Can I enable cephx authentication using a pool in qemu/kvm?
As you say, the XML not include auth
stanza, that's why domain installation faild, but you can add the auth
part manual
Edit /usr/share/virt-manager/virtinst/guest.py
as follow
#vim /usr/share/virt-manager/virtinst/guest.py
import re
...
#define the auth
auth_secret = '''
<auth username='libvirt'>
<secret type='ceph' uuid='e63e4b32-280e-4b00-982a-9d3xxxxxxx'/>
</auth>
'''
ceph_monitors = '''
<host name='172.16.200.104' port='6789'/>
<host name='172.16.200.105' port='6789'/>
<host name='172.16.200.106' port='6789'/>
'''
#change func: _build_xml
def _build_xml(self, is_initial):
log_label = is_initial and "install" or "continue"
disk_boot = not is_initial
start_xml = self._get_install_xml(install=True, disk_boot=disk_boot)
final_xml = self._get_install_xml(install=False)
#add------------start
rgx_qemu = re.compile('(<driver name="qemu"[^>]*?>)')
rgx_auth = re.compile('(?<=<source protocol="rbd" name=")([^>]*?">).*?(?= *?</source>)',re.S)
start_xml = rgx_qemu.sub('\\1' + auth_secret,start_xml)
start_xml = rgx_auth.sub('\\1' + ceph_monitors,start_xml)
final_xml = rgx_qemu.sub('\\1' + auth_secret,final_xml)
final_xml = rgx_auth.sub('\\1' + ceph_monitors,final_xml)
#add------------end
logging.debug("Generated %s XML: %s",
log_label,
(start_xml and ("\n" + start_xml) or "None required"))
logging.debug("Generated boot XML: \n%s", final_xml)
return start_xml, final_xml
Then, run virt-install
again
sudo virt-install \
--connect qemu:///system \
--virt-type kvm \
--name $NAME \
--ram $RAM \
--vcpus=$VCPUS \
--disk vol=$POOL/$FILE \
--location /var/lib/libvirt/images/$IMAGE \
--vnc \
--noautoconsole \
--os-type linux \
--os-variant rhel7 \
--network=bridge:virbr0,model=virtio,mac=52:54:00:00:00:$MACLAST_HEX \
--autostart
More info http://www.isjian.com/ceph/virt-install-create-vm-use-rbd-pool/