Users

Download

users@lists.libvirt.org

August 2020

35 participants
32 discussions

Xend and libvirt
by David K. Kahurani 03 Aug '20

03 Aug '20

Hello On a probably a few days old build of libvirt, it is not possible to connect to my local system. The command used is: $virsh -c xen:///system The errors can be seen from libvirtd logs[1] an interesting part being: " Aug 01 16:30:13 metal libvirtd[1680]: Failed to connect socket to '/var/run/libvirt/virtxend-sock':> Aug 01 16:30:13 metal libvirtd[1680]: End of file while reading data: Input/output error " >From the log, libxl driver is trying to connect to a socket which is tagged xend. My host is running Xen 5.1+ release from which Xend has been removed. Xend was removed from Xen in 4.5+ release, at least according to the docs[2] "xl was introduced in the Xen 4.1 release, however xend remained the default. At the time of the Xen 4.2 release, xend was declared deprecated and xl became the default toolstack. xend has finally been removed from the Xen 4.5 release" Any ideas would be much appreciated! Sincerely, David 1. https://termbin.com/l1br 2. https://wiki.xen.org/wiki/XL

3 4

Cannot pass secret id for backing file after taking external snapshot on encrypted qcow2 file
by yaohua.wu＠zstack.io 03 Aug '20

03 Aug '20

Hi， I used 'virsh snapshot-create' create an encrypted external snapshot, when I try to use 'qemu-img check' top file, found no entrance to pass backing-file's secret-id 1、Version centos-release-8.2-2.2004.0.1.el8.x86_64 libvirt.x86_64 6.0.0-17.el8 qemu-kvm.x86_64 15:4.2.0-19.el82、Reproduce Steps 1)Create an encrypted qcow2 qemu-img create --object secret,id=sec0,data=123456 -f qcow2 -o encrypt.format=luks,encrypt.key-secret=sec0 first.qcow2 1G 2)Create external snapshot with 'encrypted' xml # cat snap.xml <domainsnapshot> <disks> <disk name='hdc' snapshot='no'/> <disk name='vdb' snapshot='external'> <source file='/root/first-snapshot.qcow2'> <encryption format='luks'> <secret type='passphrase' uuid='f52a81b2-424e-490c-823d-6bd4235bc572'/> </encryption> </source> </disk> </disks> </domainsnapshot> # virsh dumpxml test-vm | awk '/<disk/,/<\/disk/' <disk type='file' device='disk'> <driver name='qemu' type='qcow2'/> <source file='/root/first-snapshot.qcow2' index='5'/> <backingStore type='file' index='2'> <format type='qcow2'/> <source file='/root/first.qcow2'> <encryption format='luks'> <secret type='passphrase' uuid='f981dd17-143f-45bc-88e6-222222222222'/> </encryption> </source> <backingStore/> </backingStore> <target dev='vdb' bus='virtio'/> <encryption format='luks'> <secret type='passphrase' uuid='f52a81b2-424e-490c-823d-6bd4235bc572'/> </encryption> <alias name='virtio-disk1'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x0a' function='0x0'/> </disk> 3)try to qemu-img check top qcow2 file Note: The secid of the backing file is not recorded, so when I use qemu-img check/etc.. how to pass the secret to qemu of backing files # qemu-img info -U first-snapshot.qcow2 image: first-snapshot.qcow2 file format: qcow2 virtual size: 1 GiB (1073741824 bytes) disk size: 544 KiB encrypted: yes cluster_size: 65536 backing file: /root/first.qcow2 ### backing file: json:{"encrypt.format": "luks", "encrypt.key-secret": "secrete-id"} backing file format: luks Format specific information: compat: 1.1 lazy refcounts: false refcount bits: 16 encrypt: ivgen alg: plain64 hash alg: sha256 cipher alg: aes-256 uuid: e4158089-26e4-433f-990e-1d1d0723feee format: luks cipher mode: xts slots: [0]: active: true iters: 1257888 key offset: 4096 stripes: 4000 [1]: active: false key offset: 262144 [2]: active: false key offset: 520192 [3]: active: false key offset: 778240 [4]: active: false key offset: 1036288 [5]: active: false key offset: 1294336 [6]: active: false key offset: 1552384 [7]: active: false key offset: 1810432 payload offset: 2068480 master key iters: 300073 corrupt: false # qemu-img check -U --object secret,id=sec_1,file=/etc/libvirt/secrets/f52a81b2-424e-490c-823d-6bd4235bc572.base64,format=base64 --image-opts encrypt.format=luks,encrypt.key-secret=sec_1,file.filename=first-snapshot.qcow2 --object secret,id=sec_2,file=/etc/libvirt/secrets/f981dd17-143f-45bc-88e6-222222222222.base64,format=base64 qemu-img: Could not open 'encrypt.format=luks,encrypt.key-secret=sec_1,file.filename=first-snapshot.qcow2': Could not open backing file: Parameter 'key-secret' is required for cipher yaohua.wu(a)zstack.io

2 1