2007-10-12 19:54:15 +00:00
|
|
|
# Master configuration file for the QEMU driver.
|
|
|
|
# All settings described here are optional - if omitted, sensible
|
|
|
|
# defaults are used.
|
|
|
|
|
2016-06-14 18:14:31 +00:00
|
|
|
# Use of TLS requires that x509 certificates be issued. The default is
|
|
|
|
# to keep them in /etc/pki/qemu. This directory must contain
|
|
|
|
#
|
|
|
|
# ca-cert.pem - the CA master certificate
|
|
|
|
# server-cert.pem - the server certificate signed with ca-cert.pem
|
|
|
|
# server-key.pem - the server private key
|
|
|
|
#
|
|
|
|
# and optionally may contain
|
|
|
|
#
|
|
|
|
# dh-params.pem - the DH params configuration file
|
|
|
|
#
|
2017-10-27 09:23:25 +00:00
|
|
|
# If the directory does not exist, libvirtd will fail to start. If the
|
|
|
|
# directory doesn't contain the necessary files, QEMU domains will fail
|
|
|
|
# to start if they are configured to use TLS.
|
2017-06-29 12:27:55 +00:00
|
|
|
#
|
|
|
|
# In order to overwrite the default path alter the following. This path
|
|
|
|
# definition will be used as the default path for other *_tls_x509_cert_dir
|
|
|
|
# configuration settings if their default path does not exist or is not
|
|
|
|
# specifically set.
|
|
|
|
#
|
2016-06-14 18:14:31 +00:00
|
|
|
#default_tls_x509_cert_dir = "/etc/pki/qemu"
|
|
|
|
|
|
|
|
|
|
|
|
# The default TLS configuration only uses certificates for the server
|
|
|
|
# allowing the client to verify the server's identity and establish
|
|
|
|
# an encrypted channel.
|
|
|
|
#
|
|
|
|
# It is possible to use x509 certificates for authentication too, by
|
2017-02-24 21:44:32 +00:00
|
|
|
# issuing an x509 certificate to every client who needs to connect.
|
2016-06-14 18:14:31 +00:00
|
|
|
#
|
|
|
|
# Enabling this option will reject any client who does not have a
|
|
|
|
# certificate signed by the CA in /etc/pki/qemu/ca-cert.pem
|
|
|
|
#
|
2017-02-24 21:44:32 +00:00
|
|
|
# The default_tls_x509_cert_dir directory must also contain
|
|
|
|
#
|
|
|
|
# client-cert.pem - the client certificate signed with the ca-cert.pem
|
|
|
|
# client-key.pem - the client private key
|
|
|
|
#
|
2020-11-13 14:13:29 +00:00
|
|
|
# If this option is supplied it provides the default for the "_verify" option
|
|
|
|
# of specific TLS users such as vnc, backups, migration, etc. The specific
|
|
|
|
# users of TLS may override this by setting the specific "_verify" option.
|
|
|
|
#
|
|
|
|
# When not supplied the specific TLS users provide their own defaults.
|
|
|
|
#
|
2016-06-14 18:14:31 +00:00
|
|
|
#default_tls_x509_verify = 1
|
|
|
|
|
2016-09-08 14:04:59 +00:00
|
|
|
#
|
|
|
|
# Libvirt assumes the server-key.pem file is unencrypted by default.
|
|
|
|
# To use an encrypted server-key.pem file, the password to decrypt
|
|
|
|
# the PEM file is required. This can be provided by creating a secret
|
|
|
|
# object in libvirt and then to uncomment this setting to set the UUID
|
|
|
|
# of the secret.
|
|
|
|
#
|
|
|
|
# NB This default all-zeros UUID will not work. Replace it with the
|
|
|
|
# output from the UUID for the TLS secret from a 'virsh secret-list'
|
|
|
|
# command and then uncomment the entry
|
|
|
|
#
|
|
|
|
#default_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
|
|
|
|
|
|
|
|
|
2007-10-12 19:54:15 +00:00
|
|
|
# VNC is configured to listen on 127.0.0.1 by default.
|
|
|
|
# To make it listen on all public interfaces, uncomment
|
|
|
|
# this next option.
|
|
|
|
#
|
|
|
|
# NB, strong recommendation to enable TLS + x509 certificate
|
|
|
|
# verification when allowing public access
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#vnc_listen = "0.0.0.0"
|
2007-10-12 19:54:15 +00:00
|
|
|
|
2011-01-12 04:44:11 +00:00
|
|
|
# Enable this option to have VNC served over an automatically created
|
|
|
|
# unix socket. This prevents unprivileged access from users on the
|
|
|
|
# host machine, though most VNC clients do not support it.
|
|
|
|
#
|
2016-06-08 11:30:20 +00:00
|
|
|
# This will only be enabled for VNC configurations that have listen
|
|
|
|
# type=address but without any address specified. This setting takes
|
|
|
|
# preference over vnc_listen.
|
2011-01-12 04:44:11 +00:00
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#vnc_auto_unix_socket = 1
|
2007-10-12 19:54:15 +00:00
|
|
|
|
|
|
|
# Enable use of TLS encryption on the VNC server. This requires
|
|
|
|
# a VNC client which supports the VeNCrypt protocol extension.
|
|
|
|
# Examples include vinagre, virt-viewer, virt-manager and vencrypt
|
|
|
|
# itself. UltraVNC, RealVNC, TightVNC do not support this
|
|
|
|
#
|
2008-03-17 10:27:31 +00:00
|
|
|
# It is necessary to setup CA and issue a server certificate
|
2007-10-12 19:54:15 +00:00
|
|
|
# before enabling this.
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#vnc_tls = 1
|
2007-10-12 19:54:15 +00:00
|
|
|
|
|
|
|
|
2016-06-14 18:14:31 +00:00
|
|
|
# In order to override the default TLS certificate location for
|
|
|
|
# vnc certificates, supply a valid path to the certificate directory.
|
2017-10-27 09:23:25 +00:00
|
|
|
# If the provided path does not exist, libvirtd will fail to start.
|
|
|
|
# If the path is not provided, but vnc_tls = 1, then the
|
|
|
|
# default_tls_x509_cert_dir path will be used.
|
2007-10-12 19:54:15 +00:00
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
|
2007-10-12 19:54:15 +00:00
|
|
|
|
|
|
|
|
2019-01-14 23:09:23 +00:00
|
|
|
# Uncomment and use the following option to override the default secret
|
|
|
|
# UUID provided in the default_tls_x509_secret_uuid parameter.
|
|
|
|
#
|
|
|
|
#vnc_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
|
|
|
|
|
|
|
|
|
2007-10-12 19:54:15 +00:00
|
|
|
# The default TLS configuration only uses certificates for the server
|
|
|
|
# allowing the client to verify the server's identity and establish
|
2011-02-15 20:50:28 +00:00
|
|
|
# an encrypted channel.
|
2007-10-12 19:54:15 +00:00
|
|
|
#
|
|
|
|
# It is possible to use x509 certificates for authentication too, by
|
2017-03-23 19:11:51 +00:00
|
|
|
# issuing an x509 certificate to every client who needs to connect.
|
2008-02-05 19:27:37 +00:00
|
|
|
#
|
2017-03-23 19:11:51 +00:00
|
|
|
# Enabling this option will reject any client that does not have a
|
2020-08-21 10:59:01 +00:00
|
|
|
# certificate (as described in default_tls_x509_verify) signed by the
|
|
|
|
# CA in the vnc_tls_x509_cert_dir (or default_tls_x509_cert_dir).
|
2007-10-12 19:54:15 +00:00
|
|
|
#
|
2016-06-14 18:14:31 +00:00
|
|
|
# If this option is not supplied, it will be set to the value of
|
2020-11-13 14:18:37 +00:00
|
|
|
# "default_tls_x509_verify". If "default_tls_x509_verify" is not supplied either,
|
|
|
|
# the default is "0".
|
2016-06-14 18:14:31 +00:00
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#vnc_tls_x509_verify = 1
|
2009-01-29 17:50:00 +00:00
|
|
|
|
|
|
|
|
2014-02-05 17:04:35 +00:00
|
|
|
# The default VNC password. Only 8 bytes are significant for
|
2009-01-29 17:50:00 +00:00
|
|
|
# VNC passwords. This parameter is only used if the per-domain
|
|
|
|
# XML config does not already provide a password. To allow
|
|
|
|
# access without passwords, leave this commented out. An empty
|
2011-02-15 20:50:28 +00:00
|
|
|
# string will still enable passwords, but be rejected by QEMU,
|
2009-01-29 17:50:00 +00:00
|
|
|
# effectively preventing any use of VNC. Obviously change this
|
2011-02-15 20:50:28 +00:00
|
|
|
# example here before you set this.
|
2009-01-29 17:50:00 +00:00
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#vnc_password = "XYZ12345"
|
2009-03-03 12:03:44 +00:00
|
|
|
|
|
|
|
|
2009-03-16 13:54:26 +00:00
|
|
|
# Enable use of SASL encryption on the VNC server. This requires
|
|
|
|
# a VNC client which supports the SASL protocol extension.
|
|
|
|
# Examples include vinagre, virt-viewer and virt-manager
|
|
|
|
# itself. UltraVNC, RealVNC, TightVNC do not support this
|
|
|
|
#
|
|
|
|
# It is necessary to configure /etc/sasl2/qemu.conf to choose
|
|
|
|
# the desired SASL plugin (eg, GSSPI for Kerberos)
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#vnc_sasl = 1
|
2009-03-16 13:54:26 +00:00
|
|
|
|
|
|
|
|
|
|
|
# The default SASL configuration file is located in /etc/sasl2/
|
|
|
|
# When running libvirtd unprivileged, it may be desirable to
|
|
|
|
# override the configs in this location. Set this parameter to
|
|
|
|
# point to the directory, and create a qemu.conf in that location
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#vnc_sasl_dir = "/some/directory/sasl2"
|
2009-03-16 13:54:26 +00:00
|
|
|
|
|
|
|
|
2012-05-25 10:20:43 +00:00
|
|
|
# QEMU implements an extension for providing audio over a VNC connection,
|
|
|
|
# though if your VNC client does not support it, your only chance for getting
|
|
|
|
# sound output is through regular audio backends. By default, libvirt will
|
|
|
|
# disable all QEMU sound backends if using VNC, since they can cause
|
|
|
|
# permissions issues. Enabling this option will make libvirtd honor the
|
|
|
|
# QEMU_AUDIO_DRV environment variable when using VNC.
|
|
|
|
#
|
|
|
|
#vnc_allow_host_audio = 0
|
|
|
|
|
|
|
|
|
2009-03-16 13:54:26 +00:00
|
|
|
|
2010-03-05 20:31:50 +00:00
|
|
|
# SPICE is configured to listen on 127.0.0.1 by default.
|
|
|
|
# To make it listen on all public interfaces, uncomment
|
|
|
|
# this next option.
|
|
|
|
#
|
|
|
|
# NB, strong recommendation to enable TLS + x509 certificate
|
|
|
|
# verification when allowing public access
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#spice_listen = "0.0.0.0"
|
2010-03-05 20:31:50 +00:00
|
|
|
|
|
|
|
|
|
|
|
# Enable use of TLS encryption on the SPICE server.
|
|
|
|
#
|
|
|
|
# It is necessary to setup CA and issue a server certificate
|
|
|
|
# before enabling this.
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#spice_tls = 1
|
2010-03-05 20:31:50 +00:00
|
|
|
|
|
|
|
|
2016-06-14 18:14:31 +00:00
|
|
|
# In order to override the default TLS certificate location for
|
|
|
|
# spice certificates, supply a valid path to the certificate directory.
|
2017-10-27 09:23:25 +00:00
|
|
|
# If the provided path does not exist, libvirtd will fail to start.
|
|
|
|
# If the path is not provided, but spice_tls = 1, then the
|
|
|
|
# default_tls_x509_cert_dir path will be used.
|
2010-03-05 20:31:50 +00:00
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice"
|
2010-03-05 20:31:50 +00:00
|
|
|
|
|
|
|
|
2016-05-18 12:11:20 +00:00
|
|
|
# Enable this option to have SPICE served over an automatically created
|
|
|
|
# unix socket. This prevents unprivileged access from users on the
|
|
|
|
# host machine.
|
|
|
|
#
|
|
|
|
# This will only be enabled for SPICE configurations that have listen
|
|
|
|
# type=address but without any address specified. This setting takes
|
|
|
|
# preference over spice_listen.
|
|
|
|
#
|
|
|
|
#spice_auto_unix_socket = 1
|
|
|
|
|
|
|
|
|
2010-03-05 20:31:50 +00:00
|
|
|
# The default SPICE password. This parameter is only used if the
|
|
|
|
# per-domain XML config does not already provide a password. To
|
|
|
|
# allow access without passwords, leave this commented out. An
|
|
|
|
# empty string will still enable passwords, but be rejected by
|
2011-02-15 20:50:28 +00:00
|
|
|
# QEMU, effectively preventing any use of SPICE. Obviously change
|
|
|
|
# this example here before you set this.
|
2010-03-05 20:31:50 +00:00
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#spice_password = "XYZ12345"
|
2010-03-05 20:31:50 +00:00
|
|
|
|
2009-03-16 13:54:26 +00:00
|
|
|
|
2012-02-24 14:13:06 +00:00
|
|
|
# Enable use of SASL encryption on the SPICE server. This requires
|
|
|
|
# a SPICE client which supports the SASL protocol extension.
|
|
|
|
#
|
|
|
|
# It is necessary to configure /etc/sasl2/qemu.conf to choose
|
|
|
|
# the desired SASL plugin (eg, GSSPI for Kerberos)
|
|
|
|
#
|
|
|
|
#spice_sasl = 1
|
|
|
|
|
|
|
|
# The default SASL configuration file is located in /etc/sasl2/
|
|
|
|
# When running libvirtd unprivileged, it may be desirable to
|
|
|
|
# override the configs in this location. Set this parameter to
|
|
|
|
# point to the directory, and create a qemu.conf in that location
|
|
|
|
#
|
|
|
|
#spice_sasl_dir = "/some/directory/sasl2"
|
|
|
|
|
2016-06-14 19:52:37 +00:00
|
|
|
# Enable use of TLS encryption on the chardev TCP transports.
|
|
|
|
#
|
|
|
|
# It is necessary to setup CA and issue a server certificate
|
|
|
|
# before enabling this.
|
|
|
|
#
|
|
|
|
#chardev_tls = 1
|
|
|
|
|
|
|
|
|
|
|
|
# In order to override the default TLS certificate location for character
|
|
|
|
# device TCP certificates, supply a valid path to the certificate directory.
|
2017-10-27 09:23:25 +00:00
|
|
|
# If the provided path does not exist, libvirtd will fail to start.
|
|
|
|
# If the path is not provided, but chardev_tls = 1, then the
|
|
|
|
# default_tls_x509_cert_dir path will be used.
|
2016-06-14 19:52:37 +00:00
|
|
|
#
|
|
|
|
#chardev_tls_x509_cert_dir = "/etc/pki/libvirt-chardev"
|
|
|
|
|
|
|
|
|
|
|
|
# The default TLS configuration only uses certificates for the server
|
|
|
|
# allowing the client to verify the server's identity and establish
|
|
|
|
# an encrypted channel.
|
|
|
|
#
|
|
|
|
# It is possible to use x509 certificates for authentication too, by
|
2017-03-23 19:11:51 +00:00
|
|
|
# issuing an x509 certificate to every client who needs to connect.
|
2016-06-14 19:52:37 +00:00
|
|
|
#
|
2017-03-23 19:11:51 +00:00
|
|
|
# Enabling this option will reject any client that does not have a
|
2020-08-21 10:59:01 +00:00
|
|
|
# certificate (as described in default_tls_x509_verify) signed by the
|
|
|
|
# CA in the chardev_tls_x509_cert_dir (or default_tls_x509_cert_dir).
|
2017-03-23 19:11:51 +00:00
|
|
|
#
|
|
|
|
# If this option is not supplied, it will be set to the value of
|
2020-11-13 14:20:58 +00:00
|
|
|
# "default_tls_x509_verify". If "default_tls_x509_verify" is not supplied either,
|
|
|
|
# the default is "1".
|
2016-06-14 19:52:37 +00:00
|
|
|
#
|
|
|
|
#chardev_tls_x509_verify = 1
|
|
|
|
|
2012-02-24 14:13:06 +00:00
|
|
|
|
2016-09-08 14:04:59 +00:00
|
|
|
# Uncomment and use the following option to override the default secret
|
|
|
|
# UUID provided in the default_tls_x509_secret_uuid parameter.
|
|
|
|
#
|
|
|
|
# NB This default all-zeros UUID will not work. Replace it with the
|
|
|
|
# output from the UUID for the TLS secret from a 'virsh secret-list'
|
|
|
|
# command and then uncomment the entry
|
|
|
|
#
|
|
|
|
#chardev_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
|
2017-02-24 21:44:32 +00:00
|
|
|
|
|
|
|
|
2017-08-30 15:32:33 +00:00
|
|
|
# Enable use of TLS encryption for all VxHS network block devices that
|
|
|
|
# don't specifically disable.
|
|
|
|
#
|
|
|
|
# When the VxHS network block device server is set up appropriately,
|
|
|
|
# x509 certificates are required for authentication between the clients
|
|
|
|
# (qemu processes) and the remote VxHS server.
|
|
|
|
#
|
|
|
|
# It is necessary to setup CA and issue the client certificate before
|
|
|
|
# enabling this.
|
|
|
|
#
|
|
|
|
#vxhs_tls = 1
|
|
|
|
|
|
|
|
|
|
|
|
# In order to override the default TLS certificate location for VxHS
|
|
|
|
# backed storage, supply a valid path to the certificate directory.
|
|
|
|
# This is used to authenticate the VxHS block device clients to the VxHS
|
|
|
|
# server.
|
|
|
|
#
|
2017-10-27 09:23:25 +00:00
|
|
|
# If the provided path does not exist, libvirtd will fail to start.
|
|
|
|
# If the path is not provided, but vxhs_tls = 1, then the
|
|
|
|
# default_tls_x509_cert_dir path will be used.
|
2017-08-30 15:32:33 +00:00
|
|
|
#
|
|
|
|
# VxHS block device clients expect the client certificate and key to be
|
|
|
|
# present in the certificate directory along with the CA master certificate.
|
|
|
|
# If using the default environment, default_tls_x509_verify must be configured.
|
|
|
|
# Since this is only a client the server-key.pem certificate is not needed.
|
|
|
|
# Thus a VxHS directory must contain the following:
|
|
|
|
#
|
|
|
|
# ca-cert.pem - the CA master certificate
|
|
|
|
# client-cert.pem - the client certificate signed with the ca-cert.pem
|
|
|
|
# client-key.pem - the client private key
|
|
|
|
#
|
|
|
|
#vxhs_tls_x509_cert_dir = "/etc/pki/libvirt-vxhs"
|
|
|
|
|
|
|
|
|
2020-06-29 15:12:03 +00:00
|
|
|
# Uncomment and use the following option to override the default secret
|
|
|
|
# UUID provided in the default_tls_x509_secret_uuid parameter.
|
|
|
|
#
|
|
|
|
# NB This default all-zeros UUID will not work. Replace it with the
|
|
|
|
# output from the UUID for the TLS secret from a 'virsh secret-list'
|
|
|
|
# command and then uncomment the entry
|
|
|
|
#
|
|
|
|
#vxhs_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
|
|
|
|
|
2018-05-31 18:21:48 +00:00
|
|
|
|
|
|
|
# Enable use of TLS encryption for all NBD disk devices that don't
|
|
|
|
# specifically disable it.
|
|
|
|
#
|
|
|
|
# When the NBD server is set up appropriately, x509 certificates are required
|
|
|
|
# for authentication between the client and the remote NBD server.
|
|
|
|
#
|
|
|
|
# It is necessary to setup CA and issue the client certificate before
|
|
|
|
# enabling this.
|
|
|
|
#
|
|
|
|
#nbd_tls = 1
|
|
|
|
|
|
|
|
|
|
|
|
# In order to override the default TLS certificate location for NBD
|
|
|
|
# backed storage, supply a valid path to the certificate directory.
|
|
|
|
# This is used to authenticate the NBD block device clients to the NBD
|
|
|
|
# server.
|
|
|
|
#
|
|
|
|
# If the provided path does not exist, libvirtd will fail to start.
|
|
|
|
# If the path is not provided, but nbd_tls = 1, then the
|
|
|
|
# default_tls_x509_cert_dir path will be used.
|
|
|
|
#
|
|
|
|
# NBD block device clients expect the client certificate and key to be
|
|
|
|
# present in the certificate directory along with the CA certificate.
|
|
|
|
# Since this is only a client the server-key.pem certificate is not needed.
|
|
|
|
# Thus a NBD directory must contain the following:
|
|
|
|
#
|
|
|
|
# ca-cert.pem - the CA master certificate
|
|
|
|
# client-cert.pem - the client certificate signed with the ca-cert.pem
|
|
|
|
# client-key.pem - the client private key
|
|
|
|
#
|
|
|
|
#nbd_tls_x509_cert_dir = "/etc/pki/libvirt-nbd"
|
|
|
|
|
|
|
|
|
2020-06-29 15:12:03 +00:00
|
|
|
# Uncomment and use the following option to override the default secret
|
|
|
|
# UUID provided in the default_tls_x509_secret_uuid parameter.
|
|
|
|
#
|
|
|
|
# NB This default all-zeros UUID will not work. Replace it with the
|
|
|
|
# output from the UUID for the TLS secret from a 'virsh secret-list'
|
|
|
|
# command and then uncomment the entry
|
|
|
|
#
|
|
|
|
#nbd_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
|
|
|
|
|
|
|
|
|
2017-02-24 21:44:32 +00:00
|
|
|
# In order to override the default TLS certificate location for migration
|
|
|
|
# certificates, supply a valid path to the certificate directory. If the
|
2017-10-27 09:23:25 +00:00
|
|
|
# provided path does not exist, libvirtd will fail to start. If the path is
|
2020-06-29 10:05:03 +00:00
|
|
|
# not provided, but TLS-encrypted migration is requested, then the
|
|
|
|
# default_tls_x509_cert_dir path will be used. Once/if a default certificate is
|
|
|
|
# enabled/defined, migration will then be able to use the certificate via
|
|
|
|
# migration API flags.
|
2017-02-24 21:44:32 +00:00
|
|
|
#
|
|
|
|
#migrate_tls_x509_cert_dir = "/etc/pki/libvirt-migrate"
|
|
|
|
|
|
|
|
|
|
|
|
# The default TLS configuration only uses certificates for the server
|
|
|
|
# allowing the client to verify the server's identity and establish
|
|
|
|
# an encrypted channel.
|
|
|
|
#
|
|
|
|
# It is possible to use x509 certificates for authentication too, by
|
|
|
|
# issuing an x509 certificate to every client who needs to connect.
|
|
|
|
#
|
|
|
|
# Enabling this option will reject any client that does not have a
|
2020-08-21 10:59:01 +00:00
|
|
|
# certificate (as described in default_tls_x509_verify) signed by the
|
|
|
|
# CA in the migrate_tls_x509_cert_dir (or default_tls_x509_cert_dir).
|
2017-02-24 21:44:32 +00:00
|
|
|
#
|
|
|
|
# If this option is not supplied, it will be set to the value of
|
2020-11-13 14:20:58 +00:00
|
|
|
# "default_tls_x509_verify". If "default_tls_x509_verify" is not supplied
|
|
|
|
# either, the default is "1".
|
2017-02-24 21:44:32 +00:00
|
|
|
#
|
|
|
|
#migrate_tls_x509_verify = 1
|
|
|
|
|
|
|
|
|
|
|
|
# Uncomment and use the following option to override the default secret
|
|
|
|
# UUID provided in the default_tls_x509_secret_uuid parameter.
|
|
|
|
#
|
|
|
|
# NB This default all-zeros UUID will not work. Replace it with the
|
|
|
|
# output from the UUID for the TLS secret from a 'virsh secret-list'
|
|
|
|
# command and then uncomment the entry
|
|
|
|
#
|
|
|
|
#migrate_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
|
2016-09-08 14:04:59 +00:00
|
|
|
|
|
|
|
|
2020-11-24 13:08:04 +00:00
|
|
|
# By default TLS is requested using the VIR_MIGRATE_TLS flag, thus not requested
|
|
|
|
# automatically. Setting 'migate_tls_force' to "1" will prevent any migration
|
|
|
|
# which is not using VIR_MIGRATE_TLS to ensure higher level of security in
|
|
|
|
# deployments with TLS.
|
|
|
|
#
|
|
|
|
#migrate_tls_force = 0
|
|
|
|
|
|
|
|
|
2020-06-26 14:37:16 +00:00
|
|
|
# In order to override the default TLS certificate location for backup NBD
|
|
|
|
# server certificates, supply a valid path to the certificate directory. If the
|
|
|
|
# provided path does not exist, libvirtd will fail to start. If the path is
|
|
|
|
# not provided, but TLS-encrypted backup is requested, then the
|
|
|
|
# default_tls_x509_cert_dir path will be used.
|
|
|
|
#
|
|
|
|
#backup_tls_x509_cert_dir = "/etc/pki/libvirt-backup"
|
|
|
|
|
|
|
|
|
|
|
|
# The default TLS configuration only uses certificates for the server
|
|
|
|
# allowing the client to verify the server's identity and establish
|
|
|
|
# an encrypted channel.
|
|
|
|
#
|
|
|
|
# It is possible to use x509 certificates for authentication too, by
|
|
|
|
# issuing an x509 certificate to every client who needs to connect.
|
|
|
|
#
|
|
|
|
# Enabling this option will reject any client that does not have a
|
2020-08-21 10:59:01 +00:00
|
|
|
# certificate (as described in default_tls_x509_verify) signed by the
|
|
|
|
# CA in the backup_tls_x509_cert_dir (or default_tls_x509_cert_dir).
|
2020-06-26 14:37:16 +00:00
|
|
|
#
|
|
|
|
# If this option is not supplied, it will be set to the value of
|
2020-11-13 14:20:58 +00:00
|
|
|
# "default_tls_x509_verify". If "default_tls_x509_verify" is not supplied either,
|
|
|
|
# the default is "1".
|
2020-06-26 14:37:16 +00:00
|
|
|
#
|
|
|
|
#backup_tls_x509_verify = 1
|
|
|
|
|
|
|
|
|
|
|
|
# Uncomment and use the following option to override the default secret
|
|
|
|
# UUID provided in the default_tls_x509_secret_uuid parameter.
|
|
|
|
#
|
|
|
|
# NB This default all-zeros UUID will not work. Replace it with the
|
|
|
|
# output from the UUID for the TLS secret from a 'virsh secret-list'
|
|
|
|
# command and then uncomment the entry
|
|
|
|
#
|
|
|
|
#backup_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
|
|
|
|
|
|
|
|
|
2013-08-17 19:30:47 +00:00
|
|
|
# By default, if no graphical front end is configured, libvirt will disable
|
|
|
|
# QEMU audio output since directly talking to alsa/pulseaudio may not work
|
|
|
|
# with various security settings. If you know what you're doing, enable
|
|
|
|
# the setting below and libvirt will passthrough the QEMU_AUDIO_DRV
|
|
|
|
# environment variable when using nographics.
|
|
|
|
#
|
|
|
|
#nographics_allow_host_audio = 1
|
|
|
|
|
|
|
|
|
2012-06-18 08:22:07 +00:00
|
|
|
# Override the port for creating both VNC and SPICE sessions (min).
|
|
|
|
# This defaults to 5900 and increases for consecutive sessions
|
|
|
|
# or when ports are occupied, until it hits the maximum.
|
|
|
|
#
|
|
|
|
# Minimum must be greater than or equal to 5900 as lower number would
|
|
|
|
# result into negative vnc display number.
|
|
|
|
#
|
|
|
|
# Maximum must be less than 65536, because higher numbers do not make
|
|
|
|
# sense as a port number.
|
|
|
|
#
|
|
|
|
#remote_display_port_min = 5900
|
|
|
|
#remote_display_port_max = 65535
|
|
|
|
|
2013-04-30 14:26:43 +00:00
|
|
|
# VNC WebSocket port policies, same rules apply as with remote display
|
|
|
|
# ports. VNC WebSockets use similar display <-> port mappings, with
|
2014-02-05 17:04:35 +00:00
|
|
|
# the exception being that ports start from 5700 instead of 5900.
|
2013-04-30 14:26:43 +00:00
|
|
|
#
|
|
|
|
#remote_websocket_port_min = 5700
|
|
|
|
#remote_websocket_port_max = 65535
|
2012-06-18 08:22:07 +00:00
|
|
|
|
2009-03-03 12:03:44 +00:00
|
|
|
# The default security driver is SELinux. If SELinux is disabled
|
|
|
|
# on the host, then the security driver will automatically disable
|
|
|
|
# itself. If you wish to disable QEMU SELinux security driver while
|
|
|
|
# leaving SELinux enabled for the host in general, then set this
|
2012-08-15 22:10:38 +00:00
|
|
|
# to 'none' instead. It's also possible to use more than one security
|
|
|
|
# driver at the same time, for this use a list of names separated by
|
|
|
|
# comma and delimited by square brackets. For example:
|
|
|
|
#
|
2012-08-30 08:58:09 +00:00
|
|
|
# security_driver = [ "selinux", "apparmor" ]
|
|
|
|
#
|
2012-09-04 14:09:43 +00:00
|
|
|
# Notes: The DAC security driver is always enabled; as a result, the
|
|
|
|
# value of security_driver cannot contain "dac". The value "none" is
|
|
|
|
# a special value; security_driver can be set to that value in
|
|
|
|
# isolation, but it cannot appear in a list of drivers.
|
2009-03-03 12:03:44 +00:00
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#security_driver = "selinux"
|
2009-07-15 21:25:01 +00:00
|
|
|
|
Add two new security label types
Curently security labels can be of type 'dynamic' or 'static'.
If no security label is given, then 'dynamic' is assumed. The
current code takes advantage of this default, and avoids even
saving <seclabel> elements with type='dynamic' to disk. This
means if you temporarily change security driver, the guests
can all still start.
With the introduction of sVirt to LXC though, there needs to be
a new default of 'none' to allow unconfined LXC containers.
This patch introduces two new security label types
- default: the host configuration decides whether to run the
guest with type 'none' or 'dynamic' at guest start
- none: the guest will run unconfined by security policy
The 'none' label type will obviously be undesirable for some
deployments, so a new qemu.conf option allows a host admin to
mandate confined guests. It is also possible to turn off default
confinement
security_default_confined = 1|0 (default == 1)
security_require_confined = 1|0 (default == 0)
* src/conf/domain_conf.c, src/conf/domain_conf.h: Add new
seclabel types
* src/security/security_manager.c, src/security/security_manager.h:
Set default sec label types
* src/security/security_selinux.c: Handle 'none' seclabel type
* src/qemu/qemu.conf, src/qemu/qemu_conf.c, src/qemu/qemu_conf.h,
src/qemu/libvirtd_qemu.aug: New security config options
* src/qemu/qemu_driver.c: Tell security driver about default
config
2012-01-25 14:12:52 +00:00
|
|
|
# If set to non-zero, then the default security labeling
|
|
|
|
# will make guests confined. If set to zero, then guests
|
|
|
|
# will be unconfined by default. Defaults to 1.
|
2012-05-25 09:32:17 +00:00
|
|
|
#security_default_confined = 1
|
Add two new security label types
Curently security labels can be of type 'dynamic' or 'static'.
If no security label is given, then 'dynamic' is assumed. The
current code takes advantage of this default, and avoids even
saving <seclabel> elements with type='dynamic' to disk. This
means if you temporarily change security driver, the guests
can all still start.
With the introduction of sVirt to LXC though, there needs to be
a new default of 'none' to allow unconfined LXC containers.
This patch introduces two new security label types
- default: the host configuration decides whether to run the
guest with type 'none' or 'dynamic' at guest start
- none: the guest will run unconfined by security policy
The 'none' label type will obviously be undesirable for some
deployments, so a new qemu.conf option allows a host admin to
mandate confined guests. It is also possible to turn off default
confinement
security_default_confined = 1|0 (default == 1)
security_require_confined = 1|0 (default == 0)
* src/conf/domain_conf.c, src/conf/domain_conf.h: Add new
seclabel types
* src/security/security_manager.c, src/security/security_manager.h:
Set default sec label types
* src/security/security_selinux.c: Handle 'none' seclabel type
* src/qemu/qemu.conf, src/qemu/qemu_conf.c, src/qemu/qemu_conf.h,
src/qemu/libvirtd_qemu.aug: New security config options
* src/qemu/qemu_driver.c: Tell security driver about default
config
2012-01-25 14:12:52 +00:00
|
|
|
|
|
|
|
# If set to non-zero, then attempts to create unconfined
|
|
|
|
# guests will be blocked. Defaults to 0.
|
2012-05-25 09:32:17 +00:00
|
|
|
#security_require_confined = 1
|
2009-07-15 21:25:01 +00:00
|
|
|
|
2012-10-09 12:57:58 +00:00
|
|
|
# The user for QEMU processes run by the system instance. It can be
|
|
|
|
# specified as a user name or as a user id. The qemu driver will try to
|
|
|
|
# parse this value first as a name and then, if the name doesn't exist,
|
|
|
|
# as a user id.
|
|
|
|
#
|
|
|
|
# Since a sequence of digits is a valid user name, a leading plus sign
|
|
|
|
# can be used to ensure that a user id will not be interpreted as a user
|
|
|
|
# name.
|
|
|
|
#
|
|
|
|
# Some examples of valid values are:
|
|
|
|
#
|
|
|
|
# user = "qemu" # A user named "qemu"
|
|
|
|
# user = "+0" # Super user (uid=0)
|
|
|
|
# user = "100" # A user named "100" or a user with uid=100
|
|
|
|
#
|
2009-07-15 21:25:01 +00:00
|
|
|
#user = "root"
|
|
|
|
|
2012-10-09 12:57:58 +00:00
|
|
|
# The group for QEMU processes run by the system instance. It can be
|
|
|
|
# specified in a similar way to user.
|
2009-07-15 21:25:01 +00:00
|
|
|
#group = "root"
|
2009-07-22 15:08:04 +00:00
|
|
|
|
2010-01-13 17:41:36 +00:00
|
|
|
# Whether libvirt should dynamically change file ownership
|
|
|
|
# to match the configured user/group above. Defaults to 1.
|
|
|
|
# Set to 0 to disable file ownership changes.
|
|
|
|
#dynamic_ownership = 1
|
|
|
|
|
2019-01-15 08:50:58 +00:00
|
|
|
# Whether libvirt should remember and restore the original
|
|
|
|
# ownership over files it is relabeling. Defaults to 1, set
|
|
|
|
# to 0 to disable the feature.
|
|
|
|
#remember_owner = 1
|
|
|
|
|
2009-07-22 15:08:04 +00:00
|
|
|
# What cgroup controllers to make use of with QEMU guests
|
|
|
|
#
|
2017-12-09 18:32:41 +00:00
|
|
|
# - 'cpu' - use for scheduler tunables
|
2020-06-16 10:24:48 +00:00
|
|
|
# - 'devices' - use for device access control
|
2011-02-15 20:50:28 +00:00
|
|
|
# - 'memory' - use for memory tunables
|
2011-07-12 10:42:41 +00:00
|
|
|
# - 'blkio' - use for block devices I/O tunables
|
2011-11-17 09:44:12 +00:00
|
|
|
# - 'cpuset' - use for CPUs and memory nodes
|
2012-03-02 02:54:23 +00:00
|
|
|
# - 'cpuacct' - use for CPUs statistics.
|
2009-07-22 15:08:04 +00:00
|
|
|
#
|
|
|
|
# NB, even if configured here, they won't be used unless
|
2011-02-15 20:50:28 +00:00
|
|
|
# the administrator has mounted cgroups, e.g.:
|
2009-07-22 15:08:04 +00:00
|
|
|
#
|
|
|
|
# mkdir /dev/cgroup
|
2011-11-17 09:44:12 +00:00
|
|
|
# mount -t cgroup -o devices,cpu,memory,blkio,cpuset none /dev/cgroup
|
2009-07-22 15:08:04 +00:00
|
|
|
#
|
2011-02-15 20:50:28 +00:00
|
|
|
# They can be mounted anywhere, and different controllers
|
2009-07-22 15:08:04 +00:00
|
|
|
# can be mounted in different locations. libvirt will detect
|
|
|
|
# where they are located.
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#cgroup_controllers = [ "cpu", "devices", "memory", "blkio", "cpuset", "cpuacct" ]
|
2009-07-22 15:08:04 +00:00
|
|
|
|
|
|
|
# This is the basic set of devices allowed / required by
|
|
|
|
# all virtual machines.
|
|
|
|
#
|
|
|
|
# As well as this, any configured block backed disks,
|
|
|
|
# all sound device, and all PTY devices are allowed.
|
|
|
|
#
|
|
|
|
# This will only need setting if newer QEMU suddenly
|
2011-02-15 20:50:28 +00:00
|
|
|
# wants some device we don't already know about.
|
2009-07-22 15:08:04 +00:00
|
|
|
#
|
|
|
|
#cgroup_device_acl = [
|
|
|
|
# "/dev/null", "/dev/full", "/dev/zero",
|
|
|
|
# "/dev/random", "/dev/urandom",
|
2020-05-19 08:56:57 +00:00
|
|
|
# "/dev/ptmx", "/dev/kvm"
|
2009-07-22 15:08:04 +00:00
|
|
|
#]
|
2014-01-13 06:28:11 +00:00
|
|
|
#
|
|
|
|
# RDMA migration requires the following extra files to be added to the list:
|
|
|
|
# "/dev/infiniband/rdma_cm",
|
|
|
|
# "/dev/infiniband/issm0",
|
|
|
|
# "/dev/infiniband/issm1",
|
|
|
|
# "/dev/infiniband/umad0",
|
|
|
|
# "/dev/infiniband/umad1",
|
|
|
|
# "/dev/infiniband/uverbs0"
|
Compressed save image format for Qemu.
Implement a compressed save image format for qemu. While ideally
we would have the choice between compressed/non-compressed
available to the libvirt API, unfortunately there is no "flags"
parameter to the virDomainSave() API. Therefore, implement this
as a qemu.conf option. gzip, bzip2, and lzma are implemented, and
it should be very easy to implement additional compression
methods.
One open question is if/how we should detect the compression
binaries. One way to do it is to do compile-time setting of the
paths (via configure.in), but that doesn't seem like a great thing
to do. My preferred solution is not to detect at all;
when we go to run the commands that need them, if they
aren't available, or aren't available in one of the standard paths,
then we'll fail. That's also the solution implemented in this patch.
In the future, we'll have a more robust (managed) save/restore API,
at which time we can expose this functionality properly in the API.
V2: get rid of redundant dd command and just use >> to append data.
V3: Add back the missing pieces for the enum and bumping the save version.
V4: Make the compressed field in the save_header an int.
Implement LZMA compression.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-08-07 11:34:05 +00:00
|
|
|
|
2010-10-20 08:25:05 +00:00
|
|
|
|
2017-03-07 17:09:58 +00:00
|
|
|
# The default format for QEMU/KVM guest save images is raw; that is, the
|
Compressed save image format for Qemu.
Implement a compressed save image format for qemu. While ideally
we would have the choice between compressed/non-compressed
available to the libvirt API, unfortunately there is no "flags"
parameter to the virDomainSave() API. Therefore, implement this
as a qemu.conf option. gzip, bzip2, and lzma are implemented, and
it should be very easy to implement additional compression
methods.
One open question is if/how we should detect the compression
binaries. One way to do it is to do compile-time setting of the
paths (via configure.in), but that doesn't seem like a great thing
to do. My preferred solution is not to detect at all;
when we go to run the commands that need them, if they
aren't available, or aren't available in one of the standard paths,
then we'll fail. That's also the solution implemented in this patch.
In the future, we'll have a more robust (managed) save/restore API,
at which time we can expose this functionality properly in the API.
V2: get rid of redundant dd command and just use >> to append data.
V3: Add back the missing pieces for the enum and bumping the save version.
V4: Make the compressed field in the save_header an int.
Implement LZMA compression.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-08-07 11:34:05 +00:00
|
|
|
# memory from the domain is dumped out directly to a file. If you have
|
|
|
|
# guests with a large amount of memory, however, this can take up quite
|
|
|
|
# a bit of space. If you would like to compress the images while they
|
2009-09-10 09:13:33 +00:00
|
|
|
# are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz"
|
|
|
|
# for save_image_format. Note that this means you slow down the process of
|
|
|
|
# saving a domain in order to save disk space; the list above is in descending
|
|
|
|
# order by performance and ascending order by compression ratio.
|
Compressed save image format for Qemu.
Implement a compressed save image format for qemu. While ideally
we would have the choice between compressed/non-compressed
available to the libvirt API, unfortunately there is no "flags"
parameter to the virDomainSave() API. Therefore, implement this
as a qemu.conf option. gzip, bzip2, and lzma are implemented, and
it should be very easy to implement additional compression
methods.
One open question is if/how we should detect the compression
binaries. One way to do it is to do compile-time setting of the
paths (via configure.in), but that doesn't seem like a great thing
to do. My preferred solution is not to detect at all;
when we go to run the commands that need them, if they
aren't available, or aren't available in one of the standard paths,
then we'll fail. That's also the solution implemented in this patch.
In the future, we'll have a more robust (managed) save/restore API,
at which time we can expose this functionality properly in the API.
V2: get rid of redundant dd command and just use >> to append data.
V3: Add back the missing pieces for the enum and bumping the save version.
V4: Make the compressed field in the save_header an int.
Implement LZMA compression.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-08-07 11:34:05 +00:00
|
|
|
#
|
2013-10-09 16:05:43 +00:00
|
|
|
# save_image_format is used when you use 'virsh save' or 'virsh managedsave'
|
|
|
|
# at scheduled saving, and it is an error if the specified save_image_format
|
|
|
|
# is not valid, or the requested compression program can't be found.
|
2011-07-28 01:37:52 +00:00
|
|
|
#
|
|
|
|
# dump_image_format is used when you use 'virsh dump' at emergency
|
|
|
|
# crashdump, and if the specified dump_image_format is not valid, or
|
|
|
|
# the requested compression program can't be found, this falls
|
|
|
|
# back to "raw" compression.
|
2010-10-28 07:31:46 +00:00
|
|
|
#
|
2013-10-09 16:05:43 +00:00
|
|
|
# snapshot_image_format specifies the compression algorithm of the memory save
|
|
|
|
# image when an external snapshot of a domain is taken. This does not apply
|
|
|
|
# on disk image format. It is an error if the specified format isn't valid,
|
|
|
|
# or the requested compression program can't be found.
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#save_image_format = "raw"
|
|
|
|
#dump_image_format = "raw"
|
2013-10-09 16:05:43 +00:00
|
|
|
#snapshot_image_format = "raw"
|
Support configuration of huge pages in guests
Add option to domain XML for
<memoryBacking>
<hugepages/>
</memoryBacking>
* configure.in: Add check for mntent.h
* qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf
Add 'hugetlbfs_mount' config parameter
* src/qemu_conf.c, src/qemu_conf.h: Check for -mem-path flag in QEMU,
and pass it when hugepages are requested.
Load hugetlbfs_mount config parameter, search for mount if not given.
* src/qemu_driver.c: Free hugetlbfs_mount/path parameter in driver shutdown.
Create directory for QEMU hugepage usage, chowning if required.
* docs/formatdomain.html.in: Document memoryBacking/hugepages elements
* docs/schemas/domain.rng: Add memoryBacking/hugepages elements to schema
* src/util.c, src/util.h, src/libvirt_private.syms: Add virFileFindMountPoint
helper API
* tests/qemuhelptest.c: Add -mem-path constants
* tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c: Add tests for hugepage
handling
* tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml,
tests/qemuxml2argvdata/qemuxml2argv-hugepages.args: Data files for
hugepage tests
2009-08-25 14:05:18 +00:00
|
|
|
|
2010-12-08 06:19:17 +00:00
|
|
|
# When a domain is configured to be auto-dumped when libvirtd receives a
|
|
|
|
# watchdog event from qemu guest, libvirtd will save dump files in directory
|
|
|
|
# specified by auto_dump_path. Default value is /var/lib/libvirt/qemu/dump
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#auto_dump_path = "/var/lib/libvirt/qemu/dump"
|
2010-10-20 08:25:05 +00:00
|
|
|
|
2011-07-19 21:54:48 +00:00
|
|
|
# When a domain is configured to be auto-dumped, enabling this flag
|
|
|
|
# has the same effect as using the VIR_DUMP_BYPASS_CACHE flag with the
|
|
|
|
# virDomainCoreDump API. That is, the system will avoid using the
|
|
|
|
# file system cache while writing the dump file, but may cause
|
|
|
|
# slower operation.
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#auto_dump_bypass_cache = 0
|
2011-07-19 21:54:48 +00:00
|
|
|
|
|
|
|
# When a domain is configured to be auto-started, enabling this flag
|
|
|
|
# has the same effect as using the VIR_DOMAIN_START_BYPASS_CACHE flag
|
|
|
|
# with the virDomainCreateWithFlags API. That is, the system will
|
|
|
|
# avoid using the file system cache when restoring any managed state
|
|
|
|
# file, but may cause slower operation.
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#auto_start_bypass_cache = 0
|
2011-07-19 21:54:48 +00:00
|
|
|
|
Support configuration of huge pages in guests
Add option to domain XML for
<memoryBacking>
<hugepages/>
</memoryBacking>
* configure.in: Add check for mntent.h
* qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf
Add 'hugetlbfs_mount' config parameter
* src/qemu_conf.c, src/qemu_conf.h: Check for -mem-path flag in QEMU,
and pass it when hugepages are requested.
Load hugetlbfs_mount config parameter, search for mount if not given.
* src/qemu_driver.c: Free hugetlbfs_mount/path parameter in driver shutdown.
Create directory for QEMU hugepage usage, chowning if required.
* docs/formatdomain.html.in: Document memoryBacking/hugepages elements
* docs/schemas/domain.rng: Add memoryBacking/hugepages elements to schema
* src/util.c, src/util.h, src/libvirt_private.syms: Add virFileFindMountPoint
helper API
* tests/qemuhelptest.c: Add -mem-path constants
* tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c: Add tests for hugepage
handling
* tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml,
tests/qemuxml2argvdata/qemuxml2argv-hugepages.args: Data files for
hugepage tests
2009-08-25 14:05:18 +00:00
|
|
|
# If provided by the host and a hugetlbfs mount point is configured,
|
|
|
|
# a guest may request huge page backing. When this mount point is
|
|
|
|
# unspecified here, determination of a host mount point in /proc/mounts
|
|
|
|
# will be attempted. Specifying an explicit mount overrides detection
|
|
|
|
# of the same in /proc/mounts. Setting the mount point to "" will
|
2014-07-23 15:37:18 +00:00
|
|
|
# disable guest hugepage backing. If desired, multiple mount points can
|
|
|
|
# be specified at once, separated by comma and enclosed in square
|
|
|
|
# brackets, for example:
|
|
|
|
#
|
|
|
|
# hugetlbfs_mount = ["/dev/hugepages2M", "/dev/hugepages1G"]
|
|
|
|
#
|
|
|
|
# The size of huge page served by specific mount point is determined by
|
|
|
|
# libvirt at the daemon startup.
|
Support configuration of huge pages in guests
Add option to domain XML for
<memoryBacking>
<hugepages/>
</memoryBacking>
* configure.in: Add check for mntent.h
* qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf
Add 'hugetlbfs_mount' config parameter
* src/qemu_conf.c, src/qemu_conf.h: Check for -mem-path flag in QEMU,
and pass it when hugepages are requested.
Load hugetlbfs_mount config parameter, search for mount if not given.
* src/qemu_driver.c: Free hugetlbfs_mount/path parameter in driver shutdown.
Create directory for QEMU hugepage usage, chowning if required.
* docs/formatdomain.html.in: Document memoryBacking/hugepages elements
* docs/schemas/domain.rng: Add memoryBacking/hugepages elements to schema
* src/util.c, src/util.h, src/libvirt_private.syms: Add virFileFindMountPoint
helper API
* tests/qemuhelptest.c: Add -mem-path constants
* tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c: Add tests for hugepage
handling
* tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml,
tests/qemuxml2argvdata/qemuxml2argv-hugepages.args: Data files for
hugepage tests
2009-08-25 14:05:18 +00:00
|
|
|
#
|
2014-07-31 17:28:09 +00:00
|
|
|
# NB, within these mount points, guests will create memory backing
|
|
|
|
# files in a location of $MOUNTPOINT/libvirt/qemu
|
2010-10-20 08:25:05 +00:00
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#hugetlbfs_mount = "/dev/hugepages"
|
2009-11-03 22:41:23 +00:00
|
|
|
|
2010-10-20 08:25:05 +00:00
|
|
|
|
2013-03-25 14:25:30 +00:00
|
|
|
# Path to the setuid helper for creating tap devices. This executable
|
|
|
|
# is used to create <source type='bridge'> interfaces when libvirtd is
|
|
|
|
# running unprivileged. libvirt invokes the helper directly, instead
|
|
|
|
# of using "-netdev bridge", for security reasons.
|
|
|
|
#bridge_helper = "/usr/libexec/qemu-bridge-helper"
|
|
|
|
|
|
|
|
|
2010-10-20 08:25:05 +00:00
|
|
|
# If enabled, libvirt will have QEMU set its process name to
|
|
|
|
# "qemu:VM_NAME", where VM_NAME is the name of the VM. The QEMU
|
|
|
|
# process will appear as "qemu:VM_NAME" in process listings and
|
|
|
|
# other system monitoring tools. By default, QEMU does not set
|
|
|
|
# its process title, so the complete QEMU command (emulator and
|
|
|
|
# its arguments) appear in process listings.
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#set_process_name = 1
|
2011-04-05 12:17:28 +00:00
|
|
|
|
|
|
|
|
2011-12-22 11:22:31 +00:00
|
|
|
# If max_processes is set to a positive integer, libvirt will use
|
|
|
|
# it to set the maximum number of processes that can be run by qemu
|
|
|
|
# user. This can be used to override default value set by host OS.
|
|
|
|
# The same applies to max_files which sets the limit on the maximum
|
|
|
|
# number of opened files.
|
2011-04-05 12:17:28 +00:00
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#max_processes = 0
|
|
|
|
#max_files = 0
|
2010-10-26 14:04:46 +00:00
|
|
|
|
2019-05-22 23:12:14 +00:00
|
|
|
# If max_threads_per_process is set to a positive integer, libvirt
|
|
|
|
# will use it to set the maximum number of threads that can be
|
|
|
|
# created by a qemu process. Some VM configurations can result in
|
|
|
|
# qemu processes with tens of thousands of threads. systemd-based
|
|
|
|
# systems typically limit the number of threads per process to
|
|
|
|
# 16k. max_threads_per_process can be used to override default
|
|
|
|
# limits in the host OS.
|
|
|
|
#
|
|
|
|
#max_threads_per_process = 0
|
|
|
|
|
2015-03-18 11:14:55 +00:00
|
|
|
# If max_core is set to a non-zero integer, then QEMU will be
|
|
|
|
# permitted to create core dumps when it crashes, provided its
|
|
|
|
# RAM size is smaller than the limit set.
|
|
|
|
#
|
|
|
|
# Be warned that the core dump will include a full copy of the
|
2016-08-03 15:20:19 +00:00
|
|
|
# guest RAM, if the 'dump_guest_core' setting has been enabled,
|
|
|
|
# or if the guest XML contains
|
2015-03-18 11:14:55 +00:00
|
|
|
#
|
2016-08-03 15:20:19 +00:00
|
|
|
# <memory dumpcore="on">...guest ram...</memory>
|
2015-03-18 11:14:55 +00:00
|
|
|
#
|
|
|
|
# If guest RAM is to be included, ensure the max_core limit
|
|
|
|
# is set to at least the size of the largest expected guest
|
|
|
|
# plus another 1GB for any QEMU host side memory mappings.
|
|
|
|
#
|
|
|
|
# As a special case it can be set to the string "unlimited" to
|
|
|
|
# to allow arbitrarily sized core dumps.
|
|
|
|
#
|
|
|
|
# By default the core dump size is set to 0 disabling all dumps
|
|
|
|
#
|
|
|
|
# Size is a positive integer specifying bytes or the
|
|
|
|
# string "unlimited"
|
|
|
|
#
|
|
|
|
#max_core = "unlimited"
|
2012-05-25 10:20:43 +00:00
|
|
|
|
2016-08-03 15:20:19 +00:00
|
|
|
# Determine if guest RAM is included in QEMU core dumps. By
|
|
|
|
# default guest RAM will be excluded if a new enough QEMU is
|
|
|
|
# present. Setting this to '1' will force guest RAM to always
|
|
|
|
# be included in QEMU core dumps.
|
|
|
|
#
|
|
|
|
# This setting will be ignored if the guest XML has set the
|
|
|
|
# dumpcore attribute on the <memory> element.
|
|
|
|
#
|
|
|
|
#dump_guest_core = 1
|
|
|
|
|
2012-05-25 10:20:43 +00:00
|
|
|
# mac_filter enables MAC addressed based filtering on bridge ports.
|
|
|
|
# This currently requires ebtables to be installed.
|
|
|
|
#
|
|
|
|
#mac_filter = 1
|
|
|
|
|
|
|
|
|
|
|
|
# By default, PCI devices below non-ACS switch are not allowed to be assigned
|
|
|
|
# to guests. By setting relaxed_acs_check to 1 such devices will be allowed to
|
|
|
|
# be assigned to guests.
|
|
|
|
#
|
|
|
|
#relaxed_acs_check = 1
|
|
|
|
|
|
|
|
|
2014-03-12 07:53:37 +00:00
|
|
|
# In order to prevent accidentally starting two domains that
|
|
|
|
# share one writable disk, libvirt offers two approaches for
|
|
|
|
# locking files. The first one is sanlock, the other one,
|
|
|
|
# virtlockd, is then our own implementation. Accepted values
|
|
|
|
# are "sanlock" and "lockd".
|
2010-10-26 14:04:46 +00:00
|
|
|
#
|
2014-03-12 07:53:37 +00:00
|
|
|
#lock_manager = "lockd"
|
2011-08-12 13:29:37 +00:00
|
|
|
|
2012-05-25 10:20:43 +00:00
|
|
|
|
2011-08-12 13:29:37 +00:00
|
|
|
# Set limit of maximum APIs queued on one domain. All other APIs
|
|
|
|
# over this threshold will fail on acquiring job lock. Specially,
|
|
|
|
# setting to zero turns this feature off.
|
|
|
|
# Note, that job lock is per domain.
|
|
|
|
#
|
2012-05-25 09:32:17 +00:00
|
|
|
#max_queued = 0
|
2011-09-16 11:50:56 +00:00
|
|
|
|
|
|
|
###################################################################
|
|
|
|
# Keepalive protocol:
|
|
|
|
# This allows qemu driver to detect broken connections to remote
|
|
|
|
# libvirtd during peer-to-peer migration. A keepalive message is
|
2014-02-05 17:04:35 +00:00
|
|
|
# sent to the daemon after keepalive_interval seconds of inactivity
|
|
|
|
# to check if the daemon is still responding; keepalive_count is a
|
2011-09-16 11:50:56 +00:00
|
|
|
# maximum number of keepalive messages that are allowed to be sent
|
2014-02-05 17:04:35 +00:00
|
|
|
# to the daemon without getting any response before the connection
|
2011-09-16 11:50:56 +00:00
|
|
|
# is considered broken. In other words, the connection is
|
|
|
|
# automatically closed approximately after
|
|
|
|
# keepalive_interval * (keepalive_count + 1) seconds since the last
|
2014-02-05 17:04:35 +00:00
|
|
|
# message received from the daemon. If keepalive_interval is set to
|
2011-09-16 11:50:56 +00:00
|
|
|
# -1, qemu driver will not send keepalive requests during
|
|
|
|
# peer-to-peer migration; however, the remote libvirtd can still
|
|
|
|
# send them and source libvirtd will send responses. When
|
|
|
|
# keepalive_count is set to 0, connections will be automatically
|
|
|
|
# closed after keepalive_interval seconds of inactivity without
|
|
|
|
# sending any keepalive messages.
|
|
|
|
#
|
|
|
|
#keepalive_interval = 5
|
|
|
|
#keepalive_count = 5
|
2012-09-17 07:59:53 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
2018-03-31 20:15:03 +00:00
|
|
|
# Use seccomp syscall sandbox in QEMU.
|
|
|
|
# 1 == seccomp enabled, 0 == seccomp disabled
|
|
|
|
#
|
|
|
|
# If it is unset (or -1), then seccomp will be enabled
|
|
|
|
# only if QEMU >= 2.11.0 is detected, otherwise it is
|
|
|
|
# left disabled. This ensures the default config gets
|
|
|
|
# protection for new QEMU using the blacklist approach.
|
2012-09-17 07:59:53 +00:00
|
|
|
#
|
|
|
|
#seccomp_sandbox = 1
|
2013-10-09 09:32:55 +00:00
|
|
|
|
|
|
|
|
|
|
|
# Override the listen address for all incoming migrations. Defaults to
|
2013-11-08 16:39:25 +00:00
|
|
|
# 0.0.0.0, or :: if both host and qemu are capable of IPv6.
|
2014-10-07 04:07:32 +00:00
|
|
|
#migration_address = "0.0.0.0"
|
2013-10-15 13:26:52 +00:00
|
|
|
|
|
|
|
|
2014-05-20 06:08:05 +00:00
|
|
|
# The default hostname or IP address which will be used by a migration
|
|
|
|
# source for transferring migration data to this host. The migration
|
|
|
|
# source has to be able to resolve this hostname and connect to it so
|
|
|
|
# setting "localhost" will not work. By default, the host's configured
|
|
|
|
# hostname is used.
|
|
|
|
#migration_host = "host.example.com"
|
|
|
|
|
|
|
|
|
2013-10-15 13:26:52 +00:00
|
|
|
# Override the port range used for incoming migrations.
|
|
|
|
#
|
|
|
|
# Minimum must be greater than 0, however when QEMU is not running as root,
|
|
|
|
# setting the minimum to be lower than 1024 will not work.
|
|
|
|
#
|
|
|
|
# Maximum must not be greater than 65535.
|
|
|
|
#
|
|
|
|
#migration_port_min = 49152
|
|
|
|
#migration_port_max = 49215
|
2014-04-09 13:23:45 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Timestamp QEMU's log messages (if QEMU supports it)
|
|
|
|
#
|
|
|
|
# Defaults to 1.
|
|
|
|
#
|
|
|
|
#log_timestamp = 0
|
2014-08-07 14:59:21 +00:00
|
|
|
|
|
|
|
|
|
|
|
# Location of master nvram file
|
|
|
|
#
|
2019-04-16 15:30:13 +00:00
|
|
|
# This configuration option is obsolete. Libvirt will follow the
|
|
|
|
# QEMU firmware metadata specification to automatically locate
|
|
|
|
# firmware images. See docs/interop/firmware.json in the QEMU
|
|
|
|
# source tree. These metadata files are distributed alongside any
|
|
|
|
# firmware images intended for use with QEMU.
|
|
|
|
#
|
2019-11-11 16:22:50 +00:00
|
|
|
# NOTE: if ANY firmware metadata files are detected, this setting
|
|
|
|
# will be COMPLETELY IGNORED.
|
|
|
|
#
|
2019-04-16 15:30:13 +00:00
|
|
|
# ------------------------------------------
|
|
|
|
#
|
2014-08-07 14:59:21 +00:00
|
|
|
# When a domain is configured to use UEFI instead of standard
|
|
|
|
# BIOS it may use a separate storage for UEFI variables. If
|
|
|
|
# that's the case libvirt creates the variable store per domain
|
|
|
|
# using this master file as image. Each UEFI firmware can,
|
|
|
|
# however, have different variables store. Therefore the nvram is
|
|
|
|
# a list of strings when a single item is in form of:
|
|
|
|
# ${PATH_TO_UEFI_FW}:${PATH_TO_UEFI_VARS}.
|
2015-01-21 18:44:43 +00:00
|
|
|
# Later, when libvirt creates per domain variable store, this list is
|
|
|
|
# searched for the master image. The UEFI firmware can be called
|
|
|
|
# differently for different guest architectures. For instance, it's OVMF
|
|
|
|
# for x86_64 and i686, but it's AAVMF for aarch64. The libvirt default
|
|
|
|
# follows this scheme.
|
|
|
|
#nvram = [
|
|
|
|
# "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd",
|
2016-07-13 15:19:08 +00:00
|
|
|
# "/usr/share/OVMF/OVMF_CODE.secboot.fd:/usr/share/OVMF/OVMF_VARS.fd",
|
2017-07-20 19:56:55 +00:00
|
|
|
# "/usr/share/AAVMF/AAVMF_CODE.fd:/usr/share/AAVMF/AAVMF_VARS.fd",
|
|
|
|
# "/usr/share/AAVMF/AAVMF32_CODE.fd:/usr/share/AAVMF/AAVMF32_VARS.fd"
|
2015-01-21 18:44:43 +00:00
|
|
|
#]
|
2015-11-03 11:13:25 +00:00
|
|
|
|
|
|
|
# The backend to use for handling stdout/stderr output from
|
|
|
|
# QEMU processes.
|
|
|
|
#
|
|
|
|
# 'file': QEMU writes directly to a plain file. This is the
|
|
|
|
# historical default, but allows QEMU to inflict a
|
|
|
|
# denial of service attack on the host by exhausting
|
|
|
|
# filesystem space
|
|
|
|
#
|
|
|
|
# 'logd': QEMU writes to a pipe provided by virtlogd daemon.
|
|
|
|
# This is the current default, providing protection
|
|
|
|
# against denial of service by performing log file
|
|
|
|
# rollover when a size limit is hit.
|
|
|
|
#
|
|
|
|
#stdio_handler = "logd"
|
2016-09-21 19:34:18 +00:00
|
|
|
|
2017-03-07 17:09:58 +00:00
|
|
|
# QEMU gluster libgfapi log level, debug levels are 0-9, with 9 being the
|
2016-09-21 19:34:18 +00:00
|
|
|
# most verbose, and 0 representing no debugging output.
|
|
|
|
#
|
|
|
|
# The current logging levels defined in the gluster GFAPI are:
|
|
|
|
#
|
|
|
|
# 0 - None
|
|
|
|
# 1 - Emergency
|
|
|
|
# 2 - Alert
|
|
|
|
# 3 - Critical
|
|
|
|
# 4 - Error
|
|
|
|
# 5 - Warning
|
|
|
|
# 6 - Notice
|
|
|
|
# 7 - Info
|
|
|
|
# 8 - Debug
|
|
|
|
# 9 - Trace
|
|
|
|
#
|
|
|
|
# Defaults to 4
|
|
|
|
#
|
2016-11-18 15:03:08 +00:00
|
|
|
#gluster_debug_level = 9
|
2016-11-18 15:34:45 +00:00
|
|
|
|
2019-12-11 21:30:06 +00:00
|
|
|
# virtiofsd debug
|
|
|
|
#
|
|
|
|
# Whether to enable the debugging output of the virtiofsd daemon.
|
|
|
|
# Possible values are 0 or 1. Disabled by default.
|
|
|
|
#
|
|
|
|
#virtiofsd_debug = 1
|
|
|
|
|
2016-11-18 15:34:45 +00:00
|
|
|
# To enhance security, QEMU driver is capable of creating private namespaces
|
|
|
|
# for each domain started. Well, so far only "mount" namespace is supported. If
|
|
|
|
# enabled it means qemu process is unable to see all the devices on the system,
|
|
|
|
# only those configured for the domain in question. Libvirt then manages
|
|
|
|
# devices entries throughout the domain lifetime. This namespace is turned on
|
|
|
|
# by default.
|
|
|
|
#namespaces = [ "mount" ]
|
2017-02-02 13:27:31 +00:00
|
|
|
|
|
|
|
# This directory is used for memoryBacking source if configured as file.
|
|
|
|
# NOTE: big files will be stored here
|
|
|
|
#memory_backing_dir = "/var/lib/libvirt/qemu/ram"
|
2017-12-15 09:42:40 +00:00
|
|
|
|
|
|
|
# Path to the SCSI persistent reservations helper. This helper is
|
|
|
|
# used whenever <reservations/> are enabled for SCSI LUN devices.
|
|
|
|
#pr_helper = "/usr/bin/qemu-pr-helper"
|
2017-04-04 16:22:31 +00:00
|
|
|
|
2019-08-08 14:55:03 +00:00
|
|
|
# Path to the SLIRP networking helper.
|
|
|
|
#slirp_helper = "/usr/bin/slirp-helper"
|
|
|
|
|
2020-02-25 09:55:06 +00:00
|
|
|
# Path to the dbus-daemon
|
|
|
|
#dbus_daemon = "/usr/bin/dbus-daemon"
|
|
|
|
|
2017-04-04 16:22:31 +00:00
|
|
|
# User for the swtpm TPM Emulator
|
|
|
|
#
|
|
|
|
# Default is 'tss'; this is the same user that tcsd (TrouSerS) installs
|
|
|
|
# and uses; alternative is 'root'
|
|
|
|
#
|
|
|
|
#swtpm_user = "tss"
|
|
|
|
#swtpm_group = "tss"
|
2019-06-18 07:46:22 +00:00
|
|
|
|
|
|
|
# For debugging and testing purposes it's sometimes useful to be able to disable
|
|
|
|
# libvirt behaviour based on the capabilities of the qemu process. This option
|
|
|
|
# allows to do so. DO _NOT_ use in production and beaware that the behaviour
|
|
|
|
# may change across versions.
|
|
|
|
#
|
|
|
|
#capability_filters = [ "capname" ]
|