From 0b4fc69b54bf5a8fafc9bed62749ff2c91eeb21d Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Mon, 8 Jul 2024 09:35:54 +0100 Subject: [PATCH] RHEL: Remove input from Xen Originally this bug was to remove input from RHEL 5 Xen only. This change actually removes all conversions from Xen as in RHEL 9 we only supported RHEL 5 Xen. Fixes: https://issues.redhat.com/browse/RHEL-37687 --- docs/Makefile.am | 14 ---- docs/virt-v2v-input-xen.pod | 154 ------------------------------------ docs/virt-v2v.pod | 52 ++---------- input/Makefile.am | 4 +- input/input_xen_ssh.ml | 132 ------------------------------- input/input_xen_ssh.mli | 21 ----- inspector/inspector.ml | 4 - v2v/v2v.ml | 5 -- 8 files changed, 6 insertions(+), 380 deletions(-) delete mode 100644 docs/virt-v2v-input-xen.pod delete mode 100644 input/input_xen_ssh.ml delete mode 100644 input/input_xen_ssh.mli diff --git a/docs/Makefile.am b/docs/Makefile.am index 0f6a3e21..7cb6e09a 100644 --- a/docs/Makefile.am +++ b/docs/Makefile.am @@ -23,7 +23,6 @@ EXTRA_DIST = \ virt-v2v-hacking.pod \ virt-v2v-in-place.pod \ virt-v2v-input-vmware.pod \ - virt-v2v-input-xen.pod \ virt-v2v-inspector.pod \ virt-v2v-output-local.pod \ virt-v2v-output-openstack.pod \ @@ -43,7 +42,6 @@ man_MANS = \ virt-v2v-hacking.1 \ virt-v2v-in-place.1 \ virt-v2v-input-vmware.1 \ - virt-v2v-input-xen.1 \ virt-v2v-inspector.1 \ virt-v2v-output-local.1 \ virt-v2v-output-openstack.1 \ @@ -60,7 +58,6 @@ noinst_DATA = \ $(top_builddir)/website/virt-v2v-hacking.1.html \ $(top_builddir)/website/virt-v2v-in-place.1.html \ $(top_builddir)/website/virt-v2v-input-vmware.1.html \ - $(top_builddir)/website/virt-v2v-input-xen.1.html \ $(top_builddir)/website/virt-v2v-inspector.1.html \ $(top_builddir)/website/virt-v2v-output-local.1.html \ $(top_builddir)/website/virt-v2v-output-openstack.1.html \ @@ -119,17 +116,6 @@ stamp-virt-v2v-input-vmware.pod: virt-v2v-input-vmware.pod $< touch $@ -virt-v2v-input-xen.1 $(top_builddir)/website/virt-v2v-input-xen.1.html: stamp-virt-v2v-input-xen.pod - -stamp-virt-v2v-input-xen.pod: virt-v2v-input-xen.pod - $(PODWRAPPER) \ - --man virt-v2v-input-xen.1 \ - --html $(top_builddir)/website/virt-v2v-input-xen.1.html \ - --license GPLv2+ \ - --warning safe \ - $< - touch $@ - virt-v2v-inspector.1 $(top_builddir)/website/virt-v2v-inspector.1.html: stamp-virt-v2v-inspector.pod stamp-virt-v2v-inspector.pod: virt-v2v-inspector.pod diff --git a/docs/virt-v2v-input-xen.pod b/docs/virt-v2v-input-xen.pod deleted file mode 100644 index 4a0544f8..00000000 --- a/docs/virt-v2v-input-xen.pod +++ /dev/null @@ -1,154 +0,0 @@ -=head1 NAME - -virt-v2v-input-xen - Using virt-v2v to convert guests from Xen - -=head1 SYNOPSIS - - virt-v2v -ic 'xen+ssh://root@xen.example.com' - -ip passwordfile - GUEST_NAME [-o* options] - -=head1 DESCRIPTION - -This page documents how to use L to convert guests from -RHEL 5 Xen, or SLES and OpenSUSE Xen hosts. - -=head1 INPUT FROM XEN - -=head2 SSH authentication - -You can use SSH password authentication, by supplying the name of a -file containing the password to the I<-ip> option (note this option -does I take the password directly). You may need to adjust -F on the Xen server to set -C. - -If you are not using password authentication, an alternative is to use -ssh-agent, and add your ssh public key to -F (on the Xen host). After doing this, -you should check that passwordless access works from the virt-v2v -server to the Xen host. For example: - - $ ssh root@xen.example.com - [ logs straight into the shell, no password is requested ] - -Note that support for non-interactive authentication via the I<-ip> -option is incomplete. Some operations remain that still require the -user to enter the password manually. Therefore ssh-agent is recommended -over the I<-ip> option. See L. - -With some modern ssh implementations, legacy crypto algorithms required -to interoperate with RHEL 5 sshd are disabled. To enable them, you may -need to add the following C stanza to your F<~/.ssh/config>: - - Host xen.example.com - KexAlgorithms +diffie-hellman-group14-sha1 - MACs +hmac-sha1 - HostKeyAlgorithms +ssh-rsa - PubkeyAcceptedKeyTypes +ssh-rsa - PubkeyAcceptedAlgorithms +ssh-rsa - -(C and C have -identical meaning; the former is the old option name, the latter is the -new one. Virt-v2v uses both C and C when converting a guest -from Xen, and on some operating systems, C and C may not -both accept the same option variant.) - -When connecting to RHEL 5 sshd from RHEL 9, the SHA1 algorithm's use in -signatures has to be re-enabled at the OpenSSL level, in addition to the -above SSH configuration. Create a file called F<$HOME/openssl-sha1.cnf> -with the following contents: - - .include /etc/ssl/openssl.cnf - [openssl_init] - alg_section = evp_properties - [evp_properties] - rh-allow-sha1-signatures = yes - -and export the following variable into the environment of the -C process: - - OPENSSL_CONF=$HOME/openssl-sha1.cnf - -Note that the C environment variable will only take effect -if the libvirt client library used by virt-v2v is at least version -8.6.0. - -=head2 Test libvirt connection to remote Xen host - -Use the L command to list the guests on the remote Xen host: - - $ virsh -c xen+ssh://root@xen.example.com list --all - Id Name State - ---------------------------------------------------- - 0 Domain-0 running - - rhel49-x86_64-pv shut off - -You should also try dumping the metadata from any guest on your -server, like this: - - $ virsh -c xen+ssh://root@xen.example.com dumpxml rhel49-x86_64-pv - - rhel49-x86_64-pv - [...] - - -B. Fix your libvirt configuration or the remote server -before continuing. - -B, then the -conversion will fail. See L -below for a workaround. - -=head2 Importing a guest - -To import a particular guest from a Xen server, do: - - $ virt-v2v -ic 'xen+ssh://root@xen.example.com' \ - rhel49-x86_64-pv \ - -o local -os /var/tmp - -where C is the name of the guest (which must be shut -down). - -In this case the output flags are set to write the converted guest to -a temporary directory as this is just an example, but you can also -write to libvirt or any other supported target. - -=head2 Xen or ssh conversions from block devices - -Currently virt-v2v cannot directly access a Xen guest (or any guest -located remotely over ssh) if that guest’s disks are located on host -block devices. - -To tell if a Xen guest uses host block devices, look at the guest XML. -You will see: - - - ... - - -where C, C and C are all -indications that the disk is located on a host block device. - -This happens because the qemu ssh block driver that we use to access -remote disks uses the ssh sftp protocol, and this protocol cannot -correctly detect the size of host block devices. - -The workaround is to copy the block device from the remote Xen -server to a regular local file, copy the libvirt guest XML, -adjust the C element to point to the local file, and use -C<-i libvirtxml> mode instead. - -=head1 SEE ALSO - -L. - -=head1 AUTHOR - -Richard W.M. Jones - -=head1 COPYRIGHT - -Copyright (C) 2009-2020 Red Hat Inc. diff --git a/docs/virt-v2v.pod b/docs/virt-v2v.pod index a1e8fb30..ca75c255 100644 --- a/docs/virt-v2v.pod +++ b/docs/virt-v2v.pod @@ -12,7 +12,7 @@ virt-v2v - Convert a guest to use KVM =head1 DESCRIPTION Virt-v2v converts a single guest from a foreign hypervisor to run on -KVM. It can read Linux and Windows guests running on VMware, Xen, +KVM. It can read Linux and Windows guests running on VMware, Hyper-V and some other hypervisors, and convert them to KVM managed by libvirt, OpenStack, oVirt, Red Hat Virtualisation (RHV) or several other targets. It can modify the guest to make it bootable on KVM and @@ -59,8 +59,6 @@ management systems, guests. L — Input from VMware. -L — Input from Xen. - L — Output to local files or local libvirt. L — Output to oVirt or RHV. @@ -186,10 +184,6 @@ This is only supported for: =item * -L - -=item * - L when using the SSH transport method @@ -305,12 +299,10 @@ hypervisor. See L. Specify a libvirt connection URI to use when reading the guest. This is only used when S>. -Only local libvirt connections, VMware vCenter connections, or RHEL 5 -Xen remote connections can be used. Other remote libvirt connections -will not work in general. +Only local libvirt connections or VMware vCenter connections. +Other remote libvirt connections will not work in general. -See also L, -L. +See also L. =item B<-if> format @@ -859,40 +851,6 @@ __CUSTOMIZE_OPTIONS__ =head1 NOTES -=head2 Xen paravirtualized guests - -Older versions of virt-v2v could turn a Xen paravirtualized (PV) guest -into a KVM guest by installing a new kernel. This version of virt-v2v -does I attempt to install any new kernels. Instead it will give -you an error if there are I Xen PV kernels available. - -Therefore before conversion you should check that a regular kernel is -installed. For some older Linux distributions, this means installing -a kernel from the table below: - - RHEL 3 (Does not apply, as there was no Xen PV kernel) - - RHEL 4 i686 with > 10GB of RAM: install 'kernel-hugemem' - i686 SMP: install 'kernel-smp' - other i686: install 'kernel' - x86-64 SMP with > 8 CPUs: install 'kernel-largesmp' - x86-64 SMP: install 'kernel-smp' - other x86-64: install 'kernel' - - RHEL 5 i686: install 'kernel-PAE' - x86-64: install 'kernel' - - SLES 10 i586 with > 10GB of RAM: install 'kernel-bigsmp' - i586 SMP: install 'kernel-smp' - other i586: install 'kernel-default' - x86-64 SMP: install 'kernel-smp' - other x86-64: install 'kernel-default' - - SLES 11+ i586: install 'kernel-pae' - x86-64: install 'kernel-default' - - Windows (Does not apply, as there is no Xen PV Windows kernel) - =head2 Enabling virtio "Virtio" is the name for a set of drivers which make disk (block @@ -1184,7 +1142,7 @@ bandwidth. Virt-v2v should be able to copy guest data at gigabit ethernet speeds or greater. Ensure that the network connections between servers (conversion -server, NFS server, vCenter, Xen) are as fast and as low latency as +server, NFS server, vCenter) are as fast and as low latency as possible. =head3 Disk space diff --git a/input/Makefile.am b/input/Makefile.am index 4153f878..2f4ceb0c 100644 --- a/input/Makefile.am +++ b/input/Makefile.am @@ -29,7 +29,6 @@ SOURCES_MLI = \ input_vcenter_https.mli \ input_vddk.mli \ input_vmx.mli \ - input_xen_ssh.mli \ name_from_disk.mli \ nbdkit_curl.mli \ nbdkit_ssh.mli \ @@ -60,8 +59,7 @@ SOURCES_ML = \ input_ova.ml \ input_vcenter_https.ml \ input_vddk.ml \ - input_vmx.ml \ - input_xen_ssh.ml + input_vmx.ml # We pretend that we're building a C library. automake handles the # compilation of the C sources for us. At the end we take the C diff --git a/input/input_xen_ssh.ml b/input/input_xen_ssh.ml deleted file mode 100644 index c4235a4b..00000000 --- a/input/input_xen_ssh.ml +++ /dev/null @@ -1,132 +0,0 @@ -(* helper-v2v-input - * Copyright (C) 2009-2021 Red Hat Inc. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - *) - -open Printf -open Unix - -open Std_utils -open Tools_utils -open Common_gettext.Gettext - -open Types -open Utils - -open Parse_libvirt_xml -open Input - -module XenSSH = struct - let to_string options args = - let xs = args in - let xs = - match options.input_conn with - | Some ic -> ("-ic " ^ ic) :: xs - | None -> xs in - let xs = "-i libvirt" :: xs in - String.concat " " xs - - let query_input_options () = - printf (f_"No input options can be used in this mode.\n") - - let setup dir options args = - if options.input_options <> [] then - error (f_"no -io (input options) are allowed here"); - - if not options.read_only then - error (f_"in-place mode does not work with Xen over SSH source"); - - (* Get the guest name. *) - let guest = - match args with - | [arg] -> arg - | _ -> - error (f_"-i libvirt: expecting a libvirt guest name \ - on the command line") in - - (* -ic must be set. *) - let input_conn = - match options.input_conn with - | Some ic -> ic - | None -> - error (f_"-i libvirt: expecting -ic parameter for \ - Xen over SSH connection") in - - let uri = - try Xml.parse_uri input_conn - with Invalid_argument msg -> - error (f_"could not parse '-ic %s'. Original error message was: %s") - input_conn msg in - - (* Connect to the hypervisor. *) - let conn = - let auth = Libvirt_utils.auth_for_password_file - ?password_file:options.input_password () in - Libvirt.Connect.connect_auth ~name:input_conn auth in - - (* Parse the libvirt XML. *) - let source, disks, _ = parse_libvirt_domain conn guest in - - let server = - match uri.Xml.uri_server with - | Some server -> server - | None -> - error (f_"‘-ic %s’ URL does not contain a host name field") - input_conn in - - let port = - match uri.uri_port with - | 0 | 22 -> None - | i -> Some (string_of_int i) in - - let user = uri.uri_user in - - let password = - match options.input_password with - | None -> None - | Some ip -> Some (Nbdkit_ssh.PasswordFile ip) in - - (* Create an nbdkit instance for each disk. *) - List.iteri ( - fun i { d_format = format; d_type } -> - let socket = sprintf "%s/in%d" dir i in - On_exit.unlink socket; - - match d_type with - | NBD _ | HTTP _ -> (* These should never happen? *) - assert false - - | BlockDev _ -> - (* Conversion from a remote block device over SSH isn't - * supported because OpenSSH sftp server doesn't know how - * to get the size of a block device. Therefore we disallow - * this and refer users to the manual. - *) - error (f_"input from xen over ssh does not support disks stored on \ - remote block devices. See virt-v2v-input-xen(1) \ - section \"Xen or ssh conversions from block devices\".") - - | LocalFile path -> - let cor = dir // "convert" in - let bandwidth = options.bandwidth in - let nbdkit = Nbdkit_ssh.create_ssh ?bandwidth ~cor ?password - ?port ~server ?user path in - let _, pid = Nbdkit.run_unix socket nbdkit in - On_exit.kill pid - ) disks; - - source -end diff --git a/input/input_xen_ssh.mli b/input/input_xen_ssh.mli deleted file mode 100644 index fa048231..00000000 --- a/input/input_xen_ssh.mli +++ /dev/null @@ -1,21 +0,0 @@ -(* virt-v2v - * Copyright (C) 2009-2021 Red Hat Inc. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - *) - -(** Input from Xen over SSH *) - -module XenSSH : Input.INPUT diff --git a/inspector/inspector.ml b/inspector/inspector.ml index 1ad67bbc..d7cbf449 100644 --- a/inspector/inspector.ml +++ b/inspector/inspector.ml @@ -296,10 +296,6 @@ read the man page virt-v2v-inspector(1). | Some server, Some ("esx"|"gsx"|"vpx"), Some `VDDK -> (module Input_vddk.VDDK) - (* Xen over SSH *) - | Some server, Some "xen+ssh", _ -> - (module Input_xen_ssh.XenSSH) - (* Old virt-v2v also supported qemu+ssh://. However I am * deliberately not supporting this in new virt-v2v. Don't * use virt-v2v if a guest already runs on KVM. diff --git a/v2v/v2v.ml b/v2v/v2v.ml index 6baa111f..9a622da0 100644 --- a/v2v/v2v.ml +++ b/v2v/v2v.ml @@ -398,7 +398,6 @@ read the man page virt-v2v(1). pr "virt-v2v-2.0\n"; pr "libguestfs-rewrite\n"; pr "vcenter-https\n"; - pr "xen-ssh\n"; pr "vddk\n"; pr "colours-option\n"; pr "vdsm-compat-option\n"; @@ -463,10 +462,6 @@ read the man page virt-v2v(1). | Some server, Some ("esx"|"gsx"|"vpx"), Some `VDDK -> (module Input_vddk.VDDK) - (* Xen over SSH *) - | Some server, Some "xen+ssh", _ -> - (module Input_xen_ssh.XenSSH) - (* Old virt-v2v also supported qemu+ssh://. However I am * deliberately not supporting this in new virt-v2v. Don't * use virt-v2v if a guest already runs on KVM.