Thanks! Unfortunately, I am running into the following issue when
attempting to use the generic ethernet configuration:
$ virsh -c qemu:///system create /tmp/generic.xml
error: Failed to create domain from /tmp/generic.xml
error: internal error process exited while connecting to monitor: kvm:
-netdev tap,id=hostnet0: could not configure /dev/net/tun: Operation not
permitted
kvm: -netdev tap,id=hostnet0: Device 'tap' could not be initialized
This is the network part of my xml file:
<devices>
<interface type="ethernet"/>
...
<devices>
<interface type='ethernet'/>
...
<interface type='ethernet'>
<target dev='vnet7'/>
<script path='/etc/qemu-ifup-mynet'/>
</interface>
</devices>
...
In my /etc/libvirt/qemu.conf file I have the following set:
user = "root"
group ="root"
dynamic ownership = 0
clear_emulator_capabilities = 0
cgroup_device_acl = [
"/dev/null", "/dev/full", "/dev/zero",
"/dev/random", "/dev/urandom",
"/dev/ptmx", "/dev/kvm", "/dev/kqemu",
"/dev/rtc", "/dev/hpet",
"/dev/net/tun",
]
I am running Ubuntu 12, which does not use SELinux.
On Fri, Aug 9, 2013 at 8:01 AM, Daniel P. Berrange
<berrange@redhat.com>wrote:
> On Thu, Aug 08, 2013 at 08:55:27PM -0600, Joshua McKee wrote:
> > Hi,
> >
> > I hope this is the right place to ask this question. I was wondering
if
> > there is a way to set up a KVM VM using an XML document as input into
> Virsh
> > that uses bridged networking over a wireless card.
> >
> > I understand that wireless cards to not natively support, but I was
able
> to
> > find a working solution here:
> > http://blog.ericwhite.ca/articles/2011/04/creating-a-wireless-bridge/.
>
> Ok, that's slightly different. The traditional integration with Linux
> bridge devices is doing ethernet layer bridging - so all protocols
> like IPv4, IPv6, etc, etc will "just work".
>
> What that blog describes is protocol layer bridging, which with those
> instructions only works for IPv4.
>
> Libvirt doesn't have any explicit support for the latter. Though we
have
> thought about implementing it in the virtual network APIs, we've never
> got around to it.
>
> > The issue is, I can use this bridge by calling KVM directly. However,
I
> > cannot figure out how to get this same configuration on an XML file
that
> I
> > input into Virsh for the creation of a VM.
> >
> > My understanding is that libvirt calls KVM/QEMU at some point, but I
may
> be
> > mistaken.
>
> You might be able to get it working using the generic ethernet config
>
> http://libvirt.org/formatdomain.html#elementsNICSEthernet
>
> That setup you specify a pre-created TAP device for the VM to use.
> Of course it is upto you todo the manal config steps described in
> that blog, so is more tedious from an admin pov.
>
>
> Daniel
> --
> |: http://berrange.com -o-
http://www.flickr.com/photos/dberrange/:|
> |: http://libvirt.org -o-
http://virt-manager.org:|
> |: http://autobuild.org -o-
http://search.cpan.org/~danberr/:|
> |: http://entangle-photo.org -o-
http://live.gnome.org/gtk-vnc:|
>
Sorry, I accidentally hit send before I was done. Here's the finished
message:
Thanks! Unfortunately, I am running into the following issue when
attempting to use the generic ethernet configuration:
$ virsh -c qemu:///system create /tmp/generic.xml
error: Failed to create domain from /tmp/generic.xml
error: internal error process exited while connecting to monitor: kvm:
-netdev tap,id=hostnet0: could not configure /dev/net/tun: Operation not
permitted
kvm: -netdev tap,id=hostnet0: Device 'tap' could not be initialized
This is the network part of my xml file:
...
<devices>
<interface type="ethernet"/>
...
<interface type="ethernet'>
<target dev="tap0"/>
<script path='/etc/qemu-ifup'/>
</interface>
...
</devices>
...
In my /etc/libvirt/qemu.conf file I have the following set:
user = "root"
group ="root"
dynamic ownership = 0
clear_emulator_capabilities = 0
cgroup_device_acl = [
"/dev/null", "/dev/full", "/dev/zero",
"/dev/random", "/dev/urandom",
"/dev/ptmx", "/dev/kvm", "/dev/kqemu",
"/dev/rtc", "/dev/hpet",
"/dev/net/tun",
]
I am running Ubuntu 12, which does not use SELinux.
On Sat, Aug 10, 2013 at 8:30 PM, Joshua McKee <josjunk@gmail.com> wrote:
> Thanks! Unfortunately, I am running into the following issue when
> attempting to use the generic ethernet configuration:
>
> $ virsh -c qemu:///system create /tmp/generic.xml
> error: Failed to create domain from /tmp/generic.xml
> error: internal error process exited while connecting to monitor: kvm:
> -netdev tap,id=hostnet0: could not configure /dev/net/tun: Operation not
> permitted
> kvm: -netdev tap,id=hostnet0: Device 'tap' could not be initialized
>
> This is the network part of my xml file:
>
> <devices>
> <interface type="ethernet"/>
>
>
> ...
> <devices>
> <interface type='ethernet'/>
> ...
> <interface type='ethernet'>
> <target dev='vnet7'/>
> <script path='/etc/qemu-ifup-mynet'/>
> </interface>
> </devices>
> ...
>
>
>
> In my /etc/libvirt/qemu.conf file I have the following set:
>
> user = "root"
> group ="root"
> dynamic ownership = 0
> clear_emulator_capabilities = 0
> cgroup_device_acl = [
> "/dev/null", "/dev/full", "/dev/zero",
> "/dev/random", "/dev/urandom",
> "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
> "/dev/rtc", "/dev/hpet",
> "/dev/net/tun",
> ]
>
> I am running Ubuntu 12, which does not use SELinux.
>
>
> On Fri, Aug 9, 2013 at 8:01 AM, Daniel P. Berrange
<berrange@redhat.com>wrote:
>
>> On Thu, Aug 08, 2013 at 08:55:27PM -0600, Joshua McKee wrote:
>> > Hi,
>> >
>> > I hope this is the right place to ask this question. I was
wondering if
>> > there is a way to set up a KVM VM using an XML document as input
into
>> Virsh
>> > that uses bridged networking over a wireless card.
>> >
>> > I understand that wireless cards to not natively support, but I
was
>> able to
>> > find a working solution here:
>> >
http://blog.ericwhite.ca/articles/2011/04/creating-a-wireless-bridge/.
>>
>> Ok, that's slightly different. The traditional integration with
Linux
>> bridge devices is doing ethernet layer bridging - so all protocols
>> like IPv4, IPv6, etc, etc will "just work".
>>
>> What that blog describes is protocol layer bridging, which with those
>> instructions only works for IPv4.
>>
>> Libvirt doesn't have any explicit support for the latter. Though we
have
>> thought about implementing it in the virtual network APIs, we've
never
>> got around to it.
>>
>> > The issue is, I can use this bridge by calling KVM directly.
However, I
>> > cannot figure out how to get this same configuration on an XML
file
>> that I
>> > input into Virsh for the creation of a VM.
>> >
>> > My understanding is that libvirt calls KVM/QEMU at some point, but
I
>> may be
>> > mistaken.
>>
>> You might be able to get it working using the generic ethernet config
>>
>> http://libvirt.org/formatdomain.html#elementsNICSEthernet
>>
>> That setup you specify a pre-created TAP device for the VM to use.
>> Of course it is upto you todo the manal config steps described in
>> that blog, so is more tedious from an admin pov.
>>
>>
>> Daniel
>> --
>> |: http://berrange.com -o-
>> http://www.flickr.com/photos/dberrange/ :|
>> |: http://libvirt.org -o-
>> http://virt-manager.org :|
>> |: http://autobuild.org -o-
>> http://search.cpan.org/~danberr/ :|
>> |: http://entangle-photo.org -o-
>> http://live.gnome.org/gtk-vnc :|
>>
>
>
Daniel P. Berrange
2013-Aug-12 09:18 UTC
Re: [libvirt-users] Bridging Wireless Cards for KVM
On Sat, Aug 10, 2013 at 08:33:17PM -0600, Joshua McKee wrote:> Sorry, I accidentally hit send before I was done. Here's the finished > message: > > Thanks! Unfortunately, I am running into the following issue when > attempting to use the generic ethernet configuration: > > $ virsh -c qemu:///system create /tmp/generic.xml > error: Failed to create domain from /tmp/generic.xml > error: internal error process exited while connecting to monitor: kvm: > -netdev tap,id=hostnet0: could not configure /dev/net/tun: Operation not > permitted > kvm: -netdev tap,id=hostnet0: Device 'tap' could not be initialized > > This is the network part of my xml file: > > ... > <devices> > <interface type="ethernet"/> > ... > <interface type="ethernet'> > <target dev="tap0"/> > <script path='/etc/qemu-ifup'/> > </interface> > ... > </devices> > ... > > In my /etc/libvirt/qemu.conf file I have the following set: > > user = "root" > group ="root" > dynamic ownership = 0 > clear_emulator_capabilities = 0 > cgroup_device_acl = [ > "/dev/null", "/dev/full", "/dev/zero", > "/dev/random", "/dev/urandom", > "/dev/ptmx", "/dev/kvm", "/dev/kqemu", > "/dev/rtc", "/dev/hpet", > "/dev/net/tun", > ]You did restart libvirtd after making those setting changes, right ? The user, group & clear_emulator_capabilities settings are the 3 that matter here & you have them correctly set.> I am running Ubuntu 12, which does not use SELinux.It has apparmour though, which possibly denies access to /dev/net/tun Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|