Bug 1411398
Summary: | libvirt no longer generates the cephx auth secret when hot plugging virtio-scsi devices | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Jaroslav Reznik <jreznik> |
Component: | libvirt | Assignee: | John Ferlan <jferlan> |
Status: | CLOSED ERRATA | QA Contact: | lijuan men <lmen> |
Severity: | urgent | Docs Contact: | |
Priority: | high | ||
Version: | 7.3 | CC: | adhingra, dyuan, jdenemar, jdillama, jferlan, j.michael.lowe, jsuchane, knoel, mschuppe, rbalakri, rhodain, skinjo, snagar, xuzhang |
Target Milestone: | rc | Keywords: | Regression, ZStream |
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | libvirt-2.0.0-10.el7_3.5 | Doc Type: | Bug Fix |
Doc Text: |
Cause: Missed code path to add secret for a virtio-scsi during alterations to support domain master secret for encrypted secret passing to qemu.
Consequence: Cannot hot plug a virtio-scsi device using cephx authentication.
Fix: Adjusted the algorithm to add the authentication object with the encrypted secret for qemu to parse.
Result: Capability restored to authenticate hotplug'd virtio-scsi device.
|
Story Points: | --- |
Clone Of: | 1406442 | Environment: | |
Last Closed: | 2017-03-02 17:30:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1406442 | ||
Bug Blocks: |
Description
Jaroslav Reznik
2017-01-09 15:47:59 UTC
verify the bug version: libvirt-2.0.0-10.el7_3.5.x86_64 qemu-kvm-rhev-2.6.0-28.el7_3.5.x86_64 kernel-3.10.0-514.12.1.el7.x86_64 steps: scenario 1: 1.prepare an auth enabled ceph environment 2.start a guest with the following xml: <disk type='file' device='disk'> <driver name='qemu' type='qcow2'/> <source file='/var/lib/libvirt/images/admin.qcow2'/> <target dev='sda' bus='scsi'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> ... *** <controller type='scsi' index='0' model='virtio-scsi'> *** <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/> </controller> ... 3.attach a device with the xml: # cat ceph-disk.xml <disk type='network' device='disk'> <driver name='qemu' type='raw' cache='none'/> <auth username='libvirt'> <secret type='ceph' usage='client.ceph'/> </auth> <source protocol='rbd' name='lmen/vol.img'> <host name='10.73.75.52'/> </source> <target dev='sdb' bus='scsi'/> </disk> # virsh attach-device admin ceph-disk.xml Device attached successfully # virsh domblklist admin Target Source ------------------------------------------------ sda /var/lib/libvirt/images/admin.qcow2 sdb lmen/vol.img 4.in the guest, the second disk can be found and used. scenario 2: 1.prepare an auth enabled ceph environment 2.start a guest with the following xml: <disk type='file' device='disk'> <driver name='qemu' type='qcow2'/> <source file='/var/lib/libvirt/images/admin.qcow2'/> <target dev='sda' bus='scsi'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> ... *** <controller type='scsi' index='0'> *** <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/> </controller> ... 3.attach a device with the xml: # cat ceph-disk.xml <disk type='network' device='disk'> <driver name='qemu' type='raw' cache='none'/> <auth username='libvirt'> <secret type='ceph' usage='client.ceph'/> </auth> <source protocol='rbd' name='lmen/vol.img'> <host name='10.73.75.52'/> </source> <target dev='sdb' bus='scsi'/> </disk> # virsh attach-device admin ceph-disk.xml Device attached successfully # virsh domblklist admin Target Source ------------------------------------------------ sda /var/lib/libvirt/images/admin.qcow2 sdb lmen/vol.img 4.in the guest, the second disk can be found and used. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2017-0397.html |