Issue
I want to use KVM on Macbook. So what I did to start the kvm is:
qemu-system-x86_64 -m 2G ./bastion-rhel7.qcow2 -accel hvf
The VM starts ok. But I can't ssh [email protected] which is the default vm network interface. it only contains a default vm interface, looks like this:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:12:34:56 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global noprefixroute dynamic ens3
valid_lft 86353sec preferred_lft 86353sec
inet6 fec0::caa4:e2ac:1cf9:230e/64 scope site noprefixroute dynamic
valid_lft 86354sec preferred_lft 14354sec
inet6 fe80::393b:a23c:2981:6282/64 scope link noprefixroute
valid_lft forever preferred_lft forever
After read this article, I know I can attach host-only network if I use virtualbox to fix this problem.
It makes me that if I can attach host-only network for KVM from qemu-system_x86_64 commandline, then I can ssh to my kvm guest. But I don't know how or if this is feasible for kvm.
I appreciate any comments and solutions, all I want to do is to connect the guest vm via ssh from mac hosts.
(My macbook only have wifi connection, so I think "bridge" mode is not an option to me.)
Solution
The default QEMU networking type, which is what you're using, is "user-mode" networking. The IP address the guest VM sees in this setup is not visible outside the VM (it's a little bit like the VM being behind a NAT router). So while the guest can connect outwards, you cannot connect in to the guest unless you configure port forwarding on your QEMU command line. (The QEMU wiki page on networking includes an example of the syntax for this for an SSH port.)
If you need the guest to have an IP address that is publicly visible to the rest of the world (including to the host machine) you need to use a different network backend, like "tap"; that's a lot more complicated to set up, though.
Answered By - Peter Maydell
0 comments:
Post a Comment
Note: Only a member of this blog may post a comment.