from:"Marian Krcmarik"

Re: [ovirt-users] [Spice-devel] USB redirection

2014-06-03 Thread Marian Krcmarik

- Original Message -
 From: René Koch rk...@linuxland.at
 To: Christophe Fergeau cferg...@redhat.com
 Cc: spice-devel spice-de...@lists.freedesktop.org, Users@ovirt.org
 Sent: Tuesday, June 3, 2014 12:10:42 PM
 Subject: Re: [Spice-devel] [ovirt-users]   USB redirection

 On 06/03/2014 11:53 AM, Christophe Fergeau wrote:
  On Tue, Jun 03, 2014 at 10:58:55AM +0200, René Koch wrote:
  Btw, I also figured out that Fedora 20 (the client) blocks USB redirection
  if you have SELinux on enforcing - setting it to permissive works.

  I don't think this is intentional. Can you report it on
  bugzilla.redhat.com if this is happening on an up-to-date f20?

 Done: https://bugzilla.redhat.com/show_bug.cgi?id=1104110
Rene,
What's the value of mozilla_plugin_use_spice sebool - getsebool 
mozilla_plugin_use_spice? Make it on if it's off - setsebool -P 
mozilla_plugin_use_spice on
If This is the problem It should be solved in selinux-policy-3.12.1-116.fc20 
(https://bugzilla.redhat.com/show_bug.cgi?id=1049491)

  Christophe

 ___
 Spice-devel mailing list
 spice-de...@lists.freedesktop.org
 http://lists.freedesktop.org/mailman/listinfo/spice-devel

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [Spice-devel] USB redirection

2014-06-03 Thread Marian Krcmarik

- Original Message -
 From: René Koch rk...@linuxland.at
 To: Marian Krcmarik mkrcm...@redhat.com
 Cc: Christophe Fergeau cferg...@redhat.com, spice-devel 
 spice-de...@lists.freedesktop.org, Users@ovirt.org
 Sent: Tuesday, June 3, 2014 1:56:36 PM
 Subject: Re: [Spice-devel] [ovirt-users]   USB redirection

 On 06/03/2014 12:47 PM, Marian Krcmarik wrote:

  - Original Message -
  From: René Koch rk...@linuxland.at
  To: Christophe Fergeau cferg...@redhat.com
  Cc: spice-devel spice-de...@lists.freedesktop.org, Users@ovirt.org
  Sent: Tuesday, June 3, 2014 12:10:42 PM
  Subject: Re: [Spice-devel] [ovirt-users]   USB redirection

  On 06/03/2014 11:53 AM, Christophe Fergeau wrote:
  On Tue, Jun 03, 2014 at 10:58:55AM +0200, René Koch wrote:
  Btw, I also figured out that Fedora 20 (the client) blocks USB
  redirection
  if you have SELinux on enforcing - setting it to permissive works.

  I don't think this is intentional. Can you report it on
  bugzilla.redhat.com if this is happening on an up-to-date f20?

  Done: https://bugzilla.redhat.com/show_bug.cgi?id=1104110
  Rene,
  What's the value of mozilla_plugin_use_spice sebool - getsebool
  mozilla_plugin_use_spice? Make it on if it's off - setsebool -P
  mozilla_plugin_use_spice on
  If This is the problem It should be solved in
  selinux-policy-3.12.1-116.fc20
  (https://bugzilla.redhat.com/show_bug.cgi?id=1049491)

 It's off.
 Setting it to on did solve the issue.

 I have selinux-policy-3.12.1-166.fc20.noarch installed. Is it intended
 that the boolean is still off? I'm not aware of the SELinux update
 policy if activating booleans is allowed or not. For this issue it would
 be good, but on the other hand if I change it manually (for whatever
 reason) I wouldn't want it to be changed by the package...
The policy is to keep the currently set value - the value is not being reset to 
the new default when updating the selinux policy (as you assumed). So if you 
did update It should be still off.

  Christophe

  ___
  Spice-devel mailing list
  spice-de...@lists.freedesktop.org
  http://lists.freedesktop.org/mailman/listinfo/spice-devel

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] Notes on setting up spice-proxy console option

2014-01-29 Thread Marian Krcmarik

- Original Message -
From: David Li david...@sbcglobal.net
To: Marian Krcmarik mkrcm...@redhat.com
Cc: users@ovirt.org
Sent: Tuesday, January 28, 2014 10:37:18 PM
Subject: Re: [Users] Notes on setting up spice-proxy console option

Hi Marian,

Thanks a lot for the clarification!

Another question: In my spice-xpi console window, I can't get out of it by
SHIFT+F12. Should I use something else?

It should work, You mentioned you used RHEL/CentOS 6.5 as the client (what you
call Browser) machine, In that case Can you edit /etc/spice/logger.ini file and
change in the line log4j.rootCategory=INFO, R INFO to DEBUG? Restart Firefox,
make connection to the VM and check ~/.spicec/spice-xpi.log file for line
DEBUG nsPluginInstance::SetHotKeys:
release-cursor=shift+f12,toggle-fullscreen=shift+f11 (looking for value of
release-cursor). If the value is not shift+f12, can you check value of
SpiceReleaseCursorKeys on the engine with using ovirt-config tool? If the
value is shift-f12, can you run on the VM, xev tool and check what keys It can
see pressed when pressing shift-f12 combo?

David

- Original Message -
From: Marian Krcmarik mkrcm...@redhat.com
To: David Li david...@sbcglobal.net
Cc: users@ovirt.org
Sent: Tuesday, January 28, 2014 11:14 AM
Subject: Re: [Users] Notes on setting spice-proxy console option

- Original Message -
From: David Li david...@sbcglobal.net
To: users@ovirt.org
Cc: david li david...@sbcglobal.net
Sent: Tuesday, January 28, 2014 7:41:26 PM
Subject: [Users] Notes on setting spice-proxy console option

Hi,

I have struggled quite a bit to get it up and running. Over the time, I
have
accumulated some notes on various things I did so to share with everyone
who
is interested in doing this. This complements the online doc in a way
that
might give me a complete picture in one place. However I need some
clarifications as I might have forgotten to document certain steps or
certain steps I did turn out to be not necessary in the end. It will be
great if experts here can help me get the things straight.

My setup is like:

Browser (firefox 24.2 on RHEL6) ovirt-engine (3.3.2)
ovirt-node (3.0.3)

No direct network connectivity from the browser machine to the node
machine.

These are the major things I installed for spice-proxy to work:

* On ovirt-engine:
yum install spice-gtk, virt-viewer, spice-xpi
These components are client components (what you call Browser machine).
yum-install squid
/etc/squid/squid.conf updates:
acl localhost src browser IP addr
#http_access deny CONNECT !SSL_ports
I would rather allow CONNECT to specific Spice ports only 5634-6166:
acl Spice_ports port 5634-6166
http_access denny CONNECT !Spice_ports
http_access deny !Safe_ports
http_port 3128
service squid restart
make sure iptables allow 3128

engine-config -s SpiceProxyDefault=
http://ovirt-engine-IP:3128
service ovirt-engine restart
* On browser machine running firefox 24.2.0 on RHEL6 for running
browser
console plugin client
yum install spice-xpi.
spice-xpi should bring its dependencies virt-viewer - spice-gtk - etc.
but If you do not wish to use the plugin launch type, you may install only
virt-viewer (without spice-xpi) and use what I guess is called Native
client launch type.
make sure VM's console option is set to SPICE
Are the above steps reasonable? any missing or redundant?
Seems fine, just no need the client packages on the engine.

Additional questions:

1. Will spice-proxy work with the Spice HTML5 client in the browser?
Probably, but you would need to set the websocket proxy which is part of
installation steps for engine as well (I believe).
2. Is the spice-proxy architecture diagram like: browser - squid
proxy - spice-proxy -- VM
Browser plugin spice-xpi invokes start of Spice client (virt-viewer) which
makes
CONNECT to Host machine (where the VM is hosted) through the HTTP proxy (in
your
case squid).
Client machine --- Squid --- Host (where the VM is hosted).
3. I didn't explicitly install any certs for the squid proxy. Is it
automatically taken care of?
No, no authentication to Squid is supported with Spice now. So If It is
publicly
visible proxy It's important to set careful proxy rules.

References:

http://www.ovirt.org/Console_Client_Resources

http://www.ovirt.org/Features/Spice_Proxy

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.3/pdf/Installation_Guide/Red_Hat_Enterprise_Virtualization-3.3-Installation_Guide-en-US.pdf

Thanks.

David

Re: [Users] Notes on setting spice-proxy console option

2014-01-28 Thread Marian Krcmarik

Hi,

I have struggled quite a bit to get it up and running. Over the time, I have
accumulated some notes on various things I did so to share with everyone who
is interested in doing this. This complements the online doc in a way that
might give me a complete picture in one place. However I need some
clarifications as I might have forgotten to document certain steps or
certain steps I did turn out to be not necessary in the end. It will be
great if experts here can help me get the things straight.

My setup is like:

Browser (firefox 24.2 on RHEL6) ovirt-engine (3.3.2)
ovirt-node (3.0.3)

No direct network connectivity from the browser machine to the node machine.

These are the major things I installed for spice-proxy to work:

engine-config -s SpiceProxyDefault= http://ovirt-engine-IP:3128
service ovirt-engine restart
* On browser machine running firefox 24.2.0 on RHEL6 for running browser
console plugin client
yum install spice-xpi.
spice-xpi should bring its dependencies virt-viewer - spice-gtk - etc. but If
you do not wish to use the plugin launch type, you may install only virt-viewer
(without spice-xpi) and use what I guess is called Native client launch type.
make sure VM's console option is set to SPICE
Are the above steps reasonable? any missing or redundant?
Seems fine, just no need the client packages on the engine.

Additional questions:

1. Will spice-proxy work with the Spice HTML5 client in the browser?
Probably, but you would need to set the websocket proxy which is part of
installation steps for engine as well (I believe).
2. Is the spice-proxy architecture diagram like: browser - squid
proxy - spice-proxy -- VM
Browser plugin spice-xpi invokes start of Spice client (virt-viewer) which
makes CONNECT to Host machine (where the VM is hosted) through the HTTP proxy
(in your case squid).
Client machine --- Squid --- Host (where the VM is hosted).
3. I didn't explicitly install any certs for the squid proxy. Is it
automatically taken care of?
No, no authentication to Squid is supported with Spice now. So If It is
publicly visible proxy It's important to set careful proxy rules.

References:

http://www.ovirt.org/Console_Client_Resources

http://www.ovirt.org/Features/Spice_Proxy

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.3/pdf/Installation_Guide/Red_Hat_Enterprise_Virtualization-3.3-Installation_Guide-en-US.pdf

Thanks.

David

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] spice: Warning: failed to connect: Connection refused (111)

2012-06-07 Thread Marian Krcmarik

- Original Message -
 From: Eric Yao e...@erickate.idv.tw
 To: Andrew Cathrow acath...@redhat.com
 Cc: Eric Yao e...@erickate.idv.tw, Alon Levy al...@redhat.com, 
 users@ovirt.org, Arnon Gilboa
 agil...@redhat.com
 Sent: Wednesday, June 6, 2012 2:18:07 AM
 Subject: Re: [Users] spice: Warning: failed to connect: Connection refused 
 (111)

 Hi All

 Thanks for your help, I found the issues, looks I have to reboot my
 ovirt-node after setup completed and disabled /etc/selinux/config,
 as I remember onde should restart with automatically once node got
 approve from ovirt-mamange, not sure why my PC doesn't, thanks for
 your time.
Assuming this bug https://bugzilla.redhat.com/show_bug.cgi?id=827864 was 
reported by you and was related to this issue, can you close it then? Thanks.

 1. Install VDSM and bridge Interface
 2. wget http://ovirt.org/releases/stable/ovirt-engine.repo -O
 /etc/yum.repos.d/ovirtengine.repo
 3. yum remove classpathx-jaf
 4. yum upgrade
 5. yum install ovirt-engine
 6. install ovirt-node and connected to ovirt-manage
 7. disabled /etc/selinux/config  reboot ovirt-node
 8. Data Center / Cluster / VM are running on NFS and brough up.

 引文 誰=Andrew Cathrow
 Bugzilla isn't a support tool, and even if it was there is NO
 information in the BZ - logs, etc.

 Eric,

 please can you answer my questions below.

 - Original Message -
  From: Doron Fediuck dfedi...@redhat.com
  To: Andrew Cathrow acath...@redhat.com
  Cc: Haim Ateya hat...@redhat.com, Alon Levy
  al...@redhat.com, users@ovirt.org, Arnon Gilboa
  agil...@redhat.com, Eric Yao e...@erickate.idv.tw
  Sent: Tuesday, June 5, 2012 1:59:41 AM
  Subject: Re: [Users] spice: Warning: failed to connect: Connection
  refused (111)

  Seems like this is already reported:
  https://bugzilla.redhat.com/show_bug.cgi?id=827864

  On 05/06/12 06:33, Andrew Cathrow wrote:
   Are we sure that the client can resolve the hostname of the
   hypervisor that's running the VM and that the hypervisor has the
   right ports open?

   - Original Message -
   From: Haim Ateya hat...@redhat.com
   To: Eric Yao e...@erickate.idv.tw, Alon Levy
   al...@redhat.com, Arnon Gilboa agil...@redhat.com
   Cc: users@ovirt.org
   Sent: Monday, June 4, 2012 11:08:10 PM
   Subject: Re: [Users] spice: Warning: failed to connect:
   Connection
   refused (111)

   Arnon\Alon,

   How shall we proceed with debugging this issue?
   Haim

   On Jun 5, 2012, at 4:06, Eric Yao  e...@erickate.idv.tw 
   wrote:

   Hi There

   I got error same as subject when I lunch console on
   ovirt-webpage.
   even I follow the below documentation but still not workable.

   http://www.ovirt.org/w/images/a/a9/OVirt-3.0-Installation_Guide-en-US.pdf

   and I checked the /var/log/messages got below log, could you
   help
   to
   check and advise? becuase I really interesting in Linux
   virtualization.

   Jun 4 11:11:55 rhevm spice: starting spicec --controller ...
   Jun 4 11:11:55 rhevm spice: XDG_VTNR=2
   Jun 4 11:11:55 rhevm spice: ORBIT_SOCKETDIR=/tmp/orbit-eric
   Jun 4 11:11:55 rhevm spice: XSUNTRANSPORT=shmem
   Jun 4 11:11:55 rhevm spice: XDG_SESSION_ID=3
   Jun 4 11:11:55 rhevm spice: HOSTNAME=rhevm.erickate.idv.tw
   Jun 4 11:11:55 rhevm spice: GIO_LAUNCHED_DESKTOP_FILE_PID=32603
   Jun 4 11:11:55 rhevm spice: IMSETTINGS_INTEGRATE_DESKTOP=yes
   Jun 4 11:11:55 rhevm spice:
   GPG_AGENT_INFO=/tmp/keyring-NFMZzQ/gpg:0:1
   Jun 4 11:11:55 rhevm spice: TERM=dumb
   Jun 4 11:11:55 rhevm spice: SHELL=/bin/bash
   Jun 4 11:11:55 rhevm spice:
   XDG_SESSION_COOKIE=f523a941917cf33b7a6a4c39000a-1338814582.742987-427970052
   Jun 4 11:11:55 rhevm spice: HISTSIZE=1000
   Jun 4 11:11:55 rhevm spice: XRE_PROFILE_NAME=
   Jun 4 11:11:55 rhevm spice: GJS_DEBUG_OUTPUT=stderr
   Jun 4 11:11:55 rhevm spice:
   GNOME_KEYRING_CONTROL=/tmp/keyring-NFMZzQ
   Jun 4 11:11:55 rhevm spice: GJS_DEBUG_TOPICS=JS ERROR;JS LOG
   Jun 4 11:11:55 rhevm spice: MOZILLA_FIVE_HOME=/usr/lib64/firefox
   Jun 4 11:11:55 rhevm spice: IMSETTINGS_MODULE=none
   Jun 4 11:11:55 rhevm spice: XRE_PROFILE_LOCAL_PATH=
   Jun 4 11:11:55 rhevm spice: USER=eric
   Jun 4 11:11:55 rhevm spice: XRE_START_OFFLINE=
   Jun 4 11:11:55 rhevm spice:
   LD_LIBRARY_PATH=/usr/lib64/xulrunner-2:/usr/lib64/firefox:/usr/lib64/firefox/plugins:/usr/lib64/firefox
   Jun 4 11:11:55 rhevm spice:
   SSH_AUTH_SOCK=/tmp/keyring-NFMZzQ/ssh
   Jun 4 11:11:55 rhevm spice: GNOME_DISABLE_CRASH_DIALOG=1
   Jun 4 11:11:55 rhevm spice:
   SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/1434,unix/unix:/tmp/.ICE-unix/1434
   Jun 4 11:11:55 rhevm spice: USERNAME=eric
   Jun 4 11:11:55 rhevm spice:
   LIBPATH=/usr/lib64/firefox:/usr/lib64/firefox
   Jun 4 11:11:55 rhevm spice: MOZ_APP_LAUNCHER=/usr/bin/firefox
   Jun 4 11:11:55 rhevm spice:
   MOZ_PLUGIN_PATH=/usr/lib64/mozilla/plugins:/usr/lib64/firefox/plugins
   Jun 4 11:11:55 rhevm spice:

Re: [ovirt-users] [Spice-devel] USB redirection

Re: [ovirt-users] [Spice-devel] USB redirection

Re: [Users] Notes on setting up spice-proxy console option

Re: [Users] Notes on setting spice-proxy console option

Re: [Users] spice: Warning: failed to connect: Connection refused (111)

5 matches

Site Navigation

Mail list logo

Footer information