During validation ensure that the default value for public network
devices is selected and shown on error if it's not one of the host
devices that are currently discovered.
Secure Encryption Virtualization is supported by libvirt and this
change adds support for vagrant-libvirt to enable it.
It requires a UEFI base box and needs a combination of options to be
configured for it to work.
Co-authored-by: PELLET Norman <norman.pellet@csem.ch>
Co-authored-by: MUNTANÉ CALVO Enric <emc@csem.ch>
Co-authored-by: Darragh Bailey <daragh.bailey@gmail.com>
Closes: #1372
Change driver list of networks returned to only be read-only when using
qemu session, to allow for VMs using the system context to be able to
restart any networks needed.
The CPU element to manage the mode, model, features (including nested),
is only available on some architectures. To allow this plugin to
generate XML valid for other architectures such as RISC-V, the CPU
element needs to be optional and only enabled when the architecture
specified supports it.
Include checks in the validation section to help prevent the setting of
an unsupported architecture with any of the CPU features that require
the CPU element to be available.
Fixes: #1538
Reject any 9p synced folders that the user does not have read access to
the host path where using qemu sessions. This is because the VM will
launched with the user permissions instead of system permissions and
will fail to come up if trying to add a path that is not readable to be
mounted into the guest.
Additionally flag that virtiofs may not be supported with qemu sessions,
but do not reject in case support is added in the future.
Fixes: #1430
To allow for a different ssh port to be used when connecting to a
machine for NFS setup, use the port provided in the ssh_info hash
with a fallback to the default ssh port.
This may allow NFS mounting into Windows guests once support is added to
vagrant itself to handle NFS installation.
Fixes: #1640
If the graphics type is set to spice, then skip setting the autoport as
the attribute will be discarded by libvirt causing it to appear as
though not all of the XML sent to start the domain was accepted.
Ensure the same filtering for networks supported by vagrant-libvirt is
done for both driver and util by moving to call the same function with
filtering.
This avoids calls for the list of host devices from failing to parse
some networks that are not supported.
Fixes: #599
If the network does not have a bridge name, ignore it and move onto the
next one. This allows for hostdev networks to exist without breaking.
Includes some rudimentary testing to exercise the lookup code along with
a small bit of refactoring based on the realisation that there is no
need to lookup the network information twice as it is available if the
list_all_networks API is used.
Fixes: #599
On some distros the libvirt does not appear to always return all of the
host interfaces. Switch to using 'ip -j link show' to read them directly
from the system in order to ensure all devices are read.
Refactor the driver tests to better isolate between test setup for the
different sets of functions and avoid accidental setting of
configuration details that may not be obvious.
Fixes: #1624
Reduce the number of other graphics settings that need to be adjusted
once the type has been set to spice by defaulting the remaining options
to ones better suited for spice, in addition to adding the required
channel automatically.
Fixes: #1482
Allow libvirt to start the domain before reading back the XML to
retrieve the port assigned automatically for subsequent graphics access
when autoport is enabled.
Fixes: #992
Ensure the bootmenu is disabled by default. When not specified it will
default to the hypervisor default behaviour, however this is not
necessarily defined consistently across different distros. Therefore for
a consistent behaviour, simply ensure it is always configured to be off,
unless explicitly required to be enabled when the boot order is
configured.
Fixes: #947
The 9p synced folder option :owner is better named as :access, which is
documented by 9p and less likely to cause confusion on the expected
behaviour as it does not control the owner of the files.
Relates-To: #378
The driver is created with a specific machine instance, use this in
stead of requiring a specific instance be passed in. Apply the same
approach to domain where possible which allows the same get ip address
function to be called with and without a domain being passed in to save
lookup during loops.
Normalise the XML to ensure the attributes for both documents have the
same ordering to prevent excessive noise when differences are detected.
Additionally sort various elements based on attributes that make
ordering irrelevant to allow for simpler comparison using xmlsimple.
Closes: #1583
When using `qemu_use_agent = true`, the provisioning of a Windows
machine was faling to get the IP address with the error:
```
`get_ipaddress_from_qemu_agent': undefined method `downcase' for nil:NilClass (NoMethodError)
```
```plain
Traceback (most recent call last):
18: from /opt/vagrant/embedded/gems/2.3.0/gems/logging-2.3.1/lib/logging/diagnostic_context.rb:474:in `block in create_with_logging_context'
17: from /opt/vagrant/embedded/gems/2.3.0/gems/vagrant-2.3.0/lib/vagrant/action/builtin/wait_for_communicator.rb:16:in `block in call'
16: from /opt/vagrant/embedded/gems/2.3.0/gems/vagrant-2.3.0/plugins/communicators/winrm/communicator.rb:31:in `wait_for_ready'
15: from /opt/vagrant/embedded/lib/ruby/2.7.0/timeout.rb:110:in `timeout'
14: from /opt/vagrant/embedded/lib/ruby/2.7.0/timeout.rb:33:in `catch'
13: from /opt/vagrant/embedded/lib/ruby/2.7.0/timeout.rb:33:in `catch'
12: from /opt/vagrant/embedded/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'
11: from /opt/vagrant/embedded/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'
10: from /opt/vagrant/embedded/gems/2.3.0/gems/vagrant-2.3.0/plugins/communicators/winrm/communicator.rb:37:in `block in wait_for_ready'
9: from /opt/vagrant/embedded/gems/2.3.0/gems/vagrant-2.3.0/plugins/communicators/winrm/helper.rb:21:in `winrm_info'
8: from /opt/vagrant/embedded/gems/2.3.0/gems/vagrant-2.3.0/plugins/communicators/winrm/helper.rb:35:in `winrm_address'
7: from /opt/vagrant/embedded/gems/2.3.0/gems/vagrant-2.3.0/lib/vagrant/machine.rb:452:in `ssh_info'
6: from /home/rgl/.vagrant.d/gems/2.7.6/gems/vagrant-libvirt-0.10.7/lib/vagrant-libvirt/provider.rb:58:in `ssh_info'
5: from /home/rgl/.vagrant.d/gems/2.7.6/gems/vagrant-libvirt-0.10.7/lib/vagrant-libvirt/provider.rb:98:in `state'
4: from /home/rgl/.vagrant.d/gems/2.7.6/gems/vagrant-libvirt-0.10.7/lib/vagrant-libvirt/driver.rb:194:in `state'
3: from /home/rgl/.vagrant.d/gems/2.7.6/gems/vagrant-libvirt-0.10.7/lib/vagrant-libvirt/driver.rb:103:in `get_domain_ipaddress'
2: from /home/rgl/.vagrant.d/gems/2.7.6/gems/vagrant-libvirt-0.10.7/lib/vagrant-libvirt/driver.rb:242:in `get_ipaddress_from_qemu_agent'
1: from /home/rgl/.vagrant.d/gems/2.7.6/gems/vagrant-libvirt-0.10.7/lib/vagrant-libvirt/driver.rb:242:in `each'
/home/rgl/.vagrant.d/gems/2.7.6/gems/vagrant-libvirt-0.10.7/lib/vagrant-libvirt/driver.rb:243:in `block in get_ipaddress_from_qemu_agent': undefined method `downcase' for nil:NilClass (NoMethodError)
```
This is due to Windows qemu-ga reporting interfaces that do not have a
`hardware-address`. For example, the `Loopback Pseudo-Interface 1` does
not have it:
```console
$ virsh qemu-agent-command openwrt-vagrant-windows '{"execute":"guest-network-get-interfaces"}' --pretty
{
"return": [
{
"name": "Ethernet 2",
"ip-addresses": [
{
"ip-address-type": "ipv4",
"ip-address": "10.0.20.11",
"prefix": 24
}
],
"statistics": {
"tx-packets": 3090,
"tx-errs": 0,
"rx-bytes": 50713786,
"rx-dropped": 0,
"rx-packets": 35116,
"rx-errs": 0,
"tx-bytes": 744040,
"tx-dropped": 0
},
"hardware-address": "08:00:27:00:00:0b"
},
{
"name": "Loopback Pseudo-Interface 1",
"ip-addresses": [
{
"ip-address-type": "ipv6",
"ip-address": "::1",
"prefix": 128
},
{
"ip-address-type": "ipv4",
"ip-address": "127.0.0.1",
"prefix": 8
}
],
"statistics": {
"tx-packets": 0,
"tx-errs": 0,
"rx-bytes": 0,
"rx-dropped": 0,
"rx-packets": 0,
"rx-errs": 0,
"tx-bytes": 0,
"tx-dropped": 0
}
}
]
}
```
With this change, the IP address can now be found without errors:
```plain
...
windows: WinRM address: 10.0.20.11:5985
windows: WinRM username: vagrant
...
```
the message fills the screen with expected warnings messages
when we need to debug this problem the message is already logged, so
there is no need to show it in the normal case
these are the warning messages that were displayed:
```
==> debian: Waiting for domain to get an IP address...
Unable to receive IP via qemu agent: [Call to virDomainQemuAgentCommand failed: Guest agent is not responding: QEMU guest agent is not connected]
...
==> debian: Waiting for machine to boot. This may take a few minutes...
Unable to receive IP via qemu agent: [Call to virDomainQemuAgentCommand failed: Guest agent is not responding: QEMU guest agent is not connected]
...
```
The distribution provided vagrant package on Ubuntu 20.04 is version
2.2.6 running on ruby 2.7.2. It appears that the rexml layout is
slightly different and imports different paths than the current code
expects. Add this combination to the unit tests and switch the requires
to load the specific library requirements instead of relying on rexml
loading everything underneath.
Additionally it appears the hook behaviour change appeared earlier that
the understood vagrant release of 2.2.11, and 2.2.6 also requires the
newer hook behaviour.
As this is the first time people may be alerted to an issue applying
changes, given that previously they would be silently discarded, better
to switch to warning the end user rather than blocking the domain start.
This is no worse than the previous position, and allows previous
configurations that were understood to be working, to continue to work
as they are, with hopefully issues logged by users that will allow
more correct XML to be sent before making failure to match the changes
applied fatal.
Ensure that the tests always set VAGRANT_HOME into the environment to
prevent the global plugin manager from trying to load the plugins under
this directory.
Remove the unnecessary nesting of begin/rescue entries in start domain
which partially existed due to vagrant-libvirt destroying domain
definitions on error, even for machines that had previously been
created.
Since this is no longer a problem as existing domains will be halted
rather than removed when an exception occurs, it is perfectly fine to
let the exception percolate upwards and be handled by the warden, which
is what the current code is doing, but at the expense of catching and
re-raising multiple times.
Switch to calling the returning the next middleware in the chain as soon
as possible in the set boot order action. Makes the overall remaining
logic tidier.
Include basic tests to check existing behaviour.
The attribute autoport="no" will be dropped, therefore ensure that when
graphics_autoport should be disabled, default it to nil, which allows
the existing code to exclude it from the domain template.
Otherwise being set to no will result in an apparent difference due to
the returned XML after update dropping the attribute.
Make sure to perform a diff of the actual XML strings and not the object
representations if encountering the bug where the XML failed to be
updated correctly.
The switch to compare-xml exhibits non intuitive behaviour in that
comparing without use of verbose mode does not detect documents that are
identical. The if statement allowed the tests to pass but reads that if
the documents compare as true then emit an error message and raise an
exception. However this is because it returns false even with the docs
are the same content. Unfortunately there was no pre-existing test
case added when
Since there were concerns about equivalent-xml not being active upstream
raised by a distribution maintainer, switching back should be avoided.
Attempted use of nokogiri-diff indicated that whitespace changes would
be treated as differences with it being unclear how to easily exclude.
Moving to xml-simple, which although will treat whitespace as
significant and even with NormaliseSpace set to disregard any whitespace
around content elements, it requires walking the returned structure to
remove the empty content attribute that is left behind to allow a direct
comparison between the data structures.
To ensure the XML comparison is validated add a test where libvirt
returns XML that is different to what was requested, and assert that
the expected error is raised, an error message emitted and that the
domain define would be reverted to the previous state if possible.
Relates-To: #1565Fixes: #1556
Using diffy alone is insufficient to spot when the XML returned by
libvirt for the changes applied is equivalent but formatted differently.
When libvirt returns slightly differently formatted XML corresponding to
what changes were actually applied, it can result in an error being
assumed to have happened when the update actually worked as expected.
Equivalent-xml handles detecting XML documents as being identical,
therefore switching to using it instead of diffy should produce more
reliable results, while retaining diffy for better formatted diffs
should an issue occur is useful.
Fixes: #1556
Fix a rather dumb error on my part where after checking the code
behaviour and then moving it to the driver, switched to using the
instance variable instead of the function. Because of this, on the first
usage the instance variable may not be populated, while the function
will correctly set up the connection.
Fixes: #1561
Add boot_order to the merge function to ensure that provider config
sections will persist the value if defined in earlier blocks. However to
ensure it is possible to override, definitions in latter sections will
replace the earlier definitions, but only if provided.
Fixes: #937
Request the list of physical devices from libvirt when performing
config validation. This ensures remote instances using bridges will get
the correct list of devices as well as be alerted when the device needed
does not exist.
Fixes issue introduced with #1499
For testing certain scenarios with vagrant-libvirt, need in the guest system a
value for the systems serial number in the DMI/SMBIOS system information.
The domain https://libvirt.org/formatdomain.html#smbios-system-information
format of libvirt allows to specify those values.
While adding `-smbios type=1,serial=$serial_value` to the `qemuargs` parameter
of the libvirt provider is already able to achieve this, a dedicated provider config
value adds native support from the `Vagrantfile` layering system. For example,
in the .box included Vagrantfile a random serial number can be enforced by
adding the following:
require 'securerandom'
Vagrant.configure("2") do |config|
config.vm.provider :libvirt do |libvirt|
libvirt.dmi_system_serial = SecureRandom.alphanumeric(8).upcase
end
end
Then in an instance specific Vagrantfile this value can be overwritten by adding:
Vagrant.configure("2") do |config|
config.vm.provider :libvirt do |libvirt|
libvirt.dmi_system_serial = "ABCDEFGH"
end
end
Co-authored-by: Nils Ballmann <nils.ballmann.ext@siemens.com>
Co-authored-by: Darragh Bailey <daragh.bailey@gmail.com>
