Re: KVM/QEMU/libvirt, and automatically release mouse pointer in Debian guest

[George at Clug]

On Monday, 29-07-2024 at 14:13 Jeffrey Walton wrote:
> Hi Everyone,
> 
> I have KVM/QEMU/libvirt installed to manage my VMs. I have a Debian 12
> guest, x86_64, fully patched. The Debian guest has qemu-guest-agent
> installed. The qemu-guest-agent service is running on the Debian
> guest.
> 
> The problem is, the Debian guest does not automatically release the
> mouse. I have to tap the right CTRL key.
> 
> My question is, what else needs to be done to automatically release
> the mouse pointer in the Debian guest?

Not sure whether you use Spice or VNC to connect to your VMs.

I do not experience the issue you report with GUI enabled VMs, only with VMs 
that do not have a GUI installed (i.e. headless VMs).

I use Virt-Manager to manage my VMs, I believe Virt-Manager defaults to using 
Spice, hence I install spice-vdagent on my GUI VMs and on non-GUI VMs I connect 
from a terminal using ssh.

I hope the above is of some help to you?

George.


> 
> -
> 
> $ sudo systemctl start qemu-guest-agent
> $ sudo systemctl status qemu-guest-agent
> ● qemu-guest-agent.service - QEMU Guest Agent
> Loaded: loaded (/lib/systemd/system/qemu-guest-agent.service; static)
> Active: active (running) since Mon 2024-07-29 00:01:39 EDT; 9min ago
>   Main PID: 574 (qemu-ga)
>  Tasks: 2 (limit: 4589)
> Memory: 1.2M
>CPU: 2ms
> CGroup: /system.slice/qemu-guest-agent.service
> └─574 /usr/sbin/qemu-ga
> 
> Jul 29 00:01:39 debian12-x64 systemd[1]: Started qemu-guest-agent.service ...
> 
> -
> 
> Thanks in advance,
> 
> Jeff
> 
> 

Re: KVM/QEMU/libvirt, and automatically release mouse pointer in Debian guest

[didier gaumet]

Le 29/07/2024 à 06:13, Jeffrey Walton a écrit :

Hi Everyone,

I have KVM/QEMU/libvirt installed to manage my VMs. I have a Debian 12
guest, x86_64, fully patched. The Debian guest has qemu-guest-agent
installed. The qemu-guest-agent service is running on the Debian
guest.

The problem is, the Debian guest does not automatically release the
mouse. I have to tap the right CTRL key.

[...]

Hello,

(I do not use kvm/qemu/libvirt by invoking qemu directly but thru 
virt-manager, so I am mostly ignorant about qemu direct invocation)


Perhaps the observed behavior is due to parameters missing when you 
launch qemu?
For example vmport and spice options (I don't know if the desired 
behavior can be obtained via vnc instead of spice).

See "Running qemu manually" in the Spice client doc here:
https://www.spice-space.org/spice-user-manual.html#spice-client

KVM/QEMU/libvirt, and automatically release mouse pointer in Debian guest

[Jeffrey Walton]

Hi Everyone,

I have KVM/QEMU/libvirt installed to manage my VMs. I have a Debian 12
guest, x86_64, fully patched. The Debian guest has qemu-guest-agent
installed. The qemu-guest-agent service is running on the Debian
guest.

The problem is, the Debian guest does not automatically release the
mouse. I have to tap the right CTRL key.

My question is, what else needs to be done to automatically release
the mouse pointer in the Debian guest?

-

$ sudo systemctl start qemu-guest-agent
$ sudo systemctl status qemu-guest-agent
● qemu-guest-agent.service - QEMU Guest Agent
Loaded: loaded (/lib/systemd/system/qemu-guest-agent.service; static)
Active: active (running) since Mon 2024-07-29 00:01:39 EDT; 9min ago
  Main PID: 574 (qemu-ga)
 Tasks: 2 (limit: 4589)
Memory: 1.2M
   CPU: 2ms
CGroup: /system.slice/qemu-guest-agent.service
└─574 /usr/sbin/qemu-ga

Jul 29 00:01:39 debian12-x64 systemd[1]: Started qemu-guest-agent.service ...

-

Thanks in advance,

Jeff

Re: Solution for KVM via a cat 5 connection

[Tom Browder]

On Mon, May 27, 2024 at 17:47 Stefan Monnier 
wrote:

> > Has anyone had experience using a KVM setup (at least one HDMI and two
> USB
> > ports) and using cat 5/6/7 between user and the computer?  I don’t need
> to
> > handle multiple computers or high-def video movies, just programming and
> > office work. I need a bit more distance from my computer which must stay
> in
> > a closet, and conventional KVM equipment won’t work.
>
> You can do it without KVM, but using another computer connected to your
> screen/keyboard/etc...


Thanks, Stefan. That is a good solution.

Best regards,

-Tom

Re: Solution for KVM via a cat 5 connection

[Stefan Monnier]

> Has anyone had experience using a KVM setup (at least one HDMI and two USB
> ports) and using cat 5/6/7 between user and the computer?  I don’t need to
> handle multiple computers or high-def video movies, just programming and
> office work. I need a bit more distance from my computer which must stay in
> a closet, and conventional KVM equipment won’t work.

You can do it without KVM, but using another computer connected to your
screen/keyboard/etc...

E.g. use some cheap/small/silent local machine (e.g. Banana Pi) which
you connect to your local devices (screen etc...), connect that machine
to your "real" machine in the closet via ethernet, and then use either
a remote X session or some other such "remote desktop" protocol to
connect to the real machine in the closet.

This setup can be described as a [thin
client](https://en.wikipedia.org/wiki/Thin_client)

The advantage is that it's all standard components, can work over any
network config, ...


Stefan

Solution for KVM via a cat 5 connection

[Tom Browder]

Has anyone had experience using a KVM setup (at least one HDMI and two USB
ports) and using cat 5/6/7 between user and the computer?  I don’t need to
handle multiple computers or high-def video movies, just programming and
office work. I need a bit more distance from my computer which must stay in
a closet, and conventional KVM equipment won’t work.

If so, I would appreciate knowing what brand and model devices you are
using.

Thanks so much.

-Tom

Re: Kvm Bridge Network Problem

[Geert Stappers]

On Tue, May 07, 2024 at 02:17:05AM +0100, Gareth Evans wrote:
> On Tue 07/05/2024 at 01:51, Gareth Evans wrote:
> 
> I did miss a step.  
> 
> > Start VM, check DHCP address assigned
> 
> should be
> 
> > Edit the VM NIC settings and choose your routed network connection from the 
> > "Network Source" dropdown. Apply changes.
> 
> > Start VM, check DHCP address assigned
> 
> I actually deleted other vibrX devices and networks before starting, but I 
> don't think that matters.
> 
> G

For the sake of the archive: Place _all_ steps in one email.
Preferable in reply to the original posting.
 

Groeten
Geert Stappers
-- 
Silence is hard to parse

Re: Kvm Bridge Network Problem

[Gareth Evans]

On Tue 07/05/2024 at 01:51, Gareth Evans  wrote:

I did miss a step.  

> Start VM, check DHCP address assigned

should be

> Edit the VM NIC settings and choose your routed network connection from the 
> "Network Source" dropdown. Apply changes.

> Start VM, check DHCP address assigned

I actually deleted other vibrX devices and networks before starting, but I 
don't think that matters.

G

Re: Kvm Bridge Network Problem

[Gareth Evans]

On host:

$ ip a|grep wl
3: wlp1s0:  mtu 1500 qdisc noqueue state UP 
group default qlen 1000
inet 192.168.1.100/24 ...

Using:

virt-manager > Edit > Connection Details > Virtual Networks > Add network 

Mode: Routed
Network: 192.168.200.0/24
Accept default DHCP range
Forward to: physical device
Device: wlp1s0 [this is my physical wifi card]

Then:

$ sudo sysctl -w net.ipv4.ip_forward=1

Then check:

$ ip link

6: virbr0:  mtu 1500 qdisc noqueue state UP 
mode DEFAULT group default qlen 1000
link/ether 52:54:00:54:ed:48 brd ff:ff:ff:ff:ff:ff
7: vnet0:  mtu 1500 qdisc noqueue master 
virbr0 state UNKNOWN mode DEFAULT group default qlen 1000
link/ether fe:54:00:9b:a7:8e brd ff:ff:ff:ff:ff:ff

Start VM, check DHCP address assigned

On VM guest:

$ ip a|grep enp
2: enp1s0:  mtu 1500 qdisc fq_codel state UP 
group default qlen 1000
inet 192.168.200.151/24 ...

At this point (with firewalls temporarily off) I was able to ssh to and from 
host and VM guest using their respective IP addresses.

After adding a static route on my wireless router:

192.168.200.0/24 via 192.168.1.100  (to paraphrase the web form)

I installed apache2 on the VM guest and was able to access

http://192.168.200.151

from my phone over wifi, and websites on the host from the VM guest.

Firewalld actived on host with ssh and https services allowed - ssh and web 
browsing worked as before.

No nf/iptables jiggery-pokery, but static route on router required.

Perhaps not the most efficient solution, but I try to avoid too many firewall 
rules because they make my head spin :)

Don't think I've omitted any steps.

Does that help?

Best wishes,
Gareth

Re: Kvm Bridge Network Problem

[Gareth Evans]

On Sun 05/05/2024 at 07:53, Gareth Evans  wrote:

> That might suggest NAT is still operative for the VM.

Ah, I hadn't seen Geert's reply, which I think is closer to the mark :)

This gives a routing-based approach:

https://www.linux-kvm.org/page/Networking

This creates an isolated network between host and guest, which without routing 
presumably is additional to the default network, and the (Ubuntu-based) netplan 
stuff needs substituting with /e/n/i adjustments:

https://www.nodinrogers.com/post/2022-01-06-enabling-kvm-host-to-vm-communcation/

All of which I have yet to test but have been meaning to look into this again.

HTH

Re: Kvm Bridge Network Problem

[Gareth Evans]

On Sat 04/05/2024 at 21:26, Stephen P. Molnar  wrote:
> ... 
> I have managed to follow the 
> instructions in:
>
> https://www.cyberciti.biz/faq/how-to-add-network-bridge-with-nmcli-networkmanager-on-linux/
>  
> ...
> I was able to use the LAN 
> printer and the 40" TV , but could not access the Host.

Hi Stephen,

That might suggest NAT is still operative for the VM.

Did you do the "optional" part of the tutorial in your link too, re KVM network 
config?

What is the output of

# nmcli con show

# nmcli device

# virsh net-list --all

# virsh net-dumpxml yourNetworkName

I don't have a network cable to hand to test this at the moment (wifi NIC 
bridging is complex if possible with KVM [1] and apples and oranges and all 
that) but will do later if your problem is not solved.

I think the presence of enp2s0 in /e/n/i (which your attachment seems to be) 
prevents NM from managing it, but if I'm wrong about that, could it be getting 
an address (static or otherwise) from NM?

Gareth

[1] https://hacktivate.it/posts/kvm-bridge-wireless/

Re: Kvm Bridge Network Problem, VM accessing the host

[Geert Stappers]

On Sat, May 04, 2024 at 04:26:07PM -0400, Stephen P. Molnar wrote:
> I am running Bookworm on my main platform. After quite a bit of googling and
> many errors and much head scratching I have managed to follow the
> instructions in:
> 
> https://www.cyberciti.biz/faq/how-to-add-network-bridge-with-nmcli-networkmanager-on-linux/
> .
> 
> I have currently implicated this on a Windows 10 client. However, there
> still remains a problem. After the first restart of the Windows client the
> internet was accessible. However, a problem arose after I successfully
> installed br0 (copy attached). I was able to use the LAN printer and the 40"
> TV , but could not access the Host.

Ah, the VM guest can not access the host.
(I changed 'Subject: Re: Kvm Bridge Network Problem'
into 'Subject: Re: Kvm Bridge Network Problem, VM accessing the host')

 
> I'm sure that I have missed something, but I don't know what.

Network switches only forward packets.

 
> Guidance to a solution to the problem would be appreciated.

I have been where O.P. is, the challenge^Wproblem is real.
 

> # This file describes the network interfaces available on your system
> # and how to activate them. For more information, see interfaces(5).
> 
> source /etc/network/interfaces.d/*
> 
> # The loopback network interface
> auto lo
> iface lo inet loopback
> 
> # Specify that the physical interface that should be connected to the bridge
> # should be configured manually, to avoid conflicts with NetworkManager
> iface enp2s0 inet manual
> 
> #Primary network interface with bridge
> auto br0
> iface br0 inet static
> address 162.237.98.238
> broadcast 162.237.98.255
> netmask 255.255.255.0
> gateway 162.237.98.1
> bridge_ports enp2s0
> bridge_stp off
> bridge_waitport 0
> bridge fd 0


That brigde configuration looks good, even might be good.

The thing is that host and VM are at the same interface of the network
switch. And network switches only forward packets. It is a "physical
law" in computer networking. Hopefully brings this email thread
the jargon name of the "problem".


If direct connection between host and the VM guest is important,
then add such connection and take the costs it brings.


Groeten
Geert Stappers
-- 
Silence is hard to parse

Kvm Bridge Network Problem

[Stephen P. Molnar]

I am running Bookworm on my main platform. After quite a bit of googling 
and many errors and much head scratching I have managed to follow the 
instructions in:


https://www.cyberciti.biz/faq/how-to-add-network-bridge-with-nmcli-networkmanager-on-linux/ 
.


I have currently implicated this on a Windows 10 client. However, there 
still remains a problem. After the first restart of the Windows client 
the internet was accessible. However, a problem arose after I 
successfully installed br0 (copy attached). I was able to use the LAN 
printer and the 40" TV , but could not access the Host.


I'm sure that I have missed something, but I don't know what.

Guidance to a solution to the problem would be appreciated.

Thanks in advance,

--
Stephen P. Molnar, Ph.D.
https://insilicochemistry.net
(614)312-7528 (c)
Skype:  smolnar1

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# Specify that the physical interface that should be connected to the bridge
# should be configured manually, to avoid conflicts with NetworkManager
iface enp2s0 inet manual

#Primary network interface with bridge
auto br0
iface br0 inet static
address 162.237.98.238
broadcast 162.237.98.255
netmask 255.255.255.0
gateway 162.237.98.1
bridge_ports enp2s0
bridge_stp off
bridge_waitport 0
bridge fd 0

Re: QEMU/KVM virt-manager Problem

[Gareth Evans]

On Thu 02/05/2024 at 20:14, Gareth Evans  wrote:
> On Thu 02/05/2024 at 19:57, Stephen P. Molnar  wrote:
>> On 05/02/2024 12:54 PM, Gareth Evans wrote:
>>>
>>>
>>>> On 2 May 2024, at 17:47, Gareth Evans  wrote:
>>>>
>>>> 
>>>>
>>>>> On 2 May 2024, at 15:43, Stephen P. Molnar  
>>>>> wrote:
>>>>>
>>>>> I am running Bookworm and have implemented QEMU/KVM virt-manager. 
>>>>> When I install a client I have been using virt-manager --> View 
>>>>> -->Scale Display --> Always. However, now the 'Always ', the only 
>>>>> option available is the default 'Only when Fullscreen'.
>>>>
>>>> Is Bookworm the VM client too?  With GUI?  Does this happen for all 
>>>> clients, just one, or one type?
>>>>
>>>> Off the top of my head, I think the scale always option may disappear 
>>>> if the guest display doesn't support it - I seem to recall VirtualBox 
>>>> Guest Additions being required for this functionality for some guests 
>>>> in VirtualBox (which I acknowledge you are not using, I'm just 
>>>> saying...) so I don't think it's "straightforward" functionality
>>>
>>> What video protocol are you using?
>>>
>>> spice-vdagent is mentioned here a few comments down
>>>
>>> https://forum.manjaro.org/t/virt-manager-scale-display-not-working/138275/3
>> I am using the procedure in 
>> https://getlabsdone.com/install-windows-10-on-ubuntu-kvm/
>>
>> I am most interested in installing Windows 10, as there computation 
>> chemistry windows apps that I want to use on Bookworm. However, the same 
>> problem is resent for Linux clients that I've installed.
>
> In 
>
> virt-manager > Edit > Preferences > [console tab]
>
> I see options for
>
> Graphical console scaling [ Never / Fullscreen only / Always]
> Resize guest with window [System default / Off / On]
>
> This looks like it might just set defaults for options accessible from 
> the VM view menu, but perhaps worth experimenting with?
>
> The only Linux VM I have in virt-manager used the spice display manager 
> by default.
>
> If you are using spice too, this
>
> https://stackoverflow.com/questions/41990600/virt-manager-guest-resize-not-working
>
> suggests spice-guest-tools is required for Windows clients, with link 
> to download page
>
> Does any of that help?
>
> Best wishes
> Gareth

Just noticed the link you provided includes a ref to spice-guest-tools.

With an Alpine client (and no "tools") I get less than optimal scaling from 
virt-manager - some black space at the horizontal edges, but there is a scaling 
of sorts going on, just not entirely using the available window space.

Are you using the stock version of virt-manager?

$ apt policy virt-manager
virt-manager:
  Installed: 1:4.1.0-2

Re: QEMU/KVM virt-manager Problem

[Gareth Evans]

On Thu 02/05/2024 at 19:57, Stephen P. Molnar  wrote:
> On 05/02/2024 12:54 PM, Gareth Evans wrote:
>>
>>
>>> On 2 May 2024, at 17:47, Gareth Evans  wrote:
>>>
>>> 
>>>
>>>> On 2 May 2024, at 15:43, Stephen P. Molnar  
>>>> wrote:
>>>>
>>>> I am running Bookworm and have implemented QEMU/KVM virt-manager. 
>>>> When I install a client I have been using virt-manager --> View 
>>>> -->Scale Display --> Always. However, now the 'Always ', the only 
>>>> option available is the default 'Only when Fullscreen'.
>>>
>>> Is Bookworm the VM client too?  With GUI?  Does this happen for all 
>>> clients, just one, or one type?
>>>
>>> Off the top of my head, I think the scale always option may disappear 
>>> if the guest display doesn't support it - I seem to recall VirtualBox 
>>> Guest Additions being required for this functionality for some guests 
>>> in VirtualBox (which I acknowledge you are not using, I'm just 
>>> saying...) so I don't think it's "straightforward" functionality
>>
>> What video protocol are you using?
>>
>> spice-vdagent is mentioned here a few comments down
>>
>> https://forum.manjaro.org/t/virt-manager-scale-display-not-working/138275/3
> I am using the procedure in 
> https://getlabsdone.com/install-windows-10-on-ubuntu-kvm/
>
> I am most interested in installing Windows 10, as there computation 
> chemistry windows apps that I want to use on Bookworm. However, the same 
> problem is resent for Linux clients that I've installed.

In 

virt-manager > Edit > Preferences > [console tab]

I see options for

Graphical console scaling [ Never / Fullscreen only / Always]
Resize guest with window [System default / Off / On]

This looks like it might just set defaults for options accessible from the VM 
view menu, but perhaps worth experimenting with?

The only Linux VM I have in virt-manager used the spice display manager by 
default.

If you are using spice too, this

https://stackoverflow.com/questions/41990600/virt-manager-guest-resize-not-working

suggests spice-guest-tools is required for Windows clients, with link to 
download page

Does any of that help?

Best wishes
Gareth

Re: QEMU/KVM virt-manager Problem

[Stephen P. Molnar]

On 05/02/2024 12:54 PM, Gareth Evans wrote:




On 2 May 2024, at 17:47, Gareth Evans  wrote:



On 2 May 2024, at 15:43, Stephen P. Molnar  
wrote:


I am running Bookworm and have implemented QEMU/KVM virt-manager. 
When I install a client I have been using virt-manager --> View 
-->Scale Display --> Always. However, now the 'Always ', the only 
option available is the default 'Only when Fullscreen'.


Is Bookworm the VM client too?  With GUI?  Does this happen for all 
clients, just one, or one type?


Off the top of my head, I think the scale always option may disappear 
if the guest display doesn't support it - I seem to recall VirtualBox 
Guest Additions being required for this functionality for some guests 
in VirtualBox (which I acknowledge you are not using, I'm just 
saying...) so I don't think it's "straightforward" functionality


What video protocol are you using?

spice-vdagent is mentioned here a few comments down

https://forum.manjaro.org/t/virt-manager-scale-display-not-working/138275/3
I am using the procedure in 
https://getlabsdone.com/install-windows-10-on-ubuntu-kvm/


I am most interested in installing Windows 10, as there computation 
chemistry windows apps that I want to use on Bookworm. However, the same 
problem is resent for Linux clients that I've installed.


--
Stephen P. Molnar, Ph.D.
https://insilicochemistry.net
(614)312-7528 (c)
Skype:  smolnar1

Re: QEMU/KVM virt-manager Problem

[Gareth Evans]

> On 2 May 2024, at 17:47, Gareth Evans  wrote:
> 
> 
> 
>> On 2 May 2024, at 15:43, Stephen P. Molnar  wrote:
>> 
>> I am running Bookworm and have implemented QEMU/KVM virt-manager. When I 
>> install a client I have been using virt-manager --> View -->Scale Display 
>> --> Always. However, now the 'Always ', the only option available is the 
>> default 'Only when Fullscreen'.
> 
> Is Bookworm the VM client too?  With GUI?  Does this happen for all clients, 
> just one, or one type?
> 
> Off the top of my head, I think the scale always option may disappear if the 
> guest display doesn't support it - I seem to recall VirtualBox Guest 
> Additions being required for this functionality for some guests in VirtualBox 
> (which I acknowledge you are not using, I'm just saying...) so I don't think 
> it's "straightforward" functionality

What video protocol are you using?

spice-vdagent is mentioned here a few comments down

https://forum.manjaro.org/t/virt-manager-scale-display-not-working/138275/3

Re: QEMU/KVM virt-manager Problem

[Gareth Evans]

> On 2 May 2024, at 15:43, Stephen P. Molnar  wrote:
> 
> I am running Bookworm and have implemented QEMU/KVM virt-manager. When I 
> install a client I have been using virt-manager --> View -->Scale Display --> 
> Always. However, now the 'Always ', the only option available is the default 
> 'Only when Fullscreen'.

Is Bookworm the VM client too?  With GUI?  Does this happen for all clients, 
just one, or one type?

Off the top of my head, I think the scale always option may disappear if the 
guest display doesn't support it - I seem to recall VirtualBox Guest Additions 
being required for this functionality for some guests in VirtualBox (which I 
acknowledge you are not using, I'm just saying...) so I don't think it's 
"straightforward" functionality

Re: QEMU/KVM virt-manager Problem

[Curt]

On 2024-05-02, Stephen P. Molnar  wrote:
> I am running Bookworm and have implemented QEMU/KVM virt-manager. When I 
> install a client I have been using virt-manager --> View -->Scale 
> Display --> Always. However, now the 'Always ', the only option 
> available is the default 'Only when Fullscreen'.
>
> Now this in not exactly a major problem, but it makes me wonder what 
> else might be going wrong?
>
> I would appreciate some guidance in this matter.
>
> Thanks in advance.
>

>
> Thanks in advance.


https://askubuntu.com/questions/43861/how-do-i-unmaximize-full-screen-view-in-virt-manager


A variety of answers to the fullscreeen conundrum, some of which are rather
recent if you scroll downward sufficiently.

QEMU/KVM virt-manager Problem

[Stephen P. Molnar]

I am running Bookworm and have implemented QEMU/KVM virt-manager. When I 
install a client I have been using virt-manager --> View -->Scale 
Display --> Always. However, now the 'Always ', the only option 
available is the default 'Only when Fullscreen'.


Now this in not exactly a major problem, but it makes me wonder what 
else might be going wrong?


I would appreciate some guidance in this matter.

Thanks in advance.

--
Stephen P. Molnar, Ph.D.
https://insilicochemistry.net
(614)312-7528 (c)
Skype:  smolnar1

Re: Accessing host and Internet from QEMU/KVM guest; was: Synaptic Problem

[Michael Kjörling]

On 23 Dec 2023 09:13 -0500, from s.mol...@sbcglobal.net (Stephen P. Molnar):
> On 12/23/2023 08:44 AM, Andrew M.A. Cater wrote:
>> If you've nothing that depends on either particularly, I'd recommend
>> virt-manager and the kvm/qemu universe.
> 
> Actually, I am using the QEM/KVM virt-manager programs for Windows 10 and an
> very happy with them. However, right now I'm hung up on accessing the host
> and the internet from the Windows guest.

Maybe this will help: 
https://michael.kjorling.se/blog/2022/linux-kvm-host-nftables-guest-networking/

-- 
Michael Kjörling 🔗 https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

Re: Documentation for KVM/QEMU?

[Anders Andersson]

On Mon, Nov 6, 2023 at 11:43 AM Hans  wrote:

> Maybe the op wqould like to test aqemu, which is a graphical frontend for
> qemu
> and it might be easier for him to configure.
>
> In the comparision of aqemu (with using kvm) and VirtualkBox and
> Virt-Manager
> my feeling was, Virtualbox the slowest and both Aqemu and VirtManager
> faster.
> The latter two are were looking both even fast.
>
> However, virt-manger IMHO still is not very user friendly, especially for
> beginners,  and also its documentation is not much at the moment. But
> please
> be respectfull (or is considerately the correct idiom?): virtmanager is
> rather
> new and has not many people involved, so it might become better in the
> future.
>
> Virt-manager has great potential.
>

Wait what, new? It's from 2006 and doesn't seem to have received many
feature updates since the first time I used it 10 years ago, mostly upkeep
to make it work with newer python/qemu.

"still is not very user friendly", "its documentation is not much at the
moment". I'm not holding my breath!

Re: Documentation for KVM/QEMU?

[Hans]

Maybe the op wqould like to test aqemu, which is a graphical frontend for qemu 
and it might be easier for him to configure.

In the comparision of aqemu (with using kvm) and VirtualkBox and Virt-Manager 
my feeling was, Virtualbox the slowest and both Aqemu and VirtManager faster. 
The latter two are were looking both even fast.

However, virt-manger IMHO still is not very user friendly, especially for 
beginners,  and also its documentation is not much at the moment. But please 
be respectfull (or is considerately the correct idiom?): virtmanager is rather 
new and has not many people involved, so it might become better in the future. 

Virt-manager has great potential.

Best regards

Hans

Re: Documentation for KVM/QEMU?

[Stanislav Vlasov]

2023-11-06 12:45 GMT+05:00, Michael Kjörling <2695bd53d...@ewoof.net>:
> The three biggest differences I have run across (I used VirtualBox
> before):
>
> 1. Storage pools for disk images. With VirtualBox, you can put a disk
> image file anywhere. With KVM, they go into one of a defined set of
> pools, which in turn map to file system directories. Depending on what
> kind of setup you prefer, this can be anything from actually
> beneficial through a non-issue to a nuisance.

I run qemu binary with parameters and place disk image in any place
and can use any physical disk as qemu image, if need.
In old scripts it was something like:

qemu-system-x86_64 -m 1024M -hda /path/disk.img -cdrom
/another/path/image.iso -boot cdrom

So, it is not qemu, only your gui wrapper/interface limitation.

> 3. KVM virtualized NAT networking doesn't play nice with nftables on
> the host with a restrictive policy. Took me a while to find a solution
> but I eventually came up with this, which has worked reliably for me:
> https://michael.kjorling.se/blog/2022/linux-kvm-host-nftables-guest-networking/

this is not qemu/kvm thing, only libvirt, which is not part of qemu,
but only wrapper on it. Sometimes useful, good for beginning, bad, if
you need something non-standard.

qemu as virtual machine does not create/use firewall rules at all and
can use user mode net, which work without firewall rules — see man
qemu for -net parameter (use -net nic -net user if you need only
output network requests).

-- 
Stanislav

Re: Documentation for KVM/QEMU?

[Michael Kjörling]

On 6 Nov 2023 01:58 -0500, from noloa...@gmail.com (Jeffrey Walton):
> QEMU/KVM is mostly like Virtual Box. If you know Virtual Box, then you
> have most of what you need for QEMU/KVM.

I agree. Although _some_ terminology differs, and naturally things are
organized somewhat differently in the UI, the concepts are very
similar, since they solve very similar problems. So you may need to
look around a little within the UI to find the particular setting
you're looking for, but that should be about it.

The three biggest differences I have run across (I used VirtualBox
before):

1. Storage pools for disk images. With VirtualBox, you can put a disk
image file anywhere. With KVM, they go into one of a defined set of
pools, which in turn map to file system directories. Depending on what
kind of setup you prefer, this can be anything from actually
beneficial through a non-issue to a nuisance.

2. User versus system QEMU sessions. This isn't a problem, it's just
something you'll need to keep in mind when setting up and using VMs.

3. KVM virtualized NAT networking doesn't play nice with nftables on
the host with a restrictive policy. Took me a while to find a solution
but I eventually came up with this, which has worked reliably for me:
https://michael.kjorling.se/blog/2022/linux-kvm-host-nftables-guest-networking/

And another thing to keep in mind:

4. With SPICE, clipboard sharing is ENABLED by default between the
guest and the host; and by consequence, between guests! This one
really tripped me up. Fortunately it's not too hard to disable once
you learn how; I put a recipe at
https://michael.kjorling.se/blog/2023/disable-clipboard-sharing-clipboard-integration-with-qemu-kvm-and-spice/
but the short version of that one is that on the node
domain/devices/graphics/clipboard in the VM XML definition to set the
attribute copypaste="no". That will constrain that guest's OS
clipboard functionality to within that guest.

-- 
Michael Kjörling 🔗 https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

Re: Documentation for KVM/QEMU? [Re: How to get VMware Player going on Debian 12 bookworm]

[Jeffrey Walton]

On Mon, Nov 6, 2023 at 1:36 AM Rick Thomas  wrote:
>
> Can anyone recommend good documentation on KVM/QEMU that would allow me to 
> get up to speed on it quickly?

I don't know if or where good documentation exists. Sorry about that.

QEMU/KVM is mostly like Virtual Box. If you know Virtual Box, then you
have most of what you need for QEMU/KVM.

You can create a desktop shortcut for QEMU/KVM by issuing:

cd ~/Desktop
cp -p /usr/share/applications/virt-manager.desktop
chmod +x virt-manager.desktop

Then you can easily launch the UI.

The other trick with QEMU/KVM is, the screen button shows the guest as
expected. And the button with the letter "i" shows the guest
configuration. See the red boxes highlighting the buttons at
<https://ibb.co/1ZzDwht> and <https://ibb.co/8rqtZw3>.

The one problem I have encountered is related to networking. I want a
bridged connection so the VM guest gets an IP address from my DHCP
server. But the network adapter seems to be stuck in NAT mode, even
after switching to bridged mode. So the VM guest always gets a
192.168.0.0/16 address, and never gets an IP address from my DHCP
server. That means I cannot SSH to the guest because I use
172.16.0.0/12 behind my firewall to avoid address and routing problems
from my ISP's router.

Jeff

Documentation for KVM/QEMU? [Re: How to get VMware Player going on Debian 12 bookworm]

[Rick Thomas]

Can anyone recommend good documentation on KVM/QEMU that would allow me to get 
up to speed on it quickly?

Thanks!
Rick


On Sun, Nov 5, 2023, at 4:33 AM, Michael Kjörling wrote:
> On 5 Nov 2023 10:56 +0100, from andr...@xss.co.at (Andreas Haumer):
>>> PPS: If VMware isn't a good choice, would there be a better VM
>>> supervisor I could use?  If so, can you point me to a set of
>>> instructions for it?
>> 
>> To answer just these questions only: take a look at kvm/qemu and
>> the virt-manager GUI.
>
> Yes, definitely look at KVM/QEMU. "Better" is subjective but certainly
> one huge advantage of KVM over almost anything else is that it's
> already there in the kernel, and you pretty much just need to install
> the tools to manage it. VirtualBox, VMWare and others require adding
> third-party software, which can easily break with a kernel upgrade.
>
> -- 
> Michael Kjörling 🔗 https://michael.kjorling.se
> “Remember when, on the Internet, nobody cared that you were a dog?”

Re: Error : virHostCPUGetKVMMaxVCPUs: KVM is not supported on this platform: Function not implemented

[Mario Marietto]

Zithro : And yet you continue trying to compile (possibly) incompatible
softwares from source, instead of following the user guides, and despite
our warnings. You essentially say "I want to do some complicated stuff
without understanding how it works, and quick please".

Are you reading my mind ? How can you know what I say ? I don't say or
think what you think I think. My approach is something like this : to
understand why I get that error,learning guides is not enough,or at least,I
found that learning by doing is a good choice to learn for me. So,the
chosen to recompile from scratch everything (Linux kernel,qemu,libvirt and
virt-manager) is not a masochistic choice, it is useful for me because
doing so,step by step,I will see what happens from a lot of different
angles and I can learn the whole procedure evaluating a process at a time.
Learning for me is important. If I do what you suggest as is,I will learn a
few things,because probably your solution is correct,but I need to make
errors before I can understand what's correct and what's not. Can you
understand my point ? I spend my time reading,but I can't read everything
since I don't know what's relevant and what's not. So before I read
something I ask on various forums or ML what I should learn. That's because
I need to focus my attention only on the points that are relevant to be
able to achieve the project. This is important to avoid reading a lot of
useless things that would lead me astray. With that said,I have understood
what to do,more or less. I should install a debian version that has a 5.4
kernel on board. I don't know which release could be. I hope that it has a
version of qemu minor than 5.2,otherwise it will not work. If it is 5.2 or
greater,I don't know what to do. Maybe I will try to recompile qemu 5.1 to
see if it can be good with a 5.4 kernel shipped by that version of Debian.
For sure I will also install libvirt and virt-manager and the UEFI files
from the packages of that distro. I hope you understand that for someone
who is learning there are many unknowns to solve. I hope you understand
that not everyone has a clear and global vision of what to do and you can't
expect to always or almost always deal with experienced people. Finally, I
hope you understand that what is simple for you is not or it is less so
easy for other users.

On Wed, Aug 30, 2023 at 7:15 PM zithro  wrote:

> Seems you also don't read and/or learn ...
> Don't top post please, it's a matter of respect.
>
>A: Because it messes up the order in which people normally read text.
>Q: Why is top-posting such a bad thing?
>A: Top-posting.
>Q: What is the most annoying thing in e-mail?
>
> On 30 Aug 2023 10:50, Mario Marietto wrote:
> > Not a useful suggestion for me. I'm not a coder,such as I'm not a pro
> > system admin : this is only a hobby for me. I try to do the best I
> can,but
> > I can't solve bugs for which a solution has not been found yet and that
> > involves the writing of a piece of code.
>
> And yet you continue trying to compile (possibly) incompatible softwares
> from source, instead of following the user guides, and despite our
> warnings.
> You essentialy say "I want to do some complicated stuff without
> understanding how it works, and quick please".
>
> Have you looked for bug reports for your THREE consecutive problems ?
> Why not going plain Debian stable and walk from there ?
>
> Have you checked the compilation flags needed ?
> You don't need to be a dev to understand, just spend time reading.
>
> If distros spend a huge amount of time packaging software, it's to
> ensure proper compatibility between software versions, including the
> kernel.
> Dumb example :
>- compile kernel 4.2
>- compile QEMU version 1
>- compile libvirt version 9
>
> I'm pretty sure you'll get as "strange" errors as you experienced.
> But those errors are not strange, it's just that code get created and
> deleted.
> If libvirt needs the function "virConnectGetDomainCapabilities()" from
> KVM, and the installed version of kernel/KVM does NOT ship this
> function, you get those kind of errors.
>
> My advice : look for people who use Linux/BSD -AND- your platform/model
> (Chromebook ARM).
> Also, if you're not ready to spend time, follow recent guides.
>
> --
> ++
> zithro / Cyril
>
>

-- 
Mario.

Re: Error : virHostCPUGetKVMMaxVCPUs: KVM is not supported on this platform: Function not implemented

[zithro]

Seems you also don't read and/or learn ...
Don't top post please, it's a matter of respect.

  A: Because it messes up the order in which people normally read text.
  Q: Why is top-posting such a bad thing?
  A: Top-posting.
  Q: What is the most annoying thing in e-mail?

On 30 Aug 2023 10:50, Mario Marietto wrote:

Not a useful suggestion for me. I'm not a coder,such as I'm not a pro
system admin : this is only a hobby for me. I try to do the best I can,but
I can't solve bugs for which a solution has not been found yet and that
involves the writing of a piece of code.


And yet you continue trying to compile (possibly) incompatible softwares 
from source, instead of following the user guides, and despite our warnings.
You essentialy say "I want to do some complicated stuff without 
understanding how it works, and quick please".


Have you looked for bug reports for your THREE consecutive problems ?
Why not going plain Debian stable and walk from there ?

Have you checked the compilation flags needed ?
You don't need to be a dev to understand, just spend time reading.

If distros spend a huge amount of time packaging software, it's to 
ensure proper compatibility between software versions, including the kernel.

Dumb example :
  - compile kernel 4.2
  - compile QEMU version 1
  - compile libvirt version 9

I'm pretty sure you'll get as "strange" errors as you experienced.
But those errors are not strange, it's just that code get created and 
deleted.
If libvirt needs the function "virConnectGetDomainCapabilities()" from 
KVM, and the installed version of kernel/KVM does NOT ship this 
function, you get those kind of errors.


My advice : look for people who use Linux/BSD -AND- your platform/model 
(Chromebook ARM).

Also, if you're not ready to spend time, follow recent guides.

--
++
zithro / Cyril

Re: Error : virHostCPUGetKVMMaxVCPUs: KVM is not supported on this platform: Function not implemented

[Mario Marietto]

Not a useful suggestion for me. I'm not a coder,such as I'm not a pro
system admin : this is only a hobby for me. I try to do the best I can,but
I can't solve bugs for which a solution has not been found yet and that
involves the writing of a piece of code.

On Wed, Aug 30, 2023 at 4:45 AM zithro  wrote:

> On 29 Aug 2023 23:48, Mario Marietto wrote:
>
> > I'm running Debian bookworm [...]
>
> No you're not.
>
> You're running a MODIFIED Debian version with a (rather old) MODIFIED
> kernel :
>
> > $ uname -r
> > 5.4.244-stb-cbe
>  >
> > [removed mostly copy/paste from old posts]
>
> > Can someone give me some suggestions to fix that error ? thanks.
>
> Yes, takes me 2 minutes too :
>
> 1. open the libvirt source code folder
> 2. grep the functions in error to get the file names
> 3. open those files and find out why the functions fail
> 4. edit code, recompile, test
> 5. do (4) till the problem is not solved
>
> Also, it's nice to report the bug where you got the disk image, so
> others won't waste their time for the same bug.
>
> If you solved your problem, propose a patch, so others may benefit.
>
> HTH !
>
> --
> ++
> zithro / Cyril
>
>

-- 
Mario.

Re: Error : virHostCPUGetKVMMaxVCPUs: KVM is not supported on this platform: Function not implemented

[zithro]

On 29 Aug 2023 23:48, Mario Marietto wrote:


I'm running Debian bookworm [...]


No you're not.

You're running a MODIFIED Debian version with a (rather old) MODIFIED 
kernel :



$ uname -r
5.4.244-stb-cbe

>

[removed mostly copy/paste from old posts]



Can someone give me some suggestions to fix that error ? thanks.


Yes, takes me 2 minutes too :

1. open the libvirt source code folder
2. grep the functions in error to get the file names
3. open those files and find out why the functions fail
4. edit code, recompile, test
5. do (4) till the problem is not solved

Also, it's nice to report the bug where you got the disk image, so 
others won't waste their time for the same bug.


If you solved your problem, propose a patch, so others may benefit.

HTH !

--
++
zithro / Cyril

Error : virHostCPUGetKVMMaxVCPUs: KVM is not supported on this platform: Function not implemented

[Mario Marietto]

Hello.

I'm running Debian bookworm on my ARM Chromebook,model "xe303c12" and I've
recompiled the kernel (5.4) to enable KVM,so now my system sounds like this
:


$ lsb_release -a

No LSB modules are available.
Distributor ID: Debian
Description:Debian GNU/Linux 12 (bookworm)
Release:12
Codename:   bookworm

$ uname -a
Linux chromarietto 5.4.244-stb-cbe
#8 SMP PREEMPT Sat Aug 19 22:19:32 UTC 2023 armv7l GNU/Linux

$ uname -r
5.4.244-stb-cbe

$ kvm-ok
INFO: /dev/kvm exists
KVM acceleration can be used

$ qemu-system-arm --version
QEMU emulator version 5.1.0 (v5.1.0-dirty)
Copyright (c) 2003-2020 Fabrice Bellard and the QEMU Project developers

$ python3 --version
Python 3.11.2

I have installed libvirt 9.7.0,qemu 5.1 and virt-manager from source code
with the final goal to be able to connect qemu,kvm and libvirt together to
virtualize FreeBSD 13.2 for arm 32 bit. Some useful informations about my
platform :


root@chromarietto:/home/marietto/Desktop# virt-host-validate


QEMU: Checking if device /dev/kvm exists  : PASS
QEMU: Checking if device /dev/kvm is accessible   : PASS
QEMU: Checking if device /dev/vhost-net exists: PASS
QEMU: Checking if device /dev/net/tun exists  : PASS
QEMU: Checking for cgroup 'cpu' controller support: PASS
QEMU: Checking for cgroup 'cpuacct' controller support: PASS
QEMU: Checking for cgroup 'cpuset' controller support : PASS
QEMU: Checking for cgroup 'memory' controller support : PASS
QEMU: Checking for cgroup 'devices' controller support: PASS
QEMU: Checking for cgroup 'blkio' controller support  : PASS

QEMU: Checking for device assignment IOMMU support
   : WARN
(No ACPI IORT table found, IOMMU not supported by this hardware platform)

QEMU: Checking for secure guest support
   : WARN
(Unknown if this platform has Secure Guest support)

LXC: Checking for Linux >= 2.6.26 : PASS
LXC: Checking for namespace ipc   : PASS
LXC: Checking for namespace mnt   : PASS
LXC: Checking for namespace pid   : PASS
LXC: Checking for namespace uts   : PASS
LXC: Checking for namespace net   : PASS
LXC: Checking for namespace user  : PASS
LXC: Checking for cgroup 'cpu' controller support : PASS
LXC: Checking for cgroup 'cpuacct' controller support : PASS
LXC: Checking for cgroup 'cpuset' controller support  : PASS
LXC: Checking for cgroup 'memory' controller support  : PASS
LXC: Checking for cgroup 'devices' controller support : PASS

LXC: Checking for cgroup 'freezer' controller support : FAIL
(Enable 'freezer' in kernel Kconfig file or mount/enable cgroup
controller in your system)

LXC: Checking for cgroup 'blkio' controller support   : PASS
LXC: Checking if device /sys/fs/fuse/connections exists   : PASS


# lsmod | grep kvm
no errors (I have embedded the options needed to enable KVM inside the kernel)


# virsh --connect qemu:///system capabilities | grep baselabel

+1002:+1002
+1002:+1002

The error that I'm not able to fix is the following one :


root@chromarietto:~#  virsh domcapabilities --machine virt
--emulatorbin /usr/local/bin/qemu-system-arm

2023-08-29 10:17:59.110+0000: 1763: error : virHostCPUGetKVMMaxVCPUs:1228 :
KVM is not supported on this platform: Function not implemented ;
error: failed to get emulator capabilities
error: KVM is not supported on this platform: Function not implemented

and this is the log that I've got when I ran libvirtd with the debug option
enabled


root@chromarietto:~# libvirtd --debug

[Tue, 29 Aug 2023 10:10:11 virt-manager 2141] DEBUG (createvm:494)
UEFI found, setting it as default.
[Tue, 29 Aug 2023 10:10:11 virt-manager 2141] DEBUG (createvm:728)
Guest type set to os_type=hvm, arch=armv7l, dom_type=kvm
[Tue, 29 Aug 2023 10:10:11 virt-manager 2141] DEBUG (guest:546) Prefer
EFI => True
2023-08-29 10:10:12.972+: 1765: error :
virHostCPUGetKVMMaxVCPUs:1228 : KVM is not supported on this platform:
Function not implemented
[Tue, 29 Aug 2023 10:10:12 virt-manager 2141] DEBUG
(domcapabilities:250) Error fetching domcapabilities XML
Traceback (most recent call last):
  File "/usr/local/share/virt-manager/virtinst/domcapabilities.py",
line 245, in build_from_params
xml = conn.ge

Trouble with KVM after upgrade to bookworm

[Niall O'Reilly]

Hello.

I use Debian as KVM host for the various VMs (Ubuntu, FreeBSD,
no Debian) which serve my home network.  I've been doing this
since Debian stretch.  Until bookworm, each release upgrade
has been tedious, but boringly unremarkable.

This upgrade seems to have broken KVM so as to cause one or other
guest VM to enter what seems to be a busy wait, and to do so
unpredictably and intermittently. According to virt-top, the affected guest 
seizes the full capacity of the CPU core where it is currently
running; on my 4-core unit, virt-top shows this as 25% CPU utilization.
When this happens, top shows zero idle time for the corresponding core,
and an aggregate of system and user utilization (the only non-zero
utilization values) closer to 50% than to 100%.  In normal operation,
I see each core busy for about 3% of the time, idle for 95% or more,
and an the remaining 2% or so unaccounted for.

When a VM goes busy like this, I find that it can be made unbusy
by use of the command, `virsh inject-nmi $GUEST`.

I think I have read the release notes for bookworm carefully, but
may have missed something.  I've repeatedly re-read chapters 4 and 5.

I'm baffled, and would appreciate any clue.

Thanks in advance.
Niall O'Reilly

Trouble with KVM after upgrade to bookworm

[Niall O'Reilly]

Hello.

I use Debian as KVM host for the various VMs (Ubuntu, FreeBSD,
no Debian) which serve my home network.  I've been doing this
since Debian stretch.  Until bookworm, each release upgrade
has been tedious, but boringly unremarkable.

This upgrade seems to have broken KVM so as to cause one or other
guest VM to enter what seems to be a busy wait, and to do so
unpredictably and intermittently. According to virt-top, the affected guest 
seizes the full capacity of the CPU core where it is currently
running; on my 4-core unit, virt-top shows this as 25% CPU utilization.
When this happens, top shows zero idle time for the corresponding core,
and an aggregate of system and user utilization (the only non-zero
utilization values) closer to 50% than to 100%.  In normal operation,
I see each core busy for about 3% of the time, idle for 95% or more,
and an the remaining 2% or so unaccounted for.

When a VM goes busy like this, I find that it can be made unbusy
by use of the command, `virsh inject-nmi $GUEST`.

I think I have read the release notes for bookworm carefully, but
may have missed something.  I've repeatedly re-read chapters 4 and 5.

I'm baffled, and would appreciate any clue.

Thanks in advance.
Niall O'Reilly

Re: OT: (KVM) Splitting a combined USB mouse and keyboard cable to feed separate mouse and keyboard inputs

[rhkramer]

On Saturday, February 11, 2023 10:55:15 AM Dan Ritter wrote:
> Is there a reason you don't use a pure USB pathway for keyboard
> and mouse?
> 
> i.e. does your target computer not have a USB port available to
> take the KVM's input?

Hmm, that's an interesting thought --  yes that computer does have USB ports 
-- I've never tried inputting the keyboard or mouse (or both) in via those USB 
ports instead of the PS/2 ports.

I'll have to try that -- I'm reluctant to try too much which might break what 
I have currently working (and shutting down and restarting that computer is 
sort of a pain with various things that I have to reopen after restarting).

Thanks!

-- 
rhk 

(sig revised 20221206)

If you reply: snip, snip, and snip again; leave attributions; avoid HTML; 
avoid top posting; and keep it "on list".  (Oxford comma (and semi-colon) 
included at no charge.)  If you revise the topic, change the Subject: line.  
If you change the topic, start a new thread.

Writing is often meant for others to read and understand (legal documents 
excepted?) -- make it easier for your reader by various means, including 
liberal use of whitespace (short paragraphs, separated by whitespace / blank 
lines) and minimal use of (obscure?) jargon, abbreviations, acronyms, and 
references.

If someone has already responded to a question, decide whether any response 
you add will be helpful or not ...

A picture is worth a thousand words.  A video (or "audio"): not so much -- 
divide by 10 for each minute of video (or audio) or create a transcript and 
edit it to 10% of the original.

A speaker who uses ahhs, ums, or such may have a real physical or mental 
disability, or may be showing disrespect for his listeners by not properly 
preparing in advance and thinking before speaking.  (Remember Cicero who did 
not have enough time to write a short missive.)  (That speaker might have been 
"trained" to do this by being interrupted often if he pauses.)

A radio (or TV) station which broadcasts speakers with high pitched voices (or 
very low pitched / gravelly voices) (which older people might not be able to 
hear properly) disrespects its listeners.   Likewise if it broadcasts 
extraneous or disturbing sounds (like gunfire or crying), or broadcasts 
speakers using their native language (with or without an overdubbed 
translation).

A person who writes a sig this long probably has issues and disrespects (and 
offends) a large number of readers. ;-)
'

Re: OT: (KVM) Splitting a combined USB mouse and keyboard cable to feed separate mouse and keyboard inputs

[Dan Ritter]

rhkra...@gmail.com wrote: 
> Leading up to the Problem: My problem is this: one of the computers that I 
> need / want to keep in service for some time yet has separate inputs for the 
> keyboard and mouse -- the existing KVMs have separate outputs for the 
> keyboard 
> and mouse, so all is (was) good.  (The other computer that I need to keep in 
> service has separate and combined keyboard and mouse inputs, i.e., one PS/2 
> or 
> USB cable can carry the combined signal from a mouse and keyboard into the 
> computer and both are detected and work.  The first computer, mentioned 
> above, 
> does  not handle a mouse and keyboard combined to one input.
> 
> The Problem: Many of the KVMs that I've looked at recently have one USB 
> output 
> (one for each computer) which carries the combined keyboard and mouse signals.
> 
> I'm wondering if there is a way to take that one USB output and divide it 
> into 
> separate keyboard and mouse outputs.  I'm thinking of maybe a "Rube Goldburg" 
> approach that might involve feeding that one USB output into a hub from which 
> I'd run two USB cables (with USB to PS/2 adapters).  I'm hoping the mouse 
> input would ignore keyboard signals and the keyboard input would ignore mouse 
> signals.
> 
> Summary: Does anybody (on here) have experience with something like this: 
> that 
> is, taking a USB cable with combined mouse and keyboard signals and somehow 
> splitting them to feed separate keyboard and mouse inputs on a computer?

Is there a reason you don't use a pure USB pathway for keyboard
and mouse?

i.e. does your target computer not have a USB port available to
take the KVM's input?

-dsr-

OT: (KVM) Splitting a combined USB mouse and keyboard cable to feed separate mouse and keyboard inputs

[rhkramer]

Background: My KVM switch (and a keyboard) died in two (freak)A(ccidents)BKAC.  

My spare KVM did not work, so I'm looking for another KVM.  (For now, I'm 
using the original KVM for switching the VGA video and keyboard, and have 
separate mice plugged into each computer (only two in service (on a 4 port 
KVM) at the moment).  The KVM also  handles audio, and I plan to find another 
KVM that handles audio.

I could buy anonther (used) one like the two I have, but I'm a little gunshy.

Leading up to the Problem: My problem is this: one of the computers that I 
need / want to keep in service for some time yet has separate inputs for the 
keyboard and mouse -- the existing KVMs have separate outputs for the keyboard 
and mouse, so all is (was) good.  (The other computer that I need to keep in 
service has separate and combined keyboard and mouse inputs, i.e., one PS/2 or 
USB cable can carry the combined signal from a mouse and keyboard into the 
computer and both are detected and work.  The first computer, mentioned above, 
does  not handle a mouse and keyboard combined to one input.

The Problem: Many of the KVMs that I've looked at recently have one USB output 
(one for each computer) which carries the combined keyboard and mouse signals.

I'm wondering if there is a way to take that one USB output and divide it into 
separate keyboard and mouse outputs.  I'm thinking of maybe a "Rube Goldburg" 
approach that might involve feeding that one USB output into a hub from which 
I'd run two USB cables (with USB to PS/2 adapters).  I'm hoping the mouse 
input would ignore keyboard signals and the keyboard input would ignore mouse 
signals.

Summary: Does anybody (on here) have experience with something like this: that 
is, taking a USB cable with combined mouse and keyboard signals and somehow 
splitting them to feed separate keyboard and mouse inputs on a computer?

Aside: The two freak (and / or dumb) accidents that got me into this 
situation:

   * The freak accident: My keyboard stopped working.  Eventually I found a 
piece of tape that somehow got onto the keyboard and was holding a key down (I 
didn't pay careful attention at the time but it was in the viciinity of the 
F12 key on a  Microsoft ergonomic keyboard).  My guess is that that held down 
key eventually killed the keyboard.  (In any event, it is dead.)

   * The dumb mistake: I tried to move cables around (to try different 
keyboards) with the KVM still powered up but switched to an unused port.  
While doing that I fat fingered (well, fat armed) the slector switch which 
switched to an in-use USB port while I was plugging / unplugging the PS/2 / 
USB mouse.  I should have just depowered the KVM ;-(

Thanks!

-- 
rhk 

(sig revised 20221206)

If you reply: snip, snip, and snip again; leave attributions; avoid HTML; 
avoid top posting; and keep it "on list".  (Oxford comma (and semi-colon) 
included at no charge.)  If you revise the topic, change the Subject: line.  
If you change the topic, start a new thread.

Writing is often meant for others to read and understand (legal documents 
excepted?) -- make it easier for your reader by various means, including 
liberal use of whitespace (short paragraphs, separated by whitespace / blank 
lines) and minimal use of (obscure?) jargon, abbreviations, acronyms, and 
references.

If someone has already responded to a question, decide whether any response 
you add will be helpful or not ...

A picture is worth a thousand words.  A video (or "audio"): not so much -- 
divide by 10 for each minute of video (or audio) or create a transcript and 
edit it to 10% of the original.

A speaker who uses ahhs, ums, or such may have a real physical or mental 
disability, or may be showing disrespect for his listeners by not properly 
preparing in advance and thinking before speaking.  (Remember Cicero who did 
not have enough time to write a short missive.)  (That speaker might have been 
"trained" to do this by being interrupted often if he pauses.)

A radio (or TV) station which broadcasts speakers with high pitched voices (or 
very low pitched / gravelly voices) (which older people might not be able to 
hear properly) disrespects its listeners.   Likewise if it broadcasts 
extraneous or disturbing sounds (like gunfire or crying), or broadcasts 
speakers using their native language (with or without an overdubbed 
translation).

A person who writes a sig this long probably has issues and disrespects (and 
offends) a large number of readers. ;-)
'

With bookworm's kernel, QEMU-KVM EFI cannot see virtio partitions

[Jorge P. de Morais Neto]

Windows-10-Jorge.xml
Description: XML document
Hi!  After I upgraded to bookworm, my QEMU-KVM VM fails to boot the
guest OS; instead it drops to the EFI shell.  If I boot the physical
host into bullseye's kernel (Linux 5.10) then the VM boots normally.

This VM has two virtual disks, each backed by a physical partition---one
partition in my NVMe SSD and the other on my HDD.  The interface for
both virtual disks is virtio.  I have attached the XML.

Is this a known problem?  Is there a workaround, other than booting the
physical host into an older kernel?  Should I report this as a bug?

Regards

-- 
- Many people hate injustice but few check the facts; this causes more
  injustice.  Ask me about <https://stallmansupport.org>
- I am Brazilian.  I hope my English is correct and I welcome feedback.
- https://www.defectivebydesign.org
- https://www.gnu.org

Re: Copy/paste between host and KVM/windows 10 guest??

[Alexander V. Makartsev]

On 08.04.2022 14:23, didier gaumet wrote:

Le vendredi 08 avril 2022 à 13:48 +0500, Alexander V. Makartsev a
écrit :

I've had "virtio-win-guest-tools" installed inside Win10 guest

does it appear in the list of the Windows installed applications list
(Windows parameters menu)?
I just verified: that's the only thing I installed in the Win10 guest
related to guest drivers/utilities. (Bullseye here)

Yes it does.

After some investigations, I've managed to get copy\paste action working.
So, to answer Dennis' question, this is a list of things necessary for 
it to work:

1. "virtio-win-guest-tools" has to be installed inside Windows guest.
2. VM guest configuration has to have "Channel spice" device (type 
"spicevmc" with default settings)
3. Required services called "QEMU Guest Agent" and "Spice Agent" has to 
be in running state inside Windows guest.


Adding user to groups "libvirt" and\or "libvirt-qemu" is not necessary 
to get copy\paste functions to work.
And it is probably more secure not to add user to these groups, 
especially if it is your PC and you are the only user.


--
With kindest regards, Alexander.

⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄

Re: Copy/paste between host and KVM/windows 10 guest??

[didier gaumet]

Le vendredi 08 avril 2022 à 13:48 +0500, Alexander V. Makartsev a
écrit :
> 
> I've had "virtio-win-guest-tools" installed inside Win10 guest

does it appear in the list of the Windows installed applications list
(Windows parameters menu)?
I just verified: that's the only thing I installed in the Win10 guest
related to guest drivers/utilities. (Bullseye here)

>  from
> the 
> very beginning, but copy\paste actions from host to guest and vise
> versa 
> still don't work.
> There must be something else to setup, perhaps clipboard becomes 
> unavailable due to user switching?
>  Ex. "sudo virsh list --all" works, but "virsh list --all"
> doesn't.

from the virsh manpage:
"[...]
NOTES
[...]
Most virsh commands require root privileges to run due to the
communications channels used to talk to the hypervisor. Running as non
root will return an error.
[...]"

> And when I run "Virtual Machine Manager" it asks me for password.

If you want to avoid the system asking for privilege elevation, adding
your user to the libvirt and libvirt-qemu groups should do the trick

Re: Copy/paste between host and KVM/windows 10 guest??

[Alexander V. Makartsev]

On 08.04.2022 13:19, didier gaumet wrote:

Hello,

RHEL/Fedora provide guest (virtio) drivers and agents. I have installed
the whole bunch (ISO) into a Win10 KVM guest and the copy/paste is
working properly but I think what is required here is only the Spîce
guest agent.
https://github.com/virtio-win/virtio-win-pkg-scripts/blob/master/README.md
(just run the .exe installer (at the root of the iso) in the guest)
I've had "virtio-win-guest-tools" installed inside Win10 guest from the 
very beginning, but copy\paste actions from host to guest and vise versa 
still don't work.
There must be something else to setup, perhaps clipboard becomes 
unavailable due to user switching?

    Ex. "sudo virsh list --all" works, but "virsh list --all" doesn't.
And when I run "Virtual Machine Manager" it asks me for password.

--
With kindest regards, Alexander.

⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄

Re: Copy/paste between host and KVM/windows 10 guest??

[didier gaumet]

Le jeudi 07 avril 2022 à 18:18 -0500, Dennis Wicks a écrit :
> It doesn't work for me and the suggested solutions I have 
> found are referring to a linux guest.
> 
> TIA for pointers, suggestions, solutions!
> Denniis
> 
> 
Hello,

RHEL/Fedora provide guest (virtio) drivers and agents. I have installed
the whole bunch (ISO) into a Win10 KVM guest and the copy/paste is
working properly but I think what is required here is only the Spîce
guest agent.
https://github.com/virtio-win/virtio-win-pkg-scripts/blob/master/README.md
(just run the .exe installer (at the root of the iso) in the guest)

Re: Copy/paste between host and KVM/windows 10 guest??

[Alexander V. Makartsev]

On 08.04.2022 04:18, Dennis Wicks wrote:
It doesn't work for me and the suggested solutions I have found are 
referring to a linux guest.


TIA for pointers, suggestions, solutions!
Denniis

I've never bothered to make copy\paste actions work natively (if that is 
even possible) and always used RDP to connect to Windows guest instead 
of SPICE.
By using RDP connection you solve many quality of life issues, like 
copy\paste, file sharing, smoother GUI performance, etc.

I use "Remmina" as a front end, to manage remote desktop connections.

--
With kindest regards, Alexander.

⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄

Copy/paste between host and KVM/windows 10 guest??

[Dennis Wicks]

It doesn't work for me and the suggested solutions I have 
found are referring to a linux guest.


TIA for pointers, suggestions, solutions!
Denniis

Re: QEMU/KVM doesn't open new window - Access only via vnc viewer

[Dieter Rohlfing]

Am Thu, 31 Mar 2022 15:42:43 +0100
schrieb Gareth Evans :

>A different invocation method, but does this help, or give a clue to something 
>equivalent?
>
>https://lists.debian.org/debian-user/2021/09/msg00691.html

The link was the path to the solution. For gtk output in a newly created
window I had to install the package "qemu-system-gui".

Thanks a lot for your reply and have a nice day.

Dieter

Re: QEMU/KVM doesn't open new window - Access only via vnc viewer

[Gareth Evans]

> On 31 Mar 2022, at 09:44, Dieter Rohlfing  wrote:
> 
> Hi,
> 
> I'm just about to install Debian11/Bullseye on a host. There are several
> VMs running under QEMU/KVM to set up.
> 
> With Debian9/Stretch I created a new VM via command line:
> 
> /usr/bin/kvm -drive
> file=/qemu/win-70/win-70.jessie.raw,if=virtio,media=disk,cache=none,format=raw
> -name Win-70 -vga std -m 3072 -enable-kvm -rtc base=localtime -boot order=c
> 
> As a result QEMU/KVM opened a new window with the output of the VM.
> 
> With Debian11/Bullseye QEMU/KVM doesn't open a new window, but a message
> appears, telling me to access the output via a vnc viewer. With the vnc
> viewer I can see this output: the VM started correctly.
> 
> How can I get back the output of the VM in a window (like in Debian9)?
> 
> My researches in the internet delivered no results. I always found
> statements like "open a window with the option '-vga std'". Is this no
> more valid for Debian11?
> 
> Dieter
> 

A different invocation method, but does this help, or give a clue to something 
equivalent?

https://lists.debian.org/debian-user/2021/09/msg00691.html

Re: QEMU/KVM doesn't open new window - Access only via vnc viewer

[Christian Britz]

Hello Dieter,

unfortunately I have no answer for this specific problem, but I can
strongly recommend the virt-manager solution which utilizes qemu (and
kvm if available).

Regards,
Christian

On 2022-03-31 10:44 UTC+0200, Dieter Rohlfing wrote:
> Hi,
> 
> I'm just about to install Debian11/Bullseye on a host. There are several
> VMs running under QEMU/KVM to set up.
> 
> With Debian9/Stretch I created a new VM via command line:
> 
> /usr/bin/kvm -drive
> file=/qemu/win-70/win-70.jessie.raw,if=virtio,media=disk,cache=none,format=raw
> -name Win-70 -vga std -m 3072 -enable-kvm -rtc base=localtime -boot order=c
> 
> As a result QEMU/KVM opened a new window with the output of the VM.
> 
> With Debian11/Bullseye QEMU/KVM doesn't open a new window, but a message
> appears, telling me to access the output via a vnc viewer. With the vnc
> viewer I can see this output: the VM started correctly.
> 
> How can I get back the output of the VM in a window (like in Debian9)?
> 
> My researches in the internet delivered no results. I always found
> statements like "open a window with the option '-vga std'". Is this no
> more valid for Debian11?
> 
> Dieter
> 

-- 
http://www.cb-fraggle.de

QEMU/KVM doesn't open new window - Access only via vnc viewer

[Dieter Rohlfing]

Hi,

I'm just about to install Debian11/Bullseye on a host. There are several
VMs running under QEMU/KVM to set up.

With Debian9/Stretch I created a new VM via command line:

/usr/bin/kvm -drive
file=/qemu/win-70/win-70.jessie.raw,if=virtio,media=disk,cache=none,format=raw
-name Win-70 -vga std -m 3072 -enable-kvm -rtc base=localtime -boot order=c

As a result QEMU/KVM opened a new window with the output of the VM.

With Debian11/Bullseye QEMU/KVM doesn't open a new window, but a message
appears, telling me to access the output via a vnc viewer. With the vnc
viewer I can see this output: the VM started correctly.

How can I get back the output of the VM in a window (like in Debian9)?

My researches in the internet delivered no results. I always found
statements like "open a window with the option '-vga std'". Is this no
more valid for Debian11?

Dieter

Re: KVM max CPU speed to guest

[basti]

On 13.01.22 01:41, Igor Cicimov wrote:
> Hi,
> 
> On 13 Jan 2022 07:33, basti  wrote:
> 
> Hello,
> 
> first of all the most modern CPU in the last 10 years (I gues) use so
> called speed-stepping.
> 
> As I can see I was wondering why that speed stepping is not set in a
> KVM
> guest, even if I use "host-passthrough" in the cpu config of the guest.
> 
> virsh dumpxml almalinux | grep -i cpu
>   2
>   
> 
> The cpu on the "host" is:
> 
> root@q2:~# lscpu
> Architecture:    x86_64
> CPU op-mode(s):  32-bit, 64-bit
> Byte Order:  Little Endian
> Address sizes:   36 bits physical, 48 bits virtual
> CPU(s):  4
> On-line CPU(s) list: 0-3
> Thread(s) per core:  1
> Core(s) per socket:  4
> Socket(s):   1
> NUMA node(s):    1
> Vendor ID:   GenuineIntel
> CPU family:  6
> Model:   76
> Model name:  Intel(R) Celeron(R) CPU  N3160  @
> 1.60GHz
> Stepping:    4
> CPU MHz: 480.096
> CPU max MHz: 2240.
> CPU min MHz: 480.
> BogoMIPS:    3200.00
> Virtualization:  VT-x
> L1d cache:   96 KiB
> L1i cache:   128 KiB
> L2 cache:    2 MiB
> NUMA node0 CPU(s):   0-3
> Vulnerability Itlb multihit: Not affected
> Vulnerability L1tf:  Not affected
> Vulnerability Mds:   Vulnerable: Clear CPU buffers
> attempted, no microcode; SMT disabled
> Vulnerability Meltdown:  Mitigation; PTI
> Vulnerability Spec store bypass: Not affected
> Vulnerability Spectre v1:    Mitigation; usercopy/swapgs barriers
> and __user pointer sanitization
> Vulnerability Spectre v2:    Mitigation; Full generic retpoline,
> STIBP disabled, RSB filling
> Vulnerability Srbds: Not affected
> Vulnerability Tsx async abort:   Not affected
> Flags:   fpu vme de pse tsc msr pae mce cx8
> apic
> sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2
> ss ht
> tm pbe syscall nx rdtsc
>  p lm constant_tsc arch_perfmon pebs
> bts
> rep_good nopl xtopology tsc_reliable nonstop_tsc cpuid aperfmperf
> tsc_known_freq pni pclmulqdq d
>  tes64 monitor ds_cpl vmx est tm2 ssse3
> cx16 xtpr pdcm sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes rdrand
> lahf_lm 3dnowprefetch epb
>   pti tpr_shadow vnmi flexpriority ept
> vpid tsc_adjust smep erms dtherm ida arat
> root@q2:~#
> 
> So the max cpu speed should be 2240 MHz.
> 
> On the guest it is:
> 
> [root@almalinux ~]# lscpu
> Architektur: x86_64
> CPU Operationsmodus: 32-bit, 64-bit
> Byte-Reihenfolge:    Little Endian
> CPU(s):  2
> Liste der Online-CPU(s): 0,1
> Thread(s) pro Kern:  1
> Kern(e) pro Socket:  1
> Sockel:  2
> NUMA-Knoten: 1
> Anbieterkennung: GenuineIntel
> BIOS Vendor ID:  QEMU
> Prozessorfamilie:    6
> Modell:  76
>     Modellname:  Intel(R) Celeron(R) CPU  N3160  @ 1.60GHz
> BIOS Model name: pc-i440fx-3.1
> Stepping:    4
> CPU MHz: 1600.000
> BogoMIPS:    3200.00
> Virtualisierung: VT-x
> Hypervisor-Anbieter: KVM
> Virtualisierungstyp: voll
> L1d Cache:   32K
> L1i Cache:   32K
> L2 Cache:    4096K
> L3 Cache:    16384K
> NUMA-Knoten0 CPU(s): 0,1
> Markierungen:    fpu vme de pse tsc msr pae mce cx8 apic sep
> mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx
> rdtscp lm constant_tsc arch_perfmon rep_good nopl xtopology cpuid
> tsc_known_freq pni pclmulqdq vmx ssse3 cx16 pdcm sse4_1 sse4_2 x2apic
> movbe popcnt tsc_deadline_timer aes rdrand hypervisor lahf_lm
> 3dnowprefetch cpuid_fault pti tpr_shadow vnmi flexpriority ept vpid
> tsc_adjust smep erms arat umip arch_capabilities
> 
>

KVM max CPU speed to guest

[basti]

Hello,

first of all the most modern CPU in the last 10 years (I gues) use so
called speed-stepping.

As I can see I was wondering why that speed stepping is not set in a KVM
guest, even if I use "host-passthrough" in the cpu config of the guest.

virsh dumpxml almalinux | grep -i cpu
  2
  

The cpu on the "host" is:

root@q2:~# lscpu
Architecture:x86_64
CPU op-mode(s):  32-bit, 64-bit
Byte Order:  Little Endian
Address sizes:   36 bits physical, 48 bits virtual
CPU(s):  4
On-line CPU(s) list: 0-3
Thread(s) per core:  1
Core(s) per socket:  4
Socket(s):   1
NUMA node(s):1
Vendor ID:   GenuineIntel
CPU family:  6
Model:   76
Model name:  Intel(R) Celeron(R) CPU  N3160  @ 1.60GHz
Stepping:4
CPU MHz: 480.096
CPU max MHz: 2240.
CPU min MHz: 480.
BogoMIPS:3200.00
Virtualization:  VT-x
L1d cache:   96 KiB
L1i cache:   128 KiB
L2 cache:2 MiB
NUMA node0 CPU(s):   0-3
Vulnerability Itlb multihit: Not affected
Vulnerability L1tf:  Not affected
Vulnerability Mds:   Vulnerable: Clear CPU buffers
attempted, no microcode; SMT disabled
Vulnerability Meltdown:  Mitigation; PTI
Vulnerability Spec store bypass: Not affected
Vulnerability Spectre v1:Mitigation; usercopy/swapgs barriers
and __user pointer sanitization
Vulnerability Spectre v2:Mitigation; Full generic retpoline,
STIBP disabled, RSB filling
Vulnerability Srbds: Not affected
Vulnerability Tsx async abort:   Not affected
Flags:   fpu vme de pse tsc msr pae mce cx8 apic
sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht
tm pbe syscall nx rdtsc
 p lm constant_tsc arch_perfmon pebs bts
rep_good nopl xtopology tsc_reliable nonstop_tsc cpuid aperfmperf
tsc_known_freq pni pclmulqdq d
 tes64 monitor ds_cpl vmx est tm2 ssse3
cx16 xtpr pdcm sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes rdrand
lahf_lm 3dnowprefetch epb
  pti tpr_shadow vnmi flexpriority ept
vpid tsc_adjust smep erms dtherm ida arat
root@q2:~#

So the max cpu speed should be 2240 MHz.

On the guest it is:

[root@almalinux ~]# lscpu
Architektur: x86_64
CPU Operationsmodus: 32-bit, 64-bit
Byte-Reihenfolge:Little Endian
CPU(s):  2
Liste der Online-CPU(s): 0,1
Thread(s) pro Kern:  1
Kern(e) pro Socket:  1
Sockel:  2
NUMA-Knoten: 1
Anbieterkennung: GenuineIntel
BIOS Vendor ID:  QEMU
Prozessorfamilie:6
Modell:  76
Modellname:  Intel(R) Celeron(R) CPU  N3160  @ 1.60GHz
BIOS Model name: pc-i440fx-3.1
Stepping:4
CPU MHz: 1600.000
BogoMIPS:3200.00
Virtualisierung: VT-x
Hypervisor-Anbieter: KVM
Virtualisierungstyp: voll
L1d Cache:   32K
L1i Cache:   32K
L2 Cache:4096K
L3 Cache:16384K
NUMA-Knoten0 CPU(s): 0,1
Markierungen:fpu vme de pse tsc msr pae mce cx8 apic sep
mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx
rdtscp lm constant_tsc arch_perfmon rep_good nopl xtopology cpuid
tsc_known_freq pni pclmulqdq vmx ssse3 cx16 pdcm sse4_1 sse4_2 x2apic
movbe popcnt tsc_deadline_timer aes rdrand hypervisor lahf_lm
3dnowprefetch cpuid_fault pti tpr_shadow vnmi flexpriority ept vpid
tsc_adjust smep erms arat umip arch_capabilities

So I can't use the 2240 MHz in the guest.
When I set the cpu governor to "performance" on the host, it doesn't
matter. The host only see 1600 MHz.

What's wrong there and how should I fix this?

Re: Trunk-bond-vlan-bridge on KVM and LXC host Stretch x Buster

[debbug]

Hi,
for the reference, the issue is solved by this config below.
 
Ales
 
 
 
 
---
 
cat /etc/network/interfaces
auto lo
iface lo inet loopback




#auto ens3f0
#iface  ens3f0 inet manual


#auto ens3f1
#iface ens3f1 inet manual


allow-hotplug ens3f0
iface  ens3f0 inet manual


allow-hotplug ens3f1
iface ens3f1 inet manual






auto bond0
iface bond0 inet manual
        bond-slaves  ens3f0 ens3f1
        bond-mode 1 
bond-primary ens3f1 
bond-arp-validate all
# Specifies the MII link monitoring frequency in milliseconds. This determines 
how often the link state of each slave is inspected for link failures. 
# bond-miimon 500
#     bond-downdelay 500
# Specifies the time, in milliseconds, to wait before disabling a slave after a 
link failure has been detected.
#     bond-updelay 500
        bond-arp-interval 5000
        bond-arp-ip-target 10.5.75.1






auto br0.20
iface br0.20 inet static
address 10.5.75.144
netmask 255.255.255.0
network 10.5.75.0
broadcast 10.5.75.255
gateway 10.5.75.1
dns-nameservers 10.5.64.4 10.5.65.4
dns-search my-domain
bridge_ports bond0.20
bridge_fd 0
bridge_maxwait 0
bridge_stp off




auto br0.21
iface br0.21 inet manual
dns-nameservers 10.5.64.4 10.5.65.4
        dns-search chmi.cz
        bridge_ports bond0.21
        vlan-raw-device bond0
 


brctl showbridge name bridge id STP enabled interfacesbr0.20 8000.9295da8a5326 no bond0.20br0.21 8000.9295da8a5326 no bond0.21 bridge 
link12: bond0.20@bond0:  mtu 1500 master br0.20 state forwarding priority 32 cost 2 14: 
bond0.21@bond0:  mtu 1500 master br0.21 state forwarding priority 32 cost 2 ip a s1: lo: 
 mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000    link/loopback 00:00:00:00:00:00 brd 
00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo       valid_lft forever preferred_lft forever    inet6 ::1/128 scope host        
valid_lft forever preferred_lft forever4: ens3f0:  mtu 1500 qdisc mq master bond0 state UP 
group default qlen 1000    link/ether 92:95:da:8a:53:26 brd ff:ff:ff:ff:ff:ff5: ens3f1:  mtu 
1500 qdisc mq master bond0 state UP group default qlen 1000    link/ether 92:95:da:8a:53:26 brd ff:ff:ff:ff:ff:ff10: bond0: 
 mtu 1500 qdisc noqueue state UP group default qlen 1000    link/ether 92:95:da:8a:53:26 brd 
ff:ff:ff:ff:ff:ff11: br0.20:  mtu 1500 qdisc noqueue state UP group default qlen 1000    link/ether 
92:95:da:8a:53:26 brd ff:ff:ff:ff:ff:ff    inet 10.5.75.144/24 brd 10.5.75.255 scope global br0.20       valid_lft forever preferred_lft 
forever    inet6 fe80::9095:daff:fe8a:5326/64 scope link        valid_lft forever preferred_lft forever12: bond0.20@bond0: 
 mtu 1500 qdisc noqueue master br0.20 state UP group default qlen 1000    link/ether 
92:95:da:8a:53:26 brd ff:ff:ff:ff:ff:ff13: br0.21:  mtu 1500 qdisc noqueue state UP group default 
qlen 1000    link/ether 92:95:da:8a:53:26 brd ff:ff:ff:ff:ff:ff    inet6 fe80::9095:daff:fe8a:5326/64 scope link        valid_lft forever 
preferred_lft forever14: bond0.21@bond0:  mtu 1500 qdisc noqueue master br0.21 state UP group 
default qlen 1000    link/ether 92:95:da:8a:53:26 brd ff:ff:ff:ff:ff:ff ip route showdefault via 10.5.75.1 dev br0.20 onlink 10.5.75.0/24 
dev br0.20 proto kernel scope link src 10.5.75.144  ping 10.5.75.144PING 10.5.75.144 (10.5.75.144) 56(84) bytes of data.64 bytes from 
10.5.75.144: icmp_seq=1 ttl=63 time=0.310 ms64 bytes from 10.5.75.144: icmp_seq=2 ttl=63 time=0.400 ms64 bytes from 10.5.75.144: icmp_seq=3 
ttl=63 time=0.396 ms64 bytes from 10.5.75.144: icmp_seq=4 ttl=63 time=0.389 ms64 bytes from 10.5.75.144: icmp_seq=5 ttl=63 time=0.385 ms64 
bytes from 10.5.75.144: icmp_seq=6 ttl=63 time=0.332 ms64 bytes from 10.5.75.144: icmp_seq=7 ttl=63 time=0.310 ms64 bytes from 10.5.75.144: 
icmp_seq=8 ttl=63 time=0.398 ms64 bytes from 10.5.75.144: icmp_seq=9 ttl=63 time=0.390 ms64 bytes from 10.5.75.144: icmp_seq=10 ttl=63 
time=0.396 ms64 bytes from 10.5.75.144: icmp_seq=11 ttl=63 time=0.312 ms64 bytes from 10.5.75.144: icmp_seq=12 ttl=63 time=0.398 ms^C--- 
10.5.75.144 ping statistics ---12 packets transmitted, 12 received, 0% packet loss, time 265msrtt min/avg/max/mdev = 
0.310/0.368/0.400/0.037 ms

Re: Recommended KVM box: HDMI (video), USB (mouse+kb+periferal), 4-port

[rhkramer]

On Tuesday, October 19, 2021 06:21:34 AM Tom Browder wrote:
> Thanks! I forget about ebay—I only used it once many years ago. And the
> Belkin products I’ve used in the past have worked fine.

You're welcome!

I buy quite a few things off ebay (for some definition of quite a few) -- some 
used things, mostly new, from the far east, with very few bad experiences (and 
all but two of those resolved by the ebay or PayPal money back policies. 

ebay has extended the (money back) gurantee period to longer than 30 days 
(maybe 60 days now?), and they start the period when you receive your order 
(or it should have been received) so the long shipping times from the far east 
are no longer the same issue.  And PayPal now has a 6-month guarantee period, 
so if you pay with PayPal and miss the ebay guarantee, you can use the PayPal 
guarantee.  (Obviously, those guarantees don't cover everything -- I have 
mainly used them for the few cases of non-delivery I've had.)

(Aside: When I look at my ebay account, I see "(356)" behind my name -- I 
don't know if that means I made 356 transactions (almost all purchanses) on 
ebay since I started using them (at least since 2012, maybe before that)

One of the aggravating ones was some seller of NiMH cells (AAA) (a vendor 
using the trade name "hot-rc".  

I ordered 24 AAA cells rated at 1800 maHr.  I tested a few, and wrote to tell 
him the cells were not holding anywhere near the 1800 maHr charge (much less 
than 100 maHr) he asked me to test them all.  I wrote back to tell him it 
would take me a while to do that.

When I finished testing them and wrote back to him, he essentially laughed at 
me because it was past the 30-day (iirc, at the time) money back period.

I'd like to find (or start) a hall of shame for ebay sellers -- I have one or 
two others I'd add to the list.  

Oh, the other bad thing about that was that I couldn't give him a bad rating 
because the same 30-day period (or something like it) applied to giving 
feedback.

Re: Recommended KVM box: HDMI (video), USB (mouse+kb+periferal), 4-port

[Tom Browder]

On Mon, Oct 18, 2021 at 20:29  wrote:
…

> I am using a Belkin SOHO 4-Port KVM Switch Box F1DS104J, bought used off
> ebay
>
in January, 2020 for under $20.


Thanks! I forget about ebay—I only used it once many years ago. And the
Belkin products I’ve used in the past have worked fine.

-Tom

Re: Recommended KVM box: HDMI (video), USB (mouse+kb+periferal), 4-port

[rhkramer]

On Monday, October 18, 2021 09:03:10 PM Tom Browder wrote:
> I am in the market for a new (or refurbished) KVM with the subject
> attributes.  I only need to support a single monitor, but reliability and
> holding video settings for each computer are important to me.
> 
> Reviews I've found online are terrible, but I would appreciate hearing from
> satisfied Debian KVM users.

I am using a Belkin SOHO 4-Port KVM Switch Box F1DS104J, bought used off ebay 
in January, 2020 for under $20.  Works fine, offhand I don't remember the specs 
-- I basically use 1920x1028 resolution with no recognizable deterioration in 
the video display.  

(Thank goodness I have a wooden desktop so I can knock on wood.  (I did buy 
two, have the 2nd as a spare.)

Recommended KVM box: HDMI (video), USB (mouse+kb+periferal), 4-port

[Tom Browder]

I am in the market for a new (or refurbished) KVM with the subject
attributes.  I only need to support a single monitor, but reliability and
holding video settings for each computer are important to me.

Reviews I've found online are terrible, but I would appreciate hearing from
satisfied Debian KVM users.

Thanks.

-Tom

Re: Shared folder and wireless printer for qemu/kvm

[Gary L. Roach]

On 10/5/21 4:25 PM, Gary L. Roach wrote:


Hi again,

I finally found a straight forward installation process for shared 
folders. See:


*https://nts.strzibny.name/how-to-set-up-shared-folders-in-virt-manager/*

If you are using something like /home/gary/vmshare as a folder name 
use that when in doubt.


Gary R.

On 10/4/21 3:38 PM, Gary L. Roach wrote:


Thanks for the reply

I am interested in printer only. As I stated in my email: The HP 
printer is wifi connected to my local network and is accessible by 
all of the computers on the network. *This includes the host system*. 
Right now the shared folder is probably more important because I can 
then switch systems and print a file from the host system.


Gary R.

On 10/4/21 3:08 PM, Charles Curley wrote:

On Mon, 4 Oct 2021 14:10:21 -0700
"Gary L. Roach"  wrote:


I have my Debian 11 installation as host. I installed Debian 10 on
qemu/kvm to run a program that needs Qt4. I need to set up a shared
folder and connection to my wifi networked HP Officejet Pro 8600
printer.

What do you need to connect to it for? Printing? Scanning? Both?

The first thing I would do is make sure I can access the printer from
the host OS. Then see if CUPS/SANE on the guest will find the printer by
itself. If not, I'd copy the CUPS setup by copy and paste from the host
to the guest. For SANE, I'd copy /etc/sane.d/dll.d/hplip over.

The SANE driver will almost certainly be hpaio.

Another possibility for the printer is to make the host instance
sharable and use that share on the guest.

Re: Shared folder and wireless printer for qemu/kvm

[Gary L. Roach]

Thanks for the reply

I am interested in printer only. As I stated in my email: The HP printer 
is wifi connected to my local network and is accessible by all of the 
computers on the network. *This includes the host system*. Right now the 
shared folder is probably more important because I can then switch 
systems and print a file from the host system.


Gary R.

On 10/4/21 3:08 PM, Charles Curley wrote:

On Mon, 4 Oct 2021 14:10:21 -0700
"Gary L. Roach"  wrote:


I have my Debian 11 installation as host. I installed Debian 10 on
qemu/kvm to run a program that needs Qt4. I need to set up a shared
folder and connection to my wifi networked HP Officejet Pro 8600
printer.

What do you need to connect to it for? Printing? Scanning? Both?

The first thing I would do is make sure I can access the printer from
the host OS. Then see if CUPS/SANE on the guest will find the printer by
itself. If not, I'd copy the CUPS setup by copy and paste from the host
to the guest. For SANE, I'd copy /etc/sane.d/dll.d/hplip over.

The SANE driver will almost certainly be hpaio.

Another possibility for the printer is to make the host instance
sharable and use that share on the guest.

Re: Shared folder and wireless printer for qemu/kvm

[Charles Curley]

On Mon, 4 Oct 2021 14:10:21 -0700
"Gary L. Roach"  wrote:

> I have my Debian 11 installation as host. I installed Debian 10 on 
> qemu/kvm to run a program that needs Qt4. I need to set up a shared 
> folder and connection to my wifi networked HP Officejet Pro 8600 
> printer.

What do you need to connect to it for? Printing? Scanning? Both?

The first thing I would do is make sure I can access the printer from
the host OS. Then see if CUPS/SANE on the guest will find the printer by
itself. If not, I'd copy the CUPS setup by copy and paste from the host
to the guest. For SANE, I'd copy /etc/sane.d/dll.d/hplip over.

The SANE driver will almost certainly be hpaio.

Another possibility for the printer is to make the host instance
sharable and use that share on the guest.

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Shared folder and wireless printer for qemu/kvm

[Gary L. Roach]

Hi all,

Operating System: Debian GNU/Linux 11
KDE Plasma Version: 5.20.5
KDE Frameworks Version: 5.78.0
Qt Version: 5.15.2
Kernel Version: 5.10.0-8-amd64
OS Type: 64-bit
Processors: 4 × AMD FX(tm)-4350 Quad-Core Processor
Memory: 15.6 GiB of RAM
Graphics Processor: AMD CAICOS

I have my Debian 11 installation as host. I installed Debian 10 on 
qemu/kvm to run a program that needs Qt4. I need to set up a shared 
folder and connection to my wifi networked HP Officejet Pro 8600 
printer. I have searched for a shared folder setup on the internet and 
have found multiple setups that don't agree with each other. Further, I 
don't remember the process to be so complicated when I did this before. 
Does anyone have a simple straight forward setup method.


I have not found a printer setup that works for my system. I can ping 
the printer from the guest OP. So the network bridge seems to be working 
fine. The HP printer is wifi connected to my local network and is 
accessible by all of the computers on the network. This includes the 
host system. I have Cups installed on both the host and guest systems. 
Nothing I do seems to find the printer. Note: Firefox works fine on the 
guest OS.


Any help will be sincerely appreciated.

Gary R.

Re: Error starting any Debian installation (on an AMD SEV enabled KVM)

[Office onFocus]

Yes, unfortunately, this is necessary to use SEV. Please take a look at these 
instructions.

https://libvirt.org/kbase/launch_security_sev.html
https://developer.amd.com/sev/

The settings memtune, uefi, iommu are required to use launchSecurity = sev

The use for secured KVM using AMD Secure Encrypted Virtualization (SEV) is 
unfortunately not mentioned in your link.

I showed you how to create a KVM and boot it to an Ubuntu or Centos image. It 
works that way but not with Debian. The question that arises is what is 
different about the other images than Debian Images. If you want I can of 
course also test other OS.

with --location http://deb.debian.org/debian/dists/buster/main/installer-amd64/ 
I cannot boot with sev on 
— this only works without launchSecurity sev

virsh destroy buster-amd64 ; virsh undefine buster-amd64 --nvram
virt-install --virt-type kvm --name buster-amd64 \
--boot uefi \
--location http://deb.debian.org/debian/dists/buster/main/installer-amd64/ \
--network network=ovs-test,model=virtio,driver.iommu=on  \
--os-variant debian10 \
--graphics vnc,keymap=de,password='testing passwd'  \
--video=cirrus  \
--disk size=20 --memory 4096 \
--memtune hard_limit=4563402 \
--launchSecurity sev

Best, Daniel

> There is no need to PM me. I am subscribed to the mailinglist.
> 
> 
> On Tue, Aug 10, 2021 at 02:06:04PM +0200, Office onFocus wrote:
>> these are my iso files:
>> 
> [...]
> 
>> wget 
>> https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-10.10.0-amd64-netinst.iso
>> wget 
>> https://get.debian.org/cdimage/weekly-builds/amd64/iso-cd/debian-testing-amd64-netinst.iso
>> 
> Those should do.
> 
> [...]
> 
> 
>> 
>> 
>> ## Testing DEBIAN
>> 
>> This Debian 10 test is NOT successful. You can boot the ISO and select any OS
>> from the GRUB menu. For example "Debian Installer". 
>> 
>>  Debian GNU/Linux Live (kernel 4.19.0-17-amd64)
>>  Debian Live with Localisation Support
>>  Graphical Debian Installer
>>  *Debian Installer
>>  Debian Installer with Speech Synthesis
>> 
>> The kernel should be loaded, but the KVM reboots and you are back in the 
>> GRUB menu :( 
>> 
>> 
>> 
>> The KVM creation is identical to Ubuntu except for the iso file and the 
>> os-variant parameter,
>> but the setting of the os-variant parameter has no effect. 
>> 
>> ---
>> root@server:/var/lib/libvirt/images# virsh destroy sev-test; virsh undefine 
>> sev-test --nvram
>> s  \
>> --launchSecurity sev
>> 
>> 
>> Domain 'sev-test' destroyed
>> 
>> Domain 'sev-test' has been undefined
>> 
>> root@server:/var/lib/libvirt/images# rm /var/lib/libvirt/images/sev-test* 
>> /var/lib/libvirt/qemu/nvram/sev-test_VARS.fd
>> rm: cannot remove '/var/lib/libvirt/qemu/nvram/sev-test_VARS.fd': No such 
>> file or directory
>> root@server:/var/lib/libvirt/images# qemu-img create -f qcow2 
>> /var/lib/libvirt/images/sev-test.qcow2 20G
>> Formatting '/var/lib/libvirt/images/sev-test.qcow2', fmt=qcow2 
>> cluster_size=65536 extended_l2=off compression_type=zlib size=21474836480 
>> lazy_refcounts=off refcount_bits=16
>> root@server:/var/lib/libvirt/images#
>> root@server:/var/lib/libvirt/images# virt-install \
>>> --name sev-test \
>>> --memory 4096 \
>>> --memtune hard_limit=4563402 \
>>> --boot uefi \
>>> --disk 
>>> /var/lib/libvirt/images/debian-live-10.10.0-amd64-standard.iso,device=cdrom 
>>> \
>>> --disk /var/lib/libvirt/images/sev-test.qcow2,device=disk,bus=scsi \
>>> --os-type linux \
>>> --os-variant debian10 \
>>> --import \
>>> --controller type=scsi,model=virtio-scsi,driver.iommu=on \
>>> --controller type=virtio-serial,driver.iommu=on \
>>> --memballoon driver.iommu=on \
>>> --graphics vnc,keymap=de,password='test passwd'  \
>>> --network network=ovs-test,model=virtio,driver.iommu=on  \
>>> --video=cirrus  \
>>> --launchSecurity sev
>> WARNING  Graphics requested but DISPLAY is not set. Not running virt-viewer.
>> WARNING  No console to launch for the guest, defaulting to --wait -1
>> 
>> Starting install...
>> 
>> Domain is still running. Installation may be in progress.
>> Waiting for the installation to complete.
>> ---
>> 
> 
> Is there a reason why you do it this way and you use all these
> options? Or is this just something you found on google?
> 
> Please try a much simpler approach for testing debian:
> 
> virt-install --virt-type kvm --name buster-amd64 \
> --location http://deb.debian.org/debian/dists/buster/main/installer-amd64/ \
> --os-variant debian10 \
> --disk size=20 --memory 4096
> 
> This is btw. from the debian wiki (https://wiki.debian.org/KVM)
> 
> -H
> 
> 
> -- 
> Henning Follmann   | hfollm...@itcfollmann.com
> 

Re: Error starting any Debian installation (on an AMD SEV enabled KVM)

[Henning Follmann]

There is no need to PM me. I am subscribed to the mailinglist.


On Tue, Aug 10, 2021 at 02:06:04PM +0200, Office onFocus wrote:
> these are my iso files:
> 
[...]

> wget 
> https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-10.10.0-amd64-netinst.iso
> wget 
> https://get.debian.org/cdimage/weekly-builds/amd64/iso-cd/debian-testing-amd64-netinst.iso
>
Those should do.

[...]


> 
> 
> ## Testing DEBIAN
> 
> This Debian 10 test is NOT successful. You can boot the ISO and select any OS
> from the GRUB menu. For example "Debian Installer". 
> 
>   Debian GNU/Linux Live (kernel 4.19.0-17-amd64)
>   Debian Live with Localisation Support
>   Graphical Debian Installer
>   *Debian Installer
>   Debian Installer with Speech Synthesis
> 
> The kernel should be loaded, but the KVM reboots and you are back in the GRUB 
> menu :( 
> 
> 
> 
> The KVM creation is identical to Ubuntu except for the iso file and the 
> os-variant parameter,
> but the setting of the os-variant parameter has no effect. 
> 
> ---
> root@server:/var/lib/libvirt/images# virsh destroy sev-test; virsh undefine 
> sev-test --nvram
> s  \
> --launchSecurity sev
> 
> 
> Domain 'sev-test' destroyed
> 
> Domain 'sev-test' has been undefined
> 
> root@server:/var/lib/libvirt/images# rm /var/lib/libvirt/images/sev-test* 
> /var/lib/libvirt/qemu/nvram/sev-test_VARS.fd
> rm: cannot remove '/var/lib/libvirt/qemu/nvram/sev-test_VARS.fd': No such 
> file or directory
> root@server:/var/lib/libvirt/images# qemu-img create -f qcow2 
> /var/lib/libvirt/images/sev-test.qcow2 20G
> Formatting '/var/lib/libvirt/images/sev-test.qcow2', fmt=qcow2 
> cluster_size=65536 extended_l2=off compression_type=zlib size=21474836480 
> lazy_refcounts=off refcount_bits=16
> root@server:/var/lib/libvirt/images#
> root@server:/var/lib/libvirt/images# virt-install \
> > --name sev-test \
> > --memory 4096 \
> > --memtune hard_limit=4563402 \
> > --boot uefi \
> > --disk 
> > /var/lib/libvirt/images/debian-live-10.10.0-amd64-standard.iso,device=cdrom 
> > \
> > --disk /var/lib/libvirt/images/sev-test.qcow2,device=disk,bus=scsi \
> > --os-type linux \
> > --os-variant debian10 \
> > --import \
> > --controller type=scsi,model=virtio-scsi,driver.iommu=on \
> > --controller type=virtio-serial,driver.iommu=on \
> > --memballoon driver.iommu=on \
> > --graphics vnc,keymap=de,password='test passwd'  \
> > --network network=ovs-test,model=virtio,driver.iommu=on  \
> > --video=cirrus  \
> > --launchSecurity sev
> WARNING  Graphics requested but DISPLAY is not set. Not running virt-viewer.
> WARNING  No console to launch for the guest, defaulting to --wait -1
> 
> Starting install...
> 
> Domain is still running. Installation may be in progress.
> Waiting for the installation to complete.
> ---
>

Is there a reason why you do it this way and you use all these
options? Or is this just something you found on google?

Please try a much simpler approach for testing debian:

virt-install --virt-type kvm --name buster-amd64 \
--location http://deb.debian.org/debian/dists/buster/main/installer-amd64/ \
--os-variant debian10 \
--disk size=20 --memory 4096

This is btw. from the debian wiki (https://wiki.debian.org/KVM)

-H


-- 
Henning Follmann   | hfollm...@itcfollmann.com

Re: Error starting any Debian installation (on an AMD SEV enabled KVM)

[Henning Follmann]

On Mon, Aug 09, 2021 at 02:04:49PM +0200, Office onFocus wrote:
> I cannot start an installation of a debian * .iso (install, live, ..) from 
> any installation medium.
> 
> This problem affects all Debian images. There are no problems with Ubuntu or 
> CentOS! As soon as you 
> boot the ISO and click Install, there is no error message and the boot 
> process begins again (loop).

How did you create your installation media?

> 
> This problem has been around for a long time, and it only occurred to me now 
> that it only affects Debian. For testing I recommend the tutorial 
> https://docs.ovh.com/asia/en/dedicated/enable-and-use-amd-sme-sev/
> 
> Server: buster / sid
> Libvirt: 7.0.0-3
> qemu: 1: 5.2 + dfsg-11
> 
> I hope you can help me soon so that I can install a KVM (sev) with Debian.

I assume you want to create a KVM image? How do you try to start the instance
for installation?
(Please list the complete line for running kvm)

-H

-- 
Henning Follmann   | hfollm...@itcfollmann.com

Error starting any Debian installation (on an AMD SEV enabled KVM)

[Office onFocus]

I cannot start an installation of a debian * .iso (install, live, ..) from any 
installation medium.

This problem affects all Debian images. There are no problems with Ubuntu or 
CentOS! As soon as you 
boot the ISO and click Install, there is no error message and the boot process 
begins again (loop).

This problem has been around for a long time, and it only occurred to me now 
that it only affects Debian. For testing I recommend the tutorial 
https://docs.ovh.com/asia/en/dedicated/enable-and-use-amd-sme-sev/

Server: buster / sid
Libvirt: 7.0.0-3
qemu: 1: 5.2 + dfsg-11

I hope you can help me soon so that I can install a KVM (sev) with Debian.

Re: Trunk-bond-vlan-bridge on KVM and LXC host Stretch x Buster

[debbug]

Thanks for your replay, Reco.
 
Yes, in Stretch networking works  well both - with and/or without directive 
"auto".
 
In contrast Buster with:  
 
auto bond0.20
iface bond0.20 inet manual
 
auto bond0.21
iface bond0.21 inet manual
 
gateway is unreachable by ping.
 
So I don't know why yet.
Ales
 
 
 
From: Reco 
Date: Fri, 4 Jun 2021 16:51:05 +0300
 

It's just a guess, but you have "auto" for "bond0":

 

auto bond0
iface bond0 inet manual

 

But what you do not have is "auto" for VLAN interfaces you build on top of 
bond0:

 

iface bond0.20 inet manual
iface bond0.21 inet manual

 
 
 

Re: Trunk-bond-vlan-bridge on KVM and LXC host Stretch x Buster

[Reco]

Hi.

On Thu, Jun 03, 2021 at 03:28:47PM +0200, deb...@centrum.cz wrote:

It's just a guess, but you have "auto" for "bond0":

> auto bond0
> iface bond0 inet manual

But what you do not have is "auto" for VLAN interfaces you build on top
of bond0:

> iface bond0.20 inet manual
> iface bond0.21 inet manual

Reco

Trunk-bond-vlan-bridge on KVM and LXC host Stretch x Buster

[debbug]

 
Hello,
in Stretch I have done this by Debian way with /etc/network/interfaces an it 
goes well.
The same configuration in Buster is interpreted differently and doesn't work.
 
Config from interfaces:

auto lo
iface lo inet loopback
 
 
allow-hotplug ens3f0
iface ens3f0 inet manual
 
# The primary network interface
allow-hotplug ens3f1
iface ens3f1 inet manual
 
 
auto bond0
iface bond0 inet manual
bond-slaves ens3f0 ens3f1
bond-mode 1 
# bond-arp-validate all
# Specifies the MII link monitoring frequency in milliseconds. This determines 
how often the link state of each slave is inspected for link failures. 
# bond-miimon 500
bond-downdelay 500
# Specifies the time, in milliseconds, to wait before disabling a slave after a 
link failure has been detected.
bond-updelay 500
bond-primary ens3f1
bond-arp-interval 5000
bond-arp-ip-target 10.5.75.1
 
 
 
iface bond0.20 inet manual
iface bond0.21 inet manual
 
 
auto br0.20
iface br0.20 inet static
address 10.5.75.138
netmask 255.255.255.0
network 10.5.75.0
broadcast 10.5.75.255
gateway 10.5.75.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 10.5.64.4 10.5.65.4
dns-search domain.org
bridge_ports bond0.20
bridge_fd 0
bridge_maxwait 0
bridge_stp off
 
auto br0.21
iface br0.21 inet manual
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 10.5.64.4 10.5.65.4
dns-search domain.org
bridge_ports bond0.21
 
 
auto br0
iface br0 inet manual
bridge_ports bond0
bridge_fd 0
bridge_maxwait 0
bridge_stp off
bridge_vlan_aware yes
---
 
Interfaces in Stretch are generated :
 
bridge link
11: bond0 state UP :  mtu 1500 master 
br0 state forwarding priority 32 cost 2 
12: bond0.20 state UP @bond0:  mtu 1500 master 
br0.20 state forwarding priority 32 cost 2 
14: bond0.21 state UP @bond0:  mtu 1500 master 
br0.21 state forwarding priority 32 cost 2 
 
brctl show
bridge name bridge id STP enabled interfaces
br0 8000.001b21da10c0 no bond0
br0.20 8000.001b21da10c0 no bond0.20
br0.21 8000.001b21da10c0 no bond0.21
 
 
ip a s
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group 
default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host 
valid_lft forever preferred_lft forever
2: ens3f0:  mtu 1500 qdisc mq master 
bond0 state UP group default qlen 1000
link/ether 00:1b:21:da:10:c0 brd ff:ff:ff:ff:ff:ff
5: ens3f1:  mtu 1500 qdisc mq master 
bond0 state UP group default qlen 1000
link/ether 00:1b:21:da:10:c0 brd ff:ff:ff:ff:ff:ff
11: bond0:  mtu 1500 qdisc noqueue 
master br0 state UP group default qlen 1000
link/ether 00:1b:21:da:10:c0 brd ff:ff:ff:ff:ff:ff
12: bond0.20@bond0:  mtu 1500 qdisc noqueue 
master br0.20 state UP group default qlen 1000
link/ether 00:1b:21:da:10:c0 brd ff:ff:ff:ff:ff:ff
13: br0.20:  mtu 1500 qdisc noqueue state UP 
group default qlen 1000
link/ether 00:1b:21:da:10:c0 brd ff:ff:ff:ff:ff:ff
inet 10.5.75.137/24 brd 10.5.75.255 scope global br0.20
valid_lft forever preferred_lft forever
inet6 fe80::21b:21ff:feda:10c0/64 scope link 
valid_lft forever preferred_lft forever
14: bond0.21@bond0:  mtu 1500 qdisc noqueue 
master br0.21 state UP group default qlen 1000
link/ether 00:1b:21:da:10:c0 brd ff:ff:ff:ff:ff:ff
15: br0.21:  mtu 1500 qdisc noqueue state UP 
group default qlen 1000
link/ether 00:1b:21:da:10:c0 brd ff:ff:ff:ff:ff:ff
inet6 fe80::21b:21ff:feda:10c0/64 scope link 
valid_lft forever preferred_lft forever
16: br0:  mtu 1500 qdisc noqueue state UP 
group default qlen 1000
link/ether 00:1b:21:da:10:c0 brd ff:ff:ff:ff:ff:ff
inet6 fe80::21b:21ff:feda:10c0/64 scope link 
valid_lft forever preferred_lft forever
 
 
On Stretch this config operates as the first case of "Adding VLANs to the mix – the 
usual guest access mode" of DAVID VASSALLO'S BLOG
 
https://blog.davidvassallo.me/2012/05/05/kvm-brctl-in-linux-bringing-vlans-to-the-guests/
 
 
But in Buster devices generated as:
 
root@blade2:~# bridge link
8: bond0:  mtu 1500 master br0 state 
forwarding priority 32 cost 2 
 
root@blade2:~# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.9295da8a5326 no bond0
 
 
root@blade2:~# ip a s
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group 
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host 
valid_lft forever preferred_lft forever
3: ens3f0:  mtu 1500 qdisc mq master 
bond0 state UP group default qlen 1000
link/ether 92:95:da:8a:53:26 brd ff:ff:ff:ff:ff:ff
4: ens3f1:  mtu 1500 qdisc mq master 
bond0 state UP group default qlen 1000
link/ether 92:95:da:8a:53:26 brd ff:ff:ff:ff:ff:ff
8: bond0:  mtu 1500 qdisc noqueue 
master br0 state UP group default qlen 1000
link/ether 92:95:da:8a:53:26 brd ff:ff:ff:ff:ff:ff
9: br0:  mtu 1500 qdisc noqueue state UP group 
de

Re: KVM: GPU passthrough

[Gokan Atmaca]

ok it worked now. I reduced the ram size I gave for the GPU. But I saw
errors like the following.


---% kernel_err:

[9.487622] r8169 :02:00.0: firmware: failed to load
rtl_nic/rtl8168d-2.fw (-2)
[9.487697] firmware_class: See https://wiki.debian.org/Firmware
for information about missing firmware
[ 1159.047398] irq 16: nobody cared (try booting with the "irqpoll" option)
[ 1159.047534] handlers:
[ 1159.047572] [<7029899b>] usb_hcd_irq [usbcore]
[ 1164.024714] irq 16: nobody cared (try booting with the "irqpoll" option)
[ 1164.024846] handlers:
[ 1164.024883] [<7029899b>] usb_hcd_irq [usbcore]
[ 1268.843310] irq 16: nobody cared (try booting with the "irqpoll" option)
[ 1268.843448] handlers:
[ 1268.843487] [<7029899b>] usb_hcd_irq [usbcore]
[ 1323.645066] irq 16: nobody cared (try booting with the "irqpoll" option)
[ 1323.645198] handlers:
[ 1323.645236] [<7029899b>] usb_hcd_irq [usbcore]
root@homeKvm:~#

On Fri, Apr 30, 2021 at 7:36 PM Gokan Atmaca  wrote:
>
> system boots up but freezes. It just stays like that. I guess the
> problem is with the hardware.
>
>
>
> On Tue, Apr 27, 2021 at 6:14 PM Christian Seiler  wrote:
> >
> > Hi there,
> >
> > Am 2021-04-09 00:37, schrieb Gokan Atmaca:
> > > error:
> > > pci,host=:01:00.0,id=hostdev0,bus=pci.0,addr=0x9: vfio
> > > :01:00.0: group 1 is not viable
> > > Please ensure all devices within the iommu_group are bound to their
> > > vfio bus driver.
> >
> > This is a known issue with PCIe passthrough: depending on your
> > mainboard and CPU, some PCIe devices will be grouped together,
> > and you will either be able to forward _all_ devices in the
> > group to the VM or none at all.
> >
> > (If you have a "server" GPU that supports SR-IOV you'd have
> > additional options, but that doesn't appear to be the case.)
> >
> > This will highly depend on the PCIe slot the card is in, as well
> > as potentially some BIOS/UEFI settings on PCIe lane distribution.
> >
> > First let's find out what devices are in the same IOMMU group.
> >  From your kernel log:
> >
> > [0.592011] pci :00:01.0: Adding to iommu group 1
> > [0.594091] pci :01:00.0: Adding to iommu group 1
> > [0.594096] pci :01:00.1: Adding to iommu group 1
> >
> > Could you check with "lspci" what these devices are in your case?
> >
> > If you are comfortable forwarding the other two devices into the
> > VM as well, just add that to the list of passthrough devices,
> > then this should work.
> >
> > If you need the other two devices on the host, then you need to
> > either put the GPU into a different PCIe slot, put the other
> > devices into a different PCIe slot, or find some BIOS/UEFI setting
> > for PCIe lane management that separates the devices in question
> > into different IOMMU groups implicitly. (BIOS/UEFI settings will
> > typically not mention IOMMU groups at all, so look for "lane
> > management" or "lane distribution" or something along those
> > lines. You might need to drop some PCIe lanes from other devices
> > and give them directly to the GPU you want to pass through in
> > order for this to work, or vice-versa, depending on the specific
> > situation.)
> >
> > Note: the GUI tool "lstopo" from the package "hwloc" is _very_
> > useful to identify how the PCIe devices are organized in your
> > system and may give you a clue as to why your system is grouped
> > together in the way it is.
> >
> > Hope that helps.
> >
> > Regards,
> > Christian
> >

Re: KVM: GPU passthrough

[Christian Seiler]

Hi there,

Am 2021-04-09 00:37, schrieb Gokan Atmaca:

error:
pci,host=:01:00.0,id=hostdev0,bus=pci.0,addr=0x9: vfio
:01:00.0: group 1 is not viable
Please ensure all devices within the iommu_group are bound to their
vfio bus driver.


This is a known issue with PCIe passthrough: depending on your
mainboard and CPU, some PCIe devices will be grouped together,
and you will either be able to forward _all_ devices in the
group to the VM or none at all.

(If you have a "server" GPU that supports SR-IOV you'd have
additional options, but that doesn't appear to be the case.)

This will highly depend on the PCIe slot the card is in, as well
as potentially some BIOS/UEFI settings on PCIe lane distribution.

First let's find out what devices are in the same IOMMU group.
From your kernel log:

[0.592011] pci :00:01.0: Adding to iommu group 1
[0.594091] pci :01:00.0: Adding to iommu group 1
[0.594096] pci :01:00.1: Adding to iommu group 1

Could you check with "lspci" what these devices are in your case?

If you are comfortable forwarding the other two devices into the
VM as well, just add that to the list of passthrough devices,
then this should work.

If you need the other two devices on the host, then you need to
either put the GPU into a different PCIe slot, put the other
devices into a different PCIe slot, or find some BIOS/UEFI setting
for PCIe lane management that separates the devices in question
into different IOMMU groups implicitly. (BIOS/UEFI settings will
typically not mention IOMMU groups at all, so look for "lane
management" or "lane distribution" or something along those
lines. You might need to drop some PCIe lanes from other devices
and give them directly to the GPU you want to pass through in
order for this to work, or vice-versa, depending on the specific
situation.)

Note: the GUI tool "lstopo" from the package "hwloc" is _very_
useful to identify how the PCIe devices are organized in your
system and may give you a clue as to why your system is grouped
together in the way it is.

Hope that helps.

Regards,
Christian

Re: KVM: GPU passthrough

[Gokan Atmaca]

Hello

I have two GPUs.My other video card has arrived. The current error has changed.
what could be the problem ?


error:
Error starting domain: internal error: qemu unexpectedly closed the
monitor: 2021-04-27T11:26:00.638521Z qemu-system-x86_64:
-device vfio-pci,host=:06:00.0,id=hostdev0,bus=pci.0,addr=0xa:
vfio :06:00.0: failed to setup container for group
18: Failed to set iommu for container: Operation not permitted


-% modules:
vfio
vfio_iommu_type1
vfio_pci
vfio_virqfd

-% log:
dmesg | grep -E "DMAR|IOMMU"
[0.020358] ACPI: DMAR 0xBFE880C0 90 (v01 AMI
OEMDMAR  0001 MSFT 0097)
[0.052689] DMAR: IOMMU enabled
[0.124828] DMAR: Host address width 36
[0.124829] DMAR: DRHD base: 0x00fed9 flags: 0x1
[0.124834] DMAR: dmar0: reg_base_addr fed9 ver 1:0 cap
c90780106f0462 ecap f020e3
[0.124835] DMAR: RMRR base: 0x0e4000 end: 0x0e7fff
[0.124836] DMAR: RMRR base: 0x00bfeec000 end: 0x00bfef
[0.564105] DMAR: No ATSR found
[0.564226] DMAR: dmar0: Using Queued invalidation
[0.569521] DMAR: Intel(R) Virtualization Technology for Directed I/O

-% gpus:
01:00.0 VGA compatible controller [0300]: NVIDIA Corporation GT218
[GeForce 210] [10de:0a65] (rev a2)
01:00.1 Audio device [0403]: NVIDIA Corporation High Definition Audio
Controller [10de:0be3] (rev a1)

nvidia_uvm 36864  0
nvidia  10592256  77 nvidia_uvm
drm   552960  11 drm_kms_helper,nvidia,radeon,ttm

-% gpus:
06:00.0 VGA compatible controller [0300]: Advanced Micro Devices, Inc.
[AMD/ATI] Caicos [Radeon HD 6450/7450/8450 / R5 230 OEM] [1002:6779]
06:00.1 Audio device [0403]: Advanced Micro Devices, Inc. [AMD/ATI]
Caicos HDMI Audio [Radeon HD 6450 / 7450/8450/8490 OEM / R5
230/235/235X OEM] [1002:a..

radeon   1466368  2
ttm   102400  1 radeon
drm_kms_helper217088  1 radeon
i2c_algo_bit   16384  1 radeon
drm   552960  11 drm_kms_helper,nvidia,radeon,ttm

On Thu, Apr 15, 2021 at 4:22 PM Gokan Atmaca  wrote:
>
> Hello
>
> > Just to confirm: you have at least two graphics cards? One for
> > the host to boot with, one for your guest to take over?
>
> I saw it working in my trials. But of course, since there is only one
> graphics card, the image of the host system is gone. :) I am looking
> for a motherboard where I can install two graphics cards.
>
> On Fri, Apr 9, 2021 at 2:51 AM Dan Ritter  wrote:
> >
> > Gokan Atmaca wrote:
> > > Hello
> > >
> > > I want to use the graphics card directly in the virtual machine. IOMMU
> > > seems to be running, but unfortunately it doesn't work when I want to
> > > start the virtual machine.
> > >
> > >
> > > error:
> > > pci,host=:01:00.0,id=hostdev0,bus=pci.0,addr=0x9: vfio
> > > :01:00.0: group 1 is not viable
> > > Please ensure all devices within the iommu_group are bound to their
> > > vfio bus driver.
> >
> > Just to confirm: you have at least two graphics cards? One for
> > the host to boot with, one for your guest to take over?
> >
> > And you loaded the vfio mod and configured it with the PCI ids
> > for your second card? There could be several.
> >
> > -dsr-

Re: KVM: GPU passthrough

[Gokan Atmaca]

Hello

> Just to confirm: you have at least two graphics cards? One for
> the host to boot with, one for your guest to take over?

I saw it working in my trials. But of course, since there is only one
graphics card, the image of the host system is gone. :) I am looking
for a motherboard where I can install two graphics cards.

On Fri, Apr 9, 2021 at 2:51 AM Dan Ritter  wrote:
>
> Gokan Atmaca wrote:
> > Hello
> >
> > I want to use the graphics card directly in the virtual machine. IOMMU
> > seems to be running, but unfortunately it doesn't work when I want to
> > start the virtual machine.
> >
> >
> > error:
> > pci,host=:01:00.0,id=hostdev0,bus=pci.0,addr=0x9: vfio
> > :01:00.0: group 1 is not viable
> > Please ensure all devices within the iommu_group are bound to their
> > vfio bus driver.
>
> Just to confirm: you have at least two graphics cards? One for
> the host to boot with, one for your guest to take over?
>
> And you loaded the vfio mod and configured it with the PCI ids
> for your second card? There could be several.
>
> -dsr-

Re: KVM: GPU passthrough

[Dan Ritter]

Gokan Atmaca wrote: 
> Hello
> 
> I want to use the graphics card directly in the virtual machine. IOMMU
> seems to be running, but unfortunately it doesn't work when I want to
> start the virtual machine.
> 
> 
> error:
> pci,host=:01:00.0,id=hostdev0,bus=pci.0,addr=0x9: vfio
> :01:00.0: group 1 is not viable
> Please ensure all devices within the iommu_group are bound to their
> vfio bus driver.

Just to confirm: you have at least two graphics cards? One for
the host to boot with, one for your guest to take over?

And you loaded the vfio mod and configured it with the PCI ids
for your second card? There could be several.

-dsr-

KVM: GPU passthrough

[Gokan Atmaca]

Hello

I want to use the graphics card directly in the virtual machine. IOMMU
seems to be running, but unfortunately it doesn't work when I want to
start the virtual machine.


pci:

[0.010066] ACPI: DMAR 0x9D8B7000 70 (v01 INTEL  EDK2
  0002  0113)
[0.121392] DMAR: IOMMU enabled
[0.202324] DMAR: Host address width 39
[0.202325] DMAR: DRHD base: 0x00fed91000 flags: 0x1
[0.202331] DMAR: dmar0: reg_base_addr fed91000 ver 1:0 cap
d2008c40660462 ecap f050da
[0.202333] DMAR: RMRR base: 0x009e543000 end: 0x009e78cfff
[0.202336] DMAR-IR: IOAPIC id 2 under DRHD base  0xfed91000 IOMMU 0
[0.202338] DMAR-IR: HPET id 0 under DRHD base 0xfed91000
[0.202339] DMAR-IR: Queued invalidation will be enabled to support
x2apic and Intr-remapping.
[0.203666] DMAR-IR: Enabled IRQ remapping in x2apic mode
[0.391676] iommu: Default domain type: Translated
[0.591706] DMAR: No ATSR found
[0.591762] DMAR: dmar0: Using Queued invalidation
[0.591942] pci :00:00.0: Adding to iommu group 0
[0.592011] pci :00:01.0: Adding to iommu group 1
[0.592090] pci :00:08.0: Adding to iommu group 2
[0.592367] pci :00:14.0: Adding to iommu group 3
[0.592378] pci :00:14.2: Adding to iommu group 3
[0.592438] pci :00:16.0: Adding to iommu group 4
[0.592519] pci :00:17.0: Adding to iommu group 5
[0.592583] pci :00:1b.0: Adding to iommu group 6
[0.592674] pci :00:1c.0: Adding to iommu group 7
[0.592687] pci :00:1c.3: Adding to iommu group 7
[0.594066] pci :00:1f.0: Adding to iommu group 8
[0.594075] pci :00:1f.2: Adding to iommu group 8
[0.594084] pci :00:1f.4: Adding to iommu group 8
[0.594091] pci :01:00.0: Adding to iommu group 1
[0.594096] pci :01:00.1: Adding to iommu group 1
[0.594104] pci :02:00.0: Adding to iommu group 6
[0.594112] pci :03:00.0: Adding to iommu group 7
[0.594119] pci :04:00.0: Adding to iommu group 7
[0.594122] DMAR: Intel(R) Virtualization Technology for Directed I/O


error:
pci,host=:01:00.0,id=hostdev0,bus=pci.0,addr=0x9: vfio
:01:00.0: group 1 is not viable
Please ensure all devices within the iommu_group are bound to their
vfio bus driver.

Re: Screen scaling and 4k support in libvirt with qemu/kvm

[Rainer Dorsch]

Am Mittwoch, 27. Januar 2021, 10:55:53 CET schrieb Linux-Fan:
> Linux-Fan writes:
> > Rainer Dorsch writes:
> >> Hi,
> >> 
> >> with virtualbox, it is possible that the guest system rescales its screen
> >> if I change the window for the guest (and virtualbox guest tools are
> >> installed at
> >> least). Does anybody know if that is possible with
> >> virt-manager/libvirt/qemu/ kvm?
> > 
> > It is certainly possible to set the guest resolution to exactly match the
> > window size. I am not sure if it can be configured to _automatically_
> > adjust the guest resolution upon window size change though.
> > 
> > The protocol must support it, because I know that for Windows guest
> > systems, the Windows resolution adjusts to the window size. Unlike with
> > Linux guests, it does this in fixed steps of "common" monitor resolutions
> > and thus does not usually match the exact window size but something
> > smaller.
> > 
> > If you find out how to apply the sizes automatically on Linux, I'd be
> > interested to learn how that works :) If no „solution” exists yet, it
> > might
> > be easy to script (although I have not bothered to do that so far).
> 
> Update: I found out how to enable automatic resizing:
> 
>  * Install `qemu-guest-agent` in the VM in addition to running
>`spice-vdagent`
>  * Set Video model to VGA
> 
> This enables automatic resizing here although from "feeling" the graphics
> performance is worse than with QXL or virtio.

Many thanks for the quick response again.

I did not have spice-vdagent installed in the guest system. Installing spice-
vdagent and switching from QXL to virtio was sufficient here.

Interesting side effect:

On the host system, I get

rd@h370:~$ xrandr
Screen 0: minimum 320 x 200, current 3840 x 2160, maximum 8192 x 8192
HDMI-1 connected primary 3840x2160+0+0 (normal left inverted right x axis y 
axis) 609mm x 349mm
   3840x2160 30.00*   25.0024.0029.9723.98  
   2560x1440 59.95  
   2048x1280 59.99  
   2048x1080 24.00  
   1920x1080 60.0060.0050.0059.9430.0025.0024.00
29.9723.98  
   1920x1080i60.0050.0059.9450.00  
   1600x1200 60.00  
   1600x900  60.00  
   1280x1024 75.0260.02  
   1152x864  75.00  
   1280x720  60.0050.0059.94  
   1024x768  75.0360.00  
   800x600   75.0060.32  
   720x576   50.00  
   720x576i  50.00  
   720x480   60.0059.94  
   720x480i  60.0059.94  
   640x480   75.0060.0059.94  
   720x400   70.08  
HDMI-2 disconnected (normal left inverted right x axis y axis)
DP-1 disconnected (normal left inverted right x axis y axis)
rd@h370:~$ 

After installing spice-vdagent on the guest, I get there

rd@debianVM:~$ xrandr 
Screen 0: minimum 320 x 200, current 1920 x 1080, maximum 8192 x 8192
Virtual-0 connected primary 1920x1080+0+0 0mm x 0mm
   3840x2160 60.00 +
   1920x1200 59.95  
   1920x1080 60.00* 
   1600x1200 59.95  
   1680x1050 60.00  
   1400x1050 60.00  
   1280x1024 59.95  
   1440x900  59.99  
   1280x960  59.99  
   1280x854  59.95  
   1280x800  59.96  
   1280x720  59.97  
   1152x768  59.95  
   1024x768  59.95  
   800x600   59.96  
   848x480   59.94  
   720x480   59.94  
   640x480   59.94  
Virtual-1 disconnected
Virtual-2 disconnected
Virtual-3 disconnected
rd@debianVM:~$


Note, the repetition rate (at least virtually) doubles in the guest at 4K.

Pretty cool!

Thanks again
Rainer


-- 
Rainer Dorsch
http://bokomoko.de/

Re: Screen scaling and 4k support in libvirt with qemu/kvm

[Linux-Fan]

Linux-Fan writes:


Rainer Dorsch writes:


Hi,

with virtualbox, it is possible that the guest system rescales its screen if  
I change the window for the guest (and virtualbox guest tools are installed  
at

least). Does anybody know if that is possible with virt-manager/libvirt/qemu/
kvm?


It is certainly possible to set the guest resolution to exactly match the  
window size. I am not sure if it can be configured to _automatically_ adjust  
the guest resolution upon window size change though.


The protocol must support it, because I know that for Windows guest systems,  
the Windows resolution adjusts to the window size. Unlike with Linux guests,  
it does this in fixed steps of "common" monitor resolutions and thus does  
not usually match the exact window size but something smaller.


If you find out how to apply the sizes automatically on Linux, I'd be  
interested to learn how that works :) If no „solution” exists yet, it might  
be easy to script (although I have not bothered to do that so far).


Update: I found out how to enable automatic resizing:

* Install `qemu-guest-agent` in the VM in addition to running
  `spice-vdagent`
* Set Video model to VGA

This enables automatic resizing here although from "feeling" the graphics  
performance is worse than with QXL or virtio.


HTH
Linux-Fan

öö


pgpxa2xrz2c0D.pgp
Description: PGP signature

Re: Screen scaling and 4k support in libvirt with qemu/kvm

[Linux-Fan]

Rainer Dorsch writes:


Hi,

with virtualbox, it is possible that the guest system rescales its screen if  
I change the window for the guest (and virtualbox guest tools are installed at

least). Does anybody know if that is possible with virt-manager/libvirt/qemu/
kvm?


It is certainly possible to set the guest resolution to exactly match the  
window size. I am not sure if it can be configured to _automatically_ adjust  
the guest resolution upon window size change though.


The protocol must support it, because I know that for Windows guest systems,  
the Windows resolution adjusts to the window size. Unlike with Linux guests,  
it does this in fixed steps of "common" monitor resolutions and thus does  
not usually match the exact window size but something smaller.


If you find out how to apply the sizes automatically on Linux, I'd be  
interested to learn how that works :) If no „solution” exists yet, it might  
be easy to script (although I have not bothered to do that so far).


My usual approach to bypass guest system screen resolution issues is to use  
ssh -X from the host to the guest and then run the program under the host's  
X11 session.



Also I noticed that I cannot scale my guest higher than 1920x1200. Is the max
resolution configured somewhere or is this a fundamental limitation?


This very much sounds like you are either using the VGA video adapter or do  
not have `spice-vdagent` running in the guest system?


Set Video "Model" to either QXL or virtio in virt-manager and then in the  
guest system install and run `spice-vdagent`. This will not apply the  
resolution immediately, but invoking `xrandr` in the guest it should be  
possible to see a lot larger list of virtual screen resolutions including  
one to match the host window size and including sizes above 1920x1200.


HTH
Linux-Fan

öö

[...]


pgpHH0VkHwaRq.pgp
Description: PGP signature

Re: audio support in libvirt with qemu/kvm

[Christian Ehrhardt]

On Tue, Jan 26, 2021 at 4:07 PM Rainer Dorsch  wrote:
>
> Hi,
>
> I created a virtual machine using libvirt with qemu/kvm. To make it simple, I
> installed a Debian 10 guest on a Debian 10 host. I am wondering, if it is
> possible to access (pulse-)audio from the guest.

If you have - the optional but usually installed - package
qemu-system-gui then qemu is generally able to produce sound.
You said you drive your guest via libvirt, depending on your front end
to this it might just not have a sound device [1] configured.
You can usually add a sound device and select the type it emulates,
something like the following should do it:
  

You can then check these things (in order)
1. is the sound device in the guest seen and initialized?
2. play some continuous sound/music from the guest - is there any error?
3. check hosts pavucontrol if you need to assign the qemu process to a
particular output?


[1]: https://libvirt.org/formatdomain.html#sound-devices

> Any hint or advice is welcome.
>
> Thanks
> Rainer
> --
> Rainer Dorsch
> http://bokomoko.de/
>
>
>
> ___
> pkg-qemu-devel mailing list
> pkg-qemu-de...@alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-qemu-devel



-- 
Christian Ehrhardt
Staff Engineer, Ubuntu Server
Canonical Ltd

Screen scaling and 4k support in libvirt with qemu/kvm

[Rainer Dorsch]

Hi,

with virtualbox, it is possible that the guest system rescales its screen if I 
change the window for the guest (and virtualbox guest tools are installed at 
least). Does anybody know if that is possible with virt-manager/libvirt/qemu/
kvm?

Also I noticed that I cannot scale my guest higher than 1920x1200. Is the max 
resolution configured somewhere or is this a fundamental limitation?

Both my host and guest are Debian 10.

Thanks
Rainer

-- 
Rainer Dorsch
http://bokomoko.de/

Re: audio support in libvirt with qemu/kvm

[Rainer Dorsch]

Am Montag, 25. Januar 2021, 13:28:30 CET schrieb Linux-Fan:
> Various screenshots can be found on my KVM+virt-manager page at:
> https://masysma.lima-city.de/37/how_to_transition_from_virtualbox_to_kvm.xht
> ml

I found it, thanks for sharing the URL, very useful.

Rainer

-- 
Rainer Dorsch
http://bokomoko.de/

Re: audio support in libvirt with qemu/kvm

[Rainer Dorsch]

Am Sonntag, 24. Januar 2021, 23:04:54 CET schrieb Linux-Fan:
> Rainer Dorsch writes:
> > Hi,
> > 
> > I created a virtual machine using libvirt with qemu/kvm. To make it
> > simple, I installed a Debian 10 guest on a Debian 10 host. I am
> > wondering, if it is possible to access (pulse-)audio from the guest.
> > 
> > Any hint or advice is welcome.
> 
> For me it works out of the box in the way that I can hear sound played
> inside the VM and the VM can record from the microphone attached to the PC.
> 
> In virt-manager it appears as "Sound ich9" device added to the respective
> VMs. Host and guest both use Pulseaudio. In case you do not use GUI, it
> might be enough to add the following device in the VM's XML:
> 
> 
>function='0x0'/> 
> 
> I do not know if it can be made to work in a way that just a single pulse
> audio server is running -- in my configuration, the guest and host both have
> their respective pulse audio instances although the sound itself passes
> from the one to the other wihtout explicit configuration :)
> 

Thanks for the quick reply. I tried again and it seems sound works now :-) 

I also used virt-manager, but I did not find any sound devices in there. Are 
you using Debian 10? virt-manager from stable or stable-backports? Where do 
you see the "Sound ich9" device?

Thanks
Rainer
-- 
Rainer Dorsch
http://bokomoko.de/

Re: audio support in libvirt with qemu/kvm

[Linux-Fan]

Rainer Dorsch writes:


Am Sonntag, 24. Januar 2021, 23:04:54 CET schrieb Linux-Fan:
> Rainer Dorsch writes:
> > Hi,
> >
> > I created a virtual machine using libvirt with qemu/kvm. To make it
> > simple, I installed a Debian 10 guest on a Debian 10 host. I am
> > wondering, if it is possible to access (pulse-)audio from the guest.


[...]


Thanks for the quick reply. I tried again and it seems sound works now :-)

I also used virt-manager, but I did not find any sound devices in there. Are
you using Debian 10? virt-manager from stable or stable-backports? Where do
you see the "Sound ich9" device?


[...]

Open the VM in virt-manager, go to View > Details and then it either appears  
in the left pane (see attached screenshot if it makes it to the list...) or  
you can click on "Add Hardware" at the bottom left corner and then chose  
"Sound" from the left panel to add a virtual sound device.


I am using Debian 10 stable "Help > About" says version 2.0.0 of virt- 
manager. Debian package virt-manager is at version 1:2.0.0-3.


Various screenshots can be found on my KVM+virt-manager page at:
https://masysma.lima-city.de/37/how_to_transition_from_virtualbox_to_kvm.xhtml

HTH
Linux-Fan

öö





pgpli31din_iO.pgp
Description: PGP signature

audio support in libvirt with qemu/kvm

[Rainer Dorsch]

Hi,

I created a virtual machine using libvirt with qemu/kvm. To make it simple, I 
installed a Debian 10 guest on a Debian 10 host. I am wondering, if it is 
possible to access (pulse-)audio from the guest.

Any hint or advice is welcome.

Thanks
Rainer
-- 
Rainer Dorsch
http://bokomoko.de/

Re: audio support in libvirt with qemu/kvm

[Linux-Fan]

Rainer Dorsch writes:


Hi,

I created a virtual machine using libvirt with qemu/kvm. To make it simple, I
installed a Debian 10 guest on a Debian 10 host. I am wondering, if it is
possible to access (pulse-)audio from the guest.

Any hint or advice is welcome.


For me it works out of the box in the way that I can hear sound played  
inside the VM and the VM can record from the microphone attached to the PC.  

In virt-manager it appears as "Sound ich9" device added to the respective  
VMs. Host and guest both use Pulseaudio. In case you do not use GUI, it  
might be enough to add the following device in the VM's XML:


   
  
   


I do not know if it can be made to work in a way that just a single pulse  
audio server is running -- in my configuration, the guest and host both have  
their respective pulse audio instances although the sound itself passes from  
the one to the other wihtout explicit configuration :)


HTH
Linux-Fan

öö

[...]


pgplB56a2rMaA.pgp
Description: PGP signature

Re: QEMU-KVM VMs sometime freeze when I run them for a couple of days

[Bob McGowan]

On 1/6/21 5:33 AM, buz.hr...@seznam.cz wrote:

From: Nicholas Geovanis 


George Shuklin's comment may have intended this question too: Are backups 
running
somewhere when the VMs "randomly" hang? Not necessarily on the VM that hangs,
but somewhere touching a related filesystem, disk or network device?

Hi Nicholas,

Thank you for asking. No backups on the host or inside the guest. And nothing 
else IO intensive on the host. They're IO intensive tasks in some guests but as 
I mentioned it's difficult to say if those tasks trigger the freezing.

I've just been working on getting Qemu for powerpc to install NetBSD 9.1 
and had bunches of problems with the VM hanging during the install 
process.  This was using the current default Debian package, 3.1.0.


The Qemu website has source for version 5.2.0, which I downloaded and 
built.  It does not hang.


Perhaps upgrading is the answer?

Bob

Re: QEMU-KVM VMs sometime freeze when I run them for a couple of days

[buz.hrach]

From: Nicholas Geovanis 

> George Shuklin's comment may have intended this question too: Are backups 
> running
> somewhere when the VMs "randomly" hang? Not necessarily on the VM that hangs,
> but somewhere touching a related filesystem, disk or network device?

Hi Nicholas,

Thank you for asking. No backups on the host or inside the guest. And nothing 
else IO intensive on the host. They're IO intensive tasks in some guests but as 
I mentioned it's difficult to say if those tasks trigger the freezing.

Re: QEMU-KVM VMs sometime freeze when I run them for a couple of days

[Nicholas Geovanis]

George Shuklin's comment may have intended this question too: Are backups
running somewhere when the VMs "randomly" hang? Not necessarily on the VM
that hangs, but somewhere touching a related filesystem, disk or network
device?

On Sun, Dec 27, 2020, 4:33 AM  wrote:

> From: Dan Ritter 
>
> > You probably want to change that to 1 minute or so.
>
> Btw. could you please tell me how to do that?
>
> I know how to modify (=> override) systemd unit files but I have no idea
> how to change default timeout for mounted block devices that I didn't
> manually create in /etc/systemd/system/...
>
> Thank you.
>
> Robert
>
>

Re: QEMU-KVM VMs sometime freeze when I run them for a couple of days

[buz.hrach]

From: Dan Ritter 

> You probably want to change that to 1 minute or so.

Btw. could you please tell me how to do that?

I know how to modify (=> override) systemd unit files but I have no idea how to 
change default timeout for mounted block devices that I didn't manually create 
in /etc/systemd/system/...

Thank you.

Robert

Re: QEMU-KVM VMs sometime freeze when I run them for a couple of days

[George Shuklin]

On 12/24/20 8:34 PM, buz.hr...@seznam.cz wrote:

Hi Debian people ;-),

After having some issues with Fedora last year I decided to reinstall all my 
servers to Debian 10. I'm supper happy with Debian except one repeating issue I 
have with QEMU-KVM hosts that is very difficult to reproduce so I would like to 
discuss it first before I open a new bug. Could you please discuss it with me? 
;-)

I noticed that when I run VMs for a long period of time (a couple of days) one 
or multiple VMs quite often stuck. It is not possible to connect the stuck VMs 
using virt-manager and their serial consoles don't respond.

It is not possible to shut them down ("virsh shutdown vm"). Sometimes the stuck VMs can be powered 
down ("virsh destroy vm") but in most cases "virsh destroy" doesn't work. In that case 
the only thing to do is to shut down rest of running VMs (that do respond) and reboot the host.


From my past experience, we had had very similar issue on old Ubuntu, 
which had chance to show hung tasks and extremely low IO performance 
after snapshot been made.


Turns out, It was mega-obscure bug around race condition somewhere in 
the kernel, because fallocated file for filesystem is not the same as 
dully 'dd-ed' (we've used raw images). There is about 70% chance your 
case in not that bug, but to confirm/reject it, try to run VMs with raw 
images (no qcow2) which was dd if=/dev/zero of=image.img before been 
seeded with OS. If they stop showing this type of behavior, you have 
direction to investigate. If problem persists, then it's something 
different.

Re: QEMU-KVM VMs sometime freeze when I run them for a couple of days

[buz.hrach]

From: Dan Ritter 

Hi Dan, Thank you for answering ;-)

> First question: when they are just a few minutes old, does the
> serial console work?

Yes, 100%. I always configure serial console for all VMs both on QEMU (libvirt) 
and OS side.

> Second question: when the VMs are a few minutes old, does virsh
> shutdown work?

Yes, 100%. In most cases everything works just fine. Until I keep those VMs
running for days... And even then some virtualization hosts are just fine
and one or two has those frozen VMs.

> You probably want to change that to 1 minute or so.

Good point.

> Are the VMs set up to match the local hardware definition or be
> fully emulated?

Matching HW, all virtio, CPU pass-through for everything (=> maximum 
performance).

> And, especially: if they are not using virtio for disk and
> network address, try that ASAP.

They do.

==
  
...

  
  

...

...

  
  
  

  
  
  
  
  
  

===

Kind regards,
Robert

Re: QEMU-KVM VMs sometime freeze when I run them for a couple of days

[Dan Ritter]

buz.hr...@seznam.cz wrote: 
> Hi Debian people ;-),
> 
> After having some issues with Fedora last year I decided to reinstall all my 
> servers to Debian 10. I'm supper happy with Debian except one repeating issue 
> I have with QEMU-KVM hosts that is very difficult to reproduce so I would 
> like to discuss it first before I open a new bug. Could you please discuss it 
> with me? ;-)
> 
> I noticed that when I run VMs for a long period of time (a couple of days) 
> one or multiple VMs quite often stuck. It is not possible to connect the 
> stuck VMs using virt-manager and their serial consoles don't respond.


First question: when they are just a few minutes old, does the
serial console work?


> It is not possible to shut them down ("virsh shutdown vm"). Sometimes the 
> stuck VMs can be powered down ("virsh destroy vm") but in most cases "virsh 
> destroy" doesn't work. In that case the only thing to do is to shut down rest 
> of running VMs (that do respond) and reboot the host.

Second question: when the VMs are a few minutes old, does virsh
shutdown work?

> When I reboot/shutdown the host the reboot/shutdown takes approx. 30min.
> 
> This is how it looks like during the reboot / shutdown:
> ~~~
> [   ***] (1 of 4) A stop job is running for /dev/dm-1 (18min 6s / no limit)

You probably want to change that to 1 minute or so.

> As I mentioned it is very difficult to reproduce it since it takes days to 
> get into that situation. VMs that are more likely to get stuck are VMs that:
> 
> a) have larger virtual disks
> b) more intensive storage use (use more IOPs)
> c) have more vCPUs
> 
> The problem is that VMs with larger disks usually use more IOPs and also have 
> more vCPUs so it is difficult to say what exactly is the issue. Based on my 
> testing I thing that less vCPUs makes it less likely to get stuck but it's 
> difficult to say...
> 
> The only thing I'm confident is that the problem is not HW related - it 
> happened both on my SuperMicro with XEON E5 v2 and on other hardware with 
> Intel i7 7th gen.

Are the VMs set up to match the local hardware definition or be
fully emulated?

And, especially: if they are not using virtio for disk and
network address, try that ASAP.

> Btw. this has never happened on my laptop that has same configuration as the 
> server (+Desktop Env.) but I reboot it multiple time a week so that might be 
> an answer...

Not so much an answer as an explanation why you haven't seen it,
but, sure, that's plausible.

-dsr-

QEMU-KVM VMs sometime freeze when I run them for a couple of days

[buz.hrach]

Hi Debian people ;-),

After having some issues with Fedora last year I decided to reinstall all my 
servers to Debian 10. I'm supper happy with Debian except one repeating issue I 
have with QEMU-KVM hosts that is very difficult to reproduce so I would like to 
discuss it first before I open a new bug. Could you please discuss it with me? 
;-)

I noticed that when I run VMs for a long period of time (a couple of days) one 
or multiple VMs quite often stuck. It is not possible to connect the stuck VMs 
using virt-manager and their serial consoles don't respond.

It is not possible to shut them down ("virsh shutdown vm"). Sometimes the stuck 
VMs can be powered down ("virsh destroy vm") but in most cases "virsh destroy" 
doesn't work. In that case the only thing to do is to shut down rest of running 
VMs (that do respond) and reboot the host.

This is a kernel message I get in console that tells me that one or multiple 
VMs are stuck:
~~~
[686811.010084] INFO: task CPU 0/KVM:12193 blocked for more than 120 seconds.
[686811.017040]   Tainted: P   OE 4.19.0-12-amd64 #1 Debian 
4.19.152-1
[686811.024777] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
[686811.033012] INFO: task CPU 1/KVM:12194 blocked for more than 120 seconds.
[686811.039921]   Tainted: P   OE 4.19.0-12-amd64 #1 Debian 
4.19.152-1
[686811.047606] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
[686811.055803] INFO: task worker:5952 blocked for more than 120 seconds.
[686811.062355]   Tainted: P   OE 4.19.0-12-amd64 #1 Debian 
4.19.152-1
[686811.070048] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
[686811.078059] INFO: task worker:7667 blocked for more than 120 seconds.
[686811.084618]   Tainted: P   OE 4.19.0-12-amd64 #1 Debian 
4.19.152-1
[686811.092306] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
[686811.100296] INFO: task worker:4903 blocked for more than 120 seconds.
[686811.106849]   Tainted: P   OE 4.19.0-12-amd64 #1 Debian 
4.19.152-1
[686811.114530] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
[686811.122512] INFO: task worker:4905 blocked for more than 120 seconds.
[686811.129068]   Tainted: P   OE 4.19.0-12-amd64 #1 Debian 
4.19.152-1
[686811.136765] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
[686811.144771] INFO: task worker:4920 blocked for more than 120 seconds.
[686811.151328]   Tainted: P   OE 4.19.0-12-amd64 #1 Debian 
4.19.152-1
[686811.159009] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
[686811.167009] INFO: task worker:7328 blocked for more than 120 seconds.
[686811.173576]   Tainted: P   OE 4.19.0-12-amd64 #1 Debian 
4.19.152-1
[686811.181256] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
[686931.842071] INFO: task CPU 0/KVM:12193 blocked for more than 120 seconds.
[686931.849028]   Tainted: P   OE 4.19.0-12-amd64 #1 Debian 
4.19.152-1
[686931.856764] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
[686931.864997] INFO: task CPU 1/KVM:12194 blocked for more than 120 seconds.
[686931.871908]   Tainted: P   OE 4.19.0-12-amd64 #1 Debian 
4.19.152-1
[686931.879586] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
~~~

When I reboot/shutdown the host the reboot/shutdown takes approx. 30min.

This is how it looks like during the reboot / shutdown:
~~~
...
[1051413.325604] libvirt-guests.sh[10107]: error: Failed to shutdown domain 
de763fd3-043c-4f6f-b7f9-e134907b9f54
[1051413.325964] libvirt-guests.sh[10107]: error: Timed out during operation: 
cannot acquire state change lock (held by monitor=remoteDispatchDomainShutdown 
agent=remoteDispatchDomainShutdown)
...
[1053290.120617] reboot: Power down
~~~

Or systemd waits for LUKS encrypted block storage which doesn't make sense 
since LUKS is used only on SSD with the host OS and VMs run from a different 
SSDs.
~~~
[  OK  ] Stopped target Local File Systems (Pre).
[  OK  ] Stopped Create Static Device Nodes in /dev.
[  OK  ] Stopped Create System Users.
 Stopping Monitoring of LVM_meventd or progress polling...
[  OK  ] Stopped Monitoring of LVM2_ dmeventd or progress polling.
[FAILED] Failed deactivating swap swp.
 Stopping Cryptography Setup for swapluks1...
[  OK  ] Stopped Cryptography Setup for swapluks1.
 Stopping Load/Save Random Seed...
[  OK  ] Removed slice system-systemd\x2dcryptsetup.slice.
[  OK  ] Stopped Load/Save Random Seed.
[  OK  ] Stopped Remount Root and Kernel File Systems.
[  OK  ] Reached target Shutdown.
[   **

Re: Encrypting boot partition in guest results in boot failure libvirt qemu-kvm

[john doe]

On 10/10/2020 6:25 PM, john doe wrote:

On 10/10/2020 5:10 PM, Charles Curley wrote:

On Sat, 10 Oct 2020 08:06:16 +0200
john doe  wrote:


No, I'm not even getting the grub bootloader.


If you aren't even getting to to GRUB, then your problem isn't an
encrypted /boot partition, it's something else. Possibly something you
did in the process of encrypting /boot. Possibly a limitation in
libvirt.



Okay, I have installed Debian Buster encrypted lvm using virt-install,
done the commands to encrypt the boot partition.
If I boot the VM with qemu directly, it works as I would expected to but
as long as I use Libvirt it does not.

With apparmor disabled, I as you conclude that the issue is libvirt
related.

I'm not seeing anything in the log that would indicate where the issue
lies.



Is it working for you?


No. I have looked at the process but not tried it yet. I will probably
experiment with a Bullseye installation.



Installing the VM with encrypted lvm is straight forward making the root
partition encrypted and working well.



Thanks to the libvirt folks (1), I got it working by doing:

Add those two lines in the domain xml in the os section

  



  


The package 'sgabios' may also be needed.


1)  https://www.redhat.com/archives/libvirt-users/2020-October/msg00052.html

--
John Doe

Re: Encrypting boot partition in guest results in boot failure libvirt qemu-kvm

[john doe]

On 10/10/2020 5:10 PM, Charles Curley wrote:

On Sat, 10 Oct 2020 08:06:16 +0200
john doe  wrote:


No, I'm not even getting the grub bootloader.


If you aren't even getting to to GRUB, then your problem isn't an
encrypted /boot partition, it's something else. Possibly something you
did in the process of encrypting /boot. Possibly a limitation in
libvirt.



Okay, I have installed Debian Buster encrypted lvm using virt-install,
done the commands to encrypt the boot partition.
If I boot the VM with qemu directly, it works as I would expected to but
as long as I use Libvirt it does not.

With apparmor disabled, I as you conclude that the issue is libvirt related.

I'm not seeing anything in the log that would indicate where the issue lies.



Is it working for you?


No. I have looked at the process but not tried it yet. I will probably
experiment with a Bullseye installation.



Installing the VM with encrypted lvm is straight forward making the root
partition encrypted and working well.

--
John Doe

Re: Encrypting boot partition in guest results in boot failure libvirt qemu-kvm

[Charles Curley]

On Sat, 10 Oct 2020 08:06:16 +0200
john doe  wrote:

> No, I'm not even getting the grub bootloader.

If you aren't even getting to to GRUB, then your problem isn't an
encrypted /boot partition, it's something else. Possibly something you
did in the process of encrypting /boot. Possibly a limitation in
libvirt.

> 
> Is it working for you?

No. I have looked at the process but not tried it yet. I will probably
experiment with a Bullseye installation.

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: Encrypting boot partition in guest results in boot failure libvirt qemu-kvm

[john doe]

On 10/9/2020 9:45 PM, Charles Curley wrote:

On Fri, 9 Oct 2020 19:28:59 +0200
john doe  wrote:


Now I would like to encrypt the boot partition,, I can succesfully
encrypt the boot partition.
As soon as I restart the guest, I can no longer access the guest as it
will not boot at all.


Are you not even getting to the grub boot loader? If you are, I suspect
you need to set up grub to handle the encrypted boot partition.



No, I'm not even getting the grub bootloader.

Is it working for you?

--
John Doe

Re: Encrypting boot partition in guest results in boot failure libvirt qemu-kvm

[Charles Curley]

On Fri, 9 Oct 2020 19:28:59 +0200
john doe  wrote:

> Now I would like to encrypt the boot partition,, I can succesfully
> encrypt the boot partition.
> As soon as I restart the guest, I can no longer access the guest as it
> will not boot at all.

Are you not even getting to the grub boot loader? If you are, I suspect
you need to set up grub to handle the encrypted boot partition.

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Encrypting boot partition in guest results in boot failure libvirt qemu-kvm

[john doe]

Debians,

I'm using libvirt with qemu-kvm to install Debian Buster VM with
encrypted lvm.
The installation and booting the guest works fine.

Now I would like to encrypt the boot partition,, I can succesfully
encrypt the boot partition.
As soon as I restart the guest, I can no longer access the guest as it
will not boot at all.


Doing this process on an other host but directly invoking qemu works
flowlessly.

Is there something that I need to change in the domain xml?


Obviously, I'm missing something, any input on what is welcome.


--
John Doe

Re: dhcp bridge for virtual machines using KVM

[Lucas Castro]

On 9/23/20 2:25 AM, Fabien Roucaute wrote:

Le 22/09/2020 à 22:57, James Allsopp a écrit :


On Tue, 22 Sep 2020 at 17:58, Fabien Roucaute mailto:fabien.rouca...@free.fr>> wrote:

 Le 22/09/2020 à 18:50, James Allsopp a écrit :
 >
 > I've tried that but I get the same result.
 > Thanks
 > James
 >

 You need to answer to the mailing-list email address, not mine.
 If it still doesn't work, we need more information, like the result of
 the following commands (you should modify the public IP that appears in
 if it's the case)
 'ip a'
 'iptables-save'
 'brctl show'


Here's ip a
  ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN
group default qlen 1000
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8  scope host lo
        valid_lft forever preferred_lft forever
     inet6 ::1/128 scope host
        valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast
state DOWN group default qlen 1000
     link/ether 00:1d:7d:0d:2a:9f brd ff:ff:ff:ff:ff:ff
3: eth1:  mtu 1500 qdisc pfifo_fast
master br0 state UP group default qlen 1000
     link/ether 00:1d:7d:0d:2a:9d brd ff:ff:ff:ff:ff:ff
4: wlan0:  mtu 1500 qdisc noqueue state
UP group default qlen 1000
     link/ether b4:ee:b4:84:37:2a brd ff:ff:ff:ff:ff:ff
     inet 192.168.1.174/24  brd 192.168.1.255
scope global dynamic noprefixroute wlan0
        valid_lft 27656sec preferred_lft 27656sec
     inet6 fde6:4511:f54::a55/128 scope global noprefixroute
        valid_lft forever preferred_lft forever
     inet6 fde6:4511:f54:0:f195:8361:215d:5f17/64 scope global noprefixroute
        valid_lft forever preferred_lft forever
     inet6 fe80::4bf0:ca57:25f0:ed7f/64 scope link noprefixroute
        valid_lft forever preferred_lft forever
5: br0:  mtu 1500 qdisc noqueue state
UP group default qlen 1000
     link/ether 00:1d:7d:0d:2a:9d brd ff:ff:ff:ff:ff:ff
     inet 192.168.1.206/24  brd 192.168.1.255
scope global dynamic br0
        valid_lft 27655sec preferred_lft 27655sec
     inet6 fde6:4511:f54:0:21d:7dff:fe0d:2a9d/64 scope global dynamic


Is there a physical interface attached in on your bridge?

What 'brctl show' return?


mngtmpaddr
        valid_lft forever preferred_lft forever
     inet6 fe80::21d:7dff:fe0d:2a9d/64 scope link
        valid_lft forever preferred_lft forever
6: docker0:  mtu 1500 qdisc noqueue
state DOWN group default
     link/ether 02:42:12:5f:1a:5e brd ff:ff:ff:ff:ff:ff
     inet 172.17.0.1/16  brd 172.17.255.255 scope
global docker0
        valid_lft forever preferred_lft forever
8: vnet0:  mtu 1500 qdisc pfifo_fast
master br0 state UNKNOWN group default qlen 1000
     link/ether fe:54:00:8a:6e:57 brd ff:ff:ff:ff:ff:ff
     inet6 fe80::fc54:ff:fe8a:6e57/64 scope link
        valid_lft forever preferred_lft forever


Here's iptables -L
  iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy DROP)
target     prot opt source               destination
DOCKER-USER  all  --  anywhere             anywhere
DOCKER-ISOLATION-STAGE-1  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             ctstate
RELATED,ESTABLISHED
DOCKER     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain DOCKER (1 references)
target     prot opt source               destination

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target     prot opt source               destination
DOCKER-ISOLATION-STAGE-2  all  --  anywhere             anywhere
RETURN     all  --  anywhere             anywhere

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere
RETURN     all  --  anywhere             anywhere

Chain DOCKER-USER (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

and brctl show

bridge name     bridge id               STP enabled     interfaces
br0             8000.001d7d0d2a9d       no              eth1
                                                         vnet0
docker0         8000.0242125f1a5e       no

Thanks!
James

I forgot to ask for the routing table, could you post the result of 'ip
r' ? Otherwise, can I ask why you think you need a Wifi connection and
wired one but assigned to them ip addresses that are in the same subnet?
Because you can access the host and the VMs on different IPs with only
the wired NIC.


--
Lucas Castro

Re: dhcp bridge for virtual machines using KVM

[john doe]

On 9/23/2020 3:14 PM, Fabien Roucaute wrote:

Le 23/09/2020 à 13:50, James Allsopp a écrit :


Yes, it's a bit odd,but the reason I want to do it like this is that the
wifi is pretty fast and the ethernet is constrained by powerline
networking to about 50Mbps. However, I can't run a bridge over the wifi,
so I'm trying to run all the host activity over the wifi and reserve the
ethernet just for the vm bridge.

In answer to your question;
❱ ip r
default via 192.168.1.1 dev br0
default via 192.168.1.1 dev wlan0 proto dhcp metric 600
172.17.0.0/16  dev docker0 proto kernel scope link
src 172.17.0.1 linkdown
192.168.1.0/24  dev br0 proto kernel scope link
src 192.168.1.206
192.168.1.0/24  dev wlan0 proto kernel scope link
src 192.168.1.174 metric 600

Thanks
James


You really should answer to the list email address ;)
The only problem he can see is that the vnet0 interface seems to be tied
to the bridge br0, it seems odd and it could be the cause of the problem
even if I'm not 100% sure. Try to delete the virtual network named
'host-bridge'. And where did you bind the "bridge" in the forward mode
for a virtual network? I can't find it in the libvirt documentation.



Try to install a VM with '--bridge=br0' and see if it works there.

--
John Doe

Re: dhcp bridge for virtual machines using KVM

[Fabien Roucaute]

Le 23/09/2020 à 13:50, James Allsopp a écrit :

> Yes, it's a bit odd,but the reason I want to do it like this is that the
> wifi is pretty fast and the ethernet is constrained by powerline
> networking to about 50Mbps. However, I can't run a bridge over the wifi,
> so I'm trying to run all the host activity over the wifi and reserve the
> ethernet just for the vm bridge.
> 
> In answer to your question;
> ❱ ip r                                                                    
> default via 192.168.1.1 dev br0
> default via 192.168.1.1 dev wlan0 proto dhcp metric 600
> 172.17.0.0/16  dev docker0 proto kernel scope link
> src 172.17.0.1 linkdown
> 192.168.1.0/24  dev br0 proto kernel scope link
> src 192.168.1.206
> 192.168.1.0/24  dev wlan0 proto kernel scope link
> src 192.168.1.174 metric 600
> 
> Thanks
> James

You really should answer to the list email address ;)
The only problem he can see is that the vnet0 interface seems to be tied
to the bridge br0, it seems odd and it could be the cause of the problem
even if I'm not 100% sure. Try to delete the virtual network named
'host-bridge'. And where did you bind the "bridge" in the forward mode
for a virtual network? I can't find it in the libvirt documentation.

Re: dhcp bridge for virtual machines using KVM

[James Allsopp]

On Tue, 22 Sep 2020 at 22:30, Lucas Castro  wrote:

>
> On 9/22/20 5:54 PM, James Allsopp wrote:
>
>
>
> On Tue, 22 Sep 2020 at 19:47, Lucas Castro  wrote:
>
>>
>> On 9/22/20 1:26 PM, James Allsopp wrote:
>> > Hi,
>> > I've got a computer that I'm running debian 10 on with KVM. The
>> > machine is connected to a OpenWRT router which provides DHCP and DNS
>> > to the network, via a wifi link used for the host and an ethernet
>> > connection on eth1 used for a bridge
>>
>> Is your OpenWRT router running in vm on the same host or somewhere else
>> throughout physical network eth1?
>>
>>
> The OpenWRT is a completely separate device running at the end of the
> cable connected to eth1. The Wireless is also connected to an AP on that
> router. All of this is on the 192.168.1.* network.
>
>
>
>> >
>> > I've set this file up for the bridge in /etc/network/interfaces.d/br0
>> > auto eth1
>> > auto br0
>> > iface br0 inet dhcp
>> > bridge_ports eth1
>> > bridge_fd 0
>> > bridge_stp off
>> >
>> > ifup br0 brought it up nicely and it got an IP address in the range
>> > I'd expect. So far so good. The only problem is now, I can't get any
>> > of the VM's I create to use this network. When creating a VM using
>> > Virtual Machine Manager, it gives me the option to specify shared
>> > device name for the network source. One of these is for a network I
>> > already created in virsh;
>> >
>> > 
>> >   host-bridge
>> >   
>> >   
>> > 
>>
> Try something like this ti get your vm settings.
>
> virsh -c qemu:///system dumpxml ${GUEST_NAME} | egrep -A5 -i
> "network|bridge"
>
>
> i.e.
>
> virsh -c qemu:///system dumpxml Buster | egrep -A5 -i "network|bridge"
> 
>   
>   
>   
>   
>   
>function='0x0'/>
> 
> 
>   
>   
>   
>   
>   
>function='0x0'/>
> 
>
> >
>> > However, if I set the network to either 'host-bridge' or br0 directly,
>> > the route is never set and I can never get  a dhcp setting. I've
>> > checked ip_forward is set to 1.
>> >
>> > I'd just like to set it up this way, as it seems really inefficient to
>> > have a dhcp and then use difficult to remember static IP's everywhere.
>> >
>> > Thanks
>> > James
>> >
>> >
>> --
>> Lucas Castro
>>
>> Here's what I get;
 virsh -c qemu:///system dumpxml proxy1 | egrep -A5 -i "network|bridge"

  
  
  
  


  

 12:40:09 pm BST  james  BigRaid 
❱ virsh -c qemu:///system dumpxml debian10 | egrep -A5 -i "network|bridge"

  
  
  
  


  
 Thanks
James

> --
> Lucas Castro
>
>