Bug 1260689 - RFE: V2V to check and warn user to disable group policy and anti virus on Windows guests
Summary: RFE: V2V to check and warn user to disable group policy and anti virus on Win...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libguestfs
Version: 7.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Richard W.M. Jones
QA Contact: Virtualization Bugs
URL:
Whiteboard: V2V
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-09-07 12:59 UTC by Amnon Ilan
Modified: 2015-11-19 07:03 UTC (History)
8 users (show)

Fixed In Version: libguestfs-1.28.1-1.52.el7
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-11-19 07:03:45 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:2183 0 normal SHIPPED_LIVE libguestfs bug fix and enhancement update 2015-11-19 08:18:42 UTC

Description Amnon Ilan 2015-09-07 12:59:33 UTC 
Description of problem:

Previous cases showed that performing v2v on Windows guests that has 
Group Policy enabled or Anti Virus enabled, may lead to problems, such as 
the one here:
https://bugzilla.redhat.com/show_bug.cgi?id=1161333 

This hint was added to the docs, but in order to make sure new customers are 
not hitting the same issue we would like to a have v2v identifying such 
cases automatically and warn the user.



Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Richard W.M. Jones 2015-09-07 16:50:05 UTC 
Upstream commits:

https://github.com/libguestfs/libguestfs/commit/8f889f0c3e65908299d68376b79fbda4fceb2fbe
https://github.com/libguestfs/libguestfs/commit/8e28d6b18860f8ff4e02489317749a723fa145ab
Comment 2 zhoujunqin 2015-09-10 07:42:19 UTC 
Try to verify this bug with new build:
libvirt-1.2.17-8.el7.x86_64
libguestfs-1.28.1-1.52.el7.x86_64
virt-v2v-1.28.1-1.52.el7.x86_64
qemu-kvm-rhev-2.3.0-22.el7.x86_64

Steps:
1. Prepare a win2008R2 guest with McAfee AV and GPO installed:

# virt-inspector kvm-win2008r2-x86_64-qcow2 
<?xml version="1.0"?>
<operatingsystems>
  <operatingsystem>
    <root>/dev/sda2</root>
    <name>windows</name>
    <arch>x86_64</arch>
    <distro>windows</distro>
    <product_name>Windows Server 2008 R2 Standard</product_name>
    <product_variant>Server</product_variant>
    <major_version>6</major_version>
    <minor_version>1</minor_version>
    <windows_systemroot>/Windows</windows_systemroot>
    <windows_current_control_set>ControlSet001</windows_current_control_set>
    <hostname>WIN-F6VN95AJB9S</hostname>
    <format>installed</format>
    <mountpoints>
      <mountpoint dev="/dev/sda2">/</mountpoint>
    </mountpoints>
    <filesystems>
      <filesystem dev="/dev/sda2">
        <type>ntfs</type>
        <uuid>D0CCBC4CCCBC2F1A</uuid>
      </filesystem>
    </filesystems>
    <drive_mappings>
      <drive_mapping name="C">/dev/sda2</drive_mapping>
    </drive_mappings>
    <applications>
      <application>
        <name>McAfee Security Scan</name>-------------------------->installed
        <display_name>McAfee Security Scan Plus</display_name>
        <version>3.11.163.2</version>
        <publisher>McAfee, Inc.</publisher>
      </application>
    </applications>
  </operatingsystem>
</operatingsystems>

2. Use virt-v2v command convert this guest to rhevm target:

# virt-v2v -o rhev -os 10.66.90.115:/vol/v2v_auto/nfs_export  -n rhevm  kvm-win2008r2-x86_64-qcow2 -of raw -on win2008mac
[   0.0] Opening the source -i libvirt kvm-win2008r2-x86_64-qcow2
[   0.0] Creating an overlay to protect the source from being modified
[   0.0] Opening the overlay
[   2.0] Initializing the target -o rhev -os 10.66.90.115:/vol/v2v_auto/nfs_export
virt-v2v: warning: cannot write files to the NFS server as 36:36, even 
though we appear to be running as root. This probably means the NFS client 
or idmapd is not configured properly.

You will have to chown the files that virt-v2v creates after the run, 
otherwise RHEV-M will not be able to import the VM.
[   2.0] Inspecting the overlay
[   2.0] Checking for sufficient free disk space in the guest
[   2.0] Estimating space required on target for each disk
[   2.0] Converting Windows Server 2008 R2 Standard to run on KVM
virt-v2v: warning: this guest has Windows Group Policy Objects (GPO) and a 
new virtio block device driver was installed.  In some circumstances, Group 
Policy may prevent new drivers from working (resulting in a 7B boot error). 
 If this happens, try disabling Group Policy before doing the conversion.
virt-v2v: warning: this guest has Anti-Virus (AV) software and a new virtio 
block device driver was installed.  In some circumstances, AV may prevent 
new drivers from working (resulting in a 7B boot error).  If this happens, 
try disabling AV before doing the conversion.
virt-v2v: This guest has virtio drivers installed.
[   3.0] Mapping filesystem data to avoid copying unused and blank areas
[   4.0] Closing the overlay
[   4.0] Checking if the guest needs BIOS or UEFI to boot
[   4.0] Copying disk 1/1 to /tmp/v2v.qzJGJU/67f39ca5-5198-4da3-aad6-7d05451eee12/images/e2474585-64d8-4a73-b13e-78f66c57f779/ee3942eb-9a43-4626-846e-5e4b4da7bfa5 (raw)
    (100.00/100%)
[ 173.0] Creating output metadata
[ 173.0] Finishing off

Result now:
While converting, virt-v2v will detecting whether Group Policy or AV software installed on windows guest or not, if installed, will give user good warning message.

3.
And also testing convert such a guest from esx server to local kvm:
# virt-v2v  -ic vpx://root.72.112/data/10.66.72.49/?no_verify=1 bug1260689-win2008R2 -os default -of raw  --password-file /tmp/passwd2 
[   0.0] Opening the source -i libvirt -ic vpx://root.72.112/data/10.66.72.49/?no_verify=1 bug1260689-win2008R2
[   1.0] Creating an overlay to protect the source from being modified
[   1.0] Opening the overlay
[   9.0] Initializing the target -o libvirt -os default
[   9.0] Inspecting the overlay
[  55.0] Checking for sufficient free disk space in the guest
[  55.0] Estimating space required on target for each disk
[  55.0] Converting Windows Server 2008 R2 Standard to run on KVM
virt-v2v: warning: this guest has Windows Group Policy Objects (GPO) and a 
new virtio block device driver was installed.  In some circumstances, Group 
Policy may prevent new drivers from working (resulting in a 7B boot error). 
 If this happens, try disabling Group Policy before doing the conversion.
virt-v2v: warning: this guest has Anti-Virus (AV) software and a new virtio 
block device driver was installed.  In some circumstances, AV may prevent 
new drivers from working (resulting in a 7B boot error).  If this happens, 
try disabling AV before doing the conversion.
virt-v2v: This guest has virtio drivers installed.
[  64.0] Mapping filesystem data to avoid copying unused and blank areas
[  65.0] Closing the overlay
[  65.0] Checking if the guest needs BIOS or UEFI to boot
[  65.0] Copying disk 1/1 to /var/lib/libvirt/images/bug1260689-win2008R2-sda (raw)
    (100.00/100%)
[ 320.0] Creating output metadata
Pool default refreshed

Domain bug1260689-win2008R2 defined from /tmp/v2vlibvirt3f07fc.xml

[ 321.0] Finishing off

Result: virt-v2v show good warning and after conversion i can boot up guest.

so move this bug from MODIFIED to VERIFIED.
Comment 4 errata-xmlrpc 2015-11-19 07:03:45 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2183.html
Note You need to log in before you can comment on or make changes to this bug.