ocaml-libvirt-0.4.0.1: Can't connect to Xen- Host
On Tue, May 27, 2008 at 11:37:10AM +0200, Feichtinger Günter wrote:
> I intstalled the ocaml-libvirt-0.4.0.1.exe on MS- Vista without problems. > Also the virt-ctrl.exe starts without problems. > But when I try to connect to a Xen-Host I get the messages: > libvir: Remote error : Cannot access CA certificate 'C:/msys/1.0/local/etc/pki/C > A/cacert.pem': No such file or directory (2) > > Please be so kind and help. It's not very clear to me what you are trying to connect to what, but you'll probably want to read about remote connections, here: http://libvirt.org/remote.html Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones Read my OCaml programming blog: http://camltastic.blogspot.com/ Fedora now supports 59 OCaml packages (the OPEN alternative to F#) http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora _______________________________________________ et-mgmt-tools mailing list et-mgmt-tools@redhat.com https://www.redhat.com/mailman/listinfo/et-mgmt-tools |
ocaml-libvirt-0.4.0.1: Can't connect to Xen- Host
On Wed, May 28, 2008 at 12:22:53PM +0200, Feichtinger Günter wrote:
> > -----Ursprüngliche Nachricht----- > > Von: Richard W.M. Jones [mailto:rjones@redhat.com] > > Gesendet: Dienstag, 27. Mai 2008 11:45 > > An: Feichtinger Günter > > Cc: et-mgmt-tools@redhat.com > > Betreff: Re: ocaml-libvirt-0.4.0.1: Can't connect to Xen- Host > > > > On Tue, May 27, 2008 at 11:37:10AM +0200, Feichtinger Günter wrote: > > > I intstalled the ocaml-libvirt-0.4.0.1.exe on MS- Vista > > without problems. > > > Also the virt-ctrl.exe starts without problems. > > > But when I try to connect to a Xen-Host I get the messages: > > > libvir: Remote error : Cannot access CA certificate > > > 'C:/msys/1.0/local/etc/pki/C > > > A/cacert.pem': No such file or directory (2) > > > > > > Please be so kind and help. > > > > It's not very clear to me what you are trying to connect to > > what, but you'll probably want to read about remote connections, here: > > > > http://libvirt.org/remote.html > > > > Rich. > > Hello Richard, > thanks for your prompt answer. I see, I have to explain it more excatly. > I have 3 Xen-Hosts (CentOS 5.1) and use virt-managaer local an this hosts. > I'm looking for a possibility to manages xen-hosts from MS-Windows-Clients like VMWareServerConsole. > So I was looking around and found your port of the virt-manager. > I tried to connect with xen://xen-host/ and get the message above. > Which possibility to I have for remote connections? I think I read that with your virt-manager port only support TLS, isn't it? > So do I have to work with certificates? In my test-envirment a "low" security solution is also fine :-) The first thing to say is that this isn't a port of virt-manager. We couldn't get that working on Windows because the Python stuff for Win32 was too complicated. This is a port of virt-ctrl instead (http://et.redhat.com/~rjones/virt-ctrl/) which is a far less powerful virt-manager clone that I wrote in my spare time, just as an experiment. (It's also a rather old version of virt-ctrl. I really must update that package ...) Anyway, you should be able to set up your Xen hosts so that TCP (insecure) connections are possible. Assuming that libvirtd is running, there should be a file /etc/libvirt/libvirtd.conf which you can edit to enable TCP connections: http://libvirt.org/remote.html#Remote_libvirtd_configuration listen_tcp = 1 I believe you also need to edit /etc/sysconfig/libvirtd and uncomment: LIBVIRTD_ARGS="--listen" and of course open firewall port 16509 if necessary. Then you should be able to connect remotely using this URI: xen+tcp://hostname/ TCP connections are totally insecure, so you should only do this on a private network. Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones Read my OCaml programming blog: http://camltastic.blogspot.com/ Fedora now supports 59 OCaml packages (the OPEN alternative to F#) http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora _______________________________________________ et-mgmt-tools mailing list et-mgmt-tools@redhat.com https://www.redhat.com/mailman/listinfo/et-mgmt-tools |
ocaml-libvirt-0.4.0.1: Can't connect to Xen- Host
On Mon, Jun 02, 2008 at 10:52:19AM +0100, Richard W.M. Jones wrote:
> http://libvirt.org/remote.html#Remote_libvirtd_configuration > > listen_tcp = 1 > > I believe you also need to edit /etc/sysconfig/libvirtd and uncomment: > > LIBVIRTD_ARGS="--listen" > > and of course open firewall port 16509 if necessary. > > Then you should be able to connect remotely using this URI: > > xen+tcp://hostname/ > > TCP connections are totally insecure, so you should only do this on a > private network. This is no longer true. Recent libvirt will enable SASL authentication on the TCP socket by default, and the default SASL config for libvirt turns on digest-md5 which provides by username+password authentication and subsquent session encryption. You can also switch SASL to use kerberos which again provides auth & session encryption. With either digest-md5 or Kerberos, the security is on a par with SSL/TLS in terms of encryption strength http://libvirt.org/auth.html#ACL_server_username Regards, Daniel. -- |: Red Hat, Engineering, Boston -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| _______________________________________________ et-mgmt-tools mailing list et-mgmt-tools@redhat.com https://www.redhat.com/mailman/listinfo/et-mgmt-tools |
| All times are GMT. The time now is 07:34 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.