Secret XML format
Secret XML
Secrets stored by libvirt may have attributes associated with them, using
the secret
element. The secret
element has two
optional attributes, each with values 'yes
' and
'no
', and defaulting to 'no
':
ephemeral
- This secret must only be kept in memory, never stored persistently.
private
- The value of the secret must not be revealed to any caller of libvirt, nor to any other node.
The top-level secret
element may contain the following
elements:
uuid
- An unique identifier for this secret (not necessarily in the UUID format). If omitted when defining a new secret, a random UUID is generated.
description
- A human-readable description of the purpose of the secret.
usage
-
Specifies what this secret is used for. A mandatory
type
attribute specifies the usage category, currently onlyvolume
is defined. Specific usage categories are described below.
Usage type "volume"
This secret is associated with a volume, and it is safe to delete the
secret after the volume is deleted. The <usage
type='volume'>
element must contain a
single volume
element that specifies the key of the volume
this secret is associated with.
Example
<secret ephemeral='no' private='yes'> <description>LUKS passphrase for the main hard drive of our mail server</description> <usage type='volume'> <volume>/var/lib/libvirt/images/mail.img</volume> </usage> </secret>