weizhouapache commented on PR #7302:
URL: https://github.com/apache/cloudstack/pull/7302#issuecomment-1451578697
Tested OK with fresh installation with rocky8
1. create some VMs with encrypted root/data disk. passphrase are encrypted
```mysql> select * from passphrase;
+----+------------------------------------------------------------------------------------------------------------------------------+
| id | passphrase
|
+----+------------------------------------------------------------------------------------------------------------------------------+
| 1 |
ZoP8LIZr8cpzq3GDpWQVf9axTeGjKTyK9DePfAGx3pObQdI23Nno1jUZTUUF5cBklP2tYDU6tHIzEBfyVf+zSxbc9k+VTpjrti+6gtU6VpF/U9LLFMou7ba8F5g=
|
| 2 |
SRg5yIavPJ+G/vORKyidCHnJWif3m0JVuDK5s6C91ZmyPOjywUAHGVySNMtuPbL9Y6l+bnKe5qihljHajWiAySY3YCkyJP7efUdYRlFwsA1yBJg6tPdG3q5/X1M=
|
| 3 |
kqKeTg5Eh0QRp18CrZbYy6n4Pf7iM7goTlsxC6jRjAZ2KR5+qn7gzRHYGi+uK/5lGBlYmJwRSz+YpKkS8vfERgsMHNePpq2o0OUl10O4AaZfPmwVFvIopLv8UTQ=
|
| 4 |
0+fOG2mF6iCv2469BdObBtTIQcHwI2/6byV/3JUflUb5qG7EhhGMMXn0uFNCLZuhJX4eNYAf0/Z+V0XjcMcB7Vd32b05SmDaPaJCwHLnW3hb0HPgViBwRtTbOaU=
|
| 5 |
xMBTPMKzVlG+FPixCBhfTjy/meAzaw7gLMkQU7j0N11XF6zgWl+8mF+VxkozKmjZ+EcEnFEwkQeNHRkmOXRQhgORgv0ijaoPAsJsRoSnp83gCkCaIlYRou4A7k8=
|
| 6 |
74DWaFuC/xquwEcGlBkoC+HcOeJpFHzQYUSbEWDgthKPhTaTaaZi9t+yY+4K3uvSbS+IL+imMmkvM68UVp5dxgXrqdw7mjJ1IylXzGSm7e1BZy4/kDANLPvjSqo=
|
| 7 |
tITq2tqD6SGKcrT6B4jmFTgANLQ8Wt+MXiCoWAPE+pOlBPCxsJqcbGbS4TPYWh7ukLeKWYN/svPI3QlPsshapduIgAuN3fQJ63II0pe23OAFfIXIkSQCsA8O048=
|
| 8 |
SJtJS6co7cYaSrd89h6fxcOOkJrfrPPUUhXn04sOZDbTlZlSg2+ZZU60zjfos6VowQ0F/W/GguoiZ+ZpR4yJ8NH2Y4oxcS6BOQRsSW4UEqnirjKlrEYeHwZNV0A=
|
| 9 |
ipkNdyzrxA127EAnV8tjMnx22Uzqy9BPNQeu+bQkp0//pQH9Guohm1XVzzUPAvqOtI4NGZkFiyRH3XmCOvg7rYLVR1cFdyf5khOvEu5pBFm2FRqGupJQchMz3wg=
|
+----+------------------------------------------------------------------------------------------------------------------------------+
9 rows in set (0.01 sec)
```
2. migrate database
```
[root@pr7302-t6251-kvm-rocky8-mgmt1 ~]# cloudstack-migrate-databases -m
password -d password -e password2 -n password3 -v V2
Started database migration at Thu Mar 02 09:26:02 UTC 2023
Parsing db.properties file
DB Secret key provided matched the key in db.properties
INFO: Migrate properties with DB encryptor version: V2
Migrating db.properties..
Migrating db.properties Done.
Migrating server.properties..
Skipping server.properties as password.encryption.type is null
Begin Data migration
Initialised Encryptors
WARN [c.c.u.c.EncryptionSecretKeyChecker] (main:null) (logid:) Encryption
already enabled, is check() called twice?
INFO [c.c.u.d.T.Transaction] (main:null) (logid:) Is Data Base High
Availiability enabled? Ans : false
Begin migrate config values
End migrate config values
Begin migrate host details
End migrate host details
Begin migrate cluster details
End migrate cluster details
Begin migrate image store details
End migrate image store details
Begin migrate storage pool details
End migrate storage pool details
Begin migrate storage pool details for ScaleIO
End migrate storage pool details for ScaleIO
Begin migrate user vm details
End migrate user vm details
Begin migrate user vm deploy_as_is details
End migrate user vm deploy_as_is details
Begin migrate image store url if protocol is cifs
End migrate image store url if protocol is cifs
Begin migrate storage pool path if pool type is SMB
End migrate storage pool path if pool type is SMB
Skipped table sslcerts as there is no data in the table
Skipped table vpn_users as there is no data in the table
Skipped table account_details as there is no data in the table
Skipped table domain_details as there is no data in the table
Skipped table s2s_customer_gateway as there is no data in the table
Skipped table virtual_supervisor_module as there is no data in the table
Skipped table ucs_manager as there is no data in the table
Begin migrate table vm_instance field vnc_password
Done migrating database field vm_instance.vnc_password
Skipped table external_stratosphere_ssp_credentials as there is no data in
the table
Skipped table vmware_data_center as there is no data in the table
Skipped table keystore as there is no data in the table
Begin migrate table passphrase field passphrase
Done migrating database field passphrase.passphrase
Skipped table remote_access_vpn as there is no data in the table
Begin migrate table storage_pool field user_info
Done migrating database field storage_pool.user_info
Begin migrate table user field secret_key
Done migrating database field user.secret_key
Skipped table oobm as there is no data in the table
End Data migration
Successfully updated secret key(s)
Finished database migration at Thu Mar 02 09:26:11 UTC 2023
```
3. passphrase are encrypted
```
mysql> select * from passphrase;
+----+------------------------------------------------------------------------------------------------------------------------------+
| id | passphrase
|
+----+------------------------------------------------------------------------------------------------------------------------------+
| 1 |
TRpfx+HdRPzMv3XpDY1lFRCpLmz/dliM/yTZULWetC2t6sqbVwbOVpNE9RTpR8Yt/ZMTp8eaWMdmeAEIfj5xudc36DzMnZrJd7gsqidpK5QuuTkaTwTY7gZsTOk=
|
| 2 |
uR5XG6b/Tb79EfzUjUdU8Wl2QdO8lW8xDNWeQc3MwrcKAcSAtsmBG1P1aEwuAxa2BFywa7CLMj1lOzNdp/SBQ31bP9DxTBPShA3riWWgfESiplgAmihJy7JNn0M=
|
| 3 |
/ek8oFBFaiCSP2taFKz9D3uZYwtiYbYTzPe8opr/IrULYjmyIX7dXNfG0fx817S56kgDVVmSjOh2s9r3LrJNobj9v4ofN6J9Nm5FO0N+41eBSiifziHBCavYvJY=
|
| 4 |
wg+g5DcyZNVIr+bfggSV57k7moksuHM2xexy9YSJnBSoPuO2vK7TgKkr68AmDaYi5XPmGRL3/Up5Ty6j3dg6w29HwGp0JOh/CGzEtsN94w9xitvsYazoBSlDdUw=
|
| 5 |
jO+C7R67yRB3gQM6Ix4AaFlny8uvueCKzMDOqbWL5Amm9A1vbrGwhVOm8uL45TNbBZRaeD2UwxLMuNA27/DPyM6HL46I/wnB4vSOWubs/U/L3rq0+ZpwjupU6Qk=
|
| 6 |
dywEzT1O5Sb4GWb9yCmy0HDk5wNaYphWC4YKTJYGPYqTMllajGWisC2ST9wU4E095DDCo1RM5EglCPh03EqRI6BqKP49f20szGelilo8lA+A4DjuPC5yWwRM4Dk=
|
| 7 |
oq0dkTYS6AfKS9SPF0uOVMvphmMUcQ/vrKHG3MgCQ3rLw0oiOUU31ALxa6A4XSeQxpm6PoklvDt8isiQF33pKLRmiKE8Zxk0njsNA/epFd7xd8x8YcJ9X6K0rZI=
|
| 8 |
WSWWJ0QMwWFX18tE09vjXxYzOcHpENpOeiKwsZfELXOhGVe4ZYKsmCHHWXYhwaN16L+Y0ye79VD0Xjhy9tl2Qb2KwC0v4mKnFGnGz22w+V6HTWsethJ6GuK874o=
|
| 9 |
3KR4q3xzWiwS6zNdP2m2UiMPutYCe13SdRawh5PHoF7CrVLte2Ws/NuONgtROv6xwsmeaDUO80bGv/BxOhnu2zPVS/xq7oAqIJbaJH+CrxFFMII/YhVB1Qds4IE=
|
+----+------------------------------------------------------------------------------------------------------------------------------+
9 rows in set (0.00 sec)
```
4. Stop vm, start it on same host: works. Both root/data disks are detected.
5. Stop vm, start it on another host: works. Both root/data disks are
detected.
6. create new vm with root/data disk. Both root/data disks are detected.
passphrase is encrypted
```
mysql> select * from passphrase where id > 9;
+----+------------------------------------------------------------------------------------------------------------------------------+
| id | passphrase
|
+----+------------------------------------------------------------------------------------------------------------------------------+
| 10 |
tEscVLBCJAohTRyM57Y+z/k7uPEJubcC44xzN3e5C63IqTxDnNJV2EtJFJCws0QY1DcZW63nLczDzQymao8d5JfN6dgQCHCInzRS/OixZXKHqbw1YvtgNDxlGmE=
|
| 11 |
YuDccp76kDpxqhF07Kft9MH5M+aB3D3MhiOOUhnb+qAW2Gf/MxHI/dEfwraLV+ElvfY8oiJILQmxv7AcuQVotUSCH4XcujBTpUqzdo8zEv1z4Eq9DyCvOj4gqCs=
|
+----+------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
