def build_disk_xml(vm_name,
disk_format,
host_ip,
disk_src_protocol,
volume_name,
disk_img=None,
transport=None,
auth=None):
"""
Try to build disk xml
:param vm_name: specified VM name.
:param disk_format: disk format,e.g raw or qcow2
:param host_ip: host ip address
:param disk_src_protocol: access disk protocol ,e.g network or file
:param volume_name: volume name
:param disk_img: disk image name
:param transport: transport pattern,e.g TCP
:param auth: dict containing ceph parameters
"""
# Delete existed disks first.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disks_dev = vmxml.get_devices(device_type="disk")
for disk in disks_dev:
vmxml.del_device(disk)
disk_xml = Disk(type_name="network")
driver_dict = {"name": "qemu", "type": disk_format, "cache": "none"}
disk_xml.driver = driver_dict
disk_xml.target = {"dev": "vda", "bus": "virtio"}
# If protocol is rbd,create ceph disk xml.
if disk_src_protocol == "rbd":
disk_xml.device = "disk"
vol_name = volume_name
source_dict = {
"protocol": disk_src_protocol,
"name": "%s/%s" % (vol_name, disk_img)
}
host_dict = {"name": host_ip, "port": "6789"}
if transport:
host_dict.update({"transport": transport})
if auth:
disk_xml.auth = disk_xml.new_auth(**auth)
disk_xml.source = disk_xml.new_disk_source(**{
"attrs": source_dict,
"hosts": [host_dict]
})
# Add the new disk xml.
vmxml.add_device(disk_xml)
vmxml.sync()
def create_primitive_disk_xml(type_name, disk_device, device_target,
device_bus, device_format, disk_src_dict,
disk_auth_dict):
"""
Creates primitive disk xml
:param type_name: disk type
:param disk_device: disk device
:param device_target: target device
:param device_bus: device bus
:param device_format: device format
:param disk_src_dict: disk source, dict format like below
disk_src_dict = {"attrs": {"protocol": "rbd",
"name": disk_name},
"hosts": [{"name": host_ip,
"port": host_port}]}
:param disk_auth_dict: disk auth information, dict format like below
disk_auth_dict = {"auth_user": auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
:return: disk xml object
"""
disk_xml = Disk(type_name=type_name)
disk_xml.device = disk_device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
if disk_src_dict:
logging.debug("disk src dict is: %s" % disk_src_dict)
disk_source = disk_xml.new_disk_source(**disk_src_dict)
disk_xml.source = disk_source
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
logging.debug("new disk xml in create_primitive_disk is: %s", disk_xml)
return disk_xml
def run(test, params, env):
"""
Test disk encryption option.
1.Prepare backend storage (blkdev/iscsi/gluster/ceph)
2.Use luks format to encrypt the backend storage
3.Prepare a disk xml indicating to the backend storage with valid/invalid
luks password
4.Start VM with disk hot/cold plugged
5.Check some disk operations in VM
6.Check backend storage is still in luks format
7.Recover test environment
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
def encrypt_dev(device, params):
"""
Encrypt device with luks format
:param device: Storage deivce to be encrypted.
:param params: From the dict to get encryption password.
"""
password = params.get("luks_encrypt_passwd", "password")
size = params.get("luks_size", "500M")
cmd = (
"qemu-img create -f luks "
"--object secret,id=sec0,data=`printf '%s' | base64`,format=base64 "
"-o key-secret=sec0 %s %s" % (password, device, size))
if process.system(cmd, shell=True):
test.fail("Can't create a luks encrypted img by qemu-img")
def check_dev_format(device, fmt="luks"):
"""
Check if device is in luks format
:param device: Storage deivce to be checked.
:param fmt: Expected disk format.
:return: If device's format equals to fmt, return True, else return False.
"""
cmd_result = process.run("qemu-img" + ' -h',
ignore_status=True,
shell=True,
verbose=False)
if b'-U' in cmd_result.stdout:
cmd = ("qemu-img info -U %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
else:
cmd = ("qemu-img info %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
if cmd_result.exit_status:
test.fail("device %s is not in %s format. err is: %s" %
(device, fmt, cmd_result.stderr))
def check_in_vm(target, old_parts):
"""
Check mount/read/write disk in VM.
:param target: Disk dev in VM.
:param old_parts: Original disk partitions in VM.
:return: True if check successfully.
"""
try:
session = vm.wait_for_login()
if platform.platform().count('ppc64'):
time.sleep(10)
new_parts = utils_disk.get_parts_list(session)
added_parts = list(set(new_parts).difference(set(old_parts)))
logging.info("Added parts:%s", added_parts)
if len(added_parts) != 1:
logging.error("The number of new partitions is invalid in VM")
return False
else:
added_part = added_parts[0]
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
"mkdir -p test && mount /dev/{0} test && echo"
" teststring > test/testfile && umount test".format(
added_part))
status, output = session.cmd_status_output(cmd)
logging.debug("Disk operation in VM:\nexit code:\n%s\noutput:\n%s",
status, output)
return status == 0
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
return False
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "file")
device_bus = params.get("virt_disk_device_bus", "virtio")
backend_storage_type = params.get("backend_storage_type", "iscsi")
# Backend storage options.
storage_size = params.get("storage_size", "1G")
enable_auth = "yes" == params.get("enable_auth")
# Luks encryption info, luks_encrypt_passwd is the password used to encrypt
# luks image, and luks_secret_passwd is the password set to luks secret, you
# can set a wrong password to luks_secret_passwd for negative tests
luks_encrypt_passwd = params.get("luks_encrypt_passwd", "password")
luks_secret_passwd = params.get("luks_secret_passwd", "password")
# Backend storage auth info
use_auth_usage = "yes" == params.get("use_auth_usage")
if use_auth_usage:
use_auth_uuid = False
else:
use_auth_uuid = "yes" == params.get("use_auth_uuid", "yes")
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
status_error = "yes" == params.get("status_error")
check_partitions = "yes" == params.get("virt_disk_check_partitions", "yes")
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
encryption_in_source = "yes" == params.get("encryption_in_source", "no")
auth_in_source = "yes" == params.get("auth_in_source", "no")
auth_sec_uuid = ""
luks_sec_uuid = ""
disk_auth_dict = {}
disk_encryption_dict = {}
pvt = None
if ((encryption_in_source or auth_in_source)
and not libvirt_version.version_compare(3, 9, 0)):
test.cancel("Cannot put <encryption> or <auth> inside disk <source> "
"in this libvirt version.")
# Start VM and get all partions in VM.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = utils_disk.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
# Setup backend storage
if backend_storage_type == "iscsi":
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
if device_type == "block":
device_source = libvirt.setup_or_cleanup_iscsi(is_setup=True)
disk_src_dict = {'attrs': {'dev': device_source}}
elif device_type == "network":
if enable_auth:
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage",
"libvirtiscsi")
auth_sec_dict = {
"sec_usage": "iscsi",
"sec_target": auth_sec_usage
}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
# Set password of auth secret (not luks encryption secret)
virsh.secret_set_value(auth_sec_uuid,
chap_passwd,
encode=True,
debug=True)
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True,
is_login=False,
image_size=storage_size,
chap_user=chap_user,
chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# ISCSI auth attributes for disk xml
if use_auth_uuid:
disk_auth_dict = {
"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid
}
elif use_auth_usage:
disk_auth_dict = {
"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target
}
else:
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True,
is_login=False,
image_size=storage_size,
portal_ip=iscsi_host)
device_source = "iscsi://%s:%s/%s/%s" % (
iscsi_host, iscsi_port, iscsi_target, lun_num)
disk_src_dict = {
"attrs": {
"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)
},
"hosts": [{
"name": iscsi_host,
"port": iscsi_port
}]
}
elif backend_storage_type == "gluster":
gluster_vol_name = params.get("gluster_vol_name", "gluster_vol1")
gluster_pool_name = params.get("gluster_pool_name",
"gluster_pool1")
gluster_img_name = params.get("gluster_img_name", "gluster1.img")
gluster_host_ip = libvirt.setup_or_cleanup_gluster(
is_setup=True,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
device_source = "gluster://%s/%s/%s" % (
gluster_host_ip, gluster_vol_name, gluster_img_name)
disk_src_dict = {
"attrs": {
"protocol": "gluster",
"name": "%s/%s" % (gluster_vol_name, gluster_img_name)
},
"hosts": [{
"name": gluster_host_ip,
"port": "24007"
}]
}
elif backend_storage_type == "ceph":
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_host_port = params.get("ceph_host_port", "EXAMPLE_PORTS")
ceph_disk_name = params.get("ceph_disk_name",
"EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
enable_auth = "yes" == params.get("enable_auth")
key_file = os.path.join(data_dir.get_tmp_dir(), "ceph.key")
key_opt = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
if enable_auth:
# If enable auth, prepare a local file to save key
if ceph_client_name and ceph_client_key:
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
key_opt = "--keyring %s" % key_file
auth_sec_dict = {
"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"
}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid,
ceph_auth_key,
debug=True)
disk_auth_dict = {
"auth_user": ceph_auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid
}
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
else:
test.error("No ceph client name/key provided.")
device_source = "rbd:%s:mon_host=%s:keyring=%s" % (
ceph_disk_name, ceph_mon_ip, key_file)
else:
device_source = "rbd:%s:mon_host=%s" % (ceph_disk_name,
ceph_mon_ip)
disk_src_dict = {
"attrs": {
"protocol": "rbd",
"name": ceph_disk_name
},
"hosts": [{
"name": ceph_host_ip,
"port": ceph_host_port
}]
}
elif backend_storage_type == "nfs":
pool_name = params.get("pool_name", "nfs_pool")
pool_target = params.get("pool_target", "nfs_mount")
pool_type = params.get("pool_type", "netfs")
nfs_server_dir = params.get("nfs_server_dir", "nfs_server")
emulated_image = params.get("emulated_image")
image_name = params.get("nfs_image_name", "nfs.img")
tmp_dir = data_dir.get_tmp_dir()
pvt = libvirt.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
nfs_mount_dir = os.path.join(tmp_dir, pool_target)
device_source = nfs_mount_dir + image_name
disk_src_dict = {
'attrs': {
'file': device_source,
'type_name': 'file'
}
}
else:
test.cancel("Only iscsi/gluster/rbd/nfs can be tested for now.")
logging.debug("device source is: %s", device_source)
luks_sec_uuid = libvirt.create_secret(params)
logging.debug("A secret created with uuid = '%s'", luks_sec_uuid)
ret = virsh.secret_set_value(luks_sec_uuid,
luks_secret_passwd,
encode=True,
debug=True)
encrypt_dev(device_source, params)
libvirt.check_exit_status(ret)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
if auth_in_source:
disk_source.auth = disk_xml.new_auth(**disk_auth_dict)
else:
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
disk_encryption_dict = {
"encryption": "luks",
"secret": {
"type": "passphrase",
"uuid": luks_sec_uuid
}
}
disk_encryption = disk_xml.new_encryption(**disk_encryption_dict)
if encryption_in_source:
disk_source.encryption = disk_encryption
else:
disk_xml.encryption = disk_encryption
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
# Sync VM xml
if not hotplug_disk:
vmxml.add_device(disk_xml)
vmxml.sync()
try:
vm.start()
vm.wait_for_login()
except virt_vm.VMStartError as details:
# When use wrong password in disk xml for cold plug cases,
# VM cannot be started
if status_error and not hotplug_disk:
logging.info("VM failed to start as expected: %s" %
str(details))
else:
test.fail("VM should start but failed: %s" % str(details))
if hotplug_disk:
result = virsh.attach_device(vm_name,
disk_xml.xml,
ignore_status=True,
debug=True)
libvirt.check_exit_status(result, status_error)
if check_partitions and not status_error:
if not check_in_vm(device_target, old_parts):
test.fail("Check disk partitions in VM failed")
check_dev_format(device_source)
finally:
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync("--snapshots-metadata")
# Clean up backend storage
if backend_storage_type == "iscsi":
libvirt.setup_or_cleanup_iscsi(is_setup=False)
elif backend_storage_type == "gluster":
libvirt.setup_or_cleanup_gluster(is_setup=False,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
elif backend_storage_type == "ceph":
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("result of rbd removal: %s", cmd_result)
if os.path.exists(key_file):
os.remove(key_file)
# Clean up secrets
if auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
if luks_sec_uuid:
virsh.secret_undefine(luks_sec_uuid)
# Clean up pools
if pvt:
pvt.cleanup_pool(pool_name, pool_type, pool_target, emulated_image)
def setup_auth_enabled_iscsi_disk(vm, params):
"""
Create one separate thread to do blockcopy
:param vm: VM
:param params: config params
"""
disk_type = params.get("disk_type", "file")
disk_target = params.get("disk_target", 'vda')
disk_target_bus = params.get("disk_target_bus", "virtio")
disk_format = params.get("disk_format", "qcow2")
disk_device = params.get("disk_device", "lun")
first_disk = vm.get_first_disk_devices()
logging.debug("first disk is %s", first_disk)
blk_source = first_disk['source']
if vm.is_alive():
vm.destroy(gracefully=False)
image_size = params.get("image_size", "5G")
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage", "libvirtiscsi")
auth_sec_dict = {"sec_usage": "iscsi", "sec_target": auth_sec_usage}
auth_sec_uuid = utl.create_secret(auth_sec_dict)
# Set password of auth secret
virsh.secret_set_value(auth_sec_uuid, chap_passwd, encode=True, debug=True)
emu_image = params.get("emulated_image", "emulated-iscsi")
utl.setup_or_cleanup_iscsi(is_setup=False)
iscsi_target, lun_num = utl.setup_or_cleanup_iscsi(is_setup=True,
is_login=False,
image_size=image_size,
chap_user=chap_user,
chap_passwd=chap_passwd)
# Copy first disk to emulated backing store path
tmp_dir = data_dir.get_tmp_dir()
emulated_path = os.path.join(tmp_dir, emu_image)
cmd = "qemu-img convert -f %s -O %s %s %s" % ('qcow2', disk_format,
blk_source, emulated_path)
process.run(cmd, ignore_status=False, shell=True)
# ISCSI auth attributes for disk xml
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
disk_auth_dict = {
"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target
}
disk_src_dict = {
"attrs": {
"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)
},
"hosts": [{
"name": '127.0.0.1',
"port": '3260'
}]
}
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm.name)
# Delete disk elements
disk_deleted = False
disks = vmxml.get_devices(device_type="disk")
for disk_ in disks:
if disk_.target['dev'] == disk_target:
vmxml.del_device(disk_)
disk_deleted = True
if disk_deleted:
vmxml.sync()
vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm.name)
disk_xml = Disk(type_name=disk_type)
disk_xml.device = disk_device
disk_xml.target = {"dev": disk_target, "bus": disk_target_bus}
driver_dict = {"name": "qemu", "type": disk_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
auth_in_source = randint(0, 50) % 2 == 0
if auth_in_source:
disk_source.auth = disk_xml.new_auth(**disk_auth_dict)
else:
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
vmxml.add_device(disk_xml)
vmxml.sync()
vm.start()
def run(test, params, env):
"""
Test SCSI3 Persistent Reservation functions.
1.Prepare iscsi backend storage.
2.Prepare disk xml.
3.Hot/cold plug the disk to vm.
4.Check if SCSI3 Persistent Reservation commands can be issued to that disk.
5.Recover test environment.
6.Confirm the test result.
"""
def get_delta_parts(vm, old_parts):
"""
Get the newly added partitions/blockdevs in vm.
:param vm: The vm to be operated.
:param old_parts: The original partitions/blockdevs in vm.
:return: Newly added partitions/blockdevs.
"""
session = vm.wait_for_login()
new_parts = utils_disk.get_parts_list(session)
new_parts = list(set(new_parts).difference(set(old_parts)))
session.close()
return new_parts
def check_pr_cmds(vm, blk_dev):
"""
Check if SCSI3 Persistent Reservation commands can be used in vm.
:param vm: The vm to be checked.
:param blk_dev: The block device in vm to be checked.
"""
session = vm.wait_for_login()
cmd = ("sg_persist --no-inquiry -v --out --register-ignore --param-sark 123aaa /dev/{0} &&"
"sg_persist --no-inquiry --in -k /dev/{0} &&"
"sg_persist --no-inquiry -v --out --reserve --param-rk 123aaa --prout-type 5 /dev/{0} &&"
"sg_persist --no-inquiry --in -r /dev/{0} &&"
"sg_persist --no-inquiry -v --out --release --param-rk 123aaa --prout-type 5 /dev/{0} &&"
"sg_persist --no-inquiry --in -r /dev/{0} &&"
"sg_persist --no-inquiry -v --out --register --param-rk 123aaa --prout-type 5 /dev/{0} &&"
"sg_persist --no-inquiry --in -k /dev/{0}"
.format(blk_dev))
cmd_status, cmd_output = session.cmd_status_output(cmd)
session.close()
if cmd_status == 127:
test.error("sg3_utils not installed in test image")
elif cmd_status != 0:
test.fail("persistent reservation failed for /dev/%s" % blk_dev)
else:
logging.info("persistent reservation successful for /dev/%s" % blk_dev)
def start_or_stop_qemu_pr_helper(is_start=True, path_to_sock="/var/run/qemu-pr-helper.sock"):
"""
Start or stop qemu-pr-helper daemon
:param is_start: Set True to start, False to stop.
"""
service_mgr = service.ServiceManager()
if is_start:
service_mgr.start('qemu-pr-helper')
time.sleep(2)
shutil.chown(path_to_sock, "qemu", "qemu")
else:
service_mgr.stop('qemu-pr-helper')
def ppc_controller_update():
"""
Update controller of ppc vm to 'virtio-scsi' to support 'scsi' type
:return:
"""
if params.get('machine_type') == 'pseries' and device_bus == 'scsi':
if not vmxml.get_controllers(device_bus, 'virtio-scsi'):
vmxml.del_controller(device_bus)
ppc_controller = Controller('controller')
ppc_controller.type = device_bus
ppc_controller.index = '0'
ppc_controller.model = 'virtio-scsi'
vmxml.add_device(ppc_controller)
vmxml.sync()
# Check if SCSI3 Persistent Reservations supported by
# current libvirt versions.
if not libvirt_version.version_compare(4, 4, 0):
test.cancel("The <reservations> tag supported by libvirt from version "
"4.4.0")
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
# Disk specific attributes
device = params.get("virt_disk_device", "lun")
device_target = params.get("virt_disk_device_target", "sdb")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "block")
device_bus = params.get("virt_disk_device_bus", "scsi")
# Iscsi options
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
emulated_size = params.get("iscsi_image_size", "1G")
auth_uuid = "yes" == params.get("auth_uuid")
auth_usage = "yes" == params.get("auth_usage")
# SCSI3 PR options
reservations_managed = "yes" == params.get("reservations_managed", "yes")
reservations_source_type = params.get("reservations_source_type", "unix")
reservations_source_path = params.get("reservations_source_path",
"/var/run/qemu-pr-helper.sock")
reservations_source_mode = params.get("reservations_source_mode", "client")
secret_uuid = ""
# Case step options
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
# Start vm and get all partions in vm
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = utils_disk.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
chap_user = ""
chap_passwd = ""
if auth_uuid or auth_usage:
auth_in_source = "yes" == params.get("auth_in_source", "no")
if auth_in_source and not libvirt_version.version_compare(3, 9, 0):
test.cancel("place auth in source is not supported in "
"current libvirt version.")
auth_type = params.get("auth_type", "chap")
secret_usage_target = params.get("secret_usage_target",
"libvirtiscsi")
secret_usage_type = params.get("secret_usage_type", "iscsi")
chap_user = params.get("iscsi_user", "redhat")
chap_passwd = params.get("iscsi_password", "redhat")
sec_xml = secret_xml.SecretXML("no", "yes")
sec_xml.description = "iSCSI secret"
sec_xml.auth_type = auth_type
sec_xml.auth_username = chap_user
sec_xml.usage = secret_usage_type
sec_xml.target = secret_usage_target
sec_xml.xmltreefile.write()
ret = virsh.secret_define(sec_xml.xml)
libvirt.check_exit_status(ret)
secret_uuid = re.findall(r".+\S+(\ +\S+)\ +.+\S+",
ret.stdout.strip())[0].lstrip()
logging.debug("Secret uuid %s", secret_uuid)
if secret_uuid == "":
test.error("Failed to get secret uuid")
# Set secret value
encoding = locale.getpreferredencoding()
secret_string = base64.b64encode(str(chap_passwd).encode(encoding)).decode(encoding)
ret = virsh.secret_set_value(secret_uuid, secret_string,
**virsh_dargs)
libvirt.check_exit_status(ret)
# Setup iscsi target
blk_dev = libvirt.setup_or_cleanup_iscsi(is_setup=True,
is_login=True,
image_size=emulated_size,
chap_user=chap_user,
chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# Add disk xml
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
auth_dict = {}
if auth_uuid:
auth_dict = {"auth_user": chap_user,
"secret_type": secret_usage_type,
"secret_uuid": secret_uuid}
elif auth_usage:
auth_dict = {"auth_user": chap_user,
"secret_type": secret_usage_type,
"secret_usage": secret_usage_target}
disk_source = disk_xml.new_disk_source(
**{"attrs": {"dev": blk_dev}})
if auth_dict:
disk_auth = disk_xml.new_auth(**auth_dict)
if auth_in_source:
disk_source.auth = disk_auth
else:
disk_xml.auth = disk_auth
if reservations_managed:
reservations_dict = {"reservations_managed": "yes"}
else:
start_or_stop_qemu_pr_helper(path_to_sock=reservations_source_path)
reservations_dict = {"reservations_managed": "no",
"reservations_source_type": reservations_source_type,
"reservations_source_path": reservations_source_path,
"reservations_source_mode": reservations_source_mode}
disk_source.reservations = disk_xml.new_reservations(**reservations_dict)
disk_xml.source = disk_source
# Update controller of ppc vms
ppc_controller_update()
if not hotplug_disk:
vmxml.add_device(disk_xml)
try:
# Start the VM and check status
vmxml.sync()
vm.start()
vm.wait_for_login().close()
time.sleep(5)
if hotplug_disk:
result = virsh.attach_device(vm_name, disk_xml.xml,
ignore_status=True, debug=True)
libvirt.check_exit_status(result)
new_parts = get_delta_parts(vm, old_parts)
if len(new_parts) != 1:
logging.error("Expected 1 dev added but has %s" % len(new_parts))
new_part = new_parts[0]
check_pr_cmds(vm, new_part)
result = virsh.detach_device(vm_name, disk_xml.xml,
ignore_status=True, debug=True, wait_remove_event=True)
libvirt.check_exit_status(result)
except virt_vm.VMStartError as e:
test.fail("VM failed to start."
"Error: %s" % str(e))
except xcepts.LibvirtXMLError as xml_error:
test.fail("Failed to define VM:\n%s" % xml_error)
finally:
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync("--snapshots-metadata")
# Delete the tmp files.
libvirt.setup_or_cleanup_iscsi(is_setup=False)
# Clean up secret
if secret_uuid:
virsh.secret_undefine(secret_uuid)
# Stop qemu-pr-helper daemon
start_or_stop_qemu_pr_helper(is_start=False)
def run(test, params, env):
"""
Test disk encryption option.
1.Prepare test environment, destroy or suspend a VM.
2.Prepare tgtd and secret config.
3.Edit disks xml and start the domain.
4.Perform test operation.
5.Recover test environment.
6.Confirm the test result.
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
def check_save_restore(save_file):
"""
Test domain save and restore.
"""
# Save the domain.
ret = virsh.save(vm_name, save_file, **virsh_dargs)
libvirt.check_exit_status(ret)
# Restore the domain.
ret = virsh.restore(save_file, **virsh_dargs)
libvirt.check_exit_status(ret)
def check_snapshot():
"""
Test domain snapshot operation.
"""
snapshot1 = "s1"
snapshot2 = "s2"
ret = virsh.snapshot_create_as(vm_name, snapshot1)
libvirt.check_exit_status(ret)
ret = virsh.snapshot_create_as(
vm_name, "%s --disk-only --diskspec vda,"
"file=/tmp/testvm-snap1" % snapshot2)
libvirt.check_exit_status(ret, True)
ret = virsh.snapshot_create_as(
vm_name, "%s --memspec file=%s,snapshot=external"
" --diskspec vda,file=/tmp/testvm-snap2" % (snapshot2, snapshot2))
libvirt.check_exit_status(ret, True)
def check_in_vm(target, old_parts):
"""
Check mount/read/write disk in VM.
:param vm. VM guest.
:param target. Disk dev in VM.
:return: True if check successfully.
"""
try:
session = vm.wait_for_login()
new_parts = libvirt.get_parts_list(session)
added_parts = list(set(new_parts).difference(set(old_parts)))
logging.info("Added parts:%s", added_parts)
if len(added_parts) != 1:
logging.error("The number of new partitions is invalid in VM")
return False
added_part = None
if target.startswith("vd"):
if added_parts[0].startswith("vd"):
added_part = added_parts[0]
elif target.startswith("hd"):
if added_parts[0].startswith("sd"):
added_part = added_parts[0]
elif target.startswith("sd"):
added_part = added_parts[0]
if not added_part:
logging.error("Cann't see added partition in VM")
return False
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
"mkdir -p test && mount /dev/{0} test && echo"
" teststring > test/testfile && umount test".format(
added_part))
s, o = session.cmd_status_output(cmd)
logging.info("Check disk operation in VM:\n%s", o)
if s != 0:
return False
return True
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
return False
def check_qemu_cmd():
"""
Check qemu-kvm command line options
"""
cmd = ("ps -ef | grep %s | grep -v grep " % vm_name)
if driver_iothread:
cmd += " | grep iothread=iothread%s" % driver_iothread
if process.system(cmd, ignore_status=True, shell=True):
test.fail("Can't see disk option '%s' " "in command line" % cmd)
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "file")
device_bus = params.get("virt_disk_device_bus", "virtio")
# Controller specific attributes.
cntlr_type = params.get('controller_type', None)
cntlr_model = params.get('controller_model', None)
cntlr_index = params.get('controller_index', None)
controller_addr_options = params.get('controller_addr_options', None)
driver_iothread = params.get("driver_iothread")
# iscsi options.
iscsi_target = params.get("iscsi_target")
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
emulated_size = params.get("iscsi_image_size", "1")
uuid = params.get("uuid", "")
auth_uuid = "yes" == params.get("auth_uuid", "")
auth_usage = "yes" == params.get("auth_usage", "")
status_error = "yes" == params.get("status_error")
define_error = "yes" == params.get("define_error", "no")
test_save_snapshot = "yes" == params.get("test_save_snapshot", "no")
test_qemu_cmd = "yes" == params.get("test_qemu_cmd", "no")
check_partitions = "yes" == params.get("virt_disk_check_partitions", "yes")
secret_uuid = ""
# Start vm and get all partions in vm.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = libvirt.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
chap_user = ""
chap_passwd = ""
if auth_uuid or auth_usage:
auth_place_in_location = params.get("auth_place_in_location")
if 'source' in auth_place_in_location and not libvirt_version.version_compare(
3, 9, 0):
test.cancel(
"place auth in source is not supported in current libvirt version"
)
auth_type = params.get("auth_type")
secret_usage_target = params.get("secret_usage_target")
secret_usage_type = params.get("secret_usage_type")
chap_user = params.get("iscsi_user")
chap_passwd = params.get("iscsi_password")
sec_xml = secret_xml.SecretXML("no", "yes")
sec_xml.description = "iSCSI secret"
sec_xml.auth_type = auth_type
sec_xml.auth_username = chap_user
sec_xml.usage = secret_usage_type
sec_xml.target = secret_usage_target
sec_xml.xmltreefile.write()
ret = virsh.secret_define(sec_xml.xml)
libvirt.check_exit_status(ret)
secret_uuid = re.findall(r".+\S+(\ +\S+)\ +.+\S+",
ret.stdout.strip())[0].lstrip()
logging.debug("Secret uuid %s", secret_uuid)
if secret_uuid == "":
test.error("Failed to get secret uuid")
# Set secret value
encoding = locale.getpreferredencoding()
secret_string = base64.b64encode(
chap_passwd.encode(encoding)).decode(encoding)
ret = virsh.secret_set_value(secret_uuid, secret_string,
**virsh_dargs)
libvirt.check_exit_status(ret)
# Setup iscsi target
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True,
is_login=False,
image_size=emulated_size,
chap_user=chap_user,
chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# If we use qcow2 disk format, should format iscsi disk first.
if device_format == "qcow2":
cmd = (
"qemu-img create -f qcow2 iscsi://%s:%s/%s/%s %s" %
(iscsi_host, iscsi_port, iscsi_target, lun_num, emulated_size))
process.run(cmd, shell=True)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
# For lun type device, iothread attribute need to be set in controller.
if driver_iothread and device != "lun":
driver_dict.update({"iothread": driver_iothread})
vmxml.iothreads = int(driver_iothread)
elif driver_iothread:
vmxml.iothreads = int(driver_iothread)
disk_xml.driver = driver_dict
# Check if we want to use a faked uuid.
if not uuid:
uuid = secret_uuid
auth_dict = {}
if auth_uuid:
auth_dict = {
"auth_user": chap_user,
"secret_type": secret_usage_type,
"secret_uuid": uuid
}
elif auth_usage:
auth_dict = {
"auth_user": chap_user,
"secret_type": secret_usage_type,
"secret_usage": secret_usage_target
}
disk_source = disk_xml.new_disk_source(
**{
"attrs": {
"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)
},
"hosts": [{
"name": iscsi_host,
"port": iscsi_port
}]
})
if auth_dict:
disk_auth = disk_xml.new_auth(**auth_dict)
if 'source' in auth_place_in_location:
disk_source.auth = disk_auth
if 'disk' in auth_place_in_location:
disk_xml.auth = disk_auth
disk_xml.source = disk_source
# Sync VM xml.
vmxml.add_device(disk_xml)
# After virtio 1.0 is enabled, lun type device need use virtio-scsi
# instead of virtio, so additional controller is needed.
# Add controller.
if device == "lun":
ctrl = Controller(type_name=cntlr_type)
if cntlr_model is not None:
ctrl.model = cntlr_model
if cntlr_index is not None:
ctrl.index = cntlr_index
ctrl_addr_dict = {}
for addr_option in controller_addr_options.split(','):
if addr_option != "":
addr_part = addr_option.split('=')
ctrl_addr_dict.update(
{addr_part[0].strip(): addr_part[1].strip()})
ctrl.address = ctrl.new_controller_address(attrs=ctrl_addr_dict)
# If driver_iothread is true, need add iothread attribute in controller.
if driver_iothread:
ctrl_driver_dict = {}
ctrl_driver_dict.update({"iothread": driver_iothread})
ctrl.driver = ctrl_driver_dict
logging.debug("Controller XML is:%s", ctrl)
if cntlr_type:
vmxml.del_controller(cntlr_type)
else:
vmxml.del_controller("scsi")
vmxml.add_device(ctrl)
try:
# Start the VM and check status.
vmxml.sync()
vm.start()
if status_error:
test.fail("VM started unexpectedly.")
# Check Qemu command line
if test_qemu_cmd:
check_qemu_cmd()
except virt_vm.VMStartError as e:
if status_error:
if re.search(uuid, str(e)):
pass
else:
test.fail("VM failed to start." "Error: %s" % str(e))
except xcepts.LibvirtXMLError as xml_error:
if not define_error:
test.fail("Failed to define VM:\n%s" % xml_error)
else:
# Check partitions in VM.
if check_partitions:
if not check_in_vm(device_target, old_parts):
test.fail("Check disk partitions in VM failed")
# Test domain save/restore/snapshot.
if test_save_snapshot:
save_file = os.path.join(data_dir.get_tmp_dir(),
"%.save" % vm_name)
check_save_restore(save_file)
check_snapshot()
if os.path.exists(save_file):
os.remove(save_file)
finally:
# Delete snapshots.
libvirt.clean_up_snapshots(vm_name, domxml=vmxml_backup)
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync("--snapshots-metadata")
# Delete the tmp files.
libvirt.setup_or_cleanup_iscsi(is_setup=False)
# Clean up secret
if secret_uuid:
virsh.secret_undefine(secret_uuid)
def run(test, params, env):
"""
Test virsh domblkthreshold option.
1.Prepare backend storage (file/luks/iscsi/gluster/ceph/nbd)
2.Start VM
3.Set domblkthreshold on target device in VM
4.Trigger one threshold event
5.Check threshold event is received as expected
6.Clean up test environment
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
block_threshold_timeout = params.get("block_threshold_timeout", "120")
event_type = params.get("event_type", "block-threshold")
block_threshold_option = params.get("block_threshold_option", "--loop")
def set_vm_block_domblkthreshold(vm_name, target_device, threshold, **dargs):
"""
Set VM block threshold on specific target device.
:param vm_name: VM name.
:param target_device: target device in VM
:param threshold: threshold value with specific unit such as 100M
:param dargs: mutable parameter dict
"""
ret = virsh.domblkthreshold(vm_name, target_device, threshold, **dargs)
libvirt.check_exit_status(ret)
def trigger_block_threshold_event(vm_domain, target):
"""
Trigger block threshold event.
:param vm_domain: VM name
:param target: Disk dev in VM.
"""
try:
session = vm_domain.wait_for_login()
time.sleep(10)
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
" mount /dev/{0} /mnt && "
" dd if=/dev/urandom of=/mnt/bigfile bs=1M count=101"
.format(target))
status, output = session.cmd_status_output(cmd)
if status:
test.error("Failed to mount and fill data in VM: %s" % output)
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
raise
def check_threshold_event(vm_name, event_type, event_timeout, options, **dargs):
"""
Check threshold event.
:param vm_name: VM name
:param event_type: event type.
:param event_timeout: event timeout value
:param options: event option
:dargs: dynamic parameters.
"""
ret = virsh.event(vm_name, event_type, event_timeout, options, **dargs)
logging.debug(ret.stdout_text)
libvirt.check_exit_status(ret)
def create_vol(p_name, vol_params):
"""
Create volume.
:param p_name: Pool name.
:param vol_params: Volume parameters dict.
"""
# Clean up dirty volumes if pool has.
pv = libvirt_storage.PoolVolume(p_name)
vol_name_list = pv.list_volumes()
for vol_name in vol_name_list:
pv.delete_volume(vol_name)
volxml = vol_xml.VolXML()
v_xml = volxml.new_vol(**vol_params)
v_xml.xmltreefile.write()
ret = virsh.vol_create(p_name, v_xml.xml, **virsh_dargs)
libvirt.check_exit_status(ret)
def trigger_block_commit(vm_name, target, blockcommit_options, **virsh_dargs):
"""
Trigger blockcommit.
:param vm_name: VM name
:param target: Disk dev in VM.
:param blockcommit_options: blockcommit option
:param virsh_dargs: additional parameters
"""
result = virsh.blockcommit(vm_name, target,
blockcommit_options, ignore_status=False, **virsh_dargs)
def trigger_block_copy(vm_name, target, dest_path, blockcopy_options, **virsh_dargs):
"""
Trigger blockcopy
:param vm_name: string, VM name
:param target: string, target disk
:param dest_path: string, the path of copied disk
:param blockcopy_options: string, some options applied
:param virsh_dargs: additional options
"""
result = virsh.blockcopy(vm_name, target, dest_path, blockcopy_options, **virsh_dargs)
libvirt.check_exit_status(result)
def trigger_mirror_threshold_event(vm_domain, target):
"""
Trigger mirror mode block threshold event.
:param vm_domain: VM name
:param target: Disk target in VM.
"""
try:
session = vm_domain.wait_for_login()
# Sleep 10 seconds to let wait for events thread start first in main thread
time.sleep(10)
cmd = ("dd if=/dev/urandom of=file bs=1G count=3")
status, output = session.cmd_status_output(cmd)
if status:
test.error("Failed to fill data in VM target: %s with %s" % (target, output))
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
raise
except Exception as ex:
raise
def get_mirror_source_index(vm_name, dev_index=0):
"""
Get mirror source index
:param vm_name: VM name
:param dev_index: Disk device index.
:return mirror source index in integer
"""
disk_list = vm_xml.VMXML.get_disk_source(vm_name)
disk_mirror = disk_list[dev_index].find('mirror')
if disk_mirror is None:
test.fail("Failed to get disk mirror")
disk_mirror_source = disk_mirror.find('source')
return int(disk_mirror_source.get('index'))
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "file")
device_bus = params.get("virt_disk_device_bus", "virtio")
backend_storage_type = params.get("backend_storage_type", "iscsi")
# Backend storage auth info
storage_size = params.get("storage_size", "1G")
enable_auth = "yes" == params.get("enable_auth")
use_auth_usage = "yes" == params.get("use_auth_usage")
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
auth_sec_uuid = ""
luks_sec_uuid = ""
disk_auth_dict = {}
disk_encryption_dict = {}
status_error = "yes" == params.get("status_error")
define_error = "yes" == params.get("define_error")
mirror_mode_blockcommit = "yes" == params.get("mirror_mode_blockcommit", "no")
mirror_mode_blockcopy = "yes" == params.get("mirror_mode_blockcopy", "no")
default_snapshot_test = "yes" == params.get("default_snapshot_test", "no")
block_threshold_value = params.get("block_threshold_value", "100M")
snapshot_external_disks = []
tmp_dir = data_dir.get_tmp_dir()
dest_path = params.get("dest_path", "/var/lib/libvirt/images/newclone")
pvt = None
# Initialize one NbdExport object
nbd = None
img_file = os.path.join(data_dir.get_tmp_dir(),
"%s_test.img" % vm_name)
if ((backend_storage_type == "luks") and
not libvirt_version.version_compare(3, 9, 0)):
test.cancel("Cannot support <encryption> inside disk in this libvirt version.")
# Start VM and get all partitions in VM.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = utils_disk.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
# Additional disk images.
disks_img = []
try:
# Clean up dirty secrets in test environments if there are.
utils_secret.clean_up_secrets()
# Setup backend storage
if backend_storage_type == "file":
image_filename = params.get("image_filename", "raw.img")
disk_path = os.path.join(data_dir.get_tmp_dir(), image_filename)
device_source = libvirt.create_local_disk(backend_storage_type, disk_path, storage_size, device_format)
disks_img.append({"format": device_format,
"source": disk_path, "path": disk_path})
disk_src_dict = {'attrs': {'file': device_source,
'type_name': 'file'}}
# Setup backend storage
elif backend_storage_type == "luks":
luks_encrypt_passwd = params.get("luks_encrypt_passwd", "password")
luks_secret_passwd = params.get("luks_secret_passwd", "password")
# Create secret
luks_sec_uuid = libvirt.create_secret(params)
logging.debug("A secret created with uuid = '%s'", luks_sec_uuid)
virsh.secret_set_value(luks_sec_uuid, luks_secret_passwd,
encode=True, ignore_status=False, debug=True)
image_filename = params.get("image_filename", "raw.img")
device_source = os.path.join(data_dir.get_tmp_dir(), image_filename)
disks_img.append({"format": device_format,
"source": device_source, "path": device_source})
disk_src_dict = {'attrs': {'file': device_source,
'type_name': 'file'}}
disk_encryption_dict = {"encryption": "luks",
"secret": {"type": "passphrase",
"uuid": luks_sec_uuid}}
cmd = ("qemu-img create -f luks "
"--object secret,id=sec0,data=`printf '%s' | base64`,format=base64 "
"-o key-secret=sec0 %s %s" % (luks_encrypt_passwd, device_source, storage_size))
if process.system(cmd, shell=True):
test.error("Can't create a luks encrypted img by qemu-img")
elif backend_storage_type == "iscsi":
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
if device_type == "block":
device_source = libvirt.setup_or_cleanup_iscsi(is_setup=True)
disk_src_dict = {'attrs': {'dev': device_source}}
elif device_type == "network":
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage",
"libvirtiscsi")
auth_sec_dict = {"sec_usage": "iscsi",
"sec_target": auth_sec_usage}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
# Set password of auth secret (not luks encryption secret)
virsh.secret_set_value(auth_sec_uuid, chap_passwd,
encode=True, ignore_status=False, debug=True)
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True, is_login=False, image_size=storage_size,
chap_user=chap_user, chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# ISCSI auth attributes for disk xml
disk_auth_dict = {"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target}
device_source = "iscsi://%s:%s/%s/%s" % (iscsi_host, iscsi_port,
iscsi_target, lun_num)
disk_src_dict = {"attrs": {"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)},
"hosts": [{"name": iscsi_host, "port": iscsi_port}]}
elif backend_storage_type == "gluster":
gluster_vol_name = params.get("gluster_vol_name", "gluster_vol1")
gluster_pool_name = params.get("gluster_pool_name", "gluster_pool1")
gluster_img_name = params.get("gluster_img_name", "gluster1.img")
gluster_host_ip = gluster.setup_or_cleanup_gluster(
is_setup=True,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
device_source = "gluster://%s/%s/%s" % (gluster_host_ip,
gluster_vol_name,
gluster_img_name)
cmd = ("qemu-img create -f %s "
"%s %s" % (device_format, device_source, storage_size))
if process.system(cmd, shell=True):
test.error("Can't create a gluster type img by qemu-img")
disk_src_dict = {"attrs": {"protocol": "gluster",
"name": "%s/%s" % (gluster_vol_name,
gluster_img_name)},
"hosts": [{"name": gluster_host_ip,
"port": "24007"}]}
elif backend_storage_type == "ceph":
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_host_port = params.get("ceph_host_port", "EXAMPLE_PORTS")
ceph_disk_name = params.get("ceph_disk_name", "EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
enable_auth = "yes" == params.get("enable_auth")
key_file = os.path.join(data_dir.get_tmp_dir(), "ceph.key")
key_opt = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
# If enable auth, prepare a local file to save key
if ceph_client_name and ceph_client_key:
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
key_opt = "--keyring %s" % key_file
auth_sec_dict = {"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid, ceph_auth_key,
debug=True)
disk_auth_dict = {"auth_user": ceph_auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
else:
test.error("No ceph client name/key provided.")
device_source = "rbd:%s:mon_host=%s:keyring=%s" % (ceph_disk_name,
ceph_mon_ip,
key_file)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("pre clean up rbd disk if exists: %s", cmd_result)
# Create an local image and make FS on it.
disk_cmd = ("qemu-img create -f %s %s %s" %
(device_format, img_file, storage_size))
process.run(disk_cmd, ignore_status=False, shell=True)
# Convert the image to remote storage
disk_path = ("rbd:%s:mon_host=%s" %
(ceph_disk_name, ceph_mon_ip))
if ceph_client_name and ceph_client_key:
disk_path += (":id=%s:key=%s" %
(ceph_auth_user, ceph_auth_key))
rbd_cmd = ("rbd -m %s %s info %s 2> /dev/null|| qemu-img convert -O"
" %s %s %s" % (ceph_mon_ip, key_opt, ceph_disk_name,
device_format, img_file, disk_path))
process.run(rbd_cmd, ignore_status=False, shell=True)
disk_src_dict = {"attrs": {"protocol": "rbd",
"name": ceph_disk_name},
"hosts": [{"name": ceph_host_ip,
"port": ceph_host_port}]}
elif backend_storage_type == "nfs":
pool_name = params.get("pool_name", "nfs_pool")
pool_target = params.get("pool_target", "nfs_mount")
pool_type = params.get("pool_type", "netfs")
nfs_server_dir = params.get("nfs_server_dir", "nfs_server")
emulated_image = params.get("emulated_image")
image_name = params.get("nfs_image_name", "nfs.img")
tmp_dir = data_dir.get_tmp_dir()
pvt = libvirt.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
# Set virt_use_nfs
virt_use_nfs = params.get("virt_use_nfs", "off")
result = process.run("setsebool virt_use_nfs %s" % virt_use_nfs, shell=True)
if result.exit_status:
test.error("Failed to set virt_use_nfs value")
nfs_mount_dir = os.path.join(tmp_dir, pool_target)
device_source = nfs_mount_dir + image_name
# Create one image on nfs server
libvirt.create_local_disk("file", device_source, '1', "raw")
disks_img.append({"format": device_format,
"source": device_source, "path": device_source})
disk_src_dict = {'attrs': {'file': device_source,
'type_name': 'file'}}
# Create dir based pool,and then create one volume on it.
elif backend_storage_type == "dir":
pool_name = params.get("pool_name", "dir_pool")
pool_target = params.get("pool_target")
pool_type = params.get("pool_type")
emulated_image = params.get("emulated_image")
image_name = params.get("dir_image_name", "luks_1.img")
# Create and start dir_based pool.
pvt = libvirt.PoolVolumeTest(test, params)
if not os.path.exists(pool_target):
os.mkdir(pool_target)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
sp = libvirt_storage.StoragePool()
if not sp.is_pool_active(pool_name):
sp.set_pool_autostart(pool_name)
sp.start_pool(pool_name)
# Create one volume on the pool.
volume_name = params.get("vol_name")
volume_alloc = params.get("vol_alloc")
volume_cap_unit = params.get("vol_cap_unit")
volume_cap = params.get("vol_cap")
volume_target_path = params.get("sec_volume")
volume_target_format = params.get("target_format")
volume_target_encypt = params.get("target_encypt", "")
volume_target_label = params.get("target_label")
vol_params = {"name": volume_name, "capacity": int(volume_cap),
"allocation": int(volume_alloc), "format":
volume_target_format, "path": volume_target_path,
"label": volume_target_label,
"capacity_unit": volume_cap_unit}
try:
# If Libvirt version is lower than 2.5.0
# Creating luks encryption volume is not supported,so skip it.
create_vol(pool_name, vol_params)
except AssertionError as info:
err_msgs = ("create: invalid option")
if str(info).count(err_msgs):
test.cancel("Creating luks encryption volume "
"is not supported on this libvirt version")
else:
test.error("Failed to create volume."
"Error: %s" % str(info))
disk_src_dict = {'attrs': {'file': volume_target_path}}
device_source = volume_target_path
elif backend_storage_type == "nbd":
# Get server hostname.
hostname = process.run('hostname', ignore_status=False, shell=True, verbose=True).stdout_text.strip()
# Setup backend storage
nbd_server_host = hostname
nbd_server_port = params.get("nbd_server_port")
image_path = params.get("emulated_image", "/var/lib/libvirt/images/nbdtest.img")
# Create NbdExport object
nbd = NbdExport(image_path, image_format=device_format,
port=nbd_server_port)
nbd.start_nbd_server()
# Prepare disk source xml
source_attrs_dict = {"protocol": "nbd"}
disk_src_dict = {}
disk_src_dict.update({"attrs": source_attrs_dict})
disk_src_dict.update({"hosts": [{"name": nbd_server_host, "port": nbd_server_port}]})
device_source = "nbd://%s:%s/%s" % (nbd_server_host,
nbd_server_port,
image_path)
logging.debug("device source is: %s", device_source)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
if disk_encryption_dict:
disk_encryption_dict = {"encryption": "luks",
"secret": {"type": "passphrase",
"uuid": luks_sec_uuid}}
disk_encryption = disk_xml.new_encryption(**disk_encryption_dict)
disk_xml.encryption = disk_encryption
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
# Sync VM xml except mirror_mode_blockcommit or mirror_mode_blockcopy
if (not mirror_mode_blockcommit and not mirror_mode_blockcopy):
vmxml.add_device(disk_xml)
try:
vmxml.sync()
vm.start()
vm.wait_for_login().close()
except xcepts.LibvirtXMLError as xml_error:
if not define_error:
test.fail("Failed to define VM:\n%s", str(xml_error))
except virt_vm.VMStartError as details:
# When use wrong password in disk xml for cold plug cases,
# VM cannot be started
if status_error:
logging.info("VM failed to start as expected: %s", str(details))
else:
test.fail("VM should start but failed: %s" % str(details))
func_name = trigger_block_threshold_event
# Additional operations before set block threshold
if backend_storage_type == "file":
logging.info("Create snapshot...")
snap_opt = " %s --disk-only "
snap_opt += "%s,snapshot=external,file=%s"
if default_snapshot_test:
for index in range(1, 5):
snapshot_name = "snapshot_%s" % index
snap_path = "%s/%s_%s.snap" % (tmp_dir, vm_name, index)
snapshot_external_disks.append(snap_path)
snap_option = snap_opt % (snapshot_name, device_target, snap_path)
virsh.snapshot_create_as(vm_name, snap_option,
ignore_status=False, debug=True)
if mirror_mode_blockcommit:
if not libvirt_version.version_compare(6, 6, 0):
test.cancel("Set threshold for disk mirroring feature is not supported on current version")
vmxml.del_device(disk_xml)
virsh.snapshot_create_as(vm_name, "--disk-only --no-metadata",
ignore_status=False, debug=True)
# Do active blockcommit in background.
blockcommit_options = "--active"
mirror_blockcommit_thread = threading.Thread(target=trigger_block_commit,
args=(vm_name, 'vda', blockcommit_options,),
kwargs={'debug': True})
mirror_blockcommit_thread.start()
device_target = "vda[1]"
func_name = trigger_mirror_threshold_event
if mirror_mode_blockcopy:
if not libvirt_version.version_compare(6, 6, 0):
test.cancel("Set threshold for disk mirroring feature is not supported on current version")
# Do transient blockcopy in backgroud.
blockcopy_options = "--transient-job "
# Do cleanup
if os.path.exists(dest_path):
libvirt.delete_local_disk("file", dest_path)
mirror_blockcopy_thread = threading.Thread(target=trigger_block_copy,
args=(vm_name, 'vda', dest_path, blockcopy_options,),
kwargs={'debug': True})
mirror_blockcopy_thread.start()
mirror_blockcopy_thread.join(10)
device_target = "vda[%d]" % get_mirror_source_index(vm_name)
func_name = trigger_mirror_threshold_event
set_vm_block_domblkthreshold(vm_name, device_target, block_threshold_value, **{"debug": True})
cli_thread = threading.Thread(target=func_name,
args=(vm, device_target))
cli_thread.start()
check_threshold_event(vm_name, event_type, block_threshold_timeout, block_threshold_option, **{"debug": True})
finally:
# Delete snapshots.
if virsh.domain_exists(vm_name):
#To delete snapshot, destroy VM first.
if vm.is_alive():
vm.destroy()
libvirt.clean_up_snapshots(vm_name, domxml=vmxml_backup)
vmxml_backup.sync("--snapshots-metadata")
if os.path.exists(img_file):
libvirt.delete_local_disk("file", img_file)
for img in disks_img:
if os.path.exists(img["path"]):
libvirt.delete_local_disk("file", img["path"])
for disk in snapshot_external_disks:
libvirt.delete_local_disk('file', disk)
if os.path.exists(dest_path):
libvirt.delete_local_disk("file", dest_path)
# Clean up backend storage
if backend_storage_type == "iscsi":
libvirt.setup_or_cleanup_iscsi(is_setup=False)
elif backend_storage_type == "gluster":
gluster.setup_or_cleanup_gluster(is_setup=False,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
elif backend_storage_type == "ceph":
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("result of rbd removal: %s", cmd_result)
if os.path.exists(key_file):
os.remove(key_file)
elif backend_storage_type == "nfs":
result = process.run("setsebool virt_use_nfs off",
shell=True)
if result.exit_status:
logging.info("Failed to restore virt_use_nfs value")
elif backend_storage_type == "nbd":
if nbd:
try:
nbd.cleanup()
except Exception as ndbEx:
logging.info("Clean Up nbd failed: %s" % str(ndbEx))
# Clean up secrets
if auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
if luks_sec_uuid:
virsh.secret_undefine(luks_sec_uuid)
# Clean up pools
if pvt:
pvt.cleanup_pool(pool_name, pool_type, pool_target, emulated_image)
def run(test, params, env):
"""
Test disk encryption option.
1.Prepare backend storage (blkdev/iscsi/gluster/ceph)
2.Use luks format to encrypt the backend storage
3.Prepare a disk xml indicating to the backend storage with valid/invalid
luks password
4.Start VM with disk hot/cold plugged
5.Check some disk operations in VM
6.Check backend storage is still in luks format
7.Recover test environment
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
def encrypt_dev(device, params):
"""
Encrypt device with luks format
:param device: Storage device to be encrypted.
:param params: From the dict to get encryption password.
"""
password = params.get("luks_encrypt_passwd", "password")
size = params.get("luks_size", "500M")
preallocation = params.get("preallocation")
cmd = ("qemu-img create -f luks "
"--object secret,id=sec0,data=`printf '%s' | base64`,format=base64 "
"-o key-secret=sec0 %s %s" % (password, device, size))
# Add preallocation if it is given in params
if preallocation:
cmd = cmd.replace("key-secret=sec0", "key-secret=sec0,preallocation=%s" % preallocation)
if process.system(cmd, shell=True):
test.fail("Can't create a luks encrypted img by qemu-img")
def check_dev_format(device, fmt="luks"):
"""
Check if device is in luks format
:param device: Storage device to be checked.
:param fmt: Expected disk format.
:return: If device's format equals to fmt, return True, else return False.
"""
cmd_result = process.run("qemu-img" + ' -h', ignore_status=True,
shell=True, verbose=False)
if b'-U' in cmd_result.stdout:
cmd = ("qemu-img info -U %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
else:
cmd = ("qemu-img info %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
if cmd_result.exit_status:
test.fail("device %s is not in %s format. err is: %s" %
(device, fmt, cmd_result.stderr))
def check_in_vm(target, old_parts):
"""
Check mount/read/write disk in VM.
:param target: Disk dev in VM.
:param old_parts: Original disk partitions in VM.
:return: True if check successfully.
"""
try:
session = vm.wait_for_login()
if platform.platform().count('ppc64'):
time.sleep(10)
new_parts = utils_disk.get_parts_list(session)
added_parts = list(set(new_parts).difference(set(old_parts)))
logging.info("Added parts:%s", added_parts)
if len(added_parts) != 1:
logging.error("The number of new partitions is invalid in VM")
return False
else:
added_part = added_parts[0]
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
"mkdir -p test && mount /dev/{0} test && echo"
" teststring > test/testfile && umount test"
.format(added_part))
status, output = session.cmd_status_output(cmd)
logging.debug("Disk operation in VM:\nexit code:\n%s\noutput:\n%s",
status, output)
return status == 0
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
return False
def create_vol(p_name, target_encrypt_params, vol_params):
"""
Create volume.
:param p_name: Pool name.
:param target_encrypt_params: encrypt parameters in dict.
:param vol_params: Volume parameters dict.
"""
# Clean up dirty volumes if pool has.
pv = libvirt_storage.PoolVolume(p_name)
vol_name_list = pv.list_volumes()
for vol_name in vol_name_list:
pv.delete_volume(vol_name)
volxml = vol_xml.VolXML()
v_xml = volxml.new_vol(**vol_params)
v_xml.encryption = volxml.new_encryption(**target_encrypt_params)
v_xml.xmltreefile.write()
ret = virsh.vol_create(p_name, v_xml.xml, **virsh_dargs)
libvirt.check_exit_status(ret)
def get_secret_list():
"""
Get secret list.
:return secret list
"""
logging.info("Get secret list ...")
secret_list_result = virsh.secret_list()
secret_list = secret_list_result.stdout.strip().splitlines()
# First two lines contain table header followed by entries
# for each secret, such as:
#
# UUID Usage
# --------------------------------------------------------------------------------
# b4e8f6d3-100c-4e71-9f91-069f89742273 ceph client.libvirt secret
secret_list = secret_list[2:]
result = []
# If secret list is empty.
if secret_list:
for line in secret_list:
# Split on whitespace, assume 1 column
linesplit = line.split(None, 1)
result.append(linesplit[0])
return result
def check_top_image_in_xml(expected_top_image):
"""
check top image in src file
:param expected_top_image: expect top image
"""
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disks = vmxml.devices.by_device_tag('disk')
disk_xml = None
for disk in disks:
if disk.target['dev'] != device_target:
continue
else:
disk_xml = disk.xmltreefile
break
logging.debug("disk xml in top: %s\n", disk_xml)
src_file = disk_xml.find('source').get('file')
if src_file is None:
src_file = disk_xml.find('source').get('name')
if src_file != expected_top_image:
test.fail("Current top img %s is not the same with %s"
% (src_file, expected_top_image))
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_type = params.get("virt_disk_device_type", "file")
device_format = params.get("virt_disk_device_format", "raw")
device_bus = params.get("virt_disk_device_bus", "virtio")
backend_storage_type = params.get("backend_storage_type", "iscsi")
volume_target_format = params.get("target_format", "raw")
# Backend storage options.
storage_size = params.get("storage_size", "1G")
enable_auth = "yes" == params.get("enable_auth")
# Luks encryption info, luks_encrypt_passwd is the password used to encrypt
# luks image, and luks_secret_passwd is the password set to luks secret, you
# can set a wrong password to luks_secret_passwd for negative tests
luks_encrypt_passwd = params.get("luks_encrypt_passwd", "password")
luks_secret_passwd = params.get("luks_secret_passwd", "password")
# Backend storage auth info
use_auth_usage = "yes" == params.get("use_auth_usage")
if use_auth_usage:
use_auth_uuid = False
else:
use_auth_uuid = "yes" == params.get("use_auth_uuid", "yes")
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
status_error = "yes" == params.get("status_error")
define_error = "yes" == params.get("define_error")
check_partitions = "yes" == params.get("virt_disk_check_partitions", "yes")
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
encryption_in_source = "yes" == params.get("encryption_in_source", "no")
auth_in_source = "yes" == params.get("auth_in_source", "no")
auth_sec_uuid = ""
luks_sec_uuid = ""
disk_auth_dict = {}
disk_encryption_dict = {}
pvt = None
duplicated_encryption = "yes" == params.get("duplicated_encryption", "no")
slice_support_enable = "yes" == params.get("slice_support_enable", "no")
block_copy_test = "yes" == params.get("block_copy_test", "no")
if ((encryption_in_source or auth_in_source) and
not libvirt_version.version_compare(3, 9, 0)):
test.cancel("Cannot put <encryption> or <auth> inside disk <source> "
"in this libvirt version.")
# Start VM and get all partitions in VM.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = utils_disk.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
# Clean up dirty secrets in test environments if there are.
dirty_secret_list = get_secret_list()
if dirty_secret_list:
for dirty_secret_uuid in dirty_secret_list:
virsh.secret_undefine(dirty_secret_uuid)
# Create secret
luks_sec_uuid = libvirt.create_secret(params)
logging.debug("A secret created with uuid = '%s'", luks_sec_uuid)
ret = virsh.secret_set_value(luks_sec_uuid, luks_secret_passwd,
encode=True, debug=True)
libvirt.check_exit_status(ret)
# Setup backend storage
if backend_storage_type == "iscsi":
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
if device_type == "block":
device_source = libvirt.setup_or_cleanup_iscsi(is_setup=True)
disk_src_dict = {'attrs': {'dev': device_source}}
elif device_type == "network":
if enable_auth:
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage",
"libvirtiscsi")
auth_sec_dict = {"sec_usage": "iscsi",
"sec_target": auth_sec_usage}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
# Set password of auth secret (not luks encryption secret)
virsh.secret_set_value(auth_sec_uuid, chap_passwd,
encode=True, debug=True)
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True, is_login=False, image_size=storage_size,
chap_user=chap_user, chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# ISCSI auth attributes for disk xml
if use_auth_uuid:
disk_auth_dict = {"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
elif use_auth_usage:
disk_auth_dict = {"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target}
else:
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True, is_login=False, image_size=storage_size,
portal_ip=iscsi_host)
device_source = "iscsi://%s:%s/%s/%s" % (iscsi_host, iscsi_port,
iscsi_target, lun_num)
disk_src_dict = {"attrs": {"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)},
"hosts": [{"name": iscsi_host, "port": iscsi_port}]}
elif backend_storage_type == "gluster":
gluster_vol_name = params.get("gluster_vol_name", "gluster_vol1")
gluster_pool_name = params.get("gluster_pool_name", "gluster_pool1")
gluster_img_name = params.get("gluster_img_name", "gluster1.img")
gluster_host_ip = gluster.setup_or_cleanup_gluster(
is_setup=True,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
device_source = "gluster://%s/%s/%s" % (gluster_host_ip,
gluster_vol_name,
gluster_img_name)
disk_src_dict = {"attrs": {"protocol": "gluster",
"name": "%s/%s" % (gluster_vol_name,
gluster_img_name)},
"hosts": [{"name": gluster_host_ip,
"port": "24007"}]}
elif backend_storage_type == "ceph":
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_host_port = params.get("ceph_host_port", "EXAMPLE_PORTS")
ceph_disk_name = params.get("ceph_disk_name", "EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
enable_auth = "yes" == params.get("enable_auth")
key_file = os.path.join(TMP_DATA_DIR, "ceph.key")
key_opt = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
if enable_auth:
# If enable auth, prepare a local file to save key
if ceph_client_name and ceph_client_key:
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
key_opt = "--keyring %s" % key_file
auth_sec_dict = {"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid, ceph_auth_key,
debug=True)
disk_auth_dict = {"auth_user": ceph_auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
else:
test.error("No ceph client name/key provided.")
device_source = "rbd:%s:mon_host=%s:keyring=%s" % (ceph_disk_name,
ceph_mon_ip,
key_file)
else:
device_source = "rbd:%s:mon_host=%s" % (ceph_disk_name, ceph_mon_ip)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("pre clean up rbd disk if exists: %s", cmd_result)
disk_src_dict = {"attrs": {"protocol": "rbd",
"name": ceph_disk_name},
"hosts": [{"name": ceph_host_ip,
"port": ceph_host_port}]}
elif backend_storage_type == "nfs":
pool_name = params.get("pool_name", "nfs_pool")
pool_target = params.get("pool_target", "nfs_mount")
pool_type = params.get("pool_type", "netfs")
nfs_server_dir = params.get("nfs_server_dir", "nfs_server")
emulated_image = params.get("emulated_image")
image_name = params.get("nfs_image_name", "nfs.img")
tmp_dir = TMP_DATA_DIR
pvt = libvirt.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
nfs_mount_dir = os.path.join(tmp_dir, pool_target)
device_source = nfs_mount_dir + image_name
disk_src_dict = {'attrs': {'file': device_source,
'type_name': 'file'}}
# Create dir based pool,and then create one volume on it.
elif backend_storage_type == "dir":
pool_name = params.get("pool_name", "dir_pool")
pool_target = params.get("pool_target")
pool_type = params.get("pool_type")
emulated_image = params.get("emulated_image")
image_name = params.get("dir_image_name", "luks_1.img")
# Create and start dir_based pool.
pvt = libvirt.PoolVolumeTest(test, params)
if not os.path.exists(pool_target):
os.mkdir(pool_target)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
sp = libvirt_storage.StoragePool()
if not sp.is_pool_active(pool_name):
sp.set_pool_autostart(pool_name)
sp.start_pool(pool_name)
# Create one volume on the pool.
volume_name = params.get("vol_name")
volume_alloc = params.get("vol_alloc")
volume_cap_unit = params.get("vol_cap_unit")
volume_cap = params.get("vol_cap")
volume_target_path = params.get("sec_volume")
volume_target_format = params.get("target_format")
device_format = volume_target_format
volume_target_encypt = params.get("target_encypt", "")
volume_target_label = params.get("target_label")
vol_params = {"name": volume_name, "capacity": int(volume_cap),
"allocation": int(volume_alloc), "format":
volume_target_format, "path": volume_target_path,
"label": volume_target_label,
"capacity_unit": volume_cap_unit}
vol_encryption_params = {}
vol_encryption_params.update({"format": "luks"})
vol_encryption_params.update({"secret": {"type": "passphrase", "uuid": luks_sec_uuid}})
try:
# If target format is qcow2,need to create test image with "qemu-img create"
if volume_target_format == "qcow2":
option = params.get("luks_extra_elements")
libvirt.create_local_disk("file", path=volume_target_path, extra=option,
disk_format="qcow2", size="1")
else:
# If Libvirt version is lower than 2.5.0
# Creating luks encryption volume is not supported,so skip it.
create_vol(pool_name, vol_encryption_params, vol_params)
except AssertionError as info:
err_msgs = ("create: invalid option")
if str(info).count(err_msgs):
test.cancel("Creating luks encryption volume "
"is not supported on this libvirt version")
else:
test.error("Failed to create volume."
"Error: %s" % str(info))
disk_src_dict = {'attrs': {'file': volume_target_path}}
device_source = volume_target_path
elif backend_storage_type == "file":
tmp_dir = TMP_DATA_DIR
image_name = params.get("file_image_name", "slice.img")
device_source = os.path.join(tmp_dir, image_name)
disk_src_dict = {'attrs': {'file': device_source}}
else:
test.cancel("Only iscsi/gluster/rbd/nfs/file can be tested for now.")
logging.debug("device source is: %s", device_source)
if backend_storage_type != "dir":
encrypt_dev(device_source, params)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
print()
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
if auth_in_source:
disk_source.auth = disk_xml.new_auth(**disk_auth_dict)
else:
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
disk_encryption_dict = {"encryption": "luks",
"secret": {"type": "passphrase",
"uuid": luks_sec_uuid}}
disk_encryption = disk_xml.new_encryption(**disk_encryption_dict)
if encryption_in_source:
disk_source.encryption = disk_encryption
else:
disk_xml.encryption = disk_encryption
if duplicated_encryption:
disk_xml.encryption = disk_encryption
if slice_support_enable:
if not libvirt_version.version_compare(6, 0, 0):
test.cancel("Cannot put <slice> inside disk <source> "
"in this libvirt version.")
else:
check_du_output = process.run("du -b %s" % device_source, shell=True).stdout_text
slice_size = re.findall(r'[0-9]+', check_du_output)
disk_source.slices = disk_xml.new_slices(
**{"slice_type": "storage", "slice_offset": "0", "slice_size": slice_size[0]})
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
# Sync VM xml
if not hotplug_disk:
vmxml.add_device(disk_xml)
try:
vmxml.sync()
vm.start()
vm.wait_for_login()
except xcepts.LibvirtXMLError as xml_error:
if not define_error:
test.fail("Failed to define VM:\n%s" % str(xml_error))
except virt_vm.VMStartError as details:
# When use wrong password in disk xml for cold plug cases,
# VM cannot be started
if status_error and not hotplug_disk:
logging.info("VM failed to start as expected: %s" % str(details))
else:
test.fail("VM should start but failed: %s" % str(details))
if hotplug_disk:
result = virsh.attach_device(vm_name, disk_xml.xml,
ignore_status=True, debug=True)
libvirt.check_exit_status(result, status_error)
if check_partitions and not status_error:
if not check_in_vm(device_target, old_parts):
test.fail("Check disk partitions in VM failed")
if volume_target_format == "qcow2":
check_dev_format(device_source, fmt="qcow2")
else:
check_dev_format(device_source)
if block_copy_test:
# Create a transient VM
transient_vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
if vm.is_alive():
vm.destroy(gracefully=False)
virsh.undefine(vm_name, debug=True, ignore_status=False)
virsh.create(transient_vmxml.xml, ignore_status=False, debug=True)
expected_top_image = vm.get_blk_devices()[device_target].get('source')
options = params.get("blockcopy_options")
tmp_dir = TMP_DATA_DIR
tmp_file = time.strftime("%Y-%m-%d-%H.%M.%S.img")
dest_path = os.path.join(tmp_dir, tmp_file)
# Need cover a few scenarios:single blockcopy, blockcopy and abort combined
virsh.blockcopy(vm_name, device_target, dest_path,
options, ignore_status=False, debug=True)
if encryption_in_source:
virsh.blockjob(vm_name, device_target, " --pivot", ignore_status=False)
expected_top_image = dest_path
else:
virsh.blockjob(vm_name, device_target, " --abort", ignore_status=False)
check_top_image_in_xml(expected_top_image)
finally:
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync("--snapshots-metadata")
# Clean up backend storage
if backend_storage_type == "iscsi":
libvirt.setup_or_cleanup_iscsi(is_setup=False)
elif backend_storage_type == "gluster":
gluster.setup_or_cleanup_gluster(is_setup=False,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
elif backend_storage_type == "ceph":
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("result of rbd removal: %s", cmd_result)
if os.path.exists(key_file):
os.remove(key_file)
# Clean up secrets
if auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
if luks_sec_uuid:
virsh.secret_undefine(luks_sec_uuid)
# Clean up pools
if pvt:
pvt.cleanup_pool(pool_name, pool_type, pool_target, emulated_image)
disk_xml.driver = driver_dict
# Check if we want to use a faked uuid.
if not uuid:
uuid = secret_uuid
auth_dict = {}
if auth_uuid:
auth_dict = {"auth_user": chap_user,
"secret_type": secret_usage_type,
"secret_uuid": uuid}
elif auth_usage:
auth_dict = {"auth_user": chap_user,
"secret_type": secret_usage_type,
"secret_usage": secret_usage_target}
if auth_dict:
disk_xml.auth = disk_xml.new_auth(**auth_dict)
# Sync VM xml.
vmxml.add_device(disk_xml)
# After virtio 1.0 is enabled, lun type device need use virtio-scsi
# instead of virtio, so addtional controller is needed.
# Add controller.
if device == "lun":
ctrl = Controller(type_name=cntlr_type)
if cntlr_model is not None:
ctrl.model = cntlr_model
if cntlr_index is not None:
ctrl.index = cntlr_index
ctrl_addr_dict = {}
for addr_option in controller_addr_options.split(','):
if addr_option != "":
disk_xml.driver = driver_dict
# Check if we want to use a faked uuid.
if not uuid:
uuid = secret_uuid
auth_dict = {}
if auth_uuid:
auth_dict = {"auth_user": chap_user,
"secret_type": secret_usage_type,
"secret_uuid": uuid}
elif auth_usage:
auth_dict = {"auth_user": chap_user,
"secret_type": secret_usage_type,
"secret_usage": secret_usage_target}
if auth_dict:
disk_xml.auth = disk_xml.new_auth(**auth_dict)
# Sync VM xml.
vmxml.add_device(disk_xml)
vmxml.sync()
try:
# Start the VM and check status.
vm.start()
if status_error:
raise error.TestFail("VM started unexpectedly.")
# Check Qemu command line
if test_qemu_cmd:
check_qemu_cmd()
except virt_vm.VMStartError, e:
def run(test, params, env):
"""
Test disk encryption option.
1.Prepare backend storage (blkdev/iscsi/gluster/ceph)
2.Use luks format to encrypt the backend storage
3.Prepare a disk xml indicating to the backend storage with valid/invalid
luks password
4.Start VM with disk hot/cold plugged
5.Check some disk operations in VM
6.Check backend storage is still in luks format
7.Recover test environment
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
def encrypt_dev(device, params):
"""
Encrypt device with luks format
:param device: Storage deivce to be encrypted.
:param params: From the dict to get encryption password.
"""
password = params.get("luks_encrypt_passwd", "password")
size = params.get("luks_size", "500M")
cmd = ("qemu-img create -f luks "
"--object secret,id=sec0,data=`printf '%s' | base64`,format=base64 "
"-o key-secret=sec0 %s %s" % (password, device, size))
if process.system(cmd, shell=True):
test.fail("Can't create a luks encrypted img by qemu-img")
def check_dev_format(device, fmt="luks"):
"""
Check if device is in luks format
:param device: Storage deivce to be checked.
:param fmt: Expected disk format.
:return: If device's format equals to fmt, return True, else return False.
"""
cmd_result = process.run("qemu-img" + ' -h', ignore_status=True,
shell=True, verbose=False)
if b'-U' in cmd_result.stdout:
cmd = ("qemu-img info -U %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
else:
cmd = ("qemu-img info %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
if cmd_result.exit_status:
test.fail("device %s is not in %s format. err is: %s" %
(device, fmt, cmd_result.stderr))
def check_in_vm(target, old_parts):
"""
Check mount/read/write disk in VM.
:param target: Disk dev in VM.
:param old_parts: Original disk partitions in VM.
:return: True if check successfully.
"""
try:
session = vm.wait_for_login()
if platform.platform().count('ppc64'):
time.sleep(10)
new_parts = libvirt.get_parts_list(session)
added_parts = list(set(new_parts).difference(set(old_parts)))
logging.info("Added parts:%s", added_parts)
if len(added_parts) != 1:
logging.error("The number of new partitions is invalid in VM")
return False
else:
added_part = added_parts[0]
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
"mkdir -p test && mount /dev/{0} test && echo"
" teststring > test/testfile && umount test"
.format(added_part))
status, output = session.cmd_status_output(cmd)
logging.debug("Disk operation in VM:\nexit code:\n%s\noutput:\n%s",
status, output)
return status == 0
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
return False
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "file")
device_bus = params.get("virt_disk_device_bus", "virtio")
backend_storage_type = params.get("backend_storage_type", "iscsi")
# Backend storage options.
storage_size = params.get("storage_size", "1G")
enable_auth = "yes" == params.get("enable_auth")
# Luks encryption info, luks_encrypt_passwd is the password used to encrypt
# luks image, and luks_secret_passwd is the password set to luks secret, you
# can set a wrong password to luks_secret_passwd for negative tests
luks_encrypt_passwd = params.get("luks_encrypt_passwd", "password")
luks_secret_passwd = params.get("luks_secret_passwd", "password")
# Backend storage auth info
use_auth_usage = "yes" == params.get("use_auth_usage")
if use_auth_usage:
use_auth_uuid = False
else:
use_auth_uuid = "yes" == params.get("use_auth_uuid", "yes")
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
status_error = "yes" == params.get("status_error")
check_partitions = "yes" == params.get("virt_disk_check_partitions", "yes")
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
encryption_in_source = "yes" == params.get("encryption_in_source", "no")
auth_in_source = "yes" == params.get("auth_in_source", "no")
auth_sec_uuid = ""
luks_sec_uuid = ""
disk_auth_dict = {}
disk_encryption_dict = {}
pvt = None
if ((encryption_in_source or auth_in_source) and
not libvirt_version.version_compare(3, 9, 0)):
test.cancel("Cannot put <encryption> or <auth> inside disk <source> "
"in this libvirt version.")
# Start VM and get all partions in VM.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = libvirt.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
# Setup backend storage
if backend_storage_type == "iscsi":
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
if device_type == "block":
device_source = libvirt.setup_or_cleanup_iscsi(is_setup=True)
disk_src_dict = {'attrs': {'dev': device_source}}
elif device_type == "network":
if enable_auth:
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage",
"libvirtiscsi")
auth_sec_dict = {"sec_usage": "iscsi",
"sec_target": auth_sec_usage}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
# Set password of auth secret (not luks encryption secret)
virsh.secret_set_value(auth_sec_uuid, chap_passwd,
encode=True, debug=True)
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True, is_login=False, image_size=storage_size,
chap_user=chap_user, chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# ISCSI auth attributes for disk xml
if use_auth_uuid:
disk_auth_dict = {"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
elif use_auth_usage:
disk_auth_dict = {"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target}
else:
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True, is_login=False, image_size=storage_size,
portal_ip=iscsi_host)
device_source = "iscsi://%s:%s/%s/%s" % (iscsi_host, iscsi_port,
iscsi_target, lun_num)
disk_src_dict = {"attrs": {"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)},
"hosts": [{"name": iscsi_host, "port": iscsi_port}]}
elif backend_storage_type == "gluster":
gluster_vol_name = params.get("gluster_vol_name", "gluster_vol1")
gluster_pool_name = params.get("gluster_pool_name", "gluster_pool1")
gluster_img_name = params.get("gluster_img_name", "gluster1.img")
gluster_host_ip = libvirt.setup_or_cleanup_gluster(
is_setup=True,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name)
device_source = "gluster://%s/%s/%s" % (gluster_host_ip,
gluster_vol_name,
gluster_img_name)
disk_src_dict = {"attrs": {"protocol": "gluster",
"name": "%s/%s" % (gluster_vol_name,
gluster_img_name)},
"hosts": [{"name": gluster_host_ip,
"port": "24007"}]}
elif backend_storage_type == "ceph":
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_host_port = params.get("ceph_host_port", "EXAMPLE_PORTS")
ceph_disk_name = params.get("ceph_disk_name", "EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
enable_auth = "yes" == params.get("enable_auth")
key_file = os.path.join(data_dir.get_tmp_dir(), "ceph.key")
key_opt = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
if enable_auth:
# If enable auth, prepare a local file to save key
if ceph_client_name and ceph_client_key:
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
key_opt = "--keyring %s" % key_file
auth_sec_dict = {"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid, ceph_auth_key,
debug=True)
disk_auth_dict = {"auth_user": ceph_auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
else:
test.error("No ceph client name/key provided.")
device_source = "rbd:%s:mon_host=%s:keyring=%s" % (ceph_disk_name,
ceph_mon_ip,
key_file)
else:
device_source = "rbd:%s:mon_host=%s" % (ceph_disk_name, ceph_mon_ip)
disk_src_dict = {"attrs": {"protocol": "rbd",
"name": ceph_disk_name},
"hosts": [{"name": ceph_host_ip,
"port": ceph_host_port}]}
elif backend_storage_type == "nfs":
pool_name = params.get("pool_name", "nfs_pool")
pool_target = params.get("pool_target", "nfs_mount")
pool_type = params.get("pool_type", "netfs")
nfs_server_dir = params.get("nfs_server_dir", "nfs_server")
emulated_image = params.get("emulated_image")
image_name = params.get("nfs_image_name", "nfs.img")
tmp_dir = data_dir.get_tmp_dir()
pvt = libvirt.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
nfs_mount_dir = os.path.join(tmp_dir, pool_target)
device_source = nfs_mount_dir + image_name
disk_src_dict = {'attrs': {'file': device_source,
'type_name': 'file'}}
else:
test.cancel("Only iscsi/gluster/rbd/nfs can be tested for now.")
logging.debug("device source is: %s", device_source)
luks_sec_uuid = libvirt.create_secret(params)
logging.debug("A secret created with uuid = '%s'", luks_sec_uuid)
ret = virsh.secret_set_value(luks_sec_uuid, luks_secret_passwd,
encode=True, debug=True)
encrypt_dev(device_source, params)
libvirt.check_exit_status(ret)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
if auth_in_source:
disk_source.auth = disk_xml.new_auth(**disk_auth_dict)
else:
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
disk_encryption_dict = {"encryption": "luks",
"secret": {"type": "passphrase",
"uuid": luks_sec_uuid}}
disk_encryption = disk_xml.new_encryption(**disk_encryption_dict)
if encryption_in_source:
disk_source.encryption = disk_encryption
else:
disk_xml.encryption = disk_encryption
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
# Sync VM xml
if not hotplug_disk:
vmxml.add_device(disk_xml)
vmxml.sync()
try:
vm.start()
vm.wait_for_login()
except virt_vm.VMStartError as details:
# When use wrong password in disk xml for cold plug cases,
# VM cannot be started
if status_error and not hotplug_disk:
logging.info("VM failed to start as expected: %s" % str(details))
else:
test.fail("VM should start but failed: %s" % str(details))
if hotplug_disk:
result = virsh.attach_device(vm_name, disk_xml.xml,
ignore_status=True, debug=True)
libvirt.check_exit_status(result, status_error)
if check_partitions and not status_error:
if not check_in_vm(device_target, old_parts):
test.fail("Check disk partitions in VM failed")
check_dev_format(device_source)
finally:
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync("--snapshots-metadata")
# Clean up backend storage
if backend_storage_type == "iscsi":
libvirt.setup_or_cleanup_iscsi(is_setup=False)
elif backend_storage_type == "gluster":
libvirt.setup_or_cleanup_gluster(is_setup=False,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name)
elif backend_storage_type == "ceph":
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("result of rbd removal: %s", cmd_result)
if os.path.exists(key_file):
os.remove(key_file)
# Clean up secrets
if auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
if luks_sec_uuid:
virsh.secret_undefine(luks_sec_uuid)
# Clean up pools
if pvt:
pvt.cleanup_pool(pool_name, pool_type, pool_target, emulated_image)
def run(test, params, env):
"""
Test disk encryption option.
1.Prepare test environment, destroy or suspend a VM.
2.Prepare tgtd and secret config.
3.Edit disks xml and start the domain.
4.Perform test operation.
5.Recover test environment.
6.Confirm the test result.
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
def check_save_restore(save_file):
"""
Test domain save and restore.
"""
# Save the domain.
ret = virsh.save(vm_name, save_file, **virsh_dargs)
libvirt.check_exit_status(ret)
# Restore the domain.
ret = virsh.restore(save_file, **virsh_dargs)
libvirt.check_exit_status(ret)
def check_snapshot():
"""
Test domain snapshot operation.
"""
snapshot1 = "s1"
snapshot2 = "s2"
ret = virsh.snapshot_create_as(vm_name, snapshot1)
libvirt.check_exit_status(ret)
ret = virsh.snapshot_create_as(vm_name,
"%s --disk-only --diskspec vda,"
"file=/tmp/testvm-snap1"
% snapshot2)
libvirt.check_exit_status(ret, True)
ret = virsh.snapshot_create_as(vm_name,
"%s --memspec file=%s,snapshot=external"
" --diskspec vda,file=/tmp/testvm-snap2"
% (snapshot2, snapshot2))
libvirt.check_exit_status(ret, True)
def check_in_vm(target, old_parts):
"""
Check mount/read/write disk in VM.
:param vm. VM guest.
:param target. Disk dev in VM.
:return: True if check successfully.
"""
try:
session = vm.wait_for_login()
new_parts = libvirt.get_parts_list(session)
added_parts = list(set(new_parts).difference(set(old_parts)))
logging.info("Added parts:%s", added_parts)
if len(added_parts) != 1:
logging.error("The number of new partitions is invalid in VM")
return False
added_part = None
if target.startswith("vd"):
if added_parts[0].startswith("vd"):
added_part = added_parts[0]
elif target.startswith("hd"):
if added_parts[0].startswith("sd"):
added_part = added_parts[0]
elif target.startswith("sd"):
added_part = added_parts[0]
if not added_part:
logging.error("Cann't see added partition in VM")
return False
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
"mkdir -p test && mount /dev/{0} test && echo"
" teststring > test/testfile && umount test"
.format(added_part))
s, o = session.cmd_status_output(cmd)
logging.info("Check disk operation in VM:\n%s", o)
if s != 0:
return False
return True
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
return False
def check_qemu_cmd():
"""
Check qemu-kvm command line options
"""
cmd = ("ps -ef | grep %s | grep -v grep " % vm_name)
if driver_iothread:
cmd += " | grep iothread=iothread%s" % driver_iothread
if process.system(cmd, ignore_status=True, shell=True):
test.fail("Can't see disk option '%s' "
"in command line" % cmd)
def check_auth_plaintext(vm_name, password):
"""
Check if libvirt passed the plaintext of the chap authentication
password to qemu.
:param vm_name: The name of vm to be checked.
:param password: The plaintext of password used for chap authentication.
:return: True if using plaintext, False if not.
"""
cmd = ("ps -ef | grep -v grep | grep qemu-kvm | grep %s | grep %s"
% (vm_name, password))
return process.system(cmd, ignore_status=True, shell=True) == 0
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "file")
device_bus = params.get("virt_disk_device_bus", "virtio")
# Controller specific attributes.
cntlr_type = params.get('controller_type', None)
cntlr_model = params.get('controller_model', None)
cntlr_index = params.get('controller_index', None)
controller_addr_options = params.get('controller_addr_options', None)
driver_iothread = params.get("driver_iothread")
# iscsi options.
iscsi_target = params.get("iscsi_target")
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
emulated_size = params.get("iscsi_image_size", "1")
uuid = params.get("uuid", "")
auth_uuid = "yes" == params.get("auth_uuid", "")
auth_usage = "yes" == params.get("auth_usage", "")
status_error = "yes" == params.get("status_error")
define_error = "yes" == params.get("define_error", "no")
test_save_snapshot = "yes" == params.get("test_save_snapshot", "no")
test_qemu_cmd = "yes" == params.get("test_qemu_cmd", "no")
check_partitions = "yes" == params.get("virt_disk_check_partitions", "yes")
secret_uuid = ""
# Start vm and get all partions in vm.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = libvirt.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
chap_user = ""
chap_passwd = ""
if auth_uuid or auth_usage:
auth_place_in_location = params.get("auth_place_in_location")
if 'source' in auth_place_in_location and not libvirt_version.version_compare(3, 9, 0):
test.cancel("place auth in source is not supported in current libvirt version")
auth_type = params.get("auth_type")
secret_usage_target = params.get("secret_usage_target")
secret_usage_type = params.get("secret_usage_type")
chap_user = params.get("iscsi_user")
chap_passwd = params.get("iscsi_password")
sec_xml = secret_xml.SecretXML("no", "yes")
sec_xml.description = "iSCSI secret"
sec_xml.auth_type = auth_type
sec_xml.auth_username = chap_user
sec_xml.usage = secret_usage_type
sec_xml.target = secret_usage_target
sec_xml.xmltreefile.write()
ret = virsh.secret_define(sec_xml.xml)
libvirt.check_exit_status(ret)
secret_uuid = re.findall(r".+\S+(\ +\S+)\ +.+\S+",
ret.stdout.strip())[0].lstrip()
logging.debug("Secret uuid %s", secret_uuid)
if secret_uuid == "":
test.error("Failed to get secret uuid")
# Set secret value
encoding = locale.getpreferredencoding()
secret_string = base64.b64encode(chap_passwd.encode(encoding)).decode(encoding)
ret = virsh.secret_set_value(secret_uuid, secret_string,
**virsh_dargs)
libvirt.check_exit_status(ret)
# Setup iscsi target
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(is_setup=True,
is_login=False,
image_size=emulated_size,
chap_user=chap_user,
chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# If we use qcow2 disk format, should format iscsi disk first.
if device_format == "qcow2":
cmd = ("qemu-img create -f qcow2 iscsi://%s:%s/%s/%s %s"
% (iscsi_host, iscsi_port, iscsi_target, lun_num, emulated_size))
process.run(cmd, shell=True)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
# For lun type device, iothread attribute need to be set in controller.
if driver_iothread and device != "lun":
driver_dict.update({"iothread": driver_iothread})
vmxml.iothreads = int(driver_iothread)
elif driver_iothread:
vmxml.iothreads = int(driver_iothread)
disk_xml.driver = driver_dict
# Check if we want to use a faked uuid.
if not uuid:
uuid = secret_uuid
auth_dict = {}
if auth_uuid:
auth_dict = {"auth_user": chap_user,
"secret_type": secret_usage_type,
"secret_uuid": uuid}
elif auth_usage:
auth_dict = {"auth_user": chap_user,
"secret_type": secret_usage_type,
"secret_usage": secret_usage_target}
disk_source = disk_xml.new_disk_source(
**{"attrs": {"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)},
"hosts": [{"name": iscsi_host, "port": iscsi_port}]})
if auth_dict:
disk_auth = disk_xml.new_auth(**auth_dict)
if 'source' in auth_place_in_location:
disk_source.auth = disk_auth
if 'disk' in auth_place_in_location:
disk_xml.auth = disk_auth
disk_xml.source = disk_source
# Sync VM xml.
vmxml.add_device(disk_xml)
# After virtio 1.0 is enabled, lun type device need use virtio-scsi
# instead of virtio, so additional controller is needed.
# Add controller.
if device == "lun":
ctrl = Controller(type_name=cntlr_type)
if cntlr_model is not None:
ctrl.model = cntlr_model
if cntlr_index is not None:
ctrl.index = cntlr_index
ctrl_addr_dict = {}
for addr_option in controller_addr_options.split(','):
if addr_option != "":
addr_part = addr_option.split('=')
ctrl_addr_dict.update({addr_part[0].strip(): addr_part[1].strip()})
ctrl.address = ctrl.new_controller_address(attrs=ctrl_addr_dict)
# If driver_iothread is true, need add iothread attribute in controller.
if driver_iothread:
ctrl_driver_dict = {}
ctrl_driver_dict.update({"iothread": driver_iothread})
ctrl.driver = ctrl_driver_dict
logging.debug("Controller XML is:%s", ctrl)
if cntlr_type:
vmxml.del_controller(cntlr_type)
else:
vmxml.del_controller("scsi")
vmxml.add_device(ctrl)
try:
# Start the VM and check status.
vmxml.sync()
vm.start()
if status_error:
test.fail("VM started unexpectedly.")
# Check Qemu command line
if test_qemu_cmd:
check_qemu_cmd()
except virt_vm.VMStartError as e:
if status_error:
if re.search(uuid, str(e)):
pass
else:
test.fail("VM failed to start."
"Error: %s" % str(e))
except xcepts.LibvirtXMLError as xml_error:
if not define_error:
test.fail("Failed to define VM:\n%s" % xml_error)
else:
# Check partitions in VM.
if check_partitions:
if not check_in_vm(device_target, old_parts):
test.fail("Check disk partitions in VM failed")
# Test domain save/restore/snapshot.
if test_save_snapshot:
save_file = os.path.join(data_dir.get_tmp_dir(), "%.save" % vm_name)
check_save_restore(save_file)
check_snapshot()
if os.path.exists(save_file):
os.remove(save_file)
# Test libvirt doesn't pass the plaintext of chap password to qemu,
# this function is implemented in libvirt 4.3.0-1.
if (libvirt_version.version_compare(4, 3, 0) and
(auth_uuid or auth_usage) and
chap_passwd):
if(check_auth_plaintext(vm_name, chap_passwd)):
test.fail("Libvirt should not pass plaintext of chap "
"password to qemu-kvm.")
finally:
# Delete snapshots.
libvirt.clean_up_snapshots(vm_name, domxml=vmxml_backup)
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync("--snapshots-metadata")
# Delete the tmp files.
libvirt.setup_or_cleanup_iscsi(is_setup=False)
# Clean up secret
if secret_uuid:
virsh.secret_undefine(secret_uuid)
