| 1 |
On Thu, 07 Jul 2011 17:26:18 -0400 |
| 2 |
Albert Hopkins <marduk@×××××××××××.org> wrote: |
| 3 |
|
| 4 |
> |
| 5 |
> |
| 6 |
> On Thursday, July 7 at 20:46 (+0100), john said: |
| 7 |
> |
| 8 |
> Well, I see several errors, you may want to start with the first one |
| 9 |
> and work your way down. |
| 10 |
> |
| 11 |
> > iptables is running, bridging and tun have been loaded as modules |
| 12 |
> > iproute2 has now been installed but makes no odds. Not sure about |
| 13 |
> > brctl as I can't find this? |
| 14 |
> > |
| 15 |
> > Have started libvirtd and get the following |
| 16 |
> > when trying to start virt-manager |
| 17 |
> > |
| 18 |
> > 20:28:05.083: 5216: info : |
| 19 |
> > libvirt version: 0.9.1 20:28:05.083: 5216: error : |
| 20 |
> > virCommandWait:1281 : internal error Child process (/sbin/iptables |
| 21 |
> > --table mangle --insert POSTROUTING --out-interface virbr0 |
| 22 |
> > --protocol udp --destination-port 68 --jump CHECKSUM |
| 23 |
> > --checksum-fill) status unexpected: exit status 1 |
| 24 |
> |
| 25 |
> iptables is failing. Maybe you don't have the correct modules or have |
| 26 |
> them installed. |
| 27 |
> |
| 28 |
> > 20:28:05.084: 5216: warning : networkAddGeneralIptablesRules:1199 : |
| 29 |
> > Could not add rule to fixup DHCP response checksums on network |
| 30 |
> > 'default'. 20:28:05.084: 5216: warning : |
| 31 |
> > networkAddGeneralIptablesRules:1200 : May need to update iptables |
| 32 |
> > package & kernel to support CHECKSUM rule. 20:28:05.256: 5216: |
| 33 |
> > error : virCommandWait:1281 : internal error Child process |
| 34 |
> > (/sbin/ip addr add 192.168.122.1/24 broadcast 192.168.122.255 dev |
| 35 |
> > virbr0) status unexpected: exit status 1 20:28:05.256: 5216: error : |
| 36 |
> > networkAddAddrToBridge:1625 : internal error cannot set IP address |
| 37 |
> > on bridge 'virbr0' 20:28:05.449: 5216: error : virCommandWait:1281 : |
| 38 |
> > internal error Child process (/sbin/iptables --table mangle --delete |
| 39 |
> > POSTROUTING --out-interface virbr0 --protocol udp |
| 40 |
> > --destination-port 68 --jump CHECKSUM --checksum-fill) status |
| 41 |
> > unexpected: exit status 1 20:28:05.481: 5216: warning : |
| 42 |
> > networkStartNetworkDaemon:1800 : Failed to delete dummy tap device |
| 43 |
> > '(null)' on bridge 'virbr0' : Invalid argument 20:28:05.526: 5216: |
| 44 |
> > error : udevGetDMIData:1493 : Failed to get udev device for syspath |
| 45 |
> > '/sys/devices/virtual/dmi/id' or '/sys/class/dmi/id' 20:28:51.078: |
| 46 |
> > 5219: error : remoteDispatchAuthPolkit:5139 : Policy kit denied |
| 47 |
> > action org.libvirt.unix.manage from pid 6810, uid 1000: exit status |
| 48 |
> > 1 20:31:26.177: 5218: error : do_open:1085 : no connection driver |
| 49 |
> > available for No connection for URI qemu:///system |
| 50 |
> > |
| 51 |
> > Does mean something++++++ |
| 52 |
> > no connection driver |
| 53 |
> > available for No connection for URI qemu:///system |
| 54 |
> > |
| 55 |
> |
| 56 |
> The subsequent errors may be because of the first. So I'd start with |
| 57 |
> that. |
| 58 |
> |
| 59 |
> If you are not going to use virtual networks, then you could simply |
| 60 |
> disable the virt-net USE flag and save yourself some time. |
| 61 |
> |
| 62 |
> As for as iptables. You need the right sub-drivers (or whatever |
| 63 |
> they're called). Basically if you are using virtual networking you |
| 64 |
> need to be able to do NAT. I have the following: |
| 65 |
> |
| 66 |
> CONFIG_NF_CONNTRACK=m |
| 67 |
> CONFIG_NF_CONNTRACK_MARK=y |
| 68 |
> # CONFIG_NF_CONNTRACK_EVENTS is not set |
| 69 |
> # CONFIG_NF_CT_PROTO_DCCP is not set |
| 70 |
> # CONFIG_NF_CT_PROTO_SCTP is not set |
| 71 |
> # CONFIG_NF_CT_PROTO_UDPLITE is not set |
| 72 |
> # CONFIG_NF_CONNTRACK_AMANDA is not set |
| 73 |
> # CONFIG_NF_CONNTRACK_FTP is not set |
| 74 |
> # CONFIG_NF_CONNTRACK_H323 is not set |
| 75 |
> # CONFIG_NF_CONNTRACK_IRC is not set |
| 76 |
> # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set |
| 77 |
> # CONFIG_NF_CONNTRACK_PPTP is not set |
| 78 |
> # CONFIG_NF_CONNTRACK_SANE is not set |
| 79 |
> # CONFIG_NF_CONNTRACK_SIP is not set |
| 80 |
> # CONFIG_NF_CONNTRACK_TFTP is not set |
| 81 |
> # CONFIG_NF_CT_NETLINK is not set |
| 82 |
> CONFIG_NF_DEFRAG_IPV4=m |
| 83 |
> CONFIG_NF_CONNTRACK_IPV4=m |
| 84 |
> CONFIG_NF_CONNTRACK_PROC_COMPAT=y |
| 85 |
> # CONFIG_IP_NF_QUEUE is not set |
| 86 |
> CONFIG_IP_NF_IPTABLES=m |
| 87 |
> CONFIG_IP_NF_MATCH_ADDRTYPE=m |
| 88 |
> # CONFIG_IP_NF_MATCH_AH is not set |
| 89 |
> # CONFIG_IP_NF_MATCH_ECN is not set |
| 90 |
> # CONFIG_IP_NF_MATCH_TTL is not set |
| 91 |
> CONFIG_IP_NF_FILTER=m |
| 92 |
> CONFIG_IP_NF_TARGET_REJECT=mNAT/masquerading. |
| 93 |
> # CONFIG_IP_NF_TARGET_LOG is not set |
| 94 |
> # CONFIG_IP_NF_TARGET_ULOG is not set |
| 95 |
> CONFIG_NF_NAT=m |
| 96 |
> CONFIG_NF_NAT_NEEDED=y |
| 97 |
> CONFIG_IP_NF_TARGET_MASQUERADE=m |
| 98 |
> # CONFIG_IP_NF_TARGET_NETMAP is not set |
| 99 |
> # CONFIG_IP_NF_TARGET_REDIRECT is not set |
| 100 |
> # CONFIG_NF_NAT_SNMP_BASIC is not set |
| 101 |
> # CONFIG_NF_NAT_FTP is not set |
| 102 |
> # CONFIG_NF_NAT_IRC is not set |
| 103 |
> # CONFIG_NF_NAT_TFTP is not set |
| 104 |
> # CONFIG_NF_NAT_AMANDA is not set |
| 105 |
> # CONFIG_NF_NAT_PPTP is not set |
| 106 |
> # CONFIG_NF_NAT_H323 is not set |
| 107 |
> # CONFIG_NF_NAT_SIP is not set |
| 108 |
> CONFIG_IP_NF_MANGLE=m |
| 109 |
> # CONFIG_IP_NF_TARGET_CLUSTERIP is not set |
| 110 |
> # CONFIG_IP_NF_TARGET_ECN is not set |
| 111 |
> # CONFIG_IP_NF_TARGET_TTL is not set |
| 112 |
> # CONFIG_IP_NF_RAW is not set |
| 113 |
> # CONFIG_IP_NF_ARPTABLES is not set |
| 114 |
> # CONFIG_BRIDGE_NF_EBTABLES is not set |
| 115 |
> |
| 116 |
> I have the following modules loaded (may not all be used by libvirt |
| 117 |
> though): |
| 118 |
> |
| 119 |
> $ lsmod|egrep 'ipt|nf' |
| 120 |
> ipt_MASQUERADE 1523 3 |
| 121 |
> iptable_nat 3053 1 |
| 122 |
> nf_nat 11757 2 ipt_MASQUERADE,iptable_nat |
| 123 |
> nf_conntrack_ipv4 8846 4 iptable_nat,nf_nat |
| 124 |
> nf_defrag_ipv4 1131 1 nf_conntrack_ipv4 |
| 125 |
> nf_conntrack 40786 5 |
| 126 |
> ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state |
| 127 |
> ipt_REJECT 1998 2 |
| 128 |
> iptable_mangle 1392 1 |
| 129 |
> iptable_filter 1312 1 |
| 130 |
> ip_tables 13195 3 |
| 131 |
> iptable_nat,iptable_mangle,iptable_filter |
| 132 |
> x_tables 13624 9 |
| 133 |
> ipt_MASQUERADE,iptable_nat,xt_state,ipt_REJECT,xt_CHECKSUM,iptable_mangle,xt_tcpudp,iptable_filter,ip_tables |
| 134 |
> |
| 135 |
> |
| 136 |
> You also need to be able do to ethernet bridging. The virtual device |
| 137 |
> vibr0 is a bridge. You also need bridge-utils, but it's probably |
| 138 |
> already installed. |
| 139 |
> |
| 140 |
> A good reference is this: http://wiki.libvirt.org/page/Networking |
| 141 |
> |
| 142 |
> |
| 143 |
> |
| 144 |
> |
| 145 |
|
| 146 |
Thanks Albert, |
| 147 |
|
| 148 |
Have cleared up error messages using config as suggested. |
| 149 |
|
| 150 |
I still get the issue when starting /etc/init.d/libvirtd |
| 151 |
|
| 152 |
> * Starting libvirtd ... |
| 153 |
> /usr/sbin/libvirtd: error: Unable to initialize network sockets. |
| 154 |
> Check /var/log/messages or run without --daemon for more info. |
| 155 |
> * start-stop-daemon: failed to start |
| 156 |
> `/usr/sbin/libvirtd' [ !! ] |
| 157 |
> * ERROR: libvirtd failed to start |
| 158 |
|
| 159 |
BUT when i start /usr/sbin/libvirtd from command line virt-manager now |
| 160 |
works. It lets me create vms (yippee) |
| 161 |
|
| 162 |
I was unaware that libvirtd was a separate package (thought it was part |
| 163 |
of virt-manager. After reading your hints it dawned on me that is was |
| 164 |
seaparate so have enabled more use flags. I should check more carefully |
| 165 |
the output of emerge -vp. |
| 166 |
|
| 167 |
Anyway I am up and running with a big thanks to yourself and will have |
| 168 |
a closer look at the service another day. |
| 169 |
|
| 170 |
Thank You |
| 171 |
-- |
| 172 |
-------------- |
| 173 |
John D Maunder |
| 174 |
jdm@××××××××××××.uk |
Archives