* Network with QEMU generated image (guix system vm)?
@ 2016-09-24 19:44 ng0
2016-09-24 19:47 ` ng0
` (2 more replies)
0 siblings, 3 replies; 21+ messages in thread
From: ng0 @ 2016-09-24 19:44 UTC (permalink / raw)
To: guix-devel
[-- Attachment #1: Type: text/plain, Size: 534 bytes --]
I feel like this should be documented better, because I can't figure it
out.
I should not waste time on figuring out how a service I need to test in
the VM can get internet access.
Currently I can't ping, git can't clone, gnunet-service can't get its
hosts lists, etc. I just need to test one service, I don't want to spend
days on figuring out why I can get no in/out connection.
Can someone please help me, so that we can improve configuration?
Appended are 2 versions of the testvm.scm I used in my branch of
gnunet-service.
[-- Attachment #2: testvm.scm --]
[-- Type: application/octet-stream, Size: 1891 bytes --]
;; bare bones, no X11 server.
(use-modules (gnu) (gnu system nss))
(use-service-modules networking dbus avahi desktop)
(use-package-modules certs suckless admin xorg)
(use-package-modules gnunet emacs version-control avahi ssh)
(operating-system
(host-name "testvm")
(timezone "UTC")
(locale "en_US.UTF-8")
(bootloader (grub-configuration (device "/dev/sda")))
(file-systems
(list (file-system
(mount-point "/")
(device "dummy")
(type "dummy"))
%binary-format-file-system))
(users (list (user-account
(name "bobthecrashtestdummy")
(comment "")
(group "users")
(supplementary-groups '("wheel" "netdev"
"audio" "video"
"gnunet"))
(home-directory "/home/bobthecrashtestdummy")
(password ""))))
(services (cons* ;;(slim-service #:auto-login? #t
;; #:default-user "bobthecrashtestdummy")
(console-keymap-service "de")
;;(static-networking-service "eth0" "10.0.2.10"
;; #:name-servers '("10.0.2.3")
;; #:gateway "10.0.2.2")
;;(avahi-service)
;;(dbus-service (list avahi))
(gnunet-service)
(dhcp-client-service)
;;(lsh-service)
%base-services))
;;(xfce-desktop-service)
;;%desktop-services))
(pam-services
(base-pam-services #:allow-empty-passwords? #t))
(packages (cons* git st sudo nss-certs xterm
avahi findutils grep which xmodmap
tcpdump gnunet gnunet-gtk tree
%base-packages)))
[-- Attachment #3: testvm-new.scm --]
[-- Type: application/octet-stream, Size: 1826 bytes --]
;; bare bones, no X11 server.
(use-modules (gnu) (gnu system nss))
(use-service-modules dbus avahi networking desktop)
(use-package-modules certs suckless admin xorg tmux)
(use-package-modules gnunet emacs version-control avahi ssh)
(operating-system
(host-name "testvm")
(timezone "UTC")
(locale "en_US.UTF-8")
;;(bootloader (grub-configuration (device "/dev/sda")))
;; (file-systems
;; (list (file-system
;; (mount-point "/")
;; (device "dummy")
;; (type "dummy"))
;; %binary-format-file-system))
(bootloader (grub-configuration (device "/dev/vda")))
(file-systems
(cons
(file-system
(device "/dev/vda1")
(mount-point "/")
(type "ext4"))
%base-file-systems))
(users (list (user-account
(name "z")
(comment "")
(group "users")
(supplementary-groups '("wheel" "netdev"
"audio" "video"
"gnunet"))
(home-directory "/home/z")
(password ""))))
(services
(cons* (console-keymap-service "de")
;; (static-networking-service "eth0" "192.168.1.209"
;; #:name-servers '("192.168.1.1")
;; #:gateway "192.168.1.255")
;;(avahi-service)
(gnunet-service)
;;(dhcp-client-service)
(xfce-desktop-service)
;;%base-services))
%desktop-services))
(pam-services
(base-pam-services #:allow-empty-passwords? #t))
(packages (cons* git st sudo nss-certs xterm
avahi findutils grep which xmodmap
tcpdump gnunet gnunet-gtk tree
tmux
%base-packages)))
[-- Attachment #4: Type: text/plain, Size: 23 bytes --]
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-24 19:44 Network with QEMU generated image (guix system vm)? ng0
@ 2016-09-24 19:47 ` ng0
2016-09-24 20:16 ` Jan Nieuwenhuizen
2016-09-28 8:34 ` Ludovic Courtès
2 siblings, 0 replies; 21+ messages in thread
From: ng0 @ 2016-09-24 19:47 UTC (permalink / raw)
To: guix-devel
ng0 <ngillmann@runbox.com> writes:
> I feel like this should be documented better, because I can't figure it
> out.
>
> I should not waste time on figuring out how a service I need to test in
> the VM can get internet access.
>
> Currently I can't ping, git can't clone, gnunet-service can't get its
> hosts lists, etc. I just need to test one service, I don't want to spend
> days on figuring out why I can get no in/out connection.
>
> Can someone please help me, so that we can improve configuration?
^ I meant documentation.
>
>
> Appended are 2 versions of the testvm.scm I used in my branch of
> gnunet-service.
>
>
> --
> ng0
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-24 19:44 Network with QEMU generated image (guix system vm)? ng0
2016-09-24 19:47 ` ng0
@ 2016-09-24 20:16 ` Jan Nieuwenhuizen
2016-09-24 20:33 ` ng0
2016-09-28 8:34 ` Ludovic Courtès
2 siblings, 1 reply; 21+ messages in thread
From: Jan Nieuwenhuizen @ 2016-09-24 20:16 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
ng0 writes:
> I feel like this should be documented better, because I can't figure it
> out.
I'm doing something like
/gnu/store/cgb3rvmyddy114vzp9xk2y05vwn3ka18-run-vm.sh -net nic -net user,hostfwd=tcp::2223-:2222,hostfwd=tcp::3001-:3000,hostfwd=tcp::5433-:5432&
together with (dhcp-client-service) you can connect in (via port
forwarding) and out.
Another trick that I use and would be nice easier accessible is to have
the console output to your terminal (or emacs shell) like so
sed -e 's,-append ",-append "console=ttyS0 ,' /gnu/store/s5y87jg79gh3nw8lv3q3rrj1i8wafmaj-run-vm.sh > vm.sh
chmod +x vm.sh
instead of the graphical box popup.
HTH,
Jan
--
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.nl
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-24 20:16 ` Jan Nieuwenhuizen
@ 2016-09-24 20:33 ` ng0
2016-09-24 20:52 ` Jan Nieuwenhuizen
0 siblings, 1 reply; 21+ messages in thread
From: ng0 @ 2016-09-24 20:33 UTC (permalink / raw)
To: Jan Nieuwenhuizen; +Cc: guix-devel
Hi,
Jan Nieuwenhuizen <janneke@gnu.org> writes:
> ng0 writes:
>
>> I feel like this should be documented better, because I can't figure it
>> out.
>
> I'm doing something like
>
> /gnu/store/cgb3rvmyddy114vzp9xk2y05vwn3ka18-run-vm.sh -net nic -net user,hostfwd=tcp::2223-:2222,hostfwd=tcp::3001-:3000,hostfwd=tcp::5433-:5432&
>
> together with (dhcp-client-service) you can connect in (via port
> forwarding) and out.
I think there's a misunderstanding. I don't need to do in/out from host
to vm, I need a simple VM -> WORLD connection. What you wrote could
help with testing the git-service one last time as this does require
host<->vm connection, thanks.
> Another trick that I use and would be nice easier accessible is to have
> the console output to your terminal (or emacs shell) like so
>
> sed -e 's,-append ",-append "console=ttyS0 ,' /gnu/store/s5y87jg79gh3nw8lv3q3rrj1i8wafmaj-run-vm.sh > vm.sh
> chmod +x vm.sh
>
> instead of the graphical box popup.
>
> HTH,
> Jan
>
> --
> Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
> Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.nl
>
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-24 20:33 ` ng0
@ 2016-09-24 20:52 ` Jan Nieuwenhuizen
2016-09-24 21:17 ` ng0
0 siblings, 1 reply; 21+ messages in thread
From: Jan Nieuwenhuizen @ 2016-09-24 20:52 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
ng0 writes:
>> /gnu/store/cgb3rvmyddy114vzp9xk2y05vwn3ka18-run-vm.sh -net nic -net user,hostfwd=tcp::2223-:2222,hostfwd=tcp::3001-:3000,hostfwd=tcp::5433-:5432&
>>
>> together with (dhcp-client-service) you can connect in (via port
>> forwarding) and out.
>
> I think there's a misunderstanding.
Apparently ;-)
> I don't need to do in/out from host
> to vm, I need a simple VM -> WORLD connection.
Yes, that should work. Possibly slower than setting up a bridge though.
Have you tried?
> What you wrote could help with testing the git-service one last time
> as this does require host<->vm connection, thanks.
Nice.
Greetings,
Jan
--
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.nl
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-24 20:52 ` Jan Nieuwenhuizen
@ 2016-09-24 21:17 ` ng0
2016-09-26 17:30 ` Jan Nieuwenhuizen
0 siblings, 1 reply; 21+ messages in thread
From: ng0 @ 2016-09-24 21:17 UTC (permalink / raw)
To: Jan Nieuwenhuizen; +Cc: guix-devel
Jan Nieuwenhuizen <janneke@gnu.org> writes:
> ng0 writes:
>
>>> /gnu/store/cgb3rvmyddy114vzp9xk2y05vwn3ka18-run-vm.sh -net nic -net user,hostfwd=tcp::2223-:2222,hostfwd=tcp::3001-:3000,hostfwd=tcp::5433-:5432&
>>>
>>> together with (dhcp-client-service) you can connect in (via port
>>> forwarding) and out.
>>
>> I think there's a misunderstanding.
>
> Apparently ;-)
>
>> I don't need to do in/out from host
>> to vm, I need a simple VM -> WORLD connection.
>
> Yes, that should work. Possibly slower than setting up a bridge though.
> Have you tried?
For a considerable long time and countless tries, that's why I'm asking
about any way to do this as it just does not work. Just about anything
which would work on GuixSD from a git checkout of guix.git is welcome.
>> What you wrote could help with testing the git-service one last time
>> as this does require host<->vm connection, thanks.
>
> Nice.
>
> Greetings,
> Jan
>
> --
> Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
> Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.nl
>
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-24 21:17 ` ng0
@ 2016-09-26 17:30 ` Jan Nieuwenhuizen
2016-09-27 7:25 ` ng0
2016-09-27 18:47 ` Aljosha Papsch
0 siblings, 2 replies; 21+ messages in thread
From: Jan Nieuwenhuizen @ 2016-09-26 17:30 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
[-- Attachment #1: Type: text/plain, Size: 1423 bytes --]
ng0 writes:
> For a considerable long time and countless tries, that's why I'm asking
> about any way to do this as it just does not work. Just about anything
> which would work on GuixSD from a git checkout of guix.git is welcome.
Find attached my ssh/lsh-seed hack to allow unattended entry into a vm
and a minimal vm description.
Here's what I did
19:18:45 janneke@dundal:~/src/guix
$ guix system vm os.scm
/gnu/store/4rqrzxz8amzq7j599sfr2vsbwy01fx04-run-vm.sh -net user,hostfwd=tcp::2223-:2222&
19:19:37 janneke@dundal:~/src/guix
$ ssh-keygen -f "$HOME/.ssh/known_hosts" -R [localhost]:2223
[wait]
19:19:40 janneke@dundal:~/src/guix
$ ssh localhost -p 2223
.. RET RET
janneke@os ~$ GIT_SSL_NO_VERIFY=1 git clone https://gitlab.com/janneke/mes.git
Cloning into 'mes'...
remote: Counting objects: 969, done.
remote: Compressing objects: 100% (348/348), done.
remote: Total 969 (delta 654), reused 886 (delta 610)
Receiving objects: 100% (969/969), 316.35 KiB | 0 bytes/s, done.
Resolving deltas: 100% (654/654), done.
What I don't understand: sometimes the clone works instantly, sometimes
I need to "wait a bit" until cloning or `ping gitlab.com' works. It
seemed to be always immediately available when I added the mcron and
rottlog test services, which confuses me even more. Might just be
coincidence.
Greetings,
Jan
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-Add-lsh-seed-lsh-service-use-it.patch --]
[-- Type: text/x-patch, Size: 2196 bytes --]
From 8c8687407057ca9caa123905f7ca2e3feeffa203 Mon Sep 17 00:00:00 2001
From: Jan Nieuwenhuizen <janneke@gnu.org>
Date: Thu, 8 Sep 2016 14:09:28 +0200
Subject: [PATCH] gnu: Add lsh-seed, lsh-service: use it.
---
gnu/packages/ssh.scm | 26 ++++++++++++++++++++++++++
gnu/services/ssh.scm | 7 +++++++
2 files changed, 33 insertions(+)
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index b2612a4..5255848 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -517,3 +517,29 @@ manipulating key files.")
authentication with SSH's so-called @dfn{interactive keyboard password
authentication}.")
(license license:gpl2+)))
+
+(use-modules (guix build-system trivial))
+(define-public lsh-seed
+ (package
+ (name "lsh-seed")
+ (version "0")
+ (source #f)
+ (build-system trivial-build-system)
+ (arguments
+ '(#:modules ((guix build utils))
+ #:builder
+ (begin
+ (use-modules (guix build utils))
+ (let* ((source (assoc-ref %build-inputs "source"))
+ (out (assoc-ref %outputs "out"))
+ (etc (string-append out "/etc"))
+ (seed (string-append etc "/lsh-seed")))
+ (mkdir-p etc)
+ (with-output-to-file seed
+ (lambda () (display "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")))
+ (chmod seed #o400)
+ #t))))
+ (home-page "http://localhost")
+ (synopsis "lsh-seed")
+ (description "lsh-seed")
+ (license license:gpl3+)))
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 462988c..96ba3d7 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -68,6 +68,13 @@
(define (lsh-initialization lsh host-key)
"Return the gexp to initialize the LSH service for HOST-KEY."
#~(begin
+
+ (unless (file-exists? #$%yarrow-seed)
+ (when (file-exists? #$lsh-seed)
+ (mkdir-p (dirname #$%yarrow-seed))
+ (copy-file (string-append #$lsh-seed "/etc/lsh-seed") #$%yarrow-seed)
+ (chmod #$%yarrow-seed #o400)))
+
(unless (file-exists? #$%yarrow-seed)
(system* (string-append #$lsh "/bin/lsh-make-seed")
"--sloppy" "-o" #$%yarrow-seed))
--
2.9.3
[-- Attachment #3: os.scm --]
[-- Type: application/octet-stream, Size: 1252 bytes --]
(use-modules (gnu))
(use-service-modules
admin
base
mcron
networking
ssh)
(use-package-modules
admin
ssh
version-control)
(define %user (getenv "USER"))
(define os
(operating-system
(host-name "os")
(timezone "Europe/Amsterdam")
(locale "en_US.UTF-8")
(bootloader
(grub-configuration
(device "/dev/sda")))
(file-systems
(cons* (file-system (mount-point "/")
(device "/dev/sda1")
(type "ext4"))
%base-file-systems))
(groups
(cons* (user-group (name %user))
%base-groups))
(users
(cons* (user-account (name %user)
(group %user)
(password (crypt "" "xx"))
(uid 1000)
(supplementary-groups '("wheel"))
(home-directory (string-append "/home/" %user)))
%base-user-accounts))
(packages
(cons*
git
openssh
%base-packages))
(services
(cons*
(dhcp-client-service)
(lsh-service #:port-number 2222
#:allow-empty-passwords? #t
#:root-login? #t)
%base-services
))))
os
[-- Attachment #4: Type: text/plain, Size: 156 bytes --]
--
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.nl
^ permalink raw reply related [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-26 17:30 ` Jan Nieuwenhuizen
@ 2016-09-27 7:25 ` ng0
2016-09-27 18:47 ` Aljosha Papsch
1 sibling, 0 replies; 21+ messages in thread
From: ng0 @ 2016-09-27 7:25 UTC (permalink / raw)
To: Jan Nieuwenhuizen; +Cc: guix-devel
Thanks,
I've tried to apply a bit of this, however the problem seems to be no
matter what I do, I get a read only filesystem. But strange enough: I
can touch files. Having a readonly filesystem should prevent me from
ping and git clone, but it can't do this.
Because the file system is read only, gnunet-service can't write files I
think, which prevents fetching the initial hostlist I configured to be
fetched.
But it could also be because I need to change some defaults I've set,
however it should not prevent me from git clone and ping.
Jan Nieuwenhuizen <janneke@gnu.org> writes:
> ng0 writes:
>
>> For a considerable long time and countless tries, that's why I'm asking
>> about any way to do this as it just does not work. Just about anything
>> which would work on GuixSD from a git checkout of guix.git is welcome.
>
> Find attached my ssh/lsh-seed hack to allow unattended entry into a vm
> and a minimal vm description.
>
> Here's what I did
>
> 19:18:45 janneke@dundal:~/src/guix
> $ guix system vm os.scm
> /gnu/store/4rqrzxz8amzq7j599sfr2vsbwy01fx04-run-vm.sh -net user,hostfwd=tcp::2223-:2222&
> 19:19:37 janneke@dundal:~/src/guix
> $ ssh-keygen -f "$HOME/.ssh/known_hosts" -R [localhost]:2223
> [wait]
> 19:19:40 janneke@dundal:~/src/guix
> $ ssh localhost -p 2223
> .. RET RET
> janneke@os ~$ GIT_SSL_NO_VERIFY=1 git clone https://gitlab.com/janneke/mes.git
> Cloning into 'mes'...
> remote: Counting objects: 969, done.
> remote: Compressing objects: 100% (348/348), done.
> remote: Total 969 (delta 654), reused 886 (delta 610)
> Receiving objects: 100% (969/969), 316.35 KiB | 0 bytes/s, done.
> Resolving deltas: 100% (654/654), done.
>
> What I don't understand: sometimes the clone works instantly, sometimes
> I need to "wait a bit" until cloning or `ping gitlab.com' works. It
> seemed to be always immediately available when I added the mcron and
> rottlog test services, which confuses me even more. Might just be
> coincidence.
>
> Greetings,
> Jan
>
> From 8c8687407057ca9caa123905f7ca2e3feeffa203 Mon Sep 17 00:00:00 2001
> From: Jan Nieuwenhuizen <janneke@gnu.org>
> Date: Thu, 8 Sep 2016 14:09:28 +0200
> Subject: [PATCH] gnu: Add lsh-seed, lsh-service: use it.
>
> ---
> gnu/packages/ssh.scm | 26 ++++++++++++++++++++++++++
> gnu/services/ssh.scm | 7 +++++++
> 2 files changed, 33 insertions(+)
>
> diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
> index b2612a4..5255848 100644
> --- a/gnu/packages/ssh.scm
> +++ b/gnu/packages/ssh.scm
> @@ -517,3 +517,29 @@ manipulating key files.")
> authentication with SSH's so-called @dfn{interactive keyboard password
> authentication}.")
> (license license:gpl2+)))
> +
> +(use-modules (guix build-system trivial))
> +(define-public lsh-seed
> + (package
> + (name "lsh-seed")
> + (version "0")
> + (source #f)
> + (build-system trivial-build-system)
> + (arguments
> + '(#:modules ((guix build utils))
> + #:builder
> + (begin
> + (use-modules (guix build utils))
> + (let* ((source (assoc-ref %build-inputs "source"))
> + (out (assoc-ref %outputs "out"))
> + (etc (string-append out "/etc"))
> + (seed (string-append etc "/lsh-seed")))
> + (mkdir-p etc)
> + (with-output-to-file seed
> + (lambda () (display "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")))
> + (chmod seed #o400)
> + #t))))
> + (home-page "http://localhost")
> + (synopsis "lsh-seed")
> + (description "lsh-seed")
> + (license license:gpl3+)))
> diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
> index 462988c..96ba3d7 100644
> --- a/gnu/services/ssh.scm
> +++ b/gnu/services/ssh.scm
> @@ -68,6 +68,13 @@
> (define (lsh-initialization lsh host-key)
> "Return the gexp to initialize the LSH service for HOST-KEY."
> #~(begin
> +
> + (unless (file-exists? #$%yarrow-seed)
> + (when (file-exists? #$lsh-seed)
> + (mkdir-p (dirname #$%yarrow-seed))
> + (copy-file (string-append #$lsh-seed "/etc/lsh-seed") #$%yarrow-seed)
> + (chmod #$%yarrow-seed #o400)))
> +
> (unless (file-exists? #$%yarrow-seed)
> (system* (string-append #$lsh "/bin/lsh-make-seed")
> "--sloppy" "-o" #$%yarrow-seed))
> --
> 2.9.3
>
>
>
> --
> Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
> Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.nl
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-26 17:30 ` Jan Nieuwenhuizen
2016-09-27 7:25 ` ng0
@ 2016-09-27 18:47 ` Aljosha Papsch
2016-09-27 20:14 ` ng0
1 sibling, 1 reply; 21+ messages in thread
From: Aljosha Papsch @ 2016-09-27 18:47 UTC (permalink / raw)
To: Jan Nieuwenhuizen, ng0; +Cc: guix-devel
On 26.09.2016 19:30, Jan Nieuwenhuizen wrote:
> What I don't understand: sometimes the clone works instantly, sometimes
> I need to "wait a bit" until cloning or `ping gitlab.com' works. It
> seemed to be always immediately available when I added the mcron and
> rottlog test services, which confuses me even more. Might just be
> coincidence.
>
> Greetings,
> Jan
>
I'm guessing here but it sounds alot like neighbor discovery being slow
with ARP. I had the same issue few months ago with GNS3 where I created
a virtual topology. They use qemu VMs for each host. After creating
topology I wanted to ping a little and some packages would be dropped
before they went through.
http://wiki.qemu.org/Documentation/Networking suggests in section
"Network backend types" that user networking is slow while tap
networking is fast. So ARP discovery performance might just suffer from
qemu user networking. Maybe it's worth trying tap networking. I used it
a few weeks ago (with lxc containers) and it's pretty flexible. Haven't
paid attention to performance though.
I might be able to dig up notes on topology if you are interested. In
it, hypervisors form a VPN and integrate guests in the VPN using taps
and bridges. It's not a guix recipe unfortunately, just a Gnome Dia file.
Best regards
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-27 18:47 ` Aljosha Papsch
@ 2016-09-27 20:14 ` ng0
0 siblings, 0 replies; 21+ messages in thread
From: ng0 @ 2016-09-27 20:14 UTC (permalink / raw)
To: Aljosha Papsch, Jan Nieuwenhuizen; +Cc: guix-devel
Aljosha Papsch <lists@rpapsch.de> writes:
> On 26.09.2016 19:30, Jan Nieuwenhuizen wrote:
>> What I don't understand: sometimes the clone works instantly, sometimes
>> I need to "wait a bit" until cloning or `ping gitlab.com' works. It
>> seemed to be always immediately available when I added the mcron and
>> rottlog test services, which confuses me even more. Might just be
>> coincidence.
>>
>> Greetings,
>> Jan
>>
> I'm guessing here but it sounds alot like neighbor discovery being slow
> with ARP. I had the same issue few months ago with GNS3 where I created
> a virtual topology. They use qemu VMs for each host. After creating
> topology I wanted to ping a little and some packages would be dropped
> before they went through.
>
> http://wiki.qemu.org/Documentation/Networking suggests in section
> "Network backend types" that user networking is slow while tap
> networking is fast. So ARP discovery performance might just suffer from
> qemu user networking. Maybe it's worth trying tap networking. I used it
> a few weeks ago (with lxc containers) and it's pretty flexible. Haven't
> paid attention to performance though.
Afaik gnunet uses tun/tap when available[0]. My limited knowledge about
qemu I assumed that those modules in the way I can configure guix so far
do not exist in the way I might want them in the vm (maybe) (different
story, different problem).
As far as my goals are concerned, this try and and error of something as
simple as a stupid ping is slowing me down in developing guix services
for my roadmap items.
> I might be able to dig up notes on topology if you are interested. In
> it, hypervisors form a VPN and integrate guests in the VPN using taps
> and bridges. It's not a guix recipe unfortunately, just a Gnome Dia file.
I'm very much interested, throw anything at me which helps me to solve
this somehow.
> Best regards
>
>
[0] However, the lack of calling outside world is not gnunet exclusive.
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-24 19:44 Network with QEMU generated image (guix system vm)? ng0
2016-09-24 19:47 ` ng0
2016-09-24 20:16 ` Jan Nieuwenhuizen
@ 2016-09-28 8:34 ` Ludovic Courtès
2016-09-28 8:49 ` David Craven
2 siblings, 1 reply; 21+ messages in thread
From: Ludovic Courtès @ 2016-09-28 8:34 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
Hi,
It should be enough to add “-net user” on the run-vm.sh command line
(info "(guix) Running GuixSD in a VM"), and then having a DHCP client
run inside the VM, such as ‘dhcp-client-service’.
Does that help?
Ludo’.
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-28 8:34 ` Ludovic Courtès
@ 2016-09-28 8:49 ` David Craven
2016-09-28 9:12 ` ng0
2016-09-28 12:42 ` ng0
0 siblings, 2 replies; 21+ messages in thread
From: David Craven @ 2016-09-28 8:49 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: guix-devel
> It should be enough to add “-net user” on the run-vm.sh command line
> (info "(guix) Running GuixSD in a VM"), and then having a DHCP client
> run inside the VM, such as ‘dhcp-client-service’.
Ah, yes this probably needs some documentation. Also should include an
explanation why the flag isn't added by default and how to connect to
a ssh server running in the vm.
> Currently I can't ping
You can't ping a vm anyway since it emulates the TCP/UDP layers I
think and no ICMP. [0]
[0] http://unix.stackexchange.com/questions/78953/qemu-how-to-ping-host-network
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-28 8:49 ` David Craven
@ 2016-09-28 9:12 ` ng0
2016-09-28 10:06 ` ng0
2016-09-28 12:42 ` ng0
1 sibling, 1 reply; 21+ messages in thread
From: ng0 @ 2016-09-28 9:12 UTC (permalink / raw)
To: David Craven, Ludovic Courtès; +Cc: guix-devel
> Hi,
> It should be enough to add “-net user” on the run-vm.sh command line
> (info "(guix) Running GuixSD in a VM"), and then having a DHCP client
> run inside the VM, such as ‘dhcp-client-service’.
> Does that help?
> Ludo’.
I will double check on dhcp-client-service, but afaik I already tried
all variations of dhcp we can have in guix.
I will try passing just this again.
> > It should be enough to add “-net user” on the run-vm.sh command line
> > (info "(guix) Running GuixSD in a VM"), and then having a DHCP client
> > run inside the VM, such as ‘dhcp-client-service’.
> Ah, yes this probably needs some documentation. Also should include an
> explanation why the flag isn't added by default and how to connect to
> a ssh server running in the vm.
> > Currently I can't ping
> You can't ping a vm anyway since it emulates the TCP/UDP layers I
> think and no ICMP. [0]
Thanks for the answer, but as I've written in my initial question I
don't want to ping the VM.
I am creating a VM from a guix branch with ./pre-inst-env guix system
and a config.scm of a specific system. I've read my initial post again
and I can understand how you could draw this conclusion.
So, I am not trying to ping the VM. I am inside the VM and my service
needs an outbound connection to get an initial file into its home. To
debug my service I need to test if I can ping gnu.org because connection
fails in every configuration I have. With the normal qemu VMs running
Gentoo in NixOS I have, I can use ping which is normal expected behavior.
> [0] http://unix.stackexchange.com/questions/78953/qemu-how-to-ping-host-network
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-28 9:12 ` ng0
@ 2016-09-28 10:06 ` ng0
2016-09-28 10:19 ` ng0
0 siblings, 1 reply; 21+ messages in thread
From: ng0 @ 2016-09-28 10:06 UTC (permalink / raw)
To: David Craven, Ludovic Courtès; +Cc: guix-devel
ng0 <ngillmann@runbox.com> writes:
> > Hi,
>
> > It should be enough to add “-net user” on the run-vm.sh command line
> > (info "(guix) Running GuixSD in a VM"), and then having a DHCP client
> > run inside the VM, such as ‘dhcp-client-service’.
>
> > Does that help?
>
> > Ludo’.
>
> I will double check on dhcp-client-service, but afaik I already tried
> all variations of dhcp we can have in guix.
> I will try passing just this again.
>
> > > It should be enough to add “-net user” on the run-vm.sh command line
> > > (info "(guix) Running GuixSD in a VM"), and then having a DHCP client
> > > run inside the VM, such as ‘dhcp-client-service’.
>
> > Ah, yes this probably needs some documentation. Also should include an
> > explanation why the flag isn't added by default and how to connect to
> > a ssh server running in the vm.
>
> > > Currently I can't ping
>
> > You can't ping a vm anyway since it emulates the TCP/UDP layers I
> > think and no ICMP. [0]
>
> Thanks for the answer, but as I've written in my initial question I
> don't want to ping the VM.
> I am creating a VM from a guix branch with ./pre-inst-env guix system
> and a config.scm of a specific system. I've read my initial post again
> and I can understand how you could draw this conclusion.
> So, I am not trying to ping the VM. I am inside the VM and my service
> needs an outbound connection to get an initial file into its home. To
> debug my service I need to test if I can ping gnu.org because connection
> fails in every configuration I have. With the normal qemu VMs running
> Gentoo in NixOS I have, I can use ping which is normal expected behavior.
Adding: this is about gnunet-service, previously not published. I can't
continue with git service due to the reasons you will see in the
reminder I've sent about it in the thread.
Do I have to add a networking bridge in GuixSD for the VM to work?
Currently nscd in the VM is discovered at 10.0.2.2 and the VM gets
10.0.2.15. If so, can you either point me to documentation or what I
have to search for or provide some quick instructions how I set this up
on GuixSD?
> > [0] http://unix.stackexchange.com/questions/78953/qemu-how-to-ping-host-network
Thanks
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-28 10:06 ` ng0
@ 2016-09-28 10:19 ` ng0
2016-09-28 10:36 ` David Craven
0 siblings, 1 reply; 21+ messages in thread
From: ng0 @ 2016-09-28 10:19 UTC (permalink / raw)
To: guix-devel
ng0 <ngillmann@runbox.com> writes:
> ng0 <ngillmann@runbox.com> writes:
>
>> > Hi,
>>
>> > It should be enough to add “-net user” on the run-vm.sh command line
>> > (info "(guix) Running GuixSD in a VM"), and then having a DHCP client
>> > run inside the VM, such as ‘dhcp-client-service’.
>>
>> > Does that help?
>>
>> > Ludo’.
>>
>> I will double check on dhcp-client-service, but afaik I already tried
>> all variations of dhcp we can have in guix.
>> I will try passing just this again.
>>
>> > > It should be enough to add “-net user” on the run-vm.sh command line
>> > > (info "(guix) Running GuixSD in a VM"), and then having a DHCP client
>> > > run inside the VM, such as ‘dhcp-client-service’.
>>
>> > Ah, yes this probably needs some documentation. Also should include an
>> > explanation why the flag isn't added by default and how to connect to
>> > a ssh server running in the vm.
>>
>> > > Currently I can't ping
>>
>> > You can't ping a vm anyway since it emulates the TCP/UDP layers I
>> > think and no ICMP. [0]
>>
>> Thanks for the answer, but as I've written in my initial question I
>> don't want to ping the VM.
>> I am creating a VM from a guix branch with ./pre-inst-env guix system
>> and a config.scm of a specific system. I've read my initial post again
>> and I can understand how you could draw this conclusion.
>> So, I am not trying to ping the VM. I am inside the VM and my service
>> needs an outbound connection to get an initial file into its home. To
>> debug my service I need to test if I can ping gnu.org because connection
>> fails in every configuration I have. With the normal qemu VMs running
>> Gentoo in NixOS I have, I can use ping which is normal expected behavior.
>
> Adding: this is about gnunet-service, previously not published. I can't
> continue with git service due to the reasons you will see in the
> reminder I've sent about it in the thread.
>
> Do I have to add a networking bridge in GuixSD for the VM to work?
> Currently nscd in the VM is discovered at 10.0.2.2 and the VM gets
> 10.0.2.15. If so, can you either point me to documentation or what I
> have to search for or provide some quick instructions how I set this up
> on GuixSD?
>
>> > [0] http://unix.stackexchange.com/questions/78953/qemu-how-to-ping-host-network
>
> Thanks
> --
> ng0
>
>
So obviously you need to add ntp-service if you just use %base-services
+ some minor additions.... I thought it was part of base. This fixes the
resolution of names, but introduces problems with ntpd (unexpected
origin timestamps).
I still can't ping, but I will let the VM run for a while now to see if
something needs to get in sync.
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-28 10:19 ` ng0
@ 2016-09-28 10:36 ` David Craven
2016-09-28 10:52 ` ng0
0 siblings, 1 reply; 21+ messages in thread
From: David Craven @ 2016-09-28 10:36 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
> I still can't ping
You can't ping as I have already mentioned. You need to use TAP/TUN
instead of -net user if you want to be able to ping. Setting up
TAP/TUN for vms doesn't work out of the box yet. Does anyone read the
references I post? =P
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-28 10:36 ` David Craven
@ 2016-09-28 10:52 ` ng0
2016-09-28 11:18 ` David Craven
0 siblings, 1 reply; 21+ messages in thread
From: ng0 @ 2016-09-28 10:52 UTC (permalink / raw)
To: David Craven; +Cc: guix-devel
David Craven <david@craven.ch> writes:
>> I still can't ping
>
> You can't ping as I have already mentioned. You need to use TAP/TUN
> instead of -net user if you want to be able to ping. Setting up
> TAP/TUN for vms doesn't work out of the box yet. Does anyone read the
> references I post? =P
>
Not if the text above them reads like my question was
misunderstood (I've read it like you thought I wanted to ping the VM
itself, which is something I absolutely don't want to).
With this additional information, I will look into the reference later.
So you're telling me that the Guix system created VMs are too simplistic
to be easily handled such simple tasks/testings and I'd be better off
running my system from a git checkout at this moment in time, so I can
apply new services and rebuild the running system with them?
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: Network with QEMU generated image (guix system vm)?
2016-09-28 8:49 ` David Craven
2016-09-28 9:12 ` ng0
@ 2016-09-28 12:42 ` ng0
2016-09-28 13:52 ` David Craven
2016-09-28 17:02 ` Leo Famulari
1 sibling, 2 replies; 21+ messages in thread
From: ng0 @ 2016-09-28 12:42 UTC (permalink / raw)
To: guix-devel
David Craven <david@craven.ch> writes:
>> It should be enough to add “-net user” on the run-vm.sh command line
>> (info "(guix) Running GuixSD in a VM"), and then having a DHCP client
>> run inside the VM, such as ‘dhcp-client-service’.
>
> Ah, yes this probably needs some documentation. Also should include an
> explanation why the flag isn't added by default and how to connect to
> a ssh server running in the vm.
>
>> Currently I can't ping
>
> You can't ping a vm anyway since it emulates the TCP/UDP layers I
> think and no ICMP. [0]
>
> [0] http://unix.stackexchange.com/questions/78953/qemu-how-to-ping-host-network
The solutions they describe in the stackexchange answers are some of
those "simple" solutions which look even more "simple" to apply on
GuixSD than on other systems, like every "simple" solution you find
somewhere.
What I mean is, I expect this feature (tcp connections in/out to/from
"the internet" to vm) to work in guix system vm, as it is a normal
expectation coming from NixOS and Gentoo that it just works without any
added specialities.
As I don't want to spend another week experimenting with this, I will
just reconfigure my build server to run from a guix git checkout and
test the services directly there. I am working on a system which wraps
itself around GuixSD, sort of like an live-system but specific to some
preconfigured applications, and I've set phases for myself. I'm stuck on
phase I for too long now. Most if not all of what this is will be
upstreamed, so at some point you'll see where this getting.
--
ng0
^ permalink raw reply [flat|nested] 21+ messages in thread
end of thread, other threads:[~2016-09-28 17:03 UTC | newest]
Thread overview: 21+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-09-24 19:44 Network with QEMU generated image (guix system vm)? ng0
2016-09-24 19:47 ` ng0
2016-09-24 20:16 ` Jan Nieuwenhuizen
2016-09-24 20:33 ` ng0
2016-09-24 20:52 ` Jan Nieuwenhuizen
2016-09-24 21:17 ` ng0
2016-09-26 17:30 ` Jan Nieuwenhuizen
2016-09-27 7:25 ` ng0
2016-09-27 18:47 ` Aljosha Papsch
2016-09-27 20:14 ` ng0
2016-09-28 8:34 ` Ludovic Courtès
2016-09-28 8:49 ` David Craven
2016-09-28 9:12 ` ng0
2016-09-28 10:06 ` ng0
2016-09-28 10:19 ` ng0
2016-09-28 10:36 ` David Craven
2016-09-28 10:52 ` ng0
2016-09-28 11:18 ` David Craven
2016-09-28 12:42 ` ng0
2016-09-28 13:52 ` David Craven
2016-09-28 17:02 ` Leo Famulari
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.