[libvirt-users] ceph rbd pool and libvirt manageability (virt-install)
by Jelle de Jong
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello everybody,
I created a rbd pool and activated it, but I can't seem to create
volumes in it with virsh or virt-install?
# virsh pool-dumpxml myrbdpool
<pool type='rbd'>
<name>myrbdpool</name>
<uuid>2d786f7a-2df3-4d79-ae60-1535bcf1c6b5</uuid>
<capacity unit='bytes'>6997998301184</capacity>
<allocation unit='bytes'>10309227031</allocation>
<available unit='bytes'>6977204658176</available>
<source>
<host name='ceph01.powercraft.nl' port='6789'/>
<host name='ceph02.powercraft.nl' port='6789'/>
<host name='ceph03.powercraft.nl' port='6789'/>
<name>libvirt-pool</name>
<auth type='ceph' username='libvirt'>
<secret uuid='029a334e-ed57-4293-bb99-ffafa8867122'/>
</auth>
</source>
</pool>
# virt-install --version
1.0.1
# virsh --version
1.2.9
I ended using virsh edit ceph-test.powercraft.nl and making creating
the disk manually.
<disk type='network' device='disk'>
<auth username='libvirt'>
<secret type='ceph' uuid='029a334e-ed57-4293-bb99-ffafa8867122'/>
</auth>
<source protocol='rbd' name='libvirt-pool/kvm01-storage'>
<host name='ceph01.powercraft.nl' port='6789'/>
<host name='ceph02.powercraft.nl' port='6789'/>
<host name='ceph03.powercraft.nl' port='6789'/>
</source>
<target dev='vdc' bus='virtio'/>
</disk>
I use virt-install a lot to define, import and undefine domains, how
can I use virt-install to manage my rdb disks?
Kind regards,
Jelle de Jong
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iJwEAQECAAYFAlV1xlQACgkQ1WclBW9j5HkbPQP+PjNrzvlqysslOp2Yk7wH4Mxy
2sh2dn96G0KOAHEeEn3BN6IWlnD1TADZbHdpTtMwkdv48Xwn0sP1s+3QDM4pb3gP
n+z+dVxS8FouDIy/eiso3IBCj3g4TWbEX8ZHqs3jKqe0lZgAXBzB9xYSUowcEBrZ
ddkPbr8p8ozWyOG+9V8=
=lkK7
-----END PGP SIGNATURE-----
6 years, 2 months
[libvirt-users] virRandomBits - not very random
by Brian Rak
I just ran into an issue where I had about 30 guests get duplicate mac
addresses assigned. These were scattered across 30 different machines.
Some debugging revealed that:
1) All the host machines were restarted within a couple seconds of each
other
2) All the host machines had fairly similar libvirtd pids (within ~100
PIDs of each other)
3) Libvirt seeds the RNG using 'time(NULL) ^ getpid()'
This perfectly explains why I saw so many duplicate mac addresses.
Why is the RNG seed such a predictable value? Surely there has to be a
better source of a random seed then the timestamp and the pid?
The PID seems to me to be a very bad source of any randomness. I just
ran a test across 60 of our hosts. 43 of them shared their PID with at
least one other machine.
6 years, 5 months
[libvirt-users] libvirtError: block copy still active: disk not ready for pivot yet
by Ala Hino
Hi guys,
When performing live merge, in few cases, we see the following exception:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/vdsm/utils.py", line 736, in wrapper
return f(*a, **kw)
File "/usr/share/vdsm/virt/vm.py", line 5278, in run
self.tryPivot()
File "/usr/share/vdsm/virt/vm.py", line 5247, in tryPivot
ret = self.vm._dom.blockJobAbort(self.drive.name, flags)
File "/usr/share/vdsm/virt/virdomain.py", line 68, in f
ret = attr(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/vdsm/libvirtconnection.py",
line 124, in wrapper
ret = f(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/vdsm/utils.py", line 1313, in wrapper
return func(inst, *args, **kwargs)
File "/usr/lib64/python2.7/site-packages/libvirt.py", line 733, in
blockJobAbort
if ret == -1: raise libvirtError ('virDomainBlockJobAbort()
failed', dom=self)
libvirtError: block copy still active: disk 'vdb' not ready for pivot yet
That exception observed in following BZs:
https://bugzilla.redhat.com/1376580
https://bugzilla.redhat.com/1397122
I am trying to understand what this exception indicates in order to handle
it appropriately when thrown by libvirt.
Thanks,
Ala
7 years, 10 months
[libvirt-users] Default firewall rules and forwarding to a guest
by Omer Aldemir
Hello,
I am trying to understand how libvirt firewall rules are loaded as I have firewalld and iptables services are disabled.
Where is the configuration files for firewall and NAT rules for libvirt?
How can I load default firewall rules if I mess things up
Also I have realized that followings is default
ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
but If I am to forward a port for a real IP to internal guest machine I need
ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 state NEW,RELATED,ESTABLISHED
(NEW state is required) and also of course a forwarding rule
iptables -t nat -I PREROUTING -p tcp --dport 3389 -j DNAT --to-destination 192.168.122.16:3389
Is there a place I can make this rules static with LibVirt (not playing with firewalld and/or iptables service for Centos 7)
Regards.
7 years, 10 months
[libvirt-users] how to modified virsh's editor forever?
by dw
Hi:
when I modify VM's xml file,the editor is VI,how to set to other
editor forever?
Now I can change the editor to VIM from VI with setting environment
EDITOR=$my-favorite-editor,
but after rebooting,it is VI again.
thanks
7 years, 10 months
[libvirt-users] nwfilters seem fundamentally unusable or unfinished
by J Mo
Hello!
I just spent the last four days working with nwfilters only to decide
that they are apparently unusable. I've come to the mailing list seeking
input on this subject.
First off, please forgive my offensiveness. I'm sure people worked hard
on nwfilters and it looks like a lot of effort went into providing this
functionality. This is also an extremely difficult subject to get right
in the many possible use cases, so I'm very sympathetic to how difficult
it would be to try and implement this. However, the existing system
didn't work out for me, I've found a number of other people who are
saying the same thing (it didn't work out for them), and I don't see any
hope continuing down the path of trying to make it work.
For now, I've given up on nwfilters and I created a hook script that
works with my existing iptables rules and applies network filter
policies on specific VM/guests where needed.
If you are doing extensive VM network filtering in your environment, how
did you do it?
I've listed a bunch of my gripes below. Please correct me if I've gotten
anything wrong here. I'm new to nwfilters so maybe I overlooked
something or I might just misunderstand the whole thing and could be
totally wrong.
The first and primary problem that I have with nwfilters are that the
documentation is poor. There is very little documentation which exists,
and that which does exist seems like it was spat out just to fulfill
business requirements that some documentation be produced, rather than
an effort into creating good usable documentation. I've run into large
amounts of undocumented behavior and I don't feel like reading the
source code any further to figure out what the intent of these tools were.
My second big issue, and a clue very few people actually use nwfilters
in the wild, is the low quantity of examples and how-to docs I found
while googling. Complex examples just don't seem to exist. Further, of
those complex examples I did find, people were often going down the
route of creating their own hook script programs to replace nwfilters,
indicating that this isn't just me.
Additionally...
I discovered that nwfilters do not play well with existing system
iptables/ebtables rules. There is some good examples on this regarding
Red Hat's firewalld and how libvirt's nwfilters does not play well
together if you google around a little. It seems like this was just not
considered in scope, or the assumption was that the local host would not
have any existing iptables/ebtables rules and that libvirt would have
complete control over the hypervisor host. There is no documented means
of controlling where libvirt inserts it's rules into an existing set of
rules, and libvirt creates numerous rules in both ebtables and iptables,
making the problem even more complex.
nwfilter seems to have been designed with a bias towards
user-networking. I am using bridged interfaces, and some features and
virsh commands don't apply to this mode of operation.
I've been able to produce scenarios where nwfilter would abandon rules
after changes had been made to running guests, and the only way I could
get rid of them was manual intervention (iptables/ebtables -F -X).
There is no command/control to apply an existing nwfilter to a running
guest, or to remove/clear the existing nwfilters on a running guest.
This item is a huge indication that this isn't a production-ready
feature set.
I think the worst problem I've run into, however, is that I was able to
create very simple nwfilters that either broke networking of the
hypervisor system (stopped all traffic), or failed to drop traffic which
should have been dropped. I still don't understand why nwfilter is often
creating rules in the ebtables "nat" table instead of the "filter"
table, where they belong. That one right there is a huge WTF -- packets
never get inspected because the rules are in the wrong table!
In general, I found the output iptables/ebables rules that nwfilter
generated often did not reflect the obvious intent of the rules that
went into the nwfilter xml configuration. This abstraction layer
produces unreliable and/or confusing results. I put a series of rules
into a nwfilter xml file and the iptables/ebtables rules that I get out
are insane. Nwfilter rules in = mystery meat out.
Priorities are a huge WTF that caused me a lot of grief. Are rules going
to be assembled in iptables/ebtables in the order which they are
declared in XML? (this is undocumented) If so, why do priorities exist?
(undocumented). What is the default priority? Is it zero? (undocumented).
Want to create a filter rule that will log certain packets? Apparently
there is no logging functionality at all. Can't be done. Anything beyond
the most basic packet allow/drop (even reject was an afterthought) isn't
supported by nwfilter rules.
Thanks for reading
7 years, 10 months
Re: [libvirt-users] Audio in Windows 10 VM is distorted. Using ALSA.
by Žilvinas Žaltiena
Hi,
I found the main reason for sound distortions on my system is guest timer
configuration.
The working one is:
<clock offset="localtime">
<timer name="hypervclock" present="yes"/>
<timer name="hpet" present="no"/>
<timer name="rtc" present="yes" track="guest" tickpolicy="delay"/>
</clock>
...
<qemu:commandline>a
<qemu:arg value='-machine'/>
<qemu:arg value='kernel_irqchip=on'/>
<qemu:arg value='-cpu'/>
<qemu:arg
value='host,migratable=no,+invtsc,hv_time,+kvm_pv_eoi,hv_relaxed,hv_spinlocks=0x1fff,hv_vendor_id=nv_fuck_you!,kvm=off'/>
</qemu:commandline>
The important part here is "host,migratable=no,+invtsc". It gives guest the
invariant TSC (CPU must support it). This is a bit of a hack. Everything,
except migratable=no, can be configured through proper XML elements,
however +invtsc requires migratable=no, and I don't know a way to pass it
other than using qemu:arg. Note it completely overrides qemus -cpu
parameter created from other tags. Don't paste my qemu:arg of it. Run your
VM without it, check libvirt log, and copy from it what is passed to qemu
as -cpu parameter, then add migratable=no,+invtsc.
2016-12-20 4:41 GMT+02:00 Manuel Ullmann <ullman.alias(a)posteo.de>:
> Hi,
>
> I can’t seem to find a solution for my last VM issue.
> I have distorted sound, when I play the Windows 10 device test
> sound. Only the Windows sound is affected. Mpd of the host is playing just
> fine
> meanwhile. I am using ich9 as emulated card, which is detected and
> installed correctly. The VM is using vfio-igd passthrough, so vnc or
> spice are not used.
> I tried to match the Windows driver configuration, which only supports
> 16 bit output. I have a 24 bit USB headphone amplifier, which does not
> support it (S32_LE only). Trying direct playback on the PCH card jack
> did not help though.
>
> The headphone amplifier is connected via optical Toslink, so there is
> standard snd_hda_intel output used (snd_usb_audio is not involved).
> Passing the USB part through I get much clearer output, but still have
> popping sounds. Googling around, they seem to be quite common on Windows
> 10, although I had it working fine on two bare-metal machines.
>
> I have tried fixed settings matching the ones of the dmixed device
> too. Don’t know, what is polled with enabled poll option. I also tried
> sdl and pulseaudio, which did not help. For the latter not so surprising
> since it is an Alsa pipe. The former was worse.
>
> The goal of this setup is having the same playlist state on both
> systems and using the better audio framework for music playback (Windows
> uses
> too much software layers). Of course the popping sounds on audio device
> passthrough also would be annoying, but that might be a different issue.
>
> Best regards,
> Manuel
>
> used alsa device:
> pcm.dmixed {
> type asym
> playback.pcm {
> # See plugin:dmix at http://www.alsa-project.org/
> alsa-doc/alsa-lib/pcm_plugins.html
> type dmix
>
> # Don't block other users, e.g. the Timidity midi-player
> daemon
> # http://www.alsa-project.org/
> alsa-doc/alsa-lib/pcm_plugins.html
> ipc_key_add_uid false
>
> ipc_key 1025
> ipc_perm 0660
> ipc_gid audio
>
> # Don't put the rate here! Otherwise it resets the rate &
> channels set below, as shown by: cat /proc/asound/card0/pcm0p/sub0/
> hw_params
> slave {
> # 2 for stereo, 6 for surround51, 8 for surround71
> channels 2
> pcm {
> format S16_LE
> #format S32_LE
>
> #rate 44100
> rate 48000
>
> # http://www.alsa-project.org/
> alsa-doc/alsa-lib/pcm_plugins.html
> # Maybe helps
> nonblock true
> type hw
> card "PCH"
> device 0
> subdevice 0
> }
>
> # mplayer2 chooses 1024
> # period_size 512 with buffer_size 16384 stops
> crackling in xmame
> # 320 breaks flash - https://bbs.archlinux.org/
> viewtopic.php?id=129458
> #period_size 512
> period_size 1024
>
> # 4096 might make sound crackle
> # mplayer2 chooses 8192. Half-Life 2 chooses 16384.
> # If too large, use CONFIG_SND_HDA_PREALLOC_SIZE=
> 2048
> buffer_size 8192
> }
> }
> capture.pcm "schneeball"
> }
>
> libvirt xml snippets:
>
> <sound model='ich9'>
> <address type='pci' domain='0x0000' bus='0x00' slot='0x09'
> function='0x0'/>
> </sound>
> ...
> <qemu:env name='QEMU_AUDIO_DRV' value='alsa'/>
> <qemu:env name='QEMU_DAC_FIXED_SETTINGS' value='0'/>
> <qemu:env name='QEMU_DAC_TRY_POLL' value='0'/>
> <qemu:env name='QEMU_DAC_TIMER_PERIOD' value='0'/>
> <qemu:env name='QEMU_DAC_BUFFER_SIZE' value='0'/>
> <qemu:env name='QEMU_DAC_PERIOD_SIZE' value='0'/>
> <qemu:env name='QEMU_DAC_DEV' value='dmixed'/>
>
> _______________________________________________
> libvirt-users mailing list
> libvirt-users(a)redhat.com
> https://www.redhat.com/mailman/listinfo/libvirt-users
7 years, 10 months
[libvirt-users] how to create container image for an existing container
by WANG Cheng D
Dear all,
I installed 8 containers using "yum --installroot=/root/fedora16lxc" to create the container filesystem. Now I want to manage these containers with openstack. So I need to deploy these containers by openstack which needs the container image.
Can anyone tell me how to export my existing container's image? I am not sure if openstack can create container without an image file. And I don't want to use Docker.
Thank you in advance.
Cheng
7 years, 10 months
[libvirt-users] Audio in Windows 10 VM is distorted. Using ALSA.
by Manuel Ullmann
Hi,
I can’t seem to find a solution for my last VM issue.
I have distorted sound, when I play the Windows 10 device test
sound. Only the Windows sound is affected. Mpd of the host is playing just fine
meanwhile. I am using ich9 as emulated card, which is detected and
installed correctly. The VM is using vfio-igd passthrough, so vnc or
spice are not used.
I tried to match the Windows driver configuration, which only supports
16 bit output. I have a 24 bit USB headphone amplifier, which does not
support it (S32_LE only). Trying direct playback on the PCH card jack
did not help though.
The headphone amplifier is connected via optical Toslink, so there is
standard snd_hda_intel output used (snd_usb_audio is not involved).
Passing the USB part through I get much clearer output, but still have
popping sounds. Googling around, they seem to be quite common on Windows
10, although I had it working fine on two bare-metal machines.
I have tried fixed settings matching the ones of the dmixed device
too. Don’t know, what is polled with enabled poll option. I also tried
sdl and pulseaudio, which did not help. For the latter not so surprising
since it is an Alsa pipe. The former was worse.
The goal of this setup is having the same playlist state on both
systems and using the better audio framework for music playback (Windows uses
too much software layers). Of course the popping sounds on audio device
passthrough also would be annoying, but that might be a different issue.
Best regards,
Manuel
used alsa device:
pcm.dmixed {
type asym
playback.pcm {
# See plugin:dmix at http://www.alsa-project.org/alsa-doc/alsa-lib/pcm_plugins.html
type dmix
# Don't block other users, e.g. the Timidity midi-player daemon
# http://www.alsa-project.org/alsa-doc/alsa-lib/pcm_plugins.html
ipc_key_add_uid false
ipc_key 1025
ipc_perm 0660
ipc_gid audio
# Don't put the rate here! Otherwise it resets the rate & channels set below, as shown by: cat /proc/asound/card0/pcm0p/sub0/hw_params
slave {
# 2 for stereo, 6 for surround51, 8 for surround71
channels 2
pcm {
format S16_LE
#format S32_LE
#rate 44100
rate 48000
# http://www.alsa-project.org/alsa-doc/alsa-lib/pcm_plugins.html
# Maybe helps
nonblock true
type hw
card "PCH"
device 0
subdevice 0
}
# mplayer2 chooses 1024
# period_size 512 with buffer_size 16384 stops crackling in xmame
# 320 breaks flash - https://bbs.archlinux.org/viewtopic.php?id=129458
#period_size 512
period_size 1024
# 4096 might make sound crackle
# mplayer2 chooses 8192. Half-Life 2 chooses 16384.
# If too large, use CONFIG_SND_HDA_PREALLOC_SIZE=2048
buffer_size 8192
}
}
capture.pcm "schneeball"
}
libvirt xml snippets:
<sound model='ich9'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/>
</sound>
...
<qemu:env name='QEMU_AUDIO_DRV' value='alsa'/>
<qemu:env name='QEMU_DAC_FIXED_SETTINGS' value='0'/>
<qemu:env name='QEMU_DAC_TRY_POLL' value='0'/>
<qemu:env name='QEMU_DAC_TIMER_PERIOD' value='0'/>
<qemu:env name='QEMU_DAC_BUFFER_SIZE' value='0'/>
<qemu:env name='QEMU_DAC_PERIOD_SIZE' value='0'/>
<qemu:env name='QEMU_DAC_DEV' value='dmixed'/>
7 years, 10 months