libvirtd 設定

最後更新: 2018-01-03

 


Check Version

libvirtd --version

libvirtd (libvirt) 3.0.0

 

libvirtd 的 Config File

/etc/libvirt/libvirtd.conf

remote login 方式

# TLS (Default: Enable)
# 此方法是用 Certificate 去認證
listen_tls = 0
tls_port = "16514"
auth_tls = "none"

# TCP (Default: Disable)
# Requires SASL authentication by default
listen_tcp = 0
tcp_port = "16509"

# If you don't enable SASL, then all TCP traffic is cleartext.
# controlled from /etc/sasl2/libvirt.conf
auth_tcp = "sasl"

# Default binds to all network interfaces
#listen_addr = "127.0.0.1"

# mdns (disabled by default)

# disable mDNS advertizement of the libvirt service
#mdns_adv = 1
mdns_name = "Virtualization Host - Home Server"

Local socket

# 'root' in 'unix_sock_group'
unix_sock_group = "libvirtd"

# for monitoring VM status only
unix_sock_rw_perms = "0770"
# for full management of VMs
unix_sock_ro_perms = "0777"
# configure the daemon during runtime
unix_sock_admin_perms = "0700"

# - /var/run/libvirt/libvirt-sock
# - /var/run/libvirt/libvirt-sock-ro
unix_sock_dir = "/var/run/libvirt"

# Authentication

auth_unix_ro = "none"
auth_unix_rw = "none"

# Processing controls

max_clients = 20
min_workers = 5
max_workers = 20
prio_workers = 5

# Total global limit on concurrent RPC calls
# Beyond this, RPC requests will be read into memory and queued
max_requests = 20

# concurrent requests from a single client
max_client_requests = 5

# Logging controls

# 3 warnings
log_level = 3

# Keepalive protocol (detect broken client)

keepalive_interval = 5
keepalive_count = 5

# libvirtd will refuse to talk to clients that do not support keepalive protocol.
# enable 後, virsh 會用不到
keepalive_required = 1

 


設定 libvirtd list Default TLS Port

 

/etc/default/libvirtd

start_libvirtd="yes"

# -l | --listen          Listen for TCP/IP connections.
libvirtd_opts="-d -l"

Opts

  • -l, --listen                Listen for TCP/IP connections.
  • -d, --daemon           Run as a daemon & write PID file.

 


Troubleshoot

 

[1]

-v | --verbose         Verbose messages.

libvirtd -l -v |& grep error

... Unable to import server certificate /etc/libvirt/tls/server.key

[1] Restart Service 後出 permission denie

service libvirt-bin restart

# debian 9

error: Cannot access storage file '/kvm/vm/win7/win7.qcow2' (as uid:111, gid:120): Permission denie

# FiX

chmod libvirt-qemu.libvirt-qemu /kvm/vm/win7/win7.qcow2
 


 

 

Creative Commons license icon Creative Commons license icon