1613265 – Virt-v2v can't convert rhel6 guest if swap partition isn't encrypted with root directory

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1613265 - Virt-v2v can't convert rhel6 guest if swap partition isn't encrypted with root directory

Summary: Virt-v2v can't convert rhel6 guest if swap partition isn't encrypted with roo...

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	libguestfs
Sub Component:
Version:	7.6
Hardware:	x86_64
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	pre-dev-freeze
Target Release:	---
Assignee:	Pino Toscano
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:	V2V
Depends On:
Blocks:	1658128
TreeView+	depends on / blocked

Reported:	2018-08-07 10:50 UTC by mxie@redhat.com
Modified:	2019-06-25 13:44 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	1658128 (view as bug list)
Environment:
Last Closed:	2019-06-25 13:44:25 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
rhel6-encrypted-v2v-1.38.2-10.log (73.42 KB, text/plain) 2018-08-07 10:50 UTC, mxie@redhat.com	no flags	Details
VMware-rhel6-encrypt.log (2.58 MB, text/plain) 2018-11-16 10:37 UTC, mxie@redhat.com	no flags	Details
View All

Description mxie@redhat.com 2018-08-07 10:50:01 UTC

Created attachment 1473952 [details]
rhel6-encrypted-v2v-1.38.2-10.log

Description of problem:
Virt-v2v can't convert rhel6 guest which has encrypted partitions

Version-Release number of selected component (if applicable):
virt-v2v-1.38.2-10.el7.x86_64
libguestfs-1.38.2-10.el7.x86_64
libvirt-4.5.0-6.el7.x86_64
qemu-kvm-rhev-2.12.0-9.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1.Prepare a rhel6 guest which has encrypted partitions on xen server
# lsblk
NAME                                                 MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
xvda                                                 202:0    0  5.9G  0 disk  
├─xvda1                                              202:1    0    1G  0 part  /boot
├─xvda2                                              202:2    0  3.9G  0 part  
│ └─luks-e4128e77-ac34-404a-8381-23999daf12fe (dm-0) 253:0    0  3.9G  0 crypt /
└─xvda3                                              202:3    0  975M  0 part  [SWAP]

2.Use virt-v2v to convert the guest but the conversion is failed, details pls refer to v2v log "rhel6-encrypted-v2v-1.38.2-10"
# virt-v2v -ic xen+ssh://root.3.21 Auto-xen-6.9-encrypted -of qcow2 --echo-keys
[   0.0] Opening the source -i libvirt -ic xen+ssh://root.3.21 Auto-xen-6.9-encrypted
[   0.6] Creating an overlay to protect the source from being modified
[   1.7] Initializing the target -o libvirt -os default
[   1.9] Opening the overlay
Enter key or passphrase ("/dev/sda2"): redhat123
[  23.7] Inspecting the overlay
virt-v2v: error: inspection could not detect the source guest (or physical
machine).

Assuming that you are running virt-v2v/virt-p2v on a source which is
supported (and not, for example, a blank disk), then this should not
happen.

No root device found in this operating system image.

If reporting bugs, run virt-v2v with debugging enabled and include the
complete output:

  virt-v2v -v -x [...]


Actual results:
As above description

Expected results:
Virt-v2v can convert rhel6 guest which has encrypted partitions because bug 1451665 - RFE: Virt-v2v can't convert the guest which has encrypted partition has been fixed on rhel7.5

Additional info:

Comment 3 Richard W.M. Jones 2018-08-07 12:30:57 UTC

Did this exact same image really work in RHEL 7.5?

It seems as if this has a peculiar encrypted layout which is a bit
unlike normal layouts (ie. normally we support LVM on LUKS only).

In any case the problem is that we're not checking the decrypted
LUKS partition (/dev/mapper/lukssda2) for filesystems.  This is
possibly a regression in the new inspection code.

Comment 4 Richard W.M. Jones 2018-08-07 12:32:43 UTC

Note that Listfs.list_filesystems isn't returning the /dev/mapper/luks*
device.  Did the old list_filesystems function before we reimplemented
in 1.38 ...?

Comment 8 Pino Toscano 2018-09-13 10:20:39 UTC

(In reply to Richard W.M. Jones from comment #3)
> Did this exact same image really work in RHEL 7.5?

According to my tests, libguestfs in RHEL 7.5 cannot inspect this image out-of-the-box, hence this is not a regression.

Comment 9 mxie@redhat.com 2018-11-16 10:37:03 UTC

Test the bug with latest packages:
virt-v2v-1.38.2-12.el7_6.1.x86_64
libguestfs-1.38.2-12.el7_6.1.x86_64
libvirt-4.5.0-10.el7_6.2.x86_64
qemu-kvm-rhev-2.12.0-19.el7_6.2.x86_64


Scenario1: convert a encrypted rhel6 guest from XEN by virt-v2v, the conversion is still failed (original guest work well on Xen server)

# virt-v2v -ic xen+ssh://root.3.21 Auto-xen-6.9-encrypted -of qcow2 --echo-keys
[   0.0] Opening the source -i libvirt -ic xen+ssh://root.3.21 Auto-xen-6.9-encrypted
[   0.6] Creating an overlay to protect the source from being modified
[   1.2] Initializing the target -o libvirt -os default
[   1.2] Opening the overlay
Enter key or passphrase ("/dev/sda2"): redhat123
[   8.4] Inspecting the overlay
virt-v2v: error: inspection could not detect the source guest (or physical 
machine).

Assuming that you are running virt-v2v/virt-p2v on a source which is 
supported (and not, for example, a blank disk), then this should not 
happen.

No root device found in this operating system image.

If reporting bugs, run virt-v2v with debugging enabled and include the 
complete output:

  virt-v2v -v -x [...]



Scenario2: convert a encrypted rhel6 guest from VMware by virt-v2v, the conversion is succeed

# virt-v2v -ic vpx://root.75.182/data/10.73.72.61?no_verify=1 -it vddk -io vddk-libdir=/home/vmware-vix-disklib-distrib -io  vddk-thumbprint=1E:22:D9:AF:A3:00:09:E7:F5:90:0E:C2:D7:19:CD:6F:90:E5:C8:BF esx6.0-rhel6.9-i386-encrypt --keys-from-stdin --password-file /tmp/passwd
[   0.0] Opening the source -i libvirt -ic vpx://root.75.182/data/10.73.72.61?no_verify=1 esx6.0-rhel6.9-i386-encrypt -it vddk  -io vddk-libdir=/home/vmware-vix-disklib-distrib -io vddk-thumbprint=1E:22:D9:AF:A3:00:09:E7:F5:90:0E:C2:D7:19:CD:6F:90:E5:C8:BF
[   1.8] Creating an overlay to protect the source from being modified
[   5.1] Initializing the target -o libvirt -os default
[   5.2] Opening the overlay
Enter key or passphrase ("/dev/sda2"): 
[  21.1] Inspecting the overlay
[  39.1] Checking for sufficient free disk space in the guest
[  39.1] Estimating space required on target for each disk
[  39.1] Converting Red Hat Enterprise Linux Server release 6.9 (Santiago) to run on KVM
virt-v2v: This guest has virtio drivers installed.
[ 124.6] Mapping filesystem data to avoid copying unused and blank areas
virt-v2v: warning: fstrim on guest filesystem /dev/VolGroup/lv_root failed. 
 Usually you can ignore this message.  To find out more read "Trimming" in 
virt-v2v(1).

Original message: fstrim: fstrim: /sysroot/: the discard operation is not 
supported
[ 124.7] Closing the overlay
[ 124.9] Checking if the guest needs BIOS or UEFI to boot
[ 124.9] Assigning disks to buses
[ 124.9] Copying disk 1/1 to /var/lib/libvirt/images/esx6.0-rhel6.9-i386-encrypt-sda (raw)
    (100.00/100%)
[ 391.4] Creating output metadata
Pool default refreshed

Domain esx6.0-rhel6.9-i386-encrypt defined from /tmp/v2vlibvirt87fcda.xml

[ 391.6] Finishing off

Additional info:
  Above scenarios have same result on rhel8


Hi rjones,

    Encrypted ways of rhel6 guests of Xen and VMware are same, but the results of conversion are different, could you please help to check the difference between these two scenarios？

Comment 10 mxie@redhat.com 2018-11-16 10:37:50 UTC

Created attachment 1506381 [details]
VMware-rhel6-encrypt.log

Comment 11 mxie@redhat.com 2018-12-11 10:12:02 UTC

After debugging, found v2v can't convert rhel6 guest which has below encrypted partitions (the guest of this bug has below partitions)
# lsblk
NAME                                                 MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
xvda                                                 202:0    0  5.9G  0 disk  
├─xvda1                                              202:1    0    1G  0 part  /boot
├─xvda2                                              202:2    0  3.9G  0 part  
│ └─luks-e4128e77-ac34-404a-8381-23999daf12fe (dm-0) 253:0    0  3.9G  0 crypt /
└─xvda3                                              202:3    0  975M  0 part  [SWAP]


But v2v can convert rhel6 guest which has below encrypted partitions (the guest of bug 1451665 has below partitions)
# lsblk 
NAME                          MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
sda                             8:0    0   10G  0 disk  
├─sda1                          8:1    0  500M  0 part  /boot
└─sda2                          8:2    0  9.5G  0 part  
  └─luks-666cae51-fbf3-453a-a32f-2c8141542012 (dm-0)
                              253:0    0  9.5G  0 crypt 
    ├─VolGroup-lv_root (dm-1) 253:1    0  8.5G  0 lvm   /
    └─VolGroup-lv_swap (dm-2) 253:2    0    1G  0 lvm   [SWAP]


So this bug is not a regression problem which is different with bug1451665

Comment 12 Jaroslav Suchanek 2019-06-25 13:44:25 UTC

This issue will be addressed in the next major release of RHEL.

Note You need to log in before you can comment on or make changes to this bug.