[libvirt-users] some problem with snapshot by libvirt
by xingxing gao
Hi,all,i am using libvirt to manage my vm,in these days i am testing
the libvirt snapshot ,but meet some problem:
the snapshot was created from this command:
snapshot-create-as win7 --disk-only --diskspec
vda,snapshot=external --diskspec hda,snapshot=no
but when i tried to revert from the snapshot which created from the
above command ,i got error below:
virsh # snapshot-revert win7 1338041515 --force
error: unsupported configuration: revert to external disk snapshot not
supported yet
version:
virsh # version
Compiled against library: libvir 0.9.4
Using library: libvir 0.9.4
Using API: QEMU 0.9.4
Running hypervisor: QEMU 1.0.93
10 years
[libvirt-users] virt-viewer via ssh to a remote host
by Marc Haber
Hi,
I have a virtualization host running KVM and libvirt 0.9.12 (on Debian
unstable). I would like to connect with virt-viewer 0.5.4 from a
different host to a domain that has Display Spice configured as
graphics interface.
I can connect to the KVM host using
virsh --connect=qemu+ssh://mh@fan.local/system
and start m KVM domain from there, so I guess that authentication is
just fine.
However,
virt-viewer --connect=qemu+ssh://mh@fan.local/system <domain>
does not work. The easy issue was that virt viewer issues a "nc
fan.local 5900" on the remote host, while the Display Spice agent
listens on 127.0.0.1 only. I could fix that by checking the "listen on
all IP addresses" box in the Display Spice configuration in
virt-manager. After that, I could see the TCP connection to the Spice
agent on the remote host succeed when tcpdumping on the KVM host's lo
interface.
When I invoke virt-viewer when the domain is not running, it says
"Waiting for the guest domain to start", and changes to "Connecting to
graphic server" when I start the domain. When I invoke virt-viewer
when the domain is already running, it immediately says "Connecting to
graphic server", but the domain's console does never show up.
When I invoke
virt-viewer --connect=qemu:///system <domain>
directly on the KVM host, the console shows up alright.
On the KVM host,
virt-viewer --connect=qemu+ssh:///system <domain>
gives the same behavior as the remote invocation, while
virt-viewer --direct --connect=qemu+ssh:///system <domain>
does. So I guess there is something wrong with the tunneling of the
Spice session through ssh.
Am I doing something wrong? I would appreciate any hints.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062
11 years, 10 months
[libvirt-users] Error installing VM: "Process exited while reading console log output"
by Patrick 'P. J.' McDermott
Hi,
I'm trying to install a qemu-kvm virtual machine on a Debian GNU/Linux
squeeze amd64 host, using virtinst 0.500.3 and libvirt 0.8.3.
First I tried this command as a normal user (in groups kvm and libvirt):
$ virt-install --connect qemu:///system --name test1 \
> --ram $((128 * 1024 * 1024)) --vcpus=1 --description 'Test VM 1' \
> --location=http://http.us.debian.org/debian/dists/squeeze/main/installer-amd64/ \
> --extra-args='auto url=http://10.0.0.128/baldr1.cfg' \
> --os-type=linux --os-variant=debiansqueeze \
> --disk path=/mnt/data/vms/test1.img --network bridge=br0 \
> --nographics --hvm --virt-type=kvm --serial pty --autostart
This failed, giving me the following output:
Starting install...
Retrieving file MANIFEST... | 3.3 kB 00:00 ...
Retrieving file linux... | 4.6 MB 00:13 ...
Retrieving file initrd.gz... | 13 MB 00:38 ...
ERROR internal error Process exited while reading console log output: char device redirected to /dev/pts/4
Domain installation does not appear to have been
successful. If it was, you can restart your domain
by running 'virsh start test1'; otherwise, please
restart your installation.
ERROR internal error Process exited while reading console log output: char device redirected to /dev/pts/4
Traceback (most recent call last):
File "/usr/bin/virt-install", line 1033, in <module>
main()
File "/usr/bin/virt-install", line 915, in main
start_time, guest.start_install)
File "/usr/bin/virt-install", line 957, in do_install
dom = install_func(conscb, progresscb, wait=(not wait))
File "/usr/lib/pymodules/python2.6/virtinst/Guest.py", line 973, in start_install
return self._do_install(consolecb, meter, removeOld, wait)
File "/usr/lib/pymodules/python2.6/virtinst/Guest.py", line 1038, in _do_install
"install")
File "/usr/lib/pymodules/python2.6/virtinst/Guest.py", line 1009, in _create_guest
dom = self.conn.createLinux(start_xml, 0)
File "/usr/lib/python2.6/dist-packages/libvirt.py", line 1277, in createLinux
if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self)
libvirtError: internal error Process exited while reading console log output: char device redirected to /dev/pts/4
I tried the same virt-install command without "--serial pty" and as
root, to no avail.
I then tried setting "console" using --extra-args, i.e.:
$ virt-install --connect qemu:///system --name test1 \
> --ram $((128 * 1024 * 1024)) --vcpus=1 --description 'Test VM 1' \
> --location=http://http.us.debian.org/debian/dists/squeeze/main/installer-amd64/ \
> --extra-args='console=tty0 console=ttyS0,115200n8' \
> --os-type=linux --os-variant=debiansqueeze \
> --disk path=/mnt/data/vms/test1.img --network bridge=br0 \
> --nographics --hvm --virt-type=kvm --serial pty --autostart
Again, I get the same error.
Can anyone tell me why I'm getting this error or give me some hints to
troubleshoot this? So far nothing in the Python or C code of libvirt
stands out at me, and nothing in ~/.virtinst/virt-install.log looks
helpful.
Since there's no specific error message to say why the process exited,
does this perhaps mean that debian-installer is simply shutting down
immediately after booting?
(I'm sending this to the libvirt-users list because it looks like a
libvirt issue. Let me know if I should query a different list.)
Thanks,
--
Patrick "P. J." McDermott
http://www.pehjota.net/
http://www.pehjota.net/contact.html
11 years, 11 months
[libvirt-users] Local and domain SIDs -- WAS: Is there any way to change the vm computer name which joined AD
by Bryan J Smith
On Mon, Dec 24, 2012 at 4:01 AM, Timon Wang <timonwst(a)gmail.com> wrote:
> If a vm join AD domain, the name is registered in the AD server, when I copy
> a VM, the name will conflict with the source VM.
> I wanna to know if I can change the VM computer name automaticly.
This is not a hostname issue. This is a pure AD/NT-SID issue**
(Security Identifiers). It affects all virtualization solutions, even
Hyper-V.
Two (2) systems must have unique SID enumeration.** When you have
standalone systems that are not part of a domain, as long as the two
systems never see each other, it's typically not an issue. But when
they are part of a domain, it is an issue, because there must be an
unique SID enumeration for any domain member.
You should never clone/create/instance/etc... a system once it's been
joined to a domain, unless you use a solution that undoes its SID
enumeration.
Microsoft introduce sysprep years ago so when a system reboots, new
local SIDs** are enumerated. This is recommended for all systems when
cloned, whether they join an AD domain later or not.
Some virtualization solutions don't bother to sysprep the system
before joining them to a domain. This is because the SID enumeration
in a domain is domain-wide, and the local SIDs are usually not
utilized. This drastically reduces issues although there can still be
issues between two nodes that have the same local SID enumeration.**
There is no way around this issue, as it's a core NT issue. The
recommended solutions are to either ...
- Always run SysPrep before making a template, regardless whether an
AD member or not
- Join the domain as part of a local group policy before the system
comes up (e.g., still has duplicate local SIDs)
In oVirt/RHEV, you can join the domain as part of the SysPrep scripts.
The easiest way to do this is to create an user in your AD domain
that only has the delegation and no other role. The system is joined
to the AD domain upon first boot of the VM instance using that user.
-- bjs, MCITP/MCSE/MCSA
**NT INTERNALS NOTE: The local System Accounts Manager (SAM) and
other portions of the local NT systems' Registry, as well as the local
NTFS file systems attributes, are where local SID are stored and
utilized. The first NT system promoted to a Domain Controller (DC)
has its SAM and SID enumeration because the initial, network-wide SIDs
for the domain (that's an over-simplification, but similar), and it no
longer has its local enumeration (all DCs are like this, there is
still a local SAM/SID enumeration, but it is not referenced, which is
a long and complicated story with some issues). When a local system
joins a domain, and becomes a domain member, it starts using those SID
references. The local SAM/SID still exist and are known (unlike a DC,
which stops using them altogether), but are typically not utilized.
So SIDs are usually no longer an issue, unless you have member
workstations/servers directly accessing and managing other member
workstations/servers (e.g., IPC like to C$ or similar).
It is very, very important that anyone managing Windows systems
understand these internals, especially when it comes to domains.
Sadly a lot of MCSEs (especially older ones) don't seem to, among
other NT and AD internals. Microsoft still doesn't offer a good AD
internals course, although they do have a good NT internals course
as well as set of books.
--
Bryan J Smith - Professional, Technical Annoyance
b.j.smith at ieee.org - http://www.linkedin.com/in/bjsmith
----------------------------------------------------------
Computers are precise, but not accurate, and make mistakes
due to lack of input, as lack of awareness and observation
11 years, 11 months
[libvirt-users] Difficulty with a transferred VM
by Dale Amon
I have a better faster server and moved the disk from
the old one to the new one.
After the move, I edited the xml file manually to give
it the correct paths for the new machine, since the
mount point for all the VM storage pools is now different.
I get
# virsh start www.foo.org
error: Failed to start domain www.foo.org
error: internal error cannot load AppArmor profile 'libvirt-xxx .... xxx'
I tried
aa-complain /usr/sbin/libvirtd
I even tried editing /etc/apparmor/usr.lib.libvirt.virt-aa-helper and
adding the new path to where the VM images are stored. Still no
joy.
Suggestions?
11 years, 11 months
[libvirt-users] CFS BWC related question
by Dennis Chen
Hi,
Seems this question is not related with libvirt directly, but I still want to ping this list to see if someone can be help.
The OS in my desktop box is Ubuntu 12.10, the kernel is 3.5.1. I installed the cgroup utility package with:#apt-get install cgroup-bin, but after I installed these packages successfully, I can't find cpu_quota/cpu_period controller in the /sys/fs/cgroup/cpu folder. So the essential question is:
What I need to do to make cgroup can support CFS BWC feature? Specifically, how to make the cpu_quota/cpu_period to be available within cgroup/cpu?
BRs,
Dennis
11 years, 11 months
[libvirt-users] Need help regarding perl sys::virt
by Rawat, Vishwanath
Hi,
I wanted to use perl Sys::Virt (which uses libvirt) to remotely connect KVM hypervisor. As a start I tried following simple script(KVM.pl) but I am getting following error.
First it will ask for authentication which I am providing to it manually then it fails. Do I need to do some configuration on KVM hypervisor before executing this script? Any help is appreciated.
bash-3.2$ perl KVM.pl
root(a)10.238.132.125's password:
Unable to open connection to qemu+ssh://root@10.238.132.125/system?no_verify=1: End of file while reading data: Warning: Perm: Input/output error8.132.125' (RSA) to the list of known hosts.
Can't call method "list_domains" on an undefined value at KVM.pl line 21.
bash-3.2$
bash-3.2$ cat KVM.pl
use strict;
use warnings;
use Sys::Virt;
use Data::Dump qw(dump);
my $user = "root";
my $host = <some_host>;
my $uri = "qemu+ssh://root\@$host/system?no_verify=1";
my $vmm;
eval {
$vmm = Sys::Virt->new(uri => $uri, readonly => 1);
};
if ($@) {
print "Unable to open connection to $uri: " . $@->message . "\n";
}
for my $dom ($vmm->list_domains, $vmm->list_defined_domains) {
## see perldoc Sys::Virt::Domain
print "name: ", $dom->get_name, "\n";
print "uuid: ", $dom->get_uuid_string(), "\n";
## $dom->get_info returns a hash reference
dump $dom->get_info;
print "\n";
}
Regards,
Rawat
11 years, 11 months
[libvirt-users] Ordering multiple network interfaces on vms
by john fisher
On a hypervisor with multiple interfaces, we'd like to make those interfaces available to each of multiple VMs.
We have both bridged interfaces and SRIOV interfaces, no NAT interfaces.
When we create a vm in virsh using an xml file with no network elements, but having interface elements, we get the
interfaces in the vm, but the ordering of eth devices does not match the ordering on the hypervisor and we aren't sure
the ordering is repeatable either. In other words, eth0 in the HV is thingA and eth1 is thingB, but on the VM eth0 is
thingC eth1 is thingD and eth4 is thingA so forth.
we have 12 interfaces so ordering or naming is important and confusing.
We've tried to use the PCI bus numbers as seen in lspci on the HV, but no luck.
Do we need to start using network elements in the vm's xml file or separately to control the ordering? Whats the usual
practice here?
Sample xml:
<interface type='hostdev'>
<source dev='eth3' mode='vepa'>
<address type='pci' domain='0x0000' bus='0x16' slot='0x10' function='0x1'/>
</source>
<target dev='macvtap0'/>
</interface>
<interface type='bridge'>
<source bridge='br4'/>
<target dev='vnet0'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>
Thanks!
--
John Fisher
11 years, 11 months
