano1988(a)hotmail.it> wrote: Dear all, I have the following situation: -I replaced the standard bridge driver with the Open VSwitch one; -I started a NAT-network on Libvirt (bridge name virbr1); -I started a Virtual Machine (VM1) on Libvirt, and I tagged his interface (vnet0) with tag=2; -if I run "# ovs-vsctl show" I obtain: Bridge "virbr1" Port "vnet0" tag: 2 Interface "vnet0" Port "virbr1-nic" Interface "virb1-nic" Port "virbr1" Interface "virbr1" type: internal -the problem is that it is impossible to assign to VM1 an IP, because the dnsmasq daemon does not accept the tagged DHCP Discover frame. Does someone know if there is a way for dnsmasq to accept tagged frames through "virbr1", and send a tagged DHCP Offer packet back to VM1? I believe you would need to run dedicated dnsmasq process instance per each VLAN that you have. By default I guess dnsmasq runs on virbr1, hence it does not see the tagged traffic that comes from vnet0. You could try to: add another port to that bridge with the same VLAN as VM has. And run a separate instance of dnsmasq there; or change the tag of virb1 port, but this might lead to other issues (e.g. then non-tagged VMs will not get DHCP leases). Perhaps someone else can suggest something easier... Greetings, Daniele Milani -- libvir-list mailing list libvir-list(a)redhat.com https://www.redhat.com/mailman/listinfo/libvir-list

12 years, 8 months

2
5
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Users March 2012