mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-10-05 22:05:47 +00:00
schema: add password configuration for ssh disk
Right now, ssh network disks are not usable. There is some basic support in libvirt that is meant to support disk chains that have backing disks located at ssh urls, but there is no real way for a user to configure a ssh-based disk. This commit allows users to configure an ssh disk with password authentication. Implementation will follow. <disk type='network'> <source protocol='ssh' ...> <auth username='myusername'> <secret type='iscsi' usage='secretname'/> </auth> </disk> Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This commit is contained in:
parent
40935b395c
commit
cf88b13090
@ -2784,7 +2784,7 @@ paravirtualized driver is specified via the ``disk`` element.
|
|||||||
``network``
|
``network``
|
||||||
The ``protocol`` attribute specifies the protocol to access to the
|
The ``protocol`` attribute specifies the protocol to access to the
|
||||||
requested image. Possible values are "nbd", "iscsi", "rbd", "sheepdog",
|
requested image. Possible values are "nbd", "iscsi", "rbd", "sheepdog",
|
||||||
"gluster", "vxhs", "nfs", "http", "https", "ftp", ftps", or "tftp".
|
"gluster", "vxhs", "nfs", "http", "https", "ftp", ftps", "tftp", or "ssh".
|
||||||
|
|
||||||
For any ``protocol`` other than ``nbd`` an additional attribute ``name``
|
For any ``protocol`` other than ``nbd`` an additional attribute ``name``
|
||||||
is mandatory to specify which volume/image will be used.
|
is mandatory to specify which volume/image will be used.
|
||||||
@ -2945,18 +2945,19 @@ paravirtualized driver is specified via the ``disk`` element.
|
|||||||
``auth``
|
``auth``
|
||||||
:since:`Since libvirt 3.9.0` , the ``auth`` element is supported for a
|
:since:`Since libvirt 3.9.0` , the ``auth`` element is supported for a
|
||||||
disk ``type`` "network" that is using a ``source`` element with the
|
disk ``type`` "network" that is using a ``source`` element with the
|
||||||
``protocol`` attributes "rbd" or "iscsi". If present, the ``auth`` element
|
``protocol`` attributes "rbd", "iscsi", or "ssh". If present, the
|
||||||
provides the authentication credentials needed to access the source. It
|
``auth`` element provides the authentication credentials needed to access
|
||||||
includes a mandatory attribute ``username``, which identifies the username
|
the source. It includes a mandatory attribute ``username``, which
|
||||||
to use during authentication, as well as a sub-element ``secret`` with
|
identifies the username to use during authentication, as well as a
|
||||||
mandatory attribute ``type``, to tie back to a `libvirt secret
|
sub-element ``secret`` with mandatory attribute ``type``, to tie back to
|
||||||
object <formatsecret.html>`__ that holds the actual password or other
|
a `libvirt secret object <formatsecret.html>`__ that holds the actual
|
||||||
credentials (the domain XML intentionally does not expose the password,
|
password or other credentials (the domain XML intentionally does not
|
||||||
only the reference to the object that does manage the password). Known
|
expose the password, only the reference to the object that does manage
|
||||||
secret types are "ceph" for Ceph RBD network sources and "iscsi" for CHAP
|
the password). Known secret types are "ceph" for Ceph RBD network sources
|
||||||
authentication of iSCSI targets. Both will require either a ``uuid``
|
and "iscsi" for CHAP authentication of iSCSI targets. Both will require
|
||||||
attribute with the UUID of the secret object or a ``usage`` attribute
|
either a ``uuid`` attribute with the UUID of the secret object or a
|
||||||
matching the key that was specified in the secret object.
|
``usage`` attribute matching the key that was specified in the secret
|
||||||
|
object.
|
||||||
``encryption``
|
``encryption``
|
||||||
:since:`Since libvirt 3.9.0` , the ``encryption`` can be a sub-element of
|
:since:`Since libvirt 3.9.0` , the ``encryption`` can be a sub-element of
|
||||||
the ``source`` element for encrypted storage sources. If present,
|
the ``source`` element for encrypted storage sources. If present,
|
||||||
|
@ -2173,6 +2173,27 @@
|
|||||||
</element>
|
</element>
|
||||||
</define>
|
</define>
|
||||||
|
|
||||||
|
<define name="diskSourceNetworkProtocolSSH">
|
||||||
|
<element name="source">
|
||||||
|
<interleave>
|
||||||
|
<attribute name="protocol">
|
||||||
|
<choice>
|
||||||
|
<value>ssh</value>
|
||||||
|
</choice>
|
||||||
|
</attribute>
|
||||||
|
<attribute name="name"/>
|
||||||
|
<ref name="diskSourceCommon"/>
|
||||||
|
<ref name="diskSourceNetworkHost"/>
|
||||||
|
<optional>
|
||||||
|
<ref name="encryption"/>
|
||||||
|
</optional>
|
||||||
|
<ref name="diskSourceNetworkProtocolPropsCommon"/>
|
||||||
|
<optional>
|
||||||
|
<ref name="diskAuth"/>
|
||||||
|
</optional>
|
||||||
|
</interleave>
|
||||||
|
</element>
|
||||||
|
</define>
|
||||||
<define name="diskSourceNetworkProtocolSimple">
|
<define name="diskSourceNetworkProtocolSimple">
|
||||||
<element name="source">
|
<element name="source">
|
||||||
<interleave>
|
<interleave>
|
||||||
@ -2180,7 +2201,6 @@
|
|||||||
<choice>
|
<choice>
|
||||||
<value>sheepdog</value>
|
<value>sheepdog</value>
|
||||||
<value>tftp</value>
|
<value>tftp</value>
|
||||||
<value>ssh</value>
|
|
||||||
</choice>
|
</choice>
|
||||||
</attribute>
|
</attribute>
|
||||||
<attribute name="name"/>
|
<attribute name="name"/>
|
||||||
@ -2290,6 +2310,7 @@
|
|||||||
<ref name="diskSourceNetworkProtocolHTTPS"/>
|
<ref name="diskSourceNetworkProtocolHTTPS"/>
|
||||||
<ref name="diskSourceNetworkProtocolFTPS"/>
|
<ref name="diskSourceNetworkProtocolFTPS"/>
|
||||||
<ref name="diskSourceNetworkProtocolFTP"/>
|
<ref name="diskSourceNetworkProtocolFTP"/>
|
||||||
|
<ref name="diskSourceNetworkProtocolSSH"/>
|
||||||
<ref name="diskSourceNetworkProtocolSimple"/>
|
<ref name="diskSourceNetworkProtocolSimple"/>
|
||||||
<ref name="diskSourceNetworkProtocolVxHS"/>
|
<ref name="diskSourceNetworkProtocolVxHS"/>
|
||||||
<ref name="diskSourceNetworkProtocolNFS"/>
|
<ref name="diskSourceNetworkProtocolNFS"/>
|
||||||
|
Loading…
Reference in New Issue
Block a user