[libvirt PATCH v2 01/16] schema: allow 'ssh' as a protocol for network disks

Peter Krempa pkrempa at redhat.com
Mon Sep 19 14:00:12 UTC 2022 

On Wed, Aug 31, 2022 at 13:40:46 -0500, Jonathon Jongsma wrote:
> There was support in the code for parsing protocol='ssh' on network disk
> sources, but it was not present in the xml schema. Add this to the
> schema and mention it in the documentation.

The problem here is that it doesn't really work well. The 'ssh' disk was
added internally to handle very specific cases where a 'ssh'-accessed
disk is part of the backing store of an image, to avoid reporting an
error about unknown protocol.

When used as backing store the specific use case there were additional
fields passed in the backing store string to configure authentication
via ssh agent.

All of that requires extra configuration which can't be done via libvirt
(e.g. agent socket is passed in via environment variable).

All of this makes specifying the 'ssh' disk basically unusable when
configured via the XML.

To be correct we indeed should put the 'ssh' disk into schema though ...


> Signed-off-by: Jonathon Jongsma <jjongsma at redhat.com>
> ---
>  docs/formatdomain.rst                         |  2 +-
>  src/conf/schemas/domaincommon.rng             |  1 +
>  .../disk-network-ssh.x86_64-latest.args       | 36 +++++++++++++++++++
>  tests/qemuxml2argvdata/disk-network-ssh.xml   | 31 ++++++++++++++++
>  tests/qemuxml2argvtest.c                      |  1 +
>  5 files changed, 70 insertions(+), 1 deletion(-)
>  create mode 100644 tests/qemuxml2argvdata/disk-network-ssh.x86_64-latest.args
>  create mode 100644 tests/qemuxml2argvdata/disk-network-ssh.xml
> 
> diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
> index 34e4906eb4..4222605ede 100644
> --- a/docs/formatdomain.rst
> +++ b/docs/formatdomain.rst
> @@ -2709,7 +2709,7 @@ paravirtualized driver is specified via the ``disk`` element.
>     ``network``
>        The ``protocol`` attribute specifies the protocol to access to the
>        requested image. Possible values are "nbd", "iscsi", "rbd", "sheepdog",
> -      "gluster", "vxhs", "nfs", "http", "https", "ftp", ftps", or "tftp".
> +      "gluster", "vxhs", "nfs", "http", "https", "ftp", ftps", "tftp", or "ssh".

... but at the very least we should warn that 'ssh' simply won't work
for users.

More information about the libvir-list mailing list