Bug 957294

Summary: support username/password for iSCSI pools
Product: Red Hat Enterprise Linux 7 Reporter: Paolo Bonzini <pbonzini>
Component: libvirtAssignee: John Ferlan <jferlan>
Status: CLOSED CURRENTRELEASE QA Contact: Virtualization Bugs <virt-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.0CC: acathrow, cwei, dallan, dyuan, jferlan, mzhan
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libvirt-1.1.1-1.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1059006 (view as bug list) Environment:
Last Closed: 2014-06-13 11:56:22 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 957295, 1058598    
Bug Blocks: 1059006    

Description Paolo Bonzini 2013-04-26 21:59:16 UTC 
iSCSI pools should support username/password authentication using the secret API:

      <pool type="iscsi">
        <name>virtimages</name>
        <source>
          <host name="iscsi.example.com"/>
          <device path="demo-target"/>
          <auth type='chap' login='myname'>
            <secret type='iscsi' usage='mycluster_myname'/>
          </auth>
        </source>
        <target>
          <path>/dev/disk/by-path</path>
        </target>
      </pool>

Right now, the password must be given in clear in the XML, but this is not used (AIUI based on "git grep STORAGE_POOL_AUTH") by libvirt.
Comment 2 Osier Yang 2013-05-28 07:01:46 UTC 
Patches posted upstream:

https://www.redhat.com/archives/libvir-list/2013-May/msg01879.html
Comment 3 John Ferlan 2013-07-09 20:12:22 UTC 
Reposted upstream with my review comments applied as well as some slight logic change to move the authentication check from the "startPool" to the "findPoolSources" within the storage_backend_iscsi.c:


https://www.redhat.com/archives/libvir-list/2013-July/msg00554.html
Comment 4 John Ferlan 2013-07-23 14:59:31 UTC 
Pushed the following change:

http://libvirt.org/git/?p=libvirt.git;a=commit;h=c2257d2ef90fd919aac7557ba02ce6fce8abfcab

which is the followup to the syntax side of the change:

http://libvirt.org/git/?p=libvirt.git;a=commit;h=41ac8184830df9901188f483057b4d4d2afc14f1

Still need to support authentication for autostarted pools
Comment 5 John Ferlan 2013-07-23 17:14:12 UTC 
Pushed the following change which will create a qemu connection in order to handle the need for a connection to the secret driver:

http://libvirt.org/git/?p=libvirt.git;a=commit;h=a873b496daad822ed01094f177c67c8f7fcccfd8

based on the following discussion:

https://www.redhat.com/archives/libvir-list/2013-July/msg01423.html


Moved the bug to post, although a mechanism to get a connection to the secret driver without qemu still needs to be devised.
Comment 6 John Ferlan 2013-07-26 13:58:40 UTC 
Just to be complete - the following patch is also necessary in order to get the auto start ordering problem solved:

http://libvirt.org/git/?p=libvirt.git;a=commit;h=cefb97fb815c81fc882da752f45effd23bcb9b4b

It made it in time to 1.1.1
Comment 11 Ludek Smid 2014-06-13 11:56:22 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.