Bug 1148012

Summary: RFE: Allow qemu-bridge-helper to be used to implement guestfs_set_network
Product: [Community] Virtualization Tools Reporter: Richard W.M. Jones <rjones>
Component: libguestfsAssignee: Richard W.M. Jones <rjones>
Status: CLOSED UPSTREAM QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: laine, mbooth, ptoscano, rbalakri
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-02 22:11:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1146320, 1147057    
Bug Blocks:    

Description Richard W.M. Jones 2014-09-30 14:10:24 UTC 
Description of problem:

See: https://lists.fedoraproject.org/pipermail/virt/2014-September/004179.html
and followups.

qemu has a setuid program called 'qemu-bridge-helper' which
apparently we can use to connect to virbr0 and get real
networking instead of using SLIRP.

This would only apply to the libvirt backend.
Comment 1 Laine Stump 2014-09-30 14:54:50 UTC 
On a system that is already doing this for boxes, all that would be required would be to use the following interface definition:

  <interface type='bridge'>
    <source bridge='virbr0'/>
    ...
  </interface>

the bridge helper looks in /etc/qemu/bridge.conf to see which bridges it can use, and which users can request taps connected to those bridges. On Fedora at least, by default this file contains:

   allow virbr0

which means that any uid can request a new tap device connected to virbr0. Apparently, this particular bridge.conf file is installed as part of the qemu-common package.
Comment 2 Richard W.M. Jones 2014-09-30 15:08:55 UTC 
That change would be quite simple to make in libguestfs .. but
using virbr0 would require dhcp I think?  Unfortunately the
guestfs appliance would really like a fixed IP address assigned
in advance.  I guess we might be able to run dhclient, assuming
there is not too much speed penalty.
Comment 3 Richard W.M. Jones 2014-09-30 15:44:49 UTC 
These two patches implement the general idea:

https://www.redhat.com/archives/libguestfs/2014-September/msg00293.html
https://www.redhat.com/archives/libguestfs/2014-September/msg00294.html
Comment 4 Richard W.M. Jones 2014-10-02 11:41:01 UTC 
v2 patch:
https://www.redhat.com/archives/libguestfs/2014-October/msg00007.html
Comment 5 Richard W.M. Jones 2014-10-02 15:37:16 UTC 
Patches upstream, but blocked by bug 1146320 on Rawhide.