On Wed, Sep 27, 2017 at 11:45:55 -0400, John Ferlan wrote: > From: Ashish Mittal <Ashish.Mittal@xxxxxxxxxxx> > > Alter qemu command line generation in order to possibly add TLS for > a suitably configured domain. > > Sample TLS args generated by libvirt - > > -object tls-creds-x509,id=objvirtio-disk0_tls0,dir=/etc/pki/qemu,\ > endpoint=client,verify-peer=yes \ > -drive file.driver=vxhs,file.tls-creds=objvirtio-disk0_tls0,\ > file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc251,\ > file.server.type=tcp,file.server.host=192.168.0.1,\ > file.server.port=9999,format=raw,if=none,\ > id=drive-virtio-disk0,cache=none \ > -device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\ > id=virtio-disk0 > > Update the qemuxml2argvtest with a couple of examples. One for a > simple case and the other a bit more complex where multiple VxHS disks > are added where at least one uses a VxHS that doesn't require TLS > credentials and thus sets the domain disk source attribute "tls = 'no'". > > Update the hotplug to be able to handle processing the tlsAlias whether > it's to add the TLS object when hotplugging a disk or to remove the TLS > object when hot unplugging a disk. The hot plug/unplug code is largely > generic, but the addition code does make the VXHS specific checks only > because it needs to grab the correct config directory and generate the > object as the command line would do. ACK
Attachment:
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
