[Libvir] trouble using ssh tunnel for remote hypervisor

Guillaume Rousse Guillaume.Rousse at inria.fr
Thu Sep 27 07:28:32 UTC 2007 

Daniel P. Berrange a écrit :
> On Wed, Sep 26, 2007 at 11:47:40PM +0200, Guillaume Rousse wrote:
>> Hello.
>>
>> I'm trying to use ssh tunnel for remote hypervisor access. However, I'm
>> can't make it working...
>>
>> [guillaume at oberkampf ~]$ LC_ALL=C virsh --connect
>> xen+ssh://root@acacia.futurs.inria.fr list --all
> 
> You are missing a trailing '/' on the URI - when strip the hostname to
> make the remote uri, we end up with xen:// which is rejected by libxml's
> URI parser. Simply add a '/' after the hostname and you should be fine.
Ahhhhhhh.... Thanks a lot.

> It is rather annoying that libxml's parser rejects uris only ending in
> two /, but not three. We should probably automatically add an extra
> trailing / if we find we only have two, because its a common mistake.
It would be more idiots-proof :)

[..]
>> From the documentation, it seems xen:// transport implies TLS, and
>> requires an host name, so it is quite normal it fails here (I didn't
>> generated any certificate). But how can I force libvirtd to use xen:///
>> transport then ? I don't see anything related in libvirt configuration
>> documentation at http://libvirt.org/remote.html ? Neither about how to
>> configure it for listening on unix transport, as explained in svn+ssh
>> transport requirements on the same page (but I presume it is the default) ?
> 
> The daemon libvirtd will always listen for UNIX socket connections. You
> have to explicitly turn on TCP support, after having setup certificates.
> If using SSH, then we simply tunnel to the UNIX socket over SSH so all
> you need do is start the libvirtd daemon on the remote host.
Can you rephrase the documentation a little bit then ? It seems to imply
you have to do some additional libvirtd configuration for ssh transport
usage.

>> Also, from where does those error and warning come ?
>> [root at acacia ~]# LC_ALL=C virsh -c xen:/// list
>> libvir: Remote error : No such file or directory
>> libvir: warning : Failed to find the network: Is the daemon running ?
> 
> That is a sign that the libvirtd daemon is notrunning on the host in
> questions.
However it is running:
[root at acacia ~]# service libvirtd start
Lancement du service libvirtd :                                 [  OK  ]
[root at acacia ~]# LC_ALL=C virsh -c xen:/// list
libvir: Remote error : No such file or directory
libvir: warning : Failed to find the network: Is the daemon running ?
 Id Name                 State
----------------------------------
  0 Domain-0             running
  1 barman               blocked
  2 cocktail             blocked
  3 mojito               blocked

[root at acacia ~]# service libvirtd status
libvirtd (pid 19102) est en cours d'exécution...


-- 
Guillaume Rousse
Moyens Informatiques - INRIA Futurs
Tel: 01 69 35 69 62

More information about the libvir-list mailing list