Virt-install Message Regarding Spice And TLS

Home » CentOS » Virt-install Message Regarding Spice And TLS
CentOS 6 Comments

Is TLS required for the usage of Spice with KVM/libvirtd?

I’ve been through the virt-install manpage a few times now to no avail. What is wrong with my syntax here (seen below)?

Thanks.

~]# virt-install –connect qemu:///system -n blahhost -r2048 –vcpus=4
–arch=x86_64 –video qxl –graphics spice,portY31 –noautoconsole
–os-type linux –accelerate —network=bridge:kickstart_br0 –hvm –disk path=/dev/vmdisks/fedora-test2,bus=virtio –cdrom /tmp/fedora.iso

Starting install… ERROR unsupported configuration: Auto allocation of spice TLS port requested but spice TLS is disabled in qemu.conf Domain installation does not appear to have been successful. If it was, you can restart your domain by running:
virsh –connect qemu:///system start blahhost otherwise, please restart your installation.

6 thoughts on - Virt-install Message Regarding Spice And TLS

  • No. I had a similar problem several years back and ended up manually removing tlsPort= from /etc/libvirt/qemu/xxx.xml

  • To also reply to nevis2us:
    I have the Spice TLS config commented presently so it is not active (afaik). At one point I did try switching the value from 1 to 0 when I did have it uncommented.

    I did try that before (though didn’t note it in my first message).

    ERROR Error in graphics device parameters: TLS port must be a number between 5900 and 65535, or -1 for auto allocation

    ~]# cat /etc/redhat-release CentOS release 6.7 (Final)
    ~]# yum info libvirt | egrep ‘Name|Version|Release’
    Name : libvirt Version : 0.10.2
    Release : 54.el6

    Any other thoughts? :-/
    I can’t be the only person that wants to use Spice with out TLS for some testing/labbing. ;-)

    Thanks!

  • I am also seeing this issue. I’ve managed it by checking auto for spice. This has the unfortunate issue that it is possible for a port to a particular VM to change from reboot to reboot. But it does allow the VM to start without problems.

    We don’t use, or need, TLS because these VMs are accessed only form the local network.

    We are using CentOS seven for all VM hosts, and 90% of the guests are now on CentOS 7 as well.

    Emmett

  • Personally I only have experience with virt-manager or virt-install with
    –nographics over a serial tty.

    Quite a bit can be found when googling for “Auto allocation of spice TLS
    port requested but spice TLS is disabled in qemu.conf” (with quotes). It appears the issue is known and addressed for RHEL 7, but RHEL 6 seems to be ignored, a bit like the MySQL vs SSL breakage was fixed for RHEL 6
    but not RHEL 5 (https://bugzilla.redhat.com/show_bug.cgi?id31960 is still open even though the issues for RHEL 5 and 6 are identical).

    Sadly the communication between the development teams of the different versions of RHEL seems sub optimal :S . I suggest you open a bug report for RHEL 6 specifically.

    Regards, Leonard.

  • Thanks Leonard!
    I’ll gather some references for a bug report so I present other people’s reports too.