Richard W.M. Jones
2017-Dec-08 16:02 UTC
[Libguestfs] [PATCH v2 0/2] v2v: Add -it vddk and -it ssh flags.
The first patch was previously posted here: https://www.redhat.com/archives/libguestfs/2017-December/msg00018.html That patch hasn't changed except that I made the ‘input_transport’ variable type-safe. The second patch adds a significant new mode for liberating data from VMware: the ability to copy VMs over SSH directly from ESXi hypervisors. Although this requires enabling SSH access (a check-box in the vSphere UI), it is fast, very convenient and doesn't require any proprietary drivers. Rich.
Richard W.M. Jones
2017-Dec-08 16:02 UTC
[Libguestfs] [PATCH v2 1/2] v2v: vddk: Switch to using ‘-it vddk’ to specify VDDK as input transport.
Previously the presence of the ‘--vddk <libdir>’ option magically
enabled VDDK mode. However we want to introduce other transports for
VMware conversions so this wasn't a very clean choice.
With this commit you must use ‘-it vddk’ to specify that you want VDDK
as a disk transport. The previous ‘--vddk <libdir>’ option has been
renamed to ‘--vddk-libdir <libdir>’ to be consistent with the other
passthrough options, and it is no longer required.
A new command line looks like:
$ export PATH=/path/to/nbdkit:$PATH
$ virt-v2v \
-ic 'vpx://root@vcenter.example.com/Datacenter/esxi?no_verify=1' \
| -it vddk \
| --vddk-libdir /path/to/vmware-vix-disklib-distrib \
--vddk-thumbprint xx:xx:xx:... \
"Windows 2003" \
-o local -os /var/tmp
where only the two lines marked with ‘|’ have changed.
---
v2v/cmdline.ml | 69 +++++++++++++++++++++++++++++------------------
v2v/input_libvirt.ml | 37 ++++++++++++-------------
v2v/input_libvirt.mli | 8 +++---
v2v/input_libvirt_vddk.ml | 57 +++++++++++++++++++++++++--------------
v2v/test-v2v-docs.sh | 2 +-
v2v/types.ml | 2 +-
v2v/types.mli | 2 +-
v2v/virt-v2v.pod | 30 +++++++++++++++------
8 files changed, 126 insertions(+), 81 deletions(-)
diff --git a/v2v/cmdline.ml b/v2v/cmdline.ml
index a452458a1..719e6f057 100644
--- a/v2v/cmdline.ml
+++ b/v2v/cmdline.ml
@@ -57,15 +57,16 @@ let parse_cmdline ()
let input_conn = ref None in
let input_format = ref None in
+ let input_transport = ref None in
let in_place = ref false in
let output_conn = ref None in
let output_format = ref None in
let output_name = ref None in
let output_storage = ref None in
let password_file = ref None in
- let vddk = ref None in
let vddk_config = ref None in
let vddk_cookie = ref None in
+ let vddk_libdir = ref None in
let vddk_nfchostport = ref None in
let vddk_port = ref None in
let vddk_snapshot = ref None in
@@ -191,6 +192,8 @@ let parse_cmdline ()
s_"Libvirt URI";
[ M"if" ], Getopt.String ("format",
set_string_option_once "-if" input_format),
s_"Input format (for -i disk)";
+ [ M"it" ], Getopt.String ("transport",
set_string_option_once "-it" input_transport),
+ s_"Input transport";
[ L"in-place" ], Getopt.Set in_place,
s_"Only tune the guest in the input
VM";
[ L"machine-readable" ], Getopt.Set machine_readable,
@@ -220,12 +223,12 @@ let parse_cmdline () [ L"qemu-boot" ],
Getopt.Set qemu_boot, s_"Boot in qemu (-o qemu only)";
[ L"root" ], Getopt.String ("ask|... ",
set_root_choice),
s_"How to choose root
filesystem";
- [ L"vddk" ], Getopt.String ("libpath",
set_string_option_once "--vddk" vddk),
- s_"Use nbdkit VDDK plugin";
[ L"vddk-config" ], Getopt.String ("filename",
set_string_option_once "--vddk-config" vddk_config),
s_"Set VDDK config file";
[ L"vddk-cookie" ], Getopt.String ("cookie",
set_string_option_once "--vddk-cookie" vddk_cookie),
s_"Set VDDK cookie";
+ [ L"vddk-libdir" ], Getopt.String ("libdir",
set_string_option_once "--vddk-libdir" vddk_libdir),
+ s_"Set VDDK library parent
directory";
[ L"vddk-nfchostport" ], Getopt.String ("nfchostport",
set_string_option_once "--vddk-nfchostport" vddk_nfchostport),
s_"Set VDDK nfchostport";
[ L"vddk-port" ], Getopt.String ("port",
set_string_option_once "--vddk-port" vddk_port),
@@ -286,6 +289,12 @@ read the man page virt-v2v(1).
let input_conn = !input_conn in
let input_format = !input_format in
let input_mode = !input_mode in
+ let input_transport + match !input_transport with
+ | None -> None
+ | Some "vddk" -> Some `VDDK
+ | Some transport ->
+ error (f_"unknown input transport ‘-it %s’") transport in
let in_place = !in_place in
let machine_readable = !machine_readable in
let network_map = !network_map in
@@ -303,28 +312,15 @@ read the man page virt-v2v(1).
let qemu_boot = !qemu_boot in
let root_choice = !root_choice in
let vddk_options - match !vddk with
- | Some libdir ->
- Some { vddk_libdir = libdir;
- vddk_config = !vddk_config;
- vddk_cookie = !vddk_cookie;
- vddk_nfchostport = !vddk_nfchostport;
- vddk_port = !vddk_port;
- vddk_snapshot = !vddk_snapshot;
- vddk_thumbprint = !vddk_thumbprint;
- vddk_transports = !vddk_transports;
- vddk_vimapiver = !vddk_vimapiver }
- | None ->
- if !vddk_config <> None ||
- !vddk_cookie <> None ||
- !vddk_nfchostport <> None ||
- !vddk_port <> None ||
- !vddk_snapshot <> None ||
- !vddk_thumbprint <> None ||
- !vddk_transports <> None ||
- !vddk_vimapiver <> None then
- error (f_"‘--vddk-*’ options should only be used when conversion
via the nbdkit VDDK plugin has been enabled, ie. using ‘--vddk’.");
- None in
+ { vddk_config = !vddk_config;
+ vddk_cookie = !vddk_cookie;
+ vddk_libdir = !vddk_libdir;
+ vddk_nfchostport = !vddk_nfchostport;
+ vddk_port = !vddk_port;
+ vddk_snapshot = !vddk_snapshot;
+ vddk_thumbprint = !vddk_thumbprint;
+ vddk_transports = !vddk_transports;
+ vddk_vimapiver = !vddk_vimapiver } in
let vdsm_compat = !vdsm_compat in
let vdsm_image_uuids = List.rev !vdsm_image_uuids in
let vdsm_vol_uuids = List.rev !vdsm_vol_uuids in
@@ -357,6 +353,26 @@ read the man page virt-v2v(1).
let password = read_first_line_from_file filename in
Some password in
+ (* Input transport affects whether some parameters should or
+ * should not be used.
+ *)
+ (match input_transport with
+ | None ->
+ if !vddk_config <> None ||
+ !vddk_cookie <> None ||
+ !vddk_libdir <> None ||
+ !vddk_nfchostport <> None ||
+ !vddk_port <> None ||
+ !vddk_snapshot <> None ||
+ !vddk_thumbprint <> None ||
+ !vddk_transports <> None ||
+ !vddk_vimapiver <> None then
+ error (f_"‘--vddk-*’ options should only be used when conversion
via the nbdkit VDDK plugin has been enabled, ie. using ‘-it vddk’.")
+ | Some `VDDK ->
+ if !vddk_thumbprint = None then
+ error (f_"‘--vddk-thumbprint’ is required when using ‘-it
vddk’.")
+ );
+
(* Parsing of the argument(s) depends on the input mode. *)
let input match input_mode with
@@ -379,7 +395,8 @@ read the man page virt-v2v(1).
| [guest] -> guest
| _ ->
error (f_"expecting a libvirt guest name on the command
line") in
- Input_libvirt.input_libvirt vddk_options password input_conn guest
+ Input_libvirt.input_libvirt vddk_options password
+ input_conn input_transport guest
| `LibvirtXML ->
(* -i libvirtxml: Expecting a filename (XML file). *)
diff --git a/v2v/input_libvirt.ml b/v2v/input_libvirt.ml
index 59845c9b2..66af6371c 100644
--- a/v2v/input_libvirt.ml
+++ b/v2v/input_libvirt.ml
@@ -27,7 +27,7 @@ open Types
open Utils
(* Choose the right subclass based on the URI. *)
-let input_libvirt vddk_options password libvirt_uri guest +let input_libvirt
vddk_options password libvirt_uri input_transport guest match libvirt_uri
with
| None ->
Input_libvirt_other.input_libvirt_other password libvirt_uri guest
@@ -39,29 +39,26 @@ let input_libvirt vddk_options password libvirt_uri guest
error (f_"could not parse '-ic %s'. Original error message was:
%s")
orig_uri msg in
- match server, scheme with
- | None, _
- | Some "", _ (* Not a remote URI. *)
+ match server, scheme, input_transport with
+ | None, _, _
+ | Some "", _, _ (* Not a remote URI. *)
- | Some _, None (* No scheme? *)
- | Some _, Some "" ->
+ | Some _, None, _ (* No scheme? *)
+ | Some _, Some "", _ ->
Input_libvirt_other.input_libvirt_other password libvirt_uri guest
- (* vCenter over https, or
- * vCenter or ESXi using nbdkit vddk plugin
- *)
- | Some server, Some ("esx"|"gsx"|"vpx") ->
- (match vddk_options with
- | None ->
- Input_libvirt_vcenter_https.input_libvirt_vcenter_https
- password libvirt_uri parsed_uri server guest
- | Some vddk_options ->
- Input_libvirt_vddk.input_libvirt_vddk vddk_options password
- libvirt_uri parsed_uri guest
- )
+ (* vCenter over https. *)
+ | Some server, Some ("esx"|"gsx"|"vpx"), None
->
+ Input_libvirt_vcenter_https.input_libvirt_vcenter_https
+ password libvirt_uri parsed_uri server guest
+
+ (* vCenter or ESXi using nbdkit vddk plugin *)
+ | Some server, Some ("esx"|"gsx"|"vpx"), Some
`VDDK ->
+ Input_libvirt_vddk.input_libvirt_vddk vddk_options password
+ libvirt_uri parsed_uri guest
(* Xen over SSH *)
- | Some server, Some "xen+ssh" ->
+ | Some server, Some "xen+ssh", _ ->
Input_libvirt_xen_ssh.input_libvirt_xen_ssh
password libvirt_uri parsed_uri server guest
@@ -71,7 +68,7 @@ let input_libvirt vddk_options password libvirt_uri guest
*)
(* Unknown remote scheme. *)
- | Some _, Some _ ->
+ | Some _, Some _, _ ->
warning (f_"no support for remote libvirt connections to '-ic
%s'. The conversion may fail when it tries to read the source disks.")
orig_uri;
Input_libvirt_other.input_libvirt_other password libvirt_uri guest
diff --git a/v2v/input_libvirt.mli b/v2v/input_libvirt.mli
index acf2ca417..eb3e48397 100644
--- a/v2v/input_libvirt.mli
+++ b/v2v/input_libvirt.mli
@@ -18,7 +18,7 @@
(** [-i libvirt] source. *)
-val input_libvirt : Types.vddk_options option -> string option -> string
option -> string -> Types.input
-(** [input_libvirt vddk_options password libvirt_uri guest] creates
- and returns a new {!Types.input} object specialized for reading input
- from libvirt sources. *)
+val input_libvirt : Types.vddk_options -> string option -> string option
-> [`VDDK] option -> string -> Types.input
+(** [input_libvirt vddk_options password libvirt_uri input_transport guest]
+ creates and returns a new {!Types.input} object specialized for reading
+ input from libvirt sources. *)
diff --git a/v2v/input_libvirt_vddk.ml b/v2v/input_libvirt_vddk.ml
index f3cc6eb9b..1e673f4c7 100644
--- a/v2v/input_libvirt_vddk.ml
+++ b/v2v/input_libvirt_vddk.ml
@@ -35,11 +35,16 @@ open Printf
(* Subclass specialized for handling VMware via nbdkit vddk plugin. *)
class input_libvirt_vddk vddk_options password libvirt_uri parsed_uri guest -
(* The VDDK path. *)
let libdir = vddk_options.vddk_libdir in
- (* Compute the LD_LIBRARY_PATH that we must pass to nbdkit. *)
- let library_path = libdir // sprintf "lib%d" Sys.word_size in
+
+ (* VDDK libraries are located under lib32/ or lib64/ relative to the
+ * libdir. Note this is unrelated to Linux multilib or multiarch.
+ *)
+ let libNN = sprintf "lib%d" Sys.word_size in
+
+ (* Compute the LD_LIBRARY_PATH that we may have to pass to nbdkit. *)
+ let library_path = Option.map (fun libdir -> libdir // libNN) libdir in
(* Is SELinux enabled and enforcing on the host? *)
let have_selinux @@ -47,18 +52,25 @@ class input_libvirt_vddk vddk_options
password libvirt_uri parsed_uri guest
(* Check that the VDDK path looks reasonable. *)
let error_unless_vddk_libdir () - if not (is_directory libdir) then
- error (f_"‘--vddk %s’ does not point to a directory. See
\"INPUT FROM VDDK\" in the virt-v2v(1) manual.") libdir;
+ (match libdir with
+ | None -> ()
+ | Some libdir ->
+ if not (is_directory libdir) then
+ error (f_"‘--vddk-libdir %s’ does not point to a directory. See
\"INPUT FROM VDDK\" in the virt-v2v(1) manual.") libdir
+ );
- if not (is_directory library_path) then
- error (f_"VDDK library path %s not found or not a directory. See
\"INPUT FROM VDDK\" in the virt-v2v(1) manual.")
- library_path
+ (match library_path with
+ | None -> ()
+ | Some library_path ->
+ if not (is_directory library_path) then
+ error (f_"VDDK library path %s not found or not a directory.
See \"INPUT FROM VDDK\" in the virt-v2v(1) manual.") library_path
+ )
in
(* Check that nbdkit is available and new enough. *)
let error_unless_nbdkit_working () if 0 <> Sys.command
"nbdkit --version >/dev/null" then
- error (f_"nbdkit is not installed or not working. It is required to
use ‘--vddk’. See \"INPUT FROM VDDK\" in the virt-v2v(1)
manual.");
+ error (f_"nbdkit is not installed or not working. It is required to
use ‘-it vddk’. See \"INPUT FROM VDDK\" in the virt-v2v(1)
manual.");
(* Check it's a new enough version. The latest features we
* require are ‘--exit-with-parent’ and ‘--selinux-label’, both
@@ -74,14 +86,20 @@ class input_libvirt_vddk vddk_options password libvirt_uri
parsed_uri guest
(* Check that the VDDK plugin is installed and working *)
let error_unless_nbdkit_vddk_working () + let set_ld_library_path +
match library_path with
+ | None -> ""
+ | Some library_path ->
+ sprintf "LD_LIBRARY_PATH=%s " (quote library_path) in
+
let cmd - sprintf "LD_LIBRARY_PATH=%s nbdkit vddk --dump-plugin
>/dev/null"
- (quote library_path) in
+ sprintf "%snbdkit vddk --dump-plugin >/dev/null"
+ set_ld_library_path in
if Sys.command cmd <> 0 then (
(* See if we can diagnose why ... *)
let cmd - sprintf "LD_LIBRARY_PATH=%s LANG=C nbdkit vddk
--dump-plugin 2>&1 | grep -sq libvixDiskLib.so"
- (quote library_path) in
+ sprintf "LANG=C %snbdkit vddk --dump-plugin 2>&1 | grep -sq
libvixDiskLib.so"
+ set_ld_library_path in
let needs_library = Sys.command cmd = 0 in
if not needs_library then
error (f_"nbdkit VDDK plugin is not installed or not working. It
is required if you want to use VDDK.
@@ -92,9 +110,9 @@ See also \"INPUT FROM VDDK\" in the virt-v2v(1)
manual.")
else
error (f_"nbdkit VDDK plugin is not installed or not working. It
is required if you want to use VDDK.
-It looks like you did not set the right path in the ‘--vddk’ option, or your
copy of the VDDK directory is incomplete. There should be a library called
’%s/libvixDiskLib.so.?’.
+It looks like you did not set the right path in the ‘--vddk-libdir’ option, or
your copy of the VDDK directory is incomplete. There should be a library called
’<libdir>/%s/libvixDiskLib.so.?’.
-See also \"INPUT FROM VDDK\" in the virt-v2v(1) manual.")
library_path
+See also \"INPUT FROM VDDK\" in the virt-v2v(1) manual.") libNN
)
in
@@ -121,6 +139,7 @@ See also \"INPUT FROM VDDK\" in the virt-v2v(1)
manual.") library_path
let vddk_passthrus [ "config", (fun { vddk_config }
-> vddk_config);
"cookie", (fun { vddk_cookie } -> vddk_cookie);
+ "libdir", (fun { vddk_libdir } -> vddk_libdir);
"nfchostport", (fun { vddk_nfchostport } ->
vddk_nfchostport);
"port", (fun { vddk_port } -> vddk_port);
"snapshot", (fun { vddk_snapshot } -> vddk_snapshot);
@@ -149,9 +168,8 @@ object
| Some field -> sprintf " --vddk-%s %s" name field
) vddk_passthrus
) in
- sprintf "%s --vddk %s%s"
+ sprintf "%s -it vddk %s"
super#as_options (* superclass prints "-i libvirt etc" *)
- vddk_options.vddk_libdir
pt_options
method source () @@ -252,7 +270,6 @@ object
add_arg (sprintf "user=%s" user);
add_arg password_param;
add_arg (sprintf "vm=moref=%s" moref);
- add_arg (sprintf "libdir=%s" libdir);
(* The passthrough parameters. *)
List.iter (
@@ -297,7 +314,7 @@ object
(* Print the full command we are about to run when debugging. *)
if verbose () then (
eprintf "running nbdkit:\n";
- eprintf "LD_LIBRARY_PATH=%s" library_path;
+ Option.may (eprintf "LD_LIBRARY_PATH=%s") library_path;
List.iter (fun arg -> eprintf " %s" (quote arg)) args;
prerr_newline ()
);
@@ -310,7 +327,7 @@ object
let pid = fork () in
if pid = 0 then (
(* Child process (nbdkit). *)
- putenv "LD_LIBRARY_PATH" library_path;
+ Option.may (putenv "LD_LIBRARY_PATH") library_path;
execvp "nbdkit" args
);
diff --git a/v2v/test-v2v-docs.sh b/v2v/test-v2v-docs.sh
index 8bd03f68e..5d034c465 100755
--- a/v2v/test-v2v-docs.sh
+++ b/v2v/test-v2v-docs.sh
@@ -22,4 +22,4 @@ $TEST_FUNCTIONS
skip_if_skipped
$top_srcdir/podcheck.pl virt-v2v.pod virt-v2v \
-
--ignore=--debug-overlay,--ic,--if,--no-trim,--oa,--oc,--of,--on,--os,--vmtype
+
--ignore=--debug-overlay,--ic,--if,--it,--no-trim,--oa,--oc,--of,--on,--os,--vmtype
diff --git a/v2v/types.ml b/v2v/types.ml
index ee6b642bf..be86f1b3b 100644
--- a/v2v/types.ml
+++ b/v2v/types.ml
@@ -480,9 +480,9 @@ type root_choice = AskRoot | SingleRoot | FirstRoot |
RootDev of string
type output_allocation = Sparse | Preallocated
type vddk_options = {
- vddk_libdir : string;
vddk_config : string option;
vddk_cookie : string option;
+ vddk_libdir : string option;
vddk_nfchostport : string option;
vddk_port : string option;
vddk_snapshot : string option;
diff --git a/v2v/types.mli b/v2v/types.mli
index a426bd696..95d890638 100644
--- a/v2v/types.mli
+++ b/v2v/types.mli
@@ -340,9 +340,9 @@ type output_allocation = Sparse | Preallocated
(** Type of [-oa] (output allocation) option. *)
type vddk_options = {
- vddk_libdir : string;
vddk_config : string option;
vddk_cookie : string option;
+ vddk_libdir : string option;
vddk_nfchostport : string option;
vddk_port : string option;
vddk_snapshot : string option;
diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod
index 4ac44988e..503830c9d 100644
--- a/v2v/virt-v2v.pod
+++ b/v2v/virt-v2v.pod
@@ -379,6 +379,13 @@ See L</IN PLACE CONVERSION> below.
Conflicts with all I<-o *> options.
+=item B<-it> B<vddk>
+
+Use VMware VDDK as a transport to copy the input disks. See
+L</INPUT FROM VDDK> below. If you use this parameter then you may
+need to use other I<--vddk*> options to specify how to connect through
+VDDK.
+
=item B<--keys-from-stdin>
Read key or passphrase parameters from stdin. The default is
@@ -633,13 +640,20 @@ boot an operating system from the first virtio disk.
Specifically,
F</boot> must be on the first virtio disk, and it cannot chainload an
OS which is not in the first virtio disk.
-=item B<--vddk> LIBDIR
+=item B<--vddk-libdir> LIBDIR
-Enable VDDK input from VMware vCenter or ESXi. C<LIBDIR> is the top
-directory of the VDDK library. This directory should I<contain>
+Set the VDDK library directory. This directory should I<contain>
subdirectories called F<include>, F<lib64> etc., but do not include
F<lib64> actually in the parameter.
+In most cases this parameter is required when using the I<-it vddk>
+(VDDK) transport. See L</INPUT FROM VDDK> below for details.
+
+=item B<--vddk-thumbprint> xx:xx:xx:...
+
+Set the thumbprint of the remote VMware server.
+
+This parameter is required when using the I<-it vddk> (VDDK) transport.
See L</INPUT FROM VDDK> below for details.
=item B<--vddk-config> FILENAME
@@ -652,16 +666,13 @@ See L</INPUT FROM VDDK> below for details.
=item B<--vddk-snapshot> SNAPSHOT-MOREF
-=item B<--vddk-thumbprint> xx:xx:xx:...
-
=item B<--vddk-transports> MODE:MODE:...
=item B<--vddk-vimapiver> APIVER
When using VDDK mode, these options are passed unmodified to the
L<nbdkit(1)> VDDK plugin. Please refer to
L<nbdkit-vddk-plugin(1)>.
-If I<--vddk> is present, I<--vddk-thumbprint> is also required,
-the rest are optional.
+These are all optional.
=item B<--vdsm-compat=0.10>
@@ -1543,6 +1554,8 @@ continuing.
=head2 VDDK: IMPORTING A GUEST
+The I<-it vddk> parameter selects VDDK as the input transport for disks.
+
To import a particular guest from vCenter server or ESXi hypervisor,
use a command like the following, substituting the URI, guest name and
SSL thumbprint:
@@ -1550,7 +1563,8 @@ SSL thumbprint:
$ export PATH=/path/to/nbdkit:$PATH
$ virt-v2v \
-ic 'vpx://root@vcenter.example.com/Datacenter/esxi?no_verify=1' \
- --vddk /path/to/vmware-vix-disklib-distrib \
+ -it vddk \
+ --vddk-libdir /path/to/vmware-vix-disklib-distrib \
--vddk-thumbprint xx:xx:xx:... \
"Windows 2003" \
-o local -os /var/tmp
--
2.13.2
Richard W.M. Jones
2017-Dec-08 16:02 UTC
[Libguestfs] [PATCH v2 2/2] v2v: -i vmx: Enhance VMX support with ability to use ‘-it ssh’ transport.
This enhances the existing VMX input support allowing it to be
used over SSH to the ESXi server.
The original command (for local .vmx files) was:
$ virt-v2v -i vmx guest.vmx -o local -os /var/tmp
Adding ‘-it ssh’ and using an SSH remote path gives the new syntax:
$ virt-v2v \
-i vmx -it ssh \
"root@esxi.example.com:/vmfs/volumes/datastore1/guest/guest.vmx"
\
-o local -os /var/tmp
I anticipate that this input method will be widely used enough that it
deserves its own example at the top of the man page.
---
v2v/cmdline.ml | 26 +++++--
v2v/input_libvirt_other.ml | 9 ---
v2v/input_libvirt_other.mli | 1 -
v2v/input_vmx.ml | 171 +++++++++++++++++++++++++++++++++++++-------
v2v/input_vmx.mli | 5 +-
v2v/utils.ml | 9 +++
v2v/utils.mli | 2 +
v2v/virt-v2v.pod | 91 ++++++++++++++++++-----
8 files changed, 254 insertions(+), 60 deletions(-)
diff --git a/v2v/cmdline.ml b/v2v/cmdline.ml
index 719e6f057..0c6af3ed8 100644
--- a/v2v/cmdline.ml
+++ b/v2v/cmdline.ml
@@ -292,6 +292,7 @@ read the man page virt-v2v(1).
let input_transport match !input_transport with
| None -> None
+ | Some "ssh" -> Some `SSH
| Some "vddk" -> Some `VDDK
| Some transport ->
error (f_"unknown input transport ‘-it %s’") transport in
@@ -357,7 +358,8 @@ read the man page virt-v2v(1).
* should not be used.
*)
(match input_transport with
- | None ->
+ | None
+ | Some `SSH ->
if !vddk_config <> None ||
!vddk_cookie <> None ||
!vddk_libdir <> None ||
@@ -395,6 +397,12 @@ read the man page virt-v2v(1).
| [guest] -> guest
| _ ->
error (f_"expecting a libvirt guest name on the command
line") in
+ let input_transport + match input_transport with
+ | None -> None
+ | Some `VDDK -> Some `VDDK
+ | Some `SSH ->
+ error (f_"only ‘-it vddk’ can be used here") in
Input_libvirt.input_libvirt vddk_options password
input_conn input_transport guest
@@ -417,13 +425,19 @@ read the man page virt-v2v(1).
Input_ova.input_ova filename
| `VMX ->
- (* -i vmx: Expecting an vmx filename. *)
- let filename + (* -i vmx: Expecting a vmx filename or SSH remote
path. *)
+ let arg match args with
- | [filename] -> filename
+ | [arg] -> arg
| _ ->
- error (f_"expecting a VMX file name on the command line")
in
- Input_vmx.input_vmx filename in
+ error (f_"expecting a single VMX file name or SSH remote path on
the command line") in
+ let input_transport + match input_transport with
+ | None -> None
+ | Some `SSH -> Some `SSH
+ | Some `VDDK ->
+ error (f_"only ‘-it ssh’ can be used here") in
+ Input_vmx.input_vmx input_transport arg in
(* Common error message. *)
let error_option_cannot_be_used_in_output_mode mode opt diff --git
a/v2v/input_libvirt_other.ml b/v2v/input_libvirt_other.ml
index e08d79cc9..42d8c7df6 100644
--- a/v2v/input_libvirt_other.ml
+++ b/v2v/input_libvirt_other.ml
@@ -39,15 +39,6 @@ let error_if_libvirt_does_not_support_json_backingfile ()
Libvirt_utils.libvirt_get_version () < (2, 1, 0) then
error (f_"because of libvirt bug https://bugzilla.redhat.com/1134878
you must EITHER upgrade to libvirt >= 2.1.0 OR set this environment
variable:\n\nexport LIBGUESTFS_BACKEND=direct\n\nand then rerun the virt-v2v
command.")
-(* xen+ssh URLs use the SSH driver in CURL. Currently this requires
- * ssh-agent authentication. Give a clear error if this hasn't been
- * set up (RHBZ#1139973).
- *)
-let error_if_no_ssh_agent () - try ignore (Sys.getenv
"SSH_AUTH_SOCK")
- with Not_found ->
- error (f_"ssh-agent authentication has not been set up ($SSH_AUTH_SOCK
is not set). Please read \"INPUT FROM RHEL 5 XEN\" in the virt-v2v(1)
man page.")
-
(* Superclass. *)
class virtual input_libvirt (password : string option) libvirt_uri guest
object
diff --git a/v2v/input_libvirt_other.mli b/v2v/input_libvirt_other.mli
index 494ca908a..8b1e8aa1d 100644
--- a/v2v/input_libvirt_other.mli
+++ b/v2v/input_libvirt_other.mli
@@ -19,7 +19,6 @@
(** [-i libvirt] source. *)
val error_if_libvirt_does_not_support_json_backingfile : unit -> unit
-val error_if_no_ssh_agent : unit -> unit
class virtual input_libvirt : string option -> string option -> string
-> object
method precheck : unit -> unit
diff --git a/v2v/input_vmx.ml b/v2v/input_vmx.ml
index c50217b9e..3032eba96 100644
--- a/v2v/input_vmx.ml
+++ b/v2v/input_vmx.ml
@@ -21,14 +21,82 @@ open Scanf
open Std_utils
open Tools_utils
+open Unix_utils
open Common_gettext.Gettext
open Types
open Utils
open Name_from_disk
-let rec find_disks vmx vmx_filename - find_scsi_disks vmx vmx_filename @
find_ide_disks vmx vmx_filename
+type vmx_source + | File of string (* local file or
NFS *)
+ | SSH of string option * string * string (* SSH username, server, path *)
+
+(* The single filename on the command line is intepreted either as
+ * a local file or a remote SSH path (only if ‘-it ssh’).
+ *)
+let vmx_source_of_arg input_transport arg + match input_transport, arg with
+ | None, arg -> File arg
+ | Some `SSH, arg ->
+ let arg1, path = String.split ":" arg in
+ if path = "" then
+ error (f_"expecting [user@]server:path with ‘-it ssh’");
+ let user, server = match String.split "@" arg1 with
+ | server, "" -> None, server
+ | user, server -> Some user, server in
+ SSH (user, server, path)
+
+(* 'scp' a remote file into a temporary local file, returning the path
+ * of the temporary local file.
+ *)
+let memo_tmpdir = ref None
+let scp_from_remote_to_temporary user server path filename + let tmpdir +
match !memo_tmpdir with
+ | None ->
+ let base_dir = (open_guestfs ())#get_cachedir () in
+ let t = Mkdtemp.temp_dir ~base_dir "vmx." in
+ rmdir_on_exit t;
+ memo_tmpdir := Some t;
+ t
+ | Some tmpdir -> tmpdir in
+
+ let localfile = tmpdir // filename in
+
+ (* XXX Assumes default port number. *)
+ let cmd + sprintf "scp%s %s%s:%s %s"
+ (if verbose () then "" else " -q")
+ (match user with None -> "" | Some user -> quote
user ^ "@")
+ (quote server)
+ (* The double quoting of the path is counter-intuitive
+ * but correct, see:
+ *
https://stackoverflow.com/questions/19858176/how-to-escape-spaces-in-path-during-scp-copy-in-linux
+ *)
+ (quote (quote path))
+ (quote localfile) in
+ if verbose () then
+ eprintf "%s\n%!" cmd;
+ if Sys.command cmd <> 0 then
+ error (f_"could not copy the VMX file from the remote server, see
earlier error messages");
+ localfile
+
+(* Test if [path] exists on the remote server. *)
+let remote_file_exists user server path + (* XXX Assumes default port number.
*)
+ let cmd + sprintf "ssh %s%s test -f %s"
+ (match user with None -> "" | Some user -> quote
user ^ "@")
+ (quote server)
+ (* Double quoting is necessary here, see above. *)
+ (quote (quote path)) in
+ if verbose () then
+ eprintf "%s\n%!" cmd;
+ Sys.command cmd = 0
+
+let rec find_disks vmx vmx_source + find_scsi_disks vmx vmx_source @
find_ide_disks vmx vmx_source
(* Find all SCSI hard disks.
*
@@ -38,7 +106,7 @@ let rec find_disks vmx vmx_filename *
| omitted
* scsi0:0.fileName = "guest.vmdk"
*)
-and find_scsi_disks vmx vmx_filename +and find_scsi_disks vmx vmx_source let
get_scsi_controller_target ns sscanf ns "scsi%d:%d" (fun c t
-> c, t)
in
@@ -50,7 +118,7 @@ and find_scsi_disks vmx vmx_filename
Some "scsi-harddisk"; None ] in
let scsi_controller = Source_SCSI in
- find_hdds vmx vmx_filename
+ find_hdds vmx vmx_source
get_scsi_controller_target is_scsi_controller_target
scsi_device_types scsi_controller
@@ -60,7 +128,7 @@ and find_scsi_disks vmx vmx_filename * ide0:0.deviceType
= "ata-hardDisk"
* ide0:0.fileName = "guest.vmdk"
*)
-and find_ide_disks vmx vmx_filename +and find_ide_disks vmx vmx_source let
get_ide_controller_target ns sscanf ns "ide%d:%d" (fun c t ->
c, t)
in
@@ -71,11 +139,11 @@ and find_ide_disks vmx vmx_filename let ide_device_types
= [ Some "ata-harddisk" ] in
let ide_controller = Source_IDE in
- find_hdds vmx vmx_filename
+ find_hdds vmx vmx_source
get_ide_controller_target is_ide_controller_target
ide_device_types ide_controller
-and find_hdds vmx vmx_filename
+and find_hdds vmx vmx_source
get_controller_target is_controller_target
device_types controller (* Find namespaces matching
'(ide|scsi)X:Y' with suitable deviceType. *)
@@ -101,9 +169,9 @@ and find_hdds vmx vmx_filename
match path, v with
| [ns; "filename"], Some filename ->
let c, t = get_controller_target ns in
+ let uri, format = qemu_uri_of_filename vmx_source filename in
let s = { s_disk_id = (-1);
- s_qemu_uri = qemu_uri_of_filename vmx_filename filename;
- s_format = Some "vmdk";
+ s_qemu_uri = uri; s_format = Some format;
s_controller = Some controller } in
Some (c, t, s)
| _ -> None
@@ -125,17 +193,48 @@ and find_hdds vmx vmx_filename
(* The filename can be an absolute path, but is more often a
* path relative to the location of the vmx file.
*
- * Note that we always end up with an absolute path, which is
- * also useful because it means we won't have any paths that
- * could be misinterpreted by qemu.
+ * This constructs a QEMU URI of the filename relative to the
+ * vmx file (which might be remote over SSH).
*)
-and qemu_uri_of_filename vmx_filename filename - if not (Filename.is_relative
filename) then
- filename
- else (
- let dir = Filename.dirname (absolute_path vmx_filename) in
- dir // filename
- )
+and qemu_uri_of_filename vmx_source filename + match vmx_source with
+ | File vmx_filename ->
+ (* Always ensure this returns an absolute path to avoid
+ * any confusion with filenames containing colons.
+ *)
+ absolute_path_from_other_file vmx_filename filename, "vmdk"
+
+ | SSH (user, server, vmx_path) ->
+ let abs_path = absolute_path_from_other_file vmx_path filename in
+ let format = "vmdk" in
+
+ (* XXX This is a hack to work around qemu / VMDK limitation
+ * "Cannot use relative extent paths with VMDK descriptor
file"
+ * We can remove this if the above is fixed.
+ *)
+ let abs_path, format + let flat_vmdk + PCRE.replace
(PCRE.compile "\\.vmdk$") "-flat.vmdk" abs_path in
+ if remote_file_exists user server flat_vmdk then (flat_vmdk,
"raw")
+ else (abs_path, format) in
+
+ let json_params = [
+ "file.driver", JSON.String "ssh";
+ "file.path", JSON.String abs_path;
+ "file.host", JSON.String server;
+ "file.host_key_check", JSON.String "no";
+ ] in
+ let json_params + match user with
+ | None -> json_params
+ | Some user ->
+ ("file.user", JSON.String user) :: json_params in
+
+ "json:" ^ JSON.string_of_doc json_params, format
+
+and absolute_path_from_other_file other_filename filename + if not
(Filename.is_relative filename) then filename
+ else (Filename.dirname (absolute_path other_filename)) // filename
(* Find all removable disks.
*
@@ -268,21 +367,41 @@ and find_nics vmx let nics = List.map (fun (_, source)
-> source) nics in
nics
-class input_vmx vmx_filename = object
+class input_vmx input_transport arg = object
inherit input
- method as_options = "-i vmx " ^ vmx_filename
+ method as_options = "-i vmx " ^ arg
+
+ method precheck () + match input_transport with
+ | None -> ()
+ | Some `SSH ->
+ if backend_is_libvirt () then
+ error (f_"because libvirtd doesn't pass the SSH_AUTH_SOCK
environment variable to qemu you must set this environment variable:\n\nexport
LIBGUESTFS_BACKEND=direct\n\nand then rerun the virt-v2v command.");
+ error_if_no_ssh_agent ()
method source () - (* Parse the VMX file. *)
- let vmx = Parse_vmx.parse_file vmx_filename in
+ let vmx_source = vmx_source_of_arg input_transport arg in
+
+ (* If the transport is SSH, fetch the file from remote, else
+ * parse it from local.
+ *)
+ let vmx + match vmx_source with
+ | File filename -> Parse_vmx.parse_file filename
+ | SSH (user, server, path) ->
+ let filename + scp_from_remote_to_temporary user server path
"source.vmx" in
+ Parse_vmx.parse_file filename in
let name match Parse_vmx.get_string vmx ["displayName"]
with
+ | Some s -> s
| None ->
warning (f_"no displayName key found in VMX file");
- name_from_disk vmx_filename
- | Some s -> s in
+ match vmx_source with
+ | File filename -> name_from_disk filename
+ | SSH (_, _, path) -> name_from_disk path in
let memory_mb match Parse_vmx.get_int64 vmx ["memSize"]
with
@@ -333,7 +452,7 @@ class input_vmx vmx_filename = object
None
| None -> None in
- let disks = find_disks vmx vmx_filename in
+ let disks = find_disks vmx vmx_source in
let removables = find_removables vmx in
let nics = find_nics vmx in
diff --git a/v2v/input_vmx.mli b/v2v/input_vmx.mli
index f236f8716..34ec2a5c6 100644
--- a/v2v/input_vmx.mli
+++ b/v2v/input_vmx.mli
@@ -18,5 +18,6 @@
(** [-i vmx] source. *)
-val input_vmx : string -> Types.input
-(** [input_vmx filename] sets up an input from vmware vmx file. *)
+val input_vmx : [`SSH] option -> string -> Types.input
+(** [input_vmx input_transport arg] sets up an input
+ from vmware vmx file. *)
diff --git a/v2v/utils.ml b/v2v/utils.ml
index 91c0ed1c8..d5d177e42 100644
--- a/v2v/utils.ml
+++ b/v2v/utils.ml
@@ -138,6 +138,15 @@ let backend_is_libvirt () let backend = fst
(String.split ":" backend) in
backend = "libvirt"
+(* When using the SSH driver in qemu (currently) this requires
+ * ssh-agent authentication. Give a clear error if this hasn't been
+ * set up (RHBZ#1139973). This might improve if we switch to libssh1.
+ *)
+let error_if_no_ssh_agent () + try ignore (Sys.getenv
"SSH_AUTH_SOCK")
+ with Not_found ->
+ error (f_"ssh-agent authentication has not been set up ($SSH_AUTH_SOCK
is not set). This is required by qemu to do passwordless ssh access. See the
virt-v2v(1) man page for more information.")
+
let ws = PCRE.compile "\\s+"
let find_file_in_tar tar filename diff --git a/v2v/utils.mli b/v2v/utils.mli
index 8d902a53a..422fde298 100644
--- a/v2v/utils.mli
+++ b/v2v/utils.mli
@@ -53,6 +53,8 @@ val qemu_img_supports_offset_and_size : unit -> bool
val backend_is_libvirt : unit -> bool
(** Return true iff the current backend is libvirt. *)
+val error_if_no_ssh_agent : unit -> unit
+
val find_file_in_tar : string -> string -> int64 * int64
(** [find_file_in_tar tar filename] looks up file in [tar] archive and returns
a tuple containing at which byte it starts and how long the file is.
diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod
index 503830c9d..79269a9da 100644
--- a/v2v/virt-v2v.pod
+++ b/v2v/virt-v2v.pod
@@ -118,6 +118,23 @@ Note that after conversion, the guest will appear in the
RHV-M Export
Storage Domain, from where you will need to import it using the RHV-M
user interface. (See L</OUTPUT TO RHV>).
+=head2 Convert from ESXi hypervisor over SSH to local libvirt
+
+You have an ESXi hypervisor called C<esxi.example.com> with SSH access
+enabled. You want to convert from VMFS storage on that server to
+a local file.
+
+ virt-v2v \
+ -i vmx -it ssh \
+ "root@esxi.example.com:/vmfs/volumes/datastore1/guest/guest.vmx" \
+ -o local -os /var/tmp
+
+The guest must not be running. Virt-v2v would I<not> need to be run
+as root in this case.
+
+For more information about converting from VMX files see
+L</INPUT FROM VMWARE VMX> below.
+
=head2 Convert disk image to OpenStack glance
Given a disk image from another hypervisor that you want to convert to
@@ -343,9 +360,10 @@ L</INPUT FROM VMWARE OVA> below
Set the input method to I<vmx>.
-In this mode you can read a VMware vmx file directly. This is useful
-when VMware VMs are stored on an NFS server which you can mount
-directly. See L</INPUT FROM VMWARE VMX> below
+In this mode you can read a VMware vmx file directly or over SSH.
+This is useful when VMware VMs are stored on an NFS server which you
+can mount directly, or where you have access by SSH to an ESXi
+hypervisor. See L</INPUT FROM VMWARE VMX> below
=item B<-ic> libvirtURI
@@ -379,6 +397,11 @@ See L</IN PLACE CONVERSION> below.
Conflicts with all I<-o *> options.
+=item B<-it> B<ssh>
+
+When using I<-i vmx>, this enables the ssh transport.
+See L</INPUT FROM VMWARE VMX> below.
+
=item B<-it> B<vddk>
Use VMware VDDK as a transport to copy the input disks. See
@@ -1347,9 +1370,23 @@ directory containing the files:
=head1 INPUT FROM VMWARE VMX
-Virt-v2v is able to import guests from VMware’s vmx files. This is
-useful where VMware virtual machines are stored on a separate NFS
-server and you are able to mount the NFS storage directly.
+Virt-v2v is able to import guests from VMware’s vmx files.
+
+This is useful in two cases:
+
+=over 4
+
+=item 1.
+
+VMware virtual machines are stored on a separate NFS server and you
+are able to mount the NFS storage directly.
+
+=item 2.
+
+You have enabled SSH access to the VMware ESXi hypervisor and there is
+a C</vmfs/volumes> folder containing the virtual machines.
+
+=back
If you find a folder of files called F<I<guest>.vmx>,
F<I<guest>.vmxf>, F<I<guest>.nvram> and one or more
F<.vmdk> disk
@@ -1375,28 +1412,50 @@ With other methods, virt-v2v tries to prevent concurrent
access, but
because the I<-i vmx> method works directly against the storage,
checking for concurrent access is not possible.
-=head2 VMX: MOUNT THE NFS STORAGE ON THE CONVERSION SERVER
+=head2 VMX: ACCESS TO THE STORAGE CONTAINING THE VMX AND VMDK FILES
-Virt-v2v must be able to access the F<.vmx> file and any local
-F<.vmdk> disks. Normally this means you must mount the NFS storage
-containing these files.
+If the vmx and vmdk files aren't available locally then you must
+I<either> mount the NFS storage on the conversion server I<or>
enable
+passwordless SSH on the ESXi hypervisor.
+
+=head3 VMX: Passwordless SSH using ssh-agent
+
+You must also use ssh-agent, and add your ssh public key to
+F</etc/ssh/keys-root/authorized_keys> (on the ESXi hypervisor).
+
+After doing this, you should check that passwordless access works from
+the virt-v2v server to the ESXi hypervisor. For example:
+
+ $ ssh root@esxi.example.com
+ [ logs straight into the shell, no password is requested ]
+
+Note that password-interactive and Kerberos access are B<not>
+supported. You B<have> to set up ssh access using ssh-agent and
+authorized_keys.
=head2 VMX: IMPORTING A GUEST
-To import a vmx file, do:
+To import a vmx file from a local file or NFS, do:
$ virt-v2v -i vmx guest.vmx -o local -os /var/tmp
+To import a vmx file over SSH, add I<-it ssh> to select the SSH
+transport and supply a remote C<server:/path> with optional username:
+
+ $ virt-v2v \
+ -i vmx -it ssh \
+ "root@esxi.example.com:/vmfs/volumes/datastore1/guest/guest.vmx"
\
+ -o local -os /var/tmp
+
Virt-v2v processes the vmx file and uses it to find the location of
any vmdk disks.
=head1 INPUT FROM VMWARE ESXi HYPERVISOR
-Virt-v2v cannot access an ESXi hypervisor directly. You should use
-the OVA or VMX methods above (see L</INPUT FROM VMWARE OVA> and/or
-L</INPUT FROM VMWARE VMX>) if possible, as it is much faster and
-requires much less disk space than the method described in this
-section.
+You should use the OVA or VMX methods above (see L</INPUT FROM VMWARE
+OVA> and/or L</INPUT FROM VMWARE VMX>) if possible, as it is much
+faster and requires much less disk space than the method described in
+this section.
You can use the L<virt-v2v-copy-to-local(1)> tool to copy the guest
off the hypervisor into a local file, and then convert it.
--
2.13.2
Pino Toscano
2017-Dec-08 16:55 UTC
Re: [Libguestfs] [PATCH v2 1/2] v2v: vddk: Switch to using ‘-it vddk’ to specify VDDK as input transport.
On Friday, 8 December 2017 17:02:29 CET Richard W.M. Jones wrote:> Previously the presence of the ‘--vddk <libdir>’ option magically > enabled VDDK mode. However we want to introduce other transports for > VMware conversions so this wasn't a very clean choice. > > With this commit you must use ‘-it vddk’ to specify that you want VDDK > as a disk transport. The previous ‘--vddk <libdir>’ option has been > renamed to ‘--vddk-libdir <libdir>’ to be consistent with the other > passthrough options, and it is no longer required. > > A new command line looks like: > > $ export PATH=/path/to/nbdkit:$PATH > $ virt-v2v \ > -ic 'vpx://root@vcenter.example.com/Datacenter/esxi?no_verify=1' \ > | -it vddk \ > | --vddk-libdir /path/to/vmware-vix-disklib-distrib \ > --vddk-thumbprint xx:xx:xx:... \ > "Windows 2003" \ > -o local -os /var/tmp > > where only the two lines marked with ‘|’ have changed. > --- > [...] > @@ -286,6 +289,12 @@ read the man page virt-v2v(1). > let input_conn = !input_conn in > let input_format = !input_format in > let input_mode = !input_mode in > + let input_transport > + match !input_transport with > + | None -> None > + | Some "vddk" -> Some `VDDK > + | Some transport -> > + error (f_"unknown input transport ‘-it %s’") transport inAnother option could be to switch from a polymorphic variant to a simple type, e.g.: type input_transport | None | VDDK of vddk_options | SSH So it will remove the extra vddk_options parameters in most functions where input_transport is passed, and easily support more options for future transports. The rest of the changes seem fine. -- Pino Toscano
Pino Toscano
2017-Dec-08 17:04 UTC
Re: [Libguestfs] [PATCH v2 2/2] v2v: -i vmx: Enhance VMX support with ability to use ‘-it ssh’ transport.
On Friday, 8 December 2017 17:02:30 CET Richard W.M. Jones wrote:> This enhances the existing VMX input support allowing it to be > used over SSH to the ESXi server. > > The original command (for local .vmx files) was: > > $ virt-v2v -i vmx guest.vmx -o local -os /var/tmp > > Adding ‘-it ssh’ and using an SSH remote path gives the new syntax: > > $ virt-v2v \ > -i vmx -it ssh \ > "root@esxi.example.com:/vmfs/volumes/datastore1/guest/guest.vmx" \ > -o local -os /var/tmp > > I anticipate that this input method will be widely used enough that it > deserves its own example at the top of the man page. > --- > [...] > +(* The single filename on the command line is intepreted either as > + * a local file or a remote SSH path (only if ‘-it ssh’). > + *) > +let vmx_source_of_arg input_transport arg > + match input_transport, arg with > + | None, arg -> File arg > + | Some `SSH, arg -> > + let arg1, path = String.split ":" arg in > + if path = "" then > + error (f_"expecting [user@]server:path with ‘-it ssh’"); > + let user, server = match String.split "@" arg1 with > + | server, "" -> None, server > + | user, server -> Some user, server in > + SSH (user, server, path)IMHO this new transport could use the standard URI syntax, so root@esxi.example.com/vmfs/volumes/datastore1/guest/guest.vmx instead of root@esxi.example.com:/vmfs/volumes/datastore1/guest/guest.vmx This way, Xml.parse_uri can be used to parse it, giving a better code for extracting all the parts (including the port, for example). The rest seems fine, at a quick glance. -- Pino Toscano
Maybe Matching Threads
- [PATCH v2 0/2] v2v: Add -it vddk and -it ssh flags.
- [PATCH] v2v: Implement SSH password authentication for Xen and VMX over SSH.
- [PATCH v3 00/12] v2v: Change virt-v2v to use nbdkit for input in several modes.
- [PATCH v2 00/11] v2v: Change virt-v2v to use nbdkit for input in several modes.
- [PATCH v4 00/12] v2v: Change virt-v2v to use nbdkit for input in several modes.