Ten Years later, and I finally know how to get virsh to tell me the IP address for a VM.
Continue reading
Getting a Virtual Machine’s IP Address from virsh
5
In Satellite server, Organization != Organization_ID
Spent a good chunk of yesterday and some of this morning stumped by a simple mistake I made. I was trying to use our Satellite server via the Hammer command line tool to launch an instance, and kept getting and error in the content-view section. I tried to list content views and got the same problem. Here is a short section from my bash session.
Deliberate Elevation of Privileges
“Ooops.” — Me, doing something as admin that I didn’t mean to do.
While the sudo mechanism has some warranted criticism, it is still an improvement on doing everything as the root account. The essential addition that sudo provides for the average sys admin is the ability to only grant themselves system admin when they explicitly want it.
A minor addition for todo.txt
I had a simple todo list I managed using shell scripts and git, but I wanted something for the Cell phone. The todo.txt application fills that need now. But I was able to reuse something from my old approach to make it a little more command line friendly.
Continue readingSolutions Architect
Today is my first day at Red Hat! Well, OK, I’ve been here a few years, but today I move from Engineering to Sales. My new role is “Specialist Solutions Architect” where that specialty is Cloud.
I have a lot to learn, and I will try to use this site to record the most important and interesting details I learn.
What are the Cloud Products? well, according to Red Hat’s site, they are (please mentally prepend Red Hat to all of these) OpenStack Platform, OpenShift, CloudForms, Virtualization, Certificate System, Directory Server, as well as products bundles built out of these. Of these all, I’d guess I have the most to learn about CloudForms, as I’ve only recently started working with that. Really, though, I have a lot to learn across the board. I know that both Ansible Tower and Satellite server are major integration points for management of servers in the large, and I’ll be expected to provide expertise there as well. Plus, everything builds on the other product lines: RHEL and variants, as well as the Storage and Networking solutions.
This is going to be fun. Time to dig in.
SE Linux for CentOS Part 3
After the previous two days debugging, Simo Sorce suggested that I need to tell the OS to show all AVCs, some are hidden by default.
SE Linux for CentOS Continued
Trying to troubleshoot the issues from Yesterday’s SELinux errors.
Continue reading
SELinux for Kubevirt on Centos
Without disabling SELinux enforcement, an attempt to deploy a VM generates the following audit message:
type=AVC msg=audit(1504194626.938:877): avc: denied { transition } for pid=9574 comm="libvirtd" path="/usr/local/bin/qemu-system-x86_64" dev="dm-19" ino=31526884 scontext=system_u:system_r:spc_t:s0 tcontext=system_u:system_r:svirt_tcg_t:s0:c408,c741 tclass=process |
Running this through audit2allow provides a little more visibility into the problem:
#============= spc_t ============== #!!!! The file '/usr/local/bin/qemu-system-x86_64' is mislabeled on your system. #!!!! Fix with $ restorecon -R -v /usr/local/bin/qemu-system-x86_64 allow spc_t svirt_tcg_t:process transition; |
This is probably due to running as much of the virtualization machinery in containers. /usr/local/bin/qemu-system-x86_64 comes from inside the libvirt container. It does not exist on the base OS filesystem. Thus, just running restorecon won’t do much.
Deploying Kubevirt on Origin Master
Now that I have a functional OpenShift Origin built from source, I need to deploy KubeVirt on top of it.
Here are my notes. This is rough, and not production quality yet, but should get you started.
Running OpenShift Origin built from source
Kubernetes is moving from Third Party Resources to the Aggregated API Server. In order to work with this and continue to deploy on OpenShift Origin, we need to move from working with the shipped and stable version that is in Fedora 26 to the development version in git. Here are my notes to get it up and running.