I've spent all day trying to sort out qemu. Want to use qemu and not vmware because my server is headless (No X) and want to run a virtual machine on it with apache server.
I'm sure if I can get my head around it, itll be fine. but I cant seem to network it so as to be able to ssh into it.
What I've done is:
1) installl arch on a virtual machine in qemu using X on my desktop.
2) install and configure openssh in the VM
3) set up tun/tap networking with qemu on my desktop pc.
3) used firestarter to share the network connection of my host pc (eth0) so that its routed to tap0 (nat? i told it to "share the internet connection so im not quite sure what it does) - the network interface on my host pc that qemu is connected to.
4) qemu connects to internet and I can ssh into it from the host pc.
Now the problem comes when I want to run the VM (using the -nographic option) on the server, which has no X and therefore cant run firestarter. I've tried installing shorewall on the server, which works, and I can change the rules to allow / disallow pings from my PC over the lan etc, but I cant get it to do what firestarter was doing for the VM, ie route ssh traffic to the virtual subnet, or pings either.
I already have a hardware firewall, so shorewall / firestarter are overkill for what I want. All I want is to be able to route ssh, http and ftp traffic to the VM from the servers "external" IP (the one on my lan).
I've tried but I cant work out what to use, firestarter did something that worked when I ran the VM on my desktop, but I cant use it on the server and I dont know what it did to enable this so as to replicate its settings on the server via command line.
I'm presuming I need to use 'route' or 'iptables' somehow? tried to understand it all, but my brains about given up for today!
this is really weird! if i run the vm on my pc, witht he nographic option, and no firestarter running, i can still ping and ssh into it! it only started doing that when i ran firestarter and told it to "share the internet connection" ive flushed iptables, checked the routing tables, and everything looks the same as the server, yet the same thing on the server results in no ping.
for reference, my lan uses 192.168.1.6 for the pc and 192.168.1.2 for the server. when qemu is running (on either machine) the tap interface is given address 172.20.0.1, and the vm is set up on 172.20.0.2.
so to clarify,
works on my desktop pc whent he vm is running, but not on my server when the vm is running on that. both are running up to date arch installs. the server has some different software (and a lot less of it) but I cant see whats causing it not to work on the server! arrrrgh help me!
it turns out, that qemu WASNT running the vm properly when using the server host. I got it to produce output on an emulated serial console (qemu redirects serial output to the console using the -nographic option) and im getting
'hda: lost interrupt'
during boot when i run it there.
if anyone wants to use qemu and gets this error (in the above post), look here:
apparently adding -no-acpi to the qemu command line is needed.
btw, qemu is now running as a webserver virtual machine, running arch on arch. theory being if anyone hacks the VM thats all they can break. likewise if it gets screwed any other way (eg my mate who designs the site breaks it), my server keeps going.
meh, who needs vmware?