It seems resolved https://bugzilla.redhat.com/show_bug.cgi?id=1596511 . If so, please add this link in commit msg.

On Mon, Jul 9, 2018 at 10:12 PM, Peter Krempa <pkrempa@redhat.com> wrote:
To allow using -blockdev with RBD we need to support the recently added
RBD authentication.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
I must say that it looks quite fishy that we use also the "none" method
as acceptable but we've done so for a very long time.

 src/qemu/qemu_block.c                              | 26 +++++++++++++++++++++-
 .../network-qcow2-backing-chain-cache-unsafe.json  |  5 +++++
 ...etwork-qcow2-backing-chain-encryption_auth.json |  5 +++++
 3 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index 0ebf2d2aff..7ad79c7e7d 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -906,13 +906,33 @@ qemuBlockStorageSourceGetRBDProps(virStorageSourcePtr src)
     virJSONValuePtr servers = NULL;
     virJSONValuePtr ret = NULL;
     const char *username = NULL;
+    virJSONValuePtr authmodes = NULL;
+    virJSONValuePtr mode = NULL;
+    const char *keysecret = NULL;

     if (src->nhosts > 0 &&
         !(servers = qemuBlockStorageSourceBuildHostsJSONInetSocketAddress(src)))
         return NULL;

-    if (src->auth)
+    if (src->auth) {
         username = srcPriv->secinfo->s.aes.username;
+        keysecret = srcPriv->secinfo->s.aes.alias;
+        /* the auth modes are modelled after our old command line generator */
+        if (!(authmodes = virJSONValueNewArray()))
+            goto cleanup;
+
+        if (!(mode = virJSONValueNewString("cephx")) ||
+            virJSONValueArrayAppend(authmodes, mode) < 0)
+            goto cleanup;
+
+        mode = NULL;
+
+        if (!(mode = virJSONValueNewString("none")) ||
+            virJSONValueArrayAppend(authmodes, mode) < 0)
+            goto cleanup;
+
+        mode = NULL;
+    }

     if (virJSONValueObjectCreate(&ret,
                                  "s:driver", "rbd",
@@ -922,10 +942,14 @@ qemuBlockStorageSourceGetRBDProps(virStorageSourcePtr src)
                                  "S:conf", src->configFile,
                                  "A:server", &servers,
                                  "S:user", username,
+                                 "A:auth-client-required", &authmodes,
+                                 "S:key-secret", keysecret,
                                  NULL) < 0)
         goto cleanup;

  cleanup:
+    virJSONValueFree(authmodes);
+    virJSONValueFree(mode);
     virJSONValueFree(servers);
     return ret;
 }
diff --git a/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-cache-unsafe.json b/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-cache-unsafe.json
index 80a694eee4..e66f62d24b 100644
--- a/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-cache-unsafe.json
+++ b/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-cache-unsafe.json
@@ -24,6 +24,11 @@
     }
   ],
   "user": "testuser-rbd",
+  "auth-client-required": [
+    "cephx",
+    "none"
+  ],
+  "key-secret": "node-a-s-secalias",
   "node-name": "node-a-s",
   "cache": {
     "direct": false,
diff --git a/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-encryption_auth.json b/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-encryption_auth.json
index fdb6f2ab1a..921cb3ea69 100644
--- a/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-encryption_auth.json
+++ b/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-encryption_auth.json
@@ -24,6 +24,11 @@
     }
   ],
   "user": "testuser-rbd",
+  "auth-client-required": [
+    "cephx",
+    "none"
+  ],
+  "key-secret": "node-a-s-secalias",
   "node-name": "node-a-s",
   "read-only": false,
   "discard": "unmap"
--
2.16.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list



--
Best regards,
-----------------------------------
Han Han
Quality Engineer
Redhat.

Email: hhan@redhat.com
Phone: +861065339333