zoukankan      html  css  js  c++  java
  • qcow2磁盘加密及libvirt访问

     
    1.创建qcow2加密磁盘
    [root@Coc-5 test_encrypt]# qemu-img convert -f qcow2 -O qcow2 -o encryption template_xp encry1.qcow2
    Disk image 'encry1.qcow2' is encrypted.
    password:   //这里输入密码 123456


    [root@Coc-5 test_encrypt]# qemu-img info encry1.qcow2 
    image: encry1.qcow2
    file format: qcow2
    virtual size: 10G (10737418240 bytes)
    disk size: 2.1G
    encrypted: yes
    cluster_size: 65536


    2.virsh edit修改配置文件,将磁盘改为encry1.qcow2 


    3.virsh start 显示错误
    virsh # start instance-00000009
    error: Failed to start domain instance-00000009
    error: internal error: unable to execute QEMU command 'cont': 'drive-virtio-disk0' (/usr/local/noc/var/lib/noc/instances/test_encrypt/encry1.qcow2) is encrypted


    4.在本地创建一个秘钥xml
    [root@Coc-5 test_encrypt]# cat secret.xml 
    <secret ephemeral='no' private='yes'>
    </secret>


    5.define秘钥


    [root@Coc-5 test_encrypt]# virsh secret-define secret.xml 
    Secret 3f8475e9-868c-4543-a510-7f668ba83d46 created


    6.为秘钥设置密码
    密码就用上面的123456


    [root@Coc-5 test_encrypt]# MYSECRET=`printf %s "123456" | base64`
    [root@Coc-5 test_encrypt]# echo $MYSECRET
    MTIzNDU2
    [root@Noc-5 test_encrypt]# virsh secret-set-value 3f8475e9-868c-4543-a510-7f668ba83d46 $MYSECRET
    Secret value set


    7.在libvirt配置文件磁盘段中添加秘钥
    <encryption format='qcow'>
            <secret type='passphrase' uuid='3f8475e9-868c-4543-a510-7f668ba83d46'/>
          </encryption>


    8.运行虚拟机
    [root@Coc-5 test_encrypt]# virsh start instance-00000009
    Domain instance-00000009 started
  • 相关阅读:
    0 RabbitMQ概念
    java 排序
    spring整合redis(基于redisTemplate)
    http之content-type
    http协议讲解
    Java8 lambda 以及 Lambda在集合中的使用
    java中decimalFormat格式化数值
    找出占用的端口进程ID,并且杀死该进程
    CSS
    标签
  • 原文地址:https://www.cnblogs.com/gzxbkk/p/7793810.html
Copyright © 2011-2022 走看看