Secret Incantations For Virt-viewer?

Home » CentOS » Secret Incantations For Virt-viewer?
CentOS 6 Comments

Hello everyone –

I am trying to use virt-viewer to connect to KVM virtual machines running on a CentOS7 host. It works great when running directly on the host, but I have not been able to figure out the magic connection string to make it work from another computer.

On the host, I set selinux to “permissive” and stopped the firewalld service.
No change, so it is not related to them.

Almost every command I try gives an immediate dialog box that says “Unable to connect to libvirt with URI …”. The only command line that gets me anything different is this:

virt-viewer –connect xen+ssh://root@practice7.billgee.local/
dd2a2ba7-707d-42b5-8c83-94b11ce6e269

This will ask me for the root password on the host machine and then gives me the same “Unable to connect” message. I tried it with a regular user account instead of root and got the same result.

I have tried it with and without the “root@” string. I tried using both the UUID and the domain name of the guest. I tried all of the following protocols:

ssh://
qemu://
qemu:///
xen://
xen+ssh://
qemu_ssh://
qemu+ssh://

If I open a regular SSH shell using the +X parameter and then launch virt-
viewer, it works. The connection string in that case is

–connect=qemu:///system

Any suggestions?

Thanks – Bill Gee

6 thoughts on - Secret Incantations For Virt-viewer?

  • virt-viewer connects to a VNC console, which is listening only on localhost. You need to modify the VNC console on the VM to access throu the network.

  • I use
    –connect=qemu+ssh://root@host.company.tl/system virtualname

    greetings Patrick

    Op 30-12-14 om 15:46 schreef Bill Gee:

  • As Marcelo points out, by default QEMU listens on localhost for VNC
    consoles. If you grep VNC out of the qemu.conf, you’ll get hints at a bunch of different options. More than likely you want the VNC_listen config parameter.

    ~]# grep VNC /etc/libvirt/qemu.conf vnc_listen = “X.X.X.X”
    # over VNC_listen.
    #vnc_auto_unix_socket = 1
    #vnc_tls = 1
    # default it to keep them in /etc/pki/libvirt-vnc. This directory
    #vnc_tls_x509_cert_dir = “/etc/pki/libvirt-vnc”
    # certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
    #vnc_tls_x509_verify = 1
    #vnc_password = “XYZ12345”
    #vnc_sasl = 1
    #vnc_sasl_dir = “/some/directory/sasl2”
    #vnc_allow_host_audio = 0
    # result into negative VNC display number.

    I suspect (although I have not tested it) that the method Patrick suggested tunnels through SSH.

    [ Personally I don’t use virt-viewer often and instead use virsh CLI along with a VNC client if necessary. ]

  • Hi Mike –

    Thanks! I changed the qemu.conf file to listen on 0.0.0.0. That works – I can connect to the virtual machines using a VNC client.

    The problem with VNC is that the port number assigned to a particular VM
    depends on the order in which it is started. There is no command-line option for VNC that will attach to a VM by name … only by display number or port number.

    With virt-viewer I can name the domain on the command line. It is unambiguous
    – There is no doubt about which VM it will connect to.

    I found where the VNC port can be fixed in the XML file that defines each VM.
    However, it is a manual process. I have not found a way to set it using virsh.

    I found where virsh can report the VNC port number used by a domain. However, the computers from where I am running VNC client do not have virsh installed.

    Somewhere in all this experimenting I have managed to break virt-viewer again.
    It was working, but no more. Argh! Good thing this is all happening on test computers!

    Bill Gee

  • Listening on 0.0.0.0 listens on all network interfaces. Mark’s comment is not a major concern unless your KVM host is directly connected to the Internet (no firewall).
    * You should consider adding firewall rules on your KVM host none the less.

    You can specify the VNC port when creating a host. But as far as connecting via VNC to a host VM by name without also having to add a port # suffix, that is more difficult. Easiest way for you to do so is to create shell aliases for each one.

    For my own deployments, I have a wiki page which documents what VNC ports are used.

    There’s also virsh commands to extract info. virsh dominfo
    virsh VNCdisplay

    Yes, a manual process. One would think there’s a way to change it via virsh, but that could/would be a problem for a running VM.

    virt-install has options for specifying VNC ports.

    They do not need virsh. SSH to the KVM host and run the virsh commands from there.

  • Maybe, but the port used for a host does not change.

    Ok, install virsh?
    ( If solves the/a problem. )

    Again, the VNC port used by a host does not change. Not sure I see the problem here.

    There may be something out there that does exactly what you want.
    ( I don’t know of it yet. :-/ )
    [ I have been hoping that somebody who uses the KVM GUIs might chime in. ]

    * Please do post with your final solution for the betterment of the CentOS
    Community.