> ----- On May 16, 2017, at 12:53 PM, Bernd Lentes > bernd.lentes@xxxxxxxxxxxxxxxxxxxxx wrote: > > >> >> Hi guys, >> >> thanks for your quick answer. I have some further questions. I will leave >> windows and try to connect to libvirt or guest consoles from a linux box. >> My scenario is that i have a few guests which are controlled by pacemaker in a >> two node cluster. >> I'd like to have the ability to connect to the consoles when the guests have >> problems in booting. This way maybe i can identify the problems. >> I don't want to open the libvirt port if possible but connect to libvirt/guest >> consoles using ssh. >> I managed to connect to the hypervisor using virsh and ssh from a remote linux >> box. >> My idea is that i configure in each guest a vnc display with increasing port >> numbers, starting from 5900, so i can connect to each guest indepently, >> and to several concurrently. >> I'd like to bind the vnc display just to the localhost interface because of not >> exposing this port. >> I can connect to the hypervisor with the following: virt-viewer -vc >> qemu+ssh://root@ha-idg-1/system >> Then i get a list of the running guests (currently only one). I choose it, and >> then ... nothing happens :-( >> Virt-viewer says "waiting for display 1...", and i get the following message on >> my terminal: >> "(virt-viewer:810): Gtk-WARNING **: Allocating size to VncDisplay 0x10282f0 >> without calling gtk_widget_get_preferred_width/height(). How does the code know >> the size to allocate? " >> >> This is the output of my shell: >> >> (virt-viewer:8414): virt-viewer-DEBUG: connecting ... >> (virt-viewer:8414): virt-viewer-DEBUG: Opening connection to libvirt with URI >> qemu+ssh://root@ha-idg-1/system >> Opening connection to libvirt with URI qemu+ssh://root@ha-idg-1/system >> Password: >> (virt-viewer:8414): virt-viewer-DEBUG: initial connect >> (virt-viewer:8414): virt-viewer-DEBUG: notebook show status 0x1950200 >> >> (virt-viewer:8414): Gtk-WARNING **: Theme directory base/ of theme oxygen has no >> size field >> >> (virt-viewer:8414): virt-viewer-DEBUG: virt_viewer_app_set_uuid_string: UUID >> changed to f08c2f32-fe35-137a-0e9d-fa7485d57974 >> (virt-viewer:8414): virt-viewer-DEBUG: notebook show status 0x1950200 >> (virt-viewer:8414): virt-viewer-DEBUG: Guest mausdb_vm is running, determining >> display >> Guest mausdb_vm is running, determining display >> (virt-viewer:8414): virt-viewer-DEBUG: Set connect info: >> (null),(null),-1,-1,(null),(null),(null),0 >> (virt-viewer:8414): virt-viewer-DEBUG: Guest mausdb_vm has a vnc display >> Guest mausdb_vm has a vnc display >> (virt-viewer:8414): virt-viewer-DEBUG: Guest graphics address is 127.0.0.1:5900 >> (virt-viewer:8414): virt-viewer-DEBUG: Set connect info: >> ha-idg-1,127.0.0.1,5900,-1,ssh,(null),root,0 >> (virt-viewer:8414): virt-viewer-DEBUG: Error operation forbidden: read only >> access prevents virDomainOpenGraphicsFD >> (virt-viewer:8414): virt-viewer-DEBUG: After open connection callback fd=-1 >> (virt-viewer:8414): virt-viewer-DEBUG: Opening indirect TCP connection to >> display at 127.0.0.1:5900 >> Opening indirect TCP connection to display at 127.0.0.1:5900 >> (virt-viewer:8414): virt-viewer-DEBUG: Setting up SSH tunnel via root@ha-idg-1 >> Setting up SSH tunnel via root@ha-idg-1 >> (virt-viewer:8414): virt-viewer-DEBUG: notebook show status 0x1950200 >> (virt-viewer:8414): virt-viewer-DEBUG: reconnect_poll: 0 >> (virt-viewer:8414): virt-viewer-DEBUG: notebook show status 0x1950200 >> (virt-viewer:8414): virt-viewer-DEBUG: Insert display 0 0x1897c60 >> (virt-viewer:8414): virt-viewer-DEBUG: notebook show status 0x1950200 >> Password: (virt-viewer:8414): virt-viewer-DEBUG: Allocated 1024x740 >> (virt-viewer:8414): virt-viewer-DEBUG: Child allocate 1024x640 >> >> (virt-viewer:8414): Gtk-WARNING **: Allocating size to VncDisplay 0x1a2a2f0 >> without calling gtk_widget_get_preferred_width/height(). How does the code know >> the size to allocate? >> (virt-viewer:8414): virt-viewer-DEBUG: Window closed >> (virt-viewer:8414): virt-viewer-DEBUG: close vnc=0x1a2a2f0 >> (virt-viewer:8414): virt-viewer-DEBUG: Not removing main window 0 0x187ec60 >> (virt-viewer:8414): virt-viewer-DEBUG: Disconnected >> (virt-viewer:8414): virt-viewer-DEBUG: close vnc=0x1a2a520 >> (virt-viewer:8414): virt-viewer-DEBUG: notebook show status 0x1950200 >> (virt-viewer:8414): virt-viewer-DEBUG: Guest mausdb_vm display has disconnected, >> shutting down >> Guest mausdb_vm display has disconnected, shutting down >> pc65518:~ # >> Password: >> Password: >> Permission denied (publickey,keyboard-interactive). >> pc65518:~ # pc65518:~ # pc65518:~ # >> >> >> Do i have to provide the desired resolution ? How can i do that ? >> I tried virt-viewer with -f, but that didn't help. >> >> What means "(virt-viewer:8414): virt-viewer-DEBUG: Error operation forbidden: >> read only access prevents virDomainOpenGraphicsFD >> (virt-viewer:8414): virt-viewer-DEBUG: After open connection callback fd=-1" ? >> >> Is my idea basically possible ? Or is it the problem that vnc is just listening >> on localhost ? > > I tested a bit. I'm able to tunnel with ssh a local port to 127.0.0.1 on a > remote box. > So i think that's not the problem. > I found a solution which is fine for me: - configure each guest with a vnc display listening on localhost, with increasing port numbers, beginning from 5900 - on a linux box with X (which is available for the respective users) creating a ssh tunnel to connect to the vcn display: pc65518:~ # ssh -L 127.0.0.1:5900:127.0.0.1:5900 ha-idg-1 - on the linux box starting vncviewer: pc65518:~# vncviewer 127.0.0.1:5900 - connection is encrypted - vnc port is not exposed - several vnc sessions concurrently possible everything is fine for me. Bernd Helmholtz Zentrum Muenchen Deutsches Forschungszentrum fuer Gesundheit und Umwelt (GmbH) Ingolstaedter Landstr. 1 85764 Neuherberg www.helmholtz-muenchen.de Aufsichtsratsvorsitzende: MinDir'in Baerbel Brumme-Bothe Geschaeftsfuehrer: Prof. Dr. Guenther Wess, Heinrich Bassler, Dr. Alfons Enhsen Registergericht: Amtsgericht Muenchen HRB 6466 USt-IdNr: DE 129521671 _______________________________________________ virt-tools-list mailing list virt-tools-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/virt-tools-list
