[libvirt-users] Mount URL as cdrom/iso KVM/QEMU
Hi Folks, According to the examples in http://libvirt.org/formatdomain.html#elementsDisks it should be possible to mount an iso /url as a cdrom, the example given is: </disk> <disk type='network' device='cdrom'> <driver name='qemu' type='raw'/> <source protocol="http" name="url_path"> <host name="hostname" port="80"/> </source> <target dev='hde' bus='ide' tray='open'/> <readonly/> </disk> I am unable to get this to work at all and wondered if I am just missing something obvious: Boot failed: Could not read from CDROM (code 0003) Actual XML in use snippet: <disk type='network' device='cdrom'> <driver name='qemu' type='raw'/> <source protocol="http" name="/debian-cd/current/amd64/iso-cd/debian-9.5.0-amd64-netinst.iso"> <host name="mirror.bytemark.co.uk" port="80"/> </source> <target dev='hdb' bus='ide' tray='open'/> <readonly/> </disk> libvirtd (libvirt) 3.9.0 QEMU emulator version 2.10.0 Is anyone able to offer any assistance or tips? I have tried putting the complete path including fqdn in the url_path as well, with and without http:// Many Thanks. Anthony.
On Wed, Aug 08, 2018 at 12:11:22PM +0000, Inception Hosting wrote:
Hi Folks,
According to the examples in http://libvirt.org/formatdomain.html#elementsDisks it should be possible to mount an iso /url as a cdrom, the example given is:
</disk> <disk type='network' device='cdrom'> <driver name='qemu' type='raw'/> <source protocol="http" name="url_path"> <host name="hostname" port="80"/> </source> <target dev='hde' bus='ide' tray='open'/> <readonly/> </disk>
I am unable to get this to work at all and wondered if I am just missing something obvious:
Boot failed: Could not read from CDROM (code 0003)
Actual XML in use snippet:
<disk type='network' device='cdrom'> <driver name='qemu' type='raw'/> <source protocol="http" name="/debian-cd/current/amd64/iso-cd/debian-9.5.0-amd64-netinst.iso"> <host name="mirror.bytemark.co.uk" port="80"/> </source> <target dev='hdb' bus='ide' tray='open'/> <readonly/> </disk> libvirtd (libvirt) 3.9.0 QEMU emulator version 2.10.0
Is anyone able to offer any assistance or tips?
This XML looks reasonable to me. There have been bugs in QEMU's curl driver though, so it might be worth retesting with latest QEMU 2.12.0, or even the 3.0.0-rc4 release from yesterday, to check if its a bug in that version of QEMU Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
ср, 8 авг. 2018 г. в 15:11, Inception Hosting <inbox@inceptionhosting.com>:
Hi Folks,
According to the examples in http://libvirt.org/formatdomain.html#elementsDisks it should be possible to mount an iso /url as a cdrom, the example given is:
Usually such errors because url not available from host system. Can you try curl this host and address from node? -- Vasiliy Tolstov, e-mail: v.tolstov@selfip.ru
Resolved this morning, the issue is that the qemu-kvm-ev rpm's released by centos have not been compiled with curl support, I rebuild it myself from source with curl support and it works fine now. Thanks you for your input everyone. ________________________________ From: Vasiliy Tolstov <v.tolstov@selfip.ru> Sent: 09 August 2018 10:32:07 To: Inception Hosting Cc: libvirt-users@redhat.com Subject: Re: [libvirt-users] Mount URL as cdrom/iso KVM/QEMU ср, 8 авг. 2018 г. в 15:11, Inception Hosting <inbox@inceptionhosting.com>:
Hi Folks,
According to the examples in http://libvirt.org/formatdomain.html#elementsDisks it should be possible to mount an iso /url as a cdrom, the example given is:
Usually such errors because url not available from host system. Can you try curl this host and address from node? -- Vasiliy Tolstov, e-mail: v.tolstov@selfip.ru
On Thu, Aug 09, 2018 at 10:20:54AM +0000, Inception Hosting wrote:
Resolved this morning,
the issue is that the qemu-kvm-ev rpm's released by centos have not been compiled with curl support, I rebuild it myself from source with curl support and it works fine now.
Hmm that's bad, because if curl was disabled, we really want to have QEMU refuse to startup, rather than start & give you an inaccessible file. So this feels like a QEMU bug to me that ought to be reported. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
Just a quick correction and apologies, the actual issue is that http will not work, https will so I dont think this is a bug as such I think this is by design likely for security. Looking at the man page for qemu-kvm it states http will work with examples given however only https works, my best guess from looking at the spec file from the srpm is that it has only been enabled in the centos qemu-kvm-ev with https: except from spec file: - Resolves: bz#1132569 (RFE: Enable curl driver in qemu-kvm-rhev: https only) example working XML except: <disk type='network' device='cdrom'> <driver name='qemu' type='raw'/> <source protocol="https" name="/debian-cd/current/amd64/iso-cd/debian-9.5.0-amd64-netinst.iso"> <host name="mirror.bytemark.co.uk" port="443"/> </source> <target dev='hdb' bus='ide' tray='closed'/> <readonly/> I have tested this on a base install with the regular packages and can confirm that it works fine over https. Thanks again and sorry for any confusion caused. ________________________________ From: Daniel P. Berrangé <berrange@redhat.com> Sent: 09 August 2018 11:29:25 To: Inception Hosting Cc: Vasiliy Tolstov; libvirt-users@redhat.com Subject: Re: [libvirt-users] Mount URL as cdrom/iso KVM/QEMU On Thu, Aug 09, 2018 at 10:20:54AM +0000, Inception Hosting wrote:
Resolved this morning,
the issue is that the qemu-kvm-ev rpm's released by centos have not been compiled with curl support, I rebuild it myself from source with curl support and it works fine now.
Hmm that's bad, because if curl was disabled, we really want to have QEMU refuse to startup, rather than start & give you an inaccessible file. So this feels like a QEMU bug to me that ought to be reported. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Thu, Aug 09, 2018 at 10:50:46AM +0000, Inception Hosting wrote:
Just a quick correction and apologies, the actual issue is that http will not work, https will so I dont think this is a bug as such I think this is by design likely for security.
Looking at the man page for qemu-kvm it states http will work with examples given however only https works, my best guess from looking at the spec file from the srpm is that it has only been enabled in the centos qemu-kvm-ev with https:
Yes, the qemu RPMs in centos & RHEL have disabled support for http:// protocol, however, I expect that to immediately fail when trying to start the guest. eg # /usr/libexec/qemu-kvm -drive file=http://example.com/foo/bar -accel tcg qemu-kvm: -drive file=http://example.com/foo/bar: Driver 'http' is not whitelisted so I'm puzzelled why your guest successfully started at all with a http protocol in use. Are you able to share your QEMU log from /var/log/libvirt/qemu/$GUESTNAME.log from a VM that fails to launch with http ? Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
Hi Daniel, I have noticed that it will fail exactly as you said if <cdrom> is first in the boot order, if <hd> is first in the boot order the XML validates and it starts as usual. first in log except below is with cdrom set to first in boot order, second is with hd set first. 2018-08-09 11:39:28.625+0000: starting up libvirt version: 3.9.0, package: 14.el7_5.6 (CentOS BuildSystem <http://bugs.centos.org>, 2018-06-27-14:13:57, x86-01.bsys.centos.org), qemu version: 2.10.0(qemu-kvm-ev-2.10.0-21.el7_5.4.1), hostname: devnode9.com LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin QEMU_AUDIO_DRV=none /usr/libexec/qemu-kvm -name guest=kvm104,debug-threads=on -S -object secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-82-kvm104/master-key.aes -machine pc-i440fx-rhel7.5.0,accel=kvm,usb=off,dump-guest-core=off -m 1024 -realtime mlock=off -smp 1,sockets=1,cores=1,threads=1 -uuid 5827d6a9-ef0e-4331-9d0e-fa742c70d596 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-82-kvm104/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive file=http://distro.ibiblio.org:80/puppylinux/puppy-xenial/32/xenialpup-7.5-uefi.i... -device ide-cd,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1,bootindex=2 -drive file=/dev/Kvmvol/kvm104_img,format=raw,if=none,id=drive-virtio-disk0,cache=none -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,fd=30,id=hostnet0,vhost=on,vhostfd=32 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=00:16:3c:07:e0:c9,bus=pci.0,addr=0x3 -device usb-tablet,id=input0,bus=usb.0,port=1 -vnc 0.0.0.0:4,password -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -msg timestamp=on 2018-08-09T11:39:28.690350Z qemu-kvm: -drive file=http://distro.ibiblio.org:80/puppylinux/puppy-xenial/32/xenialpup-7.5-uefi.i...: Driver 'http' is not whitelisted 2018-08-09 11:39:28.699+0000: shutting down, reason=failed 2018-08-09 11:40:04.963+0000: starting up libvirt version: 3.9.0, package: 14.el7_5.6 (CentOS BuildSystem <http://bugs.centos.org>, 2018-06-27-14:13:57, x86-01.bsys.centos.org), qemu version: 2.10.0(qemu-kvm-ev-2.10.0-21.el7_5.4.1), hostname: devnode9.com LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin QEMU_AUDIO_DRV=none /usr/libexec/qemu-kvm -name guest=kvm104,debug-threads=on -S -object secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-83-kvm104/master-key.aes -machine pc-i440fx-rhel7.5.0,accel=kvm,usb=off,dump-guest-core=off -m 1024 -realtime mlock=off -smp 1,sockets=1,cores=1,threads=1 -uuid 5827d6a9-ef0e-4331-9d0e-fa742c70d596 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-83-kvm104/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive if=none,id=drive-ide0-0-1,readonly=on -device ide-cd,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1,bootindex=2 -drive file=/dev/Kvmvol/kvm104_img,format=raw,if=none,id=drive-virtio-disk0,cache=none -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,fd=30,id=hostnet0,vhost=on,vhostfd=32 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=00:16:3c:07:e0:c9,bus=pci.0,addr=0x3 -device usb-tablet,id=input0,bus=usb.0,port=1 -vnc 0.0.0.0:4,password -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -msg timestamp=on So my best guess based on the logs is that http is simply being ignored when it is not set to primary, not sure if that is the desired behavior. Cheers. ________________________________ From: Daniel P. Berrangé <berrange@redhat.com> Sent: 09 August 2018 12:27 To: Inception Hosting Cc: Vasiliy Tolstov; libvirt-users@redhat.com Subject: Re: [libvirt-users] Mount URL as cdrom/iso KVM/QEMU On Thu, Aug 09, 2018 at 10:50:46AM +0000, Inception Hosting wrote:
Just a quick correction and apologies, the actual issue is that http will not work, https will so I dont think this is a bug as such I think this is by design likely for security.
Looking at the man page for qemu-kvm it states http will work with examples given however only https works, my best guess from looking at the spec file from the srpm is that it has only been enabled in the centos qemu-kvm-ev with https:
Yes, the qemu RPMs in centos & RHEL have disabled support for http:// protocol, however, I expect that to immediately fail when trying to start the guest. eg # /usr/libexec/qemu-kvm -drive file=http://example.com/foo/bar -accel tcg qemu-kvm: -drive file=http://example.com/foo/bar: Driver 'http' is not whitelisted so I'm puzzelled why your guest successfully started at all with a http protocol in use. Are you able to share your QEMU log from /var/log/libvirt/qemu/$GUESTNAME.log from a VM that fails to launch with http ? Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| [https://c1.staticflickr.com/1/873/40602347890_5a83293856_b.jpg]<https://www.flickr.com/photos/dberrange> Daniel | Flickr<https://www.flickr.com/photos/dberrange> www.flickr.com Explore Daniel's 1,578 photos on Flickr! |: https://libvirt.org -o- https://fstop138.berrange.com :| libvirt: The virtualization API<https://libvirt.org/> libvirt.org libvirt, virtualization, virtualization API |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| [https://scontent-cdt1-1.cdninstagram.com/vp/4ba54fb8119ad17c3b0a98321c357a2d/5BF2CDF5/t51.2885-19/s150x150/20968587_481132782267587_5503861153710735360_a.jpg]<https://www.instagram.com/dberrange> Daniel Berrangé (@dberrange) • Instagram photos and videos<https://www.instagram.com/dberrange> www.instagram.com 178 Followers, 60 Following, 136 Posts - See Instagram photos and videos from Daniel Berrangé (@dberrange)
On Thu, Aug 09, 2018 at 11:46:24AM +0000, Inception Hosting wrote:
Hi Daniel,
I have noticed that it will fail exactly as you said if <cdrom> is first in the boot order, if <hd> is first in the boot order the XML validates and it starts as usual.
That is interesting....
first in log except below is with cdrom set to first in boot order, second is with hd set first.
2018-08-09 11:39:28.625+0000: starting up libvirt version: 3.9.0, package: 14.el7_5.6 (CentOS BuildSystem <http://bugs.centos.org>, 2018-06-27-14:13:57, x86-01.bsys.centos.org), qemu version: 2.10.0(qemu-kvm-ev-2.10.0-21.el7_5.4.1), hostname: devnode9.com
-drive file=http://distro.ibiblio.org:80/puppylinux/puppy-xenial/32/xenialpup-7.5-uefi.i... -device ide-cd,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1,bootindex=2 -drive file=/dev/Kvmvol/kvm104_img,format=raw,if=none,id=drive-virtio-disk0,cache=none < -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1
Here we actually see the HD set first (bootindex=1) and CDROM set secound (bootindex=2)
2018-08-09 11:40:04.963+0000: starting up libvirt version: 3.9.0, package: 14.el7_5.6 (CentOS BuildSystem <http://bugs.centos.org>, 2018-06-27-14:13:57, x86-01.bsys.centos.org), qemu version: 2.10.0(qemu-kvm-ev-2.10.0-21.el7_5.4.1), hostname: devnode9.com
-drive if=none,id=drive-ide0-0-1,readonly=on -device ide-cd,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1,bootindex=2 -drive file=/dev/Kvmvol/kvm104_img,format=raw,if=none,id=drive-virtio-disk0,cache=none -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1
And this is the same boot order. What's different, however ,is that libvirt has launched the QEMU with no media present in the CDROM tray, so there's no URL for QEMU to complain about. I dont know what would have caused libvirt to drop the URL for this CDROM...
Cheers.
________________________________ From: Daniel P. Berrangé <berrange@redhat.com> Sent: 09 August 2018 12:27 To: Inception Hosting Cc: Vasiliy Tolstov; libvirt-users@redhat.com Subject: Re: [libvirt-users] Mount URL as cdrom/iso KVM/QEMU
On Thu, Aug 09, 2018 at 10:50:46AM +0000, Inception Hosting wrote:
Just a quick correction and apologies, the actual issue is that http will not work, https will so I dont think this is a bug as such I think this is by design likely for security.
Looking at the man page for qemu-kvm it states http will work with examples given however only https works, my best guess from looking at the spec file from the srpm is that it has only been enabled in the centos qemu-kvm-ev with https:
Yes, the qemu RPMs in centos & RHEL have disabled support for http:// protocol, however, I expect that to immediately fail when trying to start the guest. eg
# /usr/libexec/qemu-kvm -drive file=http://example.com/foo/bar -accel tcg qemu-kvm: -drive file=http://example.com/foo/bar: Driver 'http' is not whitelisted
so I'm puzzelled why your guest successfully started at all with a http protocol in use.
Are you able to share your QEMU log from /var/log/libvirt/qemu/$GUESTNAME.log from a VM that fails to launch with http ?
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| [https://c1.staticflickr.com/1/873/40602347890_5a83293856_b.jpg]<https://www.flickr.com/photos/dberrange>
Daniel | Flickr<https://www.flickr.com/photos/dberrange> www.flickr.com Explore Daniel's 1,578 photos on Flickr!
|: https://libvirt.org -o- https://fstop138.berrange.com :| libvirt: The virtualization API<https://libvirt.org/> libvirt.org libvirt, virtualization, virtualization API
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| [https://scontent-cdt1-1.cdninstagram.com/vp/4ba54fb8119ad17c3b0a98321c357a2d/5BF2CDF5/t51.2885-19/s150x150/20968587_481132782267587_5503861153710735360_a.jpg]<https://www.instagram.com/dberrange>
Daniel Berrangé (@dberrange) • Instagram photos and videos<https://www.instagram.com/dberrange> www.instagram.com 178 Followers, 60 Following, 136 Posts - See Instagram photos and videos from Daniel Berrangé (@dberrange)
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
participants (3)
-
Daniel P. Berrangé -
Inception Hosting -
Vasiliy Tolstov