Re: NFS with nearby host, VM clients?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Mon, Apr 18, 2022 at 11:22:07PM -0500, Michael Jinks wrote:
> I have a laptop, running VMM, with a handful of VM's.  Next to that, I have a
> pile of disks running on ZFS, and I'd like to give the VM's network access
> there, for running backups or whatever.
> The holdup is that the laptop (pop-OS if that matters -- so Ubuntu, so Debian)
> automatically prohibits any outside network traffic to the VM's. 
> Self-contained outward traffic from the VM is fine, like ssh; but the outside
> host can't see in to any VM, so, for instance, when the VM tries to NFS-mount
> to the outside, the rpc connection back will fail.
> In the past, my way of allowing something like this was to make a new virtual
> network running on the host, visible for the VM's and reachable by the outside
> service, but I haven't been able to find how to do that in a modern VMM setup. 
> I can find, in the GUI:
>   QEMU/KVM - Connection Details -> Virtual Networks: "Create a
> new virtual network"...
> ...but everything I've tried has failed in one way or another.  Maybe I just
> don't know how to set that up?

I used this relatively recently.  It's still a lot more painful to set
up than it really needs to be however ...

Another option is just port forwarding.  Pretty sure you can set this
up from virt-manager, but if not you can definitely do it through
editing the libvirt XML:

virsh edit is described here:

Another option would be attaching a remote disk to the guest.  Again,
not sure if this can be done in virt-manager, but it's certainly
possible from libvirt XML:

  <disk type='network' device='disk'>
    <driver name='qemu' type='raw'/>
    <source protocol='nbd'>
      <host name='nbd-server'/>
    <target dev='vda' bus='virtio'/>

Another, even simpler option is a reverse SSH tunnel, ie something
like this on the host:

  ssh -R 10809:nbd-server:10809 vm

That will export the NBD port on nbd-server:10809 into the VM, so you
would be able to access an NBD server from inside the VM.


> I understand the security concerns, and won't have a problem flatting that
> down.
> If I'm just not looking in the right docs, please point me in the
> right direction.
> Or, if I'm going about this some unwise way, please educate me.
> Thanks.

Richard Jones, Virtualization Group, Red Hat
Read my programming and virtualization blog:
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.

[Index of Archives]     [Linux Virtualization]     [KVM Development]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux