The new virDomainReloadTlsCertificates API is used to notify domain reload
its certificates without restart, and avoid service interruption.
Currently, only QEMU VNC TLS certificates are supported, but parameters and
flags are also reserved for subsequent scenarios.
Take reload QEMU VNC TLS certificates as an example, we can call:
virDomainReloadTlsCertificates(domain,
VIR_DOMAIN_TLS_CERT_GRAPHICS_VNC,
NULL, 0, 0);
Then the specified QMP message would be send to QEMU:
{"execute": "display-reload", "arguments":{"type": "vnc", "tls-certs": true}}
Refers:
https://gitlab.com/qemu-project/qemu/-/commit/9cc07651655ee86eca41059f5ead8c4e5607c734
This is v3 patch, thanks for Han Han and Michal previous review.
Zheng Yan (4):
qemu_capabilities: Add QEMU_CAPS_DISPLAY_RELOAD
qemu: add new driver API for reload TLS certs
libvirt: Introduce virDomainReloadTlsCertificates API
virsh: Introduce domreload-certs sub command
docs/manpages/virsh.rst | 15 +++++
include/libvirt/libvirt-domain.h | 20 ++++++
src/driver-hypervisor.h | 8 +++
src/libvirt-domain.c | 57 +++++++++++++++++
src/libvirt_public.syms | 5 ++
src/qemu/qemu_capabilities.c | 2 +
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_driver.c | 40 ++++++++++++
src/qemu/qemu_hotplug.c | 17 ++++++
src/qemu/qemu_hotplug.h | 4 ++
src/qemu/qemu_monitor.c | 27 ++++++++
src/qemu/qemu_monitor.h | 3 +
src/qemu/qemu_monitor_json.c | 27 ++++++++
src/qemu/qemu_monitor_json.h | 4 ++
src/remote/remote_driver.c | 1 +
src/remote/remote_protocol.x | 15 ++++-
src/remote_protocol-structs | 10 +++
.../caps_6.0.0.x86_64.xml | 1 +
tools/virsh-domain.c | 61 +++++++++++++++++++
19 files changed, 317 insertions(+), 1 deletion(-)
--
2.25.1
