v2v: download/stream disks via Libvirt API
Hi, I want to add a utility to VDSM that stream domains disks from Libvirt remote machine to oVirt. This utility is needed for importing kvm based VMs to oVirt, currently we are importing VMWare and Xen VMs via virt-v2v which doesn't support kvm based VMs. The tool should mimic virt-v2v output for smooth integration for v2v module in VDSM. As I see it the VDSM will parse the domain xml pass to the utility the source disks keys (remote path) and will prepare local image for the streaming: $ kvmstream --uri qemu://mydomain.com/system --in /remote/disk1.img,/remote/disk2.img --out /local/disk1.img,/local/disk2.img The underline implementation is: VDSM parse domain xml looks for storage disks, prepare images pass to the utility the local/remove disks, The utility open connection to remote Libvirt use storageVolLookupByPath to locate each remote disk and uses virStorageVolDownload(remote, local) to stream the disks to VDSM. POC is ready download images with virt-v2v output, Any suggestions/notes? Thanks, Shahar Havivi.
--71HqOpIs2EoB4bDA3OeU7UTaL9CTVAwoe Content-Type: multipart/mixed; boundary="pHLa7fp6p2BbmFcA4G3Dc1hq9haatxSRs" From: Sven Kieske <s.kieske@mittwald.de> To: devel@ovirt.org Message-ID: <57061FA4.3060703@mittwald.de> X-Authenticated-mymxserver.com: Yes Subject: Re: [ovirt-devel] v2v: download/stream disks via Libvirt API References: <20160407081401.GE18760@redhat.com> In-Reply-To: <20160407081401.GE18760@redhat.com> --pHLa7fp6p2BbmFcA4G3Dc1hq9haatxSRs Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 07/04/16 10:14, Shahar Havivi wrote:
Any suggestions/notes? = = =20 =20 Very cool feature, but I have a question:
Would it be possible to tunnel this through ssh or other TCP Connections over the network? Because in many cases you don't want to stream sensible data via unencrypted connections or you just have ssh access to special servers. --=20 Mit freundlichen Gr=FC=DFen / Regards Sven Kieske Systemadministrator Mittwald CM Service GmbH & Co. KG K=F6nigsberger Stra=DFe 6 32339 Espelkamp T: +495772 293100 F: +495772 293333 https://www.mittwald.de Gesch=E4ftsf=FChrer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhause= n Komplement=E4rin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynha= usen --pHLa7fp6p2BbmFcA4G3Dc1hq9haatxSRs-- --71HqOpIs2EoB4bDA3OeU7UTaL9CTVAwoe Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJXBh+kAAoJEMby9TMDAbQRYScP/RosfVXvbmSiQZktXfyyM/Yt JY9tVbWjhMP/Ey3TJhjunu3g26zpDY4jFC1Ehx3X+TzelSmjbOQZ6+orMAlba1VL TNiKqNNQDczEfUD02bx5YO1W875QjjY7I5I7uM4V3tPQBxUY4rgZYo+PLuRCqs+J pr9v8FzR1q/zEb7qeXJWf2sNIXR5Pgp1I0/8HjRjhc2nEpHXDPhgbQA4p1oUvLWn ZtwB8PiDTZC4eQLOc/2FFylTMiWfIZxTImLAIXRICSJ3lnlL7buB9iHN/v2/7zqH yanhWzqjGhZlq3OmJ8YtuQhF70fyVTw7MwUS09Hi9wnsylDMYlQS6YcXUEJUgMKL A6VilVcQr8YhhzancGx0uQ0MVRYVYYT6kBK1+pnk08TrkXDAIvyrkS/yMREeztov f+w3qrUhsSj0XcYkQf5qQnBPq1kPfXZa3eivmm48cCyg4/6Gs8T5IHg3G00w86fD POFldGyKTYWcJ3MkjLNcxOsj61kkHYahuvg6RoqrBwnW+htaUlBGOua/cH5WTwUK cqsrCLxNHXY08WFFxI5avPOhshbXu3gx4k/rCHxeEs2SBmlJaXNn3vEGu7NYjaeB V3pRJCij2dVVGUZGcf+nASmc6i0ZA6FCnVev5BMjWI8t6Ml4ITVaHUvP5AjxMh83 jpY2g4PitJcSS65GkMdr =sHaU -----END PGP SIGNATURE----- --71HqOpIs2EoB4bDA3OeU7UTaL9CTVAwoe--
On 07.04.16 10:51, Sven Kieske wrote:
On 07/04/16 10:14, Shahar Havivi wrote:
Any suggestions/notes?
Very cool feature, but I have a question:
Would it be possible to tunnel this through ssh or other TCP Connections over the network? Good point, I am sure its possible but I don't think we need that since this feature is for importing VM inside one organization on the LAN (not WAN) from one solution (Libvirt Management) to another solution (oVirt Management).
Because in many cases you don't want to stream sensible data via unencrypted connections or you just have ssh access to special servers.
-- Mit freundlichen Grüßen / Regards
Sven Kieske
Systemadministrator Mittwald CM Service GmbH & Co. KG Königsberger Straße 6 32339 Espelkamp T: +495772 293100 F: +495772 293333 https://www.mittwald.de Geschäftsführer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
On Thu, Apr 7, 2016 at 11:51 AM, Sven Kieske <s.kieske@mittwald.de> wrote:
On 07/04/16 10:14, Shahar Havivi wrote:
Any suggestions/notes?
Very cool feature, but I have a question:
Would it be possible to tunnel this through ssh or other TCP Connections over the network?
If it's using libvirt underneath, one should make sure Libvirt is configured with security[1] and we should support it. The URI can use TLS with X509. Note that there's quite of an overhead using it. [1] http://libvirt.org/guide/html/Application_Development_Guide-Architecture-Rem... Y.
Because in many cases you don't want to stream sensible data via unencrypted connections or you just have ssh access to special servers.
-- Mit freundlichen Grüßen / Regards
Sven Kieske
Systemadministrator Mittwald CM Service GmbH & Co. KG Königsberger Straße 6 32339 Espelkamp T: +495772 293100 F: +495772 293333 https://www.mittwald.de Geschäftsführer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
On Thu, Apr 7, 2016 at 11:51 AM, Sven Kieske <s.kieske@mittwald.de> wrote:
On 07/04/16 10:14, Shahar Havivi wrote:
Any suggestions/notes?
Very cool feature, but I have a question:
Would it be possible to tunnel this through ssh or other TCP Connections over the network?
If it's using libvirt underneath, one should make sure Libvirt is configured with security[1] and we should support it. The URI can use TLS with X509. Note that there's quite of an overhead using it. [1] http://libvirt.org/guide/html/Application_Development_Guide-Architecture-Rem... Y.
On 07.04.16 12:31, Yaniv Kaul wrote: true you can use qemu+ssh in the uri protocol.
Because in many cases you don't want to stream sensible data via unencrypted connections or you just have ssh access to special servers.
-- Mit freundlichen Grüßen / Regards
Sven Kieske
Systemadministrator Mittwald CM Service GmbH & Co. KG Königsberger Straße 6 32339 Espelkamp T: +495772 293100 F: +495772 293333 https://www.mittwald.de Geschäftsführer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
participants (3)
-
Shahar Havivi -
Sven Kieske -
Yaniv Kaul