def _create_secret(auth_sec_usage_type, ceph_auth_key):
"""
Setup secret with auth
:param auth_sec_usage_type: auth secret usage
:param ceph_auth_key: ceph auth key
:return: auth secret uuid
"""
auth_sec_dict = {"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid, ceph_auth_key,
debug=True)
return auth_sec_uuid
def secret_validate(test, secret_volume, file=None, **virsh_dargs):
"""
Test for schema secret
"""
# Clean up dirty secrets in test environments if there are.
libvirt_secret.clean_up_secrets()
sec_params = {
"sec_usage": "volume",
"sec_volume": secret_volume,
"sec_desc": "Test for schema secret."
}
sec_uuid = libvirt.create_secret(sec_params)
if sec_uuid:
try:
virsh.secret_dumpxml(sec_uuid, to_file=file, **virsh_dargs)
except process.CmdError as e:
test.error(str(e))
def run(test, params, env):
"""
Test disk encryption option.
1.Prepare backend storage (blkdev/iscsi/gluster/ceph)
2.Use luks format to encrypt the backend storage
3.Prepare a disk xml indicating to the backend storage with valid/invalid
luks password
4.Start VM with disk hot/cold plugged
5.Check some disk operations in VM
6.Check backend storage is still in luks format
7.Recover test environment
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
def encrypt_dev(device, params):
"""
Encrypt device with luks format
:param device: Storage deivce to be encrypted.
:param params: From the dict to get encryption password.
"""
password = params.get("luks_encrypt_passwd", "password")
size = params.get("luks_size", "500M")
cmd = (
"qemu-img create -f luks "
"--object secret,id=sec0,data=`printf '%s' | base64`,format=base64 "
"-o key-secret=sec0 %s %s" % (password, device, size))
if process.system(cmd, shell=True):
test.fail("Can't create a luks encrypted img by qemu-img")
def check_dev_format(device, fmt="luks"):
"""
Check if device is in luks format
:param device: Storage deivce to be checked.
:param fmt: Expected disk format.
:return: If device's format equals to fmt, return True, else return False.
"""
cmd_result = process.run("qemu-img" + ' -h',
ignore_status=True,
shell=True,
verbose=False)
if b'-U' in cmd_result.stdout:
cmd = ("qemu-img info -U %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
else:
cmd = ("qemu-img info %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
if cmd_result.exit_status:
test.fail("device %s is not in %s format. err is: %s" %
(device, fmt, cmd_result.stderr))
def check_in_vm(target, old_parts):
"""
Check mount/read/write disk in VM.
:param target: Disk dev in VM.
:param old_parts: Original disk partitions in VM.
:return: True if check successfully.
"""
try:
session = vm.wait_for_login()
if platform.platform().count('ppc64'):
time.sleep(10)
new_parts = utils_disk.get_parts_list(session)
added_parts = list(set(new_parts).difference(set(old_parts)))
logging.info("Added parts:%s", added_parts)
if len(added_parts) != 1:
logging.error("The number of new partitions is invalid in VM")
return False
else:
added_part = added_parts[0]
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
"mkdir -p test && mount /dev/{0} test && echo"
" teststring > test/testfile && umount test".format(
added_part))
status, output = session.cmd_status_output(cmd)
logging.debug("Disk operation in VM:\nexit code:\n%s\noutput:\n%s",
status, output)
return status == 0
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
return False
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "file")
device_bus = params.get("virt_disk_device_bus", "virtio")
backend_storage_type = params.get("backend_storage_type", "iscsi")
# Backend storage options.
storage_size = params.get("storage_size", "1G")
enable_auth = "yes" == params.get("enable_auth")
# Luks encryption info, luks_encrypt_passwd is the password used to encrypt
# luks image, and luks_secret_passwd is the password set to luks secret, you
# can set a wrong password to luks_secret_passwd for negative tests
luks_encrypt_passwd = params.get("luks_encrypt_passwd", "password")
luks_secret_passwd = params.get("luks_secret_passwd", "password")
# Backend storage auth info
use_auth_usage = "yes" == params.get("use_auth_usage")
if use_auth_usage:
use_auth_uuid = False
else:
use_auth_uuid = "yes" == params.get("use_auth_uuid", "yes")
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
status_error = "yes" == params.get("status_error")
check_partitions = "yes" == params.get("virt_disk_check_partitions", "yes")
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
encryption_in_source = "yes" == params.get("encryption_in_source", "no")
auth_in_source = "yes" == params.get("auth_in_source", "no")
auth_sec_uuid = ""
luks_sec_uuid = ""
disk_auth_dict = {}
disk_encryption_dict = {}
pvt = None
if ((encryption_in_source or auth_in_source)
and not libvirt_version.version_compare(3, 9, 0)):
test.cancel("Cannot put <encryption> or <auth> inside disk <source> "
"in this libvirt version.")
# Start VM and get all partions in VM.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = utils_disk.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
# Setup backend storage
if backend_storage_type == "iscsi":
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
if device_type == "block":
device_source = libvirt.setup_or_cleanup_iscsi(is_setup=True)
disk_src_dict = {'attrs': {'dev': device_source}}
elif device_type == "network":
if enable_auth:
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage",
"libvirtiscsi")
auth_sec_dict = {
"sec_usage": "iscsi",
"sec_target": auth_sec_usage
}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
# Set password of auth secret (not luks encryption secret)
virsh.secret_set_value(auth_sec_uuid,
chap_passwd,
encode=True,
debug=True)
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True,
is_login=False,
image_size=storage_size,
chap_user=chap_user,
chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# ISCSI auth attributes for disk xml
if use_auth_uuid:
disk_auth_dict = {
"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid
}
elif use_auth_usage:
disk_auth_dict = {
"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target
}
else:
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True,
is_login=False,
image_size=storage_size,
portal_ip=iscsi_host)
device_source = "iscsi://%s:%s/%s/%s" % (
iscsi_host, iscsi_port, iscsi_target, lun_num)
disk_src_dict = {
"attrs": {
"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)
},
"hosts": [{
"name": iscsi_host,
"port": iscsi_port
}]
}
elif backend_storage_type == "gluster":
gluster_vol_name = params.get("gluster_vol_name", "gluster_vol1")
gluster_pool_name = params.get("gluster_pool_name",
"gluster_pool1")
gluster_img_name = params.get("gluster_img_name", "gluster1.img")
gluster_host_ip = libvirt.setup_or_cleanup_gluster(
is_setup=True,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
device_source = "gluster://%s/%s/%s" % (
gluster_host_ip, gluster_vol_name, gluster_img_name)
disk_src_dict = {
"attrs": {
"protocol": "gluster",
"name": "%s/%s" % (gluster_vol_name, gluster_img_name)
},
"hosts": [{
"name": gluster_host_ip,
"port": "24007"
}]
}
elif backend_storage_type == "ceph":
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_host_port = params.get("ceph_host_port", "EXAMPLE_PORTS")
ceph_disk_name = params.get("ceph_disk_name",
"EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
enable_auth = "yes" == params.get("enable_auth")
key_file = os.path.join(data_dir.get_tmp_dir(), "ceph.key")
key_opt = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
if enable_auth:
# If enable auth, prepare a local file to save key
if ceph_client_name and ceph_client_key:
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
key_opt = "--keyring %s" % key_file
auth_sec_dict = {
"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"
}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid,
ceph_auth_key,
debug=True)
disk_auth_dict = {
"auth_user": ceph_auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid
}
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
else:
test.error("No ceph client name/key provided.")
device_source = "rbd:%s:mon_host=%s:keyring=%s" % (
ceph_disk_name, ceph_mon_ip, key_file)
else:
device_source = "rbd:%s:mon_host=%s" % (ceph_disk_name,
ceph_mon_ip)
disk_src_dict = {
"attrs": {
"protocol": "rbd",
"name": ceph_disk_name
},
"hosts": [{
"name": ceph_host_ip,
"port": ceph_host_port
}]
}
elif backend_storage_type == "nfs":
pool_name = params.get("pool_name", "nfs_pool")
pool_target = params.get("pool_target", "nfs_mount")
pool_type = params.get("pool_type", "netfs")
nfs_server_dir = params.get("nfs_server_dir", "nfs_server")
emulated_image = params.get("emulated_image")
image_name = params.get("nfs_image_name", "nfs.img")
tmp_dir = data_dir.get_tmp_dir()
pvt = libvirt.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
nfs_mount_dir = os.path.join(tmp_dir, pool_target)
device_source = nfs_mount_dir + image_name
disk_src_dict = {
'attrs': {
'file': device_source,
'type_name': 'file'
}
}
else:
test.cancel("Only iscsi/gluster/rbd/nfs can be tested for now.")
logging.debug("device source is: %s", device_source)
luks_sec_uuid = libvirt.create_secret(params)
logging.debug("A secret created with uuid = '%s'", luks_sec_uuid)
ret = virsh.secret_set_value(luks_sec_uuid,
luks_secret_passwd,
encode=True,
debug=True)
encrypt_dev(device_source, params)
libvirt.check_exit_status(ret)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
if auth_in_source:
disk_source.auth = disk_xml.new_auth(**disk_auth_dict)
else:
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
disk_encryption_dict = {
"encryption": "luks",
"secret": {
"type": "passphrase",
"uuid": luks_sec_uuid
}
}
disk_encryption = disk_xml.new_encryption(**disk_encryption_dict)
if encryption_in_source:
disk_source.encryption = disk_encryption
else:
disk_xml.encryption = disk_encryption
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
# Sync VM xml
if not hotplug_disk:
vmxml.add_device(disk_xml)
vmxml.sync()
try:
vm.start()
vm.wait_for_login()
except virt_vm.VMStartError as details:
# When use wrong password in disk xml for cold plug cases,
# VM cannot be started
if status_error and not hotplug_disk:
logging.info("VM failed to start as expected: %s" %
str(details))
else:
test.fail("VM should start but failed: %s" % str(details))
if hotplug_disk:
result = virsh.attach_device(vm_name,
disk_xml.xml,
ignore_status=True,
debug=True)
libvirt.check_exit_status(result, status_error)
if check_partitions and not status_error:
if not check_in_vm(device_target, old_parts):
test.fail("Check disk partitions in VM failed")
check_dev_format(device_source)
finally:
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync("--snapshots-metadata")
# Clean up backend storage
if backend_storage_type == "iscsi":
libvirt.setup_or_cleanup_iscsi(is_setup=False)
elif backend_storage_type == "gluster":
libvirt.setup_or_cleanup_gluster(is_setup=False,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
elif backend_storage_type == "ceph":
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("result of rbd removal: %s", cmd_result)
if os.path.exists(key_file):
os.remove(key_file)
# Clean up secrets
if auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
if luks_sec_uuid:
virsh.secret_undefine(luks_sec_uuid)
# Clean up pools
if pvt:
pvt.cleanup_pool(pool_name, pool_type, pool_target, emulated_image)
def run(test, params, env):
"""
Test virsh blockcopy --xml option.
1.Prepare backend storage (file/block/iscsi/ceph/nbd)
2.Start VM
3.Prepare target xml
4.Execute virsh blockcopy --xml command
5.Check VM xml after operation accomplished
6.Clean up test environment
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
ignore_check = False
def check_blockcopy_xml(vm_name, source_image, ignore_check=False):
"""
Check blockcopy xml in VM.
:param vm_name: VM name
:param source_image: source image name.
:param ignore_check: default is False.
"""
if ignore_check:
return
source_imge_list = []
blklist = virsh.domblklist(vm_name).stdout_text.splitlines()
for line in blklist:
if line.strip().startswith(('hd', 'vd', 'sd', 'xvd')):
source_imge_list.append(line.split()[-1])
logging.debug('domblklist %s:\n%s', vm_name, source_imge_list)
if not any(source_image in s for s in source_imge_list):
test.fail("Cannot find expected source image: %s" % source_image)
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "file")
device_bus = params.get("virt_disk_device_bus", "virtio")
backend_storage_type = params.get("backend_storage_type", "iscsi")
blockcopy_option = params.get("blockcopy_option")
# Backend storage auth info
storage_size = params.get("storage_size", "1G")
enable_auth = "yes" == params.get("enable_auth")
use_auth_usage = "yes" == params.get("use_auth_usage")
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
auth_sec_uuid = ""
disk_auth_dict = {}
size = "1"
status_error = "yes" == params.get("status_error")
define_error = "yes" == params.get("define_error")
# Initialize one NbdExport object
nbd = None
img_file = os.path.join(data_dir.get_tmp_dir(), "%s_test.img" % vm_name)
# Start VM and get all partitions in VM.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = utils_disk.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
# Additional disk images.
disks_img = []
try:
# Clean up dirty secrets in test environments if there are.
utils_secret.clean_up_secrets()
# Setup backend storage
if backend_storage_type == "file":
image_filename = params.get("image_filename", "raw.img")
disk_path = os.path.join(data_dir.get_tmp_dir(), image_filename)
if blockcopy_option in ['reuse_external']:
device_source = libvirt.create_local_disk(
backend_storage_type, disk_path, storage_size,
device_format)
else:
device_source = disk_path
disks_img.append({
"format": device_format,
"source": disk_path,
"path": disk_path
})
disk_src_dict = {
'attrs': {
'file': device_source,
'type_name': 'file'
}
}
checkout_device_source = image_filename
elif backend_storage_type == "iscsi":
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
if device_type == "block":
device_source = libvirt.setup_or_cleanup_iscsi(is_setup=True)
disk_src_dict = {'attrs': {'dev': device_source}}
checkout_device_source = device_source
elif device_type == "network":
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage", "libvirtiscsi")
auth_sec_dict = {
"sec_usage": "iscsi",
"sec_target": auth_sec_usage
}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
# Set password of auth secret
virsh.secret_set_value(auth_sec_uuid,
chap_passwd,
encode=True,
debug=True)
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True,
is_login=False,
image_size=storage_size,
chap_user=chap_user,
chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# ISCSI auth attributes for disk xml
disk_auth_dict = {
"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target
}
device_source = "iscsi://%s:%s/%s/%s" % (
iscsi_host, iscsi_port, iscsi_target, lun_num)
disk_src_dict = {
"attrs": {
"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)
},
"hosts": [{
"name": iscsi_host,
"port": iscsi_port
}]
}
checkout_device_source = 'emulated-iscsi'
elif backend_storage_type == "ceph":
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_host_port = params.get("ceph_host_port", "EXAMPLE_PORTS")
ceph_disk_name = params.get("ceph_disk_name",
"EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
enable_auth = "yes" == params.get("enable_auth")
size = "0.15"
key_file = os.path.join(data_dir.get_tmp_dir(), "ceph.key")
key_opt = ""
# Prepare a blank params to confirm whether it needs delete the configure at the end of the test
ceph_cfg = ""
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
# If enable auth, prepare a local file to save key
if ceph_client_name and ceph_client_key:
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
key_opt = "--keyring %s" % key_file
auth_sec_dict = {
"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"
}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid,
ceph_auth_key,
ignore_status=False,
debug=True)
disk_auth_dict = {
"auth_user": ceph_auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid
}
else:
test.error("No ceph client name/key provided.")
device_source = "rbd:%s:mon_host=%s:keyring=%s" % (
ceph_disk_name, ceph_mon_ip, key_file)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("pre clean up rbd disk if exists: %s", cmd_result)
if blockcopy_option in ['reuse_external']:
# Create an local image and make FS on it.
libvirt.create_local_disk("file", img_file, storage_size,
device_format)
# Convert the image to remote storage
disk_path = ("rbd:%s:mon_host=%s" %
(ceph_disk_name, ceph_mon_ip))
if ceph_client_name and ceph_client_key:
disk_path += (":id=%s:key=%s" %
(ceph_auth_user, ceph_auth_key))
rbd_cmd = (
"rbd -m %s %s info %s 2> /dev/null|| qemu-img convert -O"
" %s %s %s" % (ceph_mon_ip, key_opt, ceph_disk_name,
device_format, img_file, disk_path))
process.run(rbd_cmd, ignore_status=False, shell=True)
disk_src_dict = {
"attrs": {
"protocol": "rbd",
"name": ceph_disk_name
},
"hosts": [{
"name": ceph_host_ip,
"port": ceph_host_port
}]
}
checkout_device_source = ceph_disk_name
elif backend_storage_type == "nbd":
# Get server hostname.
hostname = socket.gethostname().strip()
# Setup backend storage
nbd_server_host = hostname
nbd_server_port = params.get("nbd_server_port")
image_path = params.get("emulated_image",
"/var/lib/libvirt/images/nbdtest.img")
# Create NbdExport object
nbd = NbdExport(image_path,
image_format=device_format,
port=nbd_server_port)
nbd.start_nbd_server()
# Prepare disk source xml
source_attrs_dict = {"protocol": "nbd"}
disk_src_dict = {}
disk_src_dict.update({"attrs": source_attrs_dict})
disk_src_dict.update({
"hosts": [{
"name": nbd_server_host,
"port": nbd_server_port
}]
})
device_source = "nbd://%s:%s/%s" % (nbd_server_host,
nbd_server_port, image_path)
checkout_device_source = image_path
if blockcopy_option in ['pivot']:
ignore_check = True
logging.debug("device source is: %s", device_source)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
auth_in_source = True
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
disk_source.auth = disk_xml.new_auth(**disk_auth_dict)
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
# Sync VM xml
device_source_path = os.path.join(data_dir.get_tmp_dir(), "source.raw")
tmp_device_source = libvirt.create_local_disk("file",
path=device_source_path,
size=size,
disk_format="raw")
s_attach = virsh.attach_disk(vm_name,
tmp_device_source,
device_target,
"--config",
debug=True)
libvirt.check_exit_status(s_attach)
try:
vm.start()
vm.wait_for_login().close()
except xcepts.LibvirtXMLError as xml_error:
if not define_error:
test.fail("Failed to define VM:\n%s", str(xml_error))
except virt_vm.VMStartError as details:
# VM cannot be started
if status_error:
logging.info("VM failed to start as expected: %s",
str(details))
else:
test.fail("VM should start but failed: %s" % str(details))
# Additional operations before set block threshold
options = params.get("options",
"--pivot --transient-job --verbose --wait")
result = virsh.blockcopy(vm_name,
device_target,
"--xml %s" % disk_xml.xml,
options=options,
debug=True)
libvirt.check_exit_status(result)
check_source_image = None
if blockcopy_option in ['pivot']:
check_source_image = checkout_device_source
else:
check_source_image = tmp_device_source
check_blockcopy_xml(vm_name, check_source_image, ignore_check)
finally:
# Delete snapshots.
if virsh.domain_exists(vm_name):
#To Delete snapshot, destroy vm first.
if vm.is_alive():
vm.destroy()
libvirt.clean_up_snapshots(vm_name, domxml=vmxml_backup)
vmxml_backup.sync("--snapshots-metadata")
if os.path.exists(img_file):
libvirt.delete_local_disk("file", img_file)
for img in disks_img:
if os.path.exists(img["path"]):
libvirt.delete_local_disk("file", img["path"])
# Clean up backend storage
if backend_storage_type == "iscsi":
libvirt.setup_or_cleanup_iscsi(is_setup=False)
elif backend_storage_type == "ceph":
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("result of rbd removal: %s", cmd_result.stdout_text)
if os.path.exists(key_file):
os.remove(key_file)
elif backend_storage_type == "nbd":
if nbd:
try:
nbd.cleanup()
except Exception as ndbEx:
logging.error("Clean Up nbd failed: %s" % str(ndbEx))
# Clean up secrets
if auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
def setup_auth_enabled_iscsi_disk(vm, params):
"""
Create one separate thread to do blockcopy
:param vm: VM
:param params: config params
"""
disk_type = params.get("disk_type", "file")
disk_target = params.get("disk_target", 'vda')
disk_target_bus = params.get("disk_target_bus", "virtio")
disk_format = params.get("disk_format", "qcow2")
disk_device = params.get("disk_device", "lun")
first_disk = vm.get_first_disk_devices()
logging.debug("first disk is %s", first_disk)
blk_source = first_disk['source']
if vm.is_alive():
vm.destroy(gracefully=False)
image_size = params.get("image_size", "5G")
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage", "libvirtiscsi")
auth_sec_dict = {"sec_usage": "iscsi", "sec_target": auth_sec_usage}
auth_sec_uuid = utl.create_secret(auth_sec_dict)
# Set password of auth secret
virsh.secret_set_value(auth_sec_uuid, chap_passwd, encode=True, debug=True)
emu_image = params.get("emulated_image", "emulated-iscsi")
utl.setup_or_cleanup_iscsi(is_setup=False)
iscsi_target, lun_num = utl.setup_or_cleanup_iscsi(is_setup=True,
is_login=False,
image_size=image_size,
chap_user=chap_user,
chap_passwd=chap_passwd)
# Copy first disk to emulated backing store path
tmp_dir = data_dir.get_tmp_dir()
emulated_path = os.path.join(tmp_dir, emu_image)
cmd = "qemu-img convert -f %s -O %s %s %s" % ('qcow2', disk_format,
blk_source, emulated_path)
process.run(cmd, ignore_status=False, shell=True)
# ISCSI auth attributes for disk xml
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
disk_auth_dict = {
"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target
}
disk_src_dict = {
"attrs": {
"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)
},
"hosts": [{
"name": '127.0.0.1',
"port": '3260'
}]
}
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm.name)
# Delete disk elements
disk_deleted = False
disks = vmxml.get_devices(device_type="disk")
for disk_ in disks:
if disk_.target['dev'] == disk_target:
vmxml.del_device(disk_)
disk_deleted = True
if disk_deleted:
vmxml.sync()
vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm.name)
disk_xml = Disk(type_name=disk_type)
disk_xml.device = disk_device
disk_xml.target = {"dev": disk_target, "bus": disk_target_bus}
driver_dict = {"name": "qemu", "type": disk_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
auth_in_source = randint(0, 50) % 2 == 0
if auth_in_source:
disk_source.auth = disk_xml.new_auth(**disk_auth_dict)
else:
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
vmxml.add_device(disk_xml)
vmxml.sync()
vm.start()
def run(test, params, env):
"""
Do test for vol-download and vol-upload
Basic steps are
1. Create pool with type defined in cfg
2. Create image with writing data in it
3. Get md5 value before operation
4. Do vol-download/upload with options(offset, length)
5. Check md5 value after operation
"""
pool_type = params.get("vol_download_upload_pool_type")
pool_name = params.get("vol_download_upload_pool_name")
pool_target = params.get("vol_download_upload_pool_target")
if os.path.dirname(pool_target) is "":
pool_target = os.path.join(data_dir.get_tmp_dir(), pool_target)
vol_name = params.get("vol_download_upload_vol_name")
file_name = params.get("vol_download_upload_file_name")
file_path = os.path.join(data_dir.get_tmp_dir(), file_name)
offset = params.get("vol_download_upload_offset")
length = params.get("vol_download_upload_length")
capacity = params.get("vol_download_upload_capacity")
allocation = params.get("vol_download_upload_allocation")
frmt = params.get("vol_download_upload_format")
operation = params.get("vol_download_upload_operation")
create_vol = ("yes" == params.get("vol_download_upload_create_vol", "yes"))
setup_libvirt_polkit = "yes" == params.get("setup_libvirt_polkit")
b_luks_encrypt = "luks" == params.get("encryption_method")
encryption_password = params.get("encryption_password", "redhat")
secret_uuids = []
# libvirt acl polkit related params
uri = params.get("virsh_uri")
unpri_user = params.get('unprivileged_user')
if unpri_user:
if unpri_user.count('EXAMPLE'):
unpri_user = '******'
if not libvirt_version.version_compare(1, 1, 1):
if setup_libvirt_polkit:
test.error("API acl test not supported in current"
" libvirt version.")
try:
pvt = utlv.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name,
pool_type,
pool_target,
"volumetest",
pre_disk_vol=["50M"])
# According to BZ#1138523, we need inpect the right name
# (disk partition) for new volume
if pool_type == "disk":
vol_name = utlv.new_disk_vol_name(pool_name)
if vol_name is None:
test.error("Fail to generate volume name")
# update polkit rule as the volume name changed
if setup_libvirt_polkit:
vol_pat = r"lookup\('vol_name'\) == ('\S+')"
new_value = "lookup('vol_name') == '%s'" % vol_name
utlv.update_polkit_rule(params, vol_pat, new_value)
if create_vol:
if b_luks_encrypt:
if not libvirt_version.version_compare(2, 0, 0):
test.cancel("LUKS format not supported in "
"current libvirt version")
params['sec_volume'] = os.path.join(pool_target, vol_name)
luks_sec_uuid = utlv.create_secret(params)
ret = virsh.secret_set_value(luks_sec_uuid,
encryption_password,
encode=True)
utlv.check_exit_status(ret)
secret_uuids.append(luks_sec_uuid)
vol_arg = {}
vol_arg['name'] = vol_name
vol_arg['capacity'] = int(capacity)
vol_arg['allocation'] = int(allocation)
create_luks_vol(pool_name, vol_name, luks_sec_uuid, vol_arg)
else:
pvt.pre_vol(vol_name, frmt, capacity, allocation, pool_name)
vol_list = virsh.vol_list(pool_name).stdout.strip()
# iscsi volume name is different from others
if pool_type == "iscsi":
vol_name = vol_list.split('\n')[2].split()[0]
vol_path = virsh.vol_path(vol_name, pool_name,
ignore_status=False).stdout.strip()
logging.debug("vol_path is %s", vol_path)
# Add command options
if pool_type is not None:
options = " --pool %s" % pool_name
if offset is not None:
options += " --offset %s" % offset
offset = int(offset)
else:
offset = 0
if length is not None:
options += " --length %s" % length
length = int(length)
else:
length = 0
logging.debug("%s options are %s", operation, options)
if operation == "upload":
# write date to file
write_file(file_path)
# Set length for calculate the offset + length in the following
# func get_pre_post_digest() and digest()
if length == 0:
length = 1048576
def get_pre_post_digest():
"""
Get pre region and post region digest if have offset and length
:return: pre digest and post digest
"""
# Get digest of pre region before offset
if offset != 0:
digest_pre = digest(vol_path, 0, offset)
else:
digest_pre = 0
logging.debug("pre region digest read from %s 0-%s is %s",
vol_path, offset, digest_pre)
# Get digest of post region after offset+length
digest_post = digest(vol_path, offset + length, 0)
logging.debug("post region digest read from %s %s-0 is %s",
vol_path, offset + length, digest_post)
return (digest_pre, digest_post)
# Get pre and post digest before operation for compare
(ori_pre_digest, ori_post_digest) = get_pre_post_digest()
ori_digest = digest(file_path, 0, 0)
logging.debug("ori digest read from %s is %s", file_path,
ori_digest)
if setup_libvirt_polkit:
process.run("chmod 666 %s" % file_path,
ignore_status=True,
shell=True)
# Do volume upload
result = virsh.vol_upload(vol_name,
file_path,
options,
unprivileged_user=unpri_user,
uri=uri,
debug=True)
if result.exit_status == 0:
# Get digest after operation
(aft_pre_digest, aft_post_digest) = get_pre_post_digest()
aft_digest = digest(vol_path, offset, length)
logging.debug("aft digest read from %s is %s", vol_path,
aft_digest)
# Compare the pre and post part before and after
if ori_pre_digest == aft_pre_digest and \
ori_post_digest == aft_post_digest:
logging.info("file pre and aft digest match")
else:
test.fail("file pre or post digests do not"
"match, in %s", operation)
if operation == "download":
# Write date to volume
write_file(vol_path)
# Record the digest value before operation
ori_digest = digest(vol_path, offset, length)
logging.debug("original digest read from %s is %s", vol_path,
ori_digest)
process.run("touch %s" % file_path, ignore_status=True, shell=True)
if setup_libvirt_polkit:
process.run("chmod 666 %s" % file_path,
ignore_status=True,
shell=True)
# Do volume download
result = virsh.vol_download(vol_name,
file_path,
options,
unprivileged_user=unpri_user,
uri=uri,
debug=True)
if result.exit_status == 0:
# Get digest after operation
aft_digest = digest(file_path, 0, 0)
logging.debug("new digest read from %s is %s", file_path,
aft_digest)
if result.exit_status != 0:
test.fail("Fail to %s volume: %s" % (operation, result.stderr))
# Compare the change part on volume and file
if ori_digest == aft_digest:
logging.info("file digests match, volume %s suceed", operation)
else:
test.fail("file digests do not match, volume %s failed" %
operation)
finally:
pvt.cleanup_pool(pool_name, pool_type, pool_target, "volumetest")
for secret_uuid in set(secret_uuids):
virsh.secret_undefine(secret_uuid)
if os.path.isfile(file_path):
os.remove(file_path)
def run(test, params, env):
"""
Do test for vol-download and vol-upload
Basic steps are
1. Create pool with type defined in cfg
2. Create image with writing data in it
3. Get md5 value before operation
4. Do vol-download/upload with options(offset, length)
5. Check md5 value after operation
"""
pool_type = params.get("vol_download_upload_pool_type")
pool_name = params.get("vol_download_upload_pool_name")
pool_target = params.get("vol_download_upload_pool_target")
if os.path.dirname(pool_target) is "":
pool_target = os.path.join(data_dir.get_tmp_dir(), pool_target)
vol_name = params.get("vol_download_upload_vol_name")
file_name = params.get("vol_download_upload_file_name")
file_path = os.path.join(data_dir.get_tmp_dir(), file_name)
offset = params.get("vol_download_upload_offset")
length = params.get("vol_download_upload_length")
capacity = params.get("vol_download_upload_capacity")
allocation = params.get("vol_download_upload_allocation")
frmt = params.get("vol_download_upload_format")
operation = params.get("vol_download_upload_operation")
create_vol = ("yes" == params.get("vol_download_upload_create_vol", "yes"))
setup_libvirt_polkit = "yes" == params.get("setup_libvirt_polkit")
b_luks_encrypt = "luks" == params.get("encryption_method")
encryption_password = params.get("encryption_password", "redhat")
secret_uuids = []
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
sparse_option_support = "yes" == params.get("sparse_option_support", "yes")
with_clusterSize = "yes" == params.get("with_clusterSize")
vol_clusterSize = params.get("vol_clusterSize", "64")
vol_clusterSize_unit = params.get("vol_clusterSize_unit")
vol_format = params.get("vol_format", "qcow2")
libvirt_version.is_libvirt_feature_supported(params)
# libvirt acl polkit related params
uri = params.get("virsh_uri")
if uri and not utils_split_daemons.is_modular_daemon():
uri = "qemu:///system"
unpri_user = params.get('unprivileged_user')
if unpri_user:
if unpri_user.count('EXAMPLE'):
unpri_user = '******'
if not libvirt_version.version_compare(1, 1, 1):
if setup_libvirt_polkit:
test.error("API acl test not supported in current"
" libvirt version.")
# Destroy VM.
if vm.is_alive():
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
pvt = utlv.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name, pool_type, pool_target, "volumetest",
pre_disk_vol=["50M"])
# According to BZ#1138523, we need inpect the right name
# (disk partition) for new volume
if pool_type == "disk":
vol_name = utlv.new_disk_vol_name(pool_name)
if vol_name is None:
test.error("Fail to generate volume name")
# update polkit rule as the volume name changed
if setup_libvirt_polkit:
vol_pat = r"lookup\('vol_name'\) == ('\S+')"
new_value = "lookup('vol_name') == '%s'" % vol_name
utlv.update_polkit_rule(params, vol_pat, new_value)
if create_vol:
if b_luks_encrypt:
if not libvirt_version.version_compare(2, 0, 0):
test.cancel("LUKS format not supported in "
"current libvirt version")
params['sec_volume'] = os.path.join(pool_target, vol_name)
luks_sec_uuid = utlv.create_secret(params)
ret = virsh.secret_set_value(luks_sec_uuid,
encryption_password,
encode=True)
utlv.check_exit_status(ret)
secret_uuids.append(luks_sec_uuid)
vol_arg = {}
vol_arg['name'] = vol_name
vol_arg['capacity'] = int(capacity)
vol_arg['allocation'] = int(allocation)
if with_clusterSize:
vol_arg['format'] = vol_format
vol_arg['clusterSize'] = int(vol_clusterSize)
vol_arg['clusterSize_unit'] = vol_clusterSize_unit
create_luks_vol(pool_name, vol_name, luks_sec_uuid, vol_arg)
else:
pvt.pre_vol(vol_name, frmt, capacity, allocation, pool_name)
virsh.pool_refresh(pool_name, debug=True)
vol_list = virsh.vol_list(pool_name, debug=True).stdout.strip()
# iscsi volume name is different from others
if pool_type == "iscsi":
# Due to BZ 1843791, the volume cannot be obtained sometimes.
if len(vol_list.splitlines()) < 3:
test.fail("Failed to get iscsi type volume.")
vol_name = vol_list.split('\n')[2].split()[0]
vol_path = virsh.vol_path(vol_name, pool_name,
ignore_status=False).stdout.strip()
logging.debug("vol_path is %s", vol_path)
# Add command options
if pool_type is not None:
options = " --pool %s" % pool_name
if offset is not None:
options += " --offset %s" % offset
offset = int(offset)
else:
offset = 0
if length is not None:
options += " --length %s" % length
length = int(length)
else:
length = 0
logging.debug("%s options are %s", operation, options)
if operation == "upload":
# write data to file
write_file(file_path)
# Set length for calculate the offset + length in the following
# func get_pre_post_digest() and digest()
if length == 0:
length = 1048576
def get_pre_post_digest():
"""
Get pre region and post region digest if have offset and length
:return: pre digest and post digest
"""
# Get digest of pre region before offset
if offset != 0:
digest_pre = digest(vol_path, 0, offset)
else:
digest_pre = 0
logging.debug("pre region digest read from %s 0-%s is %s",
vol_path, offset, digest_pre)
# Get digest of post region after offset+length
digest_post = digest(vol_path, offset + length, 0)
logging.debug("post region digest read from %s %s-0 is %s",
vol_path, offset + length, digest_post)
return (digest_pre, digest_post)
# Get pre and post digest before operation for compare
(ori_pre_digest, ori_post_digest) = get_pre_post_digest()
ori_digest = digest(file_path, 0, 0)
logging.debug("ori digest read from %s is %s", file_path,
ori_digest)
if setup_libvirt_polkit:
process.run("chmod 666 %s" % file_path, ignore_status=True,
shell=True)
# Do volume upload
result = virsh.vol_upload(vol_name, file_path, options,
unprivileged_user=unpri_user,
uri=uri, debug=True)
if result.exit_status == 0:
# Get digest after operation
(aft_pre_digest, aft_post_digest) = get_pre_post_digest()
aft_digest = digest(vol_path, offset, length)
logging.debug("aft digest read from %s is %s", vol_path,
aft_digest)
# Compare the pre and post part before and after
if ori_pre_digest == aft_pre_digest and \
ori_post_digest == aft_post_digest:
logging.info("file pre and aft digest match")
else:
test.fail("file pre or post digests do not"
"match, in %s", operation)
if operation == "download":
# Write data to volume
write_file(vol_path)
# Record the digest value before operation
ori_digest = digest(vol_path, offset, length)
logging.debug("original digest read from %s is %s", vol_path,
ori_digest)
process.run("touch %s" % file_path, ignore_status=True, shell=True)
if setup_libvirt_polkit:
process.run("chmod 666 %s" % file_path, ignore_status=True,
shell=True)
# Do volume download
result = virsh.vol_download(vol_name, file_path, options,
unprivileged_user=unpri_user,
uri=uri, debug=True)
if result.exit_status == 0:
# Get digest after operation
aft_digest = digest(file_path, 0, 0)
logging.debug("new digest read from %s is %s", file_path,
aft_digest)
if operation != "mix":
if result.exit_status != 0:
test.fail("Fail to %s volume: %s" %
(operation, result.stderr))
# Compare the change part on volume and file
if ori_digest == aft_digest:
logging.info("file digests match, volume %s succeed", operation)
else:
test.fail("file digests do not match, volume %s failed"
% operation)
if operation == "mix":
target = params.get("virt_disk_device_target", "vdb")
disk_file_path = os.path.join(pool_target, file_name)
# Create one disk xml and attach it to VM.
custom_disk_xml = create_disk('file', disk_file_path, 'raw', 'file',
'disk', target, 'virtio')
ret = virsh.attach_device(vm_name, custom_disk_xml.xml,
flagstr="--config", debug=True)
libvirt.check_exit_status(ret)
if vm.is_dead():
vm.start()
# Write 100M data into disk.
data_size = 100
write_disk(test, vm, target, data_size)
data_size_in_bytes = data_size * 1024 * 1024
# Refresh directory pool.
virsh.pool_refresh(pool_name, debug=True)
# Download volume to local with sparse option.
download_spare_file = "download-sparse.raw"
download_file_path = os.path.join(data_dir.get_tmp_dir(), download_spare_file)
options += " --sparse"
result = virsh.vol_download(file_name, download_file_path, options,
unprivileged_user=unpri_user,
uri=uri, debug=True)
libvirt.check_exit_status(result)
#Check download image size.
one_g_in_bytes = 1073741824
download_img_info = utils_misc.get_image_info(download_file_path)
download_disk_size = int(download_img_info['dsize'])
if (download_disk_size < data_size_in_bytes or
download_disk_size >= one_g_in_bytes):
test.fail("download image size:%d is less than the generated "
"data size:%d or greater than or equal to 1G."
% (download_disk_size, data_size_in_bytes))
# Create one upload sparse image file.
upload_sparse_file = "upload-sparse.raw"
upload_file_path = os.path.join(pool_target, upload_sparse_file)
libvirt.create_local_disk('file', upload_file_path, '1', 'raw')
# Refresh directory pool.
virsh.pool_refresh(pool_name, debug=True)
# Do volume upload, upload sparse file which download last time.
result = virsh.vol_upload(upload_sparse_file, download_file_path, options,
unprivileged_user=unpri_user,
uri=uri, debug=True)
upload_img_info = utils_misc.get_image_info(upload_file_path)
upload_disk_size = int(upload_img_info['dsize'])
if (upload_disk_size < data_size_in_bytes or
upload_disk_size >= one_g_in_bytes):
test.fail("upload image size:%d is less than the generated "
"data size:%d or greater than or equal to 1G."
% (upload_disk_size, data_size_in_bytes))
finally:
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync()
pvt.cleanup_pool(pool_name, pool_type, pool_target, "volumetest")
for secret_uuid in set(secret_uuids):
virsh.secret_undefine(secret_uuid)
if os.path.isfile(file_path):
os.remove(file_path)
def run(test, params, env):
'''
Test the command virsh pool-create-as
(1) Prepare backend storage device
(2) Define secret xml and set secret value
(3) Test pool-create-as or virsh pool-define with authenication
'''
pool_options = params.get('pool_options', '')
pool_name = params.get('pool_name')
pool_type = params.get('pool_type')
pool_target = params.get('pool_target', '')
status_error = params.get('status_error') == "yes"
# iscsi options
emulated_size = params.get("iscsi_image_size", "1")
iscsi_host = params.get("iscsi_host", "127.0.0.1")
chap_user = params.get("iscsi_user")
chap_passwd = params.get("iscsi_password")
# ceph options
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_disk_name = params.get("ceph_disk_name", "EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
key_file = os.path.join(data_dir.get_tmp_dir(), "ceph.key")
key_opt = "--keyring %s" % key_file
# auth options
auth_usage = (params.get('auth_usage') == 'yes')
auth_uuid = (params.get('auth_uuid') == 'yes')
sec_ephemeral = params.get("secret_ephemeral", "no")
sec_private = params.get("secret_private", "yes")
sec_desc = params.get("secret_description")
auth_type = params.get("auth_type")
sec_usage = params.get("secret_usage_type")
sec_target = params.get("secret_usage_target")
sec_name = params.get("secret_name")
auth_sec_dict = {"sec_ephemeral": sec_ephemeral,
"sec_private": sec_private,
"sec_desc": sec_desc,
"sec_usage": sec_usage,
"sec_target": sec_target,
"sec_name": sec_name}
if sec_usage == "iscsi":
auth_username = chap_user
sec_password = chap_passwd
secret_usage = sec_target
if sec_usage == "ceph":
auth_username = ceph_auth_user
sec_password = ceph_auth_key
secret_usage = sec_name
if pool_target and not os.path.isdir(pool_target):
if os.path.isfile(pool_target):
logging.error('<target> must be a directory')
else:
os.makedirs(pool_target)
def setup_ceph_auth():
disk_path = ("rbd:%s:mon_host=%s" % (ceph_disk_name, ceph_mon_ip))
disk_path += (":id=%s:key=%s" % (ceph_auth_user, ceph_auth_key))
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
# Delete the disk if it exists
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
process.run(cmd, ignore_status=True, shell=True)
# Create an local image and make FS on it.
img_file = os.path.join(data_dir.get_tmp_dir(), "test.img")
disk_cmd = ("qemu-img create -f raw {0} 10M && mkfs.ext4 -F {0}"
.format(img_file))
process.run(disk_cmd, ignore_status=False, shell=True)
# Convert the image to remote storage
# Ceph can only support raw format
disk_cmd = ("qemu-img convert -O %s %s %s"
% ("raw", img_file, disk_path))
process.run(disk_cmd, ignore_status=False, shell=True)
def setup_iscsi_auth():
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(is_setup=True,
is_login=False,
image_size=emulated_size,
chap_user=chap_user,
chap_passwd=chap_passwd)
return iscsi_target
def check_auth_in_xml(dparams):
sourcexml = pool_xml.PoolXML.new_from_dumpxml(pool_name).get_source()
with open(sourcexml.xml) as xml_f:
logging.debug("Source XML is: \n%s", xml_f.read())
# Check result
try:
for name, v_expect in dparams.items():
if v_expect != sourcexml[name]:
test.fail("Expect to find %s=%s, but got %s=%s"
% (name, v_expect, name, sourcexml[name]))
except xcepts.LibvirtXMLNotFoundError as details:
if "usage not found" in str(details) and auth_uuid:
pass # Not a auth_usage test
elif "uuid not found" in str(details) and auth_usage:
pass # Not a auth_uuid test
else:
test.fail(details)
def check_result(result, expect_error=False):
# pool-define-as return CmdResult
if isinstance(result, process.CmdResult):
result = (result.exit_status == 0) # True means run success
if expect_error:
if result:
test.fail("Expect to fail but run success")
elif not expect_error:
if not result:
test.fail("Expect to succeed but run failure")
else:
logging.info("It's an expected error")
if not libvirt_version.version_compare(3, 9, 0):
test.cancel("Pool create/define with authentication"
" not support in this libvirt version")
sec_uuid = ""
img_file = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
libvirt_pool = libvirt_storage.StoragePool()
try:
# Create secret xml and set value
encode = True
if sec_usage == "ceph":
encode = False # Ceph key already encoded
sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(sec_uuid, sec_password, encode=encode, debug=True)
if sec_usage == "iscsi":
iscsi_dev = setup_iscsi_auth()
pool_options += (" --source-host %s --source-dev %s"
" --auth-type %s --auth-username %s"
% (iscsi_host, iscsi_dev, auth_type, auth_username))
if sec_usage == "ceph":
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
setup_ceph_auth()
rbd_pool = ceph_disk_name.split('/')[0]
pool_options += (" --source-host %s --source-name %s"
" --auth-type %s --auth-username %s"
% (ceph_host_ip, rbd_pool, auth_type, auth_username))
if auth_usage:
pool_options += " --secret-usage %s" % secret_usage
if auth_uuid:
pool_options += " --secret-uuid %s" % sec_uuid
# Run test cases
func_name = params.get("test_func", "pool_create_as")
logging.info('Perform test runner: %s', func_name)
if func_name == "pool_create_as":
func = virsh.pool_create_as
if func_name == "pool_define_as":
func = virsh.pool_define_as
result = func(pool_name, pool_type, pool_target,
extra=pool_options, debug=True)
# Check status_error
check_result(result, expect_error=status_error)
if not status_error:
# Check pool status
pool_status = libvirt_pool.pool_state(pool_name)
if ((pool_status == 'inactive' and func_name == "pool_define_as") or
(pool_status == "active" and func_name == "pool_create_as")):
logging.info("Expected pool status:%s" % pool_status)
else:
test.fail("Not an expected pool status: %s" % pool_status)
# Check pool dumpxml
dict_expect = {"auth_type": auth_type, "auth_username": auth_username,
"secret_usage": secret_usage, "secret_uuid": sec_uuid}
check_auth_in_xml(dict_expect)
finally:
# Clean up
logging.info("Start to cleanup")
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
if os.path.exists(img_file):
os.remove(img_file)
virsh.secret_undefine(sec_uuid, ignore_status=True)
libvirt.setup_or_cleanup_iscsi(is_setup=False)
if libvirt_pool.pool_exists(pool_name):
libvirt_pool.delete_pool(pool_name)
def run(test, params, env):
"""
Test the pull-mode backup function
Steps:
1. craete a vm with extra disk vdb
2. create some data on vdb
3. start a pull mode full backup on vdb
4. create some data on vdb
5. start a pull mode incremental backup
6. repeat step 5 to 7
7. check the full/incremental backup file data
"""
# Basic case config
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
original_disk_size = params.get("original_disk_size", "100M")
original_disk_type = params.get("original_disk_type", "local")
original_disk_target = params.get("original_disk_target", "vdb")
local_hostname = params.get("loal_hostname", "localhost")
local_ip = params.get("local_ip", "127.0.0.1")
local_user_name = params.get("local_user_name", "root")
local_user_password = params.get("local_user_password", "redhat")
tmp_dir = data_dir.get_tmp_dir()
# Backup config
scratch_type = params.get("scratch_type", "file")
reuse_scratch_file = "yes" == params.get("reuse_scratch_file")
prepare_scratch_file = "yes" == params.get("prepare_scratch_file")
scratch_blkdev_path = params.get("scratch_blkdev_path")
scratch_blkdev_size = params.get("scratch_blkdev_size", original_disk_size)
prepare_scratch_blkdev = "yes" == params.get("prepare_scratch_blkdev")
backup_rounds = int(params.get("backup_rounds", 3))
backup_error = "yes" == params.get("backup_error")
expect_backup_canceled = "yes" == params.get("expect_backup_canceled")
# NBD service config
nbd_protocol = params.get("nbd_protocol", "unix")
nbd_socket = params.get("nbd_socket", "/tmp/pull_backup.socket")
nbd_tcp_port = params.get("nbd_tcp_port", "10809")
nbd_hostname = local_hostname
set_exportname = "yes" == params.get("set_exportname")
set_exportbitmap = "yes" == params.get("set_exportbitmap")
# TLS service config
tls_enabled = "yes" == params.get("tls_enabled")
tls_x509_verify = "yes" == params.get("tls_x509_verify")
custom_pki_path = "yes" == params.get("custom_pki_path")
tls_client_ip = tls_server_ip = local_ip
tls_client_cn = tls_server_cn = local_hostname
tls_client_user = tls_server_user = local_user_name
tls_client_pwd = tls_server_pwd = local_user_password
tls_provide_client_cert = "yes" == params.get("tls_provide_client_cert")
tls_error = "yes" == params.get("tls_error")
# LUKS config
scratch_luks_encrypted = "yes" == params.get("scratch_luks_encrypted")
luks_passphrase = params.get("luks_passphrase", "password")
# Cancel the test if libvirt support related functions
if not libvirt_version.version_compare(6, 0, 0):
test.cancel("Current libvirt version doesn't support "
"incremental backup.")
if tls_enabled and not libvirt_version.version_compare(6, 6, 0):
test.cancel("Current libvirt version doesn't support pull mode "
"backup with tls nbd.")
try:
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
# Make sure there is no checkpoint metadata before test
utils_backup.clean_checkpoints(vm_name)
# Backup vm xml
vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
vmxml_backup = vmxml.copy()
utils_backup.enable_inc_backup_for_vm(vm)
# Prepare tls env
if tls_enabled:
# Prepare pki
tls_config = {
"qemu_tls": "yes",
"auto_recover": "yes",
"client_ip": tls_client_ip,
"server_ip": tls_server_ip,
"client_cn": tls_client_cn,
"server_cn": tls_server_cn,
"client_user": tls_client_user,
"server_user": tls_server_user,
"client_pwd": tls_client_pwd,
"server_pwd": tls_server_pwd,
}
if custom_pki_path:
pki_path = os.path.join(tmp_dir, "inc_bkup_pki")
else:
pki_path = "/etc/pki/libvirt-backup/"
if tls_x509_verify:
tls_config["client_ip"] = tls_client_ip
tls_config["custom_pki_path"] = pki_path
tls_obj = TLSConnection(tls_config)
tls_obj.conn_setup(True, tls_provide_client_cert)
logging.debug("TLS certs in: %s" % pki_path)
# Set qemu.conf
qemu_config = LibvirtQemuConfig()
if tls_x509_verify:
qemu_config.backup_tls_x509_verify = True
else:
qemu_config.backup_tls_x509_verify = False
if custom_pki_path:
qemu_config.backup_tls_x509_cert_dir = pki_path
utils_libvirtd.Libvirtd().restart()
# Prepare libvirt secret
if scratch_luks_encrypted:
utils_secret.clean_up_secrets()
luks_secret_uuid = libvirt.create_secret(params)
virsh.secret_set_value(luks_secret_uuid,
luks_passphrase,
encode=True,
debug=True)
# Prepare the disk to be backuped.
disk_params = {}
disk_path = ""
if original_disk_type == "local":
image_name = "{}_image.qcow2".format(original_disk_target)
disk_path = os.path.join(tmp_dir, image_name)
libvirt.create_local_disk("file", disk_path, original_disk_size,
"qcow2")
disk_params = {
"device_type": "disk",
"type_name": "file",
"driver_type": "qcow2",
"target_dev": original_disk_target,
"source_file": disk_path
}
if original_disk_target:
disk_params["target_dev"] = original_disk_target
elif original_disk_type == "iscsi":
iscsi_host = '127.0.0.1'
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True,
is_login=False,
image_size=original_disk_size,
portal_ip=iscsi_host)
disk_path = ("iscsi://[%s]/%s/%s" %
(iscsi_host, iscsi_target, lun_num))
process.run("qemu-img create -f qcow2 %s %s" %
(disk_path, original_disk_size),
shell=True,
verbose=True)
disk_params = {
'device_type': 'disk',
'type_name': 'network',
"driver_type": "qcow2",
'target_dev': original_disk_target
}
disk_params_src = {
'source_protocol': 'iscsi',
'source_name': iscsi_target + "/%s" % lun_num,
'source_host_name': iscsi_host,
'source_host_port': '3260'
}
disk_params.update(disk_params_src)
elif original_disk_type == "gluster":
gluster_vol_name = "gluster_vol"
gluster_pool_name = "gluster_pool"
gluster_img_name = "gluster.qcow2"
gluster_host_ip = gluster.setup_or_cleanup_gluster(
is_setup=True,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
disk_path = 'gluster://%s/%s/%s' % (
gluster_host_ip, gluster_vol_name, gluster_img_name)
process.run("qemu-img create -f qcow2 %s %s" %
(disk_path, original_disk_size),
shell=True,
verbose=True)
disk_params = {
'device_type': 'disk',
'type_name': 'network',
"driver_type": "qcow2",
'target_dev': original_disk_target
}
disk_params_src = {
'source_protocol': 'gluster',
'source_name': gluster_vol_name + "/%s" % gluster_img_name,
'source_host_name': gluster_host_ip,
'source_host_port': '24007'
}
disk_params.update(disk_params_src)
else:
test.error("The disk type '%s' not supported in this script.",
original_disk_type)
if hotplug_disk:
vm.start()
session = vm.wait_for_login().close()
disk_xml = libvirt.create_disk_xml(disk_params)
virsh.attach_device(vm_name, disk_xml, debug=True)
else:
disk_xml = libvirt.create_disk_xml(disk_params)
virsh.attach_device(vm.name,
disk_xml,
flagstr="--config",
debug=True)
vm.start()
session = vm.wait_for_login()
new_disks_in_vm = list(utils_disk.get_linux_disks(session).keys())
session.close()
if len(new_disks_in_vm) != 1:
test.fail("Test disk not prepared in vm")
# Use the newly added disk as the test disk
test_disk_in_vm = "/dev/" + new_disks_in_vm[0]
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
vm_disks = list(vmxml.get_disk_all().keys())
checkpoint_list = []
is_incremental = False
backup_file_list = []
for backup_index in range(backup_rounds):
# Prepare backup xml
backup_params = {"backup_mode": "pull"}
if backup_index > 0:
is_incremental = True
backup_params["backup_incremental"] = "checkpoint_" + str(
backup_index - 1)
# Set libvirt default nbd export name and bitmap name
nbd_export_name = original_disk_target
nbd_bitmap_name = "backup-" + original_disk_target
backup_server_dict = {}
if nbd_protocol == "unix":
backup_server_dict["transport"] = "unix"
backup_server_dict["socket"] = nbd_socket
else:
backup_server_dict["name"] = nbd_hostname
backup_server_dict["port"] = nbd_tcp_port
if tls_enabled:
backup_server_dict["tls"] = "yes"
backup_params["backup_server"] = backup_server_dict
backup_disk_xmls = []
for vm_disk in vm_disks:
backup_disk_params = {"disk_name": vm_disk}
if vm_disk != original_disk_target:
backup_disk_params["enable_backup"] = "no"
else:
backup_disk_params["enable_backup"] = "yes"
backup_disk_params["disk_type"] = scratch_type
# Custom nbd export name and bitmap name if required
if set_exportname:
nbd_export_name = original_disk_target + "_custom_exp"
backup_disk_params["exportname"] = nbd_export_name
if set_exportbitmap:
nbd_bitmap_name = original_disk_target + "_custom_bitmap"
backup_disk_params["exportbitmap"] = nbd_bitmap_name
# Prepare nbd scratch file/dev params
scratch_params = {"attrs": {}}
scratch_path = None
if scratch_type == "file":
scratch_file_name = "scratch_file_%s" % backup_index
scratch_path = os.path.join(tmp_dir, scratch_file_name)
if prepare_scratch_file:
libvirt.create_local_disk("file", scratch_path,
original_disk_size,
"qcow2")
scratch_params["attrs"]["file"] = scratch_path
elif scratch_type == "block":
if prepare_scratch_blkdev:
scratch_path = libvirt.setup_or_cleanup_iscsi(
is_setup=True, image_size=scratch_blkdev_size)
scratch_params["attrs"]["dev"] = scratch_path
else:
test.fail(
"We do not support backup scratch type: '%s'" %
scratch_type)
if scratch_luks_encrypted:
encryption_dict = {
"encryption": "luks",
"secret": {
"type": "passphrase",
"uuid": luks_secret_uuid
}
}
scratch_params["encryption"] = encryption_dict
logging.debug("scratch params: %s", scratch_params)
backup_disk_params["backup_scratch"] = scratch_params
backup_disk_xml = utils_backup.create_backup_disk_xml(
backup_disk_params)
backup_disk_xmls.append(backup_disk_xml)
logging.debug("disk list %s", backup_disk_xmls)
backup_xml = utils_backup.create_backup_xml(
backup_params, backup_disk_xmls)
logging.debug("ROUND_%s Backup Xml: %s", backup_index, backup_xml)
# Prepare checkpoint xml
checkpoint_name = "checkpoint_%s" % backup_index
checkpoint_list.append(checkpoint_name)
cp_params = {"checkpoint_name": checkpoint_name}
cp_params["checkpoint_desc"] = params.get(
"checkpoint_desc", "desc of cp_%s" % backup_index)
disk_param_list = []
for vm_disk in vm_disks:
cp_disk_param = {"name": vm_disk}
if vm_disk != original_disk_target:
cp_disk_param["checkpoint"] = "no"
else:
cp_disk_param["checkpoint"] = "bitmap"
cp_disk_bitmap = params.get("cp_disk_bitmap")
if cp_disk_bitmap:
cp_disk_param["bitmap"] = cp_disk_bitmap + str(
backup_index)
disk_param_list.append(cp_disk_param)
checkpoint_xml = utils_backup.create_checkpoint_xml(
cp_params, disk_param_list)
logging.debug("ROUND_%s Checkpoint Xml: %s", backup_index,
checkpoint_xml)
# Create some data in vdb
dd_count = "1"
dd_seek = str(backup_index * 10 + 10)
dd_bs = "1M"
session = vm.wait_for_login()
utils_disk.dd_data_to_vm_disk(session, test_disk_in_vm, dd_bs,
dd_seek, dd_count)
session.close()
# Start backup
backup_options = backup_xml.xml + " " + checkpoint_xml.xml
if reuse_scratch_file:
backup_options += " --reuse-external"
backup_result = virsh.backup_begin(vm_name,
backup_options,
ignore_status=True,
debug=True)
if backup_result.exit_status:
raise utils_backup.BackupBeginError(
backup_result.stderr.strip())
# If required, do some error operations during backup job
error_operation = params.get("error_operation")
if error_operation:
if "destroy_vm" in error_operation:
vm.destroy(gracefully=False)
if "kill_qemu" in error_operation:
utils_misc.safe_kill(vm.get_pid(), signal.SIGKILL)
if utils_misc.wait_for(
lambda: utils_backup.is_backup_canceled(vm_name),
timeout=5):
raise utils_backup.BackupCanceledError()
elif expect_backup_canceled:
test.fail("Backup job should be canceled but not.")
backup_file_path = os.path.join(
tmp_dir, "backup_file_%s.qcow2" % str(backup_index))
backup_file_list.append(backup_file_path)
nbd_params = {
"nbd_protocol": nbd_protocol,
"nbd_export": nbd_export_name
}
if nbd_protocol == "unix":
nbd_params["nbd_socket"] = nbd_socket
elif nbd_protocol == "tcp":
nbd_params["nbd_hostname"] = nbd_hostname
nbd_params["nbd_tcp_port"] = nbd_tcp_port
if tls_enabled:
nbd_params["tls_dir"] = pki_path
nbd_params["tls_server_ip"] = tls_server_ip
if not is_incremental:
# Do full backup
try:
utils_backup.pull_full_backup_to_file(
nbd_params, backup_file_path)
except Exception as details:
if tls_enabled and tls_error:
raise utils_backup.BackupTLSError(details)
else:
test.fail("Fail to get full backup data: %s" % details)
logging.debug("Full backup to: %s", backup_file_path)
else:
# Do incremental backup
utils_backup.pull_incremental_backup_to_file(
nbd_params, backup_file_path, nbd_bitmap_name,
original_disk_size)
# Check if scratch file encrypted
if scratch_luks_encrypted and scratch_path:
cmd = "qemu-img info -U %s" % scratch_path
result = process.run(cmd, shell=True,
verbose=True).stdout_text.strip()
if (not re.search("format.*luks", result, re.IGNORECASE)
or not re.search("encrypted.*yes", result,
re.IGNORECASE)):
test.fail("scratch file/dev is not encrypted by LUKS")
virsh.domjobabort(vm_name, debug=True)
for checkpoint_name in checkpoint_list:
virsh.checkpoint_delete(vm_name, checkpoint_name, debug=True)
if vm.is_alive():
vm.destroy(gracefully=False)
# Compare the backup data and original data
original_data_file = os.path.join(tmp_dir, "original_data.qcow2")
cmd = "qemu-img convert -f qcow2 %s -O qcow2 %s" % (disk_path,
original_data_file)
process.run(cmd, shell=True, verbose=True)
for backup_file in backup_file_list:
if not utils_backup.cmp_backup_data(original_data_file,
backup_file):
test.fail("Backup and original data are not identical for"
"'%s' and '%s'" % (disk_path, backup_file))
else:
logging.debug("'%s' contains correct backup data", backup_file)
except utils_backup.BackupBeginError as detail:
if backup_error:
logging.debug("Backup failed as expected.")
else:
test.fail("Backup failed to start: %s" % detail)
except utils_backup.BackupTLSError as detail:
if tls_error:
logging.debug("Failed to get backup data as expected.")
else:
test.fail("Failed to get tls backup data: %s" % detail)
except utils_backup.BackupCanceledError as detail:
if expect_backup_canceled:
logging.debug("Backup canceled as expected.")
if not vm.is_alive():
logging.debug("Check if vm can be started again when backup "
"canceled.")
vm.start()
vm.wait_for_login().close()
else:
test.fail("Backup job canceled: %s" % detail)
finally:
# Remove checkpoints
clean_checkpoint_metadata = not vm.is_alive()
if "error_operation" in locals() and error_operation is not None:
if "kill_qemu" in error_operation:
clean_checkpoint_metadata = True
utils_backup.clean_checkpoints(
vm_name, clean_metadata=clean_checkpoint_metadata)
if vm.is_alive():
vm.destroy(gracefully=False)
# Restoring vm
vmxml_backup.sync()
# Remove iscsi devices
if original_disk_type == "iscsi" or scratch_type == "block":
libvirt.setup_or_cleanup_iscsi(False)
# Remove gluster devices
if original_disk_type == "gluster":
gluster.setup_or_cleanup_gluster(is_setup=False,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
# Recover qemu.conf
if "qemu_config" in locals():
qemu_config.restore()
# Remove tls object
if "tls_obj" in locals():
del tls_obj
# Remove libvirt secret
if "luks_secret_uuid" in locals():
virsh.secret_undefine(luks_secret_uuid, ignore_status=True)
def run(test, params, env):
"""
Test embedded qemu driver:
1.Start guest by virt-qemu-run;
2.Start guest with luks disk by virt-qemu-run;
3.Options test for virt-qemu-run;
"""
log = []
def _logger(line):
"""
Callback function to log embeddedqemu output.
"""
log.append(line)
def _check_log():
"""
Check whether the output meets expectation
"""
if re.findall(expected_pattern, '\n'.join(log)):
return True
else:
return False
def _confirm_terminate():
"""
Confirm qemu process exits successfully after 'ctrl+c'
"""
cmd = 'pgrep qemu | wc -l'
output = int(process.run(cmd, shell=True).stdout_text.strip())
if output == virt_qemu_run.qemu_pro_num:
return True
else:
return False
def add_luks_disk(secret_type, sec_encryption_uuid):
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=disk_type)
disk_xml.device = "disk"
disk_source = disk_xml.new_disk_source(**{"attrs": {'file': img_path}})
disk_xml.driver = {"name": "qemu", "type": img_format, "cache": "none"}
disk_xml.target = {"dev": disk_target, "bus": disk_bus}
encryption_dict = {
"encryption": 'luks',
"secret": {
"type": secret_type,
"uuid": sec_encryption_uuid
}
}
disk_source.encryption = disk_xml.new_encryption(**encryption_dict)
disk_xml.source = disk_source
logging.debug("disk xml is:\n%s" % disk_xml)
vmxml.add_device(disk_xml)
logging.debug("guest xml: %s", vmxml.xml)
return vmxml
arg_str = params.get("embedded_arg", "")
expected_pattern = params.get("logger_pattern", "")
root_dir = params.get("root_dir", "/var/tmp/virt_qemu_run_dir")
config_path = params.get('expected_config_path', "")
terminate_guest = params.get("terminate_guest", "no") == "yes"
expected_secret = params.get("expected_secret", "no") == "yes"
no_valuefile = params.get("no_valuefile", "no") == "yes"
expected_root_dir = params.get("expected_root_dir", "no") == "yes"
expected_help = params.get("expected_help", "no") == "yes"
status_error = params.get("status_error", "no") == "yes"
disk_target = params.get("disk_target", "vdd")
disk_type = params.get("disk_type", "file")
disk_bus = params.get("disk_bus", "virtio")
img_path = params.get("sec_volume", "/var/lib/libvirt/images/luks.img")
img_format = params.get("img_format", "qcow2")
img_cap = params.get("img_cap", "1")
secret_type = params.get("secret_type", "passphrase")
secret_password = params.get("secret_password", "redhat")
extra_luks_parameter = params.get("extra_parameter")
secret_value_file = "/tmp/secret_value"
secret_file = "/tmp/secret.xml"
vm_name = params.get("main_vm")
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
virt_qemu_run = libvirt_embedded_qemu.EmbeddedQemuSession(
logging_handler=_logger, )
try:
if expected_secret:
libvirt.create_local_disk(disk_type="file",
extra=extra_luks_parameter,
path=img_path,
size=int(img_cap),
disk_format=img_format)
libvirt_secret.clean_up_secrets()
sec_params = {
"sec_usage": "volume",
"sec_volume": img_path,
"sec_desc": "Secret for volume."
}
sec_uuid = libvirt.create_secret(sec_params)
if sec_uuid:
try:
virsh.secret_dumpxml(sec_uuid, to_file=secret_file)
except process.CmdError as e:
test.error(str(e))
process.run("echo -n %s > %s" %
(secret_password, secret_value_file),
shell=True)
vmxml = add_luks_disk(secret_type, sec_uuid)
if not no_valuefile:
arg_str += ' -s %s,%s' % (secret_file, secret_value_file)
else:
arg_str += ' -s %s' % secret_file
if expected_root_dir:
arg_str += ' -r %s' % (root_dir)
if not expected_help:
arg_str += ' %s' % (vmxml.xml)
logging.debug("Start virt-qemu-run process with options: %s", arg_str)
virt_qemu_run.start(arg_str=arg_str, wait_for_working="yes")
if expected_pattern:
if not utils_misc.wait_for(lambda: _check_log(), 60, 10):
test.fail('Expected output %s not found in log: \n%s' %
(expected_pattern, '\n'.join(log)))
if log:
logging.debug("virt-qemu-run log:")
for line in log:
logging.debug(line)
if not expected_help and not status_error:
if expected_pattern != "domain type":
expected_pattern = "guest running"
if not utils_misc.wait_for(lambda: _check_log(), 60, 20):
test.fail("Start qemu process unexpected failed")
finally:
virt_qemu_run.tail.sendcontrol('c')
if not utils_misc.wait_for(lambda: _confirm_terminate, 60, 10):
test.fail("process did not exit successfully")
virt_qemu_run.exit()
process.run('pkill -9 qemu-kvm', ignore_status=True, shell=True)
libvirt_secret.clean_up_secrets()
if os.path.exists(secret_value_file):
os.remove(secret_value_file)
if os.path.exists(secret_file):
os.remove(secret_file)
if os.path.exists(img_path):
os.remove(img_path)
if os.path.exists(root_dir):
shutil.rmtree(root_dir, ignore_errors=False)
def run(test, params, env):
"""
Test disk encryption option.
1.Prepare backend storage (blkdev/iscsi/gluster/ceph)
2.Use luks format to encrypt the backend storage
3.Prepare a disk xml indicating to the backend storage with valid/invalid
luks password
4.Start VM with disk hot/cold plugged
5.Check some disk operations in VM
6.Check backend storage is still in luks format
7.Recover test environment
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
def encrypt_dev(device, params):
"""
Encrypt device with luks format
:param device: Storage device to be encrypted.
:param params: From the dict to get encryption password.
"""
password = params.get("luks_encrypt_passwd", "password")
size = params.get("luks_size", "500M")
preallocation = params.get("preallocation")
cmd = ("qemu-img create -f luks "
"--object secret,id=sec0,data=`printf '%s' | base64`,format=base64 "
"-o key-secret=sec0 %s %s" % (password, device, size))
# Add preallocation if it is given in params
if preallocation:
cmd = cmd.replace("key-secret=sec0", "key-secret=sec0,preallocation=%s" % preallocation)
if process.system(cmd, shell=True):
test.fail("Can't create a luks encrypted img by qemu-img")
def check_dev_format(device, fmt="luks"):
"""
Check if device is in luks format
:param device: Storage device to be checked.
:param fmt: Expected disk format.
:return: If device's format equals to fmt, return True, else return False.
"""
cmd_result = process.run("qemu-img" + ' -h', ignore_status=True,
shell=True, verbose=False)
if b'-U' in cmd_result.stdout:
cmd = ("qemu-img info -U %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
else:
cmd = ("qemu-img info %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
if cmd_result.exit_status:
test.fail("device %s is not in %s format. err is: %s" %
(device, fmt, cmd_result.stderr))
def check_in_vm(target, old_parts):
"""
Check mount/read/write disk in VM.
:param target: Disk dev in VM.
:param old_parts: Original disk partitions in VM.
:return: True if check successfully.
"""
try:
session = vm.wait_for_login()
if platform.platform().count('ppc64'):
time.sleep(10)
new_parts = utils_disk.get_parts_list(session)
added_parts = list(set(new_parts).difference(set(old_parts)))
logging.info("Added parts:%s", added_parts)
if len(added_parts) != 1:
logging.error("The number of new partitions is invalid in VM")
return False
else:
added_part = added_parts[0]
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
"mkdir -p test && mount /dev/{0} test && echo"
" teststring > test/testfile && umount test"
.format(added_part))
status, output = session.cmd_status_output(cmd)
logging.debug("Disk operation in VM:\nexit code:\n%s\noutput:\n%s",
status, output)
return status == 0
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
return False
def create_vol(p_name, target_encrypt_params, vol_params):
"""
Create volume.
:param p_name: Pool name.
:param target_encrypt_params: encrypt parameters in dict.
:param vol_params: Volume parameters dict.
"""
# Clean up dirty volumes if pool has.
pv = libvirt_storage.PoolVolume(p_name)
vol_name_list = pv.list_volumes()
for vol_name in vol_name_list:
pv.delete_volume(vol_name)
volxml = vol_xml.VolXML()
v_xml = volxml.new_vol(**vol_params)
v_xml.encryption = volxml.new_encryption(**target_encrypt_params)
v_xml.xmltreefile.write()
ret = virsh.vol_create(p_name, v_xml.xml, **virsh_dargs)
libvirt.check_exit_status(ret)
def get_secret_list():
"""
Get secret list.
:return secret list
"""
logging.info("Get secret list ...")
secret_list_result = virsh.secret_list()
secret_list = secret_list_result.stdout.strip().splitlines()
# First two lines contain table header followed by entries
# for each secret, such as:
#
# UUID Usage
# --------------------------------------------------------------------------------
# b4e8f6d3-100c-4e71-9f91-069f89742273 ceph client.libvirt secret
secret_list = secret_list[2:]
result = []
# If secret list is empty.
if secret_list:
for line in secret_list:
# Split on whitespace, assume 1 column
linesplit = line.split(None, 1)
result.append(linesplit[0])
return result
def check_top_image_in_xml(expected_top_image):
"""
check top image in src file
:param expected_top_image: expect top image
"""
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disks = vmxml.devices.by_device_tag('disk')
disk_xml = None
for disk in disks:
if disk.target['dev'] != device_target:
continue
else:
disk_xml = disk.xmltreefile
break
logging.debug("disk xml in top: %s\n", disk_xml)
src_file = disk_xml.find('source').get('file')
if src_file is None:
src_file = disk_xml.find('source').get('name')
if src_file != expected_top_image:
test.fail("Current top img %s is not the same with %s"
% (src_file, expected_top_image))
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_type = params.get("virt_disk_device_type", "file")
device_format = params.get("virt_disk_device_format", "raw")
device_bus = params.get("virt_disk_device_bus", "virtio")
backend_storage_type = params.get("backend_storage_type", "iscsi")
volume_target_format = params.get("target_format", "raw")
# Backend storage options.
storage_size = params.get("storage_size", "1G")
enable_auth = "yes" == params.get("enable_auth")
# Luks encryption info, luks_encrypt_passwd is the password used to encrypt
# luks image, and luks_secret_passwd is the password set to luks secret, you
# can set a wrong password to luks_secret_passwd for negative tests
luks_encrypt_passwd = params.get("luks_encrypt_passwd", "password")
luks_secret_passwd = params.get("luks_secret_passwd", "password")
# Backend storage auth info
use_auth_usage = "yes" == params.get("use_auth_usage")
if use_auth_usage:
use_auth_uuid = False
else:
use_auth_uuid = "yes" == params.get("use_auth_uuid", "yes")
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
status_error = "yes" == params.get("status_error")
define_error = "yes" == params.get("define_error")
check_partitions = "yes" == params.get("virt_disk_check_partitions", "yes")
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
encryption_in_source = "yes" == params.get("encryption_in_source", "no")
auth_in_source = "yes" == params.get("auth_in_source", "no")
auth_sec_uuid = ""
luks_sec_uuid = ""
disk_auth_dict = {}
disk_encryption_dict = {}
pvt = None
duplicated_encryption = "yes" == params.get("duplicated_encryption", "no")
slice_support_enable = "yes" == params.get("slice_support_enable", "no")
block_copy_test = "yes" == params.get("block_copy_test", "no")
if ((encryption_in_source or auth_in_source) and
not libvirt_version.version_compare(3, 9, 0)):
test.cancel("Cannot put <encryption> or <auth> inside disk <source> "
"in this libvirt version.")
# Start VM and get all partitions in VM.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = utils_disk.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
# Clean up dirty secrets in test environments if there are.
dirty_secret_list = get_secret_list()
if dirty_secret_list:
for dirty_secret_uuid in dirty_secret_list:
virsh.secret_undefine(dirty_secret_uuid)
# Create secret
luks_sec_uuid = libvirt.create_secret(params)
logging.debug("A secret created with uuid = '%s'", luks_sec_uuid)
ret = virsh.secret_set_value(luks_sec_uuid, luks_secret_passwd,
encode=True, debug=True)
libvirt.check_exit_status(ret)
# Setup backend storage
if backend_storage_type == "iscsi":
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
if device_type == "block":
device_source = libvirt.setup_or_cleanup_iscsi(is_setup=True)
disk_src_dict = {'attrs': {'dev': device_source}}
elif device_type == "network":
if enable_auth:
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage",
"libvirtiscsi")
auth_sec_dict = {"sec_usage": "iscsi",
"sec_target": auth_sec_usage}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
# Set password of auth secret (not luks encryption secret)
virsh.secret_set_value(auth_sec_uuid, chap_passwd,
encode=True, debug=True)
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True, is_login=False, image_size=storage_size,
chap_user=chap_user, chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# ISCSI auth attributes for disk xml
if use_auth_uuid:
disk_auth_dict = {"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
elif use_auth_usage:
disk_auth_dict = {"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target}
else:
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True, is_login=False, image_size=storage_size,
portal_ip=iscsi_host)
device_source = "iscsi://%s:%s/%s/%s" % (iscsi_host, iscsi_port,
iscsi_target, lun_num)
disk_src_dict = {"attrs": {"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)},
"hosts": [{"name": iscsi_host, "port": iscsi_port}]}
elif backend_storage_type == "gluster":
gluster_vol_name = params.get("gluster_vol_name", "gluster_vol1")
gluster_pool_name = params.get("gluster_pool_name", "gluster_pool1")
gluster_img_name = params.get("gluster_img_name", "gluster1.img")
gluster_host_ip = gluster.setup_or_cleanup_gluster(
is_setup=True,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
device_source = "gluster://%s/%s/%s" % (gluster_host_ip,
gluster_vol_name,
gluster_img_name)
disk_src_dict = {"attrs": {"protocol": "gluster",
"name": "%s/%s" % (gluster_vol_name,
gluster_img_name)},
"hosts": [{"name": gluster_host_ip,
"port": "24007"}]}
elif backend_storage_type == "ceph":
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_host_port = params.get("ceph_host_port", "EXAMPLE_PORTS")
ceph_disk_name = params.get("ceph_disk_name", "EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
enable_auth = "yes" == params.get("enable_auth")
key_file = os.path.join(TMP_DATA_DIR, "ceph.key")
key_opt = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
if enable_auth:
# If enable auth, prepare a local file to save key
if ceph_client_name and ceph_client_key:
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
key_opt = "--keyring %s" % key_file
auth_sec_dict = {"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid, ceph_auth_key,
debug=True)
disk_auth_dict = {"auth_user": ceph_auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
else:
test.error("No ceph client name/key provided.")
device_source = "rbd:%s:mon_host=%s:keyring=%s" % (ceph_disk_name,
ceph_mon_ip,
key_file)
else:
device_source = "rbd:%s:mon_host=%s" % (ceph_disk_name, ceph_mon_ip)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("pre clean up rbd disk if exists: %s", cmd_result)
disk_src_dict = {"attrs": {"protocol": "rbd",
"name": ceph_disk_name},
"hosts": [{"name": ceph_host_ip,
"port": ceph_host_port}]}
elif backend_storage_type == "nfs":
pool_name = params.get("pool_name", "nfs_pool")
pool_target = params.get("pool_target", "nfs_mount")
pool_type = params.get("pool_type", "netfs")
nfs_server_dir = params.get("nfs_server_dir", "nfs_server")
emulated_image = params.get("emulated_image")
image_name = params.get("nfs_image_name", "nfs.img")
tmp_dir = TMP_DATA_DIR
pvt = libvirt.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
nfs_mount_dir = os.path.join(tmp_dir, pool_target)
device_source = nfs_mount_dir + image_name
disk_src_dict = {'attrs': {'file': device_source,
'type_name': 'file'}}
# Create dir based pool,and then create one volume on it.
elif backend_storage_type == "dir":
pool_name = params.get("pool_name", "dir_pool")
pool_target = params.get("pool_target")
pool_type = params.get("pool_type")
emulated_image = params.get("emulated_image")
image_name = params.get("dir_image_name", "luks_1.img")
# Create and start dir_based pool.
pvt = libvirt.PoolVolumeTest(test, params)
if not os.path.exists(pool_target):
os.mkdir(pool_target)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
sp = libvirt_storage.StoragePool()
if not sp.is_pool_active(pool_name):
sp.set_pool_autostart(pool_name)
sp.start_pool(pool_name)
# Create one volume on the pool.
volume_name = params.get("vol_name")
volume_alloc = params.get("vol_alloc")
volume_cap_unit = params.get("vol_cap_unit")
volume_cap = params.get("vol_cap")
volume_target_path = params.get("sec_volume")
volume_target_format = params.get("target_format")
device_format = volume_target_format
volume_target_encypt = params.get("target_encypt", "")
volume_target_label = params.get("target_label")
vol_params = {"name": volume_name, "capacity": int(volume_cap),
"allocation": int(volume_alloc), "format":
volume_target_format, "path": volume_target_path,
"label": volume_target_label,
"capacity_unit": volume_cap_unit}
vol_encryption_params = {}
vol_encryption_params.update({"format": "luks"})
vol_encryption_params.update({"secret": {"type": "passphrase", "uuid": luks_sec_uuid}})
try:
# If target format is qcow2,need to create test image with "qemu-img create"
if volume_target_format == "qcow2":
option = params.get("luks_extra_elements")
libvirt.create_local_disk("file", path=volume_target_path, extra=option,
disk_format="qcow2", size="1")
else:
# If Libvirt version is lower than 2.5.0
# Creating luks encryption volume is not supported,so skip it.
create_vol(pool_name, vol_encryption_params, vol_params)
except AssertionError as info:
err_msgs = ("create: invalid option")
if str(info).count(err_msgs):
test.cancel("Creating luks encryption volume "
"is not supported on this libvirt version")
else:
test.error("Failed to create volume."
"Error: %s" % str(info))
disk_src_dict = {'attrs': {'file': volume_target_path}}
device_source = volume_target_path
elif backend_storage_type == "file":
tmp_dir = TMP_DATA_DIR
image_name = params.get("file_image_name", "slice.img")
device_source = os.path.join(tmp_dir, image_name)
disk_src_dict = {'attrs': {'file': device_source}}
else:
test.cancel("Only iscsi/gluster/rbd/nfs/file can be tested for now.")
logging.debug("device source is: %s", device_source)
if backend_storage_type != "dir":
encrypt_dev(device_source, params)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
print()
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
if auth_in_source:
disk_source.auth = disk_xml.new_auth(**disk_auth_dict)
else:
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
disk_encryption_dict = {"encryption": "luks",
"secret": {"type": "passphrase",
"uuid": luks_sec_uuid}}
disk_encryption = disk_xml.new_encryption(**disk_encryption_dict)
if encryption_in_source:
disk_source.encryption = disk_encryption
else:
disk_xml.encryption = disk_encryption
if duplicated_encryption:
disk_xml.encryption = disk_encryption
if slice_support_enable:
if not libvirt_version.version_compare(6, 0, 0):
test.cancel("Cannot put <slice> inside disk <source> "
"in this libvirt version.")
else:
check_du_output = process.run("du -b %s" % device_source, shell=True).stdout_text
slice_size = re.findall(r'[0-9]+', check_du_output)
disk_source.slices = disk_xml.new_slices(
**{"slice_type": "storage", "slice_offset": "0", "slice_size": slice_size[0]})
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
# Sync VM xml
if not hotplug_disk:
vmxml.add_device(disk_xml)
try:
vmxml.sync()
vm.start()
vm.wait_for_login()
except xcepts.LibvirtXMLError as xml_error:
if not define_error:
test.fail("Failed to define VM:\n%s" % str(xml_error))
except virt_vm.VMStartError as details:
# When use wrong password in disk xml for cold plug cases,
# VM cannot be started
if status_error and not hotplug_disk:
logging.info("VM failed to start as expected: %s" % str(details))
else:
test.fail("VM should start but failed: %s" % str(details))
if hotplug_disk:
result = virsh.attach_device(vm_name, disk_xml.xml,
ignore_status=True, debug=True)
libvirt.check_exit_status(result, status_error)
if check_partitions and not status_error:
if not check_in_vm(device_target, old_parts):
test.fail("Check disk partitions in VM failed")
if volume_target_format == "qcow2":
check_dev_format(device_source, fmt="qcow2")
else:
check_dev_format(device_source)
if block_copy_test:
# Create a transient VM
transient_vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
if vm.is_alive():
vm.destroy(gracefully=False)
virsh.undefine(vm_name, debug=True, ignore_status=False)
virsh.create(transient_vmxml.xml, ignore_status=False, debug=True)
expected_top_image = vm.get_blk_devices()[device_target].get('source')
options = params.get("blockcopy_options")
tmp_dir = TMP_DATA_DIR
tmp_file = time.strftime("%Y-%m-%d-%H.%M.%S.img")
dest_path = os.path.join(tmp_dir, tmp_file)
# Need cover a few scenarios:single blockcopy, blockcopy and abort combined
virsh.blockcopy(vm_name, device_target, dest_path,
options, ignore_status=False, debug=True)
if encryption_in_source:
virsh.blockjob(vm_name, device_target, " --pivot", ignore_status=False)
expected_top_image = dest_path
else:
virsh.blockjob(vm_name, device_target, " --abort", ignore_status=False)
check_top_image_in_xml(expected_top_image)
finally:
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync("--snapshots-metadata")
# Clean up backend storage
if backend_storage_type == "iscsi":
libvirt.setup_or_cleanup_iscsi(is_setup=False)
elif backend_storage_type == "gluster":
gluster.setup_or_cleanup_gluster(is_setup=False,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
elif backend_storage_type == "ceph":
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("result of rbd removal: %s", cmd_result)
if os.path.exists(key_file):
os.remove(key_file)
# Clean up secrets
if auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
if luks_sec_uuid:
virsh.secret_undefine(luks_sec_uuid)
# Clean up pools
if pvt:
pvt.cleanup_pool(pool_name, pool_type, pool_target, emulated_image)
def run(test, params, env):
'''
Test the command virsh pool-create-as
(1) Prepare backend storage device
(2) Define secret xml and set secret value
(3) Test pool-create-as or virsh pool-define with authentication
'''
pool_options = params.get('pool_options', '')
pool_name = params.get('pool_name')
pool_type = params.get('pool_type')
pool_target = params.get('pool_target', '')
status_error = params.get('status_error') == "yes"
# iscsi options
emulated_size = params.get("iscsi_image_size", "1")
iscsi_host = params.get("iscsi_host", "127.0.0.1")
chap_user = params.get("iscsi_user")
chap_passwd = params.get("iscsi_password")
# ceph options
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_disk_name = params.get("ceph_disk_name", "EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
key_file = os.path.join(data_dir.get_tmp_dir(), "ceph.key")
key_opt = "--keyring %s" % key_file
# auth options
auth_usage = (params.get('auth_usage') == 'yes')
auth_uuid = (params.get('auth_uuid') == 'yes')
sec_ephemeral = params.get("secret_ephemeral", "no")
sec_private = params.get("secret_private", "yes")
sec_desc = params.get("secret_description")
auth_type = params.get("auth_type")
sec_usage = params.get("secret_usage_type")
sec_target = params.get("secret_usage_target")
sec_name = params.get("secret_name")
auth_sec_dict = {
"sec_ephemeral": sec_ephemeral,
"sec_private": sec_private,
"sec_desc": sec_desc,
"sec_usage": sec_usage,
"sec_target": sec_target,
"sec_name": sec_name
}
if sec_usage == "iscsi":
auth_username = chap_user
sec_password = chap_passwd
secret_usage = sec_target
if sec_usage == "ceph":
auth_username = ceph_auth_user
sec_password = ceph_auth_key
secret_usage = sec_name
if pool_target and not os.path.isdir(pool_target):
if os.path.isfile(pool_target):
logging.error('<target> must be a directory')
else:
os.makedirs(pool_target)
def setup_ceph_auth():
disk_path = ("rbd:%s:mon_host=%s" % (ceph_disk_name, ceph_mon_ip))
disk_path += (":id=%s:key=%s" % (ceph_auth_user, ceph_auth_key))
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" % (ceph_client_name, ceph_client_key))
# Delete the disk if it exists
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
process.run(cmd, ignore_status=True, shell=True)
# Create an local image and make FS on it.
img_file = os.path.join(data_dir.get_tmp_dir(), "test.img")
disk_cmd = ("qemu-img create -f raw {0} 10M && mkfs.ext4 -F {0}".
format(img_file))
process.run(disk_cmd, ignore_status=False, shell=True)
# Convert the image to remote storage
# Ceph can only support raw format
disk_cmd = ("qemu-img convert -O %s %s %s" %
("raw", img_file, disk_path))
process.run(disk_cmd, ignore_status=False, shell=True)
def setup_iscsi_auth():
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True,
is_login=False,
image_size=emulated_size,
chap_user=chap_user,
chap_passwd=chap_passwd)
return iscsi_target
def check_auth_in_xml(dparams):
sourcexml = pool_xml.PoolXML.new_from_dumpxml(pool_name).get_source()
with open(sourcexml.xml) as xml_f:
logging.debug("Source XML is: \n%s", xml_f.read())
# Check result
try:
for name, v_expect in dparams.items():
if v_expect != sourcexml[name]:
test.fail("Expect to find %s=%s, but got %s=%s" %
(name, v_expect, name, sourcexml[name]))
except xcepts.LibvirtXMLNotFoundError as details:
if "usage not found" in str(details) and auth_uuid:
pass # Not a auth_usage test
elif "uuid not found" in str(details) and auth_usage:
pass # Not a auth_uuid test
else:
test.fail(details)
def check_result(result, expect_error=False):
# pool-define-as return CmdResult
if isinstance(result, process.CmdResult):
result = (result.exit_status == 0) # True means run success
if expect_error:
if result:
test.fail("Expect to fail but run success")
elif not expect_error:
if not result:
test.fail("Expect to succeed but run failure")
else:
logging.info("It's an expected error")
if not libvirt_version.version_compare(3, 9, 0):
test.cancel("Pool create/define with authentication"
" not support in this libvirt version")
sec_uuid = ""
img_file = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
libvirt_pool = libvirt_storage.StoragePool()
try:
# Create secret xml and set value
encode = True
if sec_usage == "ceph":
encode = False # Ceph key already encoded
sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(sec_uuid,
sec_password,
encode=encode,
debug=True)
if sec_usage == "iscsi":
iscsi_dev = setup_iscsi_auth()
pool_options += (" --source-host %s --source-dev %s"
" --auth-type %s --auth-username %s" %
(iscsi_host, iscsi_dev, auth_type, auth_username))
if sec_usage == "ceph":
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
setup_ceph_auth()
rbd_pool = ceph_disk_name.split('/')[0]
pool_options += (
" --source-host %s --source-name %s"
" --auth-type %s --auth-username %s" %
(ceph_host_ip, rbd_pool, auth_type, auth_username))
if auth_usage:
pool_options += " --secret-usage %s" % secret_usage
if auth_uuid:
pool_options += " --secret-uuid %s" % sec_uuid
# Run test cases
func_name = params.get("test_func", "pool_create_as")
logging.info('Perform test runner: %s', func_name)
if func_name == "pool_create_as":
func = virsh.pool_create_as
if func_name == "pool_define_as":
func = virsh.pool_define_as
result = func(pool_name,
pool_type,
pool_target,
extra=pool_options,
debug=True)
# Check status_error
check_result(result, expect_error=status_error)
if not status_error:
# Check pool status
pool_status = libvirt_pool.pool_state(pool_name)
if ((pool_status == 'inactive' and func_name == "pool_define_as")
or
(pool_status == "active" and func_name == "pool_create_as")):
logging.info("Expected pool status:%s" % pool_status)
else:
test.fail("Not an expected pool status: %s" % pool_status)
# Check pool dumpxml
dict_expect = {
"auth_type": auth_type,
"auth_username": auth_username,
"secret_usage": secret_usage,
"secret_uuid": sec_uuid
}
check_auth_in_xml(dict_expect)
finally:
# Clean up
logging.info("Start to cleanup")
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
if os.path.exists(img_file):
os.remove(img_file)
virsh.secret_undefine(sec_uuid, ignore_status=True)
libvirt.setup_or_cleanup_iscsi(is_setup=False)
if libvirt_pool.pool_exists(pool_name):
libvirt_pool.delete_pool(pool_name)
def run(test, params, env):
"""
Test hosted scsi device passthrough
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
def prepare_hostdev_xml(**kwargs):
"""
Prepare the scsi device's xml
:param kwargs: The arguments to generate scsi host device xml.
:return: The xml of the scsi host device.
"""
hostdev_xml = hostdev.Hostdev()
hostdev_xml.type = "scsi"
if kwargs.get("managed"):
hostdev_xml.managed = kwargs.get("managed")
hostdev_xml.mode = kwargs.get("mode", "subsystem")
if kwargs.get("sgio"):
hostdev_xml.sgio = kwargs.get("sgio")
if kwargs.get("rawio"):
hostdev_xml.rawio = kwargs.get("rawio")
hostdev_xml.readonly = "yes" == kwargs.get("readonly")
hostdev_xml.shareable = "yes" == kwargs.get("shareable")
source_args = {}
source_protocol = kwargs.get("source_protocol")
if source_protocol == "iscsi":
# Use iscsi lun directly
source_args['protocol'] = "iscsi"
source_args['host_name'] = kwargs.get("iscsi_host", "ISCSI_HOST")
source_args['host_port'] = kwargs.get("iscsi_port", "ISCSI_PORT")
source_args['source_name'] = kwargs.get("iqn_name", "IQN_NAME")
source_args['auth_user'] = kwargs.get("auth_user")
source_args['secret_type'] = kwargs.get("secret_type")
source_args['secret_uuid'] = kwargs.get("secret_uuid")
source_args['secret_usage'] = kwargs.get("secret_usage")
source_args['iqn_id'] = kwargs.get("iqn_id")
elif source_protocol:
test.cancel("We do not support source protocol = %s yet" %
source_protocol)
else:
# Use local scsi device
source_args['adapter_name'] = kwargs.get("adapter_name",
"scsi_host999")
source_args['bus'] = kwargs.get("addr_bus", "0")
source_args['target'] = kwargs.get('addr_target', "0")
source_args['unit'] = kwargs.get('addr_unit', "0")
# If any attributes not used, remove them from source dict to avoid
# attr="" or attr="None" situation.
for key, value in list(source_args.items()):
if not value:
source_args.pop(key)
hostdev_xml.source = hostdev_xml.new_source(**source_args)
logging.info("hostdev xml is: %s", hostdev_xml)
return hostdev_xml
def prepare_iscsi_lun(emulated_img="emulated-iscsi", img_size='1G'):
"""
Prepare iscsi lun
:param emulated_img: The name of the iscsi lun device.
:param img_size: The size of the iscsi lun device.
:return: The iscsi target and lun number.
"""
enable_chap_auth = "yes" == params.get("enable_chap_auth")
if enable_chap_auth:
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
else:
chap_user = ""
chap_passwd = ""
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True,
is_login=False,
emulated_image=emulated_img,
image_size=img_size,
chap_user=chap_user,
chap_passwd=chap_passwd,
portal_ip="127.0.0.1")
return iscsi_target, lun_num
def prepare_local_scsi(emulated_img="emulated-iscsi", img_size='1G'):
"""
Prepare a local scsi device
:param emulated_img: The name of the iscsi lun device.
:param img_size: The size of the iscsi lun device.
:return: The iscsi scsi/bus/target/unit number.
"""
lun_info = []
device_source = libvirt.setup_or_cleanup_iscsi(
is_setup=True,
is_login=True,
emulated_image=emulated_img,
image_size=img_size)
cmd = "targetcli ls"
cmd_result = process.run(cmd, shell=True)
logging.debug("new block device is: %s", device_source)
cmd = "lsscsi | grep %s | awk '{print $1}'" % device_source
cmd_result = process.run(cmd, shell=True)
lun_info = re.findall("\d+", str(cmd_result.stdout.strip()))
if len(lun_info) != 4:
test.fail("Get wrong scsi lun info: %s" % lun_info)
scsi_num = lun_info[0]
bus_num = lun_info[1]
target_num = lun_info[2]
unit_num = lun_info[3]
return scsi_num, bus_num, target_num, unit_num
def get_new_disks(vm, old_partitions):
"""
Get new disks in vm after hostdev plug.
:param vm: The vm to be checked.
:param old_partitions: Already existing partitions in vm.
:return: New disks/partitions in vm, or None if no new disk/partitions.
"""
try:
session = vm.wait_for_login()
if platform.platform().count('ppc64'):
logging.debug("PPC machine may need a little sleep time "
"to see all disks, related owner may need "
"further investigation. Skip the sleep for now.")
#time.sleep(10)
new_partitions = utils_disk.get_parts_list(session)
logging.debug("new partitions are: %s", new_partitions)
added_partitions = list(
set(new_partitions).difference(set(old_partitions)))
session.close()
if not added_partitions:
logging.debug("No new partitions found in vm.")
else:
logging.debug("Newly added partition(s) is: %s",
added_partitions)
return added_partitions
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as err:
test.fail("Error happens when get new disk: %s" % str(err))
def get_unpriv_sgio(scsi_dev):
"""
Get scsi dev's unpriv_sgio value.
:param scsi_dev: The scsi device to be checked.
:return: The unpriv_sgio value of the scsi device.
"""
cmd = "lsscsi -g | grep '\[%s\]'" % scsi_dev
try:
output = process.system_output(cmd, verbose=True, shell=True)
blkdev = output.split()[-2]
chardev = output.split()[-1]
blk_stat = os.stat(blkdev)
sg_stat = os.stat(chardev)
blkdev_major = os.major(blk_stat.st_rdev)
blkdev_minor = os.minor(blk_stat.st_rdev)
chardev_major = os.major(sg_stat.st_rdev)
chardev_minor = os.minor(sg_stat.st_rdev)
blkdev_unpriv_path = ("/sys/dev/block/%s:%s/queue/unpriv_sgio" %
(blkdev_major, blkdev_minor))
chardev_unpriv_path = ("/sys/dev/char/%s:%s/device/unpriv_sgio" %
(chardev_major, chardev_minor))
# unpriv_sgio feature change in certain kernel,e.g: /sys/dev/char/%s:%s/queue/unpriv_sgio may not exist
if os.path.exists(blkdev_unpriv_path) is False:
return
with open(blkdev_unpriv_path, 'r') as f:
blkdev_unpriv_value = f.read().strip()
with open(chardev_unpriv_path, 'r') as f:
chardev_unpriv_value = f.read().strip()
logging.debug("blkdev unpriv_sgio:%s\nchardev unpriv_sgio:%s",
blkdev_unpriv_value, chardev_unpriv_value)
if ((not blkdev_unpriv_value or not chardev_unpriv_value)
or (blkdev_unpriv_value != chardev_unpriv_value)):
test.error("unpriv_sgio values are incorrect under block "
"and char folders.")
return blkdev_unpriv_value
except Exception as detail:
test.fail(
"Error happens when try to get the unpriv_sgio value: %s" %
detail)
def check_unpriv_sgio(scsi_dev, unpriv_sgio=False, shareable_dev=True):
"""
Check device's unpriv_sgio value with provided boolean value.
:param scsi_dev: The scsi device to be checked.
:param unpriv_sgio: If the expected unpriv_sgio is True or False.
:param shareable_dev: If the device is a shareable one.
"""
scsi_unpriv_sgio = get_unpriv_sgio(scsi_dev)
# On rhel9, previously skip check folder in get_unpriv_sgio(),so here return True directly
if scsi_unpriv_sgio is None:
return True
if shareable_dev:
# Only when <shareable/> set, the sgio takes effect.
if ((unpriv_sgio and scsi_unpriv_sgio == '1')
or (not unpriv_sgio and scsi_unpriv_sgio == '0')):
return True
else:
if scsi_unpriv_sgio == '0':
return True
return False
def check_disk_io(vm, partition):
"""
Check if the disk partition in vm can be normally used.
:param vm: The vm to be checked.
:param partition: The disk partition in vm to be checked.
:return: If the disk can be used, return True.
"""
readonly = "yes" == params.get("readonly")
readonly_keywords = ['readonly', 'read-only', 'read only']
try:
session = vm.wait_for_login()
cmd = (
"fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
"mkdir -p {0} && mount /dev/{0} {0} && echo"
" teststring > {0}/testfile && umount {0}".format(partition))
status, output = session.cmd_status_output(cmd)
session.close()
logging.debug("Disk operation in VM:\nexit code:\n%s\noutput:\n%s",
status, output)
if readonly:
for ro_kw in readonly_keywords:
if ro_kw in str(output).lower():
return True
logging.error("Hostdev set with 'readonly'. "
"But still can be operated.")
return False
return status == 0
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as err:
logging.debug("Error happens when check disk io in vm: %s",
str(err))
return False
def ppc_controller_update(vmxml):
"""
Update controller of ppc vm to 'virtio-scsi' to support 'scsi' type
:return:
"""
device_bus = 'scsi'
if params.get('machine_type') == 'pseries':
if not vmxml.get_controllers(device_bus, 'virtio-scsi'):
vmxml.del_controller(device_bus)
ppc_controller = Controller('controller')
ppc_controller.type = device_bus
ppc_controller.index = '0'
ppc_controller.model = 'virtio-scsi'
vmxml.add_device(ppc_controller)
vmxml.sync()
coldplug = "cold_plug" == params.get("attach_method")
hotplug = "hot_plug" == params.get("attach_method")
status_error = "yes" == params.get("status_error")
use_iscsi_directly = "iscsi" == params.get("source_protocol")
sgio = params.get("sgio")
test_shareable = "yes" == params.get("shareable")
device_num = int(params.get("device_num", "1"))
new_disks = []
new_disk = ""
attach_options = ""
iscsi_target = ""
lun_num = ""
adapter_name = ""
addr_scsi = ""
addr_bus = ""
addr_target = ""
addr_unit = ""
auth_sec_uuid = ""
hostdev_xmls = []
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
enable_initiator_set = "yes" == params.get("enable_initiator_set", "no")
if enable_initiator_set and not libvirt_version.version_compare(6, 7, 0):
test.cancel(
"current version doesn't support iscsi initiator hostdev feature")
try:
# Load sg module if necessary
process.run("modprobe sg",
shell=True,
ignore_status=True,
verbose=True)
# Backup vms' xml
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
vmxml = vmxml_backup.copy()
ppc_controller_update(vmxml)
if test_shareable:
vm_names = params.get("vms").split()
if len(vm_names) < 2:
test.error("At least 2 vms should be prepared "
"for shareable test.")
vm2_name = vm_names[1]
vm2 = env.get_vm(vm2_name)
vm2_xml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm2_name)
vm2_xml = vm2_xml_backup.copy()
ppc_controller_update(vm2_xml)
if vm2.is_dead():
vm2.start()
session = vm2.wait_for_login()
vm2_old_partitions = utils_disk.get_parts_list(session)
session.close()
# Get disk partitions info before hot/cold plug virtual disk
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_partitions = utils_disk.get_parts_list(session)
session.close()
for dev_num in range(device_num):
if use_iscsi_directly:
iscsi_target, lun_num = prepare_iscsi_lun(emulated_img='img' +
str(dev_num))
params['iscsi_host'] = "127.0.0.1"
params['iscsi_port'] = "3260"
params['iqn_name'] = iscsi_target + "/" + lun_num
else:
addr_scsi, addr_bus, addr_target, addr_unit = prepare_local_scsi(
emulated_img='img' + str(dev_num))
if not params.get('adapter_name') or dev_num >= 1:
params['adapter_name'] = "scsi_host" + addr_scsi
params['addr_bus'] = addr_bus
params['addr_target'] = addr_target
params['addr_unit'] = addr_unit
lsscsi_keyword = (addr_scsi + ":" + addr_bus + ":" +
addr_target + ":" + addr_unit)
enable_chap_auth = "yes" == params.get("enable_chap_auth")
auth_sec_usage = params.get("auth_sec_usage", "libvirtiscsi")
if enable_chap_auth:
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_password", "password")
auth_sec_dict = {
"sec_usage": "iscsi",
"sec_target": auth_sec_usage
}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid,
chap_passwd,
encode=True,
debug=True)
params['auth_user'] = chap_user
params['secret_type'] = "iscsi"
params['secret_uuid'] = auth_sec_uuid
if enable_initiator_set:
params['iqn_id'] = iscsi_target
hostdev_xml = prepare_hostdev_xml(**params)
hostdev_xmls.append(hostdev_xml)
if coldplug:
attach_options = "--config"
# Attach virtual disk to vm
for dev_num in range(device_num):
result = virsh.attach_device(vm_name,
hostdev_xmls[dev_num].xml,
flagstr=attach_options,
ignore_status=True,
debug=True)
libvirt.check_exit_status(result, status_error & hotplug)
if coldplug:
vm.destroy(gracefully=False)
result = virsh.start(vm_name, ignore_status=True, debug=True)
libvirt.check_exit_status(result, status_error & coldplug)
if not status_error:
vm.wait_for_login().close()
# Here we may need to wait for sometime, update if issue happens
# again.
#time.sleep(10)
utils_misc.wait_for(lambda: get_new_disks(vm, old_partitions), 20)
new_disks = get_new_disks(vm, old_partitions)
if len(new_disks) != device_num:
test.fail("Attached %s virtual disk but got %s." %
(device_num, len(new_disks)))
new_disk = new_disks[0]
for new_disk in new_disks:
# Check disk io of the hostdev in vm.
if not check_disk_io(vm, new_disk):
test.fail("Got unexpected result when operate the newly "
"added disk in vm.")
# Check if unpri_sgio value correctly set by the xml sgio param.
if not use_iscsi_directly:
if sgio == "unfiltered":
unpriv_sgio = True
else:
unpriv_sgio = False
if not (check_unpriv_sgio(lsscsi_keyword, unpriv_sgio,
test_shareable)):
test.fail(
"SCSI dev's unpriv_sgio value is inconsistent with "
"hostdev xml's sgio value.")
# Check shareable device.
if test_shareable:
vm2_xml.add_device(hostdev_xml)
session = vm2.wait_for_login()
result = virsh.attach_device(vm2_name,
hostdev_xml.xml,
ignore_status=False,
debug=True)
utils_misc.wait_for(
lambda: get_new_disks(vm2, vm2_old_partitions), 20)
vm2_new_disks = get_new_disks(vm2, vm2_old_partitions)
if len(vm2_new_disks) != 1:
test.fail(
"In second vm, attached 1 virtual disk but got %s."
% len(vm2_new_disks))
vm2_new_disk = vm2_new_disks[0]
if not check_disk_io(vm2, vm2_new_disk):
test.fail(
"Testing shareable device, got unexpected result "
"when operate the newly added disk in the second vm."
)
# Detach the disk from vm.
for dev_num in range(device_num):
result = virsh.detach_device(vm_name,
hostdev_xmls[dev_num].xml,
flagstr=attach_options,
ignore_status=False,
debug=True)
# Check the detached disk in vm.
if coldplug:
vm.destroy(gracefully=False)
vm.start()
vm.wait_for_login().close()
utils_misc.wait_for(lambda: not get_new_disks(vm, old_partitions),
20)
new_disks = get_new_disks(vm, old_partitions)
if len(new_disks) != 0:
test.fail("Unplug virtual disk failed.")
finally:
if vm.is_alive():
vm.destroy(gracefully=False)
# Restoring vm
vmxml_backup.sync()
if test_shareable:
if vm2.is_alive():
vm2.destroy(gracefully=False)
vm2_xml_backup.sync()
if auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
for dev_num in range(device_num):
libvirt.setup_or_cleanup_iscsi(is_setup=False,
emulated_image='img' + str(dev_num))
def run(test, params, env):
"""
Do test for vol-download and vol-upload
Basic steps are
1. Create pool with type defined in cfg
2. Create image with writing data in it
3. Get md5 value before operation
4. Do vol-download/upload with options(offset, length)
5. Check md5 value after operation
"""
pool_type = params.get("vol_download_upload_pool_type")
pool_name = params.get("vol_download_upload_pool_name")
pool_target = params.get("vol_download_upload_pool_target")
if os.path.dirname(pool_target) is "":
pool_target = os.path.join(data_dir.get_tmp_dir(), pool_target)
vol_name = params.get("vol_download_upload_vol_name")
file_name = params.get("vol_download_upload_file_name")
file_path = os.path.join(data_dir.get_tmp_dir(), file_name)
offset = params.get("vol_download_upload_offset")
length = params.get("vol_download_upload_length")
capacity = params.get("vol_download_upload_capacity")
allocation = params.get("vol_download_upload_allocation")
frmt = params.get("vol_download_upload_format")
operation = params.get("vol_download_upload_operation")
create_vol = ("yes" == params.get("vol_download_upload_create_vol", "yes"))
setup_libvirt_polkit = "yes" == params.get("setup_libvirt_polkit")
b_luks_encrypt = "luks" == params.get("encryption_method")
encryption_password = params.get("encryption_password", "redhat")
secret_uuids = []
# libvirt acl polkit related params
uri = params.get("virsh_uri")
unpri_user = params.get('unprivileged_user')
if unpri_user:
if unpri_user.count('EXAMPLE'):
unpri_user = '******'
if not libvirt_version.version_compare(1, 1, 1):
if setup_libvirt_polkit:
test.error("API acl test not supported in current"
" libvirt version.")
try:
pvt = utlv.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name, pool_type, pool_target, "volumetest",
pre_disk_vol=["50M"])
# According to BZ#1138523, we need inpect the right name
# (disk partition) for new volume
if pool_type == "disk":
vol_name = utlv.new_disk_vol_name(pool_name)
if vol_name is None:
test.error("Fail to generate volume name")
# update polkit rule as the volume name changed
if setup_libvirt_polkit:
vol_pat = r"lookup\('vol_name'\) == ('\S+')"
new_value = "lookup('vol_name') == '%s'" % vol_name
utlv.update_polkit_rule(params, vol_pat, new_value)
if create_vol:
if b_luks_encrypt:
if not libvirt_version.version_compare(2, 0, 0):
test.cancel("LUKS format not supported in "
"current libvirt version")
params['sec_volume'] = os.path.join(pool_target, vol_name)
luks_sec_uuid = utlv.create_secret(params)
ret = virsh.secret_set_value(luks_sec_uuid,
encryption_password,
encode=True)
utlv.check_exit_status(ret)
secret_uuids.append(luks_sec_uuid)
vol_arg = {}
vol_arg['name'] = vol_name
vol_arg['capacity'] = int(capacity)
vol_arg['allocation'] = int(allocation)
create_luks_vol(pool_name, vol_name, luks_sec_uuid, vol_arg)
else:
pvt.pre_vol(vol_name, frmt, capacity, allocation, pool_name)
vol_list = virsh.vol_list(pool_name).stdout.strip()
# iscsi volume name is different from others
if pool_type == "iscsi":
vol_name = vol_list.split('\n')[2].split()[0]
vol_path = virsh.vol_path(vol_name, pool_name,
ignore_status=False).stdout.strip()
logging.debug("vol_path is %s", vol_path)
# Add command options
if pool_type is not None:
options = " --pool %s" % pool_name
if offset is not None:
options += " --offset %s" % offset
offset = int(offset)
else:
offset = 0
if length is not None:
options += " --length %s" % length
length = int(length)
else:
length = 0
logging.debug("%s options are %s", operation, options)
if operation == "upload":
# write date to file
write_file(file_path)
# Set length for calculate the offset + length in the following
# func get_pre_post_digest() and digest()
if length == 0:
length = 1048576
def get_pre_post_digest():
"""
Get pre region and post region digest if have offset and length
:return: pre digest and post digest
"""
# Get digest of pre region before offset
if offset != 0:
digest_pre = digest(vol_path, 0, offset)
else:
digest_pre = 0
logging.debug("pre region digest read from %s 0-%s is %s",
vol_path, offset, digest_pre)
# Get digest of post region after offset+length
digest_post = digest(vol_path, offset + length, 0)
logging.debug("post region digest read from %s %s-0 is %s",
vol_path, offset + length, digest_post)
return (digest_pre, digest_post)
# Get pre and post digest before operation for compare
(ori_pre_digest, ori_post_digest) = get_pre_post_digest()
ori_digest = digest(file_path, 0, 0)
logging.debug("ori digest read from %s is %s", file_path,
ori_digest)
if setup_libvirt_polkit:
process.run("chmod 666 %s" % file_path, ignore_status=True,
shell=True)
# Do volume upload
result = virsh.vol_upload(vol_name, file_path, options,
unprivileged_user=unpri_user,
uri=uri, debug=True)
if result.exit_status == 0:
# Get digest after operation
(aft_pre_digest, aft_post_digest) = get_pre_post_digest()
aft_digest = digest(vol_path, offset, length)
logging.debug("aft digest read from %s is %s", vol_path,
aft_digest)
# Compare the pre and post part before and after
if ori_pre_digest == aft_pre_digest and \
ori_post_digest == aft_post_digest:
logging.info("file pre and aft digest match")
else:
test.fail("file pre or post digests do not"
"match, in %s", operation)
if operation == "download":
# Write date to volume
write_file(vol_path)
# Record the digest value before operation
ori_digest = digest(vol_path, offset, length)
logging.debug("original digest read from %s is %s", vol_path,
ori_digest)
process.run("touch %s" % file_path, ignore_status=True, shell=True)
if setup_libvirt_polkit:
process.run("chmod 666 %s" % file_path, ignore_status=True,
shell=True)
# Do volume download
result = virsh.vol_download(vol_name, file_path, options,
unprivileged_user=unpri_user,
uri=uri, debug=True)
if result.exit_status == 0:
# Get digest after operation
aft_digest = digest(file_path, 0, 0)
logging.debug("new digest read from %s is %s", file_path,
aft_digest)
if result.exit_status != 0:
test.fail("Fail to %s volume: %s" %
(operation, result.stderr))
# Compare the change part on volume and file
if ori_digest == aft_digest:
logging.info("file digests match, volume %s suceed", operation)
else:
test.fail("file digests do not match, volume %s failed"
% operation)
finally:
pvt.cleanup_pool(pool_name, pool_type, pool_target, "volumetest")
for secret_uuid in set(secret_uuids):
virsh.secret_undefine(secret_uuid)
if os.path.isfile(file_path):
os.remove(file_path)
def run(test, params, env):
"""
Test disk encryption option.
1.Prepare backend storage (blkdev/iscsi/gluster/ceph)
2.Use luks format to encrypt the backend storage
3.Prepare a disk xml indicating to the backend storage with valid/invalid
luks password
4.Start VM with disk hot/cold plugged
5.Check some disk operations in VM
6.Check backend storage is still in luks format
7.Recover test environment
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
def encrypt_dev(device, params):
"""
Encrypt device with luks format
:param device: Storage deivce to be encrypted.
:param params: From the dict to get encryption password.
"""
password = params.get("luks_encrypt_passwd", "password")
size = params.get("luks_size", "500M")
cmd = ("qemu-img create -f luks "
"--object secret,id=sec0,data=`printf '%s' | base64`,format=base64 "
"-o key-secret=sec0 %s %s" % (password, device, size))
if process.system(cmd, shell=True):
test.fail("Can't create a luks encrypted img by qemu-img")
def check_dev_format(device, fmt="luks"):
"""
Check if device is in luks format
:param device: Storage deivce to be checked.
:param fmt: Expected disk format.
:return: If device's format equals to fmt, return True, else return False.
"""
cmd_result = process.run("qemu-img" + ' -h', ignore_status=True,
shell=True, verbose=False)
if b'-U' in cmd_result.stdout:
cmd = ("qemu-img info -U %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
else:
cmd = ("qemu-img info %s| grep -i 'file format' "
"| grep -i %s" % (device, fmt))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
if cmd_result.exit_status:
test.fail("device %s is not in %s format. err is: %s" %
(device, fmt, cmd_result.stderr))
def check_in_vm(target, old_parts):
"""
Check mount/read/write disk in VM.
:param target: Disk dev in VM.
:param old_parts: Original disk partitions in VM.
:return: True if check successfully.
"""
try:
session = vm.wait_for_login()
if platform.platform().count('ppc64'):
time.sleep(10)
new_parts = libvirt.get_parts_list(session)
added_parts = list(set(new_parts).difference(set(old_parts)))
logging.info("Added parts:%s", added_parts)
if len(added_parts) != 1:
logging.error("The number of new partitions is invalid in VM")
return False
else:
added_part = added_parts[0]
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
"mkdir -p test && mount /dev/{0} test && echo"
" teststring > test/testfile && umount test"
.format(added_part))
status, output = session.cmd_status_output(cmd)
logging.debug("Disk operation in VM:\nexit code:\n%s\noutput:\n%s",
status, output)
return status == 0
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
return False
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "file")
device_bus = params.get("virt_disk_device_bus", "virtio")
backend_storage_type = params.get("backend_storage_type", "iscsi")
# Backend storage options.
storage_size = params.get("storage_size", "1G")
enable_auth = "yes" == params.get("enable_auth")
# Luks encryption info, luks_encrypt_passwd is the password used to encrypt
# luks image, and luks_secret_passwd is the password set to luks secret, you
# can set a wrong password to luks_secret_passwd for negative tests
luks_encrypt_passwd = params.get("luks_encrypt_passwd", "password")
luks_secret_passwd = params.get("luks_secret_passwd", "password")
# Backend storage auth info
use_auth_usage = "yes" == params.get("use_auth_usage")
if use_auth_usage:
use_auth_uuid = False
else:
use_auth_uuid = "yes" == params.get("use_auth_uuid", "yes")
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
status_error = "yes" == params.get("status_error")
check_partitions = "yes" == params.get("virt_disk_check_partitions", "yes")
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
encryption_in_source = "yes" == params.get("encryption_in_source", "no")
auth_in_source = "yes" == params.get("auth_in_source", "no")
auth_sec_uuid = ""
luks_sec_uuid = ""
disk_auth_dict = {}
disk_encryption_dict = {}
pvt = None
if ((encryption_in_source or auth_in_source) and
not libvirt_version.version_compare(3, 9, 0)):
test.cancel("Cannot put <encryption> or <auth> inside disk <source> "
"in this libvirt version.")
# Start VM and get all partions in VM.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = libvirt.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
# Setup backend storage
if backend_storage_type == "iscsi":
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
if device_type == "block":
device_source = libvirt.setup_or_cleanup_iscsi(is_setup=True)
disk_src_dict = {'attrs': {'dev': device_source}}
elif device_type == "network":
if enable_auth:
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage",
"libvirtiscsi")
auth_sec_dict = {"sec_usage": "iscsi",
"sec_target": auth_sec_usage}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
# Set password of auth secret (not luks encryption secret)
virsh.secret_set_value(auth_sec_uuid, chap_passwd,
encode=True, debug=True)
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True, is_login=False, image_size=storage_size,
chap_user=chap_user, chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# ISCSI auth attributes for disk xml
if use_auth_uuid:
disk_auth_dict = {"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
elif use_auth_usage:
disk_auth_dict = {"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target}
else:
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True, is_login=False, image_size=storage_size,
portal_ip=iscsi_host)
device_source = "iscsi://%s:%s/%s/%s" % (iscsi_host, iscsi_port,
iscsi_target, lun_num)
disk_src_dict = {"attrs": {"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)},
"hosts": [{"name": iscsi_host, "port": iscsi_port}]}
elif backend_storage_type == "gluster":
gluster_vol_name = params.get("gluster_vol_name", "gluster_vol1")
gluster_pool_name = params.get("gluster_pool_name", "gluster_pool1")
gluster_img_name = params.get("gluster_img_name", "gluster1.img")
gluster_host_ip = libvirt.setup_or_cleanup_gluster(
is_setup=True,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name)
device_source = "gluster://%s/%s/%s" % (gluster_host_ip,
gluster_vol_name,
gluster_img_name)
disk_src_dict = {"attrs": {"protocol": "gluster",
"name": "%s/%s" % (gluster_vol_name,
gluster_img_name)},
"hosts": [{"name": gluster_host_ip,
"port": "24007"}]}
elif backend_storage_type == "ceph":
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_host_port = params.get("ceph_host_port", "EXAMPLE_PORTS")
ceph_disk_name = params.get("ceph_disk_name", "EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
enable_auth = "yes" == params.get("enable_auth")
key_file = os.path.join(data_dir.get_tmp_dir(), "ceph.key")
key_opt = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
if enable_auth:
# If enable auth, prepare a local file to save key
if ceph_client_name and ceph_client_key:
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
key_opt = "--keyring %s" % key_file
auth_sec_dict = {"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid, ceph_auth_key,
debug=True)
disk_auth_dict = {"auth_user": ceph_auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
else:
test.error("No ceph client name/key provided.")
device_source = "rbd:%s:mon_host=%s:keyring=%s" % (ceph_disk_name,
ceph_mon_ip,
key_file)
else:
device_source = "rbd:%s:mon_host=%s" % (ceph_disk_name, ceph_mon_ip)
disk_src_dict = {"attrs": {"protocol": "rbd",
"name": ceph_disk_name},
"hosts": [{"name": ceph_host_ip,
"port": ceph_host_port}]}
elif backend_storage_type == "nfs":
pool_name = params.get("pool_name", "nfs_pool")
pool_target = params.get("pool_target", "nfs_mount")
pool_type = params.get("pool_type", "netfs")
nfs_server_dir = params.get("nfs_server_dir", "nfs_server")
emulated_image = params.get("emulated_image")
image_name = params.get("nfs_image_name", "nfs.img")
tmp_dir = data_dir.get_tmp_dir()
pvt = libvirt.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
nfs_mount_dir = os.path.join(tmp_dir, pool_target)
device_source = nfs_mount_dir + image_name
disk_src_dict = {'attrs': {'file': device_source,
'type_name': 'file'}}
else:
test.cancel("Only iscsi/gluster/rbd/nfs can be tested for now.")
logging.debug("device source is: %s", device_source)
luks_sec_uuid = libvirt.create_secret(params)
logging.debug("A secret created with uuid = '%s'", luks_sec_uuid)
ret = virsh.secret_set_value(luks_sec_uuid, luks_secret_passwd,
encode=True, debug=True)
encrypt_dev(device_source, params)
libvirt.check_exit_status(ret)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
if auth_in_source:
disk_source.auth = disk_xml.new_auth(**disk_auth_dict)
else:
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
disk_encryption_dict = {"encryption": "luks",
"secret": {"type": "passphrase",
"uuid": luks_sec_uuid}}
disk_encryption = disk_xml.new_encryption(**disk_encryption_dict)
if encryption_in_source:
disk_source.encryption = disk_encryption
else:
disk_xml.encryption = disk_encryption
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
# Sync VM xml
if not hotplug_disk:
vmxml.add_device(disk_xml)
vmxml.sync()
try:
vm.start()
vm.wait_for_login()
except virt_vm.VMStartError as details:
# When use wrong password in disk xml for cold plug cases,
# VM cannot be started
if status_error and not hotplug_disk:
logging.info("VM failed to start as expected: %s" % str(details))
else:
test.fail("VM should start but failed: %s" % str(details))
if hotplug_disk:
result = virsh.attach_device(vm_name, disk_xml.xml,
ignore_status=True, debug=True)
libvirt.check_exit_status(result, status_error)
if check_partitions and not status_error:
if not check_in_vm(device_target, old_parts):
test.fail("Check disk partitions in VM failed")
check_dev_format(device_source)
finally:
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync("--snapshots-metadata")
# Clean up backend storage
if backend_storage_type == "iscsi":
libvirt.setup_or_cleanup_iscsi(is_setup=False)
elif backend_storage_type == "gluster":
libvirt.setup_or_cleanup_gluster(is_setup=False,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name)
elif backend_storage_type == "ceph":
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("result of rbd removal: %s", cmd_result)
if os.path.exists(key_file):
os.remove(key_file)
# Clean up secrets
if auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
if luks_sec_uuid:
virsh.secret_undefine(luks_sec_uuid)
# Clean up pools
if pvt:
pvt.cleanup_pool(pool_name, pool_type, pool_target, emulated_image)
def run(test, params, env):
"""
Test the tpm virtual devices
1. prepare a guest with different tpm devices
2. check whether the guest can be started
3. check the xml and qemu cmd line, even swtpm for vtpm
4. check tpm usage in guest os
"""
# Tpm passthrough supported since libvirt 1.0.5.
if not libvirt_version.version_compare(1, 0, 5):
test.cancel("Tpm device is not supported "
"on current libvirt version.")
# Tpm passthrough supported since qemu 2.12.0-49.
if not utils_misc.compare_qemu_version(2, 9, 0, is_rhev=False):
test.cancel("Tpm device is not supported "
"on current qemu version.")
tpm_model = params.get("tpm_model")
backend_type = params.get("backend_type")
backend_version = params.get("backend_version")
device_path = params.get("device_path")
tpm_num = int(params.get("tpm_num", 1))
# After first start of vm with vtpm, do operations, check it still works
vm_operate = params.get("vm_operate")
# Sub-operation(e.g.domrename) under vm_operate(e.g.restart)
vm_oprt = params.get("vm_oprt")
secret_uuid = params.get("secret_uuid")
secret_value = params.get("secret_value")
# Change encryption state: from plain to encrypted, or reverse.
encrypt_change = params.get("encrypt_change")
secret_uuid = params.get("secret_uuid")
prepare_secret = ("yes" == params.get("prepare_secret", "no"))
remove_dev = ("yes" == params.get("remove_dev", "no"))
multi_vms = ("yes" == params.get("multi_vms", "no"))
# Remove swtpm state file
rm_statefile = ("yes" == params.get("rm_statefile", "no"))
test_suite = ("yes" == params.get("test_suite", "no"))
restart_libvirtd = ("yes" == params.get("restart_libvirtd", "no"))
no_backend = ("yes" == params.get("no_backend", "no"))
status_error = ("yes" == params.get("status_error", "no"))
err_msg = params.get("xml_errmsg", "")
loader = params.get("loader", "")
nvram = params.get("nvram", "")
uefi_disk_url = params.get("uefi_disk_url", "")
download_file_path = os.path.join(data_dir.get_tmp_dir(), "uefi_disk.qcow2")
# Check tpm chip on host for passthrough testing
if backend_type == "passthrough":
dmesg_info = process.getoutput("dmesg|grep tpm -wi", shell=True)
logging.debug("dmesg info about tpm:\n %s", dmesg_info)
dmesg_error = re.search("No TPM chip found|TPM is disabled", dmesg_info)
if dmesg_error:
test.cancel(dmesg_error.group())
else:
# Try to check host tpm chip version
tpm_v = None
if re.search("2.0 TPM", dmesg_info):
tpm_v = "2.0"
if not utils_package.package_install("tpm2-tools"):
# package_install() return 'True' if succeed
test.error("Failed to install tpm2-tools on host")
else:
if re.search("1.2 TPM", dmesg_info):
tpm_v = "1.2"
# If "1.2 TPM" or no version info in dmesg, try to test a tpm1.2 at first
if not utils_package.package_install("tpm-tools"):
test.error("Failed to install tpm-tools on host")
# Check host env for vtpm testing
elif backend_type == "emulator":
if not utils_misc.compare_qemu_version(4, 0, 0, is_rhev=False):
test.cancel("vtpm(emulator backend) is not supported "
"on current qemu version.")
# Install swtpm pkgs on host for vtpm emulation
if not utils_package.package_install("swtpm*"):
test.error("Failed to install swtpm swtpm-tools on host")
def replace_os_disk(vm_xml, vm_name, nvram):
"""
Replace os(nvram) and disk(uefi) for x86 vtpm test
:param vm_xml: current vm's xml
:param vm_name: current vm name
:param nvram: nvram file path of vm
"""
# Add loader, nvram in <os>
nvram = nvram.replace("<VM_NAME>", vm_name)
dict_os_attrs = {"loader_readonly": "yes",
"secure": "yes",
"loader_type": "pflash",
"loader": loader,
"nvram": nvram}
vm_xml.set_os_attrs(**dict_os_attrs)
logging.debug("Set smm=on in VMFeaturesXML")
# Add smm in <features>
features_xml = vm_xml.features
features_xml.smm = "on"
vm_xml.features = features_xml
vm_xml.sync()
# Replace disk with an uefi image
if not utils_package.package_install("wget"):
test.error("Failed to install wget on host")
if uefi_disk_url.count("EXAMPLE"):
test.error("Please provide the URL %s" % uefi_disk_url)
else:
download_cmd = ("wget %s -O %s" % (uefi_disk_url, download_file_path))
process.system(download_cmd, verbose=False, shell=True)
vm = env.get_vm(vm_name)
uefi_disk = {'disk_source_name': download_file_path}
libvirt.set_vm_disk(vm, uefi_disk)
vm_names = params.get("vms").split()
vm_name = vm_names[0]
vm = env.get_vm(vm_name)
vm_xml = VMXML.new_from_inactive_dumpxml(vm_name)
vm_xml_backup = vm_xml.copy()
os_xml = getattr(vm_xml, "os")
host_arch = platform.machine()
if backend_type == "emulator" and host_arch == 'x86_64':
if not utils_package.package_install("OVMF"):
test.error("Failed to install OVMF or edk2-ovmf pkgs on host")
if os_xml.xmltreefile.find('nvram') is None:
replace_os_disk(vm_xml, vm_name, nvram)
vm_xml = VMXML.new_from_inactive_dumpxml(vm_name)
if vm.is_alive():
vm.destroy()
vm2 = None
if multi_vms:
if len(vm_names) > 1:
vm2_name = vm_names[1]
vm2 = env.get_vm(vm2_name)
vm2_xml = VMXML.new_from_inactive_dumpxml(vm2_name)
vm2_xml_backup = vm2_xml.copy()
else:
# Clone additional vms if needed
try:
utils_path.find_command("virt-clone")
except utils_path.CmdNotFoundError:
if not utils_package.package_install(["virt-install"]):
test.cancel("Failed to install virt-install on host")
vm2_name = "vm2_" + utils_misc.generate_random_string(5)
ret_clone = utils_libguestfs.virt_clone_cmd(vm_name, vm2_name,
True, timeout=360, debug=True)
if ret_clone.exit_status:
test.error("Need more than one domains, but error occured when virt-clone.")
vm2 = vm.clone(vm2_name)
vm2_xml = VMXML.new_from_inactive_dumpxml(vm2_name)
if vm2.is_alive():
vm2.destroy()
service_mgr = service.ServiceManager()
def check_dumpxml(vm_name):
"""
Check whether the added devices are shown in the guest xml
:param vm_name: current vm name
"""
logging.info("------Checking guest dumpxml------")
if tpm_model:
pattern = '<tpm model="%s">' % tpm_model
else:
# The default tpm model is "tpm-tis"
pattern = '<tpm model="tpm-tis">'
# Check tpm model
xml_after_adding_device = VMXML.new_from_dumpxml(vm_name)
logging.debug("xml after add tpm dev is %s", xml_after_adding_device)
if pattern not in astring.to_text(xml_after_adding_device):
test.fail("Can not find the %s tpm device xml "
"in the guest xml file." % tpm_model)
# Check backend type
pattern = '<backend type="%s"' % backend_type
if pattern not in astring.to_text(xml_after_adding_device):
test.fail("Can not find the %s backend type xml for tpm dev "
"in the guest xml file." % backend_type)
# Check backend version
if backend_version:
check_ver = backend_version if backend_version != 'none' else '2.0'
pattern = '"emulator" version="%s"' % check_ver
if pattern not in astring.to_text(xml_after_adding_device):
test.fail("Can not find the %s backend version xml for tpm dev "
"in the guest xml file." % check_ver)
# Check device path
if backend_type == "passthrough":
pattern = '<device path="/dev/tpm0"'
if pattern not in astring.to_text(xml_after_adding_device):
test.fail("Can not find the %s device path xml for tpm dev "
"in the guest xml file." % device_path)
# Check encryption secret
if prepare_secret:
pattern = '<encryption secret="%s" />' % encryption_uuid
if pattern not in astring.to_text(xml_after_adding_device):
test.fail("Can not find the %s secret uuid xml for tpm dev "
"in the guest xml file." % encryption_uuid)
logging.info('------PASS on guest dumpxml check------')
def check_qemu_cmd_line(vm, vm_name, domid):
"""
Check whether the added devices are shown in the qemu cmd line
:param vm: current vm
:param vm_name: current vm name
:param domid: domain id for checking vtpm socket file
"""
logging.info("------Checking qemu cmd line------")
if not vm.get_pid():
test.fail('VM pid file missing.')
with open('/proc/%s/cmdline' % vm.get_pid()) as cmdline_file:
cmdline = cmdline_file.read()
logging.debug("Qemu cmd line info:\n %s", cmdline)
# Check tpm model
pattern_list = ["-device.%s" % tpm_model]
# Check backend type
if backend_type == "passthrough":
dev_num = re.search(r"\d+", device_path).group()
backend_segment = "id=tpm-tpm%s" % dev_num
else:
# emulator backend
backend_segment = "id=tpm-tpm0,chardev=chrtpm"
pattern_list.append("-tpmdev.%s,%s" % (backend_type, backend_segment))
# Check chardev socket for vtpm
if backend_type == "emulator":
pattern_list.append("-chardev.socket,id=chrtpm,"
"path=.*/run/libvirt/qemu/swtpm/%s-%s-swtpm.sock" % (domid, vm_name))
for pattern in pattern_list:
if not re.search(pattern, cmdline):
if not remove_dev:
test.fail("Can not find the %s for tpm device "
"in qemu cmd line." % pattern)
elif remove_dev:
test.fail("%s still exists after remove vtpm and restart" % pattern)
logging.info("------PASS on qemu cmd line check------")
def check_swtpm(domid, domuuid, vm_name):
"""
Check swtpm cmdline and files for vtpm.
:param domid: domain id for checking vtpm files
:param domuuid: domain uuid for checking vtpm state file
:param vm_name: current vm name
"""
logging.info("------Checking swtpm cmdline and files------")
# Check swtpm cmdline
swtpm_pid = utils_misc.get_pid("%s-swtpm.pid" % vm_name)
if not swtpm_pid:
if not remove_dev:
test.fail('swtpm pid file missing.')
else:
return
elif remove_dev:
test.fail('swtpm pid file still exists after remove vtpm and restart')
with open('/proc/%s/cmdline' % swtpm_pid) as cmdline_file:
cmdline = cmdline_file.read()
logging.debug("Swtpm cmd line info:\n %s", cmdline)
pattern_list = ["--daemon", "--ctrl", "--tpmstate", "--log", "--tpm2", "--pid"]
if prepare_secret:
pattern_list.extend(["--key", "--migration-key"])
for pattern in pattern_list:
if not re.search(pattern, cmdline):
test.fail("Can not find the %s for tpm device "
"in swtpm cmd line." % pattern)
# Check swtpm files
file_list = ["/var/run/libvirt/qemu/swtpm/%s-%s-swtpm.sock" % (domid, vm_name)]
file_list.append("/var/lib/libvirt/swtpm/%s/tpm2" % domuuid)
file_list.append("/var/log/swtpm/libvirt/qemu/%s-swtpm.log" % vm_name)
file_list.append("/var/run/libvirt/qemu/swtpm/%s-%s-swtpm.pid" % (domid, vm_name))
for swtpm_file in file_list:
if not os.path.exists(swtpm_file):
test.fail("Swtpm file: %s does not exist" % swtpm_file)
logging.info("------PASS on Swtpm cmdline and files check------")
def get_tpm2_tools_cmd(session=None):
"""
Get tpm2-tools pkg version and return corresponding getrandom cmd
:session: guest console session
:return: tpm2_getrandom cmd usage
"""
cmd = 'rpm -q tpm2-tools'
get_v_tools = session.cmd(cmd) if session else process.run(cmd).stdout_text
v_tools_list = get_v_tools.strip().split('-')
if session:
logging.debug("The tpm2-tools version is %s", v_tools_list[2])
v_tools = int(v_tools_list[2].split('.')[0])
return "tpm2_getrandom 8" if v_tools < 4 else "tpm2_getrandom -T device:/dev/tpm0 8 --hex"
def get_host_tpm_bef(tpm_v):
"""
Test host tpm function and identify its real version before passthrough
Since sometimes dmesg info doesn't include tpm msg, need use tpm-tool or
tpm2-tools to try the function.
:param tpm_v: host tpm version get from dmesg info
:return: host tpm version
"""
logging.info("------Checking host tpm device before passthrough------")
# Try tcsd tool for suspected tpm1.2 chip on host
tpm_real_v = tpm_v
if tpm_v != "2.0":
if not service_mgr.start('tcsd'):
# service_mgr.start() return 'True' if succeed
if tpm_v == "1.2":
test.fail("Host tcsd.serivce start failed")
else:
# Means tpm_v got nothing from dmesg, log failure here and
# go to next 'if' to try tpm2.0 tools.
logging.info("Host tcsd.serivce start failed")
else:
tpm_real_v = "1.2"
logging.info("Host tpm version info:")
result = process.run("tpm_version", ignore_status=False)
logging.debug("[host]# tpm_version\n %s", result.stdout)
time.sleep(2)
service_mgr.stop('tcsd')
if tpm_v != "1.2":
# Try tpm2.0 tools
if not utils_package.package_install("tpm2-tools"):
test.error("Failed to install tpm2-tools on host")
tpm2_getrandom_cmd = get_tpm2_tools_cmd()
if process.run(tpm2_getrandom_cmd, ignore_status=True).exit_status:
test.cancel("Both tcsd and tpm2-tools can not work, "
"pls check your host tpm version and test env.")
else:
tpm_real_v = "2.0"
logging.info("------PASS on host tpm device check------")
return tpm_real_v
def test_host_tpm_aft(tpm_real_v):
"""
Test host tpm function after passthrough
:param tpm_real_v: host tpm real version indentified from testing
"""
logging.info("------Checking host tpm device after passthrough------")
if tpm_real_v == "1.2":
if service_mgr.start('tcsd'):
time.sleep(2)
service_mgr.stop('tcsd')
test.fail("Host tpm should not work after passthrough to guest.")
else:
logging.info("Expected failure: Tpm is being used by guest.")
elif tpm_real_v == "2.0":
tpm2_getrandom_cmd = get_tpm2_tools_cmd()
if not process.run(tpm2_getrandom_cmd, ignore_status=True).exit_status:
test.fail("Host tpm should not work after passthrough to guest.")
else:
logging.info("Expected failure: Tpm is being used by guest.")
logging.info("------PASS on host tpm device check------")
def test_guest_tpm(expect_version, session, expect_fail):
"""
Test tpm function in guest
:param expect_version: guest tpm version, as host version, or emulator specified
:param session: Guest session to be tested
:param expect_fail: guest tpm is expectedly fail to work
"""
logging.info("------Checking guest tpm device work------")
if expect_version == "1.2":
# Install tpm-tools and test by tcsd method
if not utils_package.package_install(["tpm-tools"], session, 360):
test.error("Failed to install tpm-tools package in guest")
else:
status, output = session.cmd_status_output("systemctl start tcsd")
logging.debug("Command output: %s", output)
if status:
if expect_fail:
test.cancel("tpm-crb passthrough only works with host tpm2.0, "
"but your host tpm version is 1.2")
else:
test.fail("Failed to start tcsd.service in guest")
else:
dev_output = session.cmd_output("ls /dev/|grep tpm")
logging.debug("Command output: %s", dev_output)
status, output = session.cmd_status_output("tpm_version")
logging.debug("Command output: %s", output)
if status:
test.fail("Guest tpm can not work")
else:
# If expect_version is tpm2.0, install and test by tpm2-tools
if not utils_package.package_install(["tpm2-tools"], session, 360):
test.error("Failed to install tpm2-tools package in guest")
else:
tpm2_getrandom_cmd = get_tpm2_tools_cmd(session)
status1, output1 = session.cmd_status_output("ls /dev/|grep tpm")
logging.debug("Command output: %s", output1)
status2, output2 = session.cmd_status_output(tpm2_getrandom_cmd)
logging.debug("Command output: %s", output2)
if status1 or status2:
if not expect_fail:
test.fail("Guest tpm can not work")
else:
d_status, d_output = session.cmd_status_output("date")
if d_status:
test.fail("Guest OS doesn't work well")
logging.debug("Command output: %s", d_output)
elif expect_fail:
test.fail("Expect fail but guest tpm still works")
logging.info("------PASS on guest tpm device work check------")
def run_test_suite_in_guest(session):
"""
Run kernel test suite for guest tpm.
:param session: Guest session to be tested
"""
logging.info("------Checking kernel test suite for guest tpm------")
boot_info = session.cmd('uname -r').strip().split('.')
kernel_version = '.'.join(boot_info[:2])
# Download test suite per current guest kernel version
parent_path = "https://cdn.kernel.org/pub/linux/kernel"
if float(kernel_version) < 5.3:
major_version = "5"
file_version = "5.3"
else:
major_version = boot_info[0]
file_version = kernel_version
src_url = "%s/v%s.x/linux-%s.tar.xz" % (parent_path, major_version, file_version)
download_cmd = "wget %s -O %s" % (src_url, "/root/linux.tar.xz")
output = session.cmd_output(download_cmd, timeout=480)
logging.debug("Command output: %s", output)
# Install neccessary pkgs to build test suite
if not utils_package.package_install(["tar", "make", "gcc", "rsync", "python2"], session, 360):
test.fail("Failed to install specified pkgs in guest OS.")
# Unzip the downloaded test suite
status, output = session.cmd_status_output("tar xvJf /root/linux.tar.xz -C /root")
if status:
test.fail("Uzip failed: %s" % output)
# Specify using python2 to run the test suite per supporting
test_path = "/root/linux-%s/tools/testing/selftests" % file_version
sed_cmd = "sed -i 's/python -m unittest/python2 -m unittest/g' %s/tpm2/test_*.sh" % test_path
output = session.cmd_output(sed_cmd)
logging.debug("Command output: %s", output)
# Build and and run the .sh files of test suite
status, output = session.cmd_status_output("make -C %s TARGETS=tpm2 run_tests" % test_path, timeout=360)
logging.debug("Command output: %s", output)
if status:
test.fail("Failed to run test suite in guest OS.")
for test_sh in ["test_smoke.sh", "test_space.sh"]:
pattern = "ok .* selftests: tpm2: %s" % test_sh
if not re.search(pattern, output) or ("not ok" in output):
test.fail("test suite check failed.")
logging.info("------PASS on kernel test suite check------")
def reuse_by_vm2(tpm_dev):
"""
Try to add same tpm to a second guest, when it's being used by one guest.
:param tpm_dev: tpm device to be added into guest xml
"""
logging.info("------Trying to add same tpm to a second domain------")
vm2_xml.remove_all_device_by_type('tpm')
vm2_xml.add_device(tpm_dev)
vm2_xml.sync()
ret = virsh.start(vm2_name, ignore_status=True, debug=True)
if backend_type == "passthrough":
if ret.exit_status:
logging.info("Expected failure when try to passthrough a tpm"
" that being used by another guest")
return
test.fail("Reuse a passthroughed tpm should not succeed.")
elif ret.exit_status:
# emulator backend
test.fail("Vtpm for each guest should not interfere with each other")
try:
tpm_real_v = None
sec_uuids = []
new_name = ""
virsh_dargs = {"debug": True, "ignore_status": False}
vm_xml.remove_all_device_by_type('tpm')
tpm_dev = Tpm()
if tpm_model:
tpm_dev.tpm_model = tpm_model
if not no_backend:
backend = tpm_dev.Backend()
if backend_type != 'none':
backend.backend_type = backend_type
if backend_type == "passthrough":
tpm_real_v = get_host_tpm_bef(tpm_v)
logging.debug("The host tpm real version is %s", tpm_real_v)
if device_path:
backend.device_path = device_path
if backend_type == "emulator":
if backend_version != 'none':
backend.backend_version = backend_version
if prepare_secret:
auth_sec_dict = {"sec_ephemeral": "no",
"sec_private": "yes",
"sec_desc": "sample vTPM secret",
"sec_usage": "vtpm",
"sec_name": "VTPM_example"}
encryption_uuid = libvirt.create_secret(auth_sec_dict)
if secret_value != 'none':
virsh.secret_set_value(encryption_uuid, "open sesame", encode=True, debug=True)
sec_uuids.append(encryption_uuid)
if encrypt_change != 'encrpt':
# plain_to_encrypt will not add encryption on first start
if secret_uuid == 'invalid':
encryption_uuid = encryption_uuid[:-1]
backend.encryption_secret = encryption_uuid
if secret_uuid == "change":
auth_sec_dict["sec_desc"] = "sample2 vTPM secret"
auth_sec_dict["sec_name"] = "VTPM_example2"
new_encryption_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(new_encryption_uuid, "open sesame", encode=True, debug=True)
sec_uuids.append(new_encryption_uuid)
if secret_uuid == 'nonexist':
backend.encryption_secret = "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
tpm_dev.backend = backend
logging.debug("tpm dev xml to add is:\n %s", tpm_dev)
for num in range(tpm_num):
vm_xml.add_device(tpm_dev, True)
ret = virsh.define(vm_xml.xml, ignore_status=True, debug=True)
expected_match = ""
if not err_msg:
expected_match = "Domain .*%s.* defined from %s" % (vm_name, vm_xml.xml)
libvirt.check_result(ret, err_msg, "", False, expected_match)
if err_msg:
# Stop test when get expected failure
return
if vm_operate != "restart":
check_dumpxml(vm_name)
# For default model, no need start guest to test
if tpm_model:
expect_fail = False
try:
vm.start()
except VMStartError as detail:
if secret_value == 'none' or secret_uuid == 'nonexist':
logging.debug("Expected failure: %s", detail)
return
else:
test.fail(detail)
domuuid = vm.get_uuid()
if vm_operate or restart_libvirtd:
# Make sure OS works before vm operate or restart libvirtd
session = vm.wait_for_login()
test_guest_tpm("2.0", session, False)
session.close()
if restart_libvirtd:
utils_libvirtd.libvirtd_restart()
swtpm_statedir = "/var/lib/libvirt/swtpm/%s" % domuuid
if vm_operate == "resume":
virsh.suspend(vm_name, **virsh_dargs)
time.sleep(3)
virsh.resume(vm_name, **virsh_dargs)
elif vm_operate == "snapshot":
virsh.snapshot_create_as(vm_name, "sp1 --memspec file=/tmp/testvm_sp1", **virsh_dargs)
elif vm_operate in ["restart", "create"]:
vm.destroy()
if vm_operate == "create":
virsh.undefine(vm_name, options="--nvram", **virsh_dargs)
if os.path.exists(swtpm_statedir):
test.fail("Swtpm state dir: %s still exist after vm undefine" % swtpm_statedir)
virsh.create(vm_xml.xml, **virsh_dargs)
else:
if vm_oprt == "domrename":
new_name = "vm_" + utils_misc.generate_random_string(5)
virsh.domrename(vm_name, new_name, **virsh_dargs)
new_vm = libvirt_vm.VM(new_name, vm.params, vm.root_dir, vm.address_cache)
vm = new_vm
vm_name = new_name
elif secret_value == 'change':
logging.info("Changing secret value...")
virsh.secret_set_value(encryption_uuid, "new sesame", encode=True, debug=True)
elif not restart_libvirtd:
# remove_dev or do other vm operations during restart
vm_xml.remove_all_device_by_type('tpm')
if secret_uuid == "change" or encrypt_change:
# Change secret uuid, or change encrytion state:from plain to encrypted, or on the contrary
if encrypt_change == 'plain':
# Change from encrypted state to plain:redefine a tpm dev without encryption
tpm_dev = Tpm()
tpm_dev.tpm_model = tpm_model
backend = tpm_dev.Backend()
backend.backend_type = backend_type
backend.backend_version = backend_version
else:
# Use a new secret's uuid
if secret_uuid == "change":
encryption_uuid = new_encryption_uuid
backend.encryption_secret = encryption_uuid
tpm_dev.backend = backend
logging.debug("The new tpm dev xml to add for restart vm is:\n %s", tpm_dev)
vm_xml.add_device(tpm_dev, True)
if encrypt_change in ['encrpt', 'plain']:
# Avoid sync() undefine removing the state file
vm_xml.define()
else:
vm_xml.sync()
if rm_statefile:
swtpm_statefile = "%s/tpm2/tpm2-00.permall" % swtpm_statedir
logging.debug("Removing state file: %s", swtpm_statefile)
os.remove(swtpm_statefile)
ret = virsh.start(vm_name, ignore_status=True, debug=True)
libvirt.check_exit_status(ret, status_error)
if status_error and ret.exit_status != 0:
return
if not remove_dev:
check_dumpxml(vm_name)
elif vm_operate == 'managedsave':
virsh.managedsave(vm_name, **virsh_dargs)
time.sleep(5)
if secret_value == 'change':
logging.info("Changing secret value...")
virsh.secret_set_value(encryption_uuid, "new sesame", encode=True, debug=True)
if rm_statefile:
swtpm_statefile = "%s/tpm2/tpm2-00.permall" % swtpm_statedir
logging.debug("Removing state file: %s", swtpm_statefile)
os.remove(swtpm_statefile)
ret = virsh.start(vm_name, ignore_status=True, debug=True)
libvirt.check_exit_status(ret, status_error)
if status_error and ret.exit_status != 0:
return
domid = vm.get_id()
check_qemu_cmd_line(vm, vm_name, domid)
if backend_type == "passthrough":
if tpm_real_v == "1.2" and tpm_model == "tpm-crb":
expect_fail = True
expect_version = tpm_real_v
test_host_tpm_aft(tpm_real_v)
else:
# emulator backend
if remove_dev:
expect_fail = True
expect_version = backend_version
check_swtpm(domid, domuuid, vm_name)
session = vm.wait_for_login()
if test_suite:
run_test_suite_in_guest(session)
else:
test_guest_tpm(expect_version, session, expect_fail)
session.close()
if multi_vms:
reuse_by_vm2(tpm_dev)
if backend_type != "passthrough":
#emulator backend
check_dumpxml(vm2_name)
domid = vm2.get_id()
domuuid = vm2.get_uuid()
check_qemu_cmd_line(vm2, vm2_name, domid)
check_swtpm(domid, domuuid, vm2_name)
session = vm2.wait_for_login()
test_guest_tpm(backend_version, session, expect_fail)
session.close()
finally:
# Remove renamed domain if it exists
if new_name:
virsh.remove_domain(new_name, "--nvram", debug=True)
if os.path.exists("/var/log/swtpm/libvirt/qemu/%s-swtpm.log" % new_name):
os.remove("/var/log/swtpm/libvirt/qemu/%s-swtpm.log" % new_name)
# Remove snapshot if exists
if vm_operate == "snapshot":
snapshot_lists = virsh.snapshot_list(vm_name)
if len(snapshot_lists) > 0:
libvirt.clean_up_snapshots(vm_name, snapshot_lists)
for snap in snapshot_lists:
virsh.snapshot_delete(vm_name, snap, "--metadata")
if os.path.exists("/tmp/testvm_sp1"):
os.remove("/tmp/testvm_sp1")
# Clear guest os
if test_suite:
session = vm.wait_for_login()
logging.info("Removing dir /root/linux-*")
output = session.cmd_output("rm -rf /root/linux-*")
logging.debug("Command output:\n %s", output)
session.close()
if vm_operate == "create":
vm.define(vm_xml.xml)
vm_xml_backup.sync(options="--nvram --managed-save")
# Remove swtpm log file in case of impact on later runs
if os.path.exists("/var/log/swtpm/libvirt/qemu/%s-swtpm.log" % vm.name):
os.remove("/var/log/swtpm/libvirt/qemu/%s-swtpm.log" % vm.name)
for sec_uuid in set(sec_uuids):
virsh.secret_undefine(sec_uuid, ignore_status=True, debug=True)
if vm2:
if len(vm_names) > 1:
vm2_xml_backup.sync(options="--nvram")
else:
virsh.remove_domain(vm2_name, "--nvram --remove-all-storage", debug=True)
if os.path.exists("/var/log/swtpm/libvirt/qemu/%s-swtpm.log" % vm2.name):
os.remove("/var/log/swtpm/libvirt/qemu/%s-swtpm.log" % vm2.name)
def run(test, params, env):
"""
Test nbd disk option.
1.Prepare backend storage
2.Use nbd to export the backend storage with or without TLS
3.Prepare a disk xml indicating to the backend storage
4.Start VM with disk hotplug/coldplug
5.Start snapshot or save/restore operations on ndb disk
6.Check some behaviours on VM
7.Recover test environment
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': False}
def check_disk_save_restore(save_file):
"""
Check domain save and restore operation.
:param save_file: the path to saved file
"""
# Save the domain.
ret = virsh.save(vm_name, save_file, **virsh_dargs)
libvirt.check_exit_status(ret)
# Restore the domain.
ret = virsh.restore(save_file, **virsh_dargs)
libvirt.check_exit_status(ret)
def check_snapshot():
"""
Check domain snapshot operations.
"""
# Cleaup dirty data if exists
if os.path.exists(snapshot_name1_file):
os.remove(snapshot_name1_file)
if os.path.exists(snapshot_name2_mem_file):
os.remove(snapshot_name2_mem_file)
if os.path.exists(snapshot_name2_disk_file):
os.remove(snapshot_name2_disk_file)
device_target = 'vda'
snapshot_name1_option = "--diskspec %s,file=%s,snapshot=external --disk-only --atomic" % (
device_target, snapshot_name1_file)
ret = virsh.snapshot_create_as(vm_name,
"%s %s" %
(snapshot_name1, snapshot_name1_option),
debug=True)
libvirt.check_exit_status(ret)
snap_lists = virsh.snapshot_list(vm_name, debug=True)
if snapshot_name1 not in snap_lists:
test.fail("Snapshot %s doesn't exist" % snapshot_name1)
# Check file can be created after snapshot
def _check_file_create(filename):
"""
Check whether file with specified filename exists or not.
:param filename: finename
"""
try:
session = vm.wait_for_login()
if platform.platform().count('ppc64'):
time.sleep(10)
cmd = ("echo" " teststring > /tmp/{0}".format(filename))
status, output = session.cmd_status_output(cmd)
if status != 0:
test.fail("Failed to touch one file on VM internal")
except (remote.LoginError, virt_vm.VMError,
aexpect.ShellError) as e:
logging.error(str(e))
raise
finally:
if session:
session.close()
_check_file_create("disk.txt")
# Create memory snapshot.
snapshot_name2_mem_option = "--memspec file=%s,snapshot=external" % (
snapshot_name2_mem_file)
snapshot_name2_disk_option = "--diskspec %s,file=%s,snapshot=external --atomic" % (
device_target, snapshot_name2_disk_file)
snapshot_name2_option = "%s %s" % (snapshot_name2_mem_option,
snapshot_name2_disk_option)
ret = virsh.snapshot_create_as(vm_name,
"%s %s" %
(snapshot_name2, snapshot_name2_option),
debug=True)
libvirt.check_exit_status(ret)
snap_lists = virsh.snapshot_list(vm_name, debug=True)
if snapshot_name2 not in snap_lists:
test.fail("Snapshot: %s doesn't exist" % snapshot_name2)
_check_file_create("mem.txt")
def check_in_vm(target, old_parts):
"""
Check mount/read/write disk in VM.
:param target: Disk dev in VM.
:param old_parts: Original disk partitions in VM.
:return: True if check successfully.
"""
try:
session = vm.wait_for_login()
if platform.platform().count('ppc64'):
time.sleep(10)
new_parts = utils_disk.get_parts_list(session)
added_parts = list(set(new_parts).difference(set(old_parts)))
logging.info("Added parts:%s", added_parts)
if len(added_parts) != 1:
logging.error("The number of new partitions is invalid in VM")
return False
else:
added_part = added_parts[0]
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
"mkdir -p test && mount /dev/{0} test && echo"
" teststring > test/testfile && umount test".format(
added_part))
status, output = session.cmd_status_output(cmd)
logging.debug("Disk operation in VM:\nexit code:\n%s\noutput:\n%s",
status, output)
return status == 0
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
return False
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdb")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "file")
device_bus = params.get("virt_disk_device_bus", "virtio")
backend_storage_type = params.get("backend_storage_type", "iscsi")
image_path = params.get("emulated_image")
# Get config parameters
status_error = "yes" == params.get("status_error")
define_error = "yes" == params.get("define_error")
check_partitions = "yes" == params.get("virt_disk_check_partitions", "yes")
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
tls_enabled = "yes" == params.get("enable_tls", "no")
enable_private_key_encryption = "yes" == params.get(
"enable_private_key_encryption", "no")
private_key_encrypt_passphrase = params.get("private_key_password")
domain_operation = params.get("domain_operation")
secret_uuid = None
# Get snapshot attributes.
snapshot_name1 = params.get("snapshot_name1")
snapshot_name1_file = params.get("snapshot_name1_file")
snapshot_name2 = params.get("snapshot_name2")
snapshot_name2_mem_file = params.get("snapshot_name2_mem_file")
snapshot_name2_disk_file = params.get("snapshot_name2_disk_file")
# Initialize one NbdExport object
nbd = None
# Start VM and get all partitions in VM.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = utils_disk.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
try:
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
# Get server hostname.
hostname = process.run('hostname',
ignore_status=False,
shell=True,
verbose=True).stdout_text.strip()
# Setup backend storage
nbd_server_host = hostname
nbd_server_port = params.get("nbd_server_port")
image_path = params.get("emulated_image",
"/var/lib/libvirt/images/nbdtest.img")
export_name = params.get("export_name", None)
deleteExisted = "yes" == params.get("deleteExisted", "yes")
tls_bit = "no"
if tls_enabled:
tls_bit = "yes"
# Create secret
if enable_private_key_encryption:
# this feature is enabled after libvirt 6.6.0
if not libvirt_version.version_compare(6, 6, 0):
test.cancel(
"current libvirt version doesn't support client private key encryption"
)
utils_secret.clean_up_secrets()
private_key_sec_uuid = libvirt.create_secret(params)
logging.debug("A secret created with uuid = '%s'",
private_key_sec_uuid)
private_key_sec_passwd = params.get("private_key_password",
"redhat")
ret = virsh.secret_set_value(private_key_sec_uuid,
private_key_sec_passwd,
encode=True,
use_file=True,
debug=True)
libvirt.check_exit_status(ret)
secret_uuid = private_key_sec_uuid
# Initialize special test environment config for snapshot operations.
if domain_operation == "snap_shot":
first_disk = vm.get_first_disk_devices()
image_path = first_disk['source']
device_target = 'vda'
# Remove previous xml
disks = vmxml.get_devices(device_type="disk")
for disk_ in disks:
if disk_.target['dev'] == device_target:
vmxml.del_device(disk_)
break
# Create NbdExport object
nbd = NbdExport(
image_path,
image_format=device_format,
port=nbd_server_port,
export_name=export_name,
tls=tls_enabled,
deleteExisted=deleteExisted,
private_key_encrypt_passphrase=private_key_encrypt_passphrase,
secret_uuid=secret_uuid)
nbd.start_nbd_server()
# Prepare disk source xml
source_attrs_dict = {"protocol": "nbd", "tls": "%s" % tls_bit}
if export_name:
source_attrs_dict.update({"name": "%s" % export_name})
disk_src_dict = {}
disk_src_dict.update({"attrs": source_attrs_dict})
disk_src_dict.update(
{"hosts": [{
"name": nbd_server_host,
"port": nbd_server_port
}]})
# Add disk xml.
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": 'raw'}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
# Sync VM xml
if not hotplug_disk:
vmxml.add_device(disk_xml)
try:
vmxml.sync()
vm.start()
vm.wait_for_login()
except xcepts.LibvirtXMLError as xml_error:
if not define_error:
test.fail("Failed to define VM:\n%s" % str(xml_error))
except virt_vm.VMStartError as details:
# When use wrong password in disk xml for cold plug cases,
# VM cannot be started
if status_error and not hotplug_disk:
logging.info("VM failed to start as expected: %s" %
str(details))
else:
test.fail("VM should start but failed: %s" % str(details))
# Hotplug disk.
if hotplug_disk:
result = virsh.attach_device(vm_name,
disk_xml.xml,
ignore_status=True,
debug=True)
libvirt.check_exit_status(result, status_error)
# Check save and restore operation and its result
if domain_operation == 'save_restore':
save_file = "/tmp/%s.save" % vm_name
check_disk_save_restore(save_file)
# Check attached nbd disk
if check_partitions and not status_error:
logging.debug("wait seconds for starting in checking vm part")
time.sleep(2)
if not check_in_vm(device_target, old_parts):
test.fail("Check disk partitions in VM failed")
# Check snapshot operation and its result
if domain_operation == 'snap_shot':
check_snapshot()
# Unplug disk.
if hotplug_disk:
result = virsh.detach_device(vm_name,
disk_xml.xml,
ignore_status=True,
debug=True,
wait_for_event=True)
libvirt.check_exit_status(result, status_error)
finally:
if enable_private_key_encryption:
utils_secret.clean_up_secrets()
# Clean up backend storage and TLS
try:
if nbd:
nbd.cleanup()
# Clean up snapshots if exist
if domain_operation == 'snap_shot':
snap_lists = virsh.snapshot_list(vm_name, debug=True)
for snap_name in snap_lists:
virsh.snapshot_delete(vm_name,
snap_name,
"--metadata",
debug=True,
ignore_status=True)
# Cleaup dirty data if exists
if os.path.exists(snapshot_name1_file):
os.remove(snapshot_name1_file)
if os.path.exists(snapshot_name2_mem_file):
os.remove(snapshot_name2_mem_file)
if os.path.exists(snapshot_name2_disk_file):
os.remove(snapshot_name2_disk_file)
except Exception as ndbEx:
logging.info("Clean Up nbd failed: %s" % str(ndbEx))
# Recover VM.
if vm.is_alive():
vm.destroy(gracefully=False)
vmxml_backup.sync("--snapshots-metadata")
def run(test, params, env):
"""
Test virsh domblkthreshold option.
1.Prepare backend storage (file/luks/iscsi/gluster/ceph/nbd)
2.Start VM
3.Set domblkthreshold on target device in VM
4.Trigger one threshold event
5.Check threshold event is received as expected
6.Clean up test environment
"""
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
virsh_dargs = {'debug': True, 'ignore_status': True}
block_threshold_timeout = params.get("block_threshold_timeout", "120")
event_type = params.get("event_type", "block-threshold")
block_threshold_option = params.get("block_threshold_option", "--loop")
def set_vm_block_domblkthreshold(vm_name, target_device, threshold, **dargs):
"""
Set VM block threshold on specific target device.
:param vm_name: VM name.
:param target_device: target device in VM
:param threshold: threshold value with specific unit such as 100M
:param dargs: mutable parameter dict
"""
ret = virsh.domblkthreshold(vm_name, target_device, threshold, **dargs)
libvirt.check_exit_status(ret)
def trigger_block_threshold_event(vm_domain, target):
"""
Trigger block threshold event.
:param vm_domain: VM name
:param target: Disk dev in VM.
"""
try:
session = vm_domain.wait_for_login()
time.sleep(10)
cmd = ("fdisk -l /dev/{0} && mkfs.ext4 -F /dev/{0} && "
" mount /dev/{0} /mnt && "
" dd if=/dev/urandom of=/mnt/bigfile bs=1M count=101"
.format(target))
status, output = session.cmd_status_output(cmd)
if status:
test.error("Failed to mount and fill data in VM: %s" % output)
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
raise
def check_threshold_event(vm_name, event_type, event_timeout, options, **dargs):
"""
Check threshold event.
:param vm_name: VM name
:param event_type: event type.
:param event_timeout: event timeout value
:param options: event option
:dargs: dynamic parameters.
"""
ret = virsh.event(vm_name, event_type, event_timeout, options, **dargs)
logging.debug(ret.stdout_text)
libvirt.check_exit_status(ret)
def create_vol(p_name, vol_params):
"""
Create volume.
:param p_name: Pool name.
:param vol_params: Volume parameters dict.
"""
# Clean up dirty volumes if pool has.
pv = libvirt_storage.PoolVolume(p_name)
vol_name_list = pv.list_volumes()
for vol_name in vol_name_list:
pv.delete_volume(vol_name)
volxml = vol_xml.VolXML()
v_xml = volxml.new_vol(**vol_params)
v_xml.xmltreefile.write()
ret = virsh.vol_create(p_name, v_xml.xml, **virsh_dargs)
libvirt.check_exit_status(ret)
def trigger_block_commit(vm_name, target, blockcommit_options, **virsh_dargs):
"""
Trigger blockcommit.
:param vm_name: VM name
:param target: Disk dev in VM.
:param blockcommit_options: blockcommit option
:param virsh_dargs: additional parameters
"""
result = virsh.blockcommit(vm_name, target,
blockcommit_options, ignore_status=False, **virsh_dargs)
def trigger_block_copy(vm_name, target, dest_path, blockcopy_options, **virsh_dargs):
"""
Trigger blockcopy
:param vm_name: string, VM name
:param target: string, target disk
:param dest_path: string, the path of copied disk
:param blockcopy_options: string, some options applied
:param virsh_dargs: additional options
"""
result = virsh.blockcopy(vm_name, target, dest_path, blockcopy_options, **virsh_dargs)
libvirt.check_exit_status(result)
def trigger_mirror_threshold_event(vm_domain, target):
"""
Trigger mirror mode block threshold event.
:param vm_domain: VM name
:param target: Disk target in VM.
"""
try:
session = vm_domain.wait_for_login()
# Sleep 10 seconds to let wait for events thread start first in main thread
time.sleep(10)
cmd = ("dd if=/dev/urandom of=file bs=1G count=3")
status, output = session.cmd_status_output(cmd)
if status:
test.error("Failed to fill data in VM target: %s with %s" % (target, output))
except (remote.LoginError, virt_vm.VMError, aexpect.ShellError) as e:
logging.error(str(e))
raise
except Exception as ex:
raise
def get_mirror_source_index(vm_name, dev_index=0):
"""
Get mirror source index
:param vm_name: VM name
:param dev_index: Disk device index.
:return mirror source index in integer
"""
disk_list = vm_xml.VMXML.get_disk_source(vm_name)
disk_mirror = disk_list[dev_index].find('mirror')
if disk_mirror is None:
test.fail("Failed to get disk mirror")
disk_mirror_source = disk_mirror.find('source')
return int(disk_mirror_source.get('index'))
# Disk specific attributes.
device = params.get("virt_disk_device", "disk")
device_target = params.get("virt_disk_device_target", "vdd")
device_format = params.get("virt_disk_device_format", "raw")
device_type = params.get("virt_disk_device_type", "file")
device_bus = params.get("virt_disk_device_bus", "virtio")
backend_storage_type = params.get("backend_storage_type", "iscsi")
# Backend storage auth info
storage_size = params.get("storage_size", "1G")
enable_auth = "yes" == params.get("enable_auth")
use_auth_usage = "yes" == params.get("use_auth_usage")
auth_sec_usage_type = params.get("auth_sec_usage_type", "iscsi")
auth_sec_usage_target = params.get("auth_sec_usage_target", "libvirtiscsi")
auth_sec_uuid = ""
luks_sec_uuid = ""
disk_auth_dict = {}
disk_encryption_dict = {}
status_error = "yes" == params.get("status_error")
define_error = "yes" == params.get("define_error")
mirror_mode_blockcommit = "yes" == params.get("mirror_mode_blockcommit", "no")
mirror_mode_blockcopy = "yes" == params.get("mirror_mode_blockcopy", "no")
default_snapshot_test = "yes" == params.get("default_snapshot_test", "no")
block_threshold_value = params.get("block_threshold_value", "100M")
snapshot_external_disks = []
tmp_dir = data_dir.get_tmp_dir()
dest_path = params.get("dest_path", "/var/lib/libvirt/images/newclone")
pvt = None
# Initialize one NbdExport object
nbd = None
img_file = os.path.join(data_dir.get_tmp_dir(),
"%s_test.img" % vm_name)
if ((backend_storage_type == "luks") and
not libvirt_version.version_compare(3, 9, 0)):
test.cancel("Cannot support <encryption> inside disk in this libvirt version.")
# Start VM and get all partitions in VM.
if vm.is_dead():
vm.start()
session = vm.wait_for_login()
old_parts = utils_disk.get_parts_list(session)
session.close()
vm.destroy(gracefully=False)
# Back up xml file.
vmxml_backup = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
# Additional disk images.
disks_img = []
try:
# Clean up dirty secrets in test environments if there are.
utils_secret.clean_up_secrets()
# Setup backend storage
if backend_storage_type == "file":
image_filename = params.get("image_filename", "raw.img")
disk_path = os.path.join(data_dir.get_tmp_dir(), image_filename)
device_source = libvirt.create_local_disk(backend_storage_type, disk_path, storage_size, device_format)
disks_img.append({"format": device_format,
"source": disk_path, "path": disk_path})
disk_src_dict = {'attrs': {'file': device_source,
'type_name': 'file'}}
# Setup backend storage
elif backend_storage_type == "luks":
luks_encrypt_passwd = params.get("luks_encrypt_passwd", "password")
luks_secret_passwd = params.get("luks_secret_passwd", "password")
# Create secret
luks_sec_uuid = libvirt.create_secret(params)
logging.debug("A secret created with uuid = '%s'", luks_sec_uuid)
virsh.secret_set_value(luks_sec_uuid, luks_secret_passwd,
encode=True, ignore_status=False, debug=True)
image_filename = params.get("image_filename", "raw.img")
device_source = os.path.join(data_dir.get_tmp_dir(), image_filename)
disks_img.append({"format": device_format,
"source": device_source, "path": device_source})
disk_src_dict = {'attrs': {'file': device_source,
'type_name': 'file'}}
disk_encryption_dict = {"encryption": "luks",
"secret": {"type": "passphrase",
"uuid": luks_sec_uuid}}
cmd = ("qemu-img create -f luks "
"--object secret,id=sec0,data=`printf '%s' | base64`,format=base64 "
"-o key-secret=sec0 %s %s" % (luks_encrypt_passwd, device_source, storage_size))
if process.system(cmd, shell=True):
test.error("Can't create a luks encrypted img by qemu-img")
elif backend_storage_type == "iscsi":
iscsi_host = params.get("iscsi_host")
iscsi_port = params.get("iscsi_port")
if device_type == "block":
device_source = libvirt.setup_or_cleanup_iscsi(is_setup=True)
disk_src_dict = {'attrs': {'dev': device_source}}
elif device_type == "network":
chap_user = params.get("chap_user", "redhat")
chap_passwd = params.get("chap_passwd", "password")
auth_sec_usage = params.get("auth_sec_usage",
"libvirtiscsi")
auth_sec_dict = {"sec_usage": "iscsi",
"sec_target": auth_sec_usage}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
# Set password of auth secret (not luks encryption secret)
virsh.secret_set_value(auth_sec_uuid, chap_passwd,
encode=True, ignore_status=False, debug=True)
iscsi_target, lun_num = libvirt.setup_or_cleanup_iscsi(
is_setup=True, is_login=False, image_size=storage_size,
chap_user=chap_user, chap_passwd=chap_passwd,
portal_ip=iscsi_host)
# ISCSI auth attributes for disk xml
disk_auth_dict = {"auth_user": chap_user,
"secret_type": auth_sec_usage_type,
"secret_usage": auth_sec_usage_target}
device_source = "iscsi://%s:%s/%s/%s" % (iscsi_host, iscsi_port,
iscsi_target, lun_num)
disk_src_dict = {"attrs": {"protocol": "iscsi",
"name": "%s/%s" % (iscsi_target, lun_num)},
"hosts": [{"name": iscsi_host, "port": iscsi_port}]}
elif backend_storage_type == "gluster":
gluster_vol_name = params.get("gluster_vol_name", "gluster_vol1")
gluster_pool_name = params.get("gluster_pool_name", "gluster_pool1")
gluster_img_name = params.get("gluster_img_name", "gluster1.img")
gluster_host_ip = gluster.setup_or_cleanup_gluster(
is_setup=True,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
device_source = "gluster://%s/%s/%s" % (gluster_host_ip,
gluster_vol_name,
gluster_img_name)
cmd = ("qemu-img create -f %s "
"%s %s" % (device_format, device_source, storage_size))
if process.system(cmd, shell=True):
test.error("Can't create a gluster type img by qemu-img")
disk_src_dict = {"attrs": {"protocol": "gluster",
"name": "%s/%s" % (gluster_vol_name,
gluster_img_name)},
"hosts": [{"name": gluster_host_ip,
"port": "24007"}]}
elif backend_storage_type == "ceph":
ceph_host_ip = params.get("ceph_host_ip", "EXAMPLE_HOSTS")
ceph_mon_ip = params.get("ceph_mon_ip", "EXAMPLE_MON_HOST")
ceph_host_port = params.get("ceph_host_port", "EXAMPLE_PORTS")
ceph_disk_name = params.get("ceph_disk_name", "EXAMPLE_SOURCE_NAME")
ceph_client_name = params.get("ceph_client_name")
ceph_client_key = params.get("ceph_client_key")
ceph_auth_user = params.get("ceph_auth_user")
ceph_auth_key = params.get("ceph_auth_key")
enable_auth = "yes" == params.get("enable_auth")
key_file = os.path.join(data_dir.get_tmp_dir(), "ceph.key")
key_opt = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_ip)
# If enable auth, prepare a local file to save key
if ceph_client_name and ceph_client_key:
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
key_opt = "--keyring %s" % key_file
auth_sec_dict = {"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid, ceph_auth_key,
debug=True)
disk_auth_dict = {"auth_user": ceph_auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid}
else:
test.error("No ceph client name/key provided.")
device_source = "rbd:%s:mon_host=%s:keyring=%s" % (ceph_disk_name,
ceph_mon_ip,
key_file)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("pre clean up rbd disk if exists: %s", cmd_result)
# Create an local image and make FS on it.
disk_cmd = ("qemu-img create -f %s %s %s" %
(device_format, img_file, storage_size))
process.run(disk_cmd, ignore_status=False, shell=True)
# Convert the image to remote storage
disk_path = ("rbd:%s:mon_host=%s" %
(ceph_disk_name, ceph_mon_ip))
if ceph_client_name and ceph_client_key:
disk_path += (":id=%s:key=%s" %
(ceph_auth_user, ceph_auth_key))
rbd_cmd = ("rbd -m %s %s info %s 2> /dev/null|| qemu-img convert -O"
" %s %s %s" % (ceph_mon_ip, key_opt, ceph_disk_name,
device_format, img_file, disk_path))
process.run(rbd_cmd, ignore_status=False, shell=True)
disk_src_dict = {"attrs": {"protocol": "rbd",
"name": ceph_disk_name},
"hosts": [{"name": ceph_host_ip,
"port": ceph_host_port}]}
elif backend_storage_type == "nfs":
pool_name = params.get("pool_name", "nfs_pool")
pool_target = params.get("pool_target", "nfs_mount")
pool_type = params.get("pool_type", "netfs")
nfs_server_dir = params.get("nfs_server_dir", "nfs_server")
emulated_image = params.get("emulated_image")
image_name = params.get("nfs_image_name", "nfs.img")
tmp_dir = data_dir.get_tmp_dir()
pvt = libvirt.PoolVolumeTest(test, params)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
# Set virt_use_nfs
virt_use_nfs = params.get("virt_use_nfs", "off")
result = process.run("setsebool virt_use_nfs %s" % virt_use_nfs, shell=True)
if result.exit_status:
test.error("Failed to set virt_use_nfs value")
nfs_mount_dir = os.path.join(tmp_dir, pool_target)
device_source = nfs_mount_dir + image_name
# Create one image on nfs server
libvirt.create_local_disk("file", device_source, '1', "raw")
disks_img.append({"format": device_format,
"source": device_source, "path": device_source})
disk_src_dict = {'attrs': {'file': device_source,
'type_name': 'file'}}
# Create dir based pool,and then create one volume on it.
elif backend_storage_type == "dir":
pool_name = params.get("pool_name", "dir_pool")
pool_target = params.get("pool_target")
pool_type = params.get("pool_type")
emulated_image = params.get("emulated_image")
image_name = params.get("dir_image_name", "luks_1.img")
# Create and start dir_based pool.
pvt = libvirt.PoolVolumeTest(test, params)
if not os.path.exists(pool_target):
os.mkdir(pool_target)
pvt.pre_pool(pool_name, pool_type, pool_target, emulated_image)
sp = libvirt_storage.StoragePool()
if not sp.is_pool_active(pool_name):
sp.set_pool_autostart(pool_name)
sp.start_pool(pool_name)
# Create one volume on the pool.
volume_name = params.get("vol_name")
volume_alloc = params.get("vol_alloc")
volume_cap_unit = params.get("vol_cap_unit")
volume_cap = params.get("vol_cap")
volume_target_path = params.get("sec_volume")
volume_target_format = params.get("target_format")
volume_target_encypt = params.get("target_encypt", "")
volume_target_label = params.get("target_label")
vol_params = {"name": volume_name, "capacity": int(volume_cap),
"allocation": int(volume_alloc), "format":
volume_target_format, "path": volume_target_path,
"label": volume_target_label,
"capacity_unit": volume_cap_unit}
try:
# If Libvirt version is lower than 2.5.0
# Creating luks encryption volume is not supported,so skip it.
create_vol(pool_name, vol_params)
except AssertionError as info:
err_msgs = ("create: invalid option")
if str(info).count(err_msgs):
test.cancel("Creating luks encryption volume "
"is not supported on this libvirt version")
else:
test.error("Failed to create volume."
"Error: %s" % str(info))
disk_src_dict = {'attrs': {'file': volume_target_path}}
device_source = volume_target_path
elif backend_storage_type == "nbd":
# Get server hostname.
hostname = process.run('hostname', ignore_status=False, shell=True, verbose=True).stdout_text.strip()
# Setup backend storage
nbd_server_host = hostname
nbd_server_port = params.get("nbd_server_port")
image_path = params.get("emulated_image", "/var/lib/libvirt/images/nbdtest.img")
# Create NbdExport object
nbd = NbdExport(image_path, image_format=device_format,
port=nbd_server_port)
nbd.start_nbd_server()
# Prepare disk source xml
source_attrs_dict = {"protocol": "nbd"}
disk_src_dict = {}
disk_src_dict.update({"attrs": source_attrs_dict})
disk_src_dict.update({"hosts": [{"name": nbd_server_host, "port": nbd_server_port}]})
device_source = "nbd://%s:%s/%s" % (nbd_server_host,
nbd_server_port,
image_path)
logging.debug("device source is: %s", device_source)
# Add disk xml.
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
disk_xml = Disk(type_name=device_type)
disk_xml.device = device
disk_xml.target = {"dev": device_target, "bus": device_bus}
driver_dict = {"name": "qemu", "type": device_format}
disk_xml.driver = driver_dict
disk_source = disk_xml.new_disk_source(**disk_src_dict)
if disk_auth_dict:
logging.debug("disk auth dict is: %s" % disk_auth_dict)
disk_xml.auth = disk_xml.new_auth(**disk_auth_dict)
if disk_encryption_dict:
disk_encryption_dict = {"encryption": "luks",
"secret": {"type": "passphrase",
"uuid": luks_sec_uuid}}
disk_encryption = disk_xml.new_encryption(**disk_encryption_dict)
disk_xml.encryption = disk_encryption
disk_xml.source = disk_source
logging.debug("new disk xml is: %s", disk_xml)
# Sync VM xml except mirror_mode_blockcommit or mirror_mode_blockcopy
if (not mirror_mode_blockcommit and not mirror_mode_blockcopy):
vmxml.add_device(disk_xml)
try:
vmxml.sync()
vm.start()
vm.wait_for_login().close()
except xcepts.LibvirtXMLError as xml_error:
if not define_error:
test.fail("Failed to define VM:\n%s", str(xml_error))
except virt_vm.VMStartError as details:
# When use wrong password in disk xml for cold plug cases,
# VM cannot be started
if status_error:
logging.info("VM failed to start as expected: %s", str(details))
else:
test.fail("VM should start but failed: %s" % str(details))
func_name = trigger_block_threshold_event
# Additional operations before set block threshold
if backend_storage_type == "file":
logging.info("Create snapshot...")
snap_opt = " %s --disk-only "
snap_opt += "%s,snapshot=external,file=%s"
if default_snapshot_test:
for index in range(1, 5):
snapshot_name = "snapshot_%s" % index
snap_path = "%s/%s_%s.snap" % (tmp_dir, vm_name, index)
snapshot_external_disks.append(snap_path)
snap_option = snap_opt % (snapshot_name, device_target, snap_path)
virsh.snapshot_create_as(vm_name, snap_option,
ignore_status=False, debug=True)
if mirror_mode_blockcommit:
if not libvirt_version.version_compare(6, 6, 0):
test.cancel("Set threshold for disk mirroring feature is not supported on current version")
vmxml.del_device(disk_xml)
virsh.snapshot_create_as(vm_name, "--disk-only --no-metadata",
ignore_status=False, debug=True)
# Do active blockcommit in background.
blockcommit_options = "--active"
mirror_blockcommit_thread = threading.Thread(target=trigger_block_commit,
args=(vm_name, 'vda', blockcommit_options,),
kwargs={'debug': True})
mirror_blockcommit_thread.start()
device_target = "vda[1]"
func_name = trigger_mirror_threshold_event
if mirror_mode_blockcopy:
if not libvirt_version.version_compare(6, 6, 0):
test.cancel("Set threshold for disk mirroring feature is not supported on current version")
# Do transient blockcopy in backgroud.
blockcopy_options = "--transient-job "
# Do cleanup
if os.path.exists(dest_path):
libvirt.delete_local_disk("file", dest_path)
mirror_blockcopy_thread = threading.Thread(target=trigger_block_copy,
args=(vm_name, 'vda', dest_path, blockcopy_options,),
kwargs={'debug': True})
mirror_blockcopy_thread.start()
mirror_blockcopy_thread.join(10)
device_target = "vda[%d]" % get_mirror_source_index(vm_name)
func_name = trigger_mirror_threshold_event
set_vm_block_domblkthreshold(vm_name, device_target, block_threshold_value, **{"debug": True})
cli_thread = threading.Thread(target=func_name,
args=(vm, device_target))
cli_thread.start()
check_threshold_event(vm_name, event_type, block_threshold_timeout, block_threshold_option, **{"debug": True})
finally:
# Delete snapshots.
if virsh.domain_exists(vm_name):
#To delete snapshot, destroy VM first.
if vm.is_alive():
vm.destroy()
libvirt.clean_up_snapshots(vm_name, domxml=vmxml_backup)
vmxml_backup.sync("--snapshots-metadata")
if os.path.exists(img_file):
libvirt.delete_local_disk("file", img_file)
for img in disks_img:
if os.path.exists(img["path"]):
libvirt.delete_local_disk("file", img["path"])
for disk in snapshot_external_disks:
libvirt.delete_local_disk('file', disk)
if os.path.exists(dest_path):
libvirt.delete_local_disk("file", dest_path)
# Clean up backend storage
if backend_storage_type == "iscsi":
libvirt.setup_or_cleanup_iscsi(is_setup=False)
elif backend_storage_type == "gluster":
gluster.setup_or_cleanup_gluster(is_setup=False,
vol_name=gluster_vol_name,
pool_name=gluster_pool_name,
**params)
elif backend_storage_type == "ceph":
# Remove ceph configure file if created.
if ceph_cfg:
os.remove(ceph_cfg)
cmd = ("rbd -m {0} {1} info {2} && rbd -m {0} {1} rm "
"{2}".format(ceph_mon_ip, key_opt, ceph_disk_name))
cmd_result = process.run(cmd, ignore_status=True, shell=True)
logging.debug("result of rbd removal: %s", cmd_result)
if os.path.exists(key_file):
os.remove(key_file)
elif backend_storage_type == "nfs":
result = process.run("setsebool virt_use_nfs off",
shell=True)
if result.exit_status:
logging.info("Failed to restore virt_use_nfs value")
elif backend_storage_type == "nbd":
if nbd:
try:
nbd.cleanup()
except Exception as ndbEx:
logging.info("Clean Up nbd failed: %s" % str(ndbEx))
# Clean up secrets
if auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
if luks_sec_uuid:
virsh.secret_undefine(luks_sec_uuid)
# Clean up pools
if pvt:
pvt.cleanup_pool(pool_name, pool_type, pool_target, emulated_image)
def run(test, params, env):
"""
Test the pull-mode backup function
Steps:
1. create a vm with extra disk vdb
2. create some data on vdb
3. start a pull mode full backup on vdb
4. monitor block-threshold event on scratch file/dev
5. create some data on vdb's same position as step 2 to trigger event
6. check the block-threshold event captured
"""
# Basic case config
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
original_disk_size = params.get("original_disk_size", "100M")
original_disk_type = params.get("original_disk_type", "local")
original_disk_target = params.get("original_disk_target", "vdb")
event_type = params.get("event_type")
usage_threshold = params.get("usage_threshold", "100")
tmp_dir = data_dir.get_tmp_dir()
local_hostname = params.get("loal_hostname", "localhost")
# Backup config
scratch_type = params.get("scratch_type", "file")
reuse_scratch_file = "yes" == params.get("reuse_scratch_file")
scratch_blkdev_size = params.get("scratch_blkdev_size", original_disk_size)
# NBD service config
nbd_protocol = params.get("nbd_protocol", "unix")
nbd_socket = params.get("nbd_socket", "/tmp/pull_backup.socket")
nbd_tcp_port = params.get("nbd_tcp_port", "10809")
nbd_hostname = local_hostname
# LUKS config
scratch_luks_encrypted = "yes" == params.get("scratch_luks_encrypted")
luks_passphrase = params.get("luks_passphrase", "password")
# Open a new virsh session for event monitor
virsh_session = aexpect.ShellSession(virsh.VIRSH_EXEC, auto_close=True)
# Cancel the test if libvirt support related functions
if not libvirt_version.version_compare(7, 0, 0):
test.cancel("Current libvirt version doesn't support "
"event monitor for incremental backup.")
def get_backup_disk_index(vm_name, disk_name):
"""
Get the index of the backup disk to be monitored by the virsh event
:param vm_name: vm name
:param disk_name: virtual disk name, such as 'vdb'
:return: the index of the virtual disk in backup xml
"""
backup_xml = virsh.backup_dumpxml(vm_name).stdout.strip()
logging.debug("%s's current backup xml is: %s" % (vm_name, backup_xml))
backup_xml_dom = xml_utils.XMLTreeFile(backup_xml)
index_xpath = "/disks/disk"
for disk_element in backup_xml_dom.findall(index_xpath):
if disk_element.get("name") == disk_name:
return disk_element.get("index")
def is_event_captured(virsh_session, re_pattern):
"""
Check if event captured
:param virsh_session: the virsh session of the event monitor
:param re_pattern: the re pattern used to represent the event
:return: True means event captured, False means not
"""
ret_output = virsh_session.get_stripped_output()
if (not re.search(re_pattern, ret_output, re.IGNORECASE)):
return False
logging.debug("event monitor output: %s", ret_output)
return True
try:
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
# Make sure thedisk_element.getre is no checkpoint metadata before test
utils_backup.clean_checkpoints(vm_name)
# Backup vm xml
vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
vmxml_backup = vmxml.copy()
utils_backup.enable_inc_backup_for_vm(vm)
# Prepare libvirt secret
if scratch_luks_encrypted:
utils_secret.clean_up_secrets()
luks_secret_uuid = libvirt.create_secret(params)
virsh.secret_set_value(luks_secret_uuid,
luks_passphrase,
encode=True,
debug=True)
# Prepare the disk to be backuped.
disk_params = {}
disk_path = ""
image_name = "{}_image.qcow2".format(original_disk_target)
disk_path = os.path.join(tmp_dir, image_name)
libvirt.create_local_disk("file", disk_path, original_disk_size,
"qcow2")
disk_params = {
"device_type": "disk",
"type_name": "file",
"driver_type": "qcow2",
"target_dev": original_disk_target,
"source_file": disk_path
}
disk_params["target_dev"] = original_disk_target
disk_xml = libvirt.create_disk_xml(disk_params)
virsh.attach_device(vm.name, disk_xml, flagstr="--config", debug=True)
vm.start()
session = vm.wait_for_login()
new_disks_in_vm = list(utils_disk.get_linux_disks(session).keys())
session.close()
if len(new_disks_in_vm) != 1:
test.fail("Test disk not prepared in vm")
# Use the newly added disk as the test disk
test_disk_in_vm = "/dev/" + new_disks_in_vm[0]
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
vm_disks = list(vmxml.get_disk_all().keys())
checkpoint_list = []
backup_file_list = []
# Prepare backup xml
backup_params = {"backup_mode": "pull"}
# Set libvirt default nbd export name and bitmap name
nbd_export_name = original_disk_target
nbd_bitmap_name = "backup-" + original_disk_target
backup_server_dict = {}
if nbd_protocol == "unix":
backup_server_dict["transport"] = "unix"
backup_server_dict["socket"] = nbd_socket
else:
backup_server_dict["name"] = nbd_hostname
backup_server_dict["port"] = nbd_tcp_port
backup_params["backup_server"] = backup_server_dict
backup_disk_xmls = []
for vm_disk in vm_disks:
backup_disk_params = {"disk_name": vm_disk}
if vm_disk != original_disk_target:
backup_disk_params["enable_backup"] = "no"
else:
backup_disk_params["enable_backup"] = "yes"
backup_disk_params["disk_type"] = scratch_type
# Prepare nbd scratch file/dev params
scratch_params = {"attrs": {}}
scratch_path = None
if scratch_type == "file":
scratch_file_name = "scratch_file"
scratch_path = os.path.join(tmp_dir, scratch_file_name)
if reuse_scratch_file:
libvirt.create_local_disk("file", scratch_path,
original_disk_size, "qcow2")
scratch_params["attrs"]["file"] = scratch_path
elif scratch_type == "block":
scratch_path = libvirt.setup_or_cleanup_iscsi(
is_setup=True, image_size=scratch_blkdev_size)
scratch_params["attrs"]["dev"] = scratch_path
else:
test.fail("We do not support backup scratch type: '%s'" %
scratch_type)
if scratch_luks_encrypted:
encryption_dict = {
"encryption": "luks",
"secret": {
"type": "passphrase",
"uuid": luks_secret_uuid
}
}
scratch_params["encryption"] = encryption_dict
logging.debug("scratch params: %s", scratch_params)
backup_disk_params["backup_scratch"] = scratch_params
backup_disk_xml = utils_backup.create_backup_disk_xml(
backup_disk_params)
backup_disk_xmls.append(backup_disk_xml)
logging.debug("disk list %s", backup_disk_xmls)
backup_xml = utils_backup.create_backup_xml(backup_params,
backup_disk_xmls)
logging.debug("Backup Xml: %s", backup_xml)
# Prepare checkpoint xml
checkpoint_name = "checkpoint"
checkpoint_list.append(checkpoint_name)
cp_params = {"checkpoint_name": checkpoint_name}
cp_params["checkpoint_desc"] = params.get("checkpoint_desc",
"desc of cp")
disk_param_list = []
for vm_disk in vm_disks:
cp_disk_param = {"name": vm_disk}
if vm_disk != original_disk_target:
cp_disk_param["checkpoint"] = "no"
else:
cp_disk_param["checkpoint"] = "bitmap"
cp_disk_bitmap = params.get("cp_disk_bitmap")
if cp_disk_bitmap:
cp_disk_param["bitmap"] = cp_disk_bitmap
disk_param_list.append(cp_disk_param)
checkpoint_xml = utils_backup.create_checkpoint_xml(
cp_params, disk_param_list)
logging.debug("Checkpoint Xml: %s", checkpoint_xml)
# Generate some random data in vm's test disk
def dd_data_to_testdisk():
"""
Generate some data to vm's test disk
"""
dd_count = "1"
dd_seek = "10"
dd_bs = "1M"
session = vm.wait_for_login()
utils_disk.dd_data_to_vm_disk(session, test_disk_in_vm, dd_bs,
dd_seek, dd_count)
session.close()
dd_data_to_testdisk()
# Start backup
backup_options = backup_xml.xml + " " + checkpoint_xml.xml
if reuse_scratch_file:
backup_options += " --reuse-external"
backup_result = virsh.backup_begin(vm_name, backup_options, debug=True)
# Start to monitor block-threshold of backup disk's scratch file/dev
backup_disk_index = get_backup_disk_index(vm_name,
original_disk_target)
if not backup_disk_index:
test.fail("Backup xml has no index for disks.")
backup_disk_obj = original_disk_target + "[%s]" % backup_disk_index
virsh.domblkthreshold(
vm_name, original_disk_target + "[%s]" % backup_disk_index,
usage_threshold)
event_cmd = "event %s %s --loop" % (vm_name, event_type)
virsh_session.sendline(event_cmd)
# Generate some random data to same position of vm's test disk
dd_data_to_testdisk()
# Check if the block-threshold event captured by monitor
if event_type == "block-threshold":
event_pattern = (".*block-threshold.*%s.*%s\[%s\].* %s .*" %
(vm_name, original_disk_target, backup_disk_index,
usage_threshold))
if not utils_misc.wait_for(
lambda: is_event_captured(virsh_session, event_pattern), 10):
test.fail("Event not captured by event monitor")
# Abort backup job
virsh.domjobabort(vm_name, debug=True)
finally:
# Remove checkpoints
if "checkpoint_list" in locals() and checkpoint_list:
for checkpoint_name in checkpoint_list:
virsh.checkpoint_delete(vm_name, checkpoint_name)
if vm.is_alive():
vm.destroy(gracefully=False)
# Restoring vm
vmxml_backup.sync()
# Remove libvirt secret
if "luks_secret_uuid" in locals():
virsh.secret_undefine(luks_secret_uuid, ignore_status=True)
# Remove iscsi devices
if scratch_type == "block":
libvirt.setup_or_cleanup_iscsi(False)
# Remove scratch file
if "scratch_path" in locals():
if scratch_type == "file" and os.path.exists(scratch_path):
os.remove(scratch_path)
def run(test, params, env):
"""
Test push-mode incremental backup
Steps:
1. create a vm with extra disk vdb
2. create some data on vdb in vm
3. start a push mode full backup on vdb
4. create some data on vdb in vm
5. start a push mode incremental backup
6. repeat step 4 and 5 as required
7. check the full/incremental backup file data
"""
def backup_job_done(vm_name, vm_disk):
"""
Check if a backup job for a vm's specific disk is finished.
:param vm_name: vm's name
:param vm_disk: the disk to be checked, such as 'vdb'
:return: 'True' means job finished
"""
result = virsh.blockjob(vm_name, vm_disk, debug=True)
if "no current block job" in result.stdout_text.strip().lower():
return True
# Cancel the test if libvirt version is too low
if not libvirt_version.version_compare(6, 0, 0):
test.cancel("Current libvirt version doesn't support "
"incremental backup.")
hotplug_disk = "yes" == params.get("hotplug_disk", "no")
original_disk_size = params.get("original_disk_size", "100M")
original_disk_type = params.get("original_disk_type", "local")
original_disk_target = params.get("original_disk_target", "vdb")
target_driver = params.get("target_driver", "qcow2")
target_type = params.get("target_type", "file")
target_blkdev_path = params.get("target_blkdev_path")
target_blkdev_size = params.get("target_blkdev_size", original_disk_size)
reuse_target_file = "yes" == params.get("reuse_target_file")
prepare_target_file = "yes" == params.get("prepare_target_file")
prepare_target_blkdev = "yes" == params.get("prepare_target_blkdev")
backup_rounds = int(params.get("backup_rounds", 3))
backup_error = "yes" == params.get("backup_error")
tmp_dir = data_dir.get_data_dir()
virsh_dargs = {'debug': True, 'ignore_status': True}
try:
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
# Make sure there is no checkpoint metadata before test
utils_backup.clean_checkpoints(vm_name)
# Backup vm xml
vmxml = vm_xml.VMXML.new_from_inactive_dumpxml(vm_name)
vmxml_backup = vmxml.copy()
utils_backup.enable_inc_backup_for_vm(vm)
# Prepare the disk to be backuped.
disk_params = {}
disk_path = ""
if original_disk_type == "local":
image_name = "{}_image.qcow2".format(original_disk_target)
disk_path = os.path.join(tmp_dir, image_name)
libvirt.create_local_disk("file", disk_path, original_disk_size,
"qcow2")
disk_params = {
"device_type": "disk",
"type_name": "file",
"driver_type": "qcow2",
"target_dev": original_disk_target,
"source_file": disk_path
}
if original_disk_target:
disk_params["target_dev"] = original_disk_target
elif original_disk_type == "ceph":
ceph_mon_host = params.get("ceph_mon_host",
"EXAMPLE_MON_HOST_AUTHX")
ceph_host_port = params.get("ceph_host_port", "EXAMPLE_PORT")
ceph_pool_name = params.get("ceph_pool_name", "EXAMPLE_POOL")
ceph_file_name = params.get("ceph_file_name", "EXAMPLE_FILE")
ceph_disk_name = ceph_pool_name + "/" + ceph_file_name
ceph_client_name = params.get("ceph_client_name",
"EXAMPLE_CLIENT_NAME")
ceph_client_key = params.get("ceph_client_key",
"EXAMPLE_CLIENT_KEY")
ceph_auth_user = params.get("ceph_auth_user", "EXAMPLE_AUTH_USER")
ceph_auth_key = params.get("ceph_auth_key", "EXAMPLE_AUTH_KEY")
auth_sec_usage_type = "ceph"
enable_auth = "yes" == params.get("enable_auth", "yes")
key_file = os.path.join(tmp_dir, "ceph.key")
key_opt = ""
# Prepare a blank params to confirm if delete the configure at the end of the test
ceph_cfg = ""
if not utils_package.package_install(["ceph-common"]):
test.error("Failed to install ceph-common")
# Create config file if it doesn't exist
ceph_cfg = ceph.create_config_file(ceph_mon_host)
if enable_auth:
# If enable auth, prepare a local file to save key
if ceph_client_name and ceph_client_key:
with open(key_file, 'w') as f:
f.write("[%s]\n\tkey = %s\n" %
(ceph_client_name, ceph_client_key))
key_opt = "--keyring %s" % key_file
auth_sec_dict = {
"sec_usage": auth_sec_usage_type,
"sec_name": "ceph_auth_secret"
}
auth_sec_uuid = libvirt.create_secret(auth_sec_dict)
virsh.secret_set_value(auth_sec_uuid,
ceph_auth_key,
debug=True)
disk_params_auth = {
"auth_user": ceph_auth_user,
"secret_type": auth_sec_usage_type,
"secret_uuid": auth_sec_uuid,
"auth_in_source": True
}
else:
test.error("No ceph client name/key provided.")
disk_path = "rbd:%s:mon_host=%s:keyring=%s" % (
ceph_disk_name, ceph_mon_host, key_file)
ceph.rbd_image_rm(ceph_mon_host, ceph_pool_name, ceph_file_name,
ceph_cfg, key_file)
process.run("qemu-img create -f qcow2 %s %s" %
(disk_path, original_disk_size),
shell=True,
verbose=True)
disk_params = {
'device_type': 'disk',
'type_name': 'network',
"driver_type": "qcow2",
'target_dev': original_disk_target
}
disk_params_src = {
'source_protocol': 'rbd',
'source_name': ceph_disk_name,
'source_host_name': ceph_mon_host,
'source_host_port': ceph_host_port
}
disk_params.update(disk_params_src)
disk_params.update(disk_params_auth)
else:
test.error("The disk type '%s' not supported in this script." %
original_disk_type)
if hotplug_disk:
vm.start()
session = vm.wait_for_login().close()
disk_xml = libvirt.create_disk_xml(disk_params)
virsh.attach_device(vm_name, disk_xml, debug=True)
else:
disk_xml = libvirt.create_disk_xml(disk_params)
virsh.attach_device(vm.name,
disk_xml,
flagstr="--config",
debug=True)
vm.start()
session = vm.wait_for_login()
new_disks_in_vm = list(utils_disk.get_linux_disks(session).keys())
session.close()
if len(new_disks_in_vm) != 1:
test.fail("Test disk not prepared in vm")
# Use the newly added disk as test disk
test_disk_in_vm = "/dev/" + new_disks_in_vm[0]
vmxml = vm_xml.VMXML.new_from_dumpxml(vm_name)
vm_disks = list(vmxml.get_disk_all().keys())
checkpoint_list = []
is_incremental = False
backup_path_list = []
for backup_index in range(backup_rounds):
# Prepare backup xml
backup_params = {"backup_mode": "push"}
if backup_index > 0:
is_incremental = True
backup_params["backup_incremental"] = "checkpoint_" + str(
backup_index - 1)
backup_disk_xmls = []
for vm_disk in vm_disks:
backup_disk_params = {"disk_name": vm_disk}
if vm_disk != original_disk_target:
backup_disk_params["enable_backup"] = "no"
else:
backup_disk_params["enable_backup"] = "yes"
backup_disk_params["disk_type"] = target_type
target_params = {"attrs": {}}
if target_type == "file":
target_file_name = "target_file_%s" % backup_index
target_file_path = os.path.join(
tmp_dir, target_file_name)
if prepare_target_file:
libvirt.create_local_disk("file", target_file_path,
original_disk_size,
target_driver)
target_params["attrs"]["file"] = target_file_path
backup_path_list.append(target_file_path)
elif target_type == "block":
if prepare_target_blkdev:
target_blkdev_path = libvirt.setup_or_cleanup_iscsi(
is_setup=True, image_size=target_blkdev_size)
target_params["attrs"]["dev"] = target_blkdev_path
backup_path_list.append(target_blkdev_path)
else:
test.fail(
"We do not support backup target type: '%s'" %
target_type)
logging.debug("target params: %s", target_params)
backup_disk_params["backup_target"] = target_params
driver_params = {"type": target_driver}
backup_disk_params["backup_driver"] = driver_params
backup_disk_xml = utils_backup.create_backup_disk_xml(
backup_disk_params)
backup_disk_xmls.append(backup_disk_xml)
logging.debug("disk list %s", backup_disk_xmls)
backup_xml = utils_backup.create_backup_xml(
backup_params, backup_disk_xmls)
logging.debug("ROUND_%s Backup Xml: %s", backup_index, backup_xml)
# Prepare checkpoint xml
checkpoint_name = "checkpoint_%s" % backup_index
checkpoint_list.append(checkpoint_name)
cp_params = {"checkpoint_name": checkpoint_name}
cp_params["checkpoint_desc"] = params.get(
"checkpoint_desc", "desc of cp_%s" % backup_index)
disk_param_list = []
for vm_disk in vm_disks:
cp_disk_param = {"name": vm_disk}
if vm_disk != original_disk_target:
cp_disk_param["checkpoint"] = "no"
else:
cp_disk_param["checkpoint"] = "bitmap"
cp_disk_bitmap = params.get("cp_disk_bitmap")
if cp_disk_bitmap:
cp_disk_param["bitmap"] = cp_disk_bitmap + str(
backup_index)
disk_param_list.append(cp_disk_param)
checkpoint_xml = utils_backup.create_checkpoint_xml(
cp_params, disk_param_list)
logging.debug("ROUND_%s Checkpoint Xml: %s", backup_index,
checkpoint_xml)
# Start backup
backup_options = backup_xml.xml + " " + checkpoint_xml.xml
# Create some data in vdb
dd_count = "1"
dd_seek = str(backup_index * 10 + 10)
dd_bs = "1M"
session = vm.wait_for_login()
utils_disk.dd_data_to_vm_disk(session, test_disk_in_vm, dd_bs,
dd_seek, dd_count)
session.close()
if reuse_target_file:
backup_options += " --reuse-external"
backup_result = virsh.backup_begin(vm_name,
backup_options,
debug=True)
if backup_result.exit_status:
raise utils_backup.BackupBeginError(
backup_result.stderr.strip())
# Wait for the backup job actually finished
if not utils_misc.wait_for(
lambda: backup_job_done(vm_name, original_disk_target),
60):
test.fail("Backup job not finished in 60s")
for checkpoint_name in checkpoint_list:
virsh.checkpoint_delete(vm_name, checkpoint_name, debug=True)
if vm.is_alive():
vm.destroy(gracefully=False)
# Compare the backup data and original data
original_data_file = os.path.join(tmp_dir, "original_data.qcow2")
cmd = "qemu-img convert -f qcow2 %s -O qcow2 %s" % (disk_path,
original_data_file)
process.run(cmd, shell=True, verbose=True)
for backup_path in backup_path_list:
if target_driver == "qcow2":
# Clear backup image's backing file before comparison
qemu_cmd = ("qemu-img rebase -u -f qcow2 -b '' -F qcow2 %s" %
backup_path)
process.run(qemu_cmd, shell=True, verbose=True)
if not utils_backup.cmp_backup_data(
original_data_file,
backup_path,
backup_file_driver=target_driver):
test.fail("Backup and original data are not identical for"
"'%s' and '%s'" % (disk_path, backup_path))
else:
logging.debug("'%s' contains correct backup data", backup_path)
except utils_backup.BackupBeginError as details:
if backup_error:
logging.debug("Backup failed as expected.")
else:
test.fail(details)
finally:
# Remove checkpoints
if "checkpoint_list" in locals() and checkpoint_list:
for checkpoint_name in checkpoint_list:
virsh.checkpoint_delete(vm_name, checkpoint_name)
if vm.is_alive():
vm.destroy(gracefully=False)
# Restoring vm
vmxml_backup.sync()
# Remove local backup file
if "target_file_path" in locals():
if os.path.exists(target_file_path):
os.remove(target_file_path)
# Remove iscsi devices
libvirt.setup_or_cleanup_iscsi(False)
# Remove ceph related data
if original_disk_type == "ceph":
ceph.rbd_image_rm(ceph_mon_host, ceph_pool_name, ceph_file_name,
ceph_cfg, key_file)
if "auth_sec_uuid" in locals() and auth_sec_uuid:
virsh.secret_undefine(auth_sec_uuid)
if "ceph_cfg" in locals() and os.path.exists(ceph_cfg):
os.remove(ceph_cfg)
if os.path.exists(key_file):
os.remove(key_file)