mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-22 04:25:18 +00:00
c86f53d5b2
For a unprivileged user libvirt.conf and auth.conf are looked up in $XDG_CONFIG_HOME but the docs incorrectly state that it's $XDG_CONFIG_DIR.
331 lines
11 KiB
XML
331 lines
11 KiB
XML
<?xml version="1.0"?>
|
|
<html>
|
|
<body>
|
|
<h1 >Connection URIs</h1>
|
|
|
|
<ul id="toc"></ul>
|
|
<p>
|
|
Since libvirt supports many different kinds of virtualization
|
|
(often referred to as "drivers" or "hypervisors"), we need a
|
|
way to be able to specify which driver a connection refers to.
|
|
Additionally we may want to refer to a driver on a remote
|
|
machine over the network.
|
|
</p>
|
|
<p>
|
|
To this end, libvirt uses URIs as used on the Web and as defined in <a href="http://www.ietf.org/rfc/rfc2396.txt">RFC 2396</a>. This page
|
|
documents libvirt URIs.
|
|
</p>
|
|
<h2><a name="URI_libvirt">Specifying URIs to libvirt</a></h2>
|
|
|
|
<p>
|
|
The URI is passed as the <code>name</code> parameter to <a href="html/libvirt-libvirt.html#virConnectOpen"><code>virConnectOpen</code></a> or <a href="html/libvirt-libvirt.html#virConnectOpenReadOnly"><code>virConnectOpenReadOnly</code></a>. For example:
|
|
</p>
|
|
<pre>
|
|
virConnectPtr conn = virConnectOpenReadOnly (<b>"test:///default"</b>);
|
|
</pre>
|
|
<h2>
|
|
<a name="URI_config">Configuring URI aliases</a>
|
|
</h2>
|
|
|
|
<p>
|
|
To simplify life for administrators, it is possible to setup URI aliases in a
|
|
libvirt client configuration file. The configuration file is <code>/etc/libvirt/libvirt.conf</code>
|
|
for the root user, or <code>$XDG_CONFIG_HOME/libvirt/libvirt.conf</code> for any unprivileged user.
|
|
In this file, the following syntax can be used to setup aliases
|
|
</p>
|
|
|
|
<pre>
|
|
uri_aliases = [
|
|
"hail=qemu+ssh://root@hail.cloud.example.com/system",
|
|
"sleet=qemu+ssh://root@sleet.cloud.example.com/system",
|
|
]
|
|
</pre>
|
|
|
|
<p>
|
|
A URI alias should be a string made up from the characters
|
|
<code>a-Z, 0-9, _, -</code>. Following the <code>=</code>
|
|
can be any libvirt URI string, including arbitrary URI parameters.
|
|
URI aliases will apply to any application opening a libvirt
|
|
connection, unless it has explicitly passed the <code>VIR_CONNECT_NO_ALIASES</code>
|
|
parameter to <code>virConnectOpenAuth</code>. If the passed in
|
|
URI contains characters outside the allowed alias character
|
|
set, no alias lookup will be attempted.
|
|
</p>
|
|
|
|
<h2><a name="URI_default">Default URI choice</a></h2>
|
|
|
|
<p>
|
|
If the URI passed to <code>virConnectOpen*</code> is NULL, then libvirt will use the following
|
|
logic to determine what URI to use.
|
|
</p>
|
|
|
|
<ol>
|
|
<li>The environment variable <code>LIBVIRT_DEFAULT_URI</code></li>
|
|
<li>The client configuration file <code>uri_default</code> parameter</li>
|
|
<li>Probe each hypervisor in turn until one that works is found</li>
|
|
</ol>
|
|
|
|
<h2>
|
|
<a name="URI_virsh">Specifying URIs to virsh, virt-manager and virt-install</a>
|
|
</h2>
|
|
<p>
|
|
In virsh use the <code>-c</code> or <code>--connect</code> option:
|
|
</p>
|
|
<pre>
|
|
virsh <b>-c test:///default</b> list
|
|
</pre>
|
|
<p>
|
|
If virsh finds the environment variable
|
|
<code>VIRSH_DEFAULT_CONNECT_URI</code> set, it will try this URI by
|
|
default. Use of this environment variable is, however, deprecated
|
|
now that libvirt supports <code>LIBVIRT_DEFAULT_URI</code> itself.
|
|
</p>
|
|
<p>
|
|
When using the interactive virsh shell, you can also use the
|
|
<code>connect</code> <i>URI</i> command to reconnect to another
|
|
hypervisor.
|
|
</p>
|
|
<p>
|
|
In virt-manager use the <code>-c</code> or <code>--connect=</code><i>URI</i> option:
|
|
</p>
|
|
<pre>
|
|
virt-manager <b>-c test:///default</b>
|
|
</pre>
|
|
<p>
|
|
In virt-install use the <code>--connect=</code><i>URI</i> option:
|
|
</p>
|
|
<pre>
|
|
virt-install <b>--connect=test:///default</b> <i>[other options]</i>
|
|
</pre>
|
|
<h2>
|
|
<a name="URI_xen">xen:/// URI</a>
|
|
</h2>
|
|
<p>
|
|
<i>This section describes a feature which is new in libvirt >
|
|
0.2.3. For libvirt ≤ 0.2.3 use <a href="#URI_legacy_xen"><code>"xen"</code></a>.</i>
|
|
</p>
|
|
<p>
|
|
To access a Xen hypervisor running on the local machine
|
|
use the URI <code>xen:///</code>.
|
|
</p>
|
|
<h2>
|
|
<a name="URI_qemu">qemu:///... QEMU and KVM URIs</a>
|
|
</h2>
|
|
<p>
|
|
To use QEMU support in libvirt you must be running the
|
|
<code>libvirtd</code> daemon (named <code>libvirt_qemud</code>
|
|
in releases prior to 0.3.0). The purpose of this
|
|
daemon is to manage qemu instances.
|
|
</p>
|
|
<p>
|
|
The <code>libvirtd</code> daemon should be started by the
|
|
init scripts when the machine boots. It should appear as
|
|
a process <code>libvirtd --daemon</code> running as root
|
|
in the background and will handle qemu instances on behalf
|
|
of all users of the machine (among other things). </p>
|
|
<p>
|
|
So to connect to the daemon, one of two different URIs is used:
|
|
</p>
|
|
<ul>
|
|
<li><code>qemu:///system</code> connects to a system mode daemon. </li>
|
|
<li><code>qemu:///session</code> connects to a session mode daemon. </li>
|
|
</ul>
|
|
<p>
|
|
(If you do <code>libvirtd --help</code>, the daemon will print
|
|
out the paths of the Unix domain socket(s) that it listens on in
|
|
the various different modes).
|
|
</p>
|
|
<p>
|
|
KVM URIs are identical. You select between qemu, qemu accelerated and
|
|
KVM guests in the <a href="format.html#KVM1">guest XML as described
|
|
here</a>.
|
|
</p>
|
|
<h2>
|
|
<a name="URI_remote">Remote URIs</a>
|
|
</h2>
|
|
<p>
|
|
Remote URIs are formed by taking ordinary local URIs and adding a
|
|
hostname and/or transport name. As a special case, using a URI
|
|
scheme of 'remote', will tell the remote libvirtd server to probe
|
|
for the optimal hypervisor driver. This is equivalent to passing
|
|
a NULL URI for a local connection. For example:
|
|
</p>
|
|
<table class="top_table">
|
|
<tr>
|
|
<th> Local URI </th>
|
|
<th> Remote URI </th>
|
|
<th> Meaning </th>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
<code>xen:///</code>
|
|
</td>
|
|
<td>
|
|
<code>xen://oirase/</code>
|
|
</td>
|
|
<td> Connect to the Xen hypervisor running on host <code>oirase</code>
|
|
using TLS. </td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
<code>NULL</code>
|
|
</td>
|
|
<td>
|
|
<code>remote://oirase/</code>
|
|
</td>
|
|
<td> Connect to the "default" hypervisor running on host <code>oirase</code>
|
|
using TLS. </td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
<code>xen:///</code>
|
|
</td>
|
|
<td>
|
|
<code>xen+ssh://oirase/</code>
|
|
</td>
|
|
<td> Connect to the Xen hypervisor running on host <code>oirase</code>
|
|
by going over an <code>ssh</code> connection. </td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
<code>test:///default</code>
|
|
</td>
|
|
<td>
|
|
<code>test+tcp://oirase/default</code>
|
|
</td>
|
|
<td> Connect to the test driver on host <code>oirase</code>
|
|
using an unsecured TCP connection. </td>
|
|
</tr>
|
|
</table>
|
|
<p>
|
|
Remote URIs in libvirt offer a rich syntax and many features.
|
|
We refer you to <a href="remote.html#Remote_URI_reference">the libvirt
|
|
remote URI reference</a> and <a href="remote.html">full documentation
|
|
for libvirt remote support</a>.
|
|
</p>
|
|
<h2>
|
|
<a name="URI_test">test:///... Test URIs</a>
|
|
</h2>
|
|
<p>
|
|
The test driver is a dummy hypervisor for test purposes.
|
|
The URIs supported are:
|
|
</p>
|
|
<ul>
|
|
<li><code>test:///default</code> connects to a default set of
|
|
host definitions built into the driver. </li>
|
|
<li><code>test:///path/to/host/definitions</code> connects to
|
|
a set of host definitions held in the named file.
|
|
</li>
|
|
</ul>
|
|
<h2>
|
|
<a name="URI_legacy">Other & legacy URI formats</a>
|
|
</h2>
|
|
<h3>
|
|
<a name="URI_NULL">NULL and empty string URIs</a>
|
|
</h3>
|
|
<p>
|
|
Libvirt allows you to pass a <code>NULL</code> pointer to
|
|
<code>virConnectOpen*</code>. Empty string (<code>""</code>) acts in
|
|
the same way. Traditionally this has meant
|
|
<q>connect to the local Xen hypervisor</q>. However in future this
|
|
may change to mean <q>connect to the best available hypervisor</q>.
|
|
</p>
|
|
<p>
|
|
The theory is that if, for example, Xen is unavailable but the
|
|
machine is running an OpenVZ kernel, then we should not try to
|
|
connect to the Xen hypervisor since that is obviously the wrong
|
|
thing to do.
|
|
</p>
|
|
<p>
|
|
In any case applications linked to libvirt can continue to pass
|
|
<code>NULL</code> as a default choice, but should always allow the
|
|
user to override the URI, either by constructing one or by allowing
|
|
the user to type a URI in directly (if that is appropriate). If your
|
|
application wishes to connect specifically to a Xen hypervisor, then
|
|
for future proofing it should choose a full <a href="#URI_xen"><code>xen:///</code> URI</a>.
|
|
</p>
|
|
<h3>
|
|
<a name="URI_file">File paths (xend-unix-server)</a>
|
|
</h3>
|
|
<p>
|
|
If XenD is running and configured in <code>/etc/xen/xend-config.sxp</code>:
|
|
</p>
|
|
<pre>
|
|
(xend-unix-server yes)
|
|
</pre>
|
|
<p>
|
|
then it listens on a Unix domain socket, usually at
|
|
<code>/var/lib/xend/xend-socket</code>. You may pass a different path
|
|
using a file URI such as:
|
|
</p>
|
|
<pre>
|
|
virsh -c ///var/run/xend/xend-socket
|
|
</pre>
|
|
<h3>
|
|
<a name="URI_http">Legacy: <code>http://...</code> (xend-http-server)</a>
|
|
</h3>
|
|
<p>
|
|
If XenD is running and configured in <code>/etc/xen/xend-config.sxp</code>:
|
|
|
|
</p>
|
|
<pre>
|
|
(xend-http-server yes)
|
|
</pre>
|
|
<p>
|
|
then it listens on TCP port 8000. libvirt allows you to
|
|
try to connect to xend running on remote machines by passing
|
|
<code>http://<i>hostname</i>[:<i>port</i>]/</code>, for example:
|
|
|
|
</p>
|
|
<pre>
|
|
virsh -c http://oirase/ list
|
|
</pre>
|
|
<p>
|
|
This method is unencrypted and insecure and is definitely not
|
|
recommended for production use. Instead use <a href="remote.html">libvirt's remote support</a>.
|
|
</p>
|
|
<p>
|
|
Notes:
|
|
</p>
|
|
<ol>
|
|
<li> The HTTP client does not fully support IPv6. </li>
|
|
<li> Many features do not work as expected across HTTP connections, in
|
|
particular, <a href="html/libvirt-libvirt.html#virConnectGetCapabilities">virConnectGetCapabilities</a>.
|
|
The <a href="remote.html">remote support</a> however does work
|
|
correctly. </li>
|
|
<li> XenD's new-style XMLRPC interface is not supported by
|
|
libvirt, only the old-style sexpr interface known in the Xen
|
|
documentation as "unix server" or "http server".</li>
|
|
</ol>
|
|
<h3>
|
|
<a name="URI_legacy_xen">Legacy: <code>"xen"</code></a>
|
|
</h3>
|
|
<p>
|
|
Another legacy URI is to specify name as the string
|
|
<code>"xen"</code>. This will continue to refer to the Xen
|
|
hypervisor. However you should prefer a full <a href="#URI_xen"><code>xen:///</code> URI</a> in all future code.
|
|
</p>
|
|
<h3>
|
|
<a name="URI_legacy_proxy">Legacy: Xen proxy</a>
|
|
</h3>
|
|
<p>
|
|
Libvirt continues to support connections to a separately running Xen
|
|
proxy daemon. This provides a way to allow non-root users to make a
|
|
safe (read-only) subset of queries to the hypervisor.
|
|
</p>
|
|
<p>
|
|
There is no specific "Xen proxy" URI. However if a Xen URI of any of
|
|
the ordinary or legacy forms is used (eg. <code>NULL</code>,
|
|
<code>""</code>, <code>"xen"</code>, ...) which fails, <i>and</i> the
|
|
user is not root, <i>and</i> the Xen proxy socket can be connected to
|
|
(<code>/tmp/libvirt_proxy_conn</code>), then libvirt will use a proxy
|
|
connection.
|
|
</p>
|
|
<p>
|
|
You should consider using <a href="remote.html">libvirt remote support</a>
|
|
in future. <span class="since">Since 0.8.6</span> libvirt doesn't contain
|
|
the Xen proxy anymore and you should use libvirtd instead.
|
|
</p>
|
|
</body>
|
|
</html>
|