IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
* Shareable only on supported hypervisors
* Fix disk-attach
* Restrict shareable disks to SHARED datastores
* On image clone: copy SHAREABLE depends on DEFAULT_IMAGE_PERSISTENT flag
* F #1345: KVM support for persistent luks volmes
Support for attaching a persistent qemu luks encrypted disk, created as
per the libvirt/qemu documentation.
Private secret must be defined on the hypervisor for decryption and the
image should contain "LUKS_SECRET" attribute.
1) Create the image and import into datastore:
# qemu-img create --object secret,id=sec0,data=secretphrase -o key-secret=sec0 -f luks volume 1G
2) Create the secret on the hypervisor:
# virsh secret-define volume-secret.xml
# MYSECRET=`printf %s "secretphrase" | base64`
# virsh secret-set-value $MYUUID $MYSECRET
# virsh secret-dumpxml $MYUUID
<secret ephemeral='no' private='yes'>
<uuid>$MYUUID</uuid>
<description>luks key</description>
<usage type='volume'>
<volume>rbd:one/one-123</volume>
</usage>
</secret>
3) Set the UUID in the image attributes, ie:
# oneimage show 123 |grep LUKS
LUKS_SECRET="$MYUUID"
This should allow the disk attach to decryt the luks image and
use as a normal disk within the VM.
Co-authored-by: Laurence <laurencegill@users.noreply.github.com>
This commit solves issues with creating new VM images based on the
docker images inside a container environment.
If fuse2fs command is present then prefer its use instead of the default
mount command which will work only under root or otherwise privileged
user.
This commit solves the mounting issue inside the rootless container
environment.
Also add a new environment file to the oned supervisord service so we
can start oned process with some additional env. variables - notably
DOCKER_HOST.
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
- Consistency set of FORMAT attribute for images, and volatile disks
- DRIVER does not be specified by the USER and it is derived from driver
configuration for the Datastore and TM driver
- CP action from DS_MAD now needs to return the image FORMAT
- FSTYPE is deprecated and no longer used
- FS new attribute to specify file system FS.
co-authored-by: Christian González <cgonzalez@opennebula.io>
