19 - 03 - 2024

Openvswitch + libvirt = FIX - operation not permitted

There is an issue with Libvirt and openvswitch. After a some time of usage and reboots openvswitch saves the current state into its' conf.db. This is very annoying issue because you won't be able to start VMs with this configuration, the start will end with "error: Unable to add port vnet0 to OVS bridge CORE: Operation not permitted" error. But if you know what is causing this there is easy fix for it.

 

Read more: Openvswitch + libvirt = FIX - operation not permitted

VNC socket with Libivrt incorrect permissions

We you are using libvirt with VNC based on sockets instead of default TCP listening and you are not running as root. You could have an situation when socket has incorrect permissions 0775 and qemu:qemu group under default /var/lib/libvirt/qemu folder. The files has extension ".vnc" with suffix based on your Virtual Machine name and "=" sign.

Unix sockets are forced by "vnc_auto_unix_socket" in qemu.conf file, in /etc/libvirt folder.

The params from libvirtd.conf unix_sock_rw_perms and unix_sock_ro_perms, had no impact on the VNC socket permissions.

Read more: VNC socket with Libivrt incorrect permissions

openvswitch - libvirtd issue fix - veth already existing

Some time ago I wrote an little fix for running openvswitch network solution combined with libvirtd. It seems that a few days ago after upgrading my openSUSE 13.1 packages, openvswitch saves conf.db little bit different as it was. 

Read more: openvswitch - libvirtd issue fix - veth already existing

Libvirt + openvswitch = vlans with portgroups

VLANs are old technology to keep L2 separated, but it's very handy to limit the interfaces needed on Linux to provide multiple separate networks for VMs. In old fashion way like XenServer does without openvswitch we would create VLANs on the interfaces like eth0.4000 or networks in form on bridges.

With openvswitch we just create one bridge and it will handle all VLAN traffic for us, without the need of interfaces messing our system.

Read more: Libvirt + openvswitch = vlans with portgroups

Libvirt + cgroups settings = keep VMs limited

Cgroups are with us for a long time and it's very powerful feature. You can limit everything, everywhere... It's also integrated into systemd and libvirt, and it's a shame not to use it. For me the biggest advantage of this solution is making of common groups within we can keep specific machines.

 

Read more: Libvirt + cgroups settings = keep VMs limited