On 2013年03月21日 19:53, Paolo Bonzini wrote:
> Signed-off-by: Paolo Bonzini<pbonzini@xxxxxxxxxx>
> ---
> docs/formatdomain.html.in | 12 ++++----
> docs/schemas/domaincommon.rng | 1 +
> src/conf/domain_conf.c | 33 ++++++++++++++++------
> .../qemuxml2argv-disk-drive-network-iscsi-auth.xml | 31 ++++++++++++++++++++
> tests/qemuxml2xmltest.c | 1 +
> 5 files changed, 64 insertions(+), 14 deletions(-)
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth.xml
>
> diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
> index fd33818..c2cf75f 100644
> --- a/docs/formatdomain.html.in
> +++ b/docs/formatdomain.html.in
> @@ -1768,12 +1768,12 @@
> holds the actual password or other credentials (the domain XML
> intentionally does not expose the password, only the reference
> to the object that does manage the password). For now, the
> - only known secret<code>type</code> is "ceph", for Ceph RBD
> - network sources, and requires either an
> - attribute<code>uuid</code> with the UUID of the Ceph secret
> - object, or an attribute<code>usage</code> with the name
> - associated with the Ceph secret
> - object.<span class="since">libvirt 0.9.7</span>
> + known secret<code>type</code>s are "ceph", for Ceph RBD
> + network sources, and "iscsi", for CHAP authentication of iSCSI
> + targets. Both require either a<code>uuid</code> attribute
> + with the UUID of the secret object, or a<code>usage</code>
> + attribute matching the key that was specified in the
> + secret object.<span class="since">libvirt 0.9.7</span>
> </dd>
> <dt><code>geometry</code></dt>
> <dd>The optional<code>geometry</code> element provides the
> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
> index 4da65f8..fae5c0d 100644
> --- a/docs/schemas/domaincommon.rng
> +++ b/docs/schemas/domaincommon.rng
> @@ -3642,6 +3642,7 @@
> <attribute name='type'>
> <choice>
> <value>ceph</value>
> +<value>iscsi</value>
> </choice>
> </attribute>
> <choice>
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index 8f76e8e..159a23d 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -3992,6 +3992,8 @@ virDomainDiskDefParseXML(virCapsPtr caps,
> char *wwn = NULL;
> char *vendor = NULL;
> char *product = NULL;
> + int expected_secret_usage = -1;
> + int auth_secret_usage = -1;
>
> if (VIR_ALLOC(def)< 0) {
> virReportOOMError();
> @@ -4029,7 +4031,6 @@ virDomainDiskDefParseXML(virCapsPtr caps,
> if (cur->type == XML_ELEMENT_NODE) {
> if (!source&& !hosts&&
> xmlStrEqual(cur->name, BAD_CAST "source")) {
> -
> sourceNode = cur;
>
> switch (def->type) {
> @@ -4057,6 +4058,11 @@ virDomainDiskDefParseXML(virCapsPtr caps,
> protocol);
> goto error;
> }
> + if (def->protocol == VIR_DOMAIN_DISK_PROTOCOL_ISCSI) {
> + expected_secret_usage = VIR_SECRET_USAGE_TYPE_ISCSI;
> + } else if (def->protocol == VIR_DOMAIN_DISK_PROTOCOL_RBD) {
> + expected_secret_usage = VIR_SECRET_USAGE_TYPE_CEPH;
> + }
> if (!(source = virXMLPropString(cur, "name"))&&
> def->protocol != VIR_DOMAIN_DISK_PROTOCOL_NBD) {
> virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
> @@ -4242,8 +4248,9 @@ virDomainDiskDefParseXML(virCapsPtr caps,
> _("missing type for secret"));
> goto error;
> }
> - if (virSecretUsageTypeTypeFromString(usageType) !=
> - VIR_SECRET_USAGE_TYPE_CEPH) {
> + auth_secret_usage =
> + virSecretUsageTypeTypeFromString(usageType);
> + if (auth_secret_usage< 0) {
> virReportError(VIR_ERR_XML_ERROR,
> _("invalid secret type %s"),
> usageType);
> @@ -4393,6 +4400,13 @@ virDomainDiskDefParseXML(virCapsPtr caps,
> cur = cur->next;
> }
>
> + if (auth_secret_usage != -1&& auth_secret_usage != expected_secret_usage) {
> + virReportError(VIR_ERR_INTERNAL_ERROR,
> + _("invalid secret type '%s'"),
> + virSecretUsageTypeTypeToString(auth_secret_usage));
> + goto error;
> + }
> +
> device = virXMLPropString(node, "device");
> if (device) {
> if ((def->device = virDomainDiskDeviceTypeFromString(device))< 0) {
> @@ -12787,15 +12801,18 @@ virDomainDiskDefFormat(virBufferPtr buf,
> if (def->auth.username) {
> virBufferEscapeString(buf, "<auth username='%s'>\n",
> def->auth.username);
> + if (def->protocol == VIR_DOMAIN_DISK_PROTOCOL_ISCSI) {
> + virBufferAsprintf(buf, "<secret type='iscsi'");
> + } else if (def->protocol == VIR_DOMAIN_DISK_PROTOCOL_RBD) {
> + virBufferAsprintf(buf, "<secret type='ceph'");
> + }
> +
> if (def->auth.secretType == VIR_DOMAIN_DISK_SECRET_TYPE_UUID) {
> virUUIDFormat(def->auth.secret.uuid, uuidstr);
> - virBufferAsprintf(buf,
> - "<secret type='ceph' uuid='%s'/>\n",
> - uuidstr);
> + virBufferAsprintf(buf, " uuid='%s'/>\n", uuidstr);
> }
> if (def->auth.secretType == VIR_DOMAIN_DISK_SECRET_TYPE_USAGE) {
> - virBufferEscapeString(buf,
> - "<secret type='ceph' usage='%s'/>\n",
> + virBufferEscapeString(buf, " usage='%s'/>\n",
> def->auth.secret.usage);
> }
> virBufferAddLit(buf, "</auth>\n");
> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth.xml
> new file mode 100644
> index 0000000..acaa503
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth.xml
> @@ -0,0 +1,31 @@
> +<domain type='qemu'>
> +<name>QEMUGuest1</name>
> +<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
> +<memory unit='KiB'>219136</memory>
> +<currentMemory unit='KiB'>219136</currentMemory>
> +<vcpu placement='static'>1</vcpu>
> +<os>
> +<type arch='i686' machine='pc'>hvm</type>
> +<boot dev='hd'/>
> +</os>
> +<clock offset='utc'/>
> +<on_poweroff>destroy</on_poweroff>
> +<on_reboot>restart</on_reboot>
> +<on_crash>destroy</on_crash>
> +<devices>
> +<emulator>/usr/bin/qemu</emulator>
> +<disk type='network' device='disk'>
> +<driver name='qemu' type='raw'/>
> +<auth username='myname'>
> +<secret type='iscsi' usage='mycluster_myname'/>
> +</auth>
> +<source protocol='iscsi' name='iqn.1992-01.com.example'>
> +<host name='example.org'/>
> +</source>
> +<target dev='vda' bus='virtio'/>
> +</disk>
> +<controller type='usb' index='0'/>
> +<controller type='ide' index='0'/>
> +<memballoon model='virtio'/>
> +</devices>
> +</domain>
> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
> index 41613ea..899414d 100644
> --- a/tests/qemuxml2xmltest.c
> +++ b/tests/qemuxml2xmltest.c
> @@ -175,6 +175,7 @@ mymain(void)
> DO_TEST("disk-drive-network-nbd-ipv6-export");
> DO_TEST("disk-drive-network-nbd-unix");
> DO_TEST("disk-drive-network-iscsi");
> + DO_TEST("disk-drive-network-iscsi-auth");
> DO_TEST("disk-scsi-device");
> DO_TEST("disk-scsi-vscsi");
> DO_TEST("disk-scsi-virtio-scsi");
ACK
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list