virt July 2011

virt@lists.centos.org

34 participants
20 discussions

qemu-kvm -snapshot
by Andrea Chierici 19 Jul '11

19 Jul '11

Hi, I am trying to benchmark disk I/O performance on VM running with "-snapshot" option enabled. In order to do that I specify cache=none in the -drive parameter (yes I am running qemu-kvm at command line0. The problem is that if I use this option kvm seems to ignore the cache=none directive and I get weird output from iozone (I/O values are better than on the real machine, indicating that caching is enabled). The same command line, without "-snapshot" gives a correct output. Has anyone a clue about that? I succeeded in disabling cache in the past (with -snapshot enabled), but apparently this is not working anymore and I can't explain why. If this can help, here is the command line I am using: /usr/libexec/qemu-kvm -m 2048 -smp 1 -name test-1 \ -boot c -drive file=/var/lib/libvirt/images/test-1.img,if=virtio,index=0,boot=on,cache=none \ -net nic,macaddr=54:52:00:37:a9:eb,model=virtio -net tap \ -vnc 127.0.0.1:10 -k en-us -snapshot & the host is running centos5 and all latest updates are applied. Cheers, Andrea -- Andrea Chierici - INFN-CNAF Viale Berti Pichat 6/2, 40127 BOLOGNA Office Tel: +39 051 6092809 ICQ#2328798, MSN#ataruz<at>gmail.com, Skype#ataruz --

1 0

CentOS-6.0 and LXC
by Matt Paine 19 Jul '11

19 Jul '11

Hi Guys. Hope someone can point me in the right direction. I would like to get into LXC and evaluate its usefulness compared with Linux-VServer. I notice that LXC is in tech preview upstream, however I am at a dead end trying to figure out how to get started. I cannot find any usertools in the rpm's that ship with CentOS 6. Is this because the tech preview requires me to get the tools outside the standard repo's? Of course I am happy to do that, but at the same time I prefer to use tools that are within the CentOS eco-system where possible. Any help pointing me to documentation specifically with CentOS/RHEL/otherEL (6) will be greatly appreciated. I have not been able to find anything useful in my efforts so far. Thank you. Matt.

5 7

Now on to creation of disk images
by Steve Campbell 18 Jul '11

18 Jul '11

Mr. Heron was so kind to make a suggestion that I should use disk images to install VMs. Upon further thought, I kinda like the idea. So I re-read the manual and google a little, and discover I still don't know what should be in these disk images. Should I copy the contents of the CDs to a file or what? I've got a test server at the moment with Centos 5.5 and xen installed as the host OS, but have just downloaded the 5.6 CD ISOs along with the DVD ISO, so I'll use 5.6 for my VMs. I've read about how I can create an image from something that already exists. Again, any clarity would be appreciated. steve campbell

4 5

CentOS 6 and KVM woes
by Trey Dockendorf 17 Jul '11

17 Jul '11

I have decided to migrate my latest KVM server to CentOS 6.0 and am beginning to get a little frustrated with some issues that worked perfectly in 5.6. Right now I've given up on getting virbr0 and NAT to work, but now I need networking bridging to work, but nothing seems to fix the issue. I have not had much experience with troubleshooting KVM so could really use some pointers on resolving this issue. I have successfully bridged one of the server's NICs to br0, and I can ping the IP remotely that is assigned to br0, but none of the VMs that worked in 5.6's KVM are able to access the network. Please let me know what information would be useful to troubleshoot this. Here's what I have so far... ifcfg-eth3... --------------------------------- DEVICE="eth3" HWADDR="00:1B:21:A1:CF:76" ONBOOT="yes" BRIDGE=br0 ifcfg-br0 -------------------------------- DEVICE=br0 TYPE=Bridge BOOTPROTO=static ONBOOT=yes IPADDR=.... BROADCAST=.... NETMASK=.... NETWORK=.... # brctl show bridge name bridge id STP enabled interfaces br0 8000.001b21a1cf76 no eth3 sysctl.conf has these 3 additional lines... net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-arptables = 0 Again I can ping br0's IP remotely , but no VMs assigned to it can access even that network's gateway. I have disabled iptables and ip6tables for now while trying to get this to work. The VMs , worked just fine in 5.6 and I have done nothing different but import them with virsh. Thanks - Trey

6 11

IPtables and Libvirt
by Trey Dockendorf 17 Jul '11

17 Jul '11

Running CentOS 6 I have noticed that Libvirt will automatically configure IPtables once a VM is using the built in NAT , or "default" network. How do I modify the IPtable rules without breaking libvirt's ability to configure these rules? This is the firewall settings on a fresh install with no VMs using virbr0... -------------------------- Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-bridged 2 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) num target prot opt source destination And this is what I see after a reboot or once a VM uses the NAT ---------------------------- Table: mangle Chain PREROUTING (policy ACCEPT) num target prot opt source destination Chain INPUT (policy ACCEPT) num target prot opt source destination Chain FORWARD (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination Chain POSTROUTING (policy ACCEPT) num target prot opt source destination 1 CHECKSUM udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68 CHECKSUM fill Table: nat Chain PREROUTING (policy ACCEPT) num target prot opt source destination Chain POSTROUTING (policy ACCEPT) num target prot opt source destination 1 MASQUERADE tcp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535 2 MASQUERADE udp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535 3 MASQUERADE all -- 192.168.122.0/24 !192.168.122.0/24 Chain OUTPUT (policy ACCEPT) num target prot opt source destination Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 3 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 5 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 6 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 7 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 9 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTABLISHED 2 ACCEPT all -- 192.168.122.0/24 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 6 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-bridged 7 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) num target prot opt source destination My concern is that if I begin to add custom rules that it will break this setup. If I run "service iptables save" after adding a rule, IPtables will then have saved this dynamic configuration. I assume it's dynamic because "/etc/sysconfig/iptables" does not reflect the second set of rules I pasted, but rather the first even when the second set is showing as active. Thanks - Trey

1 0

Xen and timekeeping
by Dmitry E. Mikhailov 11 Jul '11

11 Jul '11

Hi everyone, I have the problem with Xen domU's and timekeeping in dom0. Time in dom0 was incorrect by 5 hours due to wrong timezone assumed. Fixed it by ntpdate ntp.nist.gov. The time on a dom0 was changed. I didn't append xen.independent_wallclock=1 to sysctl.conf thus the time in all domU's was also changed. But THEY DIDN'T "KNOW" THAT! The 'date' output in domU shows time unchanged, as before, incorrect by 5 hours. But any current_time-dependent operations don't behave correctly. Quagga's OSPFd daemon doesn't add routes. 'service dhcpd stop' hangs forever while correctly stopping the daemon. AFAIK, it hangs on 'killproc' [root@gbuh-ufa init.d]# grep killproc dhcpd -A 2 -B 2 echo -n $"Shutting down $prog: " killproc $prog RETVAL=$? [ $RETVAL = 0 ] && rm -f $lockfile From http://www.novell.com/coolsolutions/feature/15380.html killproc: killproc kills a process which is given by a full path to the executable. ...cut... (by default a SIGTERM is sent, then a SIGKILL if the process does not die within 5 seconds). So a 5 seconds interval becomes 5 hours and 5 seconds - something I'm not willing to wait for. The problem was worked around when I did a 'date 07111158' on a dom0 and all domU's semi-simultaneously. Is this behaviour normal or should I file a bug? Best regards, Dmitry Mikhailov dom0: Hardware: Intel 5000P chipset, 2 CPUs, total 8 cores [root@xensrv ~]# cat /etc/redhat-release CentOS release 5.6 (Final) [root@xensrv ~]# uname -a Linux xensrv 2.6.18-238.el5xen #1 SMP Thu Jan 13 16:41:45 EST 2011 x86_64 x86_64 x86_64 GNU/Linux [root@xensrv ~]# rpm -q ntp ntp-4.2.2p1-9.el5.centos.2.1 [root@xensrv ~]# cat /proc/cpuinfo - 8 times the following processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 23 model name : Intel(R) Xeon(R) CPU E5420 @ 2.50GHz stepping : 6 cpu MHz : 1998.000 cache size : 6144 KB physical id : 0 siblings : 1 core id : 0 cpu cores : 1 fpu : yes fpu_exception : yes cpuid level : 10 wp : yes flags : fpu tsc msr pae cx8 apic mtrr cmov pat clflush acpi mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc pni vmx est ssse3 cx16 sse4_1 lahf_lm bogomips : 6237.52 clflush size : 64 cache_alignment : 64 address sizes : 38 bits physical, 48 bits virtual power management: domU#0 [root@gbuh-ufa init.d]# cat /etc/redhat-release CentOS release 5.5 (Final) [root@gbuh-ufa init.d]# uname -a Linux gbuh-ufa 2.6.18-238.el5xen #1 SMP Thu Jan 13 17:49:40 EST 2011 i686 i686 i386 GNU/Linux domU#1 [root@buhserv ~]# cat /etc/redhat-release CentOS release 5.6 (Final) [root@buhserv ~]# uname -a Linux buhserv 2.6.18-238.el5xen #1 SMP Thu Jan 13 16:41:45 EST 2011 x86_64 x86_64 x86_64 GNU/Linux

1 0

virtio-win for c6?
by Rainer Traut 11 Jul '11

11 Jul '11

Hi there, I know it's in the supplementary channel and there is no srpm to rebuild windows drivers. But are these drivers anywhere available so that I can use them without a rhn subscription? Thx Rainer

3 6

"CentOS on a stick"
by Dennis Jacobfeuerborn 07 Jul '11

07 Jul '11

Hi, I'm looking into setting up a redundant firewall and I'm wondering how feasible it is to use an USB stick as the only storage device in these systems (i.e. no HDs). The logs will go to a remote logging server but I'm wondering what else needs to be changed to make something like this possible. The idea is to have both systems running independent of each other with the iptables rules being manually kept in sync and conntrackd syncing the connection tracking data. Has anyone experience with this and how would one go about creating such a USB drive? So far I've only used USB for installation but not as an actual root fs itself. Regards, Dennis

1 0

xm attach-block reboots entire server
by Steve Campbell 06 Jul '11

06 Jul '11

I'm still trying to get xen working before Centos 6 and KVM just for experience. I seem to be able to do most of what I what with VMs, but I've run into another problem with CD/DVDs. I can get a DVD mounted on the host domain just fine, but when I try and attach-block to a running guest VM, the entire server reboots. I've tried many different commands versions based on what Google finds, but I'm not getting anywhere. I end up using scp to copy the data from the host to the guest. The guest is basically defined as a full virtualized domain. I'm using /dev/scd0 as the device (it's listed on the mount command) as both frontend and backend devices. And I've tried a few other devices as well, but the same result. Anyone know of a reason or fix, please? steve campbell

3 3

where can i download PV drivers for CENTOS 5.5 HVM Guest
by veerasena reddy 05 Jul '11

05 Jul '11

Hi, This is VeeraSena Reddy (shortly called VSR), recently started working on XEN. I installed CENTOS 5.5 as HVM Guest on XEN-3.4.3 and now i would like to install and test PV Drivers on this guest. Can anyone please guide me where can I get PV drivers for CENTOS 5.5 HVM guest? Thanks in Advance. Regards, VSR.

7 9

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

virt July 2011