[libvirt-users] Remote and local connections at the same time (Centos 7)
Jiri Denemark
jdenemar at redhat.com
Thu Nov 22 09:31:26 UTC 2018
On Thu, Nov 22, 2018 at 09:58:41 +0300, Anastasiya Ruzhanskaya wrote:
> Hello!
> I was investigating libvirt a year ago regarding it's remote control. I
> figured out necessary settings for configuring remote control in ubuntu
> (setting flags in libvirt setting files). Now I have several questions:
>
> 1) Are these flags the same for Centos?
> They did not worked for me.
> My flags for ubuntu are (for tcp for example):
>
> /etc/libvirt/libvirtd.conf : listen_tls = 0, listen_tcp = 1, listen_addr =
> "0.0.0.0 " auth_-
> tcp = "none "
These configuration options are the same in all distros. But, listening
on TCP without any encryption and authentication is very dangerous and
it should not be used. A connection to system libvirtd is equivalent to
having a root account and I believe you don't want to provide root
access to anyone connecting to an open TCP port, do you? See
https://libvirt.org/remote.html for more details about remote access.
> /etc/init/libvirt-bin.conf: add -l (listen) : env libvirtd_opts = d -l"
> /etc/default/libvirt-bin add -l : libvirtd_opts = d -l"
This is different in CentOS. You need to edit /etc/sysconfig/libvirtd
file and uncomment LIBVIRTD_ARGS="--listen".
> 2) Can the remote control be configured along with local on one machine?
Yes, local access via UNIX sockets is always enabled. That is, enabling
remote access as described above will allow you to connect to libvirtd
both locally and remotely.
Jirka
More information about the libvirt-users
mailing list