[libvirt] kvm network modes
Hi all, On an ubuntu host, I have the network: virsh # net-dumpxml default network namedefault/name uuid9af73579-2dea-d0a9-020d-a45b0526b07f/uuid forward mode='nat'/ bridge name='virbr0' stp='on' forwardDelay='0' / ip address='192.168.122.1' netmask='255.255.255.0' dhcp range start='192.168.122.2' end='192.168.122.254' / /dhcp /ip /network Would you now some doecumentation on non NATing configuration? I would like to give my guests public IP adresses. I create my guests using: virt-install --connect qemu:///system \ [...] \ --network=network:default where 'default' is the configuration above. -- Architecte Informatique chez Blueline/Gulfsat: Administration Systeme, Recherche Developpement +261 33 11 207 36 -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Add missing OOM error checks, reports and cleanups
On Sun, Nov 08, 2009 at 10:40:42PM +0100, Matthias Bolte wrote: diff --git a/src/conf/node_device_conf.c b/src/conf/node_device_conf.c index c2c5a44..c5083cc 100644 --- a/src/conf/node_device_conf.c +++ b/src/conf/node_device_conf.c @@ -1057,13 +1057,18 @@ virNodeDeviceDefParseXML(virConnectPtr conn, xmlXPathContextPtr ctxt, int create /* Extract device name */ if (create == EXISTING_DEVICE) { def-name = virXPathString(conn, string(./name[1]), ctxt); + +if (!def-name) { +virNodeDeviceReportError(conn, VIR_ERR_NO_NAME, NULL); +goto error; +} } else { def-name = strdup(new device); -} -if (!def-name) { -virNodeDeviceReportError(conn, VIR_ERR_NO_NAME, NULL); -goto error; +if (!def-name) { +virReportOOMError(conn); +goto error; +} } /* Extract device parent, if any */ I disagree with this one. The XPath string(./name[1]) can fail without this being an allocation error, it mays just be that there is no name element at the current node, and current behaviour looks better to me. Moreover if virXPathString() returns NULL because of a string allocation error it will already raise an OOMError [...] diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index ee7a046..c866111 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -870,12 +870,12 @@ doRemoteOpen (virConnectPtr conn, } if(VIR_ALLOC(priv-callbackList)0) { -error(conn, VIR_ERR_INVALID_ARG, _(Error allocating callbacks list)); +virReportOOMError(conn); goto failed; } if(VIR_ALLOC(priv-domainEvents)0) { -error(conn, VIR_ERR_INVALID_ARG, _(Error allocating domainEvents)); +virReportOOMError(conn); goto failed; } @@ -2751,9 +2751,18 @@ remoteListDefinedDomains (virConnectPtr conn, char **const names, int maxnames) * names and the list of pointers, so we have to strdup the * names here. */ -for (i = 0; i ret.names.names_len; ++i) +for (i = 0; i ret.names.names_len; ++i) { names[i] = strdup (ret.names.names_val[i]); +if (names[i] == NULL) { +for (--i; i = 0; --i) +VIR_FREE(names[i]); + +virReportOOMError(conn); +goto cleanup; +} +} + rv = ret.names.names_len; cleanup: @@ -3086,7 +3095,7 @@ remoteDomainSetSchedulerParameters (virDomainPtr domain, /* Serialise the scheduler parameters. */ args.params.params_len = nparams; if (VIR_ALLOC_N(args.params.params_val, nparams) 0) { -error (domain-conn, VIR_ERR_RPC, _(out of memory allocating array)); +virReportOOMError(domain-conn); goto done; } @@ -3432,9 +3441,18 @@ remoteListNetworks (virConnectPtr conn, char **const names, int maxnames) * names and the list of pointers, so we have to strdup the * names here. */ -for (i = 0; i ret.names.names_len; ++i) +for (i = 0; i ret.names.names_len; ++i) { names[i] = strdup (ret.names.names_val[i]); +if (names[i] == NULL) { +for (--i; i = 0; --i) +VIR_FREE(names[i]); + +virReportOOMError(conn); +goto cleanup; +} +} + rv = ret.names.names_len; cleanup: @@ -3505,9 +3523,18 @@ remoteListDefinedNetworks (virConnectPtr conn, * names and the list of pointers, so we have to strdup the * names here. */ -for (i = 0; i ret.names.names_len; ++i) +for (i = 0; i ret.names.names_len; ++i) { names[i] = strdup (ret.names.names_val[i]); +if (names[i] == NULL) { +for (--i; i = 0; --i) +VIR_FREE(names[i]); + +virReportOOMError(conn); +goto cleanup; +} +} + rv = ret.names.names_len; cleanup: @@ -3921,9 +3948,18 @@ remoteListInterfaces (virConnectPtr conn, char **const names, int maxnames) * names and the list of pointers, so we have to strdup the * names here. */ -for (i = 0; i ret.names.names_len; ++i) +for (i = 0; i ret.names.names_len; ++i) { names[i] = strdup (ret.names.names_val[i]); +if (names[i] == NULL) { +for (--i; i = 0; --i) +VIR_FREE(names[i]); + +virReportOOMError(conn); +goto cleanup; +} +} + rv = ret.names.names_len; cleanup: @@ -3993,9 +4029,18 @@ remoteListDefinedInterfaces (virConnectPtr conn, char **const names, int maxname * names and the list of pointers, so we have to strdup the * names here. */ -for (i = 0; i ret.names.names_len; ++i) +for (i = 0; i ret.names.names_len; ++i) { names[i] = strdup
Re: [libvirt] [PATCH 2/2] qemu: Use same create/define overwrite logic for migration prepare.
On Fri, Nov 06, 2009 at 02:26:04PM +0100, Daniel Veillard wrote: On Wed, Nov 04, 2009 at 03:06:59PM -0500, Cole Robinson wrote: Signed-off-by: Cole Robinson crobi...@redhat.com --- src/qemu/qemu_driver.c | 30 -- 1 files changed, 4 insertions(+), 26 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 20621d1..53f7398 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -5978,19 +5978,8 @@ qemudDomainMigratePrepareTunnel(virConnectPtr dconn, /* Target domain name, maybe renamed. */ dname = dname ? dname : def-name; -/* Ensure the name and UUID don't already exist in an active VM */ -vm = virDomainFindByUUID(driver-domains, def-uuid); - -if (!vm) vm = virDomainFindByName(driver-domains, dname); -if (vm) { -if (virDomainObjIsActive(vm)) { -qemudReportError(dconn, NULL, NULL, VIR_ERR_OPERATION_FAILED, - _(domain with the same name or UUID already exists as '%s'), - vm-def-name); -goto cleanup; -} -virDomainObjUnlock(vm); -} +if (virDomainObjIsDuplicate(driver-domains, def, 1) 0) +goto cleanup; if (!(vm = virDomainAssignDef(dconn, driver-caps, @@ -6202,19 +6191,8 @@ qemudDomainMigratePrepare2 (virConnectPtr dconn, /* Target domain name, maybe renamed. */ dname = dname ? dname : def-name; -/* Ensure the name and UUID don't already exist in an active VM */ -vm = virDomainFindByUUID(driver-domains, def-uuid); - -if (!vm) vm = virDomainFindByName(driver-domains, dname); -if (vm) { -if (virDomainObjIsActive(vm)) { -qemudReportError (dconn, NULL, NULL, VIR_ERR_OPERATION_FAILED, - _(domain with the same name or UUID already exists as '%s'), - vm-def-name); -goto cleanup; -} -virDomainObjUnlock(vm); -} +if (virDomainObjIsDuplicate(driver-domains, def, 1) 0) +goto cleanup; if (!(vm = virDomainAssignDef(dconn, driver-caps, Hum, there is a slight change of semantic in that case, if VM migrated from A to B, then gets renamed on B, if you try to migrate it back to A that will fail because the uuid match/name mismatch failure will be raised while this won't be the case with current code, right ? Maybe it's the right thing to do, but that's a change I think Yes that is the correct behaviour - if the admin renames the guest on B, then they should either undefine its config on A, or rename it on A too. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Add missing OOM error checks, reports and cleanups
On Mon, Nov 09, 2009 at 12:07:40PM +0100, Matthias Bolte wrote: 2009/11/9 Daniel Veillard veill...@redhat.com: On Sun, Nov 08, 2009 at 10:40:42PM +0100, Matthias Bolte wrote: diff --git a/src/conf/node_device_conf.c b/src/conf/node_device_conf.c index c2c5a44..c5083cc 100644 --- a/src/conf/node_device_conf.c +++ b/src/conf/node_device_conf.c @@ -1057,13 +1057,18 @@ virNodeDeviceDefParseXML(virConnectPtr conn, xmlXPathContextPtr ctxt, int create /* Extract device name */ if (create == EXISTING_DEVICE) { def-name = virXPathString(conn, string(./name[1]), ctxt); + + if (!def-name) { + virNodeDeviceReportError(conn, VIR_ERR_NO_NAME, NULL); + goto error; + } } else { def-name = strdup(new device); - } - if (!def-name) { - virNodeDeviceReportError(conn, VIR_ERR_NO_NAME, NULL); - goto error; + if (!def-name) { + virReportOOMError(conn); + goto error; + } } /* Extract device parent, if any */ I disagree with this one. The XPath string(./name[1]) can fail without this being an allocation error, it mays just be that there is no name element at the current node, and current behaviour looks better to me. Moreover if virXPathString() returns NULL because of a string allocation error it will already raise an OOMError I think you misread this one. The original code assigns the result of virXPathString() or strdup() to def-name. After that it checks def-name for NULL and reports an no-name error even if the NULL was returned by strdup(), indicating an OOM error. Whoops, right :-) Rereading the patch it's fine ! I moved the no-name error report into the virXPathString() case and added an OOM error in the strdup() case. [...] So you had to add a filed in the iterator structure to report OOMs while running the iterator, nice work ! Well, DPB used this pattern in his Convert virDomainObjListPtr to use a hash of domain objects patch, I just applied it here too :-) ACK except for the one in virNodeDeviceDefParseXML(), very good job you must have spent a lot of time, thanks a lot ! Daniel It took some hours, but the task was simple: search and fix. Well thanks a lot ! and ACK :-) Danie -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 0/6] Add internal APIs for disabling error reporting
On Thu, Nov 05, 2009 at 01:17:41PM -0500, Cole Robinson wrote: In testing migration, I was hitting an error in the Perform step, but this was being returned as 'Unknown Error' via virsh. The reason is that even a failed Perform will call MigrateFinish to do cleanup, but Finish will always return an NULL == error in that case, overwriting the original message. I've added internal APIs which allow temporarily disabling error reporting: any ReportError calls will log the error message, but will not overwrite the previous error and will not trigger the error callback. These APIs are then used in a few places where they are needed. I don't particularly like this as a concept. Could we do this the other way around, whereby we call virSaveLastError() before the bit of code which might clobber the error we want, and then add a new method to set it back afterwards. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 0/6] Add internal APIs for disabling error reporting
On Mon, Nov 09, 2009 at 08:29:04AM -0500, Cole Robinson wrote: On 11/09/2009 07:57 AM, Daniel P. Berrange wrote: On Thu, Nov 05, 2009 at 01:17:41PM -0500, Cole Robinson wrote: In testing migration, I was hitting an error in the Perform step, but this was being returned as 'Unknown Error' via virsh. The reason is that even a failed Perform will call MigrateFinish to do cleanup, but Finish will always return an NULL == error in that case, overwriting the original message. I've added internal APIs which allow temporarily disabling error reporting: any ReportError calls will log the error message, but will not overwrite the previous error and will not trigger the error callback. These APIs are then used in a few places where they are needed. I don't particularly like this as a concept. Could we do this the other way around, whereby we call virSaveLastError() before the bit of code which might clobber the error we want, and then add a new method to set it back afterwards. Daniel Tried that originally. Problem is it doesn't easily work for virsh. If a libvirt call errors, virsh doesn't print the last error from GetLastError, it prints the last error that triggered the error callback. So for the end result to be reached, we would need to fire error callback twice for the same msg: once when the msg is raised, again when we reraise it after it was squashed. That would muddle up debug output at least. That's actually a flaw in the way we trigger the error callback. In the current code we fire the callback the momnent virRaiseError is called internally. This is bad because internal code may reset the error if it doesn't want it propagated. It is also bad because the callpath may be holding active mutex locks which can then result in deadlock if the error callback impl from the app calls back into libvirt. We need the triggering of the error callback to be the absolute last thing done in the API call, which means it really needs to be triggered explicitly from the entry points in src/libvirt.c. I started work on this a while back, but then got side-tracked so never finished it http://gitorious.org/~berrange/libvirt/staging/commits/error-callbacks Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/2] add ebtables wrapper
On Wed, Nov 04, 2009 at 05:12:30PM +0100, Gerhard Stenzel wrote: On Tue, 2009-11-03 at 23:17 +0100, Daniel Veillard wrote: On Tue, Oct 27, 2009 at 12:36:09PM +0100, Gerhard Stenzel wrote: This patch adds the files which implement the ebtables wrapper. Signed-off-by: Gerhard Stenzel gerhard.sten...@de.ibm.com ... +/** + * ebtablesSaveRules: + * @ctx: pointer to the EB table context + * + * Saves all the EB table rules associated with a context + * to disk so that if ebtables is restarted, the rules + * will automatically be reload. + */ +void +ebtablesSaveRules(ebtablesContext *ctx) +{ +ebtRulesSave(ctx-input_filter); +ebtRulesSave(ctx-forward_filter); +ebtRulesSave(ctx-nat_postrouting); +} Hum, and where ? Under /etc/libvirt/ebtables/ ? Are the table and chain names provided in ebtRulesNew() sufficient to uniquely name the set ? I hope so otherwise we're gonna have trouble with persistance. It would be good to have ebtRulesSave() documented if not fully finished before next release. I'm gonna commit this, but I think we need to double-check that the current APIs won't be a problem when we want to implement saving (didn't checked the second patch yet). I also think the spec file should add a Requires to ebtables as this is not installed systematically (it wasn't present on my workstation by default). I will push this tonight, thanks ! Daniel This patch removes the ebtablesSaveRules() function as it more confusing than useful at the moment. Okay, pushed, thanks ! Any solution on the broadcast/multicast issue raised ? Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] chardev: Add function to output -chardev options
Would you please rebasae the legacy -vmchannel support accordingly? On Wed, Nov 04, 2009 at 03:57:32PM +, Matthew Booth wrote: Note that, on its own, this patch will generate a warning about an unused static function. --- src/qemu/qemu_conf.c | 68 ++ 1 files changed, 68 insertions(+), 0 deletions(-) diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index 2981b51..a9f6885 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -1411,6 +1411,74 @@ qemuBuildHostNetStr(virConnectPtr conn, return 0; } +/* This function outputs a -chardev command line option which describes only the + * host side of the character device */ +static void qemudBuildCommandLineChrDevChardevStr(virDomainChrDefPtr dev, + const char *const id, + virBufferPtr buf) +{ +bool telnet; +switch(dev-type) { +case VIR_DOMAIN_CHR_TYPE_NULL: +virBufferVSprintf(buf, null,id=%s, id); +break; + +case VIR_DOMAIN_CHR_TYPE_VC: +virBufferVSprintf(buf, vc,id=%s, id); +break; + +case VIR_DOMAIN_CHR_TYPE_PTY: +virBufferVSprintf(buf, pty,id=%s, id); +break; + +case VIR_DOMAIN_CHR_TYPE_DEV: +virBufferVSprintf(buf, tty,id=%s,path=%s, id, dev-data.file.path); +break; + +case VIR_DOMAIN_CHR_TYPE_FILE: +virBufferVSprintf(buf, file,id=%s,path=%s, id, dev-data.file.path); +break; + +case VIR_DOMAIN_CHR_TYPE_PIPE: +virBufferVSprintf(buf, pipe,id=%s,path=%s, id, dev-data.file.path); +break; + +case VIR_DOMAIN_CHR_TYPE_STDIO: +virBufferVSprintf(buf, stdio,id=%s, id); +break; + +case VIR_DOMAIN_CHR_TYPE_UDP: +virBufferVSprintf(buf, + udp,id=%s,host=%s,port=%s,localaddr=%s,localport=%s, + id, + dev-data.udp.connectHost, + dev-data.udp.connectService, + dev-data.udp.bindHost, + dev-data.udp.bindService); +break; + +case VIR_DOMAIN_CHR_TYPE_TCP: +telnet = dev-data.tcp.protocol == VIR_DOMAIN_CHR_TCP_PROTOCOL_TELNET; +virBufferVSprintf(buf, + socket,id=%s,host=%s,port=%s%s%s, + id, + dev-data.tcp.host, + dev-data.tcp.service, + telnet ? ,telnet : , + dev-data.tcp.listen ? ,server,nowait : ); +break; + +case VIR_DOMAIN_CHR_TYPE_UNIX: +virBufferVSprintf(buf, + socket,id=%s,path=%s%s, + id, + dev-data.nix.path, + dev-data.nix.listen ? ,server,nowait : ); +break; +} +} + +/* This function outputs an all-in-one character device command line option */ static int qemudBuildCommandLineChrDevStr(virDomainChrDefPtr dev, char *buf, int buflen) -- 1.6.2.5 -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Rebased -vmchannel support
Updated patches are rebased on top of merged channel support. They additionally move some definitions around to hopefully reduce the chances of future merge conflicts. -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 1/2] Detect availability of legacy QEMU -vmchannel command line option
* src/qemu/qemu_conf.[ch]: Detect -vmchannel command line option --- src/qemu/qemu_conf.c |2 ++ src/qemu/qemu_conf.h |1 + 2 files changed, 3 insertions(+), 0 deletions(-) diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index e1e24c3..fa54974 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -897,6 +897,8 @@ static unsigned int qemudComputeCmdFlags(const char *help, flags |= QEMUD_CMD_FLAG_MEM_PATH; if (strstr(help, -chardev)) flags |= QEMUD_CMD_FLAG_CHARDEV; +if (strstr(help, -vmchannel)) +flags |= QEMUD_CMD_FLAG_VMCHANNEL; if (version = 9000) flags |= QEMUD_CMD_FLAG_VNC_COLON; diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index 5d433d3..54095b5 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -44,6 +44,7 @@ /* Internal flags to keep track of qemu command line capabilities */ enum qemud_cmd_flags { +QEMUD_CMD_FLAG_VMCHANNEL = (1 31), /* Is the legacy -vmchannel arg available */ QEMUD_CMD_FLAG_KQEMU = (1 0), /* Whether KQEMU is compiled in */ QEMUD_CMD_FLAG_VNC_COLON = (1 1), /* Does the VNC take just port, or address + display */ QEMUD_CMD_FLAG_NO_REBOOT = (1 2), /* Is the -no-reboot flag available */ -- 1.6.2.5 -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 2/2] Add channel support for legacy QEMU's -vmchannel CLI option
This patch allows the following to be specified in a QEmu domain: channel type='unix' source mode='bind' path='/tmp/vmchannel'/ target type='vmchannel' deviceid='0200'/ /channel * docs/schemas/domain.rng src/conf/domain_conf.[ch]: extend the domain schema and parsing/serialization for the new construct QEmu support adds the following on the qemu command line: -vmchannel di:0200,unix:/tmp/vmchannel,server,nowait * src/qemu/qemu_conf.c: Add -vmchannel argument output * tests/qemuxml2(argv|xml)test.c: Add test for vmchannel channel syntax --- docs/schemas/domain.rng| 13 - src/conf/domain_conf.c | 30 +++- src/conf/domain_conf.h |2 + src/qemu/qemu_conf.c | 18 .../qemuxml2argv-channel-vmchannel.args|1 + .../qemuxml2argv-channel-vmchannel.xml | 26 + tests/qemuxml2argvtest.c |1 + tests/qemuxml2xmltest.c|2 + 8 files changed, 91 insertions(+), 2 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-channel-vmchannel.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-channel-vmchannel.xml diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng index b75f17e..39a19ae 100644 --- a/docs/schemas/domain.rng +++ b/docs/schemas/domain.rng @@ -1059,12 +1059,23 @@ attribute name=port/ /element /define + define name=vmchannelTarget +element name=target +attribute name=type +valuevmchannel/value +/attribute +attribute name=deviceid/ +/element + /define define name=channel element name=channel ref name=qemucdevSrcType/ interleave ref name=qemucdevSrcDef/ -ref name=guestfwdTarget/ +choice + ref name=guestfwdTarget/ + ref name=vmchannelTarget/ +/choice /interleave /element /define diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 918a5d7..c02b959 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -130,6 +130,7 @@ VIR_ENUM_IMPL(virDomainNet, VIR_DOMAIN_NET_TYPE_LAST, VIR_ENUM_IMPL(virDomainChrTarget, VIR_DOMAIN_CHR_TARGET_TYPE_LAST, null, + vmchannel, monitor, parallel, serial, @@ -1349,6 +1350,7 @@ virDomainChrDefParseXML(virConnectPtr conn, const char *targetType = NULL; const char *addrStr = NULL; const char *portStr = NULL; +const char *deviceidStr = NULL; virDomainChrDefPtr def; if (VIR_ALLOC(def) 0) { @@ -1504,6 +1506,26 @@ virDomainChrDefParseXML(virConnectPtr conn, virSocketSetPort(def-target.addr, port); break; +case VIR_DOMAIN_CHR_TARGET_TYPE_VMCHANNEL: +deviceidStr = virXMLPropString(cur, deviceid); + +if (deviceidStr == NULL) { +virDomainReportError(conn, VIR_ERR_INVALID_DOMAIN, + _(vmchannel channel does not + define a device id)); +goto error; +} + +unsigned int deviceid; +if (virStrToLong_ui(deviceidStr, NULL, 16, deviceid) 0) { +virDomainReportError(conn, VIR_ERR_INVALID_DOMAIN, + _(Invalid device id: %s), + deviceidStr); +goto error; +} +def-target.deviceid = deviceid; +break; + default: virDomainReportError(conn, VIR_ERR_XML_ERROR, _(unexpected target type type %u), @@ -1514,7 +1536,6 @@ virDomainChrDefParseXML(virConnectPtr conn, cur = cur-next; } - switch (def-type) { case VIR_DOMAIN_CHR_TYPE_NULL: /* Nada */ @@ -1641,6 +1662,7 @@ cleanup: VIR_FREE(targetType); VIR_FREE(addrStr); VIR_FREE(portStr); +VIR_FREE(deviceidStr); return def; @@ -4125,6 +4147,7 @@ virDomainChrDefFormat(virConnectPtr conn, switch (def-targetType) { /* channel types are in a common channel element */ case VIR_DOMAIN_CHR_TARGET_TYPE_GUESTFWD: +case VIR_DOMAIN_CHR_TARGET_TYPE_VMCHANNEL: elementName = channel; break; @@ -4237,6 +4260,11 @@ virDomainChrDefFormat(virConnectPtr conn, addr, port); break; +case VIR_DOMAIN_CHR_TARGET_TYPE_VMCHANNEL: +virBufferVSprintf(buf, target type='vmchannel' deviceid='%.4X'/\n, + def-target.deviceid); +break; + case
Re: [libvirt] [PATCH] phyp: ssh authentication with pub keys fixed
Matthias Bolte wrote: diff --git a/src/phyp/phyp_driver.c b/src/phyp/phyp_driver.c index a92046a..f96d2d6 100644 --- a/src/phyp/phyp_driver.c +++ b/src/phyp/phyp_driver.c [...] @@ -282,10 +297,8 @@ openSSHSession(virConnectPtr conn, virConnectAuthPtr auth, /* Trying authentication by pubkey */ while ((rc = libssh2_userauth_publickey_fromfile(session, username, You assign conn-uri-user to username and use it without checking for NULL. You should either check conn-uri-user for NULL in phypOpen(), as you do it for conn-uri-server and conn-uri-path, and return VIR_DRV_OPEN_ERROR if its NULL or request a username via the auth callback if conn-uri-user is NULL. Ok. -/home/user/ -.ssh/id_rsa.pub, -/home/user/ -.ssh/id_rsa, +pubkey, +pvtkey, password)) == The password (actually the passphrase) is NULL at this point. Is this really working? Talking with libssh2 guys, this feature is not exactly working well, they said that it is possible to pass a random passphrase (or even NULL) that it will authenticate using pub and pvt keys. So, I assumed this as a hardcoded NULL just until they fix this function. LIBSSH2_ERROR_EAGAIN) ; if (rc) { So you fallback to username/password authentication if keyfile authentication failed (rc != 0). According to the libssh2_userauth_publickey_fromfile manpage it may return this error codes: LIBSSH2_ERROR_ALLOC - An internal memory allocation call failed. LIBSSH2_ERROR_SOCKET_SEND - Unable to send data on socket. LIBSSH2_ERROR_SOCKET_TIMEOUT LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED - The username/public key combination was invalid. LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED - The username/public key combination was invalid, or the signature for the supplied public key was invalid. Appearently, going further the man pages and tracing all the function return points, I figured out that this function may also return LIBSSH2_ERROR_SOCKET_NONE or LIBSSH2_ERROR_NONE for many reasons. As far as I understand, LIBSSH2_ERROR_NONE is for a succesful pubkey authentication, and LIBSSH2_ERROR_SOCKET_NONE is for a non succesful. Adjusted all values for this if construction. IMHO its not useful to fallback to username/password authentication for the first three possible errors, only if a keyfile related error occurs like the last two. In this case I explicit check for errors (LIBSSH2_ERROR_ALLOC, LIBSSH2_ERROR_SOCKET_SEND and LIBSSH2_ERROR_SOCKET_TIMEOUT) before fallback. I wonder which error code will be returned if one or both keyfiles don't exist. Maybe you should check if both keyfiles exist before calling libssh2_userauth_publickey_fromfile() and fallback to username/password authentication if one or both are missing. Ok. I am stating files now. @@ -341,15 +354,22 @@ openSSHSession(virConnectPtr conn, virConnectAuthPtr auth, goto disconnect; } else goto exit; +} else { +goto exit; } disconnect: libssh2_session_disconnect(session, Disconnecting...); libssh2_session_free(session); err: +VIR_FREE(userhome); +VIR_FREE(pubkey); +VIR_FREE(pvtkey); VIR_FREE(password); return NULL; exit: +VIR_FREE(userhome); VIR_FREE(pubkey) is missing here, it's there in the first version of this patch. Ok. Thanks again :) []'s -- Eduardo Otubo Software Engineer Linux Technology Center IBM Systems Technology Group Mobile: +55 19 8135 0885 eot...@linux.vnet.ibm.com diff --git a/src/phyp/phyp_driver.c b/src/phyp/phyp_driver.c index a92046a..94581b2 100644 --- a/src/phyp/phyp_driver.c +++ b/src/phyp/phyp_driver.c @@ -101,6 +101,12 @@ phypOpen(virConnectPtr conn, return VIR_DRV_OPEN_ERROR; } +if (conn-uri-user == NULL) { +PHYP_ERROR(conn, VIR_ERR_INTERNAL_ERROR, + _(Missing username in phyp:// URI)); +return VIR_DRV_OPEN_ERROR; +} + if (VIR_ALLOC(phyp_driver) 0) { virReportOOMError(conn); goto failure; @@ -225,10 +231,26 @@ openSSHSession(virConnectPtr conn, virConnectAuthPtr auth, const char *password = NULL; int sock; int rc; - struct addrinfo *ai = NULL, *cur; struct addrinfo hints; int ret; +char *pubkey = NULL; +char *pvtkey = NULL; +char *userhome = virGetUserDirectory(NULL, geteuid()); +struct stat pvt_stat, pub_stat; + +if (userhome == NULL) +goto err; + +if (virAsprintf(pubkey, %s/.ssh/id_rsa.pub, userhome) 0) { +virReportOOMError(conn); +goto err; +} + +if (virAsprintf(pvtkey, %s/.ssh/id_rsa, userhome) 0) { +
Re: [libvirt] [PATCH] phyp: ssh authentication with pub keys fixed
2009/11/9 Eduardo Otubo ot...@linux.vnet.ibm.com: Matthias Bolte wrote: diff --git a/src/phyp/phyp_driver.c b/src/phyp/phyp_driver.c index a92046a..f96d2d6 100644 --- a/src/phyp/phyp_driver.c +++ b/src/phyp/phyp_driver.c [...] @@ -282,10 +297,8 @@ openSSHSession(virConnectPtr conn, virConnectAuthPtr auth, /* Trying authentication by pubkey */ while ((rc = libssh2_userauth_publickey_fromfile(session, username, You assign conn-uri-user to username and use it without checking for NULL. You should either check conn-uri-user for NULL in phypOpen(), as you do it for conn-uri-server and conn-uri-path, and return VIR_DRV_OPEN_ERROR if its NULL or request a username via the auth callback if conn-uri-user is NULL. Ok. - /home/user/ - .ssh/id_rsa.pub, - /home/user/ - .ssh/id_rsa, + pubkey, + pvtkey, password)) == The password (actually the passphrase) is NULL at this point. Is this really working? Talking with libssh2 guys, this feature is not exactly working well, they said that it is possible to pass a random passphrase (or even NULL) that it will authenticate using pub and pvt keys. So, I assumed this as a hardcoded NULL just until they fix this function. Hm, okay. May be you should add a comment about this. LIBSSH2_ERROR_EAGAIN) ; if (rc) { So you fallback to username/password authentication if keyfile authentication failed (rc != 0). According to the libssh2_userauth_publickey_fromfile manpage it may return this error codes: LIBSSH2_ERROR_ALLOC - An internal memory allocation call failed. LIBSSH2_ERROR_SOCKET_SEND - Unable to send data on socket. LIBSSH2_ERROR_SOCKET_TIMEOUT LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED - The username/public key combination was invalid. LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED - The username/public key combination was invalid, or the signature for the supplied public key was invalid. Appearently, going further the man pages and tracing all the function return points, I figured out that this function may also return LIBSSH2_ERROR_SOCKET_NONE or LIBSSH2_ERROR_NONE for many reasons. As far as I understand, LIBSSH2_ERROR_NONE is for a succesful pubkey authentication, and LIBSSH2_ERROR_SOCKET_NONE is for a non succesful. Adjusted all values for this if construction. IMHO its not useful to fallback to username/password authentication for the first three possible errors, only if a keyfile related error occurs like the last two. In this case I explicit check for errors (LIBSSH2_ERROR_ALLOC, LIBSSH2_ERROR_SOCKET_SEND and LIBSSH2_ERROR_SOCKET_TIMEOUT) before fallback. I wonder which error code will be returned if one or both keyfiles don't exist. Maybe you should check if both keyfiles exist before calling libssh2_userauth_publickey_fromfile() and fallback to username/password authentication if one or both are missing. Ok. I am stating files now. @@ -341,15 +354,22 @@ openSSHSession(virConnectPtr conn, virConnectAuthPtr auth, goto disconnect; } else goto exit; + } else { + goto exit; } disconnect: libssh2_session_disconnect(session, Disconnecting...); libssh2_session_free(session); err: + VIR_FREE(userhome); + VIR_FREE(pubkey); + VIR_FREE(pvtkey); VIR_FREE(password); return NULL; exit: + VIR_FREE(userhome); VIR_FREE(pubkey) is missing here, it's there in the first version of this patch. Ok. Thanks again :) []'s diff --git a/src/phyp/phyp_driver.c b/src/phyp/phyp_driver.c index a92046a..94581b2 100644 --- a/src/phyp/phyp_driver.c +++ b/src/phyp/phyp_driver.c [...] @@ -280,15 +302,19 @@ openSSHSession(virConnectPtr conn, virConnectAuthPtr auth, } /* Trying authentication by pubkey */ +if (stat(pvtkey, pvt_stat) || stat(pubkey, pub_stat)) You could have used access(pvtkey, R_OK) instead, but stat() is okay. Don't you want to try username/password authentication in case of missing keyfiles? Instead you goto err. +goto err; + while ((rc = libssh2_userauth_publickey_fromfile(session, username, -/home/user/ -.ssh/id_rsa.pub, -/home/user/ -.ssh/id_rsa, -password)) == +pubkey, +pvtkey, +NULL)) ==
Re: [libvirt] timing issues of calling virsh on the command line
The libvirt version I'm using is 0.6.2. The domains I'm using are fedora 11 netboot images. The images don't ever complete their netboot because they get stuck due to some error in detecting hardware. Because my experiments solely involve swapping machines, and I don't really actually care about running anything, this is fine for me. I'm using qemu-kvm version 0.10.6. I attached the log I received in On Mon, Nov 9, 2009 at 2:47 AM, Daniel Veillard veill...@redhat.com wrote: On Sat, Nov 07, 2009 at 10:24:30AM -0500, David Wilcox wrote: Hi, I've encountered some concurrency issues when calling virsh in a script. If I try to restore a VM too soon after it's been saved, libvirtd will stop responding. As well, if I try to save a VM too soon after it's been restored, libvirtd will stop responding. First what version are you using ? What kind of domains, what versions of the hypervisor etc ... Second assuming something recent, could you run /usr/sbin/libvirtd under gdb, then reproduce the problem and provide a stack trace ? See the end of https://fedoraproject.org/wiki/How_to_debug_Libvirt_problems for detailed informations If libvirtd is not responding it's very probably crashed, and we need to fix the crash. At the moment, I am not using any type of wait in my program for virsh to come back. I merely let the system call run its course and I assume that virsh will return when it's done waiting. Is there any type of wait that needs to occur in order to avoid these concurrency issues? The operation should be synchronous, so no wait should be needed something is behaving. Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ Continuing. Detaching after fork from child process 24268. Detaching after fork from child process 24272. Detaching after fork from child process 24298. Detaching after fork from child process 24302. Detaching after fork from child process 24338. Detaching after fork from child process 24342. Detaching after fork from child process 24378. Detaching after fork from child process 24379. Detaching after fork from child process 24418. Detaching after fork from child process 24421. Detaching after fork from child process 24458. Detaching after fork from child process 24459. Detaching after fork from child process 24497. Detaching after fork from child process 24500. Detaching after fork from child process 24537. Detaching after fork from child process 24538. Detaching after fork from child process 24577. Detaching after fork from child process 24578. Detaching after fork from child process 24617. Detaching after fork from child process 24620. Detaching after fork from child process 24657. Detaching after fork from child process 24659. Detaching after fork from child process 24697. Detaching after fork from child process 24799. Detaching after fork from child process 24825. Detaching after fork from child process 24826. Detaching after fork from child process 24865. Detaching after fork from child process 24866. Detaching after fork from child process 24905. Detaching after fork from child process 24908. Program received signal SIGINT, Interrupt. 0x003f364d50d3 in poll () from /lib64/libc.so.6 Thread 6 (Thread 0x7fb5f5047910 (LWP 24128)): #0 0x003f3700b2f9 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 #1 0x7fb5f654d049 in virCondWait () from /usr/lib64/libvirt.so.0 #2 0x004118b5 in polkit_caller_new_from_pid () #3 0x003f3700686a in start_thread () from /lib64/libpthread.so.0 #4 0x003f364de3bd in clone () from /lib64/libc.so.6 #5 0x in ?? () Thread 5 (Thread 0x7fb5f4646910 (LWP 24129)): #0 0x003f364d50d3 in poll () from /lib64/libc.so.6 #1 0x0042175e in polkit_caller_new_from_pid () #2 0x00427f6a in polkit_caller_new_from_pid () #3 0x7fb5f655e34a in virDomainSave () from /usr/lib64/libvirt.so.0 #4 0x00417bdf in polkit_caller_new_from_pid () #5 0x0041c261 in polkit_caller_new_from_pid () #6 0x0041194d in polkit_caller_new_from_pid () #7 0x003f3700686a in start_thread () from /lib64/libpthread.so.0 #8 0x003f364de3bd in clone () from /lib64/libc.so.6 #9 0x in ?? () Thread 4 (Thread 0x7fb5f3c45910 (LWP 24130)): #0 0x003f3700b2f9 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 #1 0x7fb5f654d049 in virCondWait () from /usr/lib64/libvirt.so.0 #2 0x004118b5 in polkit_caller_new_from_pid () #3 0x003f3700686a in start_thread () from /lib64/libpthread.so.0 #4 0x003f364de3bd in clone () from /lib64/libc.so.6 #5 0x in ?? () Thread 3 (Thread 0x7fb5f3244910 (LWP 24131)): #0 0x003f3700b2f9 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 #1
Re: [libvirt] Get Virtual Machine Information
Hi Jun Koi Thanks for your reply. I am writing a tool to document the novell xen server and its vm configuration. for this i need to know how to get operating system of vm and its ipaddress. Help me Regards, Gandhiraj Natarajan --- On Fri, 23/10/09, Jun Koi junkoi2...@gmail.com wrote: From: Jun Koi junkoi2...@gmail.com Subject: Re: [libvirt] Get Virtual Machine Information To: Gandhiraj Natarajan gandhiraj...@yahoo.co.in Date: Friday, 23 October, 2009, 7:51 PM On Thu, Oct 22, 2009 at 5:39 PM, Gandhiraj Natarajan gandhiraj...@yahoo.co.in wrote: Hi 1. We need to know how to get the IP addresses of virtual machines running in Novel Xen Server? Is that HVM, or PV? in the case of HVM, it is not realistic to get the IP, as the IP is managed from inside the HVM, and that is out-of-control from Dom0. 2. We need to know how to get the proper operating system like Windows XP or 2000 or 2003? Could you explain why you need this kind of information?? Thanks, J The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/-- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] kvm network modes
11/09/2009 12:06 PM, Rakotomandimby Mihamina: Would you now some doecumentation on non NATing configuration? I would like to give my guests public IP adresses. I create my guests using: virt-install --connect qemu:///system \ [...] \ --network=network:default where 'default' is the configuration above. I found one solution: http://www.rktmb.org/post/2009/11/09/KVM-Ubuntu It works for me. -- Architecte Informatique chez Blueline/Gulfsat: Administration Systeme, Recherche Developpement +261 33 11 207 36 -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Need second private network between guests's
I've got a shared device 'br0' between my host and all my guests. The guests are now on the host network. What do I need to do in order to setup a second 'private' network between the guests? My host network is on 192.168 and I'd like the second private network on 172.19. thx, -Gerry -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Need second private network between guests's
Adam Mooz wrote: I'm a new guy to the list and libvirt but I'm guessing you'll be looking at the config section of dnsmasq if you'd like dynamically assigned IP's from the VM's to be on the 172 network. - *Adam Mooz* /adam.m...@gmail.com mailto:adam.m...@gmail.com //adamm...@me.com mailto:adamm...@me.com// /http://www.AdamMooz.com On 2009-11-09, at 11:22 PM, Gerry Reno wrote: I've got a shared device 'br0' between my host and all my guests. The guests are now on the host network. What do I need to do in order to setup a second 'private' network between the guests? My host network is on 192.168 and I'd like the second private network on 172.19. thx, -Gerry Hi there new guy. Ok, first rule of lists: no top posting. Too hard to follow threads of conversation that way. I'm not worried about how the addresses will be assigned, either static or dynamic. I need the network stanzas that are necessary in the xml file in order to establish a second private network between the guests. -Gerry -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Mounting a raw DVD
Adam Mooz wrote: Hello List, I'm attempting to pass a DVD drive of a headless server into a virtual machine. So far I've managed to mount *something* into the VM, but it's being registered as a blank DVD within the VM. When I mount /dev/dvd into the bare-metal machine it registers normally as the DVD. How do I pass physical drives into a VM and back out using libvirt? Command used: #virsh attach-disk Montreal /dev/dvd hdc --mode readonly --driver phy --type cdrom Connecting to uri: qemu:///system Disk attached successfully VM XML file: domain type='kvm' nameMontreal/name uuid0f79ba7f-27bf-16a0-5887-6cfa2b5569f1/uuid memory2097152/memory currentMemory2097152/currentMemory vcpu1/vcpu os type arch='x86_64' machine='pc-0.11'hvm/type boot dev='hd'/ /os features acpi/ apic/ pae/ /features clock offset='utc'/ on_poweroffdestroy/on_poweroff on_rebootrestart/on_reboot on_crashrestart/on_crash devices emulator/usr/bin/kvm/emulator disk type='file' device='cdrom' target dev='hdc' bus='ide'/ readonly/ /disk disk type='file' device='disk' source file='(Mangled Purposely)'/ target dev='vda' bus='virtio'/ /disk interface type='bridge' mac address='(mangled purposly)/ source bridge='br0'/ model type='virtio'/ /interface serial type='pty' target port='0'/ /serial console type='pty' target port='0'/ /console input type='mouse' bus='ps2'/ graphics type='vnc' port='-1' autoport='yes' keymap='en-us'/ video model type='cirrus' vram='9216' heads='1'/ /video /devices /domain I haven't done this for a while but I believe you have to issue a 'detach' command afterwards. -Gerry -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Mounting a raw DVD
On 2009-11-09, at 11:46 PM, Gerry Reno wrote: Adam Mooz wrote: Hello List, I'm attempting to pass a DVD drive of a headless server into a virtual machine. So far I've managed to mount *something* into the VM, but it's being registered as a blank DVD within the VM. When I mount /dev/dvd into the bare-metal machine it registers normally as the DVD. How do I pass physical drives into a VM and back out using libvirt? Command used: #virsh attach-disk Montreal /dev/dvd hdc --mode readonly --driver phy --type cdrom Connecting to uri: qemu:///system Disk attached successfully VM XML file: domain type='kvm' nameMontreal/name uuid0f79ba7f-27bf-16a0-5887-6cfa2b5569f1/uuid memory2097152/memory currentMemory2097152/currentMemory vcpu1/vcpu os type arch='x86_64' machine='pc-0.11'hvm/type boot dev='hd'/ /os features acpi/ apic/ pae/ /features clock offset='utc'/ on_poweroffdestroy/on_poweroff on_rebootrestart/on_reboot on_crashrestart/on_crash devices emulator/usr/bin/kvm/emulator disk type='file' device='cdrom' target dev='hdc' bus='ide'/ readonly/ /disk disk type='file' device='disk' source file='(Mangled Purposely)'/ target dev='vda' bus='virtio'/ /disk interface type='bridge' mac address='(mangled purposly)/ source bridge='br0'/ model type='virtio'/ /interface serial type='pty' target port='0'/ /serial console type='pty' target port='0'/ /console input type='mouse' bus='ps2'/ graphics type='vnc' port='-1' autoport='yes' keymap='en-us'/ video model type='cirrus' vram='9216' heads='1'/ /video /devices /domain I haven't done this for a while but I believe you have to issue a 'detach' command afterwards. -Gerry -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list # virsh detach-disk Montreal hdc Connecting to uri: qemu:///system error: this function is not supported by the hypervisor: only SCSI or virtio disk device can be detached dynamically ? Also, I'm not sure if you understood my question. When I pass in the DVD device into the VM it registers as a blank DVD. if I pass in a non-existant folder it blows up, so I know it's reading something from the real DVD drive. Mounting the real DVD drive in the bare- metal machine shows the files on the drive, but I cannot get them to appear in the VM. How do I get the same files to show up in the VM (i.e. mount the DVD drive into the VM)? - Adam Mooz adam.m...@gmail.com adamm...@me.com http://www.AdamMooz.com -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Mounting a raw DVD
Adam Mooz wrote: On 2009-11-09, at 11:46 PM, Gerry Reno wrote: Adam Mooz wrote: Hello List, I'm attempting to pass a DVD drive of a headless server into a virtual machine. So far I've managed to mount *something* into the VM, but it's being registered as a blank DVD within the VM. When I mount /dev/dvd into the bare-metal machine it registers normally as the DVD. How do I pass physical drives into a VM and back out using libvirt? Command used: #virsh attach-disk Montreal /dev/dvd hdc --mode readonly --driver phy --type cdrom Connecting to uri: qemu:///system Disk attached successfully VM XML file: domain type='kvm' nameMontreal/name uuid0f79ba7f-27bf-16a0-5887-6cfa2b5569f1/uuid memory2097152/memory currentMemory2097152/currentMemory vcpu1/vcpu os type arch='x86_64' machine='pc-0.11'hvm/type boot dev='hd'/ /os features acpi/ apic/ pae/ /features clock offset='utc'/ on_poweroffdestroy/on_poweroff on_rebootrestart/on_reboot on_crashrestart/on_crash devices emulator/usr/bin/kvm/emulator disk type='file' device='cdrom' target dev='hdc' bus='ide'/ readonly/ /disk disk type='file' device='disk' source file='(Mangled Purposely)'/ target dev='vda' bus='virtio'/ /disk interface type='bridge' mac address='(mangled purposly)/ source bridge='br0'/ model type='virtio'/ /interface serial type='pty' target port='0'/ /serial console type='pty' target port='0'/ /console input type='mouse' bus='ps2'/ graphics type='vnc' port='-1' autoport='yes' keymap='en-us'/ video model type='cirrus' vram='9216' heads='1'/ /video /devices /domain I haven't done this for a while but I believe you have to issue a 'detach' command afterwards. -Gerry -- Libvir-list mailing list Libvir-list@redhat.com mailto:Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list # virsh detach-disk Montreal hdc Connecting to uri: qemu:///system error: this function is not supported by the hypervisor: only SCSI or virtio disk device can be detached dynamically ? Also, I'm not sure if you understood my question. When I pass in the DVD device into the VM it registers as a blank DVD. if I pass in a non-existant folder it blows up, so I know it's reading something from the real DVD drive. Mounting the real DVD drive in the bare-metal machine shows the files on the drive, but I cannot get them to appear in the VM. How do I get the same files to show up in the VM (i.e. mount the DVD drive into the VM)? I didn't see /dev/dvd in your xml. If you attach it and then dump the xml what does it look like? And then have you tried booting the VM with an xml file with this device and can you read the files on the device this way? The other thing is that maybe your version of libvirt is too old. I think 0.7.1 is current. -Gerry -- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list