[libvirt] [PATCH v5 4/5] storage: Support "chap" authentication for iscsi pool
Osier Yang
jyang at redhat.com
Wed Jul 24 09:28:44 UTC 2013
On 24/07/13 16:25, Ján Tomko wrote:
> On 07/23/2013 04:56 PM, Daniel P. Berrange wrote:
>> On Tue, Jul 23, 2013 at 10:47:46AM -0400, John Ferlan wrote:
>>> On 07/23/2013 10:18 AM, Ján Tomko wrote:
>>>> On 07/22/2013 10:31 PM, John Ferlan wrote:
>>>>
>>>>> ---
>>>>> src/storage/storage_backend_iscsi.c | 111 +++++++++++++++++++++++++++++++++++-
>>>>> 1 file changed, 110 insertions(+), 1 deletion(-)
>>>>>
>>>> I can confirm this works, but it's a shame it doesn't work on autostart.
>>>>
>>>> ACK if you clarify the error.
>>>>
>>>> Jan
>>>>
>>> The autostart changes require getting a connection to the secret
>>> driver which I felt may take more time than I had to figure out
>>> how to get to work properly...
>>>
>>> In any case, I adjusted the message as follows (same in 5/5):
>>>
>>> diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_backend_i
>>> index 388d6ed..ee8dd2e 100644
>>> --- a/src/storage/storage_backend_iscsi.c
>>> +++ b/src/storage/storage_backend_iscsi.c
>>> @@ -714,7 +714,8 @@ virStorageBackendISCSISetAuth(const char *portal,
>>>
>>> if (!conn) {
>>> virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
>>> - _("iscsi 'chap' authentication requires connection"));
>>> + _("iscsi 'chap' authentication not supported "
>>> + "for autostarted pools"));
>>> return -1;
>>> }
>> I noticed that the nwfilter already unconditionally calls virConnectOpen("qemu://system"); so we're already in fact suffering from the problem with
>> autostart having a qemu dependency.
>>
>> Given this, I'd support a patch which simply did
>>
>> conn = virConnectOpen(privilege ? "qemu:///system" : "qemu:///session");
>>
>> in storageDriverAutostart, provided that we ignore any errors from
>> virConnectOpen, and fallback to use NULL for the connection in that
>> case.
>>
>> Obviously this is something we'll still need to fix properly in a
>> future release, but at least it'll make autostart of storage pools
>> with auth work in the common case in the short term for this release.
>>
> Both secret and qemu drivers are registered after the storage driver on
> libvirtd startup, so autostarting these pools will only work on storage driver
> reload. On libvirtd startup it fails with:
> qemuConnectOpen:1033 : internal error qemu state driver is not active
oh, that's bad, fortunately we are just entering the freezing. nwfilter is
also loaded before qemu driver too, but it only creates the connection when
reloading. changing to load the storage and secret modules after qemu
module should be okay, unless there are other depedancies between those
modules in the middle.
>
> (And it seems nwfilter only opens the qemu:// connection on reload)
conn = virConnectOpen("qemu:///system");
>
> Jan
>
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
More information about the libvir-list
mailing list