So the issue only appears with the Ocata UCA repo that provides the
2.5.0-3ubuntu5.6~cloud0 build. Why we are installing this in the
OpenStack CI upgrade jobs between Pike and Queens is beyond me but
something we should be able to correct outside of this bug.
Anyway, here are some notes on reproducing this using the Ocata UCA repo
:
- Update libvirt using the Ocata UCA repo
# add-apt-repository cloud-archive:ocata
# apt update
# apt upgrade
# dpkg -l | grep libvirt
ii libvirt-bin 2.5.0-3ubuntu5.6~cloud0
amd64 programs for the libvirt library
ii libvirt-clients 2.5.0-3ubuntu5.6~cloud0
amd64 Programs for the libvirt library
ii libvirt-daemon 2.5.0-3ubuntu5.6~cloud0
amd64 Virtualization daemon
ii libvirt-daemon-system 2.5.0-3ubuntu5.6~cloud0
amd64 Libvirt daemon configuration files
ii libvirt0:amd64 2.5.0-3ubuntu5.6~cloud0
amd64 library for interfacing with different virtualization systems
ii python-libvirt 3.0.0-2~cloud0
amd64 libvirt Python bindings
- Create a LUKS encrypted disk and associated secret containing the
required passphrase
# qemu-img create -f luks --object
secret,id=luks_sec,format=raw,data=1234 -o key-secret=luks_sec
/var/lib/libvirt/images/test.img 1G
# cat sec.xml
<secret ephemeral='no' private='yes'>
<uuid>8b0c5785-9e28-4c39-8b5d-21b42446ce35</uuid>
<usage type='volume'>
<volume>/var/lib/libvirt/images/test.img</volume>
</usage>
</secret>
# virsh secret-define sec.xml
# virsh secret-set-value 8b0c5785-9e28-4c39-8b5d-21b42446ce35 $(printf %s
"1234" | base64)
- Create a test domain to attach this disk to
wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img -O
/var/lib/libvirt/images/cirros-0.4.0-x86_64-disk.img
virt-install --import --name test --vcpus 1 --ram 512 --disk
path=/var/lib/libvirt/images/cirros-0.4.0-x86_64-disk.img --nographic
- Create the associated XML for the disk and attempt to attach it to the
domain
# cat disk.xml
<disk type="file" device="disk">
<driver name="qemu" type="qcow2" cache="none" io="native"/>
<source file="/var/lib/libvirt/images/test.img"/>
<target dev='vdb' bus='virtio'/>
<encryption format='luks'>
<secret type='passphrase' uuid='8b0c5785-9e28-4c39-8b5d-21b42446ce35'/>
</encryption>
</disk>
# virsh attach-device test disk.xml
error: Failed to attach device from disk.xml
error: unsupported configuration: luks encryption requires encrypted secrets to
be supported
- Upgrade to the Pike UCA and Libvirt 3.6.0:
# add-apt-repository cloud-archive:pike
# apt update
# apt upgrade
# dpkg -l | grep libvirt
ii libvirt-bin 3.6.0-1ubuntu6~cloud0
amd64 programs for the libvirt library
ii libvirt-clients 3.6.0-1ubuntu6~cloud0
amd64 Programs for the libvirt library
ii libvirt-daemon 3.6.0-1ubuntu6~cloud0
amd64 Virtualization daemon
ii libvirt-daemon-system 3.6.0-1ubuntu6~cloud0
amd64 Libvirt daemon configuration files
ii libvirt0:amd64 3.6.0-1ubuntu6~cloud0
amd64 library for interfacing with different virtualization systems
ii python-libvirt 3.5.0-1build1~cloud0
amd64 libvirt Python bindings
# systemctl restart libvirtd
# virsh attach-device test disk.xml
Device attached successfully
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1744758
Title:
libvirt 2.5.0-3ubuntu5.6~cloud0 appears to be compiled without gnutls
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1744758/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
