Secure Encryption Virtualization is supported by libvirt and this
change adds support for vagrant-libvirt to enable it.
It requires a UEFI base box and needs a combination of options to be
configured for it to work.
Co-authored-by: PELLET Norman <norman.pellet@csem.ch>
Co-authored-by: MUNTANÉ CALVO Enric <emc@csem.ch>
Co-authored-by: Darragh Bailey <daragh.bailey@gmail.com>
Closes: #1372
Ensure the bootmenu is disabled by default. When not specified it will
default to the hypervisor default behaviour, however this is not
necessarily defined consistently across different distros. Therefore for
a consistent behaviour, simply ensure it is always configured to be off,
unless explicitly required to be enabled when the boot order is
configured.
Fixes: #947
For testing certain scenarios with vagrant-libvirt, need in the guest system a
value for the systems serial number in the DMI/SMBIOS system information.
The domain https://libvirt.org/formatdomain.html#smbios-system-information
format of libvirt allows to specify those values.
While adding `-smbios type=1,serial=$serial_value` to the `qemuargs` parameter
of the libvirt provider is already able to achieve this, a dedicated provider config
value adds native support from the `Vagrantfile` layering system. For example,
in the .box included Vagrantfile a random serial number can be enforced by
adding the following:
require 'securerandom'
Vagrant.configure("2") do |config|
config.vm.provider :libvirt do |libvirt|
libvirt.dmi_system_serial = SecureRandom.alphanumeric(8).upcase
end
end
Then in an instance specific Vagrantfile this value can be overwritten by adding:
Vagrant.configure("2") do |config|
config.vm.provider :libvirt do |libvirt|
libvirt.dmi_system_serial = "ABCDEFGH"
end
end
Co-authored-by: Nils Ballmann <nils.ballmann.ext@siemens.com>
Co-authored-by: Darragh Bailey <daragh.bailey@gmail.com>
With multi volume boxes, need to ensure that disk settings such as the
device assigned are resolved dynamically once it has been established
which devices have already been assigned to the box volumes on either
initial creation or subsequent boots.
Otherwise users are forced to always explicitly define the device for
additional storage instead of having it be automatically assigned the
next available device.
Consequently previous changes have broken the ability for machines
with additional storage to be halted and restarted correctly.
Include an integration test that for additional storage checks that the
machine can be stopped and started again.
Fixes: #1490
Libvirt did already change the current 9216kb
to 16384kb when starting a domain so in practice this is a no-op.
The libvirt default was changed in 2014 in 81ba2298b2
To make it easier to see when the XML generated has deviated from
expected, tidy up the emitted XML to use a more consistent formatting
that would be inline with what would be expected to be output by virsh
directly.
Re-enable handling of the disk_device domain volume setting to ensure it
can be overridden from the default of vda to a value chosen.
Provide a disk resolver to resolve devices after the box has been downloaded
so that initial devices can be correctly allocated and avoid conflicts with
additional disks added that would otherwise get assigned the same device.
Removes hack for destroy domain when more than one disk, as now devices
in the config are only present if provided by the configuration.
Fixes: #1353
It is more reliable to identify disk and network devices by use of
aliases, in addition to being able to establish in the absence of
information the purpose of such devices.
There is a possibility that in some cases this will also resolve issues
where the same device attach issued twice with the same details will
fail due to the second request not appearing to be honoured.
Additionally when destroying domains, may not have the relevant details
on how many disks are provided by the box, for those that support
multiple disks. Being able to traverse the domain XML and destroy the
appropriate volumes based on aliases names will remove the need to have
predictable device identifiers during the destroy and allow for an
improved resolver.
Relates: #1342
Adjust create domain tests to exercise both with a box defined and
undefined. Switch the default vagrantfile definition to have a box
defined as it is the expected behaviour.
Ensure the source Vagrantfile appears in the virtual machine description
to help people using virsh/virt-manager subsequently to understand where
machines have come from.
Fixes: #496
When using qemu:///session, it's necessary to ensure the correct
user/group is passed in when creating additional volume storage as
otherwise the default is to attempt to chown/chgrp it to 0:0 which will
fail.
With this in place and recent changes around uri/qemu_use_session,
remove the checks guarding retrieving the storage pool as it is also
possible for it to be created as expected for the session.
Update create domain tests to check for the correct settings such as
storage path and user/group id's passed to the volume create call for
the additional disks.
Fixes: #986
Provide a simple create domain test that uncovered a bug with an
exception in addition to fixing the tests to avoid unnecessary output
when the code sends messages via the UI.
