Unit libvirtd.service could not be found. on VM
by Dana Elfassy
Hi all,
Some background:
I recently has some issues with libvirt on my laptop when I got the error
'operation failed: pool 'default' already exists with uuid
dd48b6ad-9a00-46eb-a3a4-c122d8a294a5' when I connected virt-manager. I was
finally able to resolve it yesterday, when I removed libvirt and all its
related content in /etc/libvirt, removed the pool by its UUID, deleted
virbr0 & virbro-nic, removed the default network, reinstalled and created
the network & default pool again
Now I got libvirtd on my laptop up & running.
However, when I install vms on my laptop, they don't have libvirtd.service
This is the network configuration XML:
<interface type="network">
<mac address="52:54:00:d0:40:69"/>
<source network="default" portid="171a745c-f96d-412a-baa7-ee1feeaed6ac"
bridge="virbr0"/>
<target dev="vnet1"/>
<model type="virtio"/>
<alias name="net0"/>
<address type="pci" domain="0x0000" bus="0x00" slot="0x03"
function="0x0"/>
</interface>
I installed the vms with virt-manager. The Network source is Virtual
network 'default': NAT
I'm using CentOS8.1 on both my laptop & vms.
Is there anything else I need to reconfigure or any thoughts why
libvirtd.service doesn't exist on my VMS?
Thanks,
Dana
4 years, 7 months
Re: USB-hotplugging fails with "failed to load cgroup BPF prog: Operation not permitted" on cgroups v2
by Pavel Hrdina
On Mon, Jan 20, 2020 at 09:00:15PM +0100, Pol Van Aubel wrote:
> Hi,
>
> Quoting Pavel Hrdina (2020-01-20 14:29:36)
> > On Sat, Jan 18, 2020 at 11:17:11PM +0100, Pol Van Aubel wrote:
> > > Hi all,
> > >
> > > I've disabled cgroups v1 on my system with the kernel boot option
> > > "systemd.unified_cgroup_hierarchy=1". Since doing so, USB hotplugging
> > > fails to work, seemingly due to a permissions problem with BPF. Please
> > > note that the technique I'm going to describe worked just fine for
> > > hotplugging USB devices to running domains until this change.
> > > Attaching / detaching USB devices when the domain is down still works as
> > > expected.
> > >
> > > I get the same error when attaching a device in virt-manager, as I do
> > > when running the following command:
> > >
> > > sudo virsh attach-device wenger /dev/stdin --persistent <<END
> > > <hostdev mode='subsystem' type='usb' managed='yes'>
> > > <source startupPolicy='optional'>
> > > <vendor id='0x046d' />
> > > <product id='0xc215' />
> > > </source>
> > > </hostdev>
> > > END
> > >
> > > This returns
> > > error: Failed to attach device from /dev/stdin
> > > error: failed to load cgroup BPF prog: Operation not permitted
> > >
> > >
> > > virt-manager returns basically the same error, but for completeness'
> > > sake, here it is:
> > >
> > > failed to load cgroup BPF prog: Operation not permitted
> > >
> > > Traceback (most recent call last):
> > > File "/usr/share/virt-manager/virtManager/addhardware.py", line 1327, in _add_device
> > > self.vm.attach_device(dev)
> > > File "/usr/share/virt-manager/virtManager/object/domain.py", line 920, in attach_device
> > > self._backend.attachDevice(devxml)
> > > File "/usr/lib/python3.8/site-packages/libvirt.py", line 590, in attachDevice
> > > if ret == -1: raise libvirtError ('virDomainAttachDevice() failed', dom=self)
> > > libvirt.libvirtError: failed to load cgroup BPF prog: Operation not permitted
> > >
> > >
> > > Now, libvirtd is running as root, so I don't understand why any
> > > operation on BPF programs is not permitted. I've dug into libvirt's code
> > > a bit to see what is throwing this error and it boils down to
> > > <https://github.com/libvirt/libvirt/blob/7d608469621a3fda72dff2a89308e68cc...>
> > > and
> > > <https://github.com/libvirt/libvirt/blob/02bf7cc68bfc76242f02d23e73cad3661...>
> > > but I have no clue what that syscall is doing, so that's where my
> > > debugging capability basically ends.
> > >
> > > Maybe this is something as simple as setting the right ACL somewhere. I
> > > haven't touched /etc/libvirt/qemu.conf except for setting nvram. There
> > > *is* something about cgroup_device_acl there but afaict that's for
> > > cgroups v1, when there was still a device cgroup controller. Any help
> > > would be greatly appreciated.
> > >
> > >
> > > Domain log files:
> > > Upon execution of the above commands, nothing gets added to the domain
> > > log in /var/log/qemu/wenger.log, so I've decided they're likely
> > > irrelevant to the issue. Please ask for any additional info required.
> > >
> > >
> > > System information:
> > > Arch Linux, (normal) kernel 5.4.11
> > > libvirt 5.10.0
> > > qemu 4.2.0, using KVM.
> > > Host system is x86_64 on an intel 5820k.
> > > Guest system is probably irrelevant, but is Windows 10 on the same.
> > >
> > >
> > > Possibly relevant kernel build options:
> > > $ zgrep BPF /proc/config.gz
> > > [22:55:52]: zgrep BPF /proc/config.gz
> > >
> > > CONFIG_CGROUP_BPF=y
> > > CONFIG_BPF=y
> > > CONFIG_BPF_SYSCALL=y
> > > CONFIG_BPF_JIT_ALWAYS_ON=y
> > > CONFIG_IPV6_SEG6_BPF=y
> > > CONFIG_NETFILTER_XT_MATCH_BPF=m
> > > # CONFIG_BPFILTER is not set
> > > CONFIG_NET_CLS_BPF=m
> > > CONFIG_NET_ACT_BPF=m
> > > CONFIG_BPF_JIT=y
> > > CONFIG_BPF_STREAM_PARSER=y
> > > CONFIG_LWTUNNEL_BPF=y
> > > CONFIG_HAVE_EBPF_JIT=y
> > > CONFIG_BPF_EVENTS=y
> > > # CONFIG_BPF_KPROBE_OVERRIDE is not set
> > > # CONFIG_TEST_BPF is not set
> >
> > Hi
> >
> > I've installed clean archlinux to try this out and it works as expected,
> > I'm able to attach USB device into a VM.
> >
> > My system env is mostly the same as yours except for kernel version:
> >
> > kernel 5.4.13
> > libvirt 5.10.0
> > qemu 4.2.0, using KVM.
> >
> > Please enable libvirt debug logs [1] and share the output with us.
>
> I've updated to 5.4.13 and created a barebones VM without storage to
> reproduce the behaviour. libvirtd debug logs are attached. There appear
> to be two BPF failures of the same BPF program (?). The first is on line
> 23209, which appears to be part of machine startup, and which I don't
> actually notice. The second one is where I manually add the USB device,
> on line 30599.
>
> Thanks,
Thanks for the logs, but it did not help to figure out where the issue
is. I was hoping to see some error output from the syscall but the line
that should contain it is empty:
2020-01-20 19:47:15.589+0000: 8579: debug : virBPFLoadProg:78 :
Can you please check system logs and output of dmesg?
I've managed to run into this article [1] that explains that even if you
have all permissions and no SELinux you can still be blocked by
something called kernel_lockdown and it should appear in dmesg.
Pavel
[1] <https://gehrcke.de/2019/09/running-an-ebpf-program-may-require-lifting-th...>
4 years, 7 months
libvirt object IVirtualBox is null
by claudia freitas
Hi,
I'm using libvirt to manage virtual machines created with VirtualBox-6.0,
however when I try to start, to shut down virsh vm I get the message of
object IVirtualBox is null.
However, if I leave the VirtualBox graphical interface open it works
normally. Can anyone help or is experiencing the same problem?
Thanks,
Kilida2020
4 years, 7 months
Running libvirtd inside chroot (mock to be precise)
by Marcin Sobczyk
Hi,
I was wondering whether it's possible to run libvirtd inside a chroot
environment.
The assumption is that only one instance of libvirtd would be running on
the machine at a time, but still, inside chroot.
Currently in my chroot env I have:
- /dev/kvm added with mknod
- /dev/vhost-net added with mknod
- mounted:
- /dev/net
- /dev/shm
- /run/dbus
When I run libvirtd in non-daemon mode I get one error:
2020-05-13 10:06:27.480+0000: 28555: error : virNetDevBridgeCreate:484 :
error creating bridge interface virbr0: File exists
but it seems to me that libvirtd can live with that.
When I try to run a VM however I get a qemu error reported:
2020-05-13 08:56:51.643+0000: starting up libvirt version: 4.5.0,
package: 35.3.module_el8.1.0+297+df420408 (CentOS Buildsys
<bugs(a)centos.org>, 2020-04-10-11:06:38, ), qemu version:
2.12.0qemu-kvm-2.12.0-88.module_el8.1.0+297+df420408.3, kernel:
4.18.0-80.el8.x86_64, hostname: .....
LC_ALL=C
PATH=/var/lib/ci_toolbox:/usr/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin
HOME=/root/ovirt-system-tests USER=root LOGNAME=root QEMU_AUDIO_DRV=none
/usr/libexec/qemu-kvm -name
guest=992415aa-lago-basic-suite-master-engine,debug-threads=on -S
-object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-1-992415aa-lago-basic-/master-key.aes
-machine
pc-i440fx-rhel7.6.0,accel=kvm,usb=off,vmport=off,dump-guest-core=off
-cpu host -m 4096 -realtime mlock=off -smp 2,sockets=2,cores=1,threads=1
-object iothread,id=iothread1 -numa node,nodeid=0,cpus=0,mem=2048 -numa
node,nodeid=1,cpus=1,mem=2048 -uuid 10ed4b42-bb14-4b03-a411-c62fb1181c2d
-display none -no-user-config -nodefaults -chardev
socket,id=charmonitor,fd=31,server,nowait -mon
chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown
-global PIIX4_PM.disable_s3=1 -global PIIX4_PM.disable_s4=1 -boot
menu=off,strict=on -device
virtio-scsi-pci,iothread=iothread1,id=scsi0,num_queues=2,bus=pci.0,addr=0x5
-device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x6 -drive
file=/root/ovirt-system-tests/deployment-basic-suite-master/default/images/lago-basic-suite-master-engine_root.qcow2,format=qcow2,if=none,id=drive-virtio-disk0,serial=1,cache=writeback,discard=unmap
-device
virtio-blk-pci,iothread=iothread1,scsi=off,num-queues=1,bus=pci.0,addr=0x7,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1,write-cache=on
-drive
file=/root/ovirt-system-tests/deployment-basic-suite-master/default/images/lago-basic-suite-master-engine_nfs.raw,format=raw,if=none,id=drive-scsi0-0-0-0,serial=2,cache=writeback,discard=unmap
-device
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,write-cache=on
-drive
file=/root/ovirt-system-tests/deployment-basic-suite-master/default/images/lago-basic-suite-master-engine_iscsi.raw,format=raw,if=none,id=drive-scsi0-0-0-2,serial=3,cache=writeback,discard=unmap
-device
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=2,drive=drive-scsi0-0-0-2,id=scsi0-0-0-2,write-cache=on
-netdev tap,fds=33:34,id=hostnet0,vhost=on,vhostfds=35:36 -device
virtio-net-pci,mq=on,vectors=6,netdev=hostnet0,id=net0,mac=54:52:c0:a8:c8:02,bus=pci.0,addr=0x3
-netdev tap,fds=37:38,id=hostnet1,vhost=on,vhostfds=39:40 -device
virtio-net-pci,mq=on,vectors=6,netdev=hostnet1,id=net1,mac=54:52:c0:a8:ca:02,bus=pci.0,addr=0x4
-chardev socket,id=charchannel0,fd=41,server,nowait -device
virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0
-chardev pty,id=charconsole0 -device
virtconsole,chardev=charconsole0,id=console0 -device
cirrus-vga,id=video0,bus=pci.0,addr=0x2 -object
rng-random,id=objrng0,filename=/dev/urandom -device
virtio-rng-pci,rng=objrng0,id=rng0,bus=pci.0,addr=0x9 -sandbox
on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny
-msg timestamp=on
2020-05-13 08:56:51.643+0000: Domain id=1 is tainted: high-privileges
2020-05-13 08:56:51.643+0000: Domain id=1 is tainted: host-cpu
libvirt: QEMU Driver error : internal error: Unable to find any /dev mount
2020-05-13 08:56:51.654+0000: shutting down, reason=failed
And this one currently is blocking me.
Did anyone try such a setup?
Any help would be appreciated.
Regards, Marcin
4 years, 7 months
blockcommit --pivot does not succeed in conjunction with qemu 5.0.0
by Thomas Stein
Hello one and all.
Got a problem with libvirt 6.2.0 and qemu 5.0.0.
virsh blockcommit mymachine vda --active --verbose --pivot
works until it shows [100%] but it never actually pivots. It just sits
there. Is this a known issue with 6.2.0 and i should
try 6.3.0? For now i switched back to qemu 4.2.0 and this seems to solve
the issue too. Any hints?
Ahoi! t.
4 years, 7 months
Nested Virtualization on Google Cloud.
by Tanmoy Sinha
I am using nested virtualization on a Google Cloud Compute instance. Things
are generally working fine with libvirt using qemu+kvm, however I observed
that <cpu mode='host-model'> is not exposing avx and avx2 instruction set
to the guest Linux instance. Google Cloud platform claims the CPU model of
the host compute instance is Broadwell, however libvirt capabilities maps
it to Westmere-IBRS and it has avx and avx2 features, yet host-model is not
exposing those.
As a workaround, I am using <cpu mode='host-passthrough'>, but I would like
to know what is going wrong here? I can also share the output of cpuid of
the host system, if that helps. I am not sure whether it's a libvirt issue
or something to do with KVM. Any help would be appreciated.
Following is the host information, along with the qemu process details for
the linux guest.
root@dev-vm:~# kvm --version
QEMU emulator version 2.8.1(Debian 1:2.8+dfsg-6+deb9u9)
Copyright (c) 2003-2016 Fabrice Bellard and the QEMU Project developers
root@dev-vm:~# virsh --version
setlocale: No such file or directory
3.0.0
root@dev-vm:~# virsh capabilities
<capabilities>
<host>
<uuid>a2b6c5d9-dfea-7efb-defb-3cce3aadb067</uuid>
<cpu>
<arch>x86_64</arch>
<model>*Westmere-IBRS*</model>
<vendor>Intel</vendor>
<topology sockets='1' cores='4' threads='2'/>
<feature name='vme'/>
<feature name='ss'/>
<feature name='ht'/>
<feature name='pclmuldq'/>
<feature name='vmx'/>
<feature name='fma'/>
<feature name='pcid'/>
<feature name='x2apic'/>
<feature name='movbe'/>
<feature name='xsave'/>
<feature name='osxsave'/>
<feature name='avx'/>
<feature name='f16c'/>
<feature name='rdrand'/>
<feature name='hypervisor'/>
<feature name='arat'/>
<feature name='fsgsbase'/>
<feature name='tsc_adjust'/>
<feature name='bmi1'/>
<feature name='hle'/>
<feature name='avx2'/>
<feature name='smep'/>
<feature name='bmi2'/>
<feature name='erms'/>
<feature name='invpcid'/>
<feature name='rtm'/>
<feature name='rdseed'/>
<feature name='adx'/>
<feature name='smap'/>
<feature name='md-clear'/>
<feature name='ssbd'/>
<feature name='xsaveopt'/>
<feature name='pdpe1gb'/>
<feature name='rdtscp'/>
<feature name='abm'/>
<feature name='3dnowprefetch'/>
<feature name='invtsc'/>
<pages unit='KiB' size='4'/>
<pages unit='KiB' size='2048'/>
<pages unit='KiB' size='1048576'/>
</cpu>
<power_management>
<suspend_mem/>
<suspend_disk/>
<suspend_hybrid/>
</power_management>
<migration_features>
<live/>
<uri_transports>
<uri_transport>tcp</uri_transport>
15771 ? Sl 0:03 qemu-system-x86_64 -enable-kvm -name
guest=Util-LIN-1,debug-threads=on -S -object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-11-Util-LIN-1/master-key.aes
-machine pc-i440fx-2.1,accel=kvm,usb=off,dump-guest-core=off -cpu
*Westmere-IBRS*
,+vme,+ss,+ht,+pclmuldq,+vmx,+fma,+pcid,+x2apic,+movbe,+xsave,+osxsave,
*+avx,*+f16c,+rdrand,+hypervisor,+arat,+fsgsbase,+tsc_adjust,+bmi1,+hle,
*+avx2*,+smep,+bmi2,+erms,+invpcid,+rtm,+rdseed,+adx,+smap,+md-clear,+ssbd,+xsaveopt,+pdpe1gb,+rdtscp,+abm,+3dnowprefetch
-m 4096 -realtime mlock=off -smp 4,sockets=4,cores=1,threads=1 -uuid
caa60e3c-f946-40a4-80ac-1fb86366c5f6 -no-user-config -nodefaults -chardev
socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-11-Util-LIN-1/monitor.sock,server,nowait
-mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown
-boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2
-device ahci,id=sata0,bus=pci.0,addr=0x4 -drive
file=/var/lib/libvirt/images/Util-LIN-1/Util-LIN-1.qcow2,format=qcow2,if=none,id=drive-sata0-0-0
-device ide-hd,bus=sata0.0,drive=drive-sata0-0-0,id=sata0-0-0,bootindex=1
-drive
file=/var/lib/libvirt/images/Util-LIN-1/Util-LIN-1-acdisk.qcow2,format=qcow2,if=none,id=drive-sata0-0-2
-device ide-hd,bus=sata0.2,drive=drive-sata0-0-2,id=sata0-0-2 -netdev
tap,fd=34,id=hostnet0,vhost=on,vhostfd=36 -device
virtio-net-pci,netdev=hostnet0,id=net0,mac=1a:b2:ae:f7:69:c7,bus=pci.0,addr=0x3
-chardev pty,id=charserial0 -device
isa-serial,chardev=charserial0,id=serial0 -device
usb-tablet,id=input0,bus=usb.0,port=1 -vnc 0.0.0.0:8 -device
cirrus-vga,id=video0,bus=pci.0,addr=0x2 -incoming defer -device
virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -msg timestamp=on
Regards
Tanmoy Sinha
4 years, 7 months
Libvirt APIs for creating virtual networks
by Santhosh Kumar Gunturu
I am using the Libvirt APIs to create the virtual networks to use the
dnsmasq capabilities.
I want to understand the APIs how to set the lease time in XML to control
the dnsmasq lease time.
Also, I need some DHCP statistics on the virtual network.
Is there any API available to fetch the statistics ?
Please let me know if any ?
Thanks & Regards
Santhosh Kumar Gunturu
4 years, 7 months