Bug 676984
| Summary: | Failed to create encryption volume as /usr/bin/qemu-img argument is changed | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | zhanghaiyan <yoyzhang> | |
| Component: | libvirt | Assignee: | Osier Yang <jyang> | |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | medium | |||
| Version: | 6.1 | CC: | berrange, dallan, dyuan, eblake, kwolf, llim, mjenner, mkenneth, tburke, virt-maint, xen-maint | |
| Target Milestone: | rc | Keywords: | Regression, Triaged | |
| Target Release: | --- | |||
| Hardware: | x86_64 | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | libvirt-0.8.7-11.el6 | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 711151 (view as bug list) | Environment: | ||
| Last Closed: | 2011-05-19 13:27:10 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 711151 | |||
Deprecation of a feature implies that there is merely a warning & a transition period for code where it can use the old or the new feature. The QEMU change appears to have added the warning & immediately disabled the old feature. This is not the way we should have done things in a RHEL-6.1 update. IMHO this qemu-img changed needs to be reverted, and/or make the warning non-fatal. The problem appears to come from
kvm-qemu-img-Deprecate-obsolete-6-and-e-options.patch
which contains:
case 'e':
- flags |= BLOCK_FLAG_ENCRYPT;
- break;
+ error("qemu-img: option -e is deprecated, please use \'-o "
+ "encryption\' instead!");
+ return 1;
case '6':
- flags |= BLOCK_FLAG_COMPAT6;
- break;
+ error("qemu-img: option -6 is deprecated, please use \'-o "
+ "compat6\' instead!");
+ return 1;
Raising a fatal error is not 'deprecation', it is straight feature breakage.
Not sure how hard it would be to reintroduce these options in RHEL 6. I think Jes removed them for a reason. Anyway, these options have been deprecated for a year and a half. Obviously, deprecation doesn't really help as people only change their calls when things start to actually break. In this case we had absolutely no idea that these were deprecated, since they have never given any visible indication that they were deprecated (ie no warning message upon use). Only printing out a deprecation warning after the functionality has been removed doesn't help people transition until it is too late. Well the -e and -6 options have not been documented for ages, they were not shown by qemu-img help, nor the man-page. This is a libvirt bug. libvirt should not rely on non documented options when perfectly well supported and documented ones exist. Please fix libvirt to Use -oencryption=on as described in the man-page. Merely removing docs from the man page does not given people indication that something is deprecated - we can't be expected to constantly check the manpage to see if something has silently disappeared. Regardless we should not be breaking this kind of thing in a RHEL update. This is a regression from 6.0 for any user of qemu-img including libvirt. per irc discussion, changing back to libvirt. libvirt has been using undocumented command line options, instead of the recommended ones. Upstream no longer support the undocumented options, and whether we add a hack to RHEL6.1 qemu or not, libvirt still needs to be fixed to use the correct options to work with upstream. The fix to libvirt is simple, it needs to not emit -e, but instead -o encryption=on - note that this is backwards compatible for all versions of RHEL6 anyway, and probably RHEL5 as well. We have two options: 1) We add and need to maintain a hack patch for QEMU, plus libvirt needs to be fixed to match the future 2) We make the simple change to libvirt that works with upstream, and RHEL6.1 This could be called a regression for command line users, but frankly there is a workaround, they simply specify the correct command line option. In other words, this really doesn't justify being called a regression. Jes http://post-office.corp.redhat.com/archives/rhvirt-patches/2011-March/msg00179.html patch posted internally. move to POST. Verified PASS with libvirt-0.8.7-11.el6.x86_64
- kernel-2.6.32-120.el6.x86_64
- qemu-kvm-0.12.1.2-2.150.el6.x86_64
The same test steps in Description and could get the expected result
5. # virsh vol-create VirtualMachines demo-disk.xml
Vol demo.qcow2 created from demo-disk.xml
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0596.html This patch introduced a regression when paired with a qemu-img that uses -o options instead of -F fmt, due to an inadvertent deleted break statement. https://bugzilla.redhat.com/show_bug.cgi?id=711151 |
Description of problem: Failed to create encryption volume as /usr/bin/qemu-img argument is changed Version-Release number of selected component (if applicable): - kernel-2.6.32-113.el6.x86_64 - libvirt-0.8.7-6.el6.x86_64 - qemu-kvm-0.12.1.2-2.144.el6.x86_64 How reproducible: 2/2 Steps to Reproduce: 1. Define a secret with an XML document. # cat demo-secret.xml <secret ephemeral='no' private='no'> <uuid>0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f</uuid> <usage type='volume'> <volume>/var/lib/libvirt/images/demo.qcow2</volume> </usage> </secret> # virsh secret-define demo-secret.xml Secret 0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f created 2. Set the value of the secret. # MYSECRET=`echo "open seseme" | base64` # virsh secret-set-value 0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f $MYSECRET Secret value set 3. Define and active a pool with the following XML. # cat demo-pool.xml <pool type='dir'> <name>VirtualMachines</name> <source> </source> <target> <path>/var/lib/libvirt/images</path> </target> </pool> # virsh pool-define demo-pool.xml Pool VirtualMachines defined from demo-pool.xml # virsh pool-start VirtualMachines Pool VirtualMachines started 4. To create an encrypted volume within this pool with the follwing XML. # cat demo-disk.xml <volume> <name>demo.qcow2</name> <capacity>5368709120</capacity> <target> <format type='qcow2'/> <encryption format='qcow'> <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/> </encryption> </target> </volume> 5. # virsh vol-create VirtualMachines demo-disk.xml Vol demo.qcow2 created from demo-disk.xml Actual results: # virsh vol-create VirtualMachines demo-disk.xml error: Failed to create vol from demo-disk.xml error: Cannot run /usr/bin/qemu-img to create /var/lib/libvirt/images/demo.qcow2: Invalid argument Expected results: as before, # virsh vol-create VirtualMachines demo-disk.xml Vol demo.qcow2 created from demo-disk.xml IMMO, vol-create should update code as /usr/bin/qemu-img code is changed. Additional info: Check /var/log/libvirtd.log 11:36:27.964: 28403: debug : virRunWithHook:824 : /usr/bin/qemu-img create -f qcow2 /var/lib/libvirt/images/demo.qcow2 5242880K -e 11:36:27.968: 28403: debug : virRunWithHook:842 : Command stderr: qemu-img: qemu-img: option -e is deprecated, please use '-o encryption' instead! 11:36:27.968: 28403: debug : virRunWithHook:861 : internal error '/usr/bin/qemu-img create -f qcow2 /var/lib/libvirt/images/demo.qcow2 5242880K -e' exited with non-zero status 1 and signal 0: qemu-img: qemu-img: option -e is deprecated, please use '-o encryption' instead! 11:36:27.968: 28403: debug : virStorageBackendCreateExecCommand:539 : Cannot run /usr/bin/qemu-img to create /var/lib/libvirt/images/demo.qcow2: Invalid argument