Bug 1325996 - new NSS module for host name translation of domains managed by libvirt
Summary: new NSS module for host name translation of domains managed by libvirt
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libvirt   
(Show other bugs)
Version: 7.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Michal Privoznik
QA Contact: Virtualization Bugs
Jiri Herrmann
URL:
Whiteboard: TestOnly
Keywords:
: 502847 (view as bug list)
Depends On:
Blocks: libvirtTodoNetwork 1325997
TreeView+ depends on / blocked
 
Reported: 2016-04-11 14:26 UTC by Jaroslav Suchanek
Modified: 2017-03-22 08:31 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Release Note
Doc Text:
New package: _libvirt-nss_ Red Hat Enterprise Linux 7.3 adds the _libvirt-nss_ package, which enables you to use the _libvirt_ Network Security Services (NSS) module. This module makes it easier to connect to guests with TLS, SSL, SSH, as well as other remote login services. In addition, it benefits utilities that use host name translation, such as "ping". For more information, see the Red Hat Enterprise Linux 7 Virtualization Deployment and Administration Guide.
Story Points: ---
Clone Of:
: 1325997 (view as bug list)
Environment:
Last Closed: 2016-11-03 18:41:52 UTC
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:2577 normal SHIPPED_LIVE Moderate: libvirt security, bug fix, and enhancement update 2016-11-03 12:07:06 UTC

Description Jaroslav Suchanek 2016-04-11 14:26:27 UTC
Libvirt version 1.3.3 introduced NSS module for host name translation of domains managed by it.

The module is distributed as libvirt subpackage, so for example for version 1.3.3-1, the name is libvirt-nss-1.3.3-1.el7, and is installed as /usr/lib64/libnss_libvirt.so.2.

The usage is documented here http://libvirt.org/nss.html.

Comment 1 yafu 2016-05-06 15:04:55 UTC
Hi,Jaroslav, I tried to verify the bug with libvirt-1.3.4-1.el7.x86_64 and found it still can not get the guest's hostname using 'virsh net-dhcp-leases'. Would you please help to check that? Thanks a lot.

My test steps:
1.Check libvirt-nss has installed:
 #rpm -q libvirt-nss
 libvirt-nss-1.3.4-1.el7.x86_64

2.Add libvirt into /etc/nsswitch.conf:
  #cat /etc/nsswitch.conf
   ...
   hosts: files libvirt dns
   ...

3.Prepare a running guest with interface using NATed networks ;
 #virsh dumpxml rhel7.2
  ...
  <interface type='network'>
      <mac address='52:54:00:c6:3b:95'/>
      <source network='default' bridge='virbr0'/>
      <target dev='vnet0'/>
      <model type='virtio'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    </interface>
  ...

4.Set the guest's hostname:
 #cat /etc/hosts
  192.168.122.133 nss-test
 #service network restart
 #hostname
  nss-test

5.Run 'virsh net-dhcp-leases' in the host and can not get the guest's hostname:
 #virsh net-dhcp-leases default
 Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2016-05-05 19:10:55  52:54:00:c6:3b:95  ipv4      192.168.122.133/24    
    -               -

Comment 2 Michal Privoznik 2016-05-09 07:12:24 UTC
(In reply to yafu from comment #1)
> Hi,Jaroslav, I tried to verify the bug with libvirt-1.3.4-1.el7.x86_64 and
> found it still can not get the guest's hostname using 'virsh
> net-dhcp-leases'. Would you please help to check that? Thanks a lot.
> 
> My test steps:
> 1.Check libvirt-nss has installed:
>  #rpm -q libvirt-nss
>  libvirt-nss-1.3.4-1.el7.x86_64
> 
> 2.Add libvirt into /etc/nsswitch.conf:
>   #cat /etc/nsswitch.conf
>    ...
>    hosts: files libvirt dns
>    ...
> 
> 3.Prepare a running guest with interface using NATed networks ;
>  #virsh dumpxml rhel7.2
>   ...
>   <interface type='network'>
>       <mac address='52:54:00:c6:3b:95'/>
>       <source network='default' bridge='virbr0'/>
>       <target dev='vnet0'/>
>       <model type='virtio'/>
>       <alias name='net0'/>
>       <address type='pci' domain='0x0000' bus='0x00' slot='0x02'
> function='0x0'/>
>     </interface>
>   ...
> 
> 4.Set the guest's hostname:
>  #cat /etc/hosts
>   192.168.122.133 nss-test
>  #service network restart
>  #hostname
>   nss-test

Whole point of nss module is to not do this. I mean, you don't need to even configure static IP addresses, set up hosts file. None of that.

> 
> 5.Run 'virsh net-dhcp-leases' in the host and can not get the guest's
> hostname:
>  #virsh net-dhcp-leases default
>  Expiry Time          MAC address        Protocol  IP address               
> Hostname        Client ID or DUID
> -----------------------------------------------------------------------------
> --------------------------------------
>  2016-05-05 19:10:55  52:54:00:c6:3b:95  ipv4      192.168.122.133/24    
>     -               -

What's the hostname set in the gest? That is important, because that is going to be the name that guest will be accessible by. So even if your domain in libvirt is called nss-test, but it has its hostname set to my_awesome_machine, the latter is going to be resolvable:

$ ping my_awesome_machine

Or maybe your domain has a hostname set but is not advertising it via DHCP. What's the network XML btw?

Comment 3 yafu 2016-05-10 10:50:39 UTC
(In reply to Michal Privoznik from comment #2)
> (In reply to yafu from comment #1)
> > Hi,Jaroslav, I tried to verify the bug with libvirt-1.3.4-1.el7.x86_64 and
> > found it still can not get the guest's hostname using 'virsh
> > net-dhcp-leases'. Would you please help to check that? Thanks a lot.
> > 
> > My test steps:
> > 1.Check libvirt-nss has installed:
> >  #rpm -q libvirt-nss
> >  libvirt-nss-1.3.4-1.el7.x86_64
> > 
> > 2.Add libvirt into /etc/nsswitch.conf:
> >   #cat /etc/nsswitch.conf
> >    ...
> >    hosts: files libvirt dns
> >    ...
> > 
> > 3.Prepare a running guest with interface using NATed networks ;
> >  #virsh dumpxml rhel7.2
> >   ...
> >   <interface type='network'>
> >       <mac address='52:54:00:c6:3b:95'/>
> >       <source network='default' bridge='virbr0'/>
> >       <target dev='vnet0'/>
> >       <model type='virtio'/>
> >       <alias name='net0'/>
> >       <address type='pci' domain='0x0000' bus='0x00' slot='0x02'
> > function='0x0'/>
> >     </interface>
> >   ...
> > 
> > 4.Set the guest's hostname:
> >  #cat /etc/hosts
> >   192.168.122.133 nss-test
> >  #service network restart
> >  #hostname
> >   nss-test
> 
> Whole point of nss module is to not do this. I mean, you don't need to even
> configure static IP addresses, set up hosts file. None of that.
 
Step4 is executed in the guest and it does not configure static IP address, just configure hostname for the guest.

> 
> > 
> > 5.Run 'virsh net-dhcp-leases' in the host and can not get the guest's
> > hostname:
> >  #virsh net-dhcp-leases default
> >  Expiry Time          MAC address        Protocol  IP address               
> > Hostname        Client ID or DUID
> > -----------------------------------------------------------------------------
> > --------------------------------------
> >  2016-05-05 19:10:55  52:54:00:c6:3b:95  ipv4      192.168.122.133/24    
> >     -               -
> 
> What's the hostname set in the gest? That is important, because that is
> going to be the name that guest will be accessible by. So even if your
> domain in libvirt is called nss-test, but it has its hostname set to
> my_awesome_machine, the latter is going to be resolvable:
> 
> $ ping my_awesome_machine
> 
> Or maybe your domain has a hostname set but is not advertising it via DHCP.
> What's the network XML btw?


The hostname setting in the guest is 'nss-test', and I can not execute "ping nss-test" from host successfully if I did not configure the /etc/hosts files in the host.

My network XML is as follows:

#virsh net-dumpxml default
 <network connections='1'>
  <name>default</name>
  <uuid>3fe17380-b7ec-47eb-98fe-b9237ef3f5ed</uuid>
  <forward mode='nat'>
    <nat>
      <port start='1024' end='65535'/>
    </nat>
  </forward>
  <bridge name='virbr0' stp='on' delay='0'/>
  <mac address='52:54:00:d8:12:11'/>
  <bandwidth>
    <inbound average='1000' peak='5000' burst='5120'/>
    <outbound average='128' peak='256' burst='256'/>
  </bandwidth>
  <ip address='192.168.122.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.122.2' end='192.168.122.254'/>
    </dhcp>
  </ip>
</network>

Comment 4 Michal Privoznik 2016-05-10 12:17:09 UTC
(In reply to yafu from comment #3)
>>> <snip/>
> 
> 
> The hostname setting in the guest is 'nss-test', and I can not execute "ping
> nss-test" from host successfully if I did not configure the /etc/hosts files
> in the host.
> 

That's not how you set hostname in a system. You should use hostnamectl or edit /etc/sysconfig/network and set HOSTNAME variable. Because of internal implementation, nss plugin will work iff net-dhcp-leases prints out hostname set in guest.

Also, there's nothing wrong with your network XML.

Comment 5 yafu 2016-05-11 07:15:17 UTC
(In reply to Michal Privoznik from comment #4)
> (In reply to yafu from comment #3)
> >>> <snip/>
> > 
> > 
> > The hostname setting in the guest is 'nss-test', and I can not execute "ping
> > nss-test" from host successfully if I did not configure the /etc/hosts files
> > in the host.
> > 
> 
> That's not how you set hostname in a system. You should use hostnamectl or
> edit /etc/sysconfig/network and set HOSTNAME variable. Because of internal
> implementation, nss plugin will work iff net-dhcp-leases prints out hostname
> set in guest.
> 
> Also, there's nothing wrong with your network XML.


Thanks for your quick replay. It works correctly when set HOSTNAME in the /etc/sysconfig/network or use 'hostnamectl set-hostname'. 
However, I met another issue: modify the guest's mac address and restart guest  after 'virsh net-dhcp-leases' getting the hostname successfully, the 'virsh net-dhcp-leases' will have two ip address corresponded to the same hostname, it will lead to 'ping guest's hostname' failed in the host. 

steps:
1.Do steps1-3 just as comment 1;

2.In guest, set hostname using 'hostnamectl':
 #hostnamectl set-hostname 'nss-test'
 #service network restart
 #hostname
 nss-test

3.Run 'virsh net-dhcp-leases' in the host:
# /usr/bin/virsh net-dhcp-leases default
 Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2016-05-11 15:19:15  52:54:00:c6:3b:95  ipv4      192.168.122.133/24        nss-test     -

4.Ping guest's hostname:
#ping nss-test
PING nss-test8 (192.168.122.133) 56(84) bytes of data.
64 bytes from 192.168.122.133: icmp_seq=1 ttl=64 time=0.178 ms
64 bytes from 192.168.122.133: icmp_seq=2 ttl=64 time=0.198 ms
64 bytes from 192.168.122.133: icmp_seq=3 ttl=64 time=0.180 ms
64 bytes from 192.168.122.133: icmp_seq=4 ttl=64 time=0.184 ms
....


5.Use 'virsh edit' to change the guest's mac:
 #virsh edit rhel7.1
   ...
  <interface type='network'>
      <mac address='52:54:00:c6:3b:96'/>
      <source network='default' bridge='virbr0'/>
      <target dev='vnet0'/>
      <model type='virtio'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    </interface>
  ...

6.Restart the guest:
 #virsh destroy rhel7.1
 #virsh start rhel7.1

7.Run 'virsh net-dhcp-leases' in the host:
Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2016-05-11 15:19:15  52:54:00:c6:3b:95  ipv4      192.168.122.133/24        nss-test     -
 2016-05-11 15:27:04  52:54:00:c6:3b:96  ipv4      192.168.122.15/24         nss-test  
    -
8.Ping guest's hostname:
#ping nss-test
PING nss-test8 (192.168.122.133) 56(84) bytes of data.
From 192.168.122.1 icmp_seq=1 Destination Host Unreachable
From 192.168.122.1 icmp_seq=2 Destination Host Unreachable
From 192.168.122.1 icmp_seq=3 Destination Host Unreachable
From 192.168.122.1 icmp_seq=4 Destination Host Unreachable
^C

Comment 6 Michal Privoznik 2016-05-11 09:42:07 UTC
(In reply to yafu from comment #5)
> (In reply to Michal Privoznik from comment #4)
> > (In reply to yafu from comment #3)
> > >>> <snip/>
> > > 
> > > 
> > > The hostname setting in the guest is 'nss-test', and I can not execute "ping
> > > nss-test" from host successfully if I did not configure the /etc/hosts files
> > > in the host.
> > > 
> > 
> > That's not how you set hostname in a system. You should use hostnamectl or
> > edit /etc/sysconfig/network and set HOSTNAME variable. Because of internal
> > implementation, nss plugin will work iff net-dhcp-leases prints out hostname
> > set in guest.
> > 
> > Also, there's nothing wrong with your network XML.
> 
> 
> Thanks for your quick reply. It works correctly when set HOSTNAME in the
> /etc/sysconfig/network or use 'hostnamectl set-hostname'. 

What a great news.

> However, I met another issue: modify the guest's mac address and restart
> guest  after 'virsh net-dhcp-leases' getting the hostname successfully, the
> 'virsh net-dhcp-leases' will have two ip address corresponded to the same
> hostname, it will lead to 'ping guest's hostname' failed in the host. 
> 
> steps:
> 1.Do steps1-3 just as comment 1;
> 
> 2.In guest, set hostname using 'hostnamectl':
>  #hostnamectl set-hostname 'nss-test'
>  #service network restart
>  #hostname
>  nss-test
> 
> 3.Run 'virsh net-dhcp-leases' in the host:
> # /usr/bin/virsh net-dhcp-leases default
>  Expiry Time          MAC address        Protocol  IP address               
> Hostname        Client ID or DUID
> -----------------------------------------------------------------------------
> --------------------------------------
>  2016-05-11 15:19:15  52:54:00:c6:3b:95  ipv4      192.168.122.133/24       
> nss-test     -
> 
> 4.Ping guest's hostname:
> #ping nss-test
> PING nss-test8 (192.168.122.133) 56(84) bytes of data.
> 64 bytes from 192.168.122.133: icmp_seq=1 ttl=64 time=0.178 ms
> 64 bytes from 192.168.122.133: icmp_seq=2 ttl=64 time=0.198 ms
> 64 bytes from 192.168.122.133: icmp_seq=3 ttl=64 time=0.180 ms
> 64 bytes from 192.168.122.133: icmp_seq=4 ttl=64 time=0.184 ms
> ....
> 
> 
> 5.Use 'virsh edit' to change the guest's mac:
>  #virsh edit rhel7.1
>    ...
>   <interface type='network'>
>       <mac address='52:54:00:c6:3b:96'/>
>       <source network='default' bridge='virbr0'/>
>       <target dev='vnet0'/>
>       <model type='virtio'/>
>       <alias name='net0'/>
>       <address type='pci' domain='0x0000' bus='0x00' slot='0x02'
> function='0x0'/>
>     </interface>
>   ...
> 
> 6.Restart the guest:
>  #virsh destroy rhel7.1
>  #virsh start rhel7.1
> 
> 7.Run 'virsh net-dhcp-leases' in the host:
> Expiry Time          MAC address        Protocol  IP address               
> Hostname        Client ID or DUID
> -----------------------------------------------------------------------------
> --------------------------------------
>  2016-05-11 15:19:15  52:54:00:c6:3b:95  ipv4      192.168.122.133/24       
> nss-test     -
>  2016-05-11 15:27:04  52:54:00:c6:3b:96  ipv4      192.168.122.15/24        
> nss-test  
>     -
> 8.Ping guest's hostname:
> #ping nss-test
> PING nss-test8 (192.168.122.133) 56(84) bytes of data.
> From 192.168.122.1 icmp_seq=1 Destination Host Unreachable
> From 192.168.122.1 icmp_seq=2 Destination Host Unreachable
> From 192.168.122.1 icmp_seq=3 Destination Host Unreachable
> From 192.168.122.1 icmp_seq=4 Destination Host Unreachable
> ^C

This is expected as there are two records, two IP addresses for a hostname but only one works. The same would happen if you'd put those two addresses into /etc/hosts file. Thing is, we can't remove the old lease until it expires. The lease is valid throughout its lifetime even though we know (due to a side channel) that guests no longed lives. BTW I guess if you'd 'virsh shutdown' instead of destroy the nss plugin will still work. This is because while doing graceful shutdown, systems tend to release all the DHCP leases allowing DHCP servers to adjust their records.

Comment 7 yafu 2016-05-12 09:39:01 UTC
(In reply to Michal Privoznik from comment #6)
> (In reply to yafu from comment #5)
> > (In reply to Michal Privoznik from comment #4)
> > > (In reply to yafu from comment #3)
> > > >>> <snip/>
> > > > 
> > > > 
> > > > The hostname setting in the guest is 'nss-test', and I can not execute "ping
> > > > nss-test" from host successfully if I did not configure the /etc/hosts files
> > > > in the host.
> > > > 
> > > 
> > > That's not how you set hostname in a system. You should use hostnamectl or
> > > edit /etc/sysconfig/network and set HOSTNAME variable. Because of internal
> > > implementation, nss plugin will work iff net-dhcp-leases prints out hostname
> > > set in guest.
> > > 
> > > Also, there's nothing wrong with your network XML.
> > 
> > 
> > Thanks for your quick reply. It works correctly when set HOSTNAME in the
> > /etc/sysconfig/network or use 'hostnamectl set-hostname'. 
> 
> What a great news.
> 
> > However, I met another issue: modify the guest's mac address and restart
> > guest  after 'virsh net-dhcp-leases' getting the hostname successfully, the
> > 'virsh net-dhcp-leases' will have two ip address corresponded to the same
> > hostname, it will lead to 'ping guest's hostname' failed in the host. 
> > 
> > steps:
> > 1.Do steps1-3 just as comment 1;
> > 
> > 2.In guest, set hostname using 'hostnamectl':
> >  #hostnamectl set-hostname 'nss-test'
> >  #service network restart
> >  #hostname
> >  nss-test
> > 
> > 3.Run 'virsh net-dhcp-leases' in the host:
> > # /usr/bin/virsh net-dhcp-leases default
> >  Expiry Time          MAC address        Protocol  IP address               
> > Hostname        Client ID or DUID
> > -----------------------------------------------------------------------------
> > --------------------------------------
> >  2016-05-11 15:19:15  52:54:00:c6:3b:95  ipv4      192.168.122.133/24       
> > nss-test     -
> > 
> > 4.Ping guest's hostname:
> > #ping nss-test
> > PING nss-test8 (192.168.122.133) 56(84) bytes of data.
> > 64 bytes from 192.168.122.133: icmp_seq=1 ttl=64 time=0.178 ms
> > 64 bytes from 192.168.122.133: icmp_seq=2 ttl=64 time=0.198 ms
> > 64 bytes from 192.168.122.133: icmp_seq=3 ttl=64 time=0.180 ms
> > 64 bytes from 192.168.122.133: icmp_seq=4 ttl=64 time=0.184 ms
> > ....
> > 
> > 
> > 5.Use 'virsh edit' to change the guest's mac:
> >  #virsh edit rhel7.1
> >    ...
> >   <interface type='network'>
> >       <mac address='52:54:00:c6:3b:96'/>
> >       <source network='default' bridge='virbr0'/>
> >       <target dev='vnet0'/>
> >       <model type='virtio'/>
> >       <alias name='net0'/>
> >       <address type='pci' domain='0x0000' bus='0x00' slot='0x02'
> > function='0x0'/>
> >     </interface>
> >   ...
> > 
> > 6.Restart the guest:
> >  #virsh destroy rhel7.1
> >  #virsh start rhel7.1
> > 
> > 7.Run 'virsh net-dhcp-leases' in the host:
> > Expiry Time          MAC address        Protocol  IP address               
> > Hostname        Client ID or DUID
> > -----------------------------------------------------------------------------
> > --------------------------------------
> >  2016-05-11 15:19:15  52:54:00:c6:3b:95  ipv4      192.168.122.133/24       
> > nss-test     -
> >  2016-05-11 15:27:04  52:54:00:c6:3b:96  ipv4      192.168.122.15/24        
> > nss-test  
> >     -
> > 8.Ping guest's hostname:
> > #ping nss-test
> > PING nss-test8 (192.168.122.133) 56(84) bytes of data.
> > From 192.168.122.1 icmp_seq=1 Destination Host Unreachable
> > From 192.168.122.1 icmp_seq=2 Destination Host Unreachable
> > From 192.168.122.1 icmp_seq=3 Destination Host Unreachable
> > From 192.168.122.1 icmp_seq=4 Destination Host Unreachable
> > ^C
> 
> This is expected as there are two records, two IP addresses for a hostname
> but only one works. The same would happen if you'd put those two addresses
> into /etc/hosts file. Thing is, we can't remove the old lease until it
> expires. The lease is valid throughout its lifetime even though we know (due
> to a side channel) that guests no longed lives. BTW I guess if you'd 'virsh
> shutdown' instead of destroy the nss plugin will still work. This is because
> while doing graceful shutdown, systems tend to release all the DHCP leases
> allowing DHCP servers to adjust their records.


Got it. Thanks for your patiently and professional reply.

Comment 8 yafu 2016-05-12 09:47:19 UTC
Verify pass on build libvirt-1.3.4-1.el7.x86_64.

steps:
1.Check libvirt-nss has installed:
 #rpm -q libvirt-nss
 libvirt-nss-1.3.4-1.el7.x86_64

2.Add libvirt into /etc/nsswitch.conf:
  #cat /etc/nsswitch.conf
   ...
   hosts: files libvirt dns
   ...

3.Prepare a running guest with interface using NATed networks ;
 #virsh dumpxml rhel7.2
  ...
  <interface type='network'>
      <mac address='52:54:00:c6:3b:95'/>
      <source network='default' bridge='virbr0'/>
      <target dev='vnet0'/>
      <model type='virtio'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    </interface>
  ...

4.In guest, set hostname using 'hostnamectl':
 #hostnamectl set-hostname 'nss-test'
 #service network restart
 #hostname
 nss-test

5.Run 'virsh net-dhcp-leases' in the host and could see the hostname of the guest:
#virsh net-dhcp-leases default
 Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2016-05-11 15:19:15  52:54:00:c6:3b:95  ipv4      192.168.122.133/24        nss-test     -

6.Ping guest's hostname:
#ping nss-test
PING nss-test (192.168.122.133) 56(84) bytes of data.
64 bytes from 192.168.122.133: icmp_seq=1 ttl=64 time=0.178 ms
64 bytes from 192.168.122.133: icmp_seq=2 ttl=64 time=0.198 ms
64 bytes from 192.168.122.133: icmp_seq=3 ttl=64 time=0.180 ms
64 bytes from 192.168.122.133: icmp_seq=4 ttl=64 time=0.184 ms
...

Comment 9 yalzhang@redhat.com 2016-09-02 07:14:25 UTC
Hi Michal,

I have a question here. If I set the hostname of the guest with a '.', and check on the host, it will automatically cut off and only left the first field. 

For example, on the guest it is 'test.domain', and on the host, it is 'test'. If this is expected?

[guest]# hostname
test.domain

[host]# virsh net-dhcp-leases default
 Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2016-09-02 15:56:53  52:54:00:3a:c3:e8  ipv4      192.168.122.231/24        test            -

Comment 10 Michal Privoznik 2016-09-02 08:01:04 UTC
(In reply to yalzhang@redhat.com from comment #9)
> Hi Michal,
> 

Yes, usually dot delimits fields in URI. Therefore in your case the hostname is just 'test' really. Moreover, if you'd try to sniff on DHCP traffic when the domain is starting up, you'd see that it (correctly) advertises just 'test' as its hostname.

Comment 12 errata-xmlrpc 2016-11-03 18:41:52 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-2577.html

Comment 13 Michal Privoznik 2017-01-04 14:53:11 UTC
*** Bug 502847 has been marked as a duplicate of this bug. ***

Comment 14 yalzhang@redhat.com 2017-03-22 02:14:07 UTC
Hi Michal,

I'm curious about prerequisites for virbr0.status record the "hostname". Because there is one host on which all the guests can not have its hostname recorded in the $bridge.status file.

# rpm -q libvirt-nss
libvirt-nss-3.1.0-2.el7.x86_64

1. set this in /etc/nsswitch.conf
hosts:      files libvirt libvirt_guest dns myhostname

2. start a guest

3. set guest's hostname
# hostnamectl set-hostname nssguest
# hostnamectl 
   Static hostname: nssguest
         Icon name: computer-vm
           Chassis: vm
        Machine ID: 3a64f920c2af4bbba84f805fbce3017b
           Boot ID: d97fa9ae5759457aae888a262449e559
    Virtualization: kvm
  Operating System: Red Hat Enterprise Linux Server 7.3 Beta (Maipo)
       CPE OS Name: cpe:/o:redhat:enterprise_linux:7.3:beta:server
            Kernel: Linux 3.10.0-461.el7.x86_64
      Architecture: x86-64
# hostnamectl --static
nssguest
# hostnamectl --transient
nssguest

4. attach an interface then dhclient on the guest to get the ip address

5. check on host, the guest's hostname is not recorded
# cat /var/lib/libvirt/dnsmasq/virbr0.status
[
  {
    "ip-address": "192.168.122.183",
    "mac-address": "52:54:00:5e:fd:a4",
    "expiry-time": 1490151911
  },
  {
    "ip-address": "192.168.122.84",
    "mac-address": "52:54:00:41:00:2e",
    "expiry-time": 1490151911
  }
]

# virsh net-dhcp-leases default
 Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2017-03-22 11:05:11  52:54:00:41:00:2e  ipv4      192.168.122.84/24         -               -
 2017-03-22 11:05:11  52:54:00:5e:fd:a4  ipv4      192.168.122.183/24        -               -

I have another host, it works well with the same libvirt-nss version. I don't know where it broken, 
1) dhclient on the guest do not report its hostname? 
2) libvirt didn't fetch it and write it to the status file?

Comment 15 Michal Privoznik 2017-03-22 08:31:56 UTC
(In reply to yalzhang@redhat.com from comment #14)
> Hi Michal,
> 
> I'm curious about prerequisites for virbr0.status record the "hostname".
> Because there is one host on which all the guests can not have its hostname
> recorded in the $bridge.status file.
> 
> # rpm -q libvirt-nss
> libvirt-nss-3.1.0-2.el7.x86_64
> 
> 1. set this in /etc/nsswitch.conf
> hosts:      files libvirt libvirt_guest dns myhostname
> 
> 2. start a guest
> 
> 3. set guest's hostname
> # hostnamectl set-hostname nssguest
> # hostnamectl 
>    Static hostname: nssguest
>          Icon name: computer-vm
>            Chassis: vm
>         Machine ID: 3a64f920c2af4bbba84f805fbce3017b
>            Boot ID: d97fa9ae5759457aae888a262449e559
>     Virtualization: kvm
>   Operating System: Red Hat Enterprise Linux Server 7.3 Beta (Maipo)
>        CPE OS Name: cpe:/o:redhat:enterprise_linux:7.3:beta:server
>             Kernel: Linux 3.10.0-461.el7.x86_64
>       Architecture: x86-64
> # hostnamectl --static
> nssguest
> # hostnamectl --transient
> nssguest
> 
> 4. attach an interface then dhclient on the guest to get the ip address
> 
> 5. check on host, the guest's hostname is not recorded
> # cat /var/lib/libvirt/dnsmasq/virbr0.status
> [
>   {
>     "ip-address": "192.168.122.183",
>     "mac-address": "52:54:00:5e:fd:a4",
>     "expiry-time": 1490151911
>   },
>   {
>     "ip-address": "192.168.122.84",
>     "mac-address": "52:54:00:41:00:2e",
>     "expiry-time": 1490151911
>   }
> ]
> 
> # virsh net-dhcp-leases default
>  Expiry Time          MAC address        Protocol  IP address               
> Hostname        Client ID or DUID
> -----------------------------------------------------------------------------
> --------------------------------------
>  2017-03-22 11:05:11  52:54:00:41:00:2e  ipv4      192.168.122.84/24        
> -               -
>  2017-03-22 11:05:11  52:54:00:5e:fd:a4  ipv4      192.168.122.183/24       
> -               -
> 
> I have another host, it works well with the same libvirt-nss version. I
> don't know where it broken, 
> 1) dhclient on the guest do not report its hostname? 

Some dhcp clients don't send hostnames. That's where libvirt_guest NSS module should come handy.

> 2) libvirt didn't fetch it and write it to the status file?

Have you tried restarting the libvirt network? Restart the network and then start the guest again. It should work.


Note You need to log in before you can comment on or make changes to this bug.