Bug 1079211 - virt-viewer --direct fails to connect to remote guest configured with listen="0.0.0.0"
Summary: virt-viewer --direct fails to connect to remote guest configured with listen=...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: virt-viewer
Version: 7.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: ---
Assignee: Christophe Fergeau
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks: 1085210
TreeView+ depends on / blocked
 
Reported: 2014-03-21 08:45 UTC by tingting zheng
Modified: 2015-03-05 13:38 UTC (History)
8 users (show)

Fixed In Version: virt-viewer-0.6.0-1.el7
Doc Type: Bug Fix
Doc Text:
The scenario described in comment 7 (https://bugzilla.redhat.com/show_bug.cgi?id=1079211#c7) failed. It now should work.
Clone Of:
: 1085210 (view as bug list)
Environment:
Last Closed: 2015-03-05 13:38:58 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:0295 0 normal SHIPPED_LIVE virt-viewer bug fix and enhancement update 2015-03-05 17:33:00 UTC

Description tingting zheng 2014-03-21 08:45:15 UTC
Description
virt-viewer --direct option fails to connect remote guest

Version:
virt-viewer-0.5.7-7.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
I've found bug 730911#4,it points that there are three guest configurations that should be tested,so I tested the three scenarios.

 1. No listen attribute

      <graphics type='vnc' port='-1' autoport='yes'/>

 2. Specific listen attribute

      <graphics type='vnc' port='-1' autoport='yes' listen='123.45.67.89'/>

 3. Wildcard listen attribute

      <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/>


Scenario 1:
It defaults to 127.0.0.1 test as below:
1.On host A(ip:10.66.5.145),prepare a vnc guest.
# virsh list 
 Id    Name                           State
----------------------------------------------------
 45    demo-vnc                     running

# virsh dumpxml demo-vnc
    <graphics type='vnc' port='-1' autoport='yes'/>

2.On host B(ip:10.66.5.7),use virt-viewer to connect the guest on host A using --direct:
# virt-viewer --direct -c qemu+ssh://10.66.5.145/system demo-vnc

2.1 On host B,if there is no guest running using vnc protocal with port 5900,error will show as:
"Unable to connect to the graphic server 127.0.0.1:5900"

2.2 On host B,if there is a guest running using vnc protocal with port 5900,
# virsh dumpmxl demo
    <graphics type='vnc' port='5900' autoport='no' listen='0.0.0.0'>
      <listen type='address' address='0.0.0.0'/>
    </graphics>

# virt-viewer --direct -c qemu+ssh://10.66.5.145/system demo-vnc
Then the vm 'demo' on host B will be opened instead of remote guest demo-vnc on host A.

Scenario 2:
1.On host A(ip:10.66.5.145),prepare a vnc guest.

# virsh dumpxml demo-vnc
      <graphics type='vnc' port='-1' autoport='yes' listen='10.66.5.145'/>

2.On host A(ip:10.66.5.145),virt-viewer --direct can launch the demo-vnc successfully.

3.On host B(ip:10.66.5.7),--direct fails with the blow error:
# virt-viewer --direct -c qemu+ssh://10.66.5.145/system demo-vnc
"Unable to connect to the graphic server 10.66.5.145:5900"

Scenario 3:
1.On host A(ip:10.66.5.145),prepare a vnc guest.

# virsh dumpxml demo-vnc
     <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/>

2.On host B(ip:10.66.5.7),use virt-viewer --direct to launch the guest on host A,it fails with error:
# virt-viewer --direct -c qemu+ssh://10.66.5.145/system demo-vnc
Unable to connect to the graphic server localhost:5900


Actual results:
As described.

Expected results:
Scenario 1:
step 2.1,guest can be connected and no error shows.
step 2.2,guest console should not be effected by local vnc guest and be launched successfully.

Scenario 2:
step 3,guest can be launched successfully.

Scenario 3:
step 2,guest can be launched successfully.

If some of the above scenarios are not supported by --direct option or additional configuration needed,it should be documented in virt-viewer manual/help.

Additional info:
The above issue can be reproduced on spice guest.

Comment 2 RHEL Program Management 2014-03-31 05:47:12 UTC
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.

Comment 3 Christophe Fergeau 2014-04-03 13:09:28 UTC
For scenario 2, I had to disable firewalld on the host (systemctl stop firewalld.service) before being able to successfully run the command, but after that it worked. Please test remote-viewer vnc://10.66.5.145:5900 if scenario 2 is still not working for you after disabling the firewall. If it's working with the firewall disabled, then a bug should be opened against 'another' component to have it fixed (dunno if libvirt or firewalld is the relevant component). If you can still hit the bug with the firewall disabled, can you open a new bug for that as the issue would be different from scenario 3.

For scenario 3, this should be fixed by https://www.redhat.com/archives/virt-tools-list/2014-April/msg00021.html
This bug has been present since virt-viewer 0.5.5 so it most likely impacts RHEL6 as well.

Comment 4 tingting zheng 2014-04-04 08:18:16 UTC
(In reply to Christophe Fergeau from comment #3)
> For scenario 2, I had to disable firewalld on the host (systemctl stop
> firewalld.service) before being able to successfully run the command, but
> after that it worked. Please test remote-viewer vnc://10.66.5.145:5900 if
> scenario 2 is still not working for you after disabling the firewall. If
> it's working with the firewall disabled, then a bug should be opened against
> 'another' component to have it fixed (dunno if libvirt or firewalld is the
> relevant component). If you can still hit the bug with the firewall
> disabled, can you open a new bug for that as the issue would be different
> from scenario 3.

I tested again with scenario 2:
When I disable firewalld service on host 10.66.5.145,then virt-viewer works.After start the firewalld service,error shows as description.So I filed a new firewalld bug 1084367.

Comment 5 tingting zheng 2014-04-04 08:35:19 UTC
Hi, Christophe
    I noticed that you changed the title of the bug,What about scenario 1? Why does local vm affect --direct to launch remote vm as step 2.2 in scenario 1 describes.

Comment 6 Christophe Fergeau 2014-04-04 08:59:07 UTC
I totally missed this (too many separate issues in the same bug :( I opened bug #1084393 to track scenario 1

Comment 7 Christophe Fergeau 2014-04-04 09:02:00 UTC
To make things clear, this bug is now only about scenario 3:

Scenario 3:
1.On host A(ip:10.66.5.145),prepare a vnc guest.

# virsh dumpxml demo-vnc
     <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/>

2.On host B(ip:10.66.5.7),use virt-viewer --direct to launch the guest on host A,it fails with error:
# virt-viewer --direct -c qemu+ssh://10.66.5.145/system demo-vnc
Unable to connect to the graphic server localhost:5900

Comment 10 tingting zheng 2014-07-21 09:24:07 UTC
Tested pass with:
virt-viewer-0.6.0-1.el7.x86_64

Steps:
1.On host A,prepare a vnc guest.

# virsh dumpxml demo-vnc
     <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/>

2.On host B,use virt-viewer --direct to launch the guest on host A.
# virt-viewer --direct -c qemu+ssh://$hostA/system demo-vnc

guest can be launched successfully and the password only need once authtication.

Tested the above steps for spice guest and get the same results,so move the bug to VERIFIED.

Comment 12 errata-xmlrpc 2015-03-05 13:38:58 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0295.html


Note You need to log in before you can comment on or make changes to this bug.