Docker vs libvirt vs firewalld conflict: get rid of firewalld
Setting up an really working libvirt environment isn't and easy task. Even worse if it's going to run inside a docker container. Things you should know: Choose the right base system: anything w/ systemd - it will cause big headache sooner or later (well, it's written/maintained by a guy who doesn't know the elementary unix commands and publicly declares people with different oppionions 'racists' ...) KVM access: the container needs to be started w/ '--privileged' flag in order to get access to /dev/kvm device. without that, qemu always needs to do CPU emulation, which - of course - is sloohohow. Firewall utils: DONT use firewalld (get rid of it, if you did the mistake to install it!) - it will kill docker's firewall rules, and the containers will be cut off the net ! In case you get strange libvirt errors like "Failed to initialize a valid firewall backend", your container probably lacks some packages: iptables, ip6tables, ebtables,