December 2012 - Users - libvirt List Archives

[libvirt-users] some problem with snapshot by libvirt
by xingxing gao 21 Nov '14

21 Nov '14

Hi,all,i am using libvirt to manage my vm,in these days i am testing the libvirt snapshot ,but meet some problem: the snapshot was created from this command: snapshot-create-as win7 --disk-only --diskspec vda,snapshot=external --diskspec hda,snapshot=no but when i tried to revert from the snapshot which created from the above command ,i got error below: virsh # snapshot-revert win7 1338041515 --force error: unsupported configuration: revert to external disk snapshot not supported yet version: virsh # version Compiled against library: libvir 0.9.4 Using library: libvir 0.9.4 Using API: QEMU 0.9.4 Running hypervisor: QEMU 1.0.93

4 8

[libvirt-users] virt-viewer via ssh to a remote host
by Marc Haber 03 Jan '13

03 Jan '13

Hi, I have a virtualization host running KVM and libvirt 0.9.12 (on Debian unstable). I would like to connect with virt-viewer 0.5.4 from a different host to a domain that has Display Spice configured as graphics interface. I can connect to the KVM host using virsh --connect=qemu+ssh://mh@fan.local/system and start m KVM domain from there, so I guess that authentication is just fine. However, virt-viewer --connect=qemu+ssh://mh@fan.local/system <domain> does not work. The easy issue was that virt viewer issues a "nc fan.local 5900" on the remote host, while the Display Spice agent listens on 127.0.0.1 only. I could fix that by checking the "listen on all IP addresses" box in the Display Spice configuration in virt-manager. After that, I could see the TCP connection to the Spice agent on the remote host succeed when tcpdumping on the KVM host's lo interface. When I invoke virt-viewer when the domain is not running, it says "Waiting for the guest domain to start", and changes to "Connecting to graphic server" when I start the domain. When I invoke virt-viewer when the domain is already running, it immediately says "Connecting to graphic server", but the domain's console does never show up. When I invoke virt-viewer --connect=qemu:///system <domain> directly on the KVM host, the console shows up alright. On the KVM host, virt-viewer --connect=qemu+ssh:///system <domain> gives the same behavior as the remote invocation, while virt-viewer --direct --connect=qemu+ssh:///system <domain> does. So I guess there is something wrong with the tunneling of the Spice session through ssh. Am I doing something wrong? I would appreciate any hints. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062

2 2

[libvirt-users] Is thre any way to change the vm computer name which joined AD
by Timon Wang 29 Dec '12

29 Dec '12

I want to change the computer name of the vm which based on a qcow2 img. virt-win-reg can merge some value when the vm is not joined the AD, but when it joined I tried to do it by virt-win-reg and failed. Any one have any idea about it? -- Focus on: Server Vitualization, Network security,Scanner,NodeJS,JAVA,WWW Blog: http://www.nohouse.net

4 9

[libvirt-users] Error installing VM: "Process exited while reading console log output"
by Patrick 'P. J.' McDermott 29 Dec '12

29 Dec '12

Hi, I'm trying to install a qemu-kvm virtual machine on a Debian GNU/Linux squeeze amd64 host, using virtinst 0.500.3 and libvirt 0.8.3. First I tried this command as a normal user (in groups kvm and libvirt): $ virt-install --connect qemu:///system --name test1 \ > --ram $((128 * 1024 * 1024)) --vcpus=1 --description 'Test VM 1' \ > --location=http://http.us.debian.org/debian/dists/squeeze/main/installer-amd64/ \ > --extra-args='auto url=http://10.0.0.128/baldr1.cfg' \ > --os-type=linux --os-variant=debiansqueeze \ > --disk path=/mnt/data/vms/test1.img --network bridge=br0 \ > --nographics --hvm --virt-type=kvm --serial pty --autostart This failed, giving me the following output: Starting install... Retrieving file MANIFEST... | 3.3 kB 00:00 ... Retrieving file linux... | 4.6 MB 00:13 ... Retrieving file initrd.gz... | 13 MB 00:38 ... ERROR internal error Process exited while reading console log output: char device redirected to /dev/pts/4 Domain installation does not appear to have been successful. If it was, you can restart your domain by running 'virsh start test1'; otherwise, please restart your installation. ERROR internal error Process exited while reading console log output: char device redirected to /dev/pts/4 Traceback (most recent call last): File "/usr/bin/virt-install", line 1033, in <module> main() File "/usr/bin/virt-install", line 915, in main start_time, guest.start_install) File "/usr/bin/virt-install", line 957, in do_install dom = install_func(conscb, progresscb, wait=(not wait)) File "/usr/lib/pymodules/python2.6/virtinst/Guest.py", line 973, in start_install return self._do_install(consolecb, meter, removeOld, wait) File "/usr/lib/pymodules/python2.6/virtinst/Guest.py", line 1038, in _do_install "install") File "/usr/lib/pymodules/python2.6/virtinst/Guest.py", line 1009, in _create_guest dom = self.conn.createLinux(start_xml, 0) File "/usr/lib/python2.6/dist-packages/libvirt.py", line 1277, in createLinux if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self) libvirtError: internal error Process exited while reading console log output: char device redirected to /dev/pts/4 I tried the same virt-install command without "--serial pty" and as root, to no avail. I then tried setting "console" using --extra-args, i.e.: $ virt-install --connect qemu:///system --name test1 \ > --ram $((128 * 1024 * 1024)) --vcpus=1 --description 'Test VM 1' \ > --location=http://http.us.debian.org/debian/dists/squeeze/main/installer-amd64/ \ > --extra-args='console=tty0 console=ttyS0,115200n8' \ > --os-type=linux --os-variant=debiansqueeze \ > --disk path=/mnt/data/vms/test1.img --network bridge=br0 \ > --nographics --hvm --virt-type=kvm --serial pty --autostart Again, I get the same error. Can anyone tell me why I'm getting this error or give me some hints to troubleshoot this? So far nothing in the Python or C code of libvirt stands out at me, and nothing in ~/.virtinst/virt-install.log looks helpful. Since there's no specific error message to say why the process exited, does this perhaps mean that debian-installer is simply shutting down immediately after booting? (I'm sending this to the libvirt-users list because it looks like a libvirt issue. Let me know if I should query a different list.) Thanks, -- Patrick "P. J." McDermott http://www.pehjota.net/ http://www.pehjota.net/contact.html

3 8

[libvirt-users] Local and domain SIDs -- WAS: Is there any way to change the vm computer name which joined AD
by Bryan J Smith 24 Dec '12

24 Dec '12

On Mon, Dec 24, 2012 at 4:01 AM, Timon Wang <timonwst(a)gmail.com> wrote: > If a vm join AD domain, the name is registered in the AD server, when I copy > a VM, the name will conflict with the source VM. > I wanna to know if I can change the VM computer name automaticly. This is not a hostname issue. This is a pure AD/NT-SID issue** (Security Identifiers). It affects all virtualization solutions, even Hyper-V. Two (2) systems must have unique SID enumeration.** When you have standalone systems that are not part of a domain, as long as the two systems never see each other, it's typically not an issue. But when they are part of a domain, it is an issue, because there must be an unique SID enumeration for any domain member. You should never clone/create/instance/etc... a system once it's been joined to a domain, unless you use a solution that undoes its SID enumeration. Microsoft introduce sysprep years ago so when a system reboots, new local SIDs** are enumerated. This is recommended for all systems when cloned, whether they join an AD domain later or not. Some virtualization solutions don't bother to sysprep the system before joining them to a domain. This is because the SID enumeration in a domain is domain-wide, and the local SIDs are usually not utilized. This drastically reduces issues although there can still be issues between two nodes that have the same local SID enumeration.** There is no way around this issue, as it's a core NT issue. The recommended solutions are to either ... - Always run SysPrep before making a template, regardless whether an AD member or not - Join the domain as part of a local group policy before the system comes up (e.g., still has duplicate local SIDs) In oVirt/RHEV, you can join the domain as part of the SysPrep scripts. The easiest way to do this is to create an user in your AD domain that only has the delegation and no other role. The system is joined to the AD domain upon first boot of the VM instance using that user. -- bjs, MCITP/MCSE/MCSA **NT INTERNALS NOTE: The local System Accounts Manager (SAM) and other portions of the local NT systems' Registry, as well as the local NTFS file systems attributes, are where local SID are stored and utilized. The first NT system promoted to a Domain Controller (DC) has its SAM and SID enumeration because the initial, network-wide SIDs for the domain (that's an over-simplification, but similar), and it no longer has its local enumeration (all DCs are like this, there is still a local SAM/SID enumeration, but it is not referenced, which is a long and complicated story with some issues). When a local system joins a domain, and becomes a domain member, it starts using those SID references. The local SAM/SID still exist and are known (unlike a DC, which stops using them altogether), but are typically not utilized. So SIDs are usually no longer an issue, unless you have member workstations/servers directly accessing and managing other member workstations/servers (e.g., IPC like to C$ or similar). It is very, very important that anyone managing Windows systems understand these internals, especially when it comes to domains. Sadly a lot of MCSEs (especially older ones) don't seem to, among other NT and AD internals. Microsoft still doesn't offer a good AD internals course, although they do have a good NT internals course as well as set of books. -- Bryan J Smith - Professional, Technical Annoyance b.j.smith at ieee.org - http://www.linkedin.com/in/bjsmith ---------------------------------------------------------- Computers are precise, but not accurate, and make mistakes due to lack of input, as lack of awareness and observation

1 0

[libvirt-users] Difficulty with a transferred VM
by Dale Amon 21 Dec '12

21 Dec '12

I have a better faster server and moved the disk from the old one to the new one. After the move, I edited the xml file manually to give it the correct paths for the new machine, since the mount point for all the VM storage pools is now different. I get # virsh start www.foo.org error: Failed to start domain www.foo.org error: internal error cannot load AppArmor profile 'libvirt-xxx .... xxx' I tried aa-complain /usr/sbin/libvirtd I even tried editing /etc/apparmor/usr.lib.libvirt.virt-aa-helper and adding the new path to where the VM images are stored. Still no joy. Suggestions?

1 1

[libvirt-users] CFS BWC related question
by Dennis Chen 19 Dec '12

19 Dec '12

Hi, Seems this question is not related with libvirt directly, but I still want to ping this list to see if someone can be help. The OS in my desktop box is Ubuntu 12.10, the kernel is 3.5.1. I installed the cgroup utility package with:#apt-get install cgroup-bin, but after I installed these packages successfully, I can't find cpu_quota/cpu_period controller in the /sys/fs/cgroup/cpu folder. So the essential question is: What I need to do to make cgroup can support CFS BWC feature? Specifically, how to make the cpu_quota/cpu_period to be available within cgroup/cpu? BRs, Dennis

3 4

[libvirt-users] Need help regarding perl sys::virt
by Rawat, Vishwanath 19 Dec '12

19 Dec '12

Hi, I wanted to use perl Sys::Virt (which uses libvirt) to remotely connect KVM hypervisor. As a start I tried following simple script(KVM.pl) but I am getting following error. First it will ask for authentication which I am providing to it manually then it fails. Do I need to do some configuration on KVM hypervisor before executing this script? Any help is appreciated. bash-3.2$ perl KVM.pl root(a)10.238.132.125's password: Unable to open connection to qemu+ssh://root@10.238.132.125/system?no_verify=1: End of file while reading data: Warning: Perm: Input/output error8.132.125' (RSA) to the list of known hosts. Can't call method "list_domains" on an undefined value at KVM.pl line 21. bash-3.2$ bash-3.2$ cat KVM.pl use strict; use warnings; use Sys::Virt; use Data::Dump qw(dump); my $user = "root"; my $host = <some_host>; my $uri = "qemu+ssh://root\@$host/system?no_verify=1"; my $vmm; eval { $vmm = Sys::Virt->new(uri => $uri, readonly => 1); }; if ($@) { print "Unable to open connection to $uri: " . $@->message . "\n"; } for my $dom ($vmm->list_domains, $vmm->list_defined_domains) { ## see perldoc Sys::Virt::Domain print "name: ", $dom->get_name, "\n"; print "uuid: ", $dom->get_uuid_string(), "\n"; ## $dom->get_info returns a hash reference dump $dom->get_info; print "\n"; } Regards, Rawat

3 4

[libvirt-users] Ordering multiple network interfaces on vms
by john fisher 18 Dec '12

18 Dec '12

On a hypervisor with multiple interfaces, we'd like to make those interfaces available to each of multiple VMs. We have both bridged interfaces and SRIOV interfaces, no NAT interfaces. When we create a vm in virsh using an xml file with no network elements, but having interface elements, we get the interfaces in the vm, but the ordering of eth devices does not match the ordering on the hypervisor and we aren't sure the ordering is repeatable either. In other words, eth0 in the HV is thingA and eth1 is thingB, but on the VM eth0 is thingC eth1 is thingD and eth4 is thingA so forth. we have 12 interfaces so ordering or naming is important and confusing. We've tried to use the PCI bus numbers as seen in lspci on the HV, but no luck. Do we need to start using network elements in the vm's xml file or separately to control the ordering? Whats the usual practice here? Sample xml: <interface type='hostdev'> <source dev='eth3' mode='vepa'> <address type='pci' domain='0x0000' bus='0x16' slot='0x10' function='0x1'/> </source> <target dev='macvtap0'/> </interface> <interface type='bridge'> <source bridge='br4'/> <target dev='vnet0'/> <model type='virtio'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface> Thanks! -- John Fisher

2 3

[libvirt-users] ANNOUNCE: New libosinfo project mailing list
by Daniel P. Berrange 17 Dec '12

17 Dec '12

Historically the libosinfo project has used virt-tools-list(a)redhat.com for all its discussions. Since the project has grown and matured, it is time for a dedicated mailing list. If you are interested/involved with libosinfo, please subscribe to the new list: https://www.redhat.com/mailman/listinfo/libosinfo The list only accepts postings from members. Once subscribed you can post to libosinfo(a)redhat.com Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|

1 0