Libvirt¶
The libvirt provider manages two types of resources.
libvirt_node¶
Libvirt Domains (or nodes) can be provisioned using this resource.
Topology Schema¶
Within Linchpin, the libvirt_node resource_definition has more options than what are shown in the examples above. For each libvirt_node definition, the following options are available.
libvirt_network¶
Libvirt networks can be provisioned. If a libvirt_network is to be used with a libvirt_node, it must precede it.
Topology Schema¶
Within Linchpin, the libvirt_network resource_definition has more options than what are shown in the examples above. For each libvirt_network definition, the following options are available.
Parameter |
req’d |
type |
where used |
default |
comments |
---|---|---|---|---|---|
role |
true |
string |
role |
||
name |
true |
string |
module: name |
||
uri |
false |
string |
module: name |
qemu:///system |
|
ip |
true |
string |
xml: ip |
||
dhcp_start |
false |
string |
xml: dhcp_start |
||
dhcp_end |
false |
string |
xml: dhcp_end |
||
domain |
false |
string |
xml: domain |
Automated DNS for guests |
|
forward_mode |
false |
string |
xml: forward |
nat |
|
forward_dev |
false |
string |
xml: forward |
||
bridge |
false |
string |
xml: bridge |
||
delete_on_destroy |
false |
boolean |
N/A |
False |
If true, libvirt destroy will destroy and undefine the network |
Note
This resource will not be torn down during a destroy action. This is because other resources may depend on the now existing resource.
Additional Dependencies¶
The libvirt resource group requires several additional dependencies. The following must be installed.
libvirt-devel
libguestfs-tools
python-libguestfs
libvirt-python
python-lxml
For a Fedora 26 machine, the dependencies would be installed using dnf.
$ sudo dnf install libvirt-devel libguestfs-tools python-libguestfs
$ pip install linchpin[libvirt]
Additionally, because libvirt downloads images, certain SELinux libraries must exist.
libselinux-python
For a Fedora 26 machine, the dependencies would be installed using dnf.
$ sudo dnf install libselinux-python
If using a python virtual environment, the selinux libraries must be symlinked. Assuming
a virtualenv of ~/venv
, symlink the libraries.
$ export LIBSELINUX_PATH=/usr/lib64/python2.7/site-packages
$ ln -s ${LIBSELINUX_PATH}/selinux ~/venv/lib/python2.7/site-packages
$ ln -s ${LIBSELINUX_PATH}/_selinux.so ~/venv/lib/python2.7/site-packages
Copying Images¶
New in version 1.5.1
By default, LinchPin manages the libvirt images in a directory that is accessible only by the root user. However, adjustments can be made to allow an unprivileged user to manage Libvirt via LinchPin. These settings can be modified in the :docs1.5:`linchpin.conf <workspace/linchpin.conf>`
This configuration adjustment of linchpin.conf may work for the unprivileged user herlo.
[evars]
libvirt_image_path = ~/libvirt/images/
libvirt_user = herlo
libvirt_become = no
The directory will be created automatically by LinchPin. However, the user may need additional rights, like group membership to access Libvirt. Please see https://libvirt.org for any additional configurations.
Credentials Management¶
Libvirt doesn’t require credentials via LinchPin. Multiple options are available for authenticating against a Libvirt daemon (libvirtd). Most methods are detailed here. If desired, the uri for the resource can be set using one of these mechanisms.
By default, however, libvirt requires sudo access to use. To allow users without sudo access to provision libvirt instances, run the following commands on the target machine:
Create the libvirt group if it does not exist
$ getent group | grep libvirt $ groupadd -g 7777 libvirt
Add user account to libvirt and qemu groups
$ usermod -aG libvirt,qemu <user>
Edit libvirtd configuration to add group
$ cat <<EOF >>/etc/libvirt/libvirtd.conf unix_sock_group = "libvirt" unix_sock_rw_perms = "0770" EOF
Restart the libvirtd daemon
$ systemctl restart libvirtd
The next time the user logs in, they will be able to provision libvirt disks without sudo access