Month: March 2016

Hetzner – kVkm

How to get the vKVM console @Hetzner to work? It ain’t much of a surprise that it doesn’t work out of the box, because the advertised link directs you to a Java applet. That only displayed the header for me, on Linux and Windows 10. But fret not: there is a solution.

Fortunately, when vKVM is running, you can access it via SSH on Port 47772 with the given password. VNC should be listening on Port 47774, but it’s stunnled, so you can’t access it directly. QEMU-VNC is actually listening on Port 5901/tcp, so you have to tunnel you way in.

# ssh -L 5901:<remote_ip>:5901 -l root <remote_ip>

That should forward remote 5901/tcp to something you can access. Now run:

# vncviewer 127.0.0.1::5901

And no, the double colon is no typo! Now go, fix your problems and have fun!

IPv6 configuration Hetzner

(obsolete, superseded by https://tollana.d-tor.org/notes-to-self/?p=585)

Well, another issue I just noticed after the recent reboot of valhalla. When bridging, do never, ever use IPv6 autoconfiguration on the actual ethernet interface or the bridge itself. That will totally screw up the routing!

Disable it by adding the following lines somewhere in /etc/sysctl.d:

net.ipv6.conf.wan.use_tempaddr = 0 
net.ipv6.conf.wan.autoconf = 0 
net.ipv6.conf.br0.use_tempaddr = 0 
net.ipv6.conf.br0.autoconf = 0

You can change it directly by echoing the values to the respective proc files. Unfortunately, the changes only take effect after shutting down and taking the interface up again. So be really, really careful! Be warned: The interface won’t have an IPv6 address any more, so make sure that you have IPv4 connectivity!

You can do this with e.g. screen:

# screen
# ip link set down wan ; sleep 1; ip link set up wan

 

Kernel 4.4.1-2-ARCH and libvirtd

Well, well, well… What a fuckup! As of this writing [2016-03-03] the current versions of the Archlinux Kernel and libvirtd are not working at all. Took me almost a week to figure this out.

There are two issues:

  1. The Kernel package 4.4.1-2-ARCH (which is actually 4.4.3 with patches) crashes silently if you try to start a VM from libvirtd (if you even get so far, but that’s covered below). Honestly, I have no idea why, because it doesn’t sputter an OOPS. What I know: Downgrading to 4.3.3-3-ARCH fixes that issue.
  2. libvirt-1.3.2-1 is broken, or rather libvirtd.service is… It says that libvirtd is of type notify. That may be true, but it doesn’t work. Don’t even bother to fiddle around with polkit rules: It doesn’t work. IMHO polkit is over-engineered.

To fix (1.): Downgrade the Kernel to 4.3.3. If you don’t have a copy, download it here. Install it with:

# pacman -U linux-4.3.3-3-x86_64.pkg.tar.xz
# systemctl reboot

When the older kernel is running (confirm it with uname -a), we can fix (2.) by turning libvirtd.service from Type=notify to Type=simple. Be warned: It may have serious side effects! You’re on your own when you do this!

# cp /usr/lib/systemd/system/libvirtd.service /etc/systemd/system

Now edit /etc/systemd/system/libvirtd.service and comment out Type=notify. This turns libvirtd into a “simple” service, not forking, no authentication, nothing. Then reload everything and start libvirtd, virtlockd and virtlogd:

# systemctl daemon-reload
# systemctl start libvirtd virtlockd virtlogd

Finally (re-)start your virtual machines. Share and enjoy!