On Wed, Aug 08, 2018 at 12:11:22PM +0000, Inception Hosting wrote: This XML looks reasonable to me. There have been bugs in QEMU's curl driver though, so it might be worth retesting with latest QEMU 2.12.0, or even the 3.0.0-rc4 release from yesterday, to check if its a bug in that version of QEMU Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Resolved this morning, the issue is that the qemu-kvm-ev rpm's released by centos have not been compiled with curl support, I rebuild it myself from source with curl support and it works fine now. Thanks you for your input everyone. ________________________________ From: Vasiliy Tolstov <v.tolstov(a)selfip.ru&gt; Sent: 09 August 2018 10:32:07 To: Inception Hosting Cc: libvirt-users(a)redhat.com Subject: Re: [libvirt-users] Mount URL as cdrom/iso KVM/QEMU ср, 8 авг. 2018 г. в 15:11, Inception Hosting <inbox(a)inceptionhosting.com&gt;: Usually such errors because url not available from host system. Can you try curl this host and address from node? -- Vasiliy Tolstov, e-mail: v.tolstov(a)selfip.ru

Just a quick correction and apologies, the actual issue is that http will not work, https will so I dont think this is a bug as such I think this is by design likely for security. Looking at the man page for qemu-kvm it states http will work with examples given however only https works, my best guess from looking at the spec file from the srpm is that it has only been enabled in the centos qemu-kvm-ev with https: except from spec file: - Resolves: bz#1132569 (RFE: Enable curl driver in qemu-kvm-rhev: https only) example working XML except: <disk type='network' device='cdrom'> <driver name='qemu' type='raw'/> <source protocol="https" name="/debian-cd/current/amd64/iso-cd/debian-9.5.0-amd64-netinst.iso"> <host name="mirror.bytemark.co.uk" port="443"/> </source> <target dev='hdb' bus='ide' tray='closed'/> <readonly/> I have tested this on a base install with the regular packages and can confirm that it works fine over https. Thanks again and sorry for any confusion caused. ________________________________ From: Daniel P. Berrangé <berrange(a)redhat.com&gt; Sent: 09 August 2018 11:29:25 To: Inception Hosting Cc: Vasiliy Tolstov; libvirt-users(a)redhat.com Subject: Re: [libvirt-users] Mount URL as cdrom/iso KVM/QEMU On Thu, Aug 09, 2018 at 10:20:54AM +0000, Inception Hosting wrote: Hmm that's bad, because if curl was disabled, we really want to have QEMU refuse to startup, rather than start & give you an inaccessible file. So this feels like a QEMU bug to me that ought to be reported. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Hi Daniel, I have noticed that it will fail exactly as you said if <cdrom> is first in the boot order, if <hd> is first in the boot order the XML validates and it starts as usual. first in log except below is with cdrom set to first in boot order, second is with hd set first. 2018-08-09 11:39:28.625+0000: starting up libvirt version: 3.9.0, package: 14.el7_5.6 (CentOS BuildSystem <http://bugs.centos.org>;, 2018-06-27-14:13:57, x86-01.bsys.centos.org), qemu version: 2.10.0(qemu-kvm-ev-2.10.0-21.el7_5.4.1), hostname: devnode9.com LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin QEMU_AUDIO_DRV=none /usr/libexec/qemu-kvm -name guest=kvm104,debug-threads=on -S -object secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-82-kvm104/master-key.aes -machine pc-i440fx-rhel7.5.0,accel=kvm,usb=off,dump-guest-core=off -m 1024 -realtime mlock=off -smp 1,sockets=1,cores=1,threads=1 -uuid 5827d6a9-ef0e-4331-9d0e-fa742c70d596 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-82-kvm104/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive file=http://distro.ibiblio.org:80/puppylinux/puppy-xenial/32/xenialpup-7.5-uefi.iso,format=raw,if=none,id=drive-ide0-0-1,readonly=on -device ide-cd,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1,bootindex=2 -drive file=/dev/Kvmvol/kvm104_img,format=raw,if=none,id=drive-virtio-disk0,cache=none -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,fd=30,id=hostnet0,vhost=on,vhostfd=32 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=00:16:3c:07:e0:c9,bus=pci.0,addr=0x3 -device usb-tablet,id=input0,bus=usb.0,port=1 -vnc 0.0.0.0:4,password -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -msg timestamp=on 2018-08-09T11:39:28.690350Z qemu-kvm: -drive file=http://distro.ibiblio.org:80/puppylinux/puppy-xenial/32/xenialpup-7.5-uefi.iso,format=raw,if=none,id=drive-ide0-0-1,readonly=on: Driver 'http' is not whitelisted 2018-08-09 11:39:28.699+0000: shutting down, reason=failed 2018-08-09 11:40:04.963+0000: starting up libvirt version: 3.9.0, package: 14.el7_5.6 (CentOS BuildSystem <http://bugs.centos.org>;, 2018-06-27-14:13:57, x86-01.bsys.centos.org), qemu version: 2.10.0(qemu-kvm-ev-2.10.0-21.el7_5.4.1), hostname: devnode9.com LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin QEMU_AUDIO_DRV=none /usr/libexec/qemu-kvm -name guest=kvm104,debug-threads=on -S -object secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-83-kvm104/master-key.aes -machine pc-i440fx-rhel7.5.0,accel=kvm,usb=off,dump-guest-core=off -m 1024 -realtime mlock=off -smp 1,sockets=1,cores=1,threads=1 -uuid 5827d6a9-ef0e-4331-9d0e-fa742c70d596 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-83-kvm104/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive if=none,id=drive-ide0-0-1,readonly=on -device ide-cd,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1,bootindex=2 -drive file=/dev/Kvmvol/kvm104_img,format=raw,if=none,id=drive-virtio-disk0,cache=none -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,fd=30,id=hostnet0,vhost=on,vhostfd=32 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=00:16:3c:07:e0:c9,bus=pci.0,addr=0x3 -device usb-tablet,id=input0,bus=usb.0,port=1 -vnc 0.0.0.0:4,password -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -msg timestamp=on So my best guess based on the logs is that http is simply being ignored when it is not set to primary, not sure if that is the desired behavior. Cheers. ________________________________ From: Daniel P. Berrangé <berrange(a)redhat.com&gt; Sent: 09 August 2018 12:27 To: Inception Hosting Cc: Vasiliy Tolstov; libvirt-users(a)redhat.com Subject: Re: [libvirt-users] Mount URL as cdrom/iso KVM/QEMU On Thu, Aug 09, 2018 at 10:50:46AM +0000, Inception Hosting wrote: Yes, the qemu RPMs in centos & RHEL have disabled support for http:// protocol, however, I expect that to immediately fail when trying to start the guest. eg # /usr/libexec/qemu-kvm -drive file=http://example.com/foo/bar -accel tcg qemu-kvm: -drive file=http://example.com/foo/bar: Driver 'http' is not whitelisted so I'm puzzelled why your guest successfully started at all with a http protocol in use. Are you able to share your QEMU log from /var/log/libvirt/qemu/$GUESTNAME.log from a VM that fails to launch with http ? Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| [https://c1.staticflickr.com/1/873/40602347890_5a83293856_b.jpg]<https:... Daniel | Flickr<https://www.flickr.com/photos/dberrange> www.flickr.com Explore Daniel's 1,578 photos on Flickr! |: https://libvirt.org -o- https://fstop138.berrange.com :| libvirt: The virtualization API<https://libvirt.org/> libvirt.org libvirt, virtualization, virtualization API |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| [https://scontent-cdt1-1.cdninstagram.com/vp/4ba54fb8119ad17c3b0a98321c357... Daniel Berrangé (@dberrange) • Instagram photos and videos<https://www.instagram.com/dberrange> www.instagram.com 178 Followers, 60 Following, 136 Posts - See Instagram photos and videos from Daniel Berrangé (@dberrange)