当前位置: 首页 > article >正文

使用virsh远程连接主机遇到的问题

article 2025/2/22 16:28:58

The URI Failed to Connect to the Hypervisor – How to fix common errors

by Gayathri R Nayak | Mar 16, 2021

Are you stuck with the error ‘The URI Failed to Connect to the Hypervisor’ and trying to find a solution for it? You are at the right place.

Different errors can occur when connecting to the server (for example, when running virsh).

Here at Bobcares, we have seen several such hypervisor-related errors as part of our Server Management Services for web hosts and online service providers.

Today we’ll see the errors that occur when the URI fails to connect to the hypervisor.

The URI Failed to Connect to the Hypervisor – How to fix common errors

Now let’s take a look at how our Support Engineers resolve the errors related to the Hypervisor connection.

1. Cannot read CA certificate

The following error (or similar) appears when running the below command.

$ virsh -c qemu://$hostname/system_list
error: failed to connect to the hypervisor
error: Cannot read CA certificate ‘/etc/pki/CA/cacert.pem’: No such file or directory

Cause

This error can occur due to different reasons that include an incorrectly specified URI or a connection that is not configured.

Solution

* Incorrectly specified URI

When specifying qemu://system or qemu://session as a connection URI, virsh attempts to connect to host names’ system or session respectively. Because virsh recognizes the text after the second forward slash as the host.

So we use three forward slashes to connect to the localhost. For example, specifying qemu:///system instructs virsh to connect to the system instance of libvirtd on the localhost.

When we specify a hostname, the QEMU transport defaults to TLS. This results in certificates.

* Connection is not configured

The URI is correct (for example, qemu[+tls]://server/system) but the certificates are not set up properly on our machine.

2. Unable to connect to the server at ‘host:16509’: Connection refused

The connections fail while libvirtd should listen on TCP ports for connections. Here is the error message.

# virsh -c qemu+tcp://host/system
error: failed to connect to the hypervisor
error: unable to connect to server at ‘host:16509’: Connection refused

Even after changing the configuration in /etc/libvirt/libvirtd.conf, the libvirt daemon is not listening on TCP ports:

# grep listen_ /etc/libvirt/libvirtd.conf
listen_tls = 1
listen_tcp = 1
listen_addr = “0.0.0.0”

However, the TCP ports for libvirt are still not open after changing configuration:

# netstat -lntp | grep libvirtd

Cause

Here, the libvirt daemon was started without the –listen option. So, we verify this by running the below command:

# ps aux | grep libvirtd
root 10749 0.1 0.2 558276 18280 ? Ssl 23:21 0:00 /usr/sbin/libvirtd

As a result, the output does not contain the –listen option.

Solution

We start the daemon with the –listen option. For that, we modify the /etc/sysconfig/libvirtd file and uncomment the below line:

# LIBVIRTD_ARGS=”–listen”

Then, we restart the libvirtd service by running the below command:

# /bin/systemctl restart libvirtd.service

3. Authentication Failed

When running a command, the following error (or similar) appears:

$ virsh -c qemu://$hostname/system_list
error: failed to connect to the hypervisor
error: authentication failed: authentication failed

Cause

Sometimes, the authentication may fail even when the correct credentials are used. This can happen when the SASL authentication is not configured.

Solution

First, we edit the /etc/libvirt/libvirtd.conf file and set the value of the auth_tcp parameter to sasl. Then we verify using the below command:

# cat /etc/libvirt/libvirtd.conf | grep auth_tcp
auth_tcp = “sasl”

Next, we edit the /etc/sasl2/libvirt.conf file and add the following lines to the file:

mech_list: digest-md5
sasldb_path: /etc/libvirt/passwd.db

Also, we ensure the cyrus-sasl-md5 package is installed by running:

# yum install cyrus-sasl-md5

After that, we restart the libvirtd service. For that, we run the below command:

# systemctl restart libvirtd

Finally, we set a user name and password for libvirt SASL:

# saslpasswd2 -a libvirt 1

4. Permission Denied

The following error (or similar) appears when running a virsh command as a non-root user:

$ virsh -c qemu://$hostname/system_list
error: Failed to connect socket to ‘/var/run/libvirt/libvirt-sock’: Permission denied
error: failed to connect to the hypervisor

Solution

We edit the /etc/libvirt/libvirt.conf file and add the following lines to the file:

#unix_sock_group = “libvirt”
#unix_sock_ro_perms = “0777”
#unix_sock_rw_perms = “0770”

Then we restart the libvirtd service:

# systemctl restart libvirtd

http://www.kler.cn/a/14971.html

相关文章:

  • Java版本+企业电子招投标系统源代码之电子招投标系统建设的重点和未来趋势
  • 矢量、栅格、瓦片地图傻傻分不清
  • 封装了一个echarts图全屏放大的功能
  • NetApp ONTAP: 企业级数据管理软件,为无缝混合云奠定基础
  • 大学生用什么蓝牙耳机好?2023好用的蓝牙耳机推荐
  • 单片机常见问题分析调试办法
  • 前后端分离常见跨域问题及解决方法
  • 论文阅读:Swin Transformer: Hierarchical Vision Transformer using Shifted Windows
  • 毕业四年换了3份软件测试工作,我为何仍焦虑?
  • CVE漏洞复现-CVE-2016-10033-远程命令执行
  • Scala中使用Typesafe Config 库
  • Java 中的多态是什么,如何实现多态?(六)
  • 【Arduino SD卡和数据记录教程】
  • 2023年第二十届五一数学建模竞赛题目 B题超详细思路
  • CMake(2)-详解-编译-安装-支持GDB-添加环境检查-添加版本号-生成安装包
  • C++(继承下)
  • Node.js二:fs模块
  • js 各种数据类型互相转换的函数
  • python算法中的深度学习算法之长短时记忆网络(详解)
  • 【社区图书馆】-《科技服务与价值链》总结