[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] Add support for (qcow*) volume encryption (v4)



Hello,
the following patches add full support for qcow/qcow2 volume encryption,
assuming a client that supports it.

(Main changes since the previous version:
 * Add "flags" argument to virSecretDefineXML(), virSecretGetXMLDesc(),
   virSecretSetValue(), virSecretGetValue()
 * Various clean-ups and bug fixes in the local secret storage driver
 * Make the Python API more consistent with other objects
 See the specific patch change logs for more details; patches without
 change logs are unchanged.)

New XML tags are defined to represent encryption parameters (currently
format and passphrase, more can be added in the future), e.g.
     <encryption format='qcow'>
       <secret type='passphrase'
               uuid='724d95f2-0ed2-6ff9-84d0-0f3d1618428d'/>
     </encryption>

The <encryption> tag can be added to a <volume> node passed to
virStorageVolCreateXML() to create an encrypted volume, or to a
<disk> node inside a <domain> to specify what encryption parameters to
use for a domain.

uuid above refers to a separately-managed secret, which was created
using virSecretDefineXML() and set using virSecretSetValue().  Other
properties of the secret can be managed using an XML representation.

Detailed documentation of the formats and features is inside the patches.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]