Re: [libvirt] [PATCH v2 8/8] qemu: Utilize qemu secret objects for SCSI/RBD auth/secret

> qemuBuildiSCSICommandLine: (private) > Required for iSCSI since qemu only processes the "user=" and > "password-secret=" options for an "-iscsi" entry. At some point > in a future release, qemu may support those options on the -drive > command line for iscsi devices. The one caveat to this code is > rather than provide an 'id=' field for the -iscsi command, use > the "initiator-name=" argument since it doesn't have the same > restrictions regarding characters. The initiator-name is described > as taking an IQN, which is the path argument. I'm not actually convinced this is doing what you think it is. AFAICT from reading the QEMU code, the only way to associated the -drive and -iscsi options is via the 'id' parameter of the -iscsi arg matching the IQN of the -drive option. The 'initiator-name' does not appear to have any effect on handling. If 'id' doesn't match, then QEMU just always falls back to finding the first -iscsi arg. So IIUC with your patch here all -drive options are just going to use the first -iscsi arg, which will be wrong when we are connecting to several different iscsi servers. I'm not really seeing any viable way to deal with this problem, so I think we might need to wait for QEMU 2.7 before we can use secrets with iSCSI :-(