5.5. Setting up easy access to remote virtualization hosts
When managing VMs on a remote host system using libvirt utilities, it is recommended to use the -c qemu+ssh://root@hostname/system syntax. For example, to use the virsh list command as root on the 10.0.0.1 host:
# virsh -c qemu+ssh://root@10.0.0.1/system list
root@10.0.0.1's password:
Id Name State
---------------------------------
1 remote-guest runningHowever, for convenience, you can remove the need to specify the connection details in full by modifying your SSH and libvirt configuration. For example, you will be able to do:
# virsh -c remote-host list
root@10.0.0.1's password:
Id Name State
---------------------------------
1 remote-guest runningTo enable this improvement, follow the instructions below.
Procédure
Edit or create the
~/.ssh/configfile, and add the following to it, where host-alias is a shortened name associated with a specific remote host, and hosturl is the URL address of the host.Host host-alias User root Hostname hosturl
For example, the following sets up the tyrannosaurus alias for root@10.0.0.1:
Host tyrannosaurus User root Hostname 10.0.0.1Edit or create the
/etc/libvirt/libvirt.conffile, and add the following, where qemu-host-alias is a host alias that QEMU and libvirt utilities will associate with the intended host:uri_aliases = [ "qemu-host-alias=qemu+ssh://host-alias/system", ]
For example, the following uses the tyrannosaurus alias configured in the previous step to set up the t-rex alias, which stands for
qemu+ssh://10.0.0.1/system:uri_aliases = [ "t-rex=qemu+ssh://tyrannosaurus/system", ]
Vérification
Confirm that you can manage remote VMs by using libvirt-based utilities on the local system with an added
-c qemu-host-aliasparameter. This automatically performs the commands over SSH on the remote host.For example, verify that the following lists VMs on the 10.0.0.1 remote host, the connection to which was set up as t-rex in the previous steps:
$ virsh -c t-rex list root@10.0.0.1's password: Id Name State --------------------------------- 1 velociraptor runningNoteIn addition to
virsh, the-c(or--connect) option and the remote host access configuration described above can be used by the following utilities:
Prochaines étapes
If you want to use libvirt utilities exclusively on a single remote host, you can also set a specific connection as the default target for libvirt-based utilities. To do so, edit the
/etc/libvirt/libvirt.conffile and set the value of theuri_defaultparameter to qemu-host-alias. For example, the following uses the t-rex host alias set up in the previous steps as a default libvirt target.# These can be used in cases when no URI is supplied by the application # (@uri_default also prevents probing of the hypervisor driver). # uri_default = "t-rex"
As a result, all libvirt-based commands will automatically be performed on the specified remote host.
$ virsh list root@10.0.0.1's password: Id Name State --------------------------------- 1 velociraptor runningHowever, this is not recommended if you also want to manage VMs on your local host or on different remote hosts.
When connecting to a remote host, you can avoid having to provide the root password to the remote system. To do so, use one or more of the following methods:
- Set up key-based SSH access to the remote host
- Use SSH connection multiplexing to connect to the remote system
- Kerberos authentication in Identity Management
-
The
-c(or--connect) option can be used to run thevirt-install,virt-viewer, andvirshcommands on a remote host.
