https://bugzilla.redhat.com/show_bug.cgi?id=1425757
The blockdev-add code provides a mechanism to sanely provide user
and password-secret arguments for iscsi without placing them on the
command line to be viewable by a 'ps -ef' type command or needing
to create separate -iscsi devices for each
Since the encryption information can also be disk source specific
move it from _qemuDomainDiskPrivate to _qemuDomainDiskSrcPrivate.
Signed-off-by: John Ferlan
---
src/qemu/qemu_command.c | 6 ++
src/qemu/qemu_domain.c | 16 +++-
src/qemu/qemu_domain.h | 10
Currently when an AES secret object is added to the domain for
either a network disk, a LUKS encryption secret, or for a SCSI
hostdev there is no way for domain restart to be able to connect
or determine which secret by secrettype and uuid or usage was
used in order to generate the object.
So, in
Since the secret information is really _virStorageSource specific
piece of data, let's create a privateData object for _virStorageSource
and move the @secinfo from _qemuDomainDiskPrivate into a new
_qemuDomainDiskSrcPrivate structure and manage it from there.
Signed-off-by: John Ferlan
Commit id '5604c056' used the wrong API to generate the
---
src/util/virstoragefile.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index e94ad32f0..1040e9a17 100644
--- a/src/util/virstoragefile.c
+++
Since the virStorageEncryptionPtr encryption; is a member of
_virStorageSource it really should be allowed to be a subelement
of the disk for various disk formats:
Source{File|Dir|Block|Volume}
SourceProtocol{RBD|ISCSI|NBD|Gluster|Simple|HTTP}
NB: Simple includes sheepdog, ftp, ftps,
Since the virStorageAuthDefPtr auth; is a member of _virStorageSource
it really should be allowed to be a subelement of the disk
for the RBD and iSCSI prototcols. That way we can set up to allow
the element to be formatted within the disk source.
For now just allow the format in the RNG and
Move the virSecretUsageType into the util.
Signed-off-by: John Ferlan
---
src/conf/domain_conf.c| 1 +
src/conf/secret_conf.c| 4 +---
src/conf/secret_conf.h| 2 --
src/qemu/qemu_parse_command.c | 2 +-
src/storage/storage_driver.c | 1 +
v1: https://www.redhat.com/archives/libvir-list/2017-September/msg00100.html
Other than patch 1 from v1, everything changed... Don't bother comparing.
Highlights -
* Two patches of essentially movement of virSecretUsageType because I
found (as seen in patch 2) that a previous patch altered
Generate the example for the iSCSI auth/password-secret similar to
what's done for RBD.
Signed-off-by: John Ferlan
---
src/util/virstoragefile.c | 30 ++
tests/virstoragetest.c| 15 +++
2 files changed, 45 insertions(+)
diff --git
Add the capability to use the blockdev-add query-qmp-schema option
to find the 'password-secret' parameter that will allow the iSCSI
code to use the master secret object (a/k/a AES) to encrypt the
secret in an object and only need to provide the object id of
tha secret on the command line thus
Signed-off-by: John Ferlan
---
docs/news.xml | 13 +
1 file changed, 13 insertions(+)
diff --git a/docs/news.xml b/docs/news.xml
index e79ff4349..8ed0509e6 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -36,6 +36,19 @@
however, when writing out the
Alter the output of the formatting to be a child of the disk's source
rather than a child of the disk for LUKS encryption, but keep the legacy
QCOW encryption as a child of disk.
Update the various test outputs for existing disk tests to conform to
the new view. The qemuxml2xmlout-luks-disks.xml
Signed-off-by: John Ferlan
---
docs/news.xml | 11 +++
1 file changed, 11 insertions(+)
diff --git a/docs/news.xml b/docs/news.xml
index a5c3d1d90..e79ff4349 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -25,6 +25,17 @@
+
+
+
Alter the output of the formatting to be a child of the disk's source
rather than a child of the disk.
Update the various test outputs for existing disk tests to conform to
the new view.
Add tests to validate that if the was found in , then
the resulting xml2xml and xml2arg works just fine.
On Fri, 2017-09-15 at 18:10 +0200, Guido Günther wrote:
> Things moved again, sigh.
> ---
> src/security/virt-aa-helper.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
> index 55a686a59c..0b43c8e391 100644
On Fri, 2017-09-15 at 11:49 -0400, Laine Stump wrote:
> @@ -2902,6 +2903,15 @@ virPCIGetNetName(const char *device_link_sysfs_path,
> /* if this one doesn't match, keep looking */
> if (STRNEQ_NULLABLE(physPortID, thisPhysPortID)) {
>
On 09/15/2017 12:09 PM, Daniel P. Berrange wrote:
> On Fri, Sep 15, 2017 at 09:09:05AM +0100, Daniel P. Berrange wrote:
>> On Thu, Sep 14, 2017 at 05:43:37PM -0400, Cole Robinson wrote:
>>> This is required by the fedora packaging guidelines:
>>>
>>>
On Thu, Sep 14, 2017 at 04:22:59PM +0200, Jiri Denemark wrote:
CPU features are usually checked by libvirt, but not if libvirt decides
it should not check the CPU at all, which happens with host-passthrough
CPUs, for example. Let's check all used CPU features are valid for all
CPU definitions.
Things moved again, sigh.
---
src/security/virt-aa-helper.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 55a686a59c..0b43c8e391 100644
--- a/src/security/virt-aa-helper.c
+++
The mlx4 (Mellanox) netdev driver implements the sysfs phys_port_id
file for both VFs and PFs, so you can find the VF netdev plugged into
the same physical port as any given PF netdev by comparing the
contents of phys_port_id of the respective netdevs. That's what
libvirt does when attempting to
On Fri, 2017-09-15 at 17:17 +0200, Guido Günther wrote:
> Otherwise we fail to reconnect to /dev/net/tun opened by libvirtd
> like
>
> [ 8144.507756] audit: type=1400 audit(1505488162.386:38069121):
> apparmor="DENIED" operation="file_perm" info="Failed name lookup -
> disconnected path"
On Fri, Sep 15, 2017 at 09:09:05AM +0100, Daniel P. Berrange wrote:
> On Thu, Sep 14, 2017 at 05:43:37PM -0400, Cole Robinson wrote:
> > This is required by the fedora packaging guidelines:
> >
> > https://fedoraproject.org/wiki/Packaging:LicensingGuidelines
> >
> > This macro isn't available on
Otherwise we fail to reconnect to /dev/net/tun opened by libvirtd
like
[ 8144.507756] audit: type=1400 audit(1505488162.386:38069121):
apparmor="DENIED" operation="file_perm" info="Failed name lookup - disconnected
path" error=-13 profile="libvirt-5dfcc8a7-b79a-4fa9-a41f-f6271651934c"
For the Kove integration, the memory is allocated on external devices, similar
to a SAN device LUN allocation. As such, each virt will have its own separate
allocation, and will need its memory file(s) managed independently of other
virts. We also use information from the virtual machine
Hi,
On Fri, Sep 15, 2017 at 01:05:27PM +0100, Daniel P. Berrange wrote:
> On Wed, Jun 07, 2017 at 08:02:04AM +0200, Guido Günther wrote:
> > If one pastes from the output of virt-sansbox-image
> >
> > $ virt-sandbox-image list
> > docker:/library/ubuntu?tag=17.04
> >
For the Kove integration, the memory is allocated on external devices, similar
to a SAN device LUN allocation. As such, each virt will have its own separate
allocation, and will need its memory file(s) managed independently of other
virts. We also use information from the virtual machine
Luckily it only returns 0 or -1
Signed-off-by: John Ferlan
---
Pushed as trivial..
Tripped across this while working on something else.
src/qemu/qemu_conf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
On 09/15/2017 12:10 AM, Peter Krempa wrote:
> On Thu, Sep 14, 2017 at 14:03:10 -0400, John Ferlan wrote:
>> Commit id 'e02ff020cac' neglected to use the attrBuf and childBuf
>> in the virDomainDiskSourceFormatNetwork call.
>>
>> So make the necessary alterations to allow usage.
>>
>>
On 09/15/2017 12:06 AM, Peter Krempa wrote:
> On Thu, Sep 14, 2017 at 14:03:09 -0400, John Ferlan wrote:
>> Rather than checking during XML processing, move the check for
>> valid into virDomainDiskDefParseValidate.
>>
>> Signed-off-by: John Ferlan
>> ---
>>
On Wed, Jun 07, 2017 at 08:02:04AM +0200, Guido Günther wrote:
> If one pastes from the output of virt-sansbox-image
>
> $ virt-sandbox-image list
> docker:/library/ubuntu?tag=17.04
> docker:/library/debian?tag=latest
>
> verbatim
>
> $ virt-sandbox-image run -c qemu:///session
>
On Wed, Jun 07, 2017 at 08:02:05AM +0200, Guido Günther wrote:
> If one pastes from the output of virt-sansbox-image
>
> $ virt-sandbox-image list
> docker:/library/ubuntu?tag=17.04
> docker:/library/debian?tag=latest
>
> verbatim
>
> $ virt-sandbox-image run -c qemu:///session
>
On Thu, Sep 14, 2017 at 12:57:14PM +0200, Jiri Denemark wrote:
For parsing a list of CPU XMLs into a NULL-terminated list of CPU defs.
Signed-off-by: Jiri Denemark
---
src/conf/cpu_conf.c | 78
src/conf/cpu_conf.h |
On Thu, Sep 14, 2017 at 12:57:13PM +0200, Jiri Denemark wrote:
The host CPU definitions reported in the capabilities XML may contain
CPU features unknown to QEMU, but the result of virConnectBaselineCPU is
supposed to be directly usable as a guest CPU definition and thus it
should only contain
On 09/14/2017 11:58 PM, Peter Krempa wrote:
> On Thu, Sep 14, 2017 at 14:03:07 -0400, John Ferlan wrote:
>> Rather than checking during XML processing, move the checks for correct
>> and valid auth into virDomainDiskDefParseValidate. This will introduce
>> virDomainDiskSourceDefParseAuthValidate
Hi,
On Wed, Jun 21, 2017 at 10:00:32PM +0200, Guido Günther wrote:
> On Wed, Jun 07, 2017 at 08:02:03AM +0200, Guido Günther wrote:
> > This is basically a V2 of "Drop library/ from template name and image path"
> > with Dan's comment implemented.
>
> Ping?
Ping again.
-- Guido
> -- Guido
>
On Fri, Sep 15, 2017 at 01:27:31PM +0530, Madhu Pavan wrote:
> Hi,
> QEMU live patching should be just a matter of updating the QEMU RPM package
> and then live migrating the VMs to another QEMU instance on the same host
> (which would point to the just installed new QEMU executable).
> I think it
On Thu, Sep 14, 2017 at 05:43:37PM -0400, Cole Robinson wrote:
> This is required by the fedora packaging guidelines:
>
> https://fedoraproject.org/wiki/Packaging:LicensingGuidelines
>
> This macro isn't available on stock RHEL6 so provide a backcompat
> definition
>
>
On Thu, Sep 14, 2017 at 05:43:06PM -0400, Cole Robinson wrote:
> From: Ville Skyttä
>
> Owning all created directories is a requirement of the Fedora
> packaging guidelines
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1483293
> Signed-off-by: Cole Robinson
Hi,
QEMU live patching should be just a matter of updating the QEMU RPM package
and then live migrating the VMs to another QEMU instance on the same host
(which would point to the just installed new QEMU executable).
I think it will be useful to support it from libvirt side. After some
searching
Signed-off-by: zhenwei.pi
---
domain.go | 36
domain_test.go | 44
2 files changed, 80 insertions(+)
diff --git a/domain.go b/domain.go
index bead49a..1bcc9cc 100644
---
41 matches
Mail list logo