Hi Doug,
When installing netcat-openbsd on my target PPC board, it could support
ssh remote connection from the same architecture.
root@ppc-host:~# virsh -c qemu+ssh://root@localhost/system list
root@localhost's password:
Id Name State
----------------------------------------------------
But it still failed to connect from x86 machine.
user@x86:~$ virsh -c qemu+ssh://root@10.193.20.109/ list
root(a)10.193.20.109's password:
error: failed to connect to the hypervisor
error: End of file while reading data: : Input/output error
user@x86:~$ export LIBVIRT_DEBUG=1
user@x86:~$ export LIBVIRT_LOG_OUTPUTS="1:file:virsh.log"
user@x86:~$ virsh -c qemu+ssh://root@10.193.20.109/system list
2013-04-09 02:37:04.081+0000: 10685: info : libvirt version: 1.0.3
2013-04-09 02:37:04.081+0000: 10685: debug : virLogParseOutputs:1287 :
outputs=1:file:virsh.log
2013-04-09 02:37:04.122+0000: 10687: debug : virFileClose:72 : Closed fd 4
2013-04-09 02:37:04.122+0000: 10687: debug : virFileClose:72 : Closed fd 5
2013-04-09 02:37:04.122+0000: 10687: debug : virFileClose:72 : Closed fd 6
2013-04-09 02:37:04.122+0000: 10687: debug : virFileClose:72 : Closed fd 7
2013-04-09 02:37:04.122+0000: 10687: debug : virFileClose:72 : Closed fd 9
root(a)10.193.20.109's password:
error: failed to connect to the hypervisor
error: End of file while reading data: 2013-04-09 02:37:04.122+0000: 10687: debug :
virFileClose:72 : Closed fd 8
2013-04-09 02:37:04.122+0000: 10687: debug : virFileClose:72 : Closed fd 10
2013-04-09 02:37:04.122+0000: 10687: debug : virLogParseOutputs:1287 :
outputs=1:file:virsh.log: Input/output error
The part of the debug information:
<cut>
2013-04-09 02:37:04.121+0000: 10685: debug : do_open:1154 : name
"qemu+ssh://root@10.193.20.109/system" to URI components:
scheme qemu+ssh
server 10.193.20.109
user root
port 0
path /system
2013-04-09 02:37:04.121+0000: 10685: debug : do_open:1200 : trying driver 0 (Test) ...
2013-04-09 02:37:04.121+0000: 10685: debug : do_open:1206 : driver 0 Test returned
DECLINED
2013-04-09 02:37:04.121+0000: 10685: debug : do_open:1200 : trying driver 1 (OPENVZ) ...
2013-04-09 02:37:04.121+0000: 10685: debug : do_open:1206 : driver 1 OPENVZ returned
DECLINED
2013-04-09 02:37:04.121+0000: 10685: debug : do_open:1200 : trying driver 2 (VMWARE) ...
2013-04-09 02:37:04.121+0000: 10685: debug : do_open:1206 : driver 2 VMWARE returned
DECLINED
2013-04-09 02:37:04.121+0000: 10685: debug : do_open:1200 : trying driver 3 (VBOX) ...
2013-04-09 02:37:04.121+0000: 10685: debug : do_open:1206 : driver 3 VBOX returned
DECLINED
2013-04-09 02:37:04.121+0000: 10685: debug : do_open:1200 : trying driver 4 (remote) ...
2013-04-09 02:37:04.121+0000: 10685: debug : doRemoteOpen:594 : proceeding with name =
qemu:///system
2013-04-09 02:37:04.121+0000: 10685: debug : doRemoteOpen:603 : Connecting with transport
2
2013-04-09 02:37:04.121+0000: 10685: debug : virCommandRunAsync:2203 : About to run
LC_ALL=C LD_LIBRARY_PATH=/opt/virtutech/simics-3.2/simics-mpc8578-3.2.40/x86-linux/lib/
PATH=/home/yhh/yocto-project/sdk-devel/poky/scripts:/home/yhh/yocto-project/sdk-devel/poky/bitbake/bin/:/home/yhh/yocto-project/sdk-devel/poky/scripts:/home/yhh/yocto-project/sdk-devel/poky/bitbake/bin/:/home/yhh/yocto-project/sdk-devel/poky/scripts:/home/yhh/yocto-project/sdk-devel/poky/bitbake/bin/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/freescale/ltib/usr/bin/:/opt/virtutech/simics-3.2/simics-3.2.44/bin/
HOME=/home/yhh USER=yhh LOGNAME=yhh ssh -l root 10.193.20.109 sh -c
''\''if '\''nc'\'' -q 2>&1 | grep
"requires an argument" >/dev/null 2>&1; then ARG=-q0;else
ARG=;fi;'\''nc'\'' $ARG -U
/usr/local/var/run/libvirt/libvirt-sock'\'''
2013-04-09 02:37:04.122+0000: 10685: debug : virCommandRunAsync:2208 : Command result 0,
with PID 10687
2013-04-09 02:37:04.122+0000: 10685: debug : virFileClose:72 : Closed fd 8
2013-04-09 02:37:04.122+0000: 10685: debug : virFileClose:72 : Closed fd 10
2013-04-09 02:37:04.122+0000: 10685: debug : virNetSocketNew:151 : localAddr=(nil)
remoteAddr=(nil) fd=7 errfd=9 pid=10687
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectNew:201 : OBJECT_NEW:
obj=0x7f7f34003a50 classname=virNetSocket
2013-04-09 02:37:04.122+0000: 10685: debug : virNetSocketNew:201 : RPC_SOCKET_NEW:
sock=0x7f7f34003a50 fd=7 errfd=9 pid=10687 localAddr=(null), remoteAddr=(null)
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectNew:201 : OBJECT_NEW:
obj=0x7f7f34003260 classname=virNetClient
2013-04-09 02:37:04.122+0000: 10685: debug : virNetClientNew:326 : RPC_CLIENT_NEW:
client=0x7f7f34003260 sock=0x7f7f34003a50
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectRef:295 : OBJECT_REF:
obj=0x7f7f34003260
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectRef:295 : OBJECT_REF:
obj=0x7f7f34003a50
2013-04-09 02:37:04.122+0000: 10685: debug : virEventPollInterruptLocked:716 :
Interrupting
2013-04-09 02:37:04.122+0000: 10685: debug : virEventPollAddHandle:136 :
EVENT_POLL_ADD_HANDLE: watch=2 fd=7 events=1 cb=0x7f7f3e17a430 opaque=0x7f7f34003a50
ff=0x7f7f3e17a7d0
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollRunOnce:640 : Poll got 1
event(s)
2013-04-09 02:37:04.122+0000: 10685: debug : virKeepAliveNew:197 : client=0x7f7f34003260,
interval=-1, count=0
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollDispatchTimeouts:425 : Dispatch
0
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectNew:201 : OBJECT_NEW:
obj=0x7f7f34000d70 classname=virKeepAlive
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollDispatchHandles:470 : Dispatch 1
2013-04-09 02:37:04.122+0000: 10685: debug : virKeepAliveNew:216 : RPC_KEEPALIVE_NEW:
ka=0x7f7f34000d70 client=0x7f7f34003260
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollDispatchHandles:484 : i=0 w=1
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectRef:295 : OBJECT_REF:
obj=0x7f7f34003260
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollDispatchHandles:498 :
EVENT_POLL_DISPATCH_HANDLE: watch=1 events=1
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectNew:201 : OBJECT_NEW:
obj=0x7f7f34000b00 classname=virNetClientProgram
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectNew:201 : OBJECT_NEW:
obj=0x7f7f34000c10 classname=virNetClientProgram
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollCleanupTimeouts:516 : Cleanup 0
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectNew:201 : OBJECT_NEW:
obj=0x7f7f34003420 classname=virNetClientProgram
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollCleanupTimeouts:552 : Found 0 out
of 0 timeout slots used, releasing 0
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectRef:295 : OBJECT_REF:
obj=0x7f7f34000b00
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollCleanupHandles:564 : Cleanup 2
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectRef:295 : OBJECT_REF:
obj=0x7f7f34000c10
2013-04-09 02:37:04.122+0000: 10685: debug : virObjectRef:295 : OBJECT_REF:
obj=0x7f7f34003420
2013-04-09 02:37:04.122+0000: 10686: debug : virEventRunDefaultImpl:270 : running default
event implementation
2013-04-09 02:37:04.122+0000: 10685: debug : doRemoteOpen:796 : Trying authentication
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollCleanupTimeouts:516 : Cleanup 0
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollCleanupTimeouts:552 : Found 0 out
of 0 timeout slots used, releasing 0
2013-04-09 02:37:04.122+0000: 10685: debug : virNetMessageNew:45 : msg=0x7f7f340038b0
tracked=0
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollCleanupHandles:564 : Cleanup 2
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollMakePollFDs:393 : Prepare n=0
w=1, f=5 e=1 d=0
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollMakePollFDs:393 : Prepare n=1
w=2, f=7 e=1 d=0
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollCalculateTimeout:332 : Calculate
expiry of 0 timers
2013-04-09 02:37:04.122+0000: 10685: debug : virNetMessageEncodePayload:364 : Encode
length as 28
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollCalculateTimeout:361 : Timeout at
0 due in -1 ms
2013-04-09 02:37:04.122+0000: 10687: info : libvirt version: 1.0.3
2013-04-09 02:37:04.122+0000: 10686: debug : virEventPollRunOnce:629 : EVENT_POLL_RUN:
nhandles=2 timeout=-1
2013-04-09 02:37:04.122+0000: 10687: debug : virExec:641 : Setting child uid:gid to -1:-1
with caps 0
2013-04-09 02:37:04.122+0000: 10685: debug : virNetClientSendInternal:1955 :
RPC_CLIENT_MSG_TX_QUEUE: client=0x7f7f34003260 len=28 prog=536903814 vers=1 proc=66 type=0
status=0 serial=0
2013-04-09 02:37:04.122+0000: 10685: debug : virNetClientCallNew:1908 : New call
0x7f7f34003060: msg=0x7f7f340038b0, expectReply=1, nonBlock=0
2013-04-09 02:37:04.122+0000: 10685: debug : virNetClientIO:1718 : Outgoing message
prog=536903814 version=1 serial=0 proc=66 type=0 length=28 dispatch=(nil)
2013-04-09 02:37:04.122+0000: 10685: debug : virNetClientIO:1777 : We have the buck
head=0x7f7f34003060 call=0x7f7f34003060
2013-04-09 02:37:04.122+0000: 10685: debug : virEventPollUpdateHandle:147 :
EVENT_POLL_UPDATE_HANDLE: watch=2 events=0
2013-04-09 02:37:04.123+0000: 10685: debug : virEventPollInterruptLocked:716 :
Interrupting
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollRunOnce:640 : Poll got 1
event(s)
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollDispatchTimeouts:425 : Dispatch
0
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollDispatchHandles:470 : Dispatch 2
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollDispatchHandles:484 : i=0 w=1
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollDispatchHandles:498 :
EVENT_POLL_DISPATCH_HANDLE: watch=1 events=1
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollCleanupTimeouts:516 : Cleanup 0
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollCleanupTimeouts:552 : Found 0 out
of 0 timeout slots used, releasing 0
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollCleanupHandles:564 : Cleanup 2
2013-04-09 02:37:04.123+0000: 10686: debug : virEventRunDefaultImpl:270 : running default
event implementation
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollCleanupTimeouts:516 : Cleanup 0
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollCleanupTimeouts:552 : Found 0 out
of 0 timeout slots used, releasing 0
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollCleanupHandles:564 : Cleanup 2
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollMakePollFDs:393 : Prepare n=0
w=1, f=5 e=1 d=0
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollMakePollFDs:393 : Prepare n=1
w=2, f=7 e=0 d=0
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollCalculateTimeout:332 : Calculate
expiry of 0 timers
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollCalculateTimeout:361 : Timeout at
0 due in -1 ms
2013-04-09 02:37:04.123+0000: 10686: debug : virEventPollRunOnce:629 : EVENT_POLL_RUN:
nhandles=1 timeout=-1
2013-04-09 02:37:06.761+0000: 10685: error : virNetSocketReadWire:1321 : End of file while
reading data: 2013-04-09 02:37:04.122+0000: 10687: debug : virFileClose:72 : Closed fd 8
2013-04-09 02:37:04.122+0000: 10687: debug : virFileClose:72 : Closed fd 10
2013-04-09 02:37:04.122+0000: 10687: debug : virLogParseOutputs:1287 :
outputs=1:file:virsh.log: Input/output error
<cut>
Is there anything I miss?
Best Regards,
Olivia
-----Original Message-----
From: Yin Olivia-R63875
Sent: Friday, March 22, 2013 5:59 PM
To: 'Doug Goldstein'
Cc: libvir-list(a)redhat.com; libvirt-users(a)redhat.com
Subject: RE: [libvirt] remote connection issue 'virsh -c
qemu+ssh:///root@localhost/system list'
Hi Doug,
Thanks for your help.
qemu+tcp could work now after enabling listen_tcp in
/etc/libvirt/libvirtd.conf.
user@x86:~$ virsh -c qemu+tcp://10.193.20.109/system list --all
Id Name State
----------------------------------------------------
2 test running
For qemu+ssh, it seemed that we need build standalone netcat instead use nc
in busybox.
For qemu+tls, we need generate many pem files on both server and client.
http://wiki.libvirt.org/page/TLSCreateServerCerts
Server:
/etc/pki/CA/cacert.pem
/etc/pki/libvirt/servercert.pem
/etc/pki/libvirt/private/serverkey.pem
Client:
/etc/pki/CA/cacert.pem
/etc/pki/libvirt/clientcert.pem
/etc/pki/libvirt/private/clientkey.pem
But one question is that how does a client know the server name if without
DNS service.
Our scenario is a ppc board as server. Could we use IP address as the CN in
template file?
# cat host1_server_template.info
organization =
libvirt.org
cn = host1
tls_www_server
encryption_key
signing_key
Best Regards,
Olivia
> -----Original Message-----
> From: cardoe(a)cardoe.com [mailto:cardoe@cardoe.com] On Behalf Of Doug
> Goldstein
> Sent: Friday, March 22, 2013 1:59 AM
> To: Yin Olivia-R63875
> Cc: libvir-list(a)redhat.com; libvirt-users(a)redhat.com
> Subject: Re: [libvirt] remote connection issue 'virsh -c
> qemu+ssh:///root@localhost/system list'
>
> On Thu, Mar 21, 2013 at 6:23 AM, Yin Olivia-R63875
> <r63875(a)freescale.com>
> wrote:
> > Hi,
> >
> > I'm trying remote connection with qemu hypervisor on FSL PPC board.
> >
> > The libvirt server is the PPC board.
> >
> > root@ppc:~# ifconfig eth0 10.193.20.109 root@ppc:~# libvirtd -d
> > root@ppc:~# virsh -c qemu:///system define test.xml root@ppc:~#
> > virsh -c qemu:///system start test root@ppc:~# virsh -c
> > qemu:///system list --all
> > Id Name State
> > ----------------------------------------------------
> > 2 test running
> >
> > Connect from an X86 PC (Ubuntu 10.04) to the PPC board.
> >
> > user@x86:~$ virsh -c qemu+ssh://root@10.193.20.109/system list --all
> > The authenticity of host '10.193.20.109 (10.193.20.109)' can't be
> established.
> > RSA key fingerprint is 2f:56:07:08:da:7d:ac:41:45:57:d2:12:15:19:67:e0.
> > Are you sure you want to continue connecting (yes/no)? yes
> > root(a)10.193.20.109's password:
> > error: failed to connect to the hypervisor
> > error: End of file while reading data: Warning: Permanently added
> '10.193.20.109' (RSA) to the list of known hosts.
> > nc: invalid option -- 'U'
> > BusyBox v1.19.4 (2013-03-08 13:08:18 CST) multi-call binary.
> >
> > Usage: nc [-iN] [-wN] [-l] [-p PORT] [-f FILE|IPADDR PORT] [-e PROG]:
> > Input/output error
> >
> >
> >
> > I tried to verify the remote connection on localhost. But it also
> > failed
> as below:
> >
> > root@mpc8572ds:~# virsh -c qemu+ssh:///root@localhost/system list
> > --all root@localhost's password:
> > error: failed to connect to the hypervisor
> > error: End of file while reading data: nc: invalid option -- 'U'
> > BusyBox v1.19.4 (2013-03-08 13:08:18 CST) multi-call binary.
> >
> > Usage: nc [-iN] [-wN] [-l] [-p PORT] [-f FILE|IPADDR PORT] [-e PROG]:
> > Input/output error
> >
> >
> > Could anyone give suggestion on this issue?
> >
> >
> > Best Regards,
> > Olivia
> >
>
> You're using busybox's nc (netcat) implementation. It does not support
> UNIX sockets which is a requirement of libvirt when using the
> qemu+ssh:// scheme to connect.
>
> I'd suggest looking into generating some certificates and using
> qemu+tls:// (the default when using qemu:// to a remote system). If
> you don't care about any authentication or encryption for testing
> purposes you can use qemu+tcp://
>
> --
> Doug Goldstein