[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
howtos:general_admin:kvm_libvirt [2013/09/20 10:08 (UTC)] – Add section on qemu-nbd fdonkers | howtos:general_admin:kvm_libvirt [2015/06/27 06:45 (UTC)] (current) – [Guest configuration]Tiny invisible change for syntax rightness. didierspaier | ||
---|---|---|---|
Line 14: | Line 14: | ||
===== Configuration ===== | ===== Configuration ===== | ||
- | ==== libvirtd daemon ==== | ||
- | First, configure the libvirt daemon. This is done by editing the ''/ | ||
- | < | ||
- | ca_file = "/ | ||
- | </ | ||
- | If you want to manage virtual machines as a regular user, uncomment the following options: | ||
- | < | ||
- | unix_sock_group = " | ||
- | unix_sock_ro_perms = " | ||
- | unix_sock_rw_perms = " | ||
- | </ | ||
- | This will assume a group '' | ||
- | |||
- | ==== PolicyKit setup ==== | ||
- | Libvirt is built by default with PolicyKit support. If you want to disable this, edit ''/ | ||
- | < | ||
- | auth_unix_ro = " | ||
- | auth_unix_rw = " | ||
- | </ | ||
- | |||
- | To use PolicyKit, a new file containing policy rules needs to be created in the ''/ | ||
- | * Full management access: rule = org.libvirt.unix.manage. | ||
- | * Read-only, or monitoring access: rule = org.libvirt.unix.monitor. | ||
- | |||
- | Example to give management access to all users of a given group: | ||
- | < | ||
- | [libvirt Management Access] | ||
- | Identity=unix-group: | ||
- | Action=org.libvirt.unix.manage | ||
- | ResultAny=yes | ||
- | ResultInactive=yes | ||
- | ResultActive=yes | ||
- | </ | ||
- | This allows all users of the '' | ||
- | |||
- | To allow access on a per-user basis, use the // | ||
- | < | ||
- | [libvirt Management Access] | ||
- | Identity=unix-user: | ||
- | Action=org.libvirt.unix.manage | ||
- | ResultAny=yes | ||
- | ResultInactive=yes | ||
- | ResultActive=yes | ||
- | </ | ||
- | This will grant user //frank// management access to libvirt. | ||
==== Automatic startup ==== | ==== Automatic startup ==== | ||
Line 246: | Line 201: | ||
* Source path = directory on the host which is shared. | * Source path = directory on the host which is shared. | ||
* Target path = mount tag that is made available on the guest system. This doesn' | * Target path = mount tag that is made available on the guest system. This doesn' | ||
- | | + | Option //Export filesystem as readonly mount// does what it suggests. |
==== Mounting the share ==== | ==== Mounting the share ==== | ||
Line 282: | Line 237: | ||
</ | </ | ||
+ | ==== Setup PXE boot in libvirt ==== | ||
+ | To enable PXE booting for the guest machines, a PXE boot server and a TFTP server are needed. Libvirt can be configured to handle both internally. These configuration options are not available in virt-manager, | ||
+ | |||
+ | - Create a directory ''/ | ||
+ | - Stop the default network and edit the network definition: < | ||
+ | # virsh net-destroy default | ||
+ | # virsh net-edit default | ||
+ | </ | ||
+ | - This will open the network configuration in a vi session. Add the //tftp// and //bootp// parameters in the //ip// section and save the file: < | ||
+ | <ip address=' | ||
+ | <tftp root='/ | ||
+ | < | ||
+ | <range start=' | ||
+ | <bootp file=' | ||
+ | </ | ||
+ | </ip> | ||
+ | </ | ||
+ | - Now restart the network: < | ||
+ | # virsh net-start default | ||
+ | </ | ||
+ | |||
+ | Now the libvirt DHCP server will allow guests to PXE boot. | ||
===== Troubleshooting ===== | ===== Troubleshooting ===== | ||
==== Remove password prompt in virt-manager ==== | ==== Remove password prompt in virt-manager ==== | ||
- | When you start virt-manager as a regular user, you may still be asked for the root password, even when you have setup the correct unix socket permissions (notification: | + | When you start virt-manager as a regular user, you may still be asked for the root password, even when you have setup the correct unix socket permissions (notification: |
+ | < | ||
+ | auth_unix_ro = " | ||
+ | auth_unix_rw = " | ||
+ | </ | ||
==== Improve mouse movement ==== | ==== Improve mouse movement ==== | ||
In graphics mode, the mouse movement can be erratic and difficult to change in the settings of your VM. To solve this, add a virtual tablet. | In graphics mode, the mouse movement can be erratic and difficult to change in the settings of your VM. To solve this, add a virtual tablet. |