January 2019 - Users - Libvirt List Archives

by Keith Bierman

Mac OS X 10.14.2 VirtualBox 5.2.22 and 6.0.0 libvirt installed via homebrew virsh -V Virsh command line tool of libvirt 4.10.0 See web site at https://libvirt.org/ Compiled with support for: Hypervisors: QEMU/KVM VMware VirtualBox ESX Test Networking: Remote Bridging Storage: Dir Miscellaneous: Daemon Secrets Debug brew services start libvirt virsh -c vbox:///session list error: failed to connect to the hypervisor error: internal error: unable to initialize VirtualBox driver API Unless there's a known issue with Mojave that's escaped me, surely I've done something clueless .. pointers to the FM or otherwise greatly appreciated. Keith Bierman khbkhb(a)gmail.com

5 years, 10 months

1
4
0 / 0

[libvirt-users] xen and libvirt

by Christoph

Hi Does someone know how it is possible these parameters: e820_host max_grant_frames to set with libvirt xml config? I use them with xl config but I want to change to libvirt config/tools. (with libvirt 4.10 it is possible to start pvh domains) -- ------ Greetz

5 years, 10 months

2
3
0 / 0

[libvirt-users] script called from qemu hook freezes.

by daggs

Greetings, I'm executing an external script when the qemu hook is called with start or release, the script is rather simple, upon start it iterates over the output of lsusb -t and for each device, it looks if it should be added to the vm we started, if so, it attaches it to the vm as follows: virsh --connect qemu:///system "${cmd}" "${domain}" /dev/stdin << END <hostdev mode='subsystem' type='usb'> <source> <address bus='${busnum}' device='${devnum}' /> </source> </hostdev> END where cmd is attach-device, domain is the vm's name, busnum and devnum come from the output of the lsusb -t. my issue is that upon the first attach attempt, the cmd hangs, I need to kill it and after than I cannot preform any virsh cmd, I must restart the host. if I try to execute the same cmd after the vm is up, it works great. why the attach process gets stuck? do I need to execute it under different stage? thanks, Dagg.

5 years, 10 months

3
6
0 / 0

[libvirt-users] macvtap and tagged VLANs to the VM

by Marc Haber

Hi, I would like to run a network firewall as a VM on a KVM host. There are ~ 25 VLANs delivered to the KVM host on three dedicated links, no LACP or other things. I have the VLANs 100-180 on the host's enp1s0, the VLANs 200-280 on the host's enp2s0 and the VLANs 300-380 on the host's enp3s0. To save myself from configuring all VLANs on the KVM host, I'd like to hand the entire ethernet link to the VM and to have the VLAN interfaces there. Using classical Linux bridges (brctl), things work fine. They don't when I try macvlan: On the host: 4: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 00:0d:b9:34:2a:fe brd ff:ff:ff:ff:ff:ff promiscuity 1 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 5: unt382@enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether 00:0d:b9:34:2a:fe brd ff:ff:ff:ff:ff:ff promiscuity 0 vlan protocol 802.1Q id 382 <REORDER_HDR> addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 15: macvtap3@enp3s0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 500 link/ether 52:54:00:bf:bb:ab brd ff:ff:ff:ff:ff:ff promiscuity 0 macvtap mode bridge addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 4: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0d:b9:34:2a:fe brd ff:ff:ff:ff:ff:ff inet6 fe80::20d:b9ff:fe34:2afe/64 scope link valid_lft forever preferred_lft forever 5: unt382@enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:0d:b9:34:2a:fe brd ff:ff:ff:ff:ff:ff inet6 fe80::20d:b9ff:fe34:2afe/64 scope link valid_lft forever preferred_lft forever 15: macvtap3@enp3s0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 500 link/ether 52:54:00:bf:bb:ab brd ff:ff:ff:ff:ff:ff inet6 fe80::5054:ff:febf:bbab/64 scope link valid_lft forever preferred_lft forever In the XML: <interface type='direct'> <mac address='52:54:00:bf:bb:ab'/> <source dev='enp3s0' mode='bridge'/> <target dev='macvtap3'/> <model type='virtio'/> <alias name='net0'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface> And in the VM: root@grml ~ # ip -d link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 52:54:00:bf:bb:ab brd ff:ff:ff:ff:ff:ff promiscuity 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 3: vlan0@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether 52:54:00:bf:bb:ab brd ff:ff:ff:ff:ff:ff promiscuity 0 vlan protocol 802.1Q id 382 <REORDER_HDR> addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 root@grml ~ # ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 52:54:00:bf:bb:ab brd ff:ff:ff:ff:ff:ff inet6 fe80::5054:ff:febf:bbab/64 scope link valid_lft forever preferred_lft forever 3: vlan0@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 52:54:00:bf:bb:ab brd ff:ff:ff:ff:ff:ff inet 192.168.252.220/24 brd 192.168.252.255 scope global vlan0 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:febf:bbab/64 scope link valid_lft forever preferred_lft forever root@grml ~ # I then ping from the VM to 192.168.252.241, which is a differnt host on the network, neither the VM host the VM is running on nor another VM on the same host. That should rule out the connectivity issues that a macvtap interface has, right? On the VM, I see ARP requests going out, but no answers come in. On the pinged host, I see: 22:50:23.881163 52:54:00:bf:bb:ab > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.252.241 tell 192.168.252.220, length 46 22:50:23.881242 52:54:00:95:df:a6 > 52:54:00:bf:bb:ab, ethertype ARP (0x0806), length 42: Reply 192.168.252.241 is-at 52:54:00:95:df:a6, length 28 So, the packets going out from my VM are correctly delivered to the target, the target replies, but the replies never make it back to the VM. Do I see correctly that tcpdump on the VM host won't give accurate readings since macvtap will divert the frame before tcpdump will see it? On the other hand, a VM directly configured to the host's unt382 interface works fine: <interface type='direct'> <mac address='52:54:00:cb:ed:34'/> <source dev='unt382' mode='bridge'/> <model type='virtio'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface> I would however like to avoid having 25 interface stanzas in my XML. I would appeciate any ideas to solve this issue. I know this is most probably not a libvirt issue, but this list is about the only place that comes to my mind where people knowledgeable about those complex network stuff might hang around. If there is a better place to ask, I am open for suggestion. Please pardon my intrusion. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421

5 years, 10 months

2
5
0 / 0

[libvirt-users] assigning PCI addresses with bus > 0x09

by Riccardo Ravaioli

Hi, My goal is to assign PCI addresses to a number of devices (network interfaces, disks and PCI devices in PCI-passthrough) without delegating to libvirt the generation of those values. This should give me more control and for sure more predictability over the hardware configuration of a virtual machine and consequently the name of the interfaces in it. I'm using libvirt 4.3.0 to create qemu/KVM virtual machines running Linux (Debian Stretch). So, for every device of the type mentioned above, I add this line: <address type='pci' domain='0x0000' bus='0x__' slot='0x__' function='0x0'/>, ... with values from 00 to ff in the bus field, and from 00 to 1f in the slot field, as described in the documentation. Long story short, I noticed that as soon as I assign values > 0x09 to the bus field, the serial console hangs indefinitely, in both Debian and Ubuntu. The VM seems to be started correctly and its state is "running"; in the XML file created by libvirt, I see all controllers from 0 the largest bus value I assigned, so everything from that side seems ok. What am I missing here? Thanks! Riccardo

5 years, 10 months

3
6
0 / 0

[libvirt-users] guest runs into watch dog reset

by b f31415

I'm spinning up a guest, using virt-install. i'm passing the guest a single vcpu and many network interfaces. On the guest side all the interfaces are initially in the down state. I've notice then when I manually bring a specific one of these interfaces up (eg the 64th interface), the guest system hangs. Doing an "strace ifconfig etX up", it looks like the system hangs when doing the ioctl to bring the interface up. This guest is 18.04. Host is 16.04. Are there any qemu/virt commands i can run from the host which would provide me a better understanding as to why the guest gets into this hung state? If I pass two vcpu, I don't suffer from this hang issue. Thanks

5 years, 10 months

1
0
0 / 0

[libvirt-users] avoiding PCI bus 8 / using PCI function / virt-install

by b f31415

I’m using virt-install to spin up VMs. At times I have a need to spin up VMs which have 100s of interfaces. I ran into the PCI issue mentioned in this previous thread based on how virt-install assigns PCI addresses to interfaces: https://www.redhat.com/archives/libvirt-users/2018-December/msg00064.html Using the info mention there I was able to part hand / part sw re-write an XML where I would remove PCI bus references above the value of 8 and re-address the per interface PCI info to use the function field (I don’t need hot pluggable). But the process I’ve built is brittle. Wondering what options i might have to better deal with this PCI issue. Is there a way to tell virt-install, when building the info it passes to qemu, to use the function field during the PCI assignment process so as to support many more interfaces before hitting the PCI bus == 8 issue? If not, is there a way with one of the virt command line tools to create the XML (with the PCI addresses specified) so that I can process that XML and re-write the PCI addressing values? Right now the only way I’ve been able to get that detailed XML file is to 1) virt-install and let the VM begin the boot process and then do a 2) virsh dumpxml and then 3) virsh destroy/undefine that VM, 4) modify the XML and then 5) virsh create ./modified.xml. Is there a cleaner way to do this? Thanks

5 years, 10 months

3
4
0 / 0

[libvirt-users] Network filters with clean-traffic not working on Debian Stretch

by fatal

Hello, I'm recently stumbled over the libvirt network filter capabilities and got pretty excited. Unfortunately I'm not able to get the the "clean-traffic" filterset working. I'm using a freshly installed Debian Stretch with libvirt, qemu and KVM. My config snippet looks as follows: sudo virsh edit <VM> [...] <interface type='bridge'> <mac address='52:54:00:0c:14:07'/> <source bridge='br0'/> <model type='virtio'/> <filterref filter='clean-traffic'> <parameter name='IP' value='10.10.1.2'/> </filterref> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface> <interface type='bridge'> <mac address='52:54:00:0c:24:17'/> <source bridge='br1'/> <model type='virtio'/> <filterref filter='clean-traffic'> <parameter name='IP' value='172.16.1.2'/> </filterref> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface> [...] I restarted the VM from within the VM, did a "virsh reboot <VM>", restarted libvirtd and even did a reboot of the host - just to be sure. Unfortunately neither "iptables -L" nor "ebtables --list" show any entries added by libvirt. Also omitting the "parameter name='IP'" part didn't change anything. There are no error messages in /var/log/syslog nor in /var/log/libvirt/qemu/<VM> My main references were: https://libvirt.org/firewall.html https://libvirt.org/formatnwfilter.html https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/... https://www.berrange.com/posts/2011/10/03/guest-mac-spoofing-denial-of-se... Any help really would be much appreciated! Thanks a lot! Sam

5 years, 10 months

3
3
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Users January 2019