Addendum to USB issues
by Paul Lambert
Should have included this in the first Email. Below is the boolean
output of getsebool. Note that the qemu_use fields do have permission
to access USB but there is no USB entry for the virt though there is
for other virt_fields. I am running the
Looks to me some migration leftovers from qemu to qemu-kvm. Since I
do not have the virt_use_usb selinux field I do need the most recent
update that includes this.
I am running:
[root@BRSINC-VC01 EB30750]# uname -a
Linux BRSINC-VC01.Local 2.6.29.5-191.fc11.i586 #1 SMP Tue Jun 16
23:11:39 EDT 2009 i686 athlon i386 GNU/Linux
[root@BRSINC-VC01 EB30750]# getsebool -a
allow_console_login --> off
allow_cvs_read_shadow --> off
allow_daemons_dump_core --> on
allow_daemons_use_tty --> on
allow_domain_fd_use --> on
allow_execheap --> off
allow_execmem --> off
allow_execmod --> off
allow_execstack --> on
allow_ftpd_anon_write --> off
allow_ftpd_full_access --> off
allow_ftpd_use_cifs --> off
allow_ftpd_use_nfs --> off
allow_gssd_read_tmp --> on
allow_guest_exec_content --> off
allow_httpd_anon_write --> off
allow_httpd_mod_auth_ntlm_winbind --> off
allow_httpd_mod_auth_pam --> off
allow_httpd_sys_script_anon_write --> off
allow_java_execstack --> off
allow_kerberos --> on
allow_mount_anyfile --> on
allow_mplayer_execstack --> off
allow_nfsd_anon_write --> off
allow_nsplugin_execmem --> on
allow_polyinstantiation --> off
allow_postfix_local_write_mail_spool --> on
allow_ptrace --> off
allow_rsync_anon_write --> off
allow_saslauthd_read_shadow --> off
allow_smbd_anon_write --> off
allow_ssh_keysign --> off
allow_staff_exec_content --> on
allow_sysadm_exec_content --> on
allow_unconfined_mmap_low --> off
allow_unconfined_nsplugin_transition --> off
allow_unconfined_qemu_transition --> off
allow_user_exec_content --> on
allow_user_postgresql_connect --> off
allow_write_xshm --> off
allow_xguest_exec_content --> off
allow_xserver_execmem --> on
allow_ypbind --> off
allow_zebra_write_config --> on
cdrecord_read_content --> off
cron_can_relabel --> off
exim_can_connect_db --> off
exim_manage_user_files --> off
exim_read_user_files --> off
fcron_crond --> off
ftp_home_dir --> off
ftpd_connect_db --> off
global_ssp --> off
gpg_agent_env_file --> off
httpd_builtin_scripting --> on
httpd_can_network_connect --> off
httpd_can_network_connect_db --> off
httpd_can_network_relay --> off
httpd_can_sendmail --> off
httpd_dbus_avahi --> on
httpd_enable_cgi --> on
httpd_enable_ftp_server --> off
httpd_enable_homedirs --> on
httpd_execmem --> off
httpd_ssi_exec --> off
httpd_tty_comm --> on
httpd_unified --> on
httpd_use_cifs --> off
httpd_use_nfs --> off
init_upstart --> on
mozilla_read_content --> off
named_write_master_zones --> off
nfs_export_all_ro --> on
nfs_export_all_rw --> on
nsplugin_can_network --> on
openvpn_enable_homedirs --> off
pppd_can_insmod --> off
pppd_for_user --> off
privoxy_connect_any --> off
pulseaudio_network --> off
qemu_full_network --> on
qemu_use_cifs --> on
qemu_use_comm --> off
qemu_use_nfs --> on
qemu_use_usb --> on
read_default_t --> on
rsync_client --> off
rsync_export_all_ro --> off
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_run_unconfined --> on
samba_share_fusefs --> off
samba_share_nfs --> off
secure_mode --> off
secure_mode_insmod --> off
secure_mode_policyload --> off
sepgsql_enable_users_ddl --> on
spamassassin_can_network --> off
spamd_enable_home_dirs --> on
squid_connect_any --> off
ssh_sysadm_login --> off
tftp_anon_write --> off
unconfined_login --> on
use_lpd_server --> off
use_nfs_home_dirs --> on
use_samba_home_dirs --> off
user_direct_mouse --> off
user_ping --> on
user_rw_noexattrfile --> on
user_tcp_server --> off
user_ttyfile_stat --> off
varnishd_connect_any --> off
virt_manage_sysfs --> off
virt_use_comm --> off
virt_use_nfs --> off
virt_use_samba --> off
webadm_manage_user_files --> off
webadm_read_user_files --> off
xdm_sysadm_login --> off
xen_use_nfs --> off
xguest_connect_network --> on
xguest_mount_media --> on
xguest_use_bluetooth --> on
xserver_object_manager --> off
14 years, 9 months
pv_ops dom0 kernel RPM, configuration & setup help anyone?
by Lester M.
I downloaded the following rpms from M. Youngs fedora-people page. (
http://fedorapeople.org/~myoung/dom0/)
kernel-firmware-2.6.31-0.1.2.37.rc1.git5.xendom0.fc12.noarch.rpm
kernel-headers-2.6.31-0.1.2.37.rc1.git5.xendom0.fc12.i586.rpm
kernel-PAE-2.6.31-0.1.2.37.rc1.git5.xendom0.fc12.i686.rpm
kernel-PAE-devel-2.6.31-0.1.2.37.rc1.git5.xendom0.fc12.i686.rpm
I am interested in *Testing* under the understanding that this is in beta.
My question is, after installation of the rpms, what configuration (config
files, grub, et al) is needed to successfully boot into dom0? I recall there
were a few hoops to jump through to get a working dom0.
I also have compiled the xen3.4 tools (hg clone
http://xenbits.xensource.com/xen-3.4-testing.hg)
Could somebody please post a workflow for getting this running? I have
installed the rpms and I am now like "Now what?" :-P
14 years, 10 months
Invalid configuration unexpected EOF when using -x
by Ray Van Dolson
Hi all;
Trying to deploy a CentOS 5 domU under RHEL 5.3 64-bit and am running
into the following error:
virDomainCreateLinux() failed POST operation failed: (xend.err 'Invalid configuration unexpected EOF')
Domain installation may not have been
successful. If it was, you can restart your domain
by running 'virsh start cobbler'; otherwise, please
restart your installation.
Tue, 07 Jul 2009 10:59:38 ERROR virDomainCreateLinux() failed POST operation failed: (xend.err 'Invalid configuration unexpected EOF')
Traceback (most recent call last):
File "/usr/sbin/virt-install", line 560, in ?
main()
File "/usr/sbin/virt-install", line 492, in main
dom = guest.start_install(conscb, progresscb, wait=(not wait))
File "/usr/lib/python2.4/site-packages/virtinst/Guest.py", line 822, in start_install
return self._do_install(consolecb, meter, wait)
File "/usr/lib/python2.4/site-packages/virtinst/Guest.py", line 843, in _do_install
self.domain = self.conn.createLinux(install_xml, 0)
File "/usr/lib64/python2.4/site-packages/libvirt.py", line 573, in createLinux
if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self)
libvirtError: virDomainCreateLinux() failed POST operation failed: (xend.err 'Invalid configuration unexpected EOF')
This only seems to happen when I pass my virt-install command as
follows:
virt-install --name cobbler --ram 1024 --file=/ludlow2/cobbler.img \
--vnc --vcpus=2 --nonsparse -w bridge:xenbr0 -l \
http://yummie.esri.com/mrepo/centos5-x86_64/os/ \
-x "updates=http://yummie.esri.com/updates/updates-el5.1.img ks=http://yummie/ks/ks.php?arch=x86_64&distro=centos&major=5&minor=2" \
--os-type=linux -d
The error appears to be triggered by my kickstart URL location which
includes ampersands and such -- despite the fact that I am include
quotes around the entire argument.
The debug output indicates that the XML is being written with the
ampersand changed into &.
If I change my kickstart location to a URL without the GET variables,
everything works fine.
Bug? Expected behavior? Workaround? Perhaps this is an issue in
virt-install and wouldn't happen if I crafted the XML file myself?
python-virtinst-0.300.2-12.el5
Thanks,
Ray
14 years, 10 months
Re: febootstrap question
by Richard W.M. Jones
[CC'd to fedora-virt]
On Wed, Jun 17, 2009 at 05:25:26PM -0400, Christopher Johnston wrote:
> I had a question about febootstrap and a specific
> use case of mine at my company where I am implementing a stateless solution
> for our grid. I wanted to be able to take the initramfs image that is spun
> up out of febootstrap and put a custom linuxrc in there which will
> essentially take the contents of the initramfs and copy them directly into a
> tmpfs filesystem thats mounted as /sysroot then do a pivot_root into it and
> then do a full execution of init.
I'm a bit confused why you'd want to do this, but maybe I'm missing
something. Why copy the initramfs image into a tmpfs? The initramfs
is already loaded into kernel memory at boot time and so it has all
the same properties / benefits of tmpfs.
> I have been using nash currently to do
> this and I have ran into a few issue when the system boots up once init
> forks off where it segfaults. Below is my custom linuxrc:
I would tend to avoid using nash. If it's possible to add bash to the
image, just use bash.
You might find it helpful to look at what we do in libguestfs, here:
http://git.et.redhat.com/?p=libguestfs.git;a=blob;f=appliance/make.sh.in;...
> #!/sbin/nash
>
> mount -t proc /proc /proc
> echo Mounting proc filesystem
> echo Mounting sysfs filesystem
> mount -t sysfs /sys /sys
> echo Creating /dev
> mount -o mode=0755 -t tmpfs /dev /dev
> mkdir /dev/pts
> mount -t devpts -o gid=5,mode=620 /dev/pts /dev/pts
> mkdir /dev/shm
> mkdir /dev/mapper
> echo Creating initial device nodes
> mknod /dev/null c 1 3
> mknod /dev/zero c 1 5
> mknod /dev/systty c 4 0
> mknod /dev/tty c 5 0
> mknod /dev/console c 5 1
> mknod /dev/ptmx c 5 2
> mknod /dev/fb c 29 0
> mknod /dev/tty0 c 4 0
> mknod /dev/tty1 c 4 1
> mknod /dev/tty12 c 4 12
> mknod /dev/ttyS0 c 4 64
> mknod /dev/ttyS1 c 4 65
> mknod /dev/ttyS2 c 4 66
> mknod /dev/ttyS3 c 4 67
> /lib/udev/console_init tty0
> mkchardevs
> mkblkdevs
> echo Creating tmpfs filesystem
> mkdir -p /sysroot
> mkrootdev -t tmpfs -o defaults,ro /dev/root
> mount -o mode=0755 -t tmpfs /dev/root /sysroot
> mkdir -p /sysroot/proc
> mkdir -p /sysroot/sys
> mkdir -p /sysroot/.oldroot
> echo Copying rootfs->tmpfs
> cp -a bin /sysroot
> cp -a dev /sysroot
> cp -a etc /sysroot
> cp -a home /sysroot
> cp -a lib /sysroot
> cp -a lib64 /sysroot
> cp -a mnt /sysroot
> cp -a sbin /sysroot
> cp -a tmp /sysroot
> cp -a usr /sysroot
> cp -a var /sysroot
> cp -a root /sysroot
> echo Setting up the new root tmpfs filesystem
> setuproot
> echo Switching from rootfs to tmpfs
> switchroot
>
> -Chris
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/
14 years, 10 months
vmware guest -> Fedora-virt guest
by Gene Czarcinski
Does anyone know if it is possible to "convert" a VMware guest to be a Fedora-
virtualization guest?
I first tried with Win2k. I know that Win2k basically works becasue I did a
fresh install onto a virtual IDE disk. But, my Vmware guest uses a SCSI disk.
Could not get it to work.
OK, so lets try something simpler: Fedora 9.
Rather than going the whole way, lets just see if I can get the disk to be
recognized. So, define a new guest with a IDE virtual disk and a Fedora 9
install disk ISO image. Boot up into rescue mode.
1. First, add a new storage SCSI device and use the vmdk file from VMware ...
nope, no good partition table.
2. Next, convert the vmdk file to raw using qemu-img and use this raw image for
a new storage SCSI device ... still did not work ... no good partition table
(fdisk -l).
What am I doing wrong?
Does anyone know if the SCSI device support works?
GEne
14 years, 10 months
Disk device performance in F11
by Jerry James
I'm having a problem with a virtual machine created on an F-11 host
that I didn't have with an F-10 host, and I'm wondering if I've
misconfigured something or missed a trick somewhere. I'm doing some
custom Linux kernel work for my employer, and I'm using a small
collection of virtual machines to test it. In the short time I've had
F-11 on my host machine, I've seen that virtual disk performance is
noticeably worse than it was with F-10. My virtual machines regularly
spew soft lockup messages to the system log, always with backtraces
that show the process is being starved of the disk. The tests put a
lot of stress on the disk, because this custom kernel work is going to
help some overloaded servers deal with the load.
It's actually working pretty well on the real machines with real
disks, but with the upgrade to F-11, my test VMs have become almost
useless for testing further development work. Before I take the
drastic step of rolling back to F-10, what factors affect the virtual
disk performance?
I created both the F-10 and F-11 machines with virt-manager, if that matters.
Thanks,
--
Jerry James
http://www.jamezone.org/
14 years, 10 months
Updated libguestfs Debian packages
by Guido Günther
Hi,
I've uploaded a new versions of the libguestfs Debian packages to
alioth. Please see:
http://wiki.debian.org/Teams/DebianLibvirtTeam#Packages
for download instructions. Changes are:
* ship virt-inspect in the guestfish package
* speedup appliance startup by almost a factor of two
* fix augeas support in the appliance (which I broke previously)
* allow to build on amd64
Many thanks to Richard for applying the patches upstream so quickly!
Cheers,
-- Guido
14 years, 10 months
Fedora virt status
by Mark McLoughlin
F-12
====
F-12 is still coming at us fast:
http://fedoraproject.org/wiki/Releases/12/Schedule
2009-07-28 Feature Freeze (26 days)
2009-09-22 Beta (Final Development) Free (82 days)
2009-10-20 Final Release Compose (110 days)
libguestfs
==========
Much libguestfs activity has continued on fedora-virt(a)redhat.com
lately and Rich Jones has posted two related F-12 feature pages:
https://fedoraproject.org/wiki/Features/libguestfs
https://fedoraproject.org/wiki/Features/Xen_to_KVM_migration
FWN
===
Yet another weekly installment from Dale Bewley:
https://fedoraproject.org/wiki/FWN/Issue182#Virtualization
libvirt-0.6.5
=============
The libvirt folks have released another version of libvirt:
http://www.redhat.com/archives/libvir-list/2009-July/msg00060.html
This is mostly a bug fix release, though it includes some serious
improvements for storage/NPIV and on the OpenNebula driver:
* New features
- create storage columes on disk backend (Henrik Persson)
- drop of capabilities based on libcap-ng when possible (Daniel Berrange)
qemu-fedora.git
===============
git is now being used to manage Fedora's qemu patches:
http://www.redhat.com/archives/fedora-virt/2009-June/msg00157.html
Glauber and I are going to start using git to manage the patches for
the qemu package. The idea is that we'll use git's magical powers to
make it easier for us to fix problems in patches, cherry-pick patches
from upstream, re-base our patches to a newer upstream, etc.
http://git.et.redhat.com/?p=qemu-fedora.git
Already, this has proved useful re-basing to the latest
qemu-kvm-0.10.50 snapshot (kvm-87).
F-11 virtio-blk Performance
===========================
Charles Duffy, Michael Tokarev, Rich Jones and others recently
stumbled across the apparent cause of a dramatic slowdown in
virtio-blk performance in F-11 guests:
https://bugzilla.redhat.com/509383
Thanks for Michael Tokarev and Charles Duffy for the
following suggestion which has mostly fixed this problem:
for f in /sys/block/vd*/queue/rotational; do echo 1 > $f; done
It seems the kernel folks deemed it prudent to turn KVM and Xen
paravirt disks into "non-rotational" disks in 2.6.29, thereby
preventing guests from attempting to optimize block I/O and, instead,
leaving it up to the host:
http://lkml.org/lkml/2008/10/27/84
No doubt there'll be more on this as people look deeper into the
issue.
KVM USB Passthrough
===================
A discussion at FUDCon lead to some tips on USB passthrough being
posted to the fedora-virt list:
http://www.redhat.com/archives/fedora-virt/2009-June/msg00182.html
"KVM, enabling iPhone-touting geeks everywhere to use iTunes" :-)
Wiki
====
Dan Berrange has pulled together a couple of new wiki pages which
people might find interesting.
The first outlines the history of virt in Fedora, with details of what
changes were made in each release:
https://fedoraproject.org/wiki/Virtualization/History
The second pulls together links to all the virt status reports and FWN
virt sections:
https://fedoraproject.org/wiki/Virtualization/News
Xen
===
Michael Young posted more Dom0 kernel builds here:
http://www.redhat.com/archives/fedora-virt/2009-June/msg00205.html
Michael also pointed out Jeremy Fitzhardinge's latest prognosis of
getting the dom0 patches merged upstream:
http://lists.xensource.com/archives/html/xen-devel/2009-06/msg01193.html
For now I've backed off putting anything much into the current merge
window, or even the next, in favour of getting the tree into good
shape for Xen users and working out what needs to happen to get a
solid set of upstreamable patches.
Bugs
====
DOOM-O-METER: 242 open bugs a couple of weeks ago, 250 now
= New =
== kvm ==
https://bugzilla.redhat.com/508801
kvm "emulation failed (pagetable)" during OpenBSD 4.6-beta guest
boot (OOS shadow bug?)
It looks like this OpenBSD guest boot failure on F-11 might be due
to an OOS shadow bug but, then again, that should have been fixed
in 2.6.29.3.
https://bugzilla.redhat.com/509383
mkfs.ext2 much slower with virtio-backed disks than with
IDE-backed disks (NOT sparseness issue)
The problem here seems to be that virtio_blk is now defaulting to
non-rotational mode since 2.6.29. This may also be the cause of
bug #505695 and bug #504376.
== qemu ==
https://bugzilla.redhat.com/507899
qemu's console-via-VNC generates invalid rect position(s)
qemu's VNC server sends bogus rectangle sizes causing vncviewer to
abort.
https://bugzilla.redhat.com/507834
Clock drift in RHEL5.3 KVM Guests on Heavily Loaded Servers
A report of x86_64 RHEL5 guests time drifting under KVM with the
jiffies clocksource. Suggestion to boot with "notsc
divider=10". Macelo also suggests "clock=tsc" or "clock=jiffies"
with -no-kvm-pit-reinjection.
https://bugzilla.redhat.com/508258
qemu init script does nothing useful by default
The qemu initscript for registering binary handlers for the
usermode emulators does nothing unless you obtain the runtime
environment for the emulator from somewhere else. This is
lame.
https://bugzilla.redhat.com/509532
Move /usr/bin/qemu-kvm into the qemu-kvm package
A minor packaging change we should make for F-12.
== libvirt ==
https://bugzilla.redhat.com/508645
libvirt should use qemu's autoconnect mode for USB device
passthrough
qemu has a nice autoconnect mode for USB passthrough which libvirt
should probably use by default. Dan suggests that it should only
be used with managed='yes'.
https://bugzilla.redhat.com/508317
Allow sound devices to be used with svirt - tunnel sound over VNC
Covers the fact that with svirt we now disable sound cards until
we can tunnel sound over VNC.
https://bugzilla.redhat.com/509458
libvirtd default virtual network should not be enabled when
libvirt installed in a guest
This issue has been known for a while now - if you install
libvirtd in a guest, the default network is enabled and since it's
using the same IP range as the default network in the host, things
get screwed up. Suggestions on how to avoid having libvirtd or the
default network enabled by default in guest installs welcome :-)
== virt-manager=
https://bugzilla.redhat.com/508665
virt-manager (running as unprivileged user) doesn't let me install
from NFS locations
Because virt-manager no longer runs as root, NFS installs don't
work. Suggestion is that we'll use PolicyKit to allow virt-manager
to do NFS mounts.
== virt-top ==
https://bugzilla.redhat.com/508197
virt-top segfaults if run in Japanese
Now there's a bug that's right up Rich's alley!
= Resolved =
== qemu ==
https://bugzilla.redhat.com/508326
Force use of /sys/bus/usb for all USB host devices
qemu is currently prefering to use usbfs instead of sysfs for USB
passthrough. Fix sent upstream and built in rawhide.
https://bugzilla.redhat.com/506170
removing virtualization packages leaves qemu-system-x86
This is NOTABUG - if 'yum groupinstall' pulls in packages via
dependencies, then 'yum groupremove' doesn't remove them again.
== libvirt ==
https://bugzilla.redhat.com/506590
libvirt should ignore NUMA cells with missing topology
The libvirt fix for this was committed upstream but a recent F-11
numactl update is enough to fix the original issue for the
reported, so this has been marked as fixed upstream.
https://bugzilla.redhat.com/507555
libvirt starting a guest with ISO on NFS mount fails when
unnecessarily setting SELinux file context
Patch from Tim Waugh sent upstream and included in
libvirt-0.6.2-13.fc11 F-11 update.
https://bugzilla.redhat.com/505625
libvirtd segfault during virsh dominfo on security model
This libvirtd segfault which occurs when you do "virsh
capabilities" followed by "virsh dominfo" is fix in the
libvirt-0.6.2-13.fc11 F-11 update.
https://bugzilla.redhat.com/493692
Creating new VM; SELinux prevents opening iso image of install
media
https://bugzilla.redhat.com/499569
Guest with source-less cdrom fails to start :: Failed to set
security label
Two patches which we included in F-11, but neglected to send
upstream and were then dropped accidentally when we rebased to
0.6.4. All sorted out again now for F-12.
== virt-viewer ==
https://bugzilla.redhat.com/508825
virt-viewer doesnt have "full screen" hot key
It seems sensible that we would hook up F11 for fullscreen and
have virt-manager handle it, rather than passing F11 through to
the guest. Dan thinks this is a dumb idea, so the bug is closed as
WONTFIX.
14 years, 10 months