Have any `lib.virt`-based VMs use User Networking

[comps]

Currently, we rely on libvirtd-provided network to manage VMs, as configured on top of lib/virt.py:

NETWORK_NETMASK = '255.255.252.0'
NETWORK_HOST = '192.168.120.1'
# 1000 guest addrs, refreshing after a week, should be enough
NETWORK_RANGE = ['192.168.120.2', '192.168.123.254']
NETWORK_EXPIRY = 168

These settings are fed into a custom network definition that we create via virsh net-define as part of host OS setup.

There are a few issues with this:

• It is somewhat invasive to the host OS (which was fine until now, since Beaker provides disposable installs)
• It conflicts in nested virt setups that use the same IP range
  • This actually happened to me when I tried to nest two libvirt setups done by Contest, a probably uncommon use case
• It is very container-unfriendly
  • The host needs to load extra modules (nft_reject, tun, etc.)
  • The container needs to be run as privileged due to /proc/sys/net, xattr trusted domain, etc.
  • The podman on the host needs to be using bridge mode (to provide separate network namespace), conflicting with RH net subnet by default
  • The container needs special qemu.conf settings to avoid further permission issues

Most of these can be avoided by us switching to a more self-contained setup that doesn't need any privileges, using QEMU's "user networking". This contains the VM network inside the VM itself, and it appears like a regular wget-style process to the host OS, no special setup necessary.

As far as SSH-ing into it, we can use the hostfwd argument, but since libvirt doesn't support it natively, we need to

v-i --network none --qemu-commandline "-netdev user,id=net0,hostfwd=tcp::5555-:22 -device virtio-net-pci,netdev=net0"

But mainly, it would allow us to run many VM-using tests inside containers, avoiding nested virtualization (which needs physical HW, not guaranteed on Testing Farm).