Tag Archives: libguestfs

Tip: Run virt-inspector on a compressed disk (with nbdkit)

virt-inspector is a very convenient tool to examine a disk image and find out if it contains an operating system, what applications are installed and so on.

If you have an xz-compressed disk image, you can run virt-inspector on it without uncompressing it, using the magic of captive nbdkit. Here’s how:

nbdkit xz file=win7.img.xz \
    -U - \
    --run 'virt-inspector --format=raw -a nbd://?socket=$unixsocket'

What’s happening here is we run nbdkit with the xz plugin, and tell it to serve NBD over a randomly named Unix domain socket (-U -).

We then run virt-inspector as a sub-process. This is called “captive nbdkit”. (Nbdkit is “captive” here, because it will exit as soon as virt-inspector exits, so there’s no need to clean anything up.)

The $unixsocket variable expands to the name of the randomly generated Unix domain socket, forming a libguestfs NBD URL which allows virt-inspector to examine the raw uncompressed data exported by nbdkit.

The nbdkit xz plugin only uncompresses those blocks of the data which are actually accessed, so this is quite efficient.

Advertisements

3 Comments

Filed under Uncategorized

virt-rescue fixes

Although libguestfs gives you a nice structured library and tools for manipulating disk images, sometimes you just want to run a few Linux commands like mke2fs and fdisk against a disk image. For those times there is another tool called virt-rescue. It gives you a “rescue shell” connected to the disk image, and the usual set of command line Linux tools:

$ truncate -s 10G disk.img
$ virt-rescue -a disk.img
The virt-rescue escape key is ‘^]’.  Type ‘^] h’ for help.

------------------------------------------------------------

Welcome to virt-rescue, the libguestfs rescue shell.

Note: The contents of / (root) are the rescue appliance.
You have to mount the guest's partitions under /sysroot
before you can examine them.
><rescue> fdisk /dev/sda
...
><rescue> mke2fs /dev/sda1
><rescue> sync

Virt-rescue was a bit clumsy to use before because it didn’t (for example) pass Ctrl-C through to the rescue shell, so using that or other control keys would kill, stop or do other drastic things to the whole program.

I spent a bit of time last week fixing all of this, to make a really great, usable rescue shell.

The first thing is that ^C now works right:

><rescue> cat > /tmp/foo
^C
><rescue>

The second most requested feature is support for automatically mounting up the guest’s filesystems (rather than having to tediously type mount commands at the shell prompt). As with guestfish, the -i option now does the right thing:

$ virt-builder debian-7
$ virt-rescue -a debian-7.img -i
><rescue> chroot /sysroot
><rescue> cat /etc/debian_version
7.2

Finally virt-rescue now comes with an escape key which lets you suspend the shell and come back to it, and do some other interesting operations:

><rescue> ^]?
 ^] ? - print this message
 ^] h - print this message
 ^] i - print inspection data
 ^] q - quit virt-rescue
 ^] s - sync the filesystems
 ^] u - unmount filesystems
 ^] x - quit virt-rescue
 ^] z - suspend virt-rescue
to pass the escape key through to the rescue shell, type it twice
^]s
attempting to sync filesystems ...
^]z
[1]+  Stopped         virt-rescue -a debian-7.img -i
$

This is all available in libguestfs ≥ 1.37.1.

Leave a comment

Filed under Uncategorized

CentOS 7.3 available in virt-builder

CentOS 7.3 was announced today, and the x86_64 version is available in virt-builder already:

$ virt-builder centos-7.3

Leave a comment

Filed under Uncategorized

Fedora 25 is out, virt-builder images available

$ virt-builder -l | grep fedora-25
fedora-25                x86_64     Fedora® 25 Server
fedora-25                i686       Fedora® 25 Server (i686)
fedora-25                aarch64    Fedora® 25 Server (aarch64)
fedora-25                armv7l     Fedora® 25 Server (armv7l)
fedora-25                ppc64      Fedora® 25 Server (ppc64)
fedora-25                ppc64le    Fedora® 25 Server (ppc64le)
$ virt-builder fedora-25
$ qemu-system-x86_64 -machine accel=kvm:tcg \
      -cpu host -m 2048 \
      -drive file=fedora-25.img,format=raw,if=virtio

Or to try out Fedora on a different architecture:

$ virt-builder fedora-25 --arch ppc64le -o fedora-25-ppc64le.img
$ qemu-system-ppc64 -cpu POWER8 -m 2048 \
      -drive file=fedora-25-ppc64le.img,format=raw,if=virtio

5 Comments

Filed under Uncategorized

virt-builder RISC-V edition

$ file builder/virt-builder
builder/virt-builder: ELF 64-bit LSB executable, UCB RISC-V, version 1 (SYSV), dynamically linked, interpreter /lib/ld.so.1, for 
GNU/Linux 2.6.32, BuildID[sha1]=184c9522f22abc5c325ac5a1ee2d272b225d5503, not stripped

Probably the least useful copy of virt-builder since there’s no qemu and no network. However it does demonstrate that we can now build large mixed C / OCaml binaries on RISC-V successfully.

1 Comment

Filed under Uncategorized

libguestfs-based vulnerability scanner

Described here: https://www.redhat.com/archives/libguestfs/2016-August/msg00229.html

Leave a comment

Filed under Uncategorized

Libguestfs appliance boot in under 600ms

$ ./run ./utils/boot-benchmark/boot-benchmark
Warming up the libguestfs cache ...
Running the tests ...

test version: libguestfs 1.33.28
 test passes: 10
host version: Linux moo.home.annexia.org 4.4.4-301.fc23.x86_64 #1 SMP Fri Mar 4 17:42:42 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
    host CPU: Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz
     backend: direct               [to change set $LIBGUESTFS_BACKEND]
        qemu: /home/rjones/d/qemu/x86_64-softmmu/qemu-system-x86_64 [to change set $LIBGUESTFS_HV]
qemu version: QEMU emulator version 2.5.94, Copyright (c) 2003-2008 Fabrice Bellard
         smp: 1                    [to change use --smp option]
     memsize: 500                  [to change use --memsize option]
      append:                      [to change use --append option]

Result: 575.9ms ±5.3ms

There are various tricks here:

  1. I’m using the (still!) not upstream qemu DMA patches.
  2. I’ve compiled my own very minimal guest Linux kernel.
  3. I’m using my nearly upstream "crypto: Add a flag allowing the self-tests to be disabled at runtime." patch.
  4. I’ve got two sets of non-upstream libguestfs patches 1, 2
  5. I am not using libvirt, but if you do want to use libvirt, make sure you use the very latest version since it contains an important performance patch.

Previously

4 Comments

Filed under Uncategorized