main
1<!DOCTYPE html>
2<html lang="en">
3<head>
4<!-- Oct 07, 2022 -->
5<meta charset="utf-8" />
6<meta name="viewport" content="width=device-width, initial-scale=1" />
7<title>libvirt</title>
8<meta name="author" content="Vincent Demeester" />
9<meta name="keywords" content="article" />
10<meta name="generator" content="Org Mode" />
11<link rel='icon' type='image/x-icon' href='/images/favicon.ico'/>
12<meta name='viewport' content='width=device-width, initial-scale=1'>
13<link rel='stylesheet' href='/css/new.css' type='text/css'/>
14<link rel='stylesheet' href='/css/syntax.css' type='text/css'/>
15<link href='/index.xml' rel='alternate' type='application/rss+xml' title='Vincent Demeester' />
16</head>
17<body>
18<main id="content" class="content">
19<header>
20<h1 class="title">libvirt</h1>
21</header>
22<section id="outline-container-h:348103fa-e9a6-49b0-a7f8-7b212d647940" class="outline-2">
23<h2 id="h:348103fa-e9a6-49b0-a7f8-7b212d647940">Remote setup with NixOS</h2>
24<div class="outline-text-2" id="text-h:348103fa-e9a6-49b0-a7f8-7b212d647940">
25<p>
26Usually, you connect to <code>libvirt</code> using <code>qmeu:///system</code> or <code>qemu+ssh://…</code>. This works in
27most case but sometimes you want to expose libvirt on tcp (with or without TLS). One such
28example is for <a href="https://github.com/openshift/installer/"><code>openshift/installer</code></a>.
29</p>
30
31<div class="org-src-container">
32<pre class="src src-nix"><span class="org-nix-attribute">boot.kernel.sysctl</span> = { <span class="org-string">"net.ipv4.ip_forward"</span> = 1 ; };
33<span class="org-nix-attribute">virtualisation.libvirtd</span> = {
34 <span class="org-nix-attribute">extraConfig</span> = <span class="org-string">''</span>
35<span class="org-string"> listen_tls = 0</span>
36<span class="org-string"> listen_tcp = 1</span>
37<span class="org-string"> auth_tcp="none"</span>
38<span class="org-string"> tcp_port = "16509"</span>
39<span class="org-string"> ''</span>;
40 <span class="org-nix-attribute">extraOptions</span> = [ <span class="org-string">"--listen"</span> ]
41};
42<span class="org-nix-attribute">networking.firewall.allowedTCPPorts</span> = [ 16509 ];
43</pre>
44</div>
45
46<p>
47For <code>openshift</code> purpose we may want dns entry like <code>echo
48server=/tt.testing/192.168.126.1 | sudo tee /etc/NetworkManager/dnsmasq.d/openshift.conf</code>.
49</p>
50</div>
51
52<div id="outline-container-h:6b85c514-d810-4441-89f1-133158f17761" class="outline-3">
53<h3 id="h:6b85c514-d810-4441-89f1-133158f17761">Sources</h3>
54<div class="outline-text-3" id="text-h:6b85c514-d810-4441-89f1-133158f17761">
55<ul class="org-ul">
56<li><a href="https://github.com/openshift/installer/blob/master/docs/dev/libvirt-howto.md"><code>openshift/installer</code> libvirt HOWTO</a></li>
57<li><a href="https://libvirt.org/remote.html">libvirt: Remote support</a></li>
58<li><a href="https://libvirt.org/auth.html">libvirt: Connection authentication</a></li>
59<li><a href="https://libvirt.org/remote.html">libvirt: Remote support</a></li>
60</ul>
61</div>
62</div>
63</section>
64</main>
65<footer id="postamble" class="status">
66<footer>
67 <small><a href="/" rel="history">Index</a> • <a href="/sitemap.html">Sitemap</a> • <a href="https://dl.sbr.pm/">Files</a></small><br/>
68 <small class='questions'>Questions, comments ? Please use my <a href="https://lists.sr.ht/~vdemeester/public-inbox">public inbox</a> by sending a plain-text email to <a href="mailto:~vdemeester/public-inbox@lists.sr.ht">~vdemeester/public-inbox@lists.sr.ht</a>.</small><br/>
69 <small class='copyright'>
70 Content and design by Vincent Demeester
71 (<a rel='licence' href='http://creativecommons.org/licenses/by-nc-sa/3.0/'>Some rights reserved</a>)
72 </small><br />
73</footer>
74</footer>
75</body>
76</html>