HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   Virtualization With KVM On A Debian Lenny Server (http://www.howtoforge.com/forums/showthread.php?t=33143)

planet_fox 1st April 2009 21:39

Virtualization With KVM On A Debian Lenny Server
 
Dear falco,

I have install kvm on my server @home with your totorial. All things looks ok. When I install debian over the virt installer. It is no problem, after the installation make debian a reboot than i switch to boot from hda an reboot system. Than come connect to console for guest and not more.

falko 2nd April 2009 19:58

That's strange, I didn't have any problem with a Debian guest installation. Do you see any errors in your logs?

planet_fox 3rd April 2009 03:25

Which is the logfile of kvm ? and is it a problem my kvm installation run on the server and i connect from workstation to the server at home. The guest Installation is not a problem only after. Give it a option i can with console conecct to client over kvm or i must use the virt manager ?

falko 3rd April 2009 14:08

I think the logs are somewhere in the /var/log directory (don't know the exact filename).

Have you tried to start the guest like this after the initial installation?

Code:

virsh --connect qemu:///system

start vm10

quit


potes 4th April 2009 21:09

Problems connecting from desktop
 
Hi,

I follow the guide but when i try to connect from the remote machine (a debian dsktop or a archlinux desktop) y get the next message:

Quote:

Unable to open a connection to the libvirt management daemon.

Libvirt URI is: qemu+ssh://root@silver/system

Verify that:
- The 'libvirtd' daemon has been started

and the error code es:

Quote:

Unable to open connection to hypervisor URI 'qemu+ssh://root@silver/system':
<class 'libvirt.libvirtError'> Tubería rota
Traceback (most recent call last):
File "/usr/share/virt-manager/virtManager/connection.py", line 486, in _open_thread
None], flags)
File "/usr/lib/python2.5/site-packages/libvirt.py", line 99, in openAuth
if ret is None:raise libvirtError('virConnectOpenAuth() failed')
libvirtError: Tubería rota

what i doing wrong? do i have to moake any other configuration to the host?

Thanks

falko 5th April 2009 16:06

Try this:
Code:

/etc/init.d/libvirt-bin restart

planet_fox 5th April 2009 16:44

I find anyy logfile for kvm in

/var/log directory

planet_fox 5th April 2009 17:54

Look here


Code:

virt-install --connect qemu:///system -n vm10 -r 512 --vcpus=1
-f /samba/kvm/vm10.qcow2 -s 12 -c /dev/cdrom --vnc --noautoconsole --os-type linux
--os-variant debianLenny --accelerate --network=bridge:br0 --hvm



after

Code:

virsh # start vm10
error: Domain is already active

virsh # list
 Id Name                State
----------------------------------
  8 vm10                running


planet_fox 5th April 2009 18:43

What for Rights musst have the file see here the curunnt state bei my file

Code:

-rwxr-xr-x  1 root root    12884901889  5. Apr 17:26 vm10.qcow2

potes 6th April 2009 00:53

Now appear a new message:

Quote:

Unable to open connection to hypervisor URI 'qemu+ssh://root@silver/system':
<class 'libvirt.libvirtError'> Conexión reinicializada por la máquina remota
Traceback (most recent call last):
File "/usr/share/virt-manager/virtManager/connection.py", line 486, in _open_thread
None], flags)
File "/usr/lib/python2.5/site-packages/libvirt.py", line 99, in openAuth
if ret is None:raise libvirtError('virConnectOpenAuth() failed')
libvirtError: Conexión reinicializada por la máquina remota
I think my problem is in the configuration files that they don't allow the remote desktop to connect. Here are my configuration file:

/etc/libvirt/qemu.con
Quote:

# Master configuration file for the QEMU driver.
# All settings described here are optional - if omitted, sensible
# defaults are used.

# VNC is configured to listen on 127.0.0.1 by default.
# To make it listen on all public interfaces, uncomment
# this next option.
#
# NB, strong recommendation to enable TLS + x509 certificate
# verification when allowing public access
#
#vnc_listen = "0.0.0.0"


# Enable use of TLS encryption on the VNC server. This requires
# a VNC client which supports the VeNCrypt protocol extension.
# Examples include vinagre, virt-viewer, virt-manager and vencrypt
# itself. UltraVNC, RealVNC, TightVNC do not support this
#
# It is necessary to setup CA and issue a server certificate
# before enabling this.
#
# vnc_tls = 1


# Use of TLS requires that x509 certificates be issued. The
# default it to keep them in /etc/pki/libvirt-vnc. This directory
# must contain
#
# ca-cert.pem - the CA master certificate
# server-cert.pem - the server certificate signed with ca-cert.pem
# server-key.pem - the server private key
#
# This option allows the certificate directory to be changed
#
# vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"


# The default TLS configuration only uses certificates for the server
# allowing the client to verify the server's identity and establish
# and encrypted channel.
#
# It is possible to use x509 certificates for authentication too, by
# issuing a x509 certificate to every client who needs to connect.
#
# Enabling this option will reject any client who does not have a
# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
#
# vnc_tls_x509_verify = 1
and the /etc/libvirt/libvirtd.conf
Quote:

# Master libvirt daemon configuration file
#
# For further information consult http://libvirt.org/format.html


################################################## ###############
#
# Network connectivity controls
#

# Flag listening for secure TLS connections on the public TCP/IP port.
# NB, must pass the --listen flag to the libvirtd process for this to
# have any effect.
#
# It is necessary to setup a CA and issue server certificates before
# using this capability.
#
# This is enabled by default, uncomment this to disable it
#listen_tls = 0

# Listen for unencrypted TCP connections on the public TCP/IP port.
# NB, must pass the --listen flag to the libvirtd process for this to
# have any effect.
#
# Using the TCP socket requires SASL authentication by default. Only
# SASL mechanisms which support data encryption are allowed. This is
# DIGEST_MD5 and GSSAPI (Kerberos5)
#
# This is disabled by default, uncomment this to enable it.
#listen_tcp = 1



# Override the port for accepting secure TLS connections
# This can be a port number, or service name
#
#tls_port = "16514"

# Override the port for accepting insecure TCP connections
# This can be a port number, or service name
#
#tcp_port = "16509"


# Override the default configuration which binds to all network
# interfaces. This can be a numeric IPv4/6 address, or hostname
#
# listen_addr = "192.168.0.1"


# Flag toggling mDNS advertizement of the libvirt service.
#
# Alternatively can disable for all services on a host by
# stopping the Avahi daemon
#
# This is enabled by default, uncomment this to disable it
#mdns_adv = 0

# Override the default mDNS advertizement name. This must be
# unique on the immediate broadcast network.
#
# The default is "Virtualization Host HOSTNAME", where HOSTNAME
# is subsituted for the short hostname of the machine (without domain)
#
#mdns_name = "Virtualization Host Joe Demo"


################################################## ###############
#
# UNIX socket access controls
#

# Set the UNIX domain socket group ownership. This can be used to
# allow a 'trusted' set of users access to management capabilities
# without becoming root.
#
# This is restricted to 'root' by default.
unix_sock_group = "libvirt"

# Set the UNIX socket permissions for the R/O socket. This is used
# for monitoring VM status only
#
# Default allows any user. If setting group ownership may want to
# restrict this to:
#unix_sock_ro_perms = "0777"

# Set the UNIX socket permissions for the R/W socket. This is used
# for full management of VMs
#
# Default allows only root. If PolicyKit is enabled on the socket,
# the default will change to allow everyone (eg, 0777)
#
# If not using PolicyKit and setting group ownership for access
# control then you may want to relax this to:
unix_sock_rw_perms = "0770"



################################################## ###############
#
# Authentication.
#
# - none: do not perform auth checks. If you can connect to the
# socket you are allowed. This is suitable if there are
# restrictions on connecting to the socket (eg, UNIX
# socket permissions), or if there is a lower layer in
# the network providing auth (eg, TLS/x509 certificates)
#
# - sasl: use SASL infrastructure. The actual auth scheme is then
# controlled from /etc/sasl2/libvirt.conf. For the TCP
# socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
# For non-TCP or TLS sockets, any scheme is allowed.
#
# - polkit: use PolicyKit to authenticate. This is only suitable
# for use on the UNIX sockets. The default policy will
# require a user to supply their own password to gain
# full read/write access (aka sudo like), while anyone
# is allowed read/only access.
#
# Set an authentication scheme for UNIX read-only sockets
# By default socket permissions allow anyone to connect
#
# To restrict monitoring of domains you may wish to enable
# an authentication mechanism here
auth_unix_ro = "none"

# Set an authentication scheme for UNIX read-write sockets
# By default socket permissions only allow root. If PolicyKit
# support was compiled into libvirt, the default will be to
# use 'polkit' auth.
#
# If the unix_sock_rw_perms are changed you may wish to enable
# an authentication mechanism here
auth_unix_rw = "none"

# Change the authentication scheme for TCP sockets.
#
# If you don't enable SASL, then all TCP traffic is cleartext.
# Don't do this outside of a dev/test scenario. For real world
# use, always enable SASL and use the GSSAPI or DIGEST-MD5
# mechanism in /etc/sasl2/libvirt.conf
#auth_tcp = "sasl"
almost everything is comment


All times are GMT +2. The time now is 23:52.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.