March 2015 - Users - libvirt List Archives

[libvirt-users] virRandomBits - not very random
by Brian Rak 01 Jun '18

01 Jun '18

I just ran into an issue where I had about 30 guests get duplicate mac addresses assigned. These were scattered across 30 different machines. Some debugging revealed that: 1) All the host machines were restarted within a couple seconds of each other 2) All the host machines had fairly similar libvirtd pids (within ~100 PIDs of each other) 3) Libvirt seeds the RNG using 'time(NULL) ^ getpid()' This perfectly explains why I saw so many duplicate mac addresses. Why is the RNG seed such a predictable value? Surely there has to be a better source of a random seed then the timestamp and the pid? The PID seems to me to be a very bad source of any randomness. I just ran a test across 60 of our hosts. 43 of them shared their PID with at least one other machine.

7 13

[libvirt-users] Freeze Windows Guests For Consistent Storage Snapshots
by Payes Anand 09 Jun '15

09 Jun '15

Hi, Is it possible to freeze windows guests for a consistent storage level snapshot. I am using openstack icehouse on centos 6.6 Hypervisor: KVM Libvirt: 0.10.2 Qemu: 0.10.2 Guest OS: Windows 7 and Windows Server 2008 I was able to freeze Centos guests by issuing the command: virsh qemu-agent-command <guest_ID> '{"execute":"guest-fsfreeze-freeze"}' For CentOS guests, I enabled access between compute nodes and guests through a socket by setting metadata parameter, hw_qemu_guest_agent=yes for the guest image. And then installing qemu-guest-agent inside the guest. What steps do i have to follow for windows ? Regars, Payes

2 2

[libvirt-users] QEMU interface type=ethernet
by Brian Rak 21 Apr '15

21 Apr '15

With Libvirt under modern kernels, you can't use <interface type='ethernet'> unless QEMU is running as root. Running qemu as root is not ideal, but I was able to track down the issue to this linux change: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c… Which means that if you're seeing errors like this: 2015-03-02T18:00:51.243477Z qemu-kvm: -netdev tap,script=/tmp/vnet380622.sh,id=hostnet1: could not open /dev/net/tun: Operation not permitted 2015-03-02T18:00:51.243518Z qemu-kvm: -netdev tap,script=/tmp/vnet380622.sh,id=hostnet1: Device 'tap' could not be initialized They can be resolved like this: 1) Edit /etc/libvirt/qemu.conf, and add "/dev/net/tun" to the cgroup_device_acl option 2) Run: setcap cap_net_admin+eip /bin/qemu-system-x86_64 This will give QEMU CAP_NET_ADMIN when it runs. Make sure you review `man capabilities` to see what capabilities this actually gets qemu. The downside here is that in the event a guest somehow breaks out of qemu, CAP_NET_ADMIN gives them a bunch of scary permissions that could result in you having a seriously bad day (it's enough permissions to MITM all the machine's traffic, which could easily result in compromise) It looks to me like libvirt already has the ability to create tap devices and pass them into qemu (src/util/virnetdevtap.c - virNetDevTapCreateInBridgePort), however you need to actually be using a bridged network to do this. There is no way to have libvirt just create a tap device and leave the rest to user defined scripts. I don't think I have the necessary knowledge to add that feature in a generic way, but it seems like it would be pretty handy. I'll probably just work around it by removing the virNetDevBridgeAddPort call from our version of libvirt.

2 3

[libvirt-users] How to burn a CD using libvirt?
by Steve Ross 14 Apr '15

14 Apr '15

Hi, My first e-mail... my apologies if this is not the appropriate e-mail list. My goal is to *write* from the guest OS to a CD or DVD reader/writer on my host system. Currently, the write operation is failing. I believe it is because the virtual CD-ROM device is set to be "readonly". Is it possible to write to a QEMU CDROM device and, if so, how? (The host machine's CD-ROM drive does support writing/burning.) I'm using the "virt-manager" GUI to start the virtual machine. Once started, the "qemu" command line from my virtual machine process includes the following, where the host's built-in CD reader/writer is "/dev/sr0". /usr/bin/qemu-system-x86_64 ... -drive file=/dev/sr0,if=none,id=drive-ide0-0-1,readonly=on,format=raw This obviously says that the device is "readonly". A snippet of XML from my virtual machine from the CDROM is: <domain type='kvm'> ... <devices> <disk type='block' device='cdrom'> <driver name='qemu' type='raw'/> <source dev='/dev/sr0'/> <target dev='hdb' bus='ide'/> <readonly/> <address type='drive' controller='0' bus='0' target='0' unit='1'/> </disk> I've tried removing the <readonly/> tag from the above VM definition, and then running the VM, but the tag magically reappears in the VM definition when it runs. Also, the "virt-manager" GUI shows the CDROM device as having the option of "Readonly" being checked (and the GUI does not allow me to uncheck it.) Other details: * qemu version 2.1.3 on Fedora 21. * libvirt version 1.2.0.2 Thanks for any help or pointers you can provide, -- Steve

2 1

[libvirt-users] XML vm configfile with Display using QEMU GTK interface
by Vinícius Ferrão 09 Apr '15

09 Apr '15

Hello guys, I'm trying to start a VM using the QEMU GTK Display Interface instead of a SDL window. But I'm failing. My actual setting is using SDL with this XML line: <graphics type='sdl' display=':0.0' xauth='/home/ploog/.Xauthority'/> I changed to: <graphics type='gtk'> But it fails to start the VM. Any ideias? Thanks in advance,

2 1

[libvirt-users] couple of ceph/rbd questions
by Brian Kroth 01 Apr '15

01 Apr '15

Hi, I've recently been working on setting up a set of libvirt compute nodes that will be using a ceph rbd pool for storing vm disk image files. I've got a couple of issues I've run into. First, per the standard ceph documentation examples [1], the way to add a disk is to create a block in the VM definition XML that looks something like this: <disk type='network' device='disk'> <source protocol='rbd' name='libvirt-pool/new-libvirt-image'> <host name='{monitor-host-1}' port='6789'/> <host name='{monitor-host-2}' port='6789'/> <host name='{monitor-host-3}' port='6789'/> </source> <target dev='vda' bus='virtio'/> <auth username='libvirt'> <secret type='ceph' uuid='9ec59067-fdbc-a6c0-03ff-df165c0587b8'/> </auth> </disk> The trouble with this approach is that those ceph cluster details (secret uuid and monitor host lists), need to be stored separately in every single VM disk definition separately. That makes for a lot of maintenance when those details need to change (eg: replace a monitor host (common), or change the auth details (less common)). I'd prefer to be able to define a libvirt storage pool that contains those details, and then reference the disks within each VM as volumes, so that I only need to change the ceph monitor/auth details once per libvirt compute host, rather than for every single VM disk definition. I've rebuilt my libvirt packages using --with-rbd-support so that I can successfully define a libvirt storage pool as follows: <pool type='rbd'> <name>libvirt-rbd-pool</name> <source> <name>libvirt-pool</name> <host name='{monitor-host-1}' port='6789'/> <host name='{monitor-host-2}' port='6789'/> <host name='{monitor-host-3}' port='6789'/> <auth username='libvirt' type='ceph'> <secret uuid='9ec59067-fdbc-a6c0-03ff-df165c0587b8'/> </auth> </source> </pool> However, when I go to start a VM with a volume created in that pool as follows, I get an error: <disk type='volume' device='disk'> <source pool='libvirt-rbd-pool' volume='{rbd-volume-name}'/> <driver name='qemu' type='raw' cache='writethrough'/> <target dev='vda' bus='virtio'/> </disk> "using 'rbd' pools for backing 'volume' disks isn't yet supported" When I dug through the code, it appears that there's an explicit check for RBD type storage pools (VIR_STORAGE_POOL_RBD) that disables that (libvirt-1.2.13/src/storage/storage_driver.c:3159). Is there a particular reason for that? Has it just not been implemented yet, or am I specifying the disk definition in the wrong way? Second, using the former disk definition method, I'm able to run VMs under qemu, *and* migrate them. Very slick. Nice work all. However, I found that since by default virt-manager leaves the VM defined on both the source and destination, I'm actually able to start the VM in both places. I didn't see an option to disable that, so I just wrote a simple wrapper script to do the right thing via virsh using --undefinesource, but I can't guarantee that some other admin might not skip that and just use the GUI. It appears that libvirt (or is it qemu?) doesn't set rbd locks on the disk image files by default. After running across [2], I had originally thought about writing some hooks to set and release locks on the VMs using the rbd cli, but after reading the docs on the migration process [3], I think that's probably not possible since the VM is started in both places temporarily. I think my other option is to setup some shared fs (maybe cephfs) and point virtlockd at it so that all of the libvirt compute hosts register locks on VMs properly. However, I thought I'd ask if anyone knows if there's some magic other parameter or setting I can use to have libvirt/qemu just use rbd locks natively. Or, is that not implemented either? Thanks for your help. Cheers, Brian [1] <http://ceph.com/docs/master/rbd/libvirt/#configuring-the-vm> [2] <https://www.redhat.com/archives/libvirt-users/2014-January/msg00058.html> [3] <https://libvirt.org/hooks.html#qemu_migration>

2 2

[libvirt-users] Networking issues in host
by G. Richard Bellamy 30 Mar '15

30 Mar '15

I've been having intermittent network issues on my Host - they go away when I stop and disable libvirtd and then reboot. They do not go away if I just stop libvirtd and don't reboot. I'm at a loss as to where to start with my troubleshooting, and being a relative n00b to libvirt, I'd love any pointers. Regards, Richard

2 2

[libvirt-users] No package 'libvirt' found
by Rudy YAYON 29 Mar '15

29 Mar '15

Hi, After successful libvirt compilation on Cygwin, I am trying to run virt-manage which requests LibvirtGLib: $ virt-manager Traceback (most recent call last): File "/usr/share/virt-manager/virt-manager", line 30, in <module> from gi.repository import LibvirtGLib ImportError: cannot import name LibvirtGLib I understand that I need to compile libvirt-glib. The problem is that I get the following error once running ./configure: checking whether C compiler handles -fexceptions... yes checking whether C compiler handles -fasynchronous-unwind-tables... yes checking whether C compiler handles -fipa-pure-const... yes checking whether C compiler handles -Wno-suggest-attribute=pure... yes checking whether C compiler handles -Wno-suggest-attribute=const... yes checking for pkg-config... /usr/bin/pkg-config checking pkg-config is at least version 0.9.0... yes checking for LIBVIRT... no configure: error: Package requirements (libvirt >= 0.10.2) were not met: No package 'libvirt' found Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively, you may set the environment variables LIBVIRT_CFLAGS and LIBVIRT_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details. The only "libraries" I have been able to find are: $ cp /usr/local/bin/cygvirt- cygvirt-0.dll cygvirt-lxc-0.dll cygvirt-qemu-0.dll Copying it to /usr/lib doesn't change anything. Renaming these files from cygvirt* to libvirt* either. Any idea? Cordialement,Rudy YAYON

1 0

Re: [libvirt-users] 答复: libvirtd can't start
by Martin Kletzander 27 Mar '15

27 Mar '15

On Thu, Mar 26, 2015 at 02:55:04PM +0800, 梅磊 wrote: >Thanks for your reply, Martin, I have read the coredump, but I am not familiar with libvirt, so could you help me to figure it out why it crash? >Attachment is the coredump gdb output and all the generate files when libvirtd stop. > I forgot to ask you to install debuginfo packages to further investigate. But looking at the log only netcf-debuginfo is needed. Could you install it and then run the "t a a bt f" again, please? From the current logs I can only guess that there is some network XML mangled and netcf can't read it. When you're power went out, as you said, is it possible you were updating something in the meantime? Try running "rpm -Va" to see if there's something broken in the system. >And Do you think this issue is the same issue with the below root cause? >https://bugzilla.redhat.com/show_bug.cgi?id=1179981 > It is not, that is caused by something else. > > > >-Best Regards, >Andy > > >-----邮件原件----- >发件人: Martin Kletzander [mailto:mkletzan@redhat.com] >发送时间: 24 March 2015 21:20 >收件人: 梅磊 >抄送: libvirt-users(a)redhat.com >主题: Re: [libvirt-users] libvirtd can't start > >On Tue, Mar 24, 2015 at 04:29:07PM +0800, 梅磊 wrote: >>Hi experts, >> The libvirtd can’t start on my server after the server interruption of >>power supply, the status is below: >> >>[root@openstack3 libvirt]# service libvirtd status Redirecting to >>/bin/systemctl status libvirtd.service libvirtd.service - >>Virtualization daemon >> Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled) >> Active: failed (Result: signal) since Tue 2015-03-24 16:10:31 CST; >>7min ago >> Process: 27372 ExecStart=/usr/sbin/libvirtd $LIBVIRTD_ARGS >>(code=killed, >>signal=SEGV) >> Main PID: 27372 (code=killed, signal=SEGV) >> >>Mar 24 16:10:31 openstack3 libvirtd[27372]: 2015-03-24 08:10:31.412+0000: >>27383: debug : virFileClose:90 : Closed fd 22 Mar 24 16:10:31 >>openstack3 libvirtd[27372]: 2015-03-24 08:10:31.412+0000: >>27383: debug : virFileClose:90 : Closed fd 22 Mar 24 16:10:31 >>openstack3 libvirtd[27372]: 2015-03-24 08:10:31.412+0000: >>27383: debug : virFileClose:90 : Closed fd 22 Mar 24 16:10:31 >>openstack3 libvirtd[27372]: 2015-03-24 08:10:31.412+0000: >>27383: debug : virFileClose:90 : Closed fd 22 Mar 24 16:10:31 >>openstack3 libvirtd[27372]: 2015-03-24 08:10:31.413+0000: >>27383: debug : virFileClose:90 : Closed fd 22 Mar 24 16:10:31 >>openstack3 libvirtd[27372]: 2015-03-24 08:10:31.413+0000: >>27383: debug : virStateInitialize:847 : Running global init for netcf >>state driver Mar 24 16:10:31 openstack3 libvirtd[27372]: 2015-03-24 >>08:10:31.413+0000: >>27383: debug : virObjectNew:199 : OBJECT_NEW: obj=0x7f73f0080d00 >>classname=virNetcfDriverState Mar 24 16:10:31 openstack3 >>libvirtd[27372]: ====== end of log ===== Mar 24 16:10:31 openstack3 >>systemd[1]: libvirtd.service: main process exited, code=killed, >>status=11/SEGV Mar 24 16:10:31 openstack3 systemd[1]: Unit >>libvirtd.service entered failed state. >> >>And the attachment is the log after restart the libvirtd. >> >>After long time search on google, I didn’t get any useful information, >>so anyone can give me some hint on this issue? >> > >What did you search for? > >According to the log: >abrt-hook-ccpp: Saved core dump of pid 28928 (/usr/sbin/libvirtd) to >/var/tmp/abrt/ccpp-2015-03-24-16:19:22-28928 (97218560 bytes) > >libvirtd has segfaulted and you have the coredump. Use gdb to open >it: ># gdb -c /var/tmp/abrt/ccpp-2015-03-24-16:19:22-28928 > >and then look at what happened, if you can't make anything of it, post it as an attachment here or create a bug from it: > >(gdb) bt >(gdb) t a a bt full > >>-BR, >>Andy >> > > >>_______________________________________________ >>libvirt-users mailing list >>libvirt-users(a)redhat.com >>https://www.redhat.com/mailman/listinfo/libvirt-users

3 4

[libvirt-users] Channel Device virConnectListAllNodeDevices
by Neel Basu 27 Mar '15

27 Mar '15

Hello, I've added a Channel Device through virt-manager GUI. virsh dumpxml shows the device as. <channel type='unix'> <source mode='bind' path='/var/lib/libvirt/qemu/channel/target/ubuntusaucy.marx'/> <target type='virtio' name='marx'/> <alias name='channel2'/> <address type='virtio-serial' controller='0' bus='0' port='3'/> </channel> I am expecting virConnectListAllNodeDevices to have the device in its output. But I don't see it there. Is it the right function to call ? virNodeDevicePtr* devices; int dev_count = virConnectListAllNodeDevices(conn, &devices, 0); std::cout << "Devices: " << dev_count << std::endl; for(virNodeDevicePtr* device = devices; device < devices+dev_count; ++device){ std::cout << virNodeDeviceGetName(*device) << std::endl; } returns 66 devices but once I loop through devices I don't get any corresponding name for the channel device. Tried using virConnectListAllNodeDevices(conn, &devices, VIR_CONNECT_LIST_NODE_DEVICES_CAP_VPORTS); returns 0 devices. Thanks.

1 1