Difference between revisions of "KVM Kernel Virtualization Machine on Rocky Linux 9"
m |
m |
||
(12 intermediate revisions by the same user not shown) | |||
Line 41: | Line 41: | ||
'''Network Connectivity, don't forget that;''' | '''Network Connectivity, don't forget that;''' | ||
...and | Tools to use; | ||
*Virtual Machine Manager GUI | |||
*nm-connection-editor: Basic GUI for Network Management (more powerful than the GNOME Network GUI, and in fact the GNOME Network GUI is just plain unreliable and inaccurate, so don't use) | |||
*Terminal (AKA "Command Prompt") | |||
Useful Commands; | |||
*virsh net-list --all | |||
*nmcli connection show | |||
*ip link show | |||
*ifconfig | |||
*systemctl restart libvirtd.service | |||
*systemct. restart NetworkManager | |||
OK, here's what to do for creating what is essentially an Ethernet Switch. IE, this is about as close as it comes to 'typical' reality where computers, servers, and other devices are all connected to each other via Ethernet Cables to an Ethernet Switch. The below method uses a GUI interface as much as possible in order for one to understand and see what is going on, VS being a 'parrot' that types in commands as suggested by someone else. It also assumes the reader knows the basics of what they're doing, so for instance when it is noted that something needs to be disabled, the reader knows how to do it (because it's easy) and doesn't need five additional steps stating, "...click here, type this, etc.); | |||
*Identify current Ethernet Adapter(s) and Virtual Bridge(s) get oriented by obtaing the names of various Network Adapters or Virtual Devices (eth0, enp1s0of0, virbr0, bridg0, br0, whatever, etc.); | |||
**nmcli connection show (or use the nm-connection-editor) | |||
**brctl show | |||
**ip link show | |||
*Disable the ''existing target'' Ethernet Adapter (this equates to the Physical Network Adapter that is connected to the Subnet / LAN / Network) through a GUI or command line interface. Don't delete it as most tutorials would have you do (if needed you can always enable it later instead of re-creating it from scratch). Also prevent it from starting by default. | |||
**nmcli connection modify WhatEverConnectionName connection.autoconnect "no" | |||
**ifconfig WhatEverConnectionName down OR ip link set dev WhatEverConnectionName down | |||
*Create the "Virtual Ethernet Switch" (AKA Virtual Bridge) | |||
**nm-connection-editor: Using this GUI makes it easy. | |||
***"Connect / Extend the Ethernet Cable plugged into the Physical Host's Network Jack" to a "Port" on the "Virtual Ethernet Switch" | |||
****Bridge Tab, Add Button, Select the Physical Interface | |||
***Configure IP Information (which should be the same as the Ethernet Adapter disabled above). | |||
***Name the Connections and Interface Name as: bridge0 (although it can be anything, plus keeping the names similar cuts down on Alias Names causing confusion later) | |||
****Another useful naming convention would be a hybrid approach where one could start the name with the old fashion "br", then append the name of the physical adapter, so a "bridge" connected to eno4 (a naming convention for Rocky Linux 9 Ethernet Adapter / Connections) would be breno4 | |||
***The end result is the is a Virtual Ethernet Switch with a single Port that has one Cable plugged into it. Later, if viewed when a Virtual Machine is powered on, the additional Ports for the Virtual Machines will be seen here. | |||
**OR, to do the same as above from the command line (minus adding IP information): mcli connection add type bridge autoconnect yes con-name bridge0 ifname bridge0 | |||
*Configure the Virtual Machine's Network Adapter. There should be one created by default. | |||
**Edit the Virtual Machine in Virtual Machine Editor | |||
***Set the Network Source to: Bridge device | |||
***Set the name to: bridge0 (or whatever it was named) | |||
***Set Device Model to: virtio | |||
...done. Well, configure the Virtual Machine's network information as would be done for any other physical machine. | |||
The result will be a Virtual Bridge named bridge0 (it can be anything, but bridge0 keeps with the 'suggested' Rocky Linux 9 naming convention, with the equivalent CentOS 7 naming convention being br0). Virtual Machines as they're powered on will have their NICs show up as vnet0, vnet1, etc. | |||
And as gone into more detail below, it is simply not within the realm of reality for the libvirtd to automatically create the above "Switch" (AKA Virtual Bridge) | |||
'''Power Events (AKA Automatic Start Actions, Automatic Stop Actions, and "WatchDog")''' | |||
One would ordinarily ever consider that Microsoft would make sense. But they do in this instance. Here's the question: When a QEMU / KVM Host Machine (that's the physical machine) is restarted / rebooted or shut down, what about the Virtual / Guest Machines? Are they shut down properly / gracefully? Are they paused / suspended? Or are they just turned of, as in flip / press the power button to kill it? In the Microsoft world with Hyper-V it's abundantly clear with Automatic Start Actions and Automatic Stop Actions. Wow! Cool! Gravity can be reversed. Not so evident with the QEMU / KVM architecture. Yup, as the title might have given away, look under "WatchDog" for power settings. Ummm, unless it was a couple of years ago, then it would be qemu-guest-agent.service and some settings tucked away in /etc/default/libvirt-guests, no wait, /etc/sysconfig/libvirt-guests. But that file is gone now with nothing left behind, not even a file by the same name with a note in it explaining why it isn't used anymore, it's just gone. Before that, some custom scripts and 'shutdown service(s)', but those aren't needed anymore, nor will they work the same way they used to because the new QEMU / KVM breaks that paradigm. Anyway, here's the answer to the above question; | |||
*In the Virtual Machine Manager GUI, open the Virtual Machine (AKA "Domain", wait, didn't Microsoft already take that term?), click Settings, err, the Gear Icon, no wait, the Light Bulb Icon, click WatchDog, then under Model select diag288, 16300esb, or ib700, and, no wait, you could also type anything you want, or leave it at the default of itco (which isn't in the drop down menu), then under Action select what you want the Virtual / Guest machine to do when the physical host machine is rebooted, shutdown, etc. (with the default set to Forcefully reset the guest, which is of course the best one for preserving data and the integrity of the guest machine, err, no wait, speeds shut down of the physical host machine by just killing the guest machine, losing data, settings, destroying databases, etc., so naturally Forcefully reset the guest is the default setting). | |||
* | |||
===Tricks, Tips, and Other Useful Information (all of which applies to Rocky Linux 9, and others based on Red Hat)=== | |||
'''Network Configuration (from''' https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/configuring_and_managing_networking/index#configuring-an-ethernet-connection-with-a-static-ip-address-by-using-nmstatectl_configuring-an-ethernet-connection<nowiki/>)''';''' | |||
*NMCLI ( nmcli ): Command Line Interface | |||
*NMTUI ( nmtui ): Text Based GUI | |||
*NM-CONNETION-EDITOR ( nm-connection-editor ): "Control Panel Version" GUI | |||
*"Control Center" for GNOME: "Windows 11 Version" GUI (IE, less capable than all of the above) | |||
*NMSTATECTL ( nmstatesctl ): nmstatectl show will provide a LOT of information (plus other things, including configuration) | |||
''' | '''Other Tips and Information;''' | ||
*Rocky Linux 9 Network Configuration Files Directory: /etc/Network/Manager/system-connections (NOT /etc/sysconfig/network-scripts) | *Rocky Linux 9 Network Configuration Files Directory: /etc/Network/Manager/system-connections (NOT /etc/sysconfig/network-scripts) | ||
*Network Configuration for Rocky Linux: nm-connection-editor | |||
*If a Bridged Network Adapter is configured for a Virtual Machine, it will show up in the Host Machine as: vnet1, etc. | |||
*QEMU / KVM Bridges can be configure "within" QEMU / KVM and "externally" using commands like brctl, etc. | |||
*QEMU / KVM Configuration Files: /etc/libvirt/qemu/ | *QEMU / KVM Configuration Files: /etc/libvirt/qemu/ | ||
**Heed the warning notes on some of these files as they should not be edited directly. Although a workaround is to edit the files directly, then restart the libvirtd.service (systemctl restart libvirtd.service) | **Heed the warning notes on some of these files as they should not be edited directly. Although a workaround is to edit the files directly, then restart the libvirtd.service (systemctl restart libvirtd.service) | ||
Line 58: | Line 119: | ||
****x = Exit / Quit and Save (AKA Write) (as in<span> </span>:x) | ****x = Exit / Quit and Save (AKA Write) (as in<span> </span>:x) | ||
****q = Quit (AKA Exit) | ****q = Quit (AKA Exit) | ||
***...and that is not enough, ALL of the following commands need to be run for configuration changes to take effect (the below examples assume ''default'' is the name of the network device) | |||
****virsh net-destroy default (essentially stops the device, and also deletes it, as apparently restarting it alone isn't enough) | |||
****virsh net-define default (in reality, the intent is to 're-define' the interface, but from the VIRTLIBD perspective the interface has been 'destroyed' and isn't there, so it needs to be defined) | |||
*****TOP TIP: When using the virsh net-define command, don't put the 'base' configuration file in /etc/libvirt/qemu/networks | |||
****virsh net-start default | |||
****Note: Hey, I've got an idea for you genzers that are programming this, why not create a virsh net-restart command that intuitively does what a bazillion other past command examples do to complete the above task? And don't say virsh net-update add / modify, because that is just as convoluted. Go ahead, read it right here and see if having a virsh net-restart command doesn't make good sense: https://wiki.libvirt.org/Networking.html#:~:text=If%20you%20edit%20the%20network,automatically%20done%20as%20a%20side Now why would all of this be a big issue? Well guess what, there's this thing called reality where you can get this error: "failed to get domain" when using the virsh net-destroy and then what? Reboot MFer. That's it. Thanks Genzers! | |||
*QEMU / KVM Additional Bridge Configuration: /etc/qemu-kvm/ | *QEMU / KVM Additional Bridge Configuration: /etc/qemu-kvm/ | ||
*Documentation from QEMU / KVM on Bridges and Networking: https://libvirt.org/formatnetwork.html | *Documentation from QEMU / KVM on Bridges and Networking: https://libvirt.org/formatnetwork.html | ||
Line 63: | Line 130: | ||
*Network Remapping End Result(s) (IE, if you want to see how the "Predictable Network Interface Naming" decided on how things were to be done: /sys/class/net | *Network Remapping End Result(s) (IE, if you want to see how the "Predictable Network Interface Naming" decided on how things were to be done: /sys/class/net | ||
**In short, here's how it goes with Rocky Linux 9 mapping a physical Network Adapter to a configuration file; | **In short, here's how it goes with Rocky Linux 9 mapping a physical Network Adapter to a configuration file; | ||
***Physical Network Adapter (represented by files located in /sys/devices and below / down) | ***Physical Network Adapter (represented by files located in /sys/devices and below / down) | ||
***⇌ | ***⇌ | ||
***Calculations done in the name of "Predictable Network Interface Naming", whose 'scripts' are located in /lib/udev/rules.d/80-net-setu-link.rules and whose result(s) are located in the Symbolic Links located in /sys/class/net (which in turn point to 'device files' in /sys/devices) | ***Calculations done in the name of "Predictable Network Interface Naming", whose 'scripts' are located in /lib/udev/rules.d/80-net-setu-link.rules and whose result(s) are located in the Symbolic Links located in /sys/class/net (which in turn point to 'device files' in /sys/devices) | ||
***⇌ | ***⇌ | ||
***Configuration File (in /etc/NetworkManger) | ***Configuration File (in /etc/NetworkManger) | ||
*** | *** | ||
***⇌ ⇌ ⇌ ⇌ ⇌ ⇌ | ***⇌ ⇌ ⇌ ⇌ ⇌ ⇌ | ||
MAN (Manual) Page, or the closest equivalent to: https://libvirt.org/formatnetwork.html But watch out on some stuff. Here's an example | |||
*<forward mode="open" /> AND / OR <forward mode="bridge" /> | |||
**in the Virtual Machine Management GUI the drop down box and XML only have mode="open", mode="bridge" is not available. WTF???! | |||
**In the documentation from https://libvirt.org/formatnetwork.html, there is only mention of mode="bridge", there's nothing on that webpage for mode="open". Now that's not to say they don't mention 'open', it's just never used in an example. Both bridge and open are documented. | |||
***open is a version of route (IE, something more similar to a router than a bridge) | |||
***bridge is just what is says (IE, it is a bridge) | |||
****BIG NOTE: While it is never explicitly stated, "YOU NEED TO CREATE A BRIDGE OUTSIDE OF LIBVERT, BECAUSE UNLIKE ''NAT'' LIBVERT WILL ''NOT'' CREATE THE INTERFACE AUTOMATICALLY. YOU HAVE TO DO IT YOURSELF MANUALLY", it '''''SHOULD BE!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!''''' | |||
**In the book Mastering KVM Virtualization neither mentions mode="open" or mode='open', only mode='bridge' is mentioned (and only one time in the 2020 edition) | |||
...and now comes the part where the above noted references show their true colors. IE, the content in the articles on those websites was not created by the people who own those websites. It was aggregated from other websites and put into a format that Google likes. And does it ever show on the Networking aspect of what they document. In short, ignore it. You'll hose your system if you do what is written. Go ahead and try it (no, don't really do that). | |||
The first issue is with the destruction of a perfectly network interface. The second issue is with the creation of a Bridge Interface that was already created as part of the installation process of QEMU / KVM. Keeping in mind this article here was written based on Rocky Linux 9 and the iteration of QEMU / KVM as of late 2023. Earlier versions may have required the creation of a Bridge Interface. | |||
KEEP THIS IN MIND: In the QEMU / KVM world, here's how the networking thing functions: | |||
*After installing QEMU / KVM, it creates a Virtual Bridge Adapter intended to be used with NAT. Leave this one as is if you want to use it. But if you just want a simple bridge to connect to the rest of your network, keep reading. This Virtual Bridge | |||
Here's the assumption (unlike all the other tutorials there); | |||
*There is an existing Ethernet Adapter on the Host Machine for QEMU / KVM that has been configured with an IP Address, Subnet Mask, IE, everything needed to communicate via a Network. | |||
*During the installation for QEMU / KVM, a Virtual Bridge Adapter was automatically configured | |||
Other example NMCLI commands; | |||
*nmcli connection show | |||
*Modify the /etc/NetworkManager/system-connections File? Nope! | |||
**nmcli connection modify WhatEverConnectionName ipv4.address "WhatEverIPAddress/SubnetMaskNumber" (192.168.1.1/24) | |||
**nmcli connection up WhatEverConnectionName (essentially restarts the adapter and adopts new configuration information) | |||
**Does NOT work as one might think to 'reload' or restart a Network Adapter after configuration changes are made: nmcli connection reload | |||
**nmcli connection show WhatEverConnectionName (ipv4.address = configured value AND IPV4.ADDRESS = "live / actual value") | |||
*systemctl restart NetworkManager | |||
'''ChatGPT to the Rescue''' | |||
Why is the UUID for the virbr0 Virtual Bridge Adapter displayed in the QEMU / KVM Host using the IP LINK SHOW command different than the UUID setting configured in the /etc/libvirt/qemu/networks/default.xml File, even though the MAC Address is the same in the Host (using IP LINK SHOW) and the default.xml File? | |||
ChatGPT's explanation is below (which is very good considering that Googling an equivalent answer produces nothing but hundreds of stupid forum results that ramble about how something isn't working). There is also some additional information from https://wiki.libvirt.org/Networking.html.<syntaxhighlight lang="text"> | |||
The discrepancy between the UUID in the default.xml file and the one displayed by the ip link show command might be due to the fact that the UUID in the XML configuration file refers to the libvirt network object's UUID, not the actual bridge interface's UUID. | |||
Here's a breakdown: | |||
UUID in default.xml: | |||
The default.xml file typically contains the XML configuration for the default libvirt network (virbr0). The UUID in this file corresponds to the libvirt network's unique identifier. This UUID is associated with the network object managed by libvirt. | |||
UUID displayed by ip link show: | |||
When you use ip link show, you are querying information about the actual bridge interface (virbr0). The UUID displayed here refers to the bridge interface itself, not the libvirt network object. | |||
While the libvirt network and the bridge interface are closely related, they are distinct entities with different UUIDs. The libvirt network configuration includes settings for the bridge interface but also encompasses additional configuration options managed by libvirt. | |||
If you want to inspect the libvirt network configuration and UUID programmatically, you can use the virsh command: | |||
bash | |||
Copy code | |||
virsh net-dumpxml default | |||
This command will display the XML configuration for the default network, including the libvirt network UUID. | |||
If you specifically need the UUID of the bridge interface (virbr0), you can extract it using the nmcli command (assuming NetworkManager is used for managing the bridge): | |||
bash | |||
Copy code | |||
nmcli connection show virbr0 | grep UUID | |||
This will display the UUID associated with the virbr0 connection managed by NetworkManager. | |||
In summary, the libvirt network and the bridge interface have separate UUIDs, and the discrepancy arises from the different contexts in which these UUIDs are used. | |||
</syntaxhighlight> | |||
The above can be confirmed using the following commands | |||
*virsh net-destroy default (maybe there should be an 'in-between' option like net-stop, but oh well)<span> </span>: "Stops and Destroys" the virbr0 (defined by default.xml, which is not deleted) | |||
*virsh net-start default<span> </span>: Starts the virb0 (defined by the default.xml file) | |||
* | |||
'''Rough Notes''' | |||
<network> | |||
<name>my-bridge-network</name> | |||
<forward mode='bridge'/> | |||
<bridge name='virbr_bridge'/> | |||
</network> | |||
sudo virsh net-define bridge-network.xml | |||
sudo virsh net-start my-bridge-network | |||
sudo virsh net-autostart my-bridge-network | |||
There is no "anti virsh net-define command", just delete the XML file and systemctl restart libvirtd.service | |||
<syntaxhighlight lang="text"> | |||
virsh [options]... [<command_string>] | |||
virsh [options]... <command> [args...] | |||
options: | |||
-c | --connect=URI hypervisor connection URI | |||
-d | --debug=NUM debug level [0-4] | |||
-e | --escape <char> set escape sequence for console | |||
-h | --help this help | |||
-k | --keepalive-interval=NUM | |||
keepalive interval in seconds, 0 for disable | |||
-K | --keepalive-count=NUM | |||
number of possible missed keepalive messages | |||
-l | --log=FILE output logging to file | |||
-q | --quiet quiet mode | |||
-r | --readonly connect readonly | |||
-t | --timing print timing information | |||
-v short version | |||
-V long version | |||
--version[=TYPE] version, TYPE is short or long (default short) | |||
commands (non interactive mode): | |||
Domain Management (help keyword 'domain') | |||
attach-device attach device from an XML file | |||
attach-disk attach disk device | |||
attach-interface attach network interface | |||
autostart autostart a domain | |||
blkdeviotune Set or query a block device I/O tuning parameters. | |||
blkiotune Get or set blkio parameters | |||
blockcommit Start a block commit operation. | |||
blockcopy Start a block copy operation. | |||
blockjob Manage active block operations | |||
blockpull Populate a disk from its backing image. | |||
blockresize Resize block device of domain. | |||
change-media Change media of CD or floppy drive | |||
console connect to the guest console | |||
cpu-stats show domain cpu statistics | |||
create create a domain from an XML file | |||
define define (but don't start) a domain from an XML file | |||
desc show or set domain's description or title | |||
destroy destroy (stop) a domain | |||
detach-device detach device from an XML file | |||
detach-device-alias detach device from an alias | |||
detach-disk detach disk device | |||
detach-interface detach network interface | |||
domdisplay domain display connection URI | |||
domfsfreeze Freeze domain's mounted filesystems. | |||
domfsthaw Thaw domain's mounted filesystems. | |||
domfsinfo Get information of domain's mounted filesystems. | |||
domfstrim Invoke fstrim on domain's mounted filesystems. | |||
domhostname print the domain's hostname | |||
domid convert a domain name or UUID to domain id | |||
domif-setlink set link state of a virtual interface | |||
domiftune get/set parameters of a virtual interface | |||
domjobabort abort active domain job | |||
domjobinfo domain job information | |||
domlaunchsecinfo Get domain launch security info | |||
domsetlaunchsecstate Set domain launch security state | |||
domname convert a domain id or UUID to domain name | |||
domrename rename a domain | |||
dompmsuspend suspend a domain gracefully using power management functions | |||
dompmwakeup wakeup a domain from pmsuspended state | |||
domuuid convert a domain name or id to domain UUID | |||
domxml-from-native Convert native config to domain XML | |||
domxml-to-native Convert domain XML to native config | |||
dump dump the core of a domain to a file for analysis | |||
dumpxml domain information in XML | |||
edit edit XML configuration for a domain | |||
get-user-sshkeys list authorized SSH keys for given user (via agent) | |||
inject-nmi Inject NMI to the guest | |||
iothreadinfo view domain IOThreads | |||
iothreadpin control domain IOThread affinity | |||
iothreadadd add an IOThread to the guest domain | |||
iothreadset modifies an existing IOThread of the guest domain | |||
iothreaddel delete an IOThread from the guest domain | |||
send-key Send keycodes to the guest | |||
send-process-signal Send signals to processes | |||
lxc-enter-namespace LXC Guest Enter Namespace | |||
managedsave managed save of a domain state | |||
managedsave-remove Remove managed save of a domain | |||
managedsave-edit edit XML for a domain's managed save state file | |||
managedsave-dumpxml Domain information of managed save state file in XML | |||
managedsave-define redefine the XML for a domain's managed save state file | |||
memtune Get or set memory parameters | |||
perf Get or set perf event | |||
metadata show or set domain's custom XML metadata | |||
migrate migrate domain to another host | |||
migrate-setmaxdowntime set maximum tolerable downtime | |||
migrate-getmaxdowntime get maximum tolerable downtime | |||
migrate-compcache get/set compression cache size | |||
migrate-setspeed Set the maximum migration bandwidth | |||
migrate-getspeed Get the maximum migration bandwidth | |||
migrate-postcopy Switch running migration from pre-copy to post-copy | |||
numatune Get or set numa parameters | |||
qemu-attach QEMU Attach | |||
qemu-monitor-command QEMU Monitor Command | |||
qemu-monitor-event QEMU Monitor Events | |||
qemu-agent-command QEMU Guest Agent Command | |||
guest-agent-timeout Set the guest agent timeout | |||
reboot reboot a domain | |||
reset reset a domain | |||
restore restore a domain from a saved state in a file | |||
resume resume a domain | |||
save save a domain state to a file | |||
save-image-define redefine the XML for a domain's saved state file | |||
save-image-dumpxml saved state domain information in XML | |||
save-image-edit edit XML for a domain's saved state file | |||
schedinfo show/set scheduler parameters | |||
screenshot take a screenshot of a current domain console and store it into a file | |||
set-lifecycle-action change lifecycle actions | |||
set-user-sshkeys manipulate authorized SSH keys file for given user (via agent) | |||
set-user-password set the user password inside the domain | |||
setmaxmem change maximum memory limit | |||
setmem change memory allocation | |||
setvcpus change number of virtual CPUs | |||
shutdown gracefully shutdown a domain | |||
start start a (previously defined) inactive domain | |||
suspend suspend a domain | |||
ttyconsole tty console | |||
undefine undefine a domain | |||
update-device update device from an XML file | |||
update-memory-device update memory device of a domain | |||
vcpucount domain vcpu counts | |||
vcpuinfo detailed domain vcpu information | |||
vcpupin control or query domain vcpu affinity | |||
emulatorpin control or query domain emulator affinity | |||
vncdisplay vnc display | |||
guestvcpus query or modify state of vcpu in the guest (via agent) | |||
setvcpu attach/detach vcpu or groups of threads | |||
domblkthreshold set the threshold for block-threshold event for a given block device or it's backing chain element | |||
guestinfo query information about the guest (via agent) | |||
domdirtyrate-calc Calculate a vm's memory dirty rate | |||
dom-fd-associate associate a FD with a domain | |||
Domain Monitoring (help keyword 'monitor') | |||
domblkerror Show errors on block devices | |||
domblkinfo domain block device size information | |||
domblklist list all domain blocks | |||
domblkstat get device block stats for a domain | |||
domcontrol domain control interface state | |||
domif-getlink get link state of a virtual interface | |||
domifaddr Get network interfaces' addresses for a running domain | |||
domiflist list all domain virtual interfaces | |||
domifstat get network interface stats for a domain | |||
dominfo domain information | |||
dommemstat get memory statistics for a domain | |||
domstate domain state | |||
domstats get statistics about one or multiple domains | |||
domtime domain time | |||
list list domains | |||
Domain Events (help keyword 'events') | |||
event Domain Events | |||
Host and Hypervisor (help keyword 'host') | |||
allocpages Manipulate pages pool size | |||
capabilities capabilities | |||
cpu-baseline compute baseline CPU | |||
cpu-compare compare host CPU with a CPU described by an XML file | |||
cpu-models CPU models | |||
domcapabilities domain capabilities | |||
freecell NUMA free memory | |||
freepages NUMA free pages | |||
hostname print the hypervisor hostname | |||
hypervisor-cpu-baseline compute baseline CPU usable by a specific hypervisor | |||
hypervisor-cpu-compare compare a CPU with the CPU created by a hypervisor on the host | |||
maxvcpus connection vcpu maximum | |||
node-memory-tune Get or set node memory parameters | |||
nodecpumap node cpu map | |||
nodecpustats Prints cpu stats of the node. | |||
nodeinfo node information | |||
nodememstats Prints memory stats of the node. | |||
nodesevinfo node SEV information | |||
nodesuspend suspend the host node for a given time duration | |||
sysinfo print the hypervisor sysinfo | |||
uri print the hypervisor canonical URI | |||
version show version | |||
Checkpoint (help keyword 'checkpoint') | |||
checkpoint-create Create a checkpoint from XML | |||
checkpoint-create-as Create a checkpoint from a set of args | |||
checkpoint-delete Delete a domain checkpoint | |||
checkpoint-dumpxml Dump XML for a domain checkpoint | |||
checkpoint-edit edit XML for a checkpoint | |||
checkpoint-info checkpoint information | |||
checkpoint-list List checkpoints for a domain | |||
checkpoint-parent Get the name of the parent of a checkpoint | |||
Interface (help keyword 'interface') | |||
iface-begin create a snapshot of current interfaces settings, which can be later committed (iface-commit) or restored (iface-rollback) | |||
iface-bridge create a bridge device and attach an existing network device to it | |||
iface-commit commit changes made since iface-begin and free restore point | |||
iface-define define an inactive persistent physical host interface or modify an existing persistent one from an XML file | |||
iface-destroy destroy a physical host interface (disable it / "if-down") | |||
iface-dumpxml interface information in XML | |||
iface-edit edit XML configuration for a physical host interface | |||
iface-list list physical host interfaces | |||
iface-mac convert an interface name to interface MAC address | |||
iface-name convert an interface MAC address to interface name | |||
iface-rollback rollback to previous saved configuration created via iface-begin | |||
iface-start start a physical host interface (enable it / "if-up") | |||
iface-unbridge undefine a bridge device after detaching its device(s) | |||
iface-undefine undefine a physical host interface (remove it from configuration) | |||
Network Filter (help keyword 'filter') | |||
nwfilter-define define or update a network filter from an XML file | |||
nwfilter-dumpxml network filter information in XML | |||
nwfilter-edit edit XML configuration for a network filter | |||
nwfilter-list list network filters | |||
nwfilter-undefine undefine a network filter | |||
nwfilter-binding-create create a network filter binding from an XML file | |||
nwfilter-binding-delete delete a network filter binding | |||
nwfilter-binding-dumpxml network filter information in XML | |||
nwfilter-binding-list list network filter bindings | |||
Networking (help keyword 'network') | |||
net-autostart autostart a network | |||
net-create create a network from an XML file | |||
net-define define an inactive persistent virtual network or modify an existing persistent one from an XML file | |||
net-destroy destroy (stop) a network | |||
net-dhcp-leases print lease info for a given network | |||
net-dumpxml network information in XML | |||
net-edit edit XML configuration for a network | |||
net-event Network Events | |||
net-info network information | |||
net-list list networks | |||
net-name convert a network UUID to network name | |||
net-start start a (previously defined) inactive network | |||
net-undefine undefine a persistent network | |||
net-update update parts of an existing network's configuration | |||
net-uuid convert a network name to network UUID | |||
net-port-list list network ports | |||
net-port-create create a network port from an XML file | |||
net-port-dumpxml network port information in XML | |||
net-port-delete delete the specified network port | |||
Node Device (help keyword 'nodedev') | |||
nodedev-create create a device defined by an XML file on the node | |||
nodedev-destroy destroy (stop) a device on the node | |||
nodedev-detach detach node device from its device driver | |||
nodedev-dumpxml node device details in XML | |||
nodedev-list enumerate devices on this host | |||
nodedev-reattach reattach node device to its device driver | |||
nodedev-reset reset node device | |||
nodedev-event Node Device Events | |||
nodedev-define Define a device by an xml file on a node | |||
nodedev-undefine Undefine an inactive node device | |||
nodedev-start Start an inactive node device | |||
nodedev-autostart autostart a defined node device | |||
nodedev-info node device information | |||
Secret (help keyword 'secret') | |||
secret-define define or modify a secret from an XML file | |||
secret-dumpxml secret attributes in XML | |||
secret-event Secret Events | |||
secret-get-value Output a secret value | |||
secret-list list secrets | |||
secret-set-value set a secret value | |||
secret-undefine undefine a secret | |||
Snapshot (help keyword 'snapshot') | |||
snapshot-create Create a snapshot from XML | |||
snapshot-create-as Create a snapshot from a set of args | |||
snapshot-current Get or set the current snapshot | |||
snapshot-delete Delete a domain snapshot | |||
snapshot-dumpxml Dump XML for a domain snapshot | |||
snapshot-edit edit XML for a snapshot | |||
snapshot-info snapshot information | |||
snapshot-list List snapshots for a domain | |||
snapshot-parent Get the name of the parent of a snapshot | |||
snapshot-revert Revert a domain to a snapshot | |||
Backup (help keyword 'backup') | |||
backup-begin Start a disk backup of a live domain | |||
backup-dumpxml Dump XML for an ongoing domain block backup job | |||
Storage Pool (help keyword 'pool') | |||
find-storage-pool-sources-as find potential storage pool sources | |||
find-storage-pool-sources discover potential storage pool sources | |||
pool-autostart autostart a pool | |||
pool-build build a pool | |||
pool-create-as create a pool from a set of args | |||
pool-create create a pool from an XML file | |||
pool-define-as define a pool from a set of args | |||
pool-define define an inactive persistent storage pool or modify an existing persistent one from an XML file | |||
pool-delete delete a pool | |||
pool-destroy destroy (stop) a pool | |||
pool-dumpxml pool information in XML | |||
pool-edit edit XML configuration for a storage pool | |||
pool-info storage pool information | |||
pool-list list pools | |||
pool-name convert a pool UUID to pool name | |||
pool-refresh refresh a pool | |||
pool-start start a (previously defined) inactive pool | |||
pool-undefine undefine an inactive pool | |||
pool-uuid convert a pool name to pool UUID | |||
pool-event Storage Pool Events | |||
pool-capabilities storage pool capabilities | |||
Storage Volume (help keyword 'volume') | |||
vol-clone clone a volume. | |||
vol-create-as create a volume from a set of args | |||
vol-create create a vol from an XML file | |||
vol-create-from create a vol, using another volume as input | |||
vol-delete delete a vol | |||
vol-download download volume contents to a file | |||
vol-dumpxml vol information in XML | |||
vol-info storage vol information | |||
vol-key returns the volume key for a given volume name or path | |||
vol-list list vols | |||
vol-name returns the volume name for a given volume key or path | |||
vol-path returns the volume path for a given volume name or key | |||
vol-pool returns the storage pool for a given volume key or path | |||
vol-resize resize a vol | |||
vol-upload upload file contents to a volume | |||
vol-wipe wipe a vol | |||
Virsh itself (help keyword 'virsh') | |||
cd change the current directory | |||
echo echo arguments. Used for internal testing. | |||
exit quit this interactive terminal | |||
help print help | |||
pwd print the current directory | |||
quit quit this interactive terminal | |||
connect (re)connect to hypervisor | |||
(specify help <group> for details about the commands in the group) | |||
(specify help <command> for details about the command) | |||
</syntaxhighlight> | |||
===Rants and Temper Tantrums=== | |||
Delete a bridge created by using an XML file. It works most of the time. But what happens if you get a dreaded "failed to get a 'forking' domain" error message? What then? Well, your SOL until you reboot the machine. NOTHING works! | |||
'''QEMU Guest Agent / qemu-guest-agent.service VS libvirtd "guest" stuff:''' There are hints that the former has been depricated or isn't needed or something. Good fucking lucking getting a straight answer on any of this shit. Here, try this: https://stackshare.io/stackups/libvirt-vs-qemu#:~:text=Hardware%20Emulation%3A%20QEMU%20includes%20its,not%20provide%20direct%20hardware%20emulation. Yup, now it's all clear. Dear Linux developers. You're brilliant. But you can't communicate for shit. You change things on a minutely basis and leave a wake of documentation destruction behind you. How is anyone on this planet supposed to understand and keep up with what you're doing? Part of your job should be to make this open source software available to everyone. Nope, need a degree in Linuxology to understand stuff, and it shouldn't be that way. Yes, there needs to be an understanding of fundamentals and expertise, but don't you get it? There are people out there that have to be skilled in a myriad of technologies to actually make use of your stuff in the real world. They're really smart and capable, but just don't have the time to understand stuff like you. There's too much other stuff going on. Rant over, because I'm tired of typing. | |||
Latest revision as of 09:44, 10 March 2024
...below are just rough notes from three different sources, including ChatGPT. They are ordered in each section as below from the following sources;
- https://www.linuxtechi.com/install-kvm-on-rocky-linux-almalinux/
- https://computingforgeeks.com/install-use-kvm-virtualization-on-rocky/
- ChatCPT
Check for VM Support in CPU;
- cat /proc/cpuinfo | egrep "vmx|svm"
- lscpu | grep Virtualization
- No Comment
Install all the Stuff (for the first two sources there were duplicate items on multiple lines that were cleaned up, oops, no proof reading on their part, huh, just a copy and paste);
- dnf install qemu-kvm virt-manager libvirt virt-install virt-viewer libguestfs-tools bridge-utils virt-top
- dnf install qemu-kvm virt-manager libvirt virt-install virt-viewer libguestfs-tools bridge-utils virt-top
- dnf install qemu-kvm libvirt virt-install virt-manager AND apparently installing virt-manager again (just to make sure)
NOTES: And of course there are about a hundred or so other dependencies that are downloaded and installed too.
ISSUES: bridge-utils virt-top might give issues if attempting to install at the same time, so try installing separately.
Check Installation;
- lsmod | grep kvm
- lsmod | grep kvm
- lsmod | grep kvm AND virsh list --all
Start AND Enable Automatic Starting of the "KVM" Services AND see if they're actually running;
- sudo systemctl start libvirtd AND systemctl enable --now libvirtd AND systemctl status libvirtd
- sudo systemctl start libvirtd AND sudo systemctl enable libvirtd AND systemctl status libvirtd
- sudo systemctl start libvirtd AND sudo systemctl enable libvirtd AND No Comment
Permissions and User Related Stuff;
- No Comment
- usermod -aG libvirt $USER AND newgrp libvirt
- usermod -aG libvirt $(whoami)
Network Connectivity, don't forget that;
Tools to use;
- Virtual Machine Manager GUI
- nm-connection-editor: Basic GUI for Network Management (more powerful than the GNOME Network GUI, and in fact the GNOME Network GUI is just plain unreliable and inaccurate, so don't use)
- Terminal (AKA "Command Prompt")
Useful Commands;
- virsh net-list --all
- nmcli connection show
- ip link show
- ifconfig
- systemctl restart libvirtd.service
- systemct. restart NetworkManager
OK, here's what to do for creating what is essentially an Ethernet Switch. IE, this is about as close as it comes to 'typical' reality where computers, servers, and other devices are all connected to each other via Ethernet Cables to an Ethernet Switch. The below method uses a GUI interface as much as possible in order for one to understand and see what is going on, VS being a 'parrot' that types in commands as suggested by someone else. It also assumes the reader knows the basics of what they're doing, so for instance when it is noted that something needs to be disabled, the reader knows how to do it (because it's easy) and doesn't need five additional steps stating, "...click here, type this, etc.);
- Identify current Ethernet Adapter(s) and Virtual Bridge(s) get oriented by obtaing the names of various Network Adapters or Virtual Devices (eth0, enp1s0of0, virbr0, bridg0, br0, whatever, etc.);
- nmcli connection show (or use the nm-connection-editor)
- brctl show
- ip link show
- Disable the existing target Ethernet Adapter (this equates to the Physical Network Adapter that is connected to the Subnet / LAN / Network) through a GUI or command line interface. Don't delete it as most tutorials would have you do (if needed you can always enable it later instead of re-creating it from scratch). Also prevent it from starting by default.
- nmcli connection modify WhatEverConnectionName connection.autoconnect "no"
- ifconfig WhatEverConnectionName down OR ip link set dev WhatEverConnectionName down
- Create the "Virtual Ethernet Switch" (AKA Virtual Bridge)
- nm-connection-editor: Using this GUI makes it easy.
- "Connect / Extend the Ethernet Cable plugged into the Physical Host's Network Jack" to a "Port" on the "Virtual Ethernet Switch"
- Bridge Tab, Add Button, Select the Physical Interface
- Configure IP Information (which should be the same as the Ethernet Adapter disabled above).
- Name the Connections and Interface Name as: bridge0 (although it can be anything, plus keeping the names similar cuts down on Alias Names causing confusion later)
- Another useful naming convention would be a hybrid approach where one could start the name with the old fashion "br", then append the name of the physical adapter, so a "bridge" connected to eno4 (a naming convention for Rocky Linux 9 Ethernet Adapter / Connections) would be breno4
- The end result is the is a Virtual Ethernet Switch with a single Port that has one Cable plugged into it. Later, if viewed when a Virtual Machine is powered on, the additional Ports for the Virtual Machines will be seen here.
- "Connect / Extend the Ethernet Cable plugged into the Physical Host's Network Jack" to a "Port" on the "Virtual Ethernet Switch"
- OR, to do the same as above from the command line (minus adding IP information): mcli connection add type bridge autoconnect yes con-name bridge0 ifname bridge0
- nm-connection-editor: Using this GUI makes it easy.
- Configure the Virtual Machine's Network Adapter. There should be one created by default.
- Edit the Virtual Machine in Virtual Machine Editor
- Set the Network Source to: Bridge device
- Set the name to: bridge0 (or whatever it was named)
- Set Device Model to: virtio
- Edit the Virtual Machine in Virtual Machine Editor
...done. Well, configure the Virtual Machine's network information as would be done for any other physical machine.
The result will be a Virtual Bridge named bridge0 (it can be anything, but bridge0 keeps with the 'suggested' Rocky Linux 9 naming convention, with the equivalent CentOS 7 naming convention being br0). Virtual Machines as they're powered on will have their NICs show up as vnet0, vnet1, etc.
And as gone into more detail below, it is simply not within the realm of reality for the libvirtd to automatically create the above "Switch" (AKA Virtual Bridge)
Power Events (AKA Automatic Start Actions, Automatic Stop Actions, and "WatchDog")
One would ordinarily ever consider that Microsoft would make sense. But they do in this instance. Here's the question: When a QEMU / KVM Host Machine (that's the physical machine) is restarted / rebooted or shut down, what about the Virtual / Guest Machines? Are they shut down properly / gracefully? Are they paused / suspended? Or are they just turned of, as in flip / press the power button to kill it? In the Microsoft world with Hyper-V it's abundantly clear with Automatic Start Actions and Automatic Stop Actions. Wow! Cool! Gravity can be reversed. Not so evident with the QEMU / KVM architecture. Yup, as the title might have given away, look under "WatchDog" for power settings. Ummm, unless it was a couple of years ago, then it would be qemu-guest-agent.service and some settings tucked away in /etc/default/libvirt-guests, no wait, /etc/sysconfig/libvirt-guests. But that file is gone now with nothing left behind, not even a file by the same name with a note in it explaining why it isn't used anymore, it's just gone. Before that, some custom scripts and 'shutdown service(s)', but those aren't needed anymore, nor will they work the same way they used to because the new QEMU / KVM breaks that paradigm. Anyway, here's the answer to the above question;
- In the Virtual Machine Manager GUI, open the Virtual Machine (AKA "Domain", wait, didn't Microsoft already take that term?), click Settings, err, the Gear Icon, no wait, the Light Bulb Icon, click WatchDog, then under Model select diag288, 16300esb, or ib700, and, no wait, you could also type anything you want, or leave it at the default of itco (which isn't in the drop down menu), then under Action select what you want the Virtual / Guest machine to do when the physical host machine is rebooted, shutdown, etc. (with the default set to Forcefully reset the guest, which is of course the best one for preserving data and the integrity of the guest machine, err, no wait, speeds shut down of the physical host machine by just killing the guest machine, losing data, settings, destroying databases, etc., so naturally Forcefully reset the guest is the default setting).
Tricks, Tips, and Other Useful Information (all of which applies to Rocky Linux 9, and others based on Red Hat)
Network Configuration (from https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/configuring_and_managing_networking/index#configuring-an-ethernet-connection-with-a-static-ip-address-by-using-nmstatectl_configuring-an-ethernet-connection);
- NMCLI ( nmcli ): Command Line Interface
- NMTUI ( nmtui ): Text Based GUI
- NM-CONNETION-EDITOR ( nm-connection-editor ): "Control Panel Version" GUI
- "Control Center" for GNOME: "Windows 11 Version" GUI (IE, less capable than all of the above)
- NMSTATECTL ( nmstatesctl ): nmstatectl show will provide a LOT of information (plus other things, including configuration)
Other Tips and Information;
- Rocky Linux 9 Network Configuration Files Directory: /etc/Network/Manager/system-connections (NOT /etc/sysconfig/network-scripts)
- Network Configuration for Rocky Linux: nm-connection-editor
- If a Bridged Network Adapter is configured for a Virtual Machine, it will show up in the Host Machine as: vnet1, etc.
- QEMU / KVM Bridges can be configure "within" QEMU / KVM and "externally" using commands like brctl, etc.
- QEMU / KVM Configuration Files: /etc/libvirt/qemu/
- Heed the warning notes on some of these files as they should not be edited directly. Although a workaround is to edit the files directly, then restart the libvirtd.service (systemctl restart libvirtd.service)
- virsh net-edit default (it uses the VI editor)
- VI Editor
- i = Insert (AKA Edit) Mode
- ESC = Command Mode
- : (Colon) = "Beginning of Command"
- w = Write (as in :w)
- x = Exit / Quit and Save (AKA Write) (as in :x)
- q = Quit (AKA Exit)
- ...and that is not enough, ALL of the following commands need to be run for configuration changes to take effect (the below examples assume default is the name of the network device)
- virsh net-destroy default (essentially stops the device, and also deletes it, as apparently restarting it alone isn't enough)
- virsh net-define default (in reality, the intent is to 're-define' the interface, but from the VIRTLIBD perspective the interface has been 'destroyed' and isn't there, so it needs to be defined)
- TOP TIP: When using the virsh net-define command, don't put the 'base' configuration file in /etc/libvirt/qemu/networks
- virsh net-start default
- Note: Hey, I've got an idea for you genzers that are programming this, why not create a virsh net-restart command that intuitively does what a bazillion other past command examples do to complete the above task? And don't say virsh net-update add / modify, because that is just as convoluted. Go ahead, read it right here and see if having a virsh net-restart command doesn't make good sense: https://wiki.libvirt.org/Networking.html#:~:text=If%20you%20edit%20the%20network,automatically%20done%20as%20a%20side Now why would all of this be a big issue? Well guess what, there's this thing called reality where you can get this error: "failed to get domain" when using the virsh net-destroy and then what? Reboot MFer. That's it. Thanks Genzers!
- VI Editor
- QEMU / KVM Additional Bridge Configuration: /etc/qemu-kvm/
- Documentation from QEMU / KVM on Bridges and Networking: https://libvirt.org/formatnetwork.html
- All, or most of the documentation for Rocky Linux 9 that steers one towards /etc/udev/rules.d is now located in /lib/udev/rules.d
- Network Remapping End Result(s) (IE, if you want to see how the "Predictable Network Interface Naming" decided on how things were to be done: /sys/class/net
- In short, here's how it goes with Rocky Linux 9 mapping a physical Network Adapter to a configuration file;
- Physical Network Adapter (represented by files located in /sys/devices and below / down)
- ⇌
- Calculations done in the name of "Predictable Network Interface Naming", whose 'scripts' are located in /lib/udev/rules.d/80-net-setu-link.rules and whose result(s) are located in the Symbolic Links located in /sys/class/net (which in turn point to 'device files' in /sys/devices)
- ⇌
- Configuration File (in /etc/NetworkManger)
- ⇌ ⇌ ⇌ ⇌ ⇌ ⇌
- In short, here's how it goes with Rocky Linux 9 mapping a physical Network Adapter to a configuration file;
MAN (Manual) Page, or the closest equivalent to: https://libvirt.org/formatnetwork.html But watch out on some stuff. Here's an example
- <forward mode="open" /> AND / OR <forward mode="bridge" />
- in the Virtual Machine Management GUI the drop down box and XML only have mode="open", mode="bridge" is not available. WTF???!
- In the documentation from https://libvirt.org/formatnetwork.html, there is only mention of mode="bridge", there's nothing on that webpage for mode="open". Now that's not to say they don't mention 'open', it's just never used in an example. Both bridge and open are documented.
- open is a version of route (IE, something more similar to a router than a bridge)
- bridge is just what is says (IE, it is a bridge)
- BIG NOTE: While it is never explicitly stated, "YOU NEED TO CREATE A BRIDGE OUTSIDE OF LIBVERT, BECAUSE UNLIKE NAT LIBVERT WILL NOT CREATE THE INTERFACE AUTOMATICALLY. YOU HAVE TO DO IT YOURSELF MANUALLY", it SHOULD BE!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- In the book Mastering KVM Virtualization neither mentions mode="open" or mode='open', only mode='bridge' is mentioned (and only one time in the 2020 edition)
...and now comes the part where the above noted references show their true colors. IE, the content in the articles on those websites was not created by the people who own those websites. It was aggregated from other websites and put into a format that Google likes. And does it ever show on the Networking aspect of what they document. In short, ignore it. You'll hose your system if you do what is written. Go ahead and try it (no, don't really do that).
The first issue is with the destruction of a perfectly network interface. The second issue is with the creation of a Bridge Interface that was already created as part of the installation process of QEMU / KVM. Keeping in mind this article here was written based on Rocky Linux 9 and the iteration of QEMU / KVM as of late 2023. Earlier versions may have required the creation of a Bridge Interface.
KEEP THIS IN MIND: In the QEMU / KVM world, here's how the networking thing functions:
- After installing QEMU / KVM, it creates a Virtual Bridge Adapter intended to be used with NAT. Leave this one as is if you want to use it. But if you just want a simple bridge to connect to the rest of your network, keep reading. This Virtual Bridge
Here's the assumption (unlike all the other tutorials there);
- There is an existing Ethernet Adapter on the Host Machine for QEMU / KVM that has been configured with an IP Address, Subnet Mask, IE, everything needed to communicate via a Network.
- During the installation for QEMU / KVM, a Virtual Bridge Adapter was automatically configured
Other example NMCLI commands;
- nmcli connection show
- Modify the /etc/NetworkManager/system-connections File? Nope!
- nmcli connection modify WhatEverConnectionName ipv4.address "WhatEverIPAddress/SubnetMaskNumber" (192.168.1.1/24)
- nmcli connection up WhatEverConnectionName (essentially restarts the adapter and adopts new configuration information)
- Does NOT work as one might think to 'reload' or restart a Network Adapter after configuration changes are made: nmcli connection reload
- nmcli connection show WhatEverConnectionName (ipv4.address = configured value AND IPV4.ADDRESS = "live / actual value")
- systemctl restart NetworkManager
ChatGPT to the Rescue
Why is the UUID for the virbr0 Virtual Bridge Adapter displayed in the QEMU / KVM Host using the IP LINK SHOW command different than the UUID setting configured in the /etc/libvirt/qemu/networks/default.xml File, even though the MAC Address is the same in the Host (using IP LINK SHOW) and the default.xml File?
ChatGPT's explanation is below (which is very good considering that Googling an equivalent answer produces nothing but hundreds of stupid forum results that ramble about how something isn't working). There is also some additional information from https://wiki.libvirt.org/Networking.html.
The discrepancy between the UUID in the default.xml file and the one displayed by the ip link show command might be due to the fact that the UUID in the XML configuration file refers to the libvirt network object's UUID, not the actual bridge interface's UUID.
Here's a breakdown:
UUID in default.xml:
The default.xml file typically contains the XML configuration for the default libvirt network (virbr0). The UUID in this file corresponds to the libvirt network's unique identifier. This UUID is associated with the network object managed by libvirt.
UUID displayed by ip link show:
When you use ip link show, you are querying information about the actual bridge interface (virbr0). The UUID displayed here refers to the bridge interface itself, not the libvirt network object.
While the libvirt network and the bridge interface are closely related, they are distinct entities with different UUIDs. The libvirt network configuration includes settings for the bridge interface but also encompasses additional configuration options managed by libvirt.
If you want to inspect the libvirt network configuration and UUID programmatically, you can use the virsh command:
bash
Copy code
virsh net-dumpxml default
This command will display the XML configuration for the default network, including the libvirt network UUID.
If you specifically need the UUID of the bridge interface (virbr0), you can extract it using the nmcli command (assuming NetworkManager is used for managing the bridge):
bash
Copy code
nmcli connection show virbr0 | grep UUID
This will display the UUID associated with the virbr0 connection managed by NetworkManager.
In summary, the libvirt network and the bridge interface have separate UUIDs, and the discrepancy arises from the different contexts in which these UUIDs are used.
The above can be confirmed using the following commands
- virsh net-destroy default (maybe there should be an 'in-between' option like net-stop, but oh well) : "Stops and Destroys" the virbr0 (defined by default.xml, which is not deleted)
- virsh net-start default : Starts the virb0 (defined by the default.xml file)
Rough Notes
<network>
<name>my-bridge-network</name>
<forward mode='bridge'/>
<bridge name='virbr_bridge'/>
</network>
sudo virsh net-define bridge-network.xml
sudo virsh net-start my-bridge-network
sudo virsh net-autostart my-bridge-network
There is no "anti virsh net-define command", just delete the XML file and systemctl restart libvirtd.service
virsh [options]... [<command_string>]
virsh [options]... <command> [args...]
options:
-c | --connect=URI hypervisor connection URI
-d | --debug=NUM debug level [0-4]
-e | --escape <char> set escape sequence for console
-h | --help this help
-k | --keepalive-interval=NUM
keepalive interval in seconds, 0 for disable
-K | --keepalive-count=NUM
number of possible missed keepalive messages
-l | --log=FILE output logging to file
-q | --quiet quiet mode
-r | --readonly connect readonly
-t | --timing print timing information
-v short version
-V long version
--version[=TYPE] version, TYPE is short or long (default short)
commands (non interactive mode):
Domain Management (help keyword 'domain')
attach-device attach device from an XML file
attach-disk attach disk device
attach-interface attach network interface
autostart autostart a domain
blkdeviotune Set or query a block device I/O tuning parameters.
blkiotune Get or set blkio parameters
blockcommit Start a block commit operation.
blockcopy Start a block copy operation.
blockjob Manage active block operations
blockpull Populate a disk from its backing image.
blockresize Resize block device of domain.
change-media Change media of CD or floppy drive
console connect to the guest console
cpu-stats show domain cpu statistics
create create a domain from an XML file
define define (but don't start) a domain from an XML file
desc show or set domain's description or title
destroy destroy (stop) a domain
detach-device detach device from an XML file
detach-device-alias detach device from an alias
detach-disk detach disk device
detach-interface detach network interface
domdisplay domain display connection URI
domfsfreeze Freeze domain's mounted filesystems.
domfsthaw Thaw domain's mounted filesystems.
domfsinfo Get information of domain's mounted filesystems.
domfstrim Invoke fstrim on domain's mounted filesystems.
domhostname print the domain's hostname
domid convert a domain name or UUID to domain id
domif-setlink set link state of a virtual interface
domiftune get/set parameters of a virtual interface
domjobabort abort active domain job
domjobinfo domain job information
domlaunchsecinfo Get domain launch security info
domsetlaunchsecstate Set domain launch security state
domname convert a domain id or UUID to domain name
domrename rename a domain
dompmsuspend suspend a domain gracefully using power management functions
dompmwakeup wakeup a domain from pmsuspended state
domuuid convert a domain name or id to domain UUID
domxml-from-native Convert native config to domain XML
domxml-to-native Convert domain XML to native config
dump dump the core of a domain to a file for analysis
dumpxml domain information in XML
edit edit XML configuration for a domain
get-user-sshkeys list authorized SSH keys for given user (via agent)
inject-nmi Inject NMI to the guest
iothreadinfo view domain IOThreads
iothreadpin control domain IOThread affinity
iothreadadd add an IOThread to the guest domain
iothreadset modifies an existing IOThread of the guest domain
iothreaddel delete an IOThread from the guest domain
send-key Send keycodes to the guest
send-process-signal Send signals to processes
lxc-enter-namespace LXC Guest Enter Namespace
managedsave managed save of a domain state
managedsave-remove Remove managed save of a domain
managedsave-edit edit XML for a domain's managed save state file
managedsave-dumpxml Domain information of managed save state file in XML
managedsave-define redefine the XML for a domain's managed save state file
memtune Get or set memory parameters
perf Get or set perf event
metadata show or set domain's custom XML metadata
migrate migrate domain to another host
migrate-setmaxdowntime set maximum tolerable downtime
migrate-getmaxdowntime get maximum tolerable downtime
migrate-compcache get/set compression cache size
migrate-setspeed Set the maximum migration bandwidth
migrate-getspeed Get the maximum migration bandwidth
migrate-postcopy Switch running migration from pre-copy to post-copy
numatune Get or set numa parameters
qemu-attach QEMU Attach
qemu-monitor-command QEMU Monitor Command
qemu-monitor-event QEMU Monitor Events
qemu-agent-command QEMU Guest Agent Command
guest-agent-timeout Set the guest agent timeout
reboot reboot a domain
reset reset a domain
restore restore a domain from a saved state in a file
resume resume a domain
save save a domain state to a file
save-image-define redefine the XML for a domain's saved state file
save-image-dumpxml saved state domain information in XML
save-image-edit edit XML for a domain's saved state file
schedinfo show/set scheduler parameters
screenshot take a screenshot of a current domain console and store it into a file
set-lifecycle-action change lifecycle actions
set-user-sshkeys manipulate authorized SSH keys file for given user (via agent)
set-user-password set the user password inside the domain
setmaxmem change maximum memory limit
setmem change memory allocation
setvcpus change number of virtual CPUs
shutdown gracefully shutdown a domain
start start a (previously defined) inactive domain
suspend suspend a domain
ttyconsole tty console
undefine undefine a domain
update-device update device from an XML file
update-memory-device update memory device of a domain
vcpucount domain vcpu counts
vcpuinfo detailed domain vcpu information
vcpupin control or query domain vcpu affinity
emulatorpin control or query domain emulator affinity
vncdisplay vnc display
guestvcpus query or modify state of vcpu in the guest (via agent)
setvcpu attach/detach vcpu or groups of threads
domblkthreshold set the threshold for block-threshold event for a given block device or it's backing chain element
guestinfo query information about the guest (via agent)
domdirtyrate-calc Calculate a vm's memory dirty rate
dom-fd-associate associate a FD with a domain
Domain Monitoring (help keyword 'monitor')
domblkerror Show errors on block devices
domblkinfo domain block device size information
domblklist list all domain blocks
domblkstat get device block stats for a domain
domcontrol domain control interface state
domif-getlink get link state of a virtual interface
domifaddr Get network interfaces' addresses for a running domain
domiflist list all domain virtual interfaces
domifstat get network interface stats for a domain
dominfo domain information
dommemstat get memory statistics for a domain
domstate domain state
domstats get statistics about one or multiple domains
domtime domain time
list list domains
Domain Events (help keyword 'events')
event Domain Events
Host and Hypervisor (help keyword 'host')
allocpages Manipulate pages pool size
capabilities capabilities
cpu-baseline compute baseline CPU
cpu-compare compare host CPU with a CPU described by an XML file
cpu-models CPU models
domcapabilities domain capabilities
freecell NUMA free memory
freepages NUMA free pages
hostname print the hypervisor hostname
hypervisor-cpu-baseline compute baseline CPU usable by a specific hypervisor
hypervisor-cpu-compare compare a CPU with the CPU created by a hypervisor on the host
maxvcpus connection vcpu maximum
node-memory-tune Get or set node memory parameters
nodecpumap node cpu map
nodecpustats Prints cpu stats of the node.
nodeinfo node information
nodememstats Prints memory stats of the node.
nodesevinfo node SEV information
nodesuspend suspend the host node for a given time duration
sysinfo print the hypervisor sysinfo
uri print the hypervisor canonical URI
version show version
Checkpoint (help keyword 'checkpoint')
checkpoint-create Create a checkpoint from XML
checkpoint-create-as Create a checkpoint from a set of args
checkpoint-delete Delete a domain checkpoint
checkpoint-dumpxml Dump XML for a domain checkpoint
checkpoint-edit edit XML for a checkpoint
checkpoint-info checkpoint information
checkpoint-list List checkpoints for a domain
checkpoint-parent Get the name of the parent of a checkpoint
Interface (help keyword 'interface')
iface-begin create a snapshot of current interfaces settings, which can be later committed (iface-commit) or restored (iface-rollback)
iface-bridge create a bridge device and attach an existing network device to it
iface-commit commit changes made since iface-begin and free restore point
iface-define define an inactive persistent physical host interface or modify an existing persistent one from an XML file
iface-destroy destroy a physical host interface (disable it / "if-down")
iface-dumpxml interface information in XML
iface-edit edit XML configuration for a physical host interface
iface-list list physical host interfaces
iface-mac convert an interface name to interface MAC address
iface-name convert an interface MAC address to interface name
iface-rollback rollback to previous saved configuration created via iface-begin
iface-start start a physical host interface (enable it / "if-up")
iface-unbridge undefine a bridge device after detaching its device(s)
iface-undefine undefine a physical host interface (remove it from configuration)
Network Filter (help keyword 'filter')
nwfilter-define define or update a network filter from an XML file
nwfilter-dumpxml network filter information in XML
nwfilter-edit edit XML configuration for a network filter
nwfilter-list list network filters
nwfilter-undefine undefine a network filter
nwfilter-binding-create create a network filter binding from an XML file
nwfilter-binding-delete delete a network filter binding
nwfilter-binding-dumpxml network filter information in XML
nwfilter-binding-list list network filter bindings
Networking (help keyword 'network')
net-autostart autostart a network
net-create create a network from an XML file
net-define define an inactive persistent virtual network or modify an existing persistent one from an XML file
net-destroy destroy (stop) a network
net-dhcp-leases print lease info for a given network
net-dumpxml network information in XML
net-edit edit XML configuration for a network
net-event Network Events
net-info network information
net-list list networks
net-name convert a network UUID to network name
net-start start a (previously defined) inactive network
net-undefine undefine a persistent network
net-update update parts of an existing network's configuration
net-uuid convert a network name to network UUID
net-port-list list network ports
net-port-create create a network port from an XML file
net-port-dumpxml network port information in XML
net-port-delete delete the specified network port
Node Device (help keyword 'nodedev')
nodedev-create create a device defined by an XML file on the node
nodedev-destroy destroy (stop) a device on the node
nodedev-detach detach node device from its device driver
nodedev-dumpxml node device details in XML
nodedev-list enumerate devices on this host
nodedev-reattach reattach node device to its device driver
nodedev-reset reset node device
nodedev-event Node Device Events
nodedev-define Define a device by an xml file on a node
nodedev-undefine Undefine an inactive node device
nodedev-start Start an inactive node device
nodedev-autostart autostart a defined node device
nodedev-info node device information
Secret (help keyword 'secret')
secret-define define or modify a secret from an XML file
secret-dumpxml secret attributes in XML
secret-event Secret Events
secret-get-value Output a secret value
secret-list list secrets
secret-set-value set a secret value
secret-undefine undefine a secret
Snapshot (help keyword 'snapshot')
snapshot-create Create a snapshot from XML
snapshot-create-as Create a snapshot from a set of args
snapshot-current Get or set the current snapshot
snapshot-delete Delete a domain snapshot
snapshot-dumpxml Dump XML for a domain snapshot
snapshot-edit edit XML for a snapshot
snapshot-info snapshot information
snapshot-list List snapshots for a domain
snapshot-parent Get the name of the parent of a snapshot
snapshot-revert Revert a domain to a snapshot
Backup (help keyword 'backup')
backup-begin Start a disk backup of a live domain
backup-dumpxml Dump XML for an ongoing domain block backup job
Storage Pool (help keyword 'pool')
find-storage-pool-sources-as find potential storage pool sources
find-storage-pool-sources discover potential storage pool sources
pool-autostart autostart a pool
pool-build build a pool
pool-create-as create a pool from a set of args
pool-create create a pool from an XML file
pool-define-as define a pool from a set of args
pool-define define an inactive persistent storage pool or modify an existing persistent one from an XML file
pool-delete delete a pool
pool-destroy destroy (stop) a pool
pool-dumpxml pool information in XML
pool-edit edit XML configuration for a storage pool
pool-info storage pool information
pool-list list pools
pool-name convert a pool UUID to pool name
pool-refresh refresh a pool
pool-start start a (previously defined) inactive pool
pool-undefine undefine an inactive pool
pool-uuid convert a pool name to pool UUID
pool-event Storage Pool Events
pool-capabilities storage pool capabilities
Storage Volume (help keyword 'volume')
vol-clone clone a volume.
vol-create-as create a volume from a set of args
vol-create create a vol from an XML file
vol-create-from create a vol, using another volume as input
vol-delete delete a vol
vol-download download volume contents to a file
vol-dumpxml vol information in XML
vol-info storage vol information
vol-key returns the volume key for a given volume name or path
vol-list list vols
vol-name returns the volume name for a given volume key or path
vol-path returns the volume path for a given volume name or key
vol-pool returns the storage pool for a given volume key or path
vol-resize resize a vol
vol-upload upload file contents to a volume
vol-wipe wipe a vol
Virsh itself (help keyword 'virsh')
cd change the current directory
echo echo arguments. Used for internal testing.
exit quit this interactive terminal
help print help
pwd print the current directory
quit quit this interactive terminal
connect (re)connect to hypervisor
(specify help <group> for details about the commands in the group)
(specify help <command> for details about the command)
Rants and Temper Tantrums
Delete a bridge created by using an XML file. It works most of the time. But what happens if you get a dreaded "failed to get a 'forking' domain" error message? What then? Well, your SOL until you reboot the machine. NOTHING works!
QEMU Guest Agent / qemu-guest-agent.service VS libvirtd "guest" stuff: There are hints that the former has been depricated or isn't needed or something. Good fucking lucking getting a straight answer on any of this shit. Here, try this: https://stackshare.io/stackups/libvirt-vs-qemu#:~:text=Hardware%20Emulation%3A%20QEMU%20includes%20its,not%20provide%20direct%20hardware%20emulation. Yup, now it's all clear. Dear Linux developers. You're brilliant. But you can't communicate for shit. You change things on a minutely basis and leave a wake of documentation destruction behind you. How is anyone on this planet supposed to understand and keep up with what you're doing? Part of your job should be to make this open source software available to everyone. Nope, need a degree in Linuxology to understand stuff, and it shouldn't be that way. Yes, there needs to be an understanding of fundamentals and expertise, but don't you get it? There are people out there that have to be skilled in a myriad of technologies to actually make use of your stuff in the real world. They're really smart and capable, but just don't have the time to understand stuff like you. There's too much other stuff going on. Rant over, because I'm tired of typing.