[libvirt-users] polkit ACL for remotely changing a spice console password
by David Mansfield
I'm working on some infrastructure which allows a remote password reset
(with expiry) of a spice console running on a remote libvirtd/qemu-kvm.
I currently have GSSAPI over tcp working and can set the password - but
I can also do everything else - the default policy is still in place,
and once authenticated, anything goes.
I'm setting the password using a command like this:
virsh --connect qemu+tcp://remote.example.org/system
qemu-monitor-command --hmp mydomain 'set_password spice …
[View More]mynewpassword123
disconnect'
I've looked at the documentation for ACLs but I can't see anything that
covers qemu-monitor-command, and specifically "set_password".
The other way to set passwords is to update the domain settings using an
XML fragment, but I'm not clear on the exact semantics on how to do that
(do you have to extract the xml fragment first?) AND I can't find how
that's covered in ACL documentation either.
Some idea? Any pointers would be much appreciated.
Ideally, I'd like to say "user x can update password for domain y" and
that's the only thing that can be modified for that user.
--
Thanks,
David Mansfield
Cobite, INC.
[View Less]
10 years, 2 months
[libvirt-users] Discard disk changes on shutdown
by Jason Macgowan
Hi Everyone,
I'm trying to start a domain that will discard all changes to its disks on
shutdown. I've tried adding <transient/> to the disk declarations in the
definition xml but this results in a "not supported" error message on
define. Is there a way to do this without creating and rolling back
snapshots?
Thanks,
Jason
10 years, 2 months
[libvirt-users] create 1000 vNICs and attach to them DOT1X profiles
by Ion Ermurachi
Hello Folks,
I am looking for ideas on how to create 1000 DOT1X sessions generated from
a Linux BOX. DOT1X is a name for EAP packets that travel in an Ethernet
environment and is used to transport authentication information before a PC
will get access to the network, it is based on RFC-3748. Having this in
mind a virtual interface will need a MAC address and an eventually IP (I
want to stress out that for EAP over LAN, DOT1X, there is need for L2
virtual interface).
One DOT1X session can be …
[View More]easily generated using network manager (nmcli) on
a physical NIC. For network manager this is a session that may include many
parameters used to form the connection, in my case used for DOT1X
authentication.
I am looking for a solution on how to create 1000 DOT1X
sessions/connections using Linux virtual interfaces and one physical NIC.
An idea would be to use a virtual bridge and attach to it a physical
interface. After that, create virtual interfaces that will be connected to
the bridge. In this case the bridge will relay packets between physical and
virtual interfaces.
Looking on this alias I understood from Michal Privoznik that above is
feasible.
Questions
1.Is it possible to create virtual interfaces that will be further managed
by the NETWORK MANAGER ?
2.What would be the exact steps and commands to generate these interfaces
having fresh OS installed ?
I have tried creating vNICs using "virsh" using bellow syntax but it will
not start it and I am still not sure if in the end can be managed by the
NETWORK MANAGER:
virsh iface-define XML_LOCATION
virsh iface-list ---> this will list interfaces created
virsh iface-start INTERFACE_DEFINED_ABOVE
Thanks in advance.
Best Regards
Ion Ermurachi
[View Less]
10 years, 2 months
[libvirt-users] Resizing lvm fails with fedora20
by Alex Regan
Hi,
I'm trying to resize a 15GB LVM root partition on a fedora20 server with
a fedora20 guest and I'm having a problem. Is this supported on fedora20?
I recall having a similar problem (maybe even exact same problem) all
the way back in fedora16 or fedora17, but hoped/thought it would be
fixed by now?
# virt-df -h test1-011015.img
Filesystem Size Used Available Use%
test1-011015.img:/dev/prop/boot 476M 109M 338M 23%
test1-011015.img:/dev/prop/…
[View More]root 14G 10G 3.3G 72%
# truncate -s 50G newimg
# virt-resize test1-011015.img newimg --expand /dev/sda1 --LV-expand
/dev/prop/root
Examining test1-011015.img ...
virt-resize: libguestfs error: lvm_set_filter: vgchange -ay:
/run/lvm/lvmetad.socket: connect failed: No such file or directory
WARNING: Failed to connect to lvmetad: No such file or directory.
Falling back to internal scanning.
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
Couldn't find device with uuid uA2ju5-EElD-xgB3-EE7J-gJ55-UnkY-Vq2l6H.
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
/run/lvm/lvmetad.socket: connect failed: No such file or directory
Refusing activation of partial LV home. Use --partial to override.
What are my alternatives for resizing a root partition on LVM?
Thanks,
Alex
[View Less]
10 years, 2 months
[libvirt-users] domain has active block job
by Fiorenza Meini
Hi there,
I receive this error when I run nova image-create <VM name> <Vm Sanpshot
name>:
Exception during message handling: block copy still active: domain has
active block job
In libvirt log file I can see:
error : qemuDomainDefineXML:6312 : block copy still active: domain has
active block job
Libvirt is 1.2.7 version, linux system is Debian Wheezy
Please, what does it mean ?
Regards
Fiorenza
--
Spazio Web S.r.l.
V. Dante, 10
13900 Biella
Tel.: +39 015 2431982
Fax.: +39 …
[View More]015 2522600
Numero d'Iscrizione al Registro Imprese presso CCIAA Biella, Cod.Fisc.e
P.Iva: 02414430021
Iscriz. REA: BI - 188936 Cap. Soc.: €. 30.000 i.v.
[View Less]
10 years, 2 months
[libvirt-users] Block Commit: [100 %]error: failed to pivot job for disk vda
by Thomas Stein
Hello.
I'm seeing this error while doing a backup of a VM.
+ virsh blockcommit kaltura vda --active --verbose --pivot
Block Commit: [100 %]error: failed to pivot job for disk vda
error: internal error: unable to execute QEMU command
'block-job-complete': The active block job for device
'drive-virtio-disk0' cannot be completed
I'm on qemu 2.2.0 and libvirt-1.2.11.
Does someone else see this error? Libvirt.log says:
2015-01-07 11:18:07.000+0000: 19355: warning :
qemuDomainObjBeginJobInternal:…
[View More]1381 : Cannot start job (query, none) for
domain kaltura; current job is (modify, none) owned by (19357, 0)
2015-01-07 11:18:07.000+0000: 19355: error :
qemuDomainObjBeginJobInternal:1386 : Timed out during operation: cannot
acquire state change lock
2015-01-07 11:18:35.556+0000: 19357: error :
qemuMonitorJSONCheckError:381 : internal error: unable to execute QEMU
command 'block-job-complete': The active block job for device
'drive-virtio-disk0' cannot be completed
Any ideas?
thanks and cheers
t.
[View Less]
10 years, 2 months
[libvirt-users] missing backend for pool type 5 (iscsi)
by Mathieu Bouillaguet
Hi,
I try to define an iscsi pool with virsh but I always get the following
error :
error :internal error: missing backend for pool type 5 (iscsi)
And yet libvirt was compiled with iscsi support :
configure: Storage Drivers
configure:
configure: Dir: yes
configure: FS: yes
configure: NetFS: yes
configure: LVM: yes
configure: iSCSI: yes
configure: SCSI: yes
configure: mpath: yes
configure: Disk: yes
configure: RBD: no
configure: Sheepdog: no
configure: …
[View More]Gluster: no
configure: ZFS: no
And virsh report that iscsi is supported :
virsh -V
Virsh command line tool of libvirt 1.2.11
See web site at http://libvirt.org/
Compiled with support for:
Hyperviseurs : QEMU/KVM LXC UML OpenVZ VMWare VirtualBox ESX Test
Réseau : Remote Network Bridging Interface udev Nwfilter VirtualPort
Stockage : Dir Disk Filesystem SCSI Multipath iSCSI LVM
Divers : Daemon Nodedev Secrets Debug Readline Modular
Any idea what's going on ?
thanks for your help
[View Less]
10 years, 2 months
[libvirt-users] Using virsh blockcopy -- what's it supposed to accomplish?
by Gary R Hook
I am experimenting with the blockcopy command, and after figuring out
how to integrate qemu-nbd, nbd-client and
dumpxml/undefine/blockcopy/define/et. al. I have one remaining question:
What's the point?
The "replication" disk file is not, from what I can ascertain, bootable.
I expect this operation to create a pristine copy of my source qcow2
file (at a given point in time) which implies that I can swap that copy
in and use it just like the original.
Neither using --finish nor --pivot (…
[View More]both appear successful) give me a
mirror that seems to serve any purpose. It seems especially pointless if
I use --pivot because anything that happens after the pivot ends up lost
if I don't actually have a usable qcow2 file.
I find lots of discussion online about getting the steps to work, but as
yet find nothing about using the resulting file.
What am I missing here?
libvirt (1.2.2) and qemu (2.2.0) as distributed with Ubuntu Trusty.
--
Gary R Hook
Senior Kernel Engineer
NIMBOXX, Inc
[View Less]
10 years, 2 months
