On Tue, Feb 27, 2024 at 01:20:46AM -0800, Andrea Bolognani wrote:
> On Mon, Feb 26, 2024 at 03:12:51PM -0500, Chuck Lever wrote:
> > > > > > > > > Hello-
> > > > > > > > >
> > > > > > > > > I'm somewhat new to the libvirt world, and I've encountered a
> > > > > > > > > problem
> > > > > > > > > that needs better troubleshooting skills than I have. I've
> > > > > > > > > searched
> > > > > > > > > Google/Ecosia and stackoverflow without finding a solution.
> > > > > > > > >
> > > > > > > > > I set up libvirt on an x86_64 system without a problem, but
> > > > > > > > > on my
> > > > > > > > > new aarch64 / Fedora 39 system, virsh doesn't seem to want to
> > > > > > > > > start
> > > > > > > > > virbr0 when run from my own user account:
> > > > > > > > >
> > > > > > > > > cel@boudin:~/kdevops$ virsh net-start default
> > > > > > > > > error: Failed to start network default
> > > > > > > > > error: error creating bridge interface virbr0: Operation not
> > > > > > > > > permitted
> > > > > > > >
> > > > > > > >
> > > > > > > > If you run virsh as a normal user, it will auto-create an
> > > > > > > > unprivileged
> > > > > > > > ("session mode") libvirt instance, and connect to that rather
> > > > > > > > than the
> > > > > > > > single privileged (ie. run as root) libvirt instance that is
> > > > > > > > managed by
> > > > > > > > systemd. Because this libvirt is running as a normal user with
> > > > > > > > no elevated
> > > > > > > > privileges, it is unable to create a virtual network.
> > > > > > > >
> > > > > > > >
> > > > > > > > What you probably wanted to do was to connect to the
> > > > > > > > system-wide privileged
> > > > > > > > libvirt, you can do this by either running virsh as root (or
> > > > > > > > with sudo), or
> > > > > > > > by using
> > > > > > > >
> > > > > > > >
> > > > > > > > # virsh -c qemu:///system
> > > > > > > >
> > > > > > > >
> > > > > > > > rather than straight "virsh". Whichever method you choose,
> > > > > > > > you'll want to do
> > > > > > > > that for all of your virsh commands, both for creating/managing
> > > > > > > > networks and
> > > > > > > > guests.
> > > > > > >
> > > > > > > These are wrapped up in scripts and ansible playbooks, so I'll
> > > > > > > have
> > > > > > > to dig through that to figure out which connection is being used.
> > > > > > > Strange that this all works on my x86_64 system, but not on
> > > > > > > aarch64.
> >
> > I found the answer; posting here for the archive.
> >
> > There was a bug in the Ansible playbook responsible for setting up
> > libvirt to "run as a regular user". It was enabling libvirtd, but
> > was failing to enable virtnetworkd. On Fedora systems, both of
> > these steps are necessary.
> >
> > Once that was corrected, virtual networking works without error.
>
> Glad to hear you managed to figure it out. As suspected, it wasn't an
> aarch64-related issue after all :)
>
> Note that you shouldn't enable both the monolithic daemon (libvirtd)
> and the modular daemons (virtnetworkd, virtqemud) at the same time.
> If your version of libvirt is recent enough (>= 9.9.0) the situation
> should be handled cleanly, but in general it's not a supported
> configuration.
This Ansible code dates from before 2020, so it's legacy, I suppose.
Perhaps, if it can figure out which version of libvirt is available,
Ansible needn't start libvirtd at all? It would be a nicer fix, that
I can subsequently contribute to kdevops, if Ansible would start a
supported libvirt configuration.
> Moreover, Fedora has defaulted to modular daemons for a long time
> now, so really you shouldn't need to do anything special to ensure
> that they are enabled. Just install the package, then either start
> the various services/sockets manually or simply reboot. That should
> do the trick.
I too expected that simply installing libvirt on my new Fedora 39
system would have created a working environment, so there's clearly
something I missed during set-up.
--
Chuck Lever
_______________________________________________
Users mailing list -- users@lists.libvirt.org
To unsubscribe send an email to users-le...@lists.libvirt.org
