libvirt users - Jul 2017 - Re: SSH from host to domain using hostname

Hello!

I want to SSH from host to specific guest using hostname, e.g.
ssh <user>@<guest>
or
ssh test@vm02-fai

ssh to guest using IP works w/o issues.

I found Wiki article for "NSS module"
(http://wiki.libvirt.org/page/NSS_module), but there are no results for the
following commands:
ld4004:/home # virsh net-dhcp-leases default
 Expiry Time          MAC address        Protocol  IP address               
Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------

ld4004:/home # virsh domifaddr --source lease vm02-fai
 Name       MAC address          Protocol     Address
-------------------------------------------------------------------------------

ld4004:/home # virsh list
 Id    Name                           State
----------------------------------------------------
 1     vm02-fai                       running


dnsmasq is running:
ld4004:/home # netstat -nulpd | grep dnsmasq
udp        0      0 192.168.33.1:53         0.0.0.0:*                          
10318/dnsmasq
udp        0      0 192.168.100.1:53        0.0.0.0:*                          
20145/dnsmasq
udp        0      0 0.0.0.0:67              0.0.0.0:*                          
20145/dnsmasq


How can I fix this issue?

THX

On Mon, Jul 17, 2017 at 02:17:12PM +0000, c.monty@web.de
wrote:
>Hello!
>
>I want to SSH from host to specific guest using hostname, e.g.
>ssh <user>@<guest>
>or
>ssh test@vm02-fai
>
>ssh to guest using IP works w/o issues.
>
>I found Wiki article for "NSS module"
(http://wiki.libvirt.org/page/NSS_module), but there are no results for the
following commands:
>ld4004:/home # virsh net-dhcp-leases default
> Expiry Time          MAC address        Protocol  IP address               
Hostname        Client ID or DUID
>-------------------------------------------------------------------------------------------------------------------
>
>ld4004:/home # virsh domifaddr --source lease vm02-fai
> Name       MAC address          Protocol     Address
>-------------------------------------------------------------------------------
>
What is the version of your libvirt?
>ld4004:/home # virsh list
> Id    Name                           State
>----------------------------------------------------
> 1     vm02-fai                       running
>
Is this domain plugged into network controlled by libvirt?
>
>dnsmasq is running:
>ld4004:/home # netstat -nulpd | grep dnsmasq
>udp        0      0 192.168.33.1:53         0.0.0.0:*                       
10318/dnsmasq
>udp        0      0 192.168.100.1:53        0.0.0.0:*                       
20145/dnsmasq
>udp        0      0 0.0.0.0:67              0.0.0.0:*                       
20145/dnsmasq
>
Is this the dnsmasq for libvirt's network?
>
>How can I fix this issue?
>
>THX
>
>_______________________________________________
>libvirt-users mailing list
>libvirt-users@redhat.com
>https://www.redhat.com/mailman/listinfo/libvirt-users

On 07/17/2017 04:17 PM, c.monty@web.de wrote:
> Hello!
> 
> I want to SSH from host to specific guest using hostname, e.g.
> ssh <user>@<guest>
> or
> ssh test@vm02-fai
> 
> ssh to guest using IP works w/o issues.
> 
> I found Wiki article for "NSS module"
(http://wiki.libvirt.org/page/NSS_module),
Also, until 3.2.0 it was mandatory to restart the virtual network after
configuring the libvirt_guest module (I've updated the wiki accordingly).
> but there are no results for the following commands:
> ld4004:/home # virsh net-dhcp-leases default
>  Expiry Time          MAC address        Protocol  IP address              
Hostname        Client ID or DUID
>
-------------------------------------------------------------------------------------------------------------------

This is the problem. Libvirt is not the one who's assigning IP addresses
and thus the NSS module doesn't work.
> 
> ld4004:/home # virsh domifaddr --source lease vm02-fai
>  Name       MAC address          Protocol     Address
>
-------------------------------------------------------------------------------
> 
> ld4004:/home # virsh list
>  Id    Name                           State
> ----------------------------------------------------
>  1     vm02-fai                       running
> 
> 
> dnsmasq is running:
> ld4004:/home # netstat -nulpd | grep dnsmasq
> udp        0      0 192.168.33.1:53         0.0.0.0:*                      
10318/dnsmasq
> udp        0      0 192.168.100.1:53        0.0.0.0:*                      
20145/dnsmasq
> udp        0      0 0.0.0.0:67              0.0.0.0:*                      
20145/dnsmasq
> 
> 
> How can I fix this issue?
By having libvirt network assign IP addresses. Generally, <interface
type='network'/> is what you should look for.

Michal

Hello!

I have upgraded all libvirt packages to version 3.5.0-655.1 and restarted host.

This is the current default network config:
ld4004:~ # virsh net-dumpxml default
<network connections='1'>
  <name>default</name>
  <uuid>f511d113-d7d1-4714-ad2b-be29ef8f7fc4</uuid>
  <forward dev='br0' mode='nat'>
    <nat>
      <port start='1024' end='65535'/>
    </nat>
    <interface dev='br0'/>
  </forward>
  <bridge name='virbr0' stp='on' delay='0'/>
  <mac address='52:54:00:f5:5f:ca'/>
  <domain name='local.net' localOnly='yes'/>
  <ip address='192.168.100.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.100.10'
end='192.168.100.254'/>
    </dhcp>
  </ip>
</network>

What do I need to configure in order to have NSS working?

THX




18. Juli 2017 14:13, "Michal Privoznik" <mprivozn@redhat.com>
schrieb:
> On 07/17/2017 04:17 PM, c.monty@web.de wrote:
> 
>> Hello!
>> 
>> I want to SSH from host to specific guest using hostname, e.g.
>> ssh <user>@<guest>
>> or
>> ssh test@vm02-fai
>> 
>> ssh to guest using IP works w/o issues.
>> 
>> I found Wiki article for "NSS module"
(http://wiki.libvirt.org/page/NSS_module),
> 
> Also, until 3.2.0 it was mandatory to restart the virtual network after
> configuring the libvirt_guest module (I've updated the wiki
accordingly).
> 
>> but there are no results for the following commands:
>> ld4004:/home # virsh net-dhcp-leases default
>> Expiry Time MAC address Protocol IP address Hostname Client ID or DUID
>>
----------------------------------------------------------------------------------------------------
>> --------------
> 
> This is the problem. Libvirt is not the one who's assigning IP
addresses
> and thus the NSS module doesn't work.
> 
>> ld4004:/home # virsh domifaddr --source lease vm02-fai
>> Name MAC address Protocol Address
>>
-------------------------------------------------------------------------------
>> 
>> ld4004:/home # virsh list
>> Id Name State
>> ----------------------------------------------------
>> 1 vm02-fai running
>> 
>> dnsmasq is running:
>> ld4004:/home # netstat -nulpd | grep dnsmasq
>> udp 0 0 192.168.33.1:53 0.0.0.0:* 10318/dnsmasq
>> udp 0 0 192.168.100.1:53 0.0.0.0:* 20145/dnsmasq
>> udp 0 0 0.0.0.0:67 0.0.0.0:* 20145/dnsmasq
>> 
>> How can I fix this issue?
> 
> By having libvirt network assign IP addresses. Generally, <interface
> type='network'/> is what you should look for.
> 
> Michal

On 07/18/2017 04:31 PM, c.monty@web.de wrote:
> Hello!
> 
> I have upgraded all libvirt packages to version 3.5.0-655.1 and restarted
host.
That wasn't necessary. It's not Windows ;-)
> 
> This is the current default network config:
> ld4004:~ # virsh net-dumpxml default
> <network connections='1'>
>   <name>default</name>
>   <uuid>f511d113-d7d1-4714-ad2b-be29ef8f7fc4</uuid>
>   <forward dev='br0' mode='nat'>
>     <nat>
>       <port start='1024' end='65535'/>
>     </nat>
>     <interface dev='br0'/>
>   </forward>
>   <bridge name='virbr0' stp='on' delay='0'/>
>   <mac address='52:54:00:f5:5f:ca'/>
>   <domain name='local.net' localOnly='yes'/>
>   <ip address='192.168.100.1'
netmask='255.255.255.0'>
>     <dhcp>
>       <range start='192.168.100.10'
end='192.168.100.254'/>
>     </dhcp>
>   </ip>
> </network>
This is looking good.
> 
> What do I need to configure in order to have NSS working?
What's the domain's <interface/> type? It should look something
like this:

<interface type='network'>
  <source network='default'/>
  ...
</interface>

And with this you should be all set.

Michal

18. Juli 2017 16:45, "Michal Privoznik" <mprivozn@redhat.com>
schrieb:
> On 07/18/2017 04:31 PM, c.monty@web.de wrote:
> 
>> Hello!
>> 
>> I have upgraded all libvirt packages to version 3.5.0-655.1 and
restarted host.
> 
> That wasn't necessary. It's not Windows ;-)
> 
>> This is the current default network config:
>> ld4004:~ # virsh net-dumpxml default
>> <network connections='1'>
>> <name>default</name>
>> <uuid>f511d113-d7d1-4714-ad2b-be29ef8f7fc4</uuid>
>> <forward dev='br0' mode='nat'>
>> <nat>
>> <port start='1024' end='65535'/>
>> </nat>
>> <interface dev='br0'/>
>> </forward>
>> <bridge name='virbr0' stp='on'
delay='0'/>
>> <mac address='52:54:00:f5:5f:ca'/>
>> <domain name='local.net' localOnly='yes'/>
>> <ip address='192.168.100.1'
netmask='255.255.255.0'>
>> <dhcp>
>> <range start='192.168.100.10'
end='192.168.100.254'/>
>> </dhcp>
>> </ip>
>> </network>
> 
> This is looking good.
> 
>> What do I need to configure in order to have NSS working?
> 
> What's the domain's <interface/> type? It should look
something like this:
> 
> <interface type='network'>
> <source network='default'/>
> ...
> </interface>
> 
> And with this you should be all set.
> 
> Michal

OK, all libvirt software packages are updated.
And this is the configuration /etc/nsswitch.conf
ld4004:~ # cat /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#

passwd: compat
group:  compat

hosts:          files libvirt dns
networks:       files dns

services:       files
protocols:      files
rpc:            files
ethers:         files
netmasks:       files
netgroup:       files nis
publickey:      files

bootparams:     files
automount:      files nis
aliases:        files

And this is the domain's interface type / configuration:
    <interface type='network'>
      <mac address='52:54:00:31:dd:59'/>
      <source network='default'/>
      <model type='rtl8139'/>
      <address type='pci' domain='0x0000' bus='0x00'
slot='0x03' function='0x0'/>
    </interface>
    <interface type='network'>
      <mac address='52:54:00:5d:1e:dc'/>
      <source network='internal'/>
      <model type='rtl8139'/>
      <address type='pci' domain='0x0000' bus='0x00'
slot='0x08' function='0x0'/>
    </interface>


However, there's still no record of the domain's IP address:
ld4004:~ # virsh domifaddr --source lease vm02-fai
 Name       MAC address          Protocol     Address
-------------------------------------------------------------------------------


Could this issue be related to the domain's NIC configuration, means model
type='rtl8139' or the fact that 2 NICs are configured?
For your information, it fails also with model type='virtio'.

Regards