##### modify /etc/libvirt/libvirt.conf to accept tcp and port 16509 ###
– setup secure password to access libvirt on hypervisor
[root@kvm1 ~]# saslpasswd2 -a libvirt admin
– confim authenticated users for libvirt
[root@kvm1 ~]# sudo sasldblistusers2 -f /etc/libvirt/passwd.db
admin@kvm1.blah: userPassword
-set ip tables rule to allow connection on tcp 16509
[root@kvm1 ~]# iptables –insert INPUT 4 -p tcp –dport 16509 -j ACCEPT
-test
[root@kvm1 ~]# virsh -c qemu+tcp://192.168.167.201/system nodeinfo
#### diagnosis ######
# virsh -c qemu+tcp://host/system
error: unable to connect to server at 'host:16509': Connection refused
error: failed to connect to the hypervisor
The libvirt daemon is not listening on TCP ports even after changing configuration in /etc/libvirt/libvirtd.conf:
# grep listen_ /etc/libvirt/libvirtd.conf
listen_tls = 1
listen_tcp = 1
listen_addr = "0.0.0.0"
However, the TCP ports for libvirt are still not open after changing configuration:
# netstat -lntp | grep libvirtd
#
Investigation The libvirt daemon was started without the --listen option. Verify this by running this command:
# ps aux | grep libvirtd
root 27314 0.0 0.0 1000920 18304 ? Sl Feb16 1:19 libvirtd --daemon
The output does not contain the --listen option.
Solution Start the daemon with the --listen option. To do this, modify the /etc/sysconfig/libvirtd file and uncomment the following line:
#LIBVIRTD_ARGS="--listen"
Then restart the libvirtd service with this command:
# /etc/init.d/libvirtd restart