On Thu, Jan 09, 2020 at 05:22:39PM +0100, Michal Privoznik wrote: > On 1/9/20 2:15 PM, Daniel P. Berrangé wrote: > > On Wed, Jan 08, 2020 at 05:30:23PM +0100, Michal Privoznik wrote: > > > On 12/20/19 3:16 PM, Daniel P. Berrangé wrote: > > > > > > > > > > Hm.. maybe I'm doing something wrong, but the following doesn't work for me. > > > Note, "fedora" is a VM with two disks: > > > > > > <disk type='file' device='disk'> > > > <driver name='qemu' type='qcow2' discard='unmap'/> > > > <source file='/var/lib/libvirt/images/fedora.qcow2'/> > > > <target dev='sda' bus='scsi'/> > > > <boot order='1'/> > > > <address type='drive' controller='0' bus='0' target='0' unit='0'/> > > > </disk> > > > <disk type='network' device='disk'> > > > <driver name='qemu' type='raw'/> > > > <source protocol='iscsi' > > > name='iqn.2017-03.com.mprivozn:server-lun-0/0'> > > > <host name='iscsi-server.example.com' port='3260'/> > > > <initiator> > > > <iqn name='iqn.2017-03.com.mprivozn:client'/> > > > </initiator> > > > <auth username='mprivozn'> > > > <secret type='iscsi' usage='iscsi-secret-pool'/> > > > </auth> > > > </source> > > > <target dev='vda' bus='virtio'/> > > > <address type='pci' domain='0x0000' bus='0x00' slot='0x03' > > > function='0x0'/> > > > </disk> > > > > > > > > > libvirt.git/_build # ./tools/virsh -c qemu:///embed?root=/tmp/embed/ > > > Welcome to virsh, the virtualization interactive terminal. > > > > > > Type: 'help' for help with commands > > > 'quit' to quit > > > > > > virsh # list --all > > > Id Name State > > > ------------------------- > > > - fedora shut off > > > > > > virsh # connect secret:///embed?root=/tmp/embed > > > > Ok, you're opening the secret driver in embedded mode > > > > If you *also* open the QEMU driver now, it will use > > this embedded secret driver directly. > > > > > > > > virsh # secret-list > > > UUID Usage > > > ----------------------------------------------------------------- > > > 4cf62bac-6a9f-4b9a-ba33-8c4d96b0e2e4 iscsi iscsi-secret-pool > > > > I guess you created the XML file for this secrete previously ? > > > > > > > virsh # connect qemu:///embed?root=/tmp/embed > > > > Note that this now *closes* the existing connection, so the > > embeded secret driver is now closed, and QEMU will speak to > > libvirtd (or virtsecretd) for secrets now. > > > > Basically virsh is not a suitable tool for using the > > drivers in embedded mode since it is only capable of > > opening a single driver connection at a time. > > > > > virsh # start fedora > > > 2020-01-08 15:37:57.294+0000: 44566: info : libvirt version: 6.0.0 > > > 2020-01-08 15:37:57.294+0000: 44566: info : hostname: moe > > > 2020-01-08 15:37:57.294+0000: 44566: warning : qemuDomainDefValidate:5835 : > > > CPU topology doesn't match numa CPU count; partial NUMA mapping is obsoleted > > > and will be removed in future > > > error: Failed to start domain fedora > > > error: internal error: URI must be secret:///embed > > > > Oh, that's odd - it seems to be trying to access the embedded > > secret driver but failing a URI sanity check. This is probably > > a result of you previously opening & then closing the embedded > > secret driver. This is not really a supported use case anyway. > > > Okay, since your program works, you have my: > > Reviewed-by: Michal Privoznik <mprivozn@xxxxxxxxxx> > > for the series. However, as I suggested on the list, we should tell users > explicitly that this feature is still under development and we may not be > able to guarantee full backwards compatibility. May be worth putting > somewhere into news.xml ;-) The docs in the QEMU patch do mention twice that this is experimental Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
