1bccb135eSPaolo BonziniDisk image file formats 2bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~ 3bccb135eSPaolo Bonzini 4bccb135eSPaolo BonziniQEMU supports many image file formats that can be used with VMs as well as with 5bccb135eSPaolo Bonziniany of the tools (like ``qemu-img``). This includes the preferred formats 6bccb135eSPaolo Bonziniraw and qcow2 as well as formats that are supported for compatibility with 7bccb135eSPaolo Bonziniolder QEMU versions or other hypervisors. 8bccb135eSPaolo Bonzini 9bccb135eSPaolo BonziniDepending on the image format, different options can be passed to 10bccb135eSPaolo Bonzini``qemu-img create`` and ``qemu-img convert`` using the ``-o`` option. 11bccb135eSPaolo BonziniThis section describes each format and the options that are supported for it. 12bccb135eSPaolo Bonzini 13bccb135eSPaolo Bonzini.. program:: image-formats 14bccb135eSPaolo Bonzini.. option:: raw 15bccb135eSPaolo Bonzini 16bccb135eSPaolo Bonzini Raw disk image format. This format has the advantage of 17bccb135eSPaolo Bonzini being simple and easily exportable to all other emulators. If your 18bccb135eSPaolo Bonzini file system supports *holes* (for example in ext2 or ext3 on 19bccb135eSPaolo Bonzini Linux or NTFS on Windows), then only the written sectors will reserve 20bccb135eSPaolo Bonzini space. Use ``qemu-img info`` to know the real size used by the 21bccb135eSPaolo Bonzini image or ``ls -ls`` on Unix/Linux. 22bccb135eSPaolo Bonzini 23bccb135eSPaolo Bonzini Supported options: 24bccb135eSPaolo Bonzini 25bccb135eSPaolo Bonzini .. program:: raw 26bccb135eSPaolo Bonzini .. option:: preallocation 27bccb135eSPaolo Bonzini 28bccb135eSPaolo Bonzini Preallocation mode (allowed values: ``off``, ``falloc``, 29bccb135eSPaolo Bonzini ``full``). ``falloc`` mode preallocates space for image by 30bccb135eSPaolo Bonzini calling ``posix_fallocate()``. ``full`` mode preallocates space 31bccb135eSPaolo Bonzini for image by writing data to underlying storage. This data may or 32bccb135eSPaolo Bonzini may not be zero, depending on the storage location. 33bccb135eSPaolo Bonzini 34bccb135eSPaolo Bonzini.. program:: image-formats 35bccb135eSPaolo Bonzini.. option:: qcow2 36bccb135eSPaolo Bonzini 37bccb135eSPaolo Bonzini QEMU image format, the most versatile format. Use it to have smaller 38bccb135eSPaolo Bonzini images (useful if your filesystem does not supports holes, for example 39bccb135eSPaolo Bonzini on Windows), zlib based compression and support of multiple VM 40bccb135eSPaolo Bonzini snapshots. 41bccb135eSPaolo Bonzini 42bccb135eSPaolo Bonzini Supported options: 43bccb135eSPaolo Bonzini 44bccb135eSPaolo Bonzini .. program:: qcow2 45bccb135eSPaolo Bonzini .. option:: compat 46bccb135eSPaolo Bonzini 47bccb135eSPaolo Bonzini Determines the qcow2 version to use. ``compat=0.10`` uses the 48bccb135eSPaolo Bonzini traditional image format that can be read by any QEMU since 0.10. 49bccb135eSPaolo Bonzini ``compat=1.1`` enables image format extensions that only QEMU 1.1 and 50bccb135eSPaolo Bonzini newer understand (this is the default). Amongst others, this includes 51bccb135eSPaolo Bonzini zero clusters, which allow efficient copy-on-read for sparse images. 52bccb135eSPaolo Bonzini 53bccb135eSPaolo Bonzini .. option:: backing_file 54bccb135eSPaolo Bonzini 55bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand) 56bccb135eSPaolo Bonzini 57bccb135eSPaolo Bonzini .. option:: backing_fmt 58bccb135eSPaolo Bonzini 59bccb135eSPaolo Bonzini Image format of the base image 60bccb135eSPaolo Bonzini 61bccb135eSPaolo Bonzini .. option:: encryption 62bccb135eSPaolo Bonzini 63bccb135eSPaolo Bonzini This option is deprecated and equivalent to ``encrypt.format=aes`` 64bccb135eSPaolo Bonzini 65bccb135eSPaolo Bonzini .. option:: encrypt.format 66bccb135eSPaolo Bonzini 67bccb135eSPaolo Bonzini If this is set to ``luks``, it requests that the qcow2 payload (not 68bccb135eSPaolo Bonzini qcow2 header) be encrypted using the LUKS format. The passphrase to 69bccb135eSPaolo Bonzini use to unlock the LUKS key slot is given by the ``encrypt.key-secret`` 70bccb135eSPaolo Bonzini parameter. LUKS encryption parameters can be tuned with the other 71bccb135eSPaolo Bonzini ``encrypt.*`` parameters. 72bccb135eSPaolo Bonzini 73bccb135eSPaolo Bonzini If this is set to ``aes``, the image is encrypted with 128-bit AES-CBC. 74bccb135eSPaolo Bonzini The encryption key is given by the ``encrypt.key-secret`` parameter. 75bccb135eSPaolo Bonzini This encryption format is considered to be flawed by modern cryptography 76bccb135eSPaolo Bonzini standards, suffering from a number of design problems: 77bccb135eSPaolo Bonzini 78bccb135eSPaolo Bonzini - The AES-CBC cipher is used with predictable initialization vectors based 79bccb135eSPaolo Bonzini on the sector number. This makes it vulnerable to chosen plaintext attacks 80bccb135eSPaolo Bonzini which can reveal the existence of encrypted data. 81bccb135eSPaolo Bonzini - The user passphrase is directly used as the encryption key. A poorly 82bccb135eSPaolo Bonzini chosen or short passphrase will compromise the security of the encryption. 83bccb135eSPaolo Bonzini - In the event of the passphrase being compromised there is no way to 84bccb135eSPaolo Bonzini change the passphrase to protect data in any qcow images. The files must 85bccb135eSPaolo Bonzini be cloned, using a different encryption passphrase in the new file. The 86bccb135eSPaolo Bonzini original file must then be securely erased using a program like shred, 87bccb135eSPaolo Bonzini though even this is ineffective with many modern storage technologies. 88bccb135eSPaolo Bonzini 89bccb135eSPaolo Bonzini The use of this is no longer supported in system emulators. Support only 90bccb135eSPaolo Bonzini remains in the command line utilities, for the purposes of data liberation 91bccb135eSPaolo Bonzini and interoperability with old versions of QEMU. The ``luks`` format 92bccb135eSPaolo Bonzini should be used instead. 93bccb135eSPaolo Bonzini 94bccb135eSPaolo Bonzini .. option:: encrypt.key-secret 95bccb135eSPaolo Bonzini 96bccb135eSPaolo Bonzini Provides the ID of a ``secret`` object that contains the passphrase 97bccb135eSPaolo Bonzini (``encrypt.format=luks``) or encryption key (``encrypt.format=aes``). 98bccb135eSPaolo Bonzini 99bccb135eSPaolo Bonzini .. option:: encrypt.cipher-alg 100bccb135eSPaolo Bonzini 101bccb135eSPaolo Bonzini Name of the cipher algorithm and key length. Currently defaults 102bccb135eSPaolo Bonzini to ``aes-256``. Only used when ``encrypt.format=luks``. 103bccb135eSPaolo Bonzini 104bccb135eSPaolo Bonzini .. option:: encrypt.cipher-mode 105bccb135eSPaolo Bonzini 106bccb135eSPaolo Bonzini Name of the encryption mode to use. Currently defaults to ``xts``. 107bccb135eSPaolo Bonzini Only used when ``encrypt.format=luks``. 108bccb135eSPaolo Bonzini 109bccb135eSPaolo Bonzini .. option:: encrypt.ivgen-alg 110bccb135eSPaolo Bonzini 111bccb135eSPaolo Bonzini Name of the initialization vector generator algorithm. Currently defaults 112bccb135eSPaolo Bonzini to ``plain64``. Only used when ``encrypt.format=luks``. 113bccb135eSPaolo Bonzini 114bccb135eSPaolo Bonzini .. option:: encrypt.ivgen-hash-alg 115bccb135eSPaolo Bonzini 116bccb135eSPaolo Bonzini Name of the hash algorithm to use with the initialization vector generator 117bccb135eSPaolo Bonzini (if required). Defaults to ``sha256``. Only used when ``encrypt.format=luks``. 118bccb135eSPaolo Bonzini 119bccb135eSPaolo Bonzini .. option:: encrypt.hash-alg 120bccb135eSPaolo Bonzini 121bccb135eSPaolo Bonzini Name of the hash algorithm to use for PBKDF algorithm 122bccb135eSPaolo Bonzini Defaults to ``sha256``. Only used when ``encrypt.format=luks``. 123bccb135eSPaolo Bonzini 124bccb135eSPaolo Bonzini .. option:: encrypt.iter-time 125bccb135eSPaolo Bonzini 126bccb135eSPaolo Bonzini Amount of time, in milliseconds, to use for PBKDF algorithm per key slot. 127bccb135eSPaolo Bonzini Defaults to ``2000``. Only used when ``encrypt.format=luks``. 128bccb135eSPaolo Bonzini 129bccb135eSPaolo Bonzini .. option:: cluster_size 130bccb135eSPaolo Bonzini 131bccb135eSPaolo Bonzini Changes the qcow2 cluster size (must be between 512 and 2M). Smaller cluster 132bccb135eSPaolo Bonzini sizes can improve the image file size whereas larger cluster sizes generally 133bccb135eSPaolo Bonzini provide better performance. 134bccb135eSPaolo Bonzini 135bccb135eSPaolo Bonzini .. option:: preallocation 136bccb135eSPaolo Bonzini 137bccb135eSPaolo Bonzini Preallocation mode (allowed values: ``off``, ``metadata``, ``falloc``, 138bccb135eSPaolo Bonzini ``full``). An image with preallocated metadata is initially larger but can 139bccb135eSPaolo Bonzini improve performance when the image needs to grow. ``falloc`` and ``full`` 140bccb135eSPaolo Bonzini preallocations are like the same options of ``raw`` format, but sets up 141bccb135eSPaolo Bonzini metadata also. 142bccb135eSPaolo Bonzini 143bccb135eSPaolo Bonzini .. option:: lazy_refcounts 144bccb135eSPaolo Bonzini 145bccb135eSPaolo Bonzini If this option is set to ``on``, reference count updates are postponed with 146bccb135eSPaolo Bonzini the goal of avoiding metadata I/O and improving performance. This is 147bccb135eSPaolo Bonzini particularly interesting with :option:`cache=writethrough` which doesn't batch 148bccb135eSPaolo Bonzini metadata updates. The tradeoff is that after a host crash, the reference count 149bccb135eSPaolo Bonzini tables must be rebuilt, i.e. on the next open an (automatic) ``qemu-img 150bccb135eSPaolo Bonzini check -r all`` is required, which may take some time. 151bccb135eSPaolo Bonzini 152bccb135eSPaolo Bonzini This option can only be enabled if ``compat=1.1`` is specified. 153bccb135eSPaolo Bonzini 154bccb135eSPaolo Bonzini .. option:: nocow 155bccb135eSPaolo Bonzini 156bccb135eSPaolo Bonzini If this option is set to ``on``, it will turn off COW of the file. It's only 157bccb135eSPaolo Bonzini valid on btrfs, no effect on other file systems. 158bccb135eSPaolo Bonzini 159bccb135eSPaolo Bonzini Btrfs has low performance when hosting a VM image file, even more 160bccb135eSPaolo Bonzini when the guest on the VM also using btrfs as file system. Turning off 161bccb135eSPaolo Bonzini COW is a way to mitigate this bad performance. Generally there are two 162bccb135eSPaolo Bonzini ways to turn off COW on btrfs: 163bccb135eSPaolo Bonzini 164bccb135eSPaolo Bonzini - Disable it by mounting with nodatacow, then all newly created files 165bccb135eSPaolo Bonzini will be NOCOW. 166bccb135eSPaolo Bonzini - For an empty file, add the NOCOW file attribute. That's what this 167bccb135eSPaolo Bonzini option does. 168bccb135eSPaolo Bonzini 169bccb135eSPaolo Bonzini Note: this option is only valid to new or empty files. If there is 170bccb135eSPaolo Bonzini an existing file which is COW and has data blocks already, it couldn't 171bccb135eSPaolo Bonzini be changed to NOCOW by setting ``nocow=on``. One can issue ``lsattr 172bccb135eSPaolo Bonzini filename`` to check if the NOCOW flag is set or not (Capital 'C' is 173bccb135eSPaolo Bonzini NOCOW flag). 174bccb135eSPaolo Bonzini 175bccb135eSPaolo Bonzini.. program:: image-formats 176bccb135eSPaolo Bonzini.. option:: qed 177bccb135eSPaolo Bonzini 178bccb135eSPaolo Bonzini Old QEMU image format with support for backing files and compact image files 179bccb135eSPaolo Bonzini (when your filesystem or transport medium does not support holes). 180bccb135eSPaolo Bonzini 181bccb135eSPaolo Bonzini When converting QED images to qcow2, you might want to consider using the 182bccb135eSPaolo Bonzini ``lazy_refcounts=on`` option to get a more QED-like behaviour. 183bccb135eSPaolo Bonzini 184bccb135eSPaolo Bonzini Supported options: 185bccb135eSPaolo Bonzini 186bccb135eSPaolo Bonzini .. program:: qed 187bccb135eSPaolo Bonzini .. option:: backing_file 188bccb135eSPaolo Bonzini 189bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand). 190bccb135eSPaolo Bonzini 191bccb135eSPaolo Bonzini .. option:: backing_fmt 192bccb135eSPaolo Bonzini 193bccb135eSPaolo Bonzini Image file format of backing file (optional). Useful if the format cannot be 194bccb135eSPaolo Bonzini autodetected because it has no header, like some vhd/vpc files. 195bccb135eSPaolo Bonzini 196bccb135eSPaolo Bonzini .. option:: cluster_size 197bccb135eSPaolo Bonzini 198bccb135eSPaolo Bonzini Changes the cluster size (must be power-of-2 between 4K and 64K). Smaller 199bccb135eSPaolo Bonzini cluster sizes can improve the image file size whereas larger cluster sizes 200bccb135eSPaolo Bonzini generally provide better performance. 201bccb135eSPaolo Bonzini 202bccb135eSPaolo Bonzini .. option:: table_size 203bccb135eSPaolo Bonzini 204bccb135eSPaolo Bonzini Changes the number of clusters per L1/L2 table (must be 205bccb135eSPaolo Bonzini power-of-2 between 1 and 16). There is normally no need to 206bccb135eSPaolo Bonzini change this value but this option can between used for 207bccb135eSPaolo Bonzini performance benchmarking. 208bccb135eSPaolo Bonzini 209bccb135eSPaolo Bonzini.. program:: image-formats 210bccb135eSPaolo Bonzini.. option:: qcow 211bccb135eSPaolo Bonzini 212bccb135eSPaolo Bonzini Old QEMU image format with support for backing files, compact image files, 213bccb135eSPaolo Bonzini encryption and compression. 214bccb135eSPaolo Bonzini 215bccb135eSPaolo Bonzini Supported options: 216bccb135eSPaolo Bonzini 217bccb135eSPaolo Bonzini .. program:: qcow 218bccb135eSPaolo Bonzini .. option:: backing_file 219bccb135eSPaolo Bonzini 220bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand) 221bccb135eSPaolo Bonzini 222bccb135eSPaolo Bonzini .. option:: encryption 223bccb135eSPaolo Bonzini 224bccb135eSPaolo Bonzini This option is deprecated and equivalent to ``encrypt.format=aes`` 225bccb135eSPaolo Bonzini 226bccb135eSPaolo Bonzini .. option:: encrypt.format 227bccb135eSPaolo Bonzini 228bccb135eSPaolo Bonzini If this is set to ``aes``, the image is encrypted with 128-bit AES-CBC. 229bccb135eSPaolo Bonzini The encryption key is given by the ``encrypt.key-secret`` parameter. 230bccb135eSPaolo Bonzini This encryption format is considered to be flawed by modern cryptography 231bccb135eSPaolo Bonzini standards, suffering from a number of design problems enumerated previously 232bccb135eSPaolo Bonzini against the ``qcow2`` image format. 233bccb135eSPaolo Bonzini 234bccb135eSPaolo Bonzini The use of this is no longer supported in system emulators. Support only 235bccb135eSPaolo Bonzini remains in the command line utilities, for the purposes of data liberation 236bccb135eSPaolo Bonzini and interoperability with old versions of QEMU. 237bccb135eSPaolo Bonzini 238bccb135eSPaolo Bonzini Users requiring native encryption should use the ``qcow2`` format 239bccb135eSPaolo Bonzini instead with ``encrypt.format=luks``. 240bccb135eSPaolo Bonzini 241bccb135eSPaolo Bonzini .. option:: encrypt.key-secret 242bccb135eSPaolo Bonzini 243bccb135eSPaolo Bonzini Provides the ID of a ``secret`` object that contains the encryption 244bccb135eSPaolo Bonzini key (``encrypt.format=aes``). 245bccb135eSPaolo Bonzini 246bccb135eSPaolo Bonzini.. program:: image-formats 247bccb135eSPaolo Bonzini.. option:: luks 248bccb135eSPaolo Bonzini 249bccb135eSPaolo Bonzini LUKS v1 encryption format, compatible with Linux dm-crypt/cryptsetup 250bccb135eSPaolo Bonzini 251bccb135eSPaolo Bonzini Supported options: 252bccb135eSPaolo Bonzini 253bccb135eSPaolo Bonzini .. program:: luks 254bccb135eSPaolo Bonzini .. option:: key-secret 255bccb135eSPaolo Bonzini 256bccb135eSPaolo Bonzini Provides the ID of a ``secret`` object that contains the passphrase. 257bccb135eSPaolo Bonzini 258bccb135eSPaolo Bonzini .. option:: cipher-alg 259bccb135eSPaolo Bonzini 260bccb135eSPaolo Bonzini Name of the cipher algorithm and key length. Currently defaults 261bccb135eSPaolo Bonzini to ``aes-256``. 262bccb135eSPaolo Bonzini 263bccb135eSPaolo Bonzini .. option:: cipher-mode 264bccb135eSPaolo Bonzini 265bccb135eSPaolo Bonzini Name of the encryption mode to use. Currently defaults to ``xts``. 266bccb135eSPaolo Bonzini 267bccb135eSPaolo Bonzini .. option:: ivgen-alg 268bccb135eSPaolo Bonzini 269bccb135eSPaolo Bonzini Name of the initialization vector generator algorithm. Currently defaults 270bccb135eSPaolo Bonzini to ``plain64``. 271bccb135eSPaolo Bonzini 272bccb135eSPaolo Bonzini .. option:: ivgen-hash-alg 273bccb135eSPaolo Bonzini 274bccb135eSPaolo Bonzini Name of the hash algorithm to use with the initialization vector generator 275bccb135eSPaolo Bonzini (if required). Defaults to ``sha256``. 276bccb135eSPaolo Bonzini 277bccb135eSPaolo Bonzini .. option:: hash-alg 278bccb135eSPaolo Bonzini 279bccb135eSPaolo Bonzini Name of the hash algorithm to use for PBKDF algorithm 280bccb135eSPaolo Bonzini Defaults to ``sha256``. 281bccb135eSPaolo Bonzini 282bccb135eSPaolo Bonzini .. option:: iter-time 283bccb135eSPaolo Bonzini 284bccb135eSPaolo Bonzini Amount of time, in milliseconds, to use for PBKDF algorithm per key slot. 285bccb135eSPaolo Bonzini Defaults to ``2000``. 286bccb135eSPaolo Bonzini 287bccb135eSPaolo Bonzini.. program:: image-formats 288bccb135eSPaolo Bonzini.. option:: vdi 289bccb135eSPaolo Bonzini 290bccb135eSPaolo Bonzini VirtualBox 1.1 compatible image format. 291bccb135eSPaolo Bonzini 292bccb135eSPaolo Bonzini Supported options: 293bccb135eSPaolo Bonzini 294bccb135eSPaolo Bonzini .. program:: vdi 295bccb135eSPaolo Bonzini .. option:: static 296bccb135eSPaolo Bonzini 297bccb135eSPaolo Bonzini If this option is set to ``on``, the image is created with metadata 298bccb135eSPaolo Bonzini preallocation. 299bccb135eSPaolo Bonzini 300bccb135eSPaolo Bonzini.. program:: image-formats 301bccb135eSPaolo Bonzini.. option:: vmdk 302bccb135eSPaolo Bonzini 303bccb135eSPaolo Bonzini VMware 3 and 4 compatible image format. 304bccb135eSPaolo Bonzini 305bccb135eSPaolo Bonzini Supported options: 306bccb135eSPaolo Bonzini 307bccb135eSPaolo Bonzini .. program: vmdk 308bccb135eSPaolo Bonzini .. option:: backing_file 309bccb135eSPaolo Bonzini 310bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand). 311bccb135eSPaolo Bonzini 312bccb135eSPaolo Bonzini .. option:: compat6 313bccb135eSPaolo Bonzini 314bccb135eSPaolo Bonzini Create a VMDK version 6 image (instead of version 4) 315bccb135eSPaolo Bonzini 316bccb135eSPaolo Bonzini .. option:: hwversion 317bccb135eSPaolo Bonzini 318bccb135eSPaolo Bonzini Specify vmdk virtual hardware version. Compat6 flag cannot be enabled 319bccb135eSPaolo Bonzini if hwversion is specified. 320bccb135eSPaolo Bonzini 321bccb135eSPaolo Bonzini .. option:: subformat 322bccb135eSPaolo Bonzini 323bccb135eSPaolo Bonzini Specifies which VMDK subformat to use. Valid options are 324bccb135eSPaolo Bonzini ``monolithicSparse`` (default), 325bccb135eSPaolo Bonzini ``monolithicFlat``, 326bccb135eSPaolo Bonzini ``twoGbMaxExtentSparse``, 327bccb135eSPaolo Bonzini ``twoGbMaxExtentFlat`` and 328bccb135eSPaolo Bonzini ``streamOptimized``. 329bccb135eSPaolo Bonzini 330bccb135eSPaolo Bonzini.. program:: image-formats 331bccb135eSPaolo Bonzini.. option:: vpc 332bccb135eSPaolo Bonzini 333bccb135eSPaolo Bonzini VirtualPC compatible image format (VHD). 334bccb135eSPaolo Bonzini 335bccb135eSPaolo Bonzini Supported options: 336bccb135eSPaolo Bonzini 337bccb135eSPaolo Bonzini .. program:: vpc 338bccb135eSPaolo Bonzini .. option:: subformat 339bccb135eSPaolo Bonzini 340bccb135eSPaolo Bonzini Specifies which VHD subformat to use. Valid options are 341bccb135eSPaolo Bonzini ``dynamic`` (default) and ``fixed``. 342bccb135eSPaolo Bonzini 343bccb135eSPaolo Bonzini.. program:: image-formats 344bccb135eSPaolo Bonzini.. option:: VHDX 345bccb135eSPaolo Bonzini 346bccb135eSPaolo Bonzini Hyper-V compatible image format (VHDX). 347bccb135eSPaolo Bonzini 348bccb135eSPaolo Bonzini Supported options: 349bccb135eSPaolo Bonzini 350bccb135eSPaolo Bonzini .. program:: VHDX 351bccb135eSPaolo Bonzini .. option:: subformat 352bccb135eSPaolo Bonzini 353bccb135eSPaolo Bonzini Specifies which VHDX subformat to use. Valid options are 354bccb135eSPaolo Bonzini ``dynamic`` (default) and ``fixed``. 355bccb135eSPaolo Bonzini 356bccb135eSPaolo Bonzini .. option:: block_state_zero 357bccb135eSPaolo Bonzini 358bccb135eSPaolo Bonzini Force use of payload blocks of type 'ZERO'. Can be set to ``on`` (default) 359bccb135eSPaolo Bonzini or ``off``. When set to ``off``, new blocks will be created as 360bccb135eSPaolo Bonzini ``PAYLOAD_BLOCK_NOT_PRESENT``, which means parsers are free to return 361bccb135eSPaolo Bonzini arbitrary data for those blocks. Do not set to ``off`` when using 362bccb135eSPaolo Bonzini ``qemu-img convert`` with ``subformat=dynamic``. 363bccb135eSPaolo Bonzini 364bccb135eSPaolo Bonzini .. option:: block_size 365bccb135eSPaolo Bonzini 366bccb135eSPaolo Bonzini Block size; min 1 MB, max 256 MB. 0 means auto-calculate based on 367bccb135eSPaolo Bonzini image size. 368bccb135eSPaolo Bonzini 369bccb135eSPaolo Bonzini .. option:: log_size 370bccb135eSPaolo Bonzini 371bccb135eSPaolo Bonzini Log size; min 1 MB. 372bccb135eSPaolo Bonzini 373bccb135eSPaolo BonziniRead-only formats 374bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~ 375bccb135eSPaolo Bonzini 376bccb135eSPaolo BonziniMore disk image file formats are supported in a read-only mode. 377bccb135eSPaolo Bonzini 378bccb135eSPaolo Bonzini.. program:: image-formats 379bccb135eSPaolo Bonzini.. option:: bochs 380bccb135eSPaolo Bonzini 381bccb135eSPaolo Bonzini Bochs images of ``growing`` type. 382bccb135eSPaolo Bonzini 383bccb135eSPaolo Bonzini.. program:: image-formats 384bccb135eSPaolo Bonzini.. option:: cloop 385bccb135eSPaolo Bonzini 386bccb135eSPaolo Bonzini Linux Compressed Loop image, useful only to reuse directly compressed 387bccb135eSPaolo Bonzini CD-ROM images present for example in the Knoppix CD-ROMs. 388bccb135eSPaolo Bonzini 389bccb135eSPaolo Bonzini.. program:: image-formats 390bccb135eSPaolo Bonzini.. option:: dmg 391bccb135eSPaolo Bonzini 392bccb135eSPaolo Bonzini Apple disk image. 393bccb135eSPaolo Bonzini 394bccb135eSPaolo Bonzini.. program:: image-formats 395bccb135eSPaolo Bonzini.. option:: parallels 396bccb135eSPaolo Bonzini 397bccb135eSPaolo Bonzini Parallels disk image format. 398bccb135eSPaolo Bonzini 399bccb135eSPaolo BonziniUsing host drives 400bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~ 401bccb135eSPaolo Bonzini 402bccb135eSPaolo BonziniIn addition to disk image files, QEMU can directly access host 403bccb135eSPaolo Bonzinidevices. We describe here the usage for QEMU version >= 0.8.3. 404bccb135eSPaolo Bonzini 405bccb135eSPaolo BonziniLinux 406bccb135eSPaolo Bonzini^^^^^ 407bccb135eSPaolo Bonzini 408bccb135eSPaolo BonziniOn Linux, you can directly use the host device filename instead of a 409bccb135eSPaolo Bonzinidisk image filename provided you have enough privileges to access 410bccb135eSPaolo Bonziniit. For example, use ``/dev/cdrom`` to access to the CDROM. 411bccb135eSPaolo Bonzini 412bccb135eSPaolo BonziniCD 413bccb135eSPaolo Bonzini You can specify a CDROM device even if no CDROM is loaded. QEMU has 414bccb135eSPaolo Bonzini specific code to detect CDROM insertion or removal. CDROM ejection by 415bccb135eSPaolo Bonzini the guest OS is supported. Currently only data CDs are supported. 416bccb135eSPaolo Bonzini 417bccb135eSPaolo BonziniFloppy 418bccb135eSPaolo Bonzini You can specify a floppy device even if no floppy is loaded. Floppy 419bccb135eSPaolo Bonzini removal is currently not detected accurately (if you change floppy 420bccb135eSPaolo Bonzini without doing floppy access while the floppy is not loaded, the guest 421bccb135eSPaolo Bonzini OS will think that the same floppy is loaded). 422bccb135eSPaolo Bonzini Use of the host's floppy device is deprecated, and support for it will 423bccb135eSPaolo Bonzini be removed in a future release. 424bccb135eSPaolo Bonzini 425bccb135eSPaolo BonziniHard disks 426bccb135eSPaolo Bonzini Hard disks can be used. Normally you must specify the whole disk 427bccb135eSPaolo Bonzini (``/dev/hdb`` instead of ``/dev/hdb1``) so that the guest OS can 428bccb135eSPaolo Bonzini see it as a partitioned disk. WARNING: unless you know what you do, it 429bccb135eSPaolo Bonzini is better to only make READ-ONLY accesses to the hard disk otherwise 430bccb135eSPaolo Bonzini you may corrupt your host data (use the ``-snapshot`` command 431bccb135eSPaolo Bonzini line option or modify the device permissions accordingly). 432bccb135eSPaolo Bonzini 433*90fd9746SSam LiZoned block devices 434*90fd9746SSam Li Zoned block devices can be passed through to the guest if the emulated storage 435*90fd9746SSam Li controller supports zoned storage. Use ``--blockdev host_device, 436*90fd9746SSam Li node-name=drive0,filename=/dev/nullb0,cache.direct=on`` to pass through 437*90fd9746SSam Li ``/dev/nullb0`` as ``drive0``. 438*90fd9746SSam Li 439bccb135eSPaolo BonziniWindows 440bccb135eSPaolo Bonzini^^^^^^^ 441bccb135eSPaolo Bonzini 442bccb135eSPaolo BonziniCD 443bccb135eSPaolo Bonzini The preferred syntax is the drive letter (e.g. ``d:``). The 444bccb135eSPaolo Bonzini alternate syntax ``\\.\d:`` is supported. ``/dev/cdrom`` is 445bccb135eSPaolo Bonzini supported as an alias to the first CDROM drive. 446bccb135eSPaolo Bonzini 447bccb135eSPaolo Bonzini Currently there is no specific code to handle removable media, so it 448bccb135eSPaolo Bonzini is better to use the ``change`` or ``eject`` monitor commands to 449bccb135eSPaolo Bonzini change or eject media. 450bccb135eSPaolo Bonzini 451bccb135eSPaolo BonziniHard disks 452bccb135eSPaolo Bonzini Hard disks can be used with the syntax: ``\\.\PhysicalDriveN`` 453bccb135eSPaolo Bonzini where *N* is the drive number (0 is the first hard disk). 454bccb135eSPaolo Bonzini 455bccb135eSPaolo Bonzini WARNING: unless you know what you do, it is better to only make 456bccb135eSPaolo Bonzini READ-ONLY accesses to the hard disk otherwise you may corrupt your 457bccb135eSPaolo Bonzini host data (use the ``-snapshot`` command line so that the 458bccb135eSPaolo Bonzini modifications are written in a temporary file). 459bccb135eSPaolo Bonzini 460bccb135eSPaolo BonziniMac OS X 461bccb135eSPaolo Bonzini^^^^^^^^ 462bccb135eSPaolo Bonzini 463bccb135eSPaolo Bonzini``/dev/cdrom`` is an alias to the first CDROM. 464bccb135eSPaolo Bonzini 465bccb135eSPaolo BonziniCurrently there is no specific code to handle removable media, so it 466bccb135eSPaolo Bonziniis better to use the ``change`` or ``eject`` monitor commands to 467bccb135eSPaolo Bonzinichange or eject media. 468bccb135eSPaolo Bonzini 469bccb135eSPaolo BonziniVirtual FAT disk images 470bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~ 471bccb135eSPaolo Bonzini 472bccb135eSPaolo BonziniQEMU can automatically create a virtual FAT disk image from a 473bccb135eSPaolo Bonzinidirectory tree. In order to use it, just type: 474bccb135eSPaolo Bonzini 475bccb135eSPaolo Bonzini.. parsed-literal:: 476bccb135eSPaolo Bonzini 477bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb fat:/my_directory 478bccb135eSPaolo Bonzini 479bccb135eSPaolo BonziniThen you access access to all the files in the ``/my_directory`` 480bccb135eSPaolo Bonzinidirectory without having to copy them in a disk image or to export 481bccb135eSPaolo Bonzinithem via SAMBA or NFS. The default access is *read-only*. 482bccb135eSPaolo Bonzini 483bccb135eSPaolo BonziniFloppies can be emulated with the ``:floppy:`` option: 484bccb135eSPaolo Bonzini 485bccb135eSPaolo Bonzini.. parsed-literal:: 486bccb135eSPaolo Bonzini 487bccb135eSPaolo Bonzini |qemu_system| linux.img -fda fat:floppy:/my_directory 488bccb135eSPaolo Bonzini 489bccb135eSPaolo BonziniA read/write support is available for testing (beta stage) with the 490bccb135eSPaolo Bonzini``:rw:`` option: 491bccb135eSPaolo Bonzini 492bccb135eSPaolo Bonzini.. parsed-literal:: 493bccb135eSPaolo Bonzini 494bccb135eSPaolo Bonzini |qemu_system| linux.img -fda fat:floppy:rw:/my_directory 495bccb135eSPaolo Bonzini 496bccb135eSPaolo BonziniWhat you should *never* do: 497bccb135eSPaolo Bonzini 498bccb135eSPaolo Bonzini- use non-ASCII filenames 499bccb135eSPaolo Bonzini- use "-snapshot" together with ":rw:" 500bccb135eSPaolo Bonzini- expect it to work when loadvm'ing 501bccb135eSPaolo Bonzini- write to the FAT directory on the host system while accessing it with the guest system 502bccb135eSPaolo Bonzini 503bccb135eSPaolo BonziniNBD access 504bccb135eSPaolo Bonzini~~~~~~~~~~ 505bccb135eSPaolo Bonzini 506bccb135eSPaolo BonziniQEMU can access directly to block device exported using the Network Block Device 507bccb135eSPaolo Bonziniprotocol. 508bccb135eSPaolo Bonzini 509bccb135eSPaolo Bonzini.. parsed-literal:: 510bccb135eSPaolo Bonzini 511bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb nbd://my_nbd_server.mydomain.org:1024/ 512bccb135eSPaolo Bonzini 513bccb135eSPaolo BonziniIf the NBD server is located on the same host, you can use an unix socket instead 514bccb135eSPaolo Bonziniof an inet socket: 515bccb135eSPaolo Bonzini 516bccb135eSPaolo Bonzini.. parsed-literal:: 517bccb135eSPaolo Bonzini 518bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb nbd+unix://?socket=/tmp/my_socket 519bccb135eSPaolo Bonzini 520c5ba6219SPhilippe Mathieu-DaudéIn this case, the block device must be exported using ``qemu-nbd``: 521bccb135eSPaolo Bonzini 522bccb135eSPaolo Bonzini.. parsed-literal:: 523bccb135eSPaolo Bonzini 524bccb135eSPaolo Bonzini qemu-nbd --socket=/tmp/my_socket my_disk.qcow2 525bccb135eSPaolo Bonzini 526c5ba6219SPhilippe Mathieu-DaudéThe use of ``qemu-nbd`` allows sharing of a disk between several guests: 527bccb135eSPaolo Bonzini 528bccb135eSPaolo Bonzini.. parsed-literal:: 529bccb135eSPaolo Bonzini 530bccb135eSPaolo Bonzini qemu-nbd --socket=/tmp/my_socket --share=2 my_disk.qcow2 531bccb135eSPaolo Bonzini 532bccb135eSPaolo Bonziniand then you can use it with two guests: 533bccb135eSPaolo Bonzini 534bccb135eSPaolo Bonzini.. parsed-literal:: 535bccb135eSPaolo Bonzini 536bccb135eSPaolo Bonzini |qemu_system| linux1.img -hdb nbd+unix://?socket=/tmp/my_socket 537bccb135eSPaolo Bonzini |qemu_system| linux2.img -hdb nbd+unix://?socket=/tmp/my_socket 538bccb135eSPaolo Bonzini 539c5ba6219SPhilippe Mathieu-DaudéIf the ``nbd-server`` uses named exports (supported since NBD 2.9.18, or with QEMU's 540bccb135eSPaolo Bonziniown embedded NBD server), you must specify an export name in the URI: 541bccb135eSPaolo Bonzini 542bccb135eSPaolo Bonzini.. parsed-literal:: 543bccb135eSPaolo Bonzini 544bccb135eSPaolo Bonzini |qemu_system| -cdrom nbd://localhost/debian-500-ppc-netinst 545bccb135eSPaolo Bonzini |qemu_system| -cdrom nbd://localhost/openSUSE-11.1-ppc-netinst 546bccb135eSPaolo Bonzini 547bccb135eSPaolo BonziniThe URI syntax for NBD is supported since QEMU 1.3. An alternative syntax is 548bccb135eSPaolo Bonzinialso available. Here are some example of the older syntax: 549bccb135eSPaolo Bonzini 550bccb135eSPaolo Bonzini.. parsed-literal:: 551bccb135eSPaolo Bonzini 552bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb nbd:my_nbd_server.mydomain.org:1024 553bccb135eSPaolo Bonzini |qemu_system| linux2.img -hdb nbd:unix:/tmp/my_socket 554bccb135eSPaolo Bonzini |qemu_system| -cdrom nbd:localhost:10809:exportname=debian-500-ppc-netinst 555bccb135eSPaolo Bonzini 556bccb135eSPaolo BonziniiSCSI LUNs 557bccb135eSPaolo Bonzini~~~~~~~~~~ 558bccb135eSPaolo Bonzini 559bccb135eSPaolo BonziniiSCSI is a popular protocol used to access SCSI devices across a computer 560bccb135eSPaolo Bonzininetwork. 561bccb135eSPaolo Bonzini 562bccb135eSPaolo BonziniThere are two different ways iSCSI devices can be used by QEMU. 563bccb135eSPaolo Bonzini 564bccb135eSPaolo BonziniThe first method is to mount the iSCSI LUN on the host, and make it appear as 565bccb135eSPaolo Bonziniany other ordinary SCSI device on the host and then to access this device as a 566bccb135eSPaolo Bonzini/dev/sd device from QEMU. How to do this differs between host OSes. 567bccb135eSPaolo Bonzini 568bccb135eSPaolo BonziniThe second method involves using the iSCSI initiator that is built into 569bccb135eSPaolo BonziniQEMU. This provides a mechanism that works the same way regardless of which 570bccb135eSPaolo Bonzinihost OS you are running QEMU on. This section will describe this second method 571bccb135eSPaolo Bonziniof using iSCSI together with QEMU. 572bccb135eSPaolo Bonzini 573bccb135eSPaolo BonziniIn QEMU, iSCSI devices are described using special iSCSI URLs. URL syntax: 574bccb135eSPaolo Bonzini 575bccb135eSPaolo Bonzini:: 576bccb135eSPaolo Bonzini 577bccb135eSPaolo Bonzini iscsi://[<username>[%<password>]@]<host>[:<port>]/<target-iqn-name>/<lun> 578bccb135eSPaolo Bonzini 579bccb135eSPaolo BonziniUsername and password are optional and only used if your target is set up 580bccb135eSPaolo Bonziniusing CHAP authentication for access control. 581bccb135eSPaolo BonziniAlternatively the username and password can also be set via environment 582bccb135eSPaolo Bonzinivariables to have these not show up in the process list: 583bccb135eSPaolo Bonzini 584bccb135eSPaolo Bonzini:: 585bccb135eSPaolo Bonzini 586bccb135eSPaolo Bonzini export LIBISCSI_CHAP_USERNAME=<username> 587bccb135eSPaolo Bonzini export LIBISCSI_CHAP_PASSWORD=<password> 588bccb135eSPaolo Bonzini iscsi://<host>/<target-iqn-name>/<lun> 589bccb135eSPaolo Bonzini 590bccb135eSPaolo BonziniVarious session related parameters can be set via special options, either 591bccb135eSPaolo Bonziniin a configuration file provided via '-readconfig' or directly on the 592bccb135eSPaolo Bonzinicommand line. 593bccb135eSPaolo Bonzini 594bccb135eSPaolo BonziniIf the initiator-name is not specified qemu will use a default name 595bccb135eSPaolo Bonziniof 'iqn.2008-11.org.linux-kvm[:<uuid>'] where <uuid> is the UUID of the 596bccb135eSPaolo Bonzinivirtual machine. If the UUID is not specified qemu will use 597bccb135eSPaolo Bonzini'iqn.2008-11.org.linux-kvm[:<name>'] where <name> is the name of the 598bccb135eSPaolo Bonzinivirtual machine. 599bccb135eSPaolo Bonzini 600bccb135eSPaolo BonziniSetting a specific initiator name to use when logging in to the target: 601bccb135eSPaolo Bonzini 602bccb135eSPaolo Bonzini:: 603bccb135eSPaolo Bonzini 604bccb135eSPaolo Bonzini -iscsi initiator-name=iqn.qemu.test:my-initiator 605bccb135eSPaolo Bonzini 606bccb135eSPaolo BonziniControlling which type of header digest to negotiate with the target: 607bccb135eSPaolo Bonzini 608bccb135eSPaolo Bonzini:: 609bccb135eSPaolo Bonzini 610bccb135eSPaolo Bonzini -iscsi header-digest=CRC32C|CRC32C-NONE|NONE-CRC32C|NONE 611bccb135eSPaolo Bonzini 612bccb135eSPaolo BonziniThese can also be set via a configuration file: 613bccb135eSPaolo Bonzini 614bccb135eSPaolo Bonzini:: 615bccb135eSPaolo Bonzini 616bccb135eSPaolo Bonzini [iscsi] 617bccb135eSPaolo Bonzini user = "CHAP username" 618bccb135eSPaolo Bonzini password = "CHAP password" 619bccb135eSPaolo Bonzini initiator-name = "iqn.qemu.test:my-initiator" 620bccb135eSPaolo Bonzini # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE 621bccb135eSPaolo Bonzini header-digest = "CRC32C" 622bccb135eSPaolo Bonzini 623bccb135eSPaolo BonziniSetting the target name allows different options for different targets: 624bccb135eSPaolo Bonzini 625bccb135eSPaolo Bonzini:: 626bccb135eSPaolo Bonzini 627bccb135eSPaolo Bonzini [iscsi "iqn.target.name"] 628bccb135eSPaolo Bonzini user = "CHAP username" 629bccb135eSPaolo Bonzini password = "CHAP password" 630bccb135eSPaolo Bonzini initiator-name = "iqn.qemu.test:my-initiator" 631bccb135eSPaolo Bonzini # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE 632bccb135eSPaolo Bonzini header-digest = "CRC32C" 633bccb135eSPaolo Bonzini 634bccb135eSPaolo BonziniHow to use a configuration file to set iSCSI configuration options: 635bccb135eSPaolo Bonzini 636bccb135eSPaolo Bonzini.. parsed-literal:: 637bccb135eSPaolo Bonzini 638bccb135eSPaolo Bonzini cat >iscsi.conf <<EOF 639bccb135eSPaolo Bonzini [iscsi] 640bccb135eSPaolo Bonzini user = "me" 641bccb135eSPaolo Bonzini password = "my password" 642bccb135eSPaolo Bonzini initiator-name = "iqn.qemu.test:my-initiator" 643bccb135eSPaolo Bonzini header-digest = "CRC32C" 644bccb135eSPaolo Bonzini EOF 645bccb135eSPaolo Bonzini 646bccb135eSPaolo Bonzini |qemu_system| -drive file=iscsi://127.0.0.1/iqn.qemu.test/1 \\ 647bccb135eSPaolo Bonzini -readconfig iscsi.conf 648bccb135eSPaolo Bonzini 649bccb135eSPaolo BonziniHow to set up a simple iSCSI target on loopback and access it via QEMU: 650bccb135eSPaolo Bonzinithis example shows how to set up an iSCSI target with one CDROM and one DISK 651bccb135eSPaolo Bonziniusing the Linux STGT software target. This target is available on Red Hat based 652bccb135eSPaolo Bonzinisystems as the package 'scsi-target-utils'. 653bccb135eSPaolo Bonzini 654bccb135eSPaolo Bonzini.. parsed-literal:: 655bccb135eSPaolo Bonzini 656bccb135eSPaolo Bonzini tgtd --iscsi portal=127.0.0.1:3260 657bccb135eSPaolo Bonzini tgtadm --lld iscsi --op new --mode target --tid 1 -T iqn.qemu.test 658bccb135eSPaolo Bonzini tgtadm --lld iscsi --mode logicalunit --op new --tid 1 --lun 1 \\ 659bccb135eSPaolo Bonzini -b /IMAGES/disk.img --device-type=disk 660bccb135eSPaolo Bonzini tgtadm --lld iscsi --mode logicalunit --op new --tid 1 --lun 2 \\ 661bccb135eSPaolo Bonzini -b /IMAGES/cd.iso --device-type=cd 662bccb135eSPaolo Bonzini tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL 663bccb135eSPaolo Bonzini 664bccb135eSPaolo Bonzini |qemu_system| -iscsi initiator-name=iqn.qemu.test:my-initiator \\ 665bccb135eSPaolo Bonzini -boot d -drive file=iscsi://127.0.0.1/iqn.qemu.test/1 \\ 666bccb135eSPaolo Bonzini -cdrom iscsi://127.0.0.1/iqn.qemu.test/2 667bccb135eSPaolo Bonzini 668bccb135eSPaolo BonziniGlusterFS disk images 669bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~ 670bccb135eSPaolo Bonzini 671bccb135eSPaolo BonziniGlusterFS is a user space distributed file system. 672bccb135eSPaolo Bonzini 673bccb135eSPaolo BonziniYou can boot from the GlusterFS disk image with the command: 674bccb135eSPaolo Bonzini 675bccb135eSPaolo BonziniURI: 676bccb135eSPaolo Bonzini 677bccb135eSPaolo Bonzini.. parsed-literal:: 678bccb135eSPaolo Bonzini 679bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster[+TYPE]://[HOST}[:PORT]]/VOLUME/PATH 680bccb135eSPaolo Bonzini [?socket=...][,file.debug=9][,file.logfile=...] 681bccb135eSPaolo Bonzini 682bccb135eSPaolo BonziniJSON: 683bccb135eSPaolo Bonzini 684bccb135eSPaolo Bonzini.. parsed-literal:: 685bccb135eSPaolo Bonzini 686bccb135eSPaolo Bonzini |qemu_system| 'json:{"driver":"qcow2", 687bccb135eSPaolo Bonzini "file":{"driver":"gluster", 688bccb135eSPaolo Bonzini "volume":"testvol","path":"a.img","debug":9,"logfile":"...", 689bccb135eSPaolo Bonzini "server":[{"type":"tcp","host":"...","port":"..."}, 690bccb135eSPaolo Bonzini {"type":"unix","socket":"..."}]}}' 691bccb135eSPaolo Bonzini 692bccb135eSPaolo Bonzini*gluster* is the protocol. 693bccb135eSPaolo Bonzini 694bccb135eSPaolo Bonzini*TYPE* specifies the transport type used to connect to gluster 695bccb135eSPaolo Bonzinimanagement daemon (glusterd). Valid transport types are 696bccb135eSPaolo Bonzinitcp and unix. In the URI form, if a transport type isn't specified, 697bccb135eSPaolo Bonzinithen tcp type is assumed. 698bccb135eSPaolo Bonzini 699bccb135eSPaolo Bonzini*HOST* specifies the server where the volume file specification for 700bccb135eSPaolo Bonzinithe given volume resides. This can be either a hostname or an ipv4 address. 701bccb135eSPaolo BonziniIf transport type is unix, then *HOST* field should not be specified. 702bccb135eSPaolo BonziniInstead *socket* field needs to be populated with the path to unix domain 703bccb135eSPaolo Bonzinisocket. 704bccb135eSPaolo Bonzini 705bccb135eSPaolo Bonzini*PORT* is the port number on which glusterd is listening. This is optional 706bccb135eSPaolo Bonziniand if not specified, it defaults to port 24007. If the transport type is unix, 707bccb135eSPaolo Bonzinithen *PORT* should not be specified. 708bccb135eSPaolo Bonzini 709bccb135eSPaolo Bonzini*VOLUME* is the name of the gluster volume which contains the disk image. 710bccb135eSPaolo Bonzini 711bccb135eSPaolo Bonzini*PATH* is the path to the actual disk image that resides on gluster volume. 712bccb135eSPaolo Bonzini 713bccb135eSPaolo Bonzini*debug* is the logging level of the gluster protocol driver. Debug levels 714bccb135eSPaolo Bonziniare 0-9, with 9 being the most verbose, and 0 representing no debugging output. 715bccb135eSPaolo BonziniThe default level is 4. The current logging levels defined in the gluster source 716bccb135eSPaolo Bonziniare 0 - None, 1 - Emergency, 2 - Alert, 3 - Critical, 4 - Error, 5 - Warning, 717bccb135eSPaolo Bonzini6 - Notice, 7 - Info, 8 - Debug, 9 - Trace 718bccb135eSPaolo Bonzini 719bccb135eSPaolo Bonzini*logfile* is a commandline option to mention log file path which helps in 720bccb135eSPaolo Bonzinilogging to the specified file and also help in persisting the gfapi logs. The 721bccb135eSPaolo Bonzinidefault is stderr. 722bccb135eSPaolo Bonzini 723bccb135eSPaolo BonziniYou can create a GlusterFS disk image with the command: 724bccb135eSPaolo Bonzini 725bccb135eSPaolo Bonzini.. parsed-literal:: 726bccb135eSPaolo Bonzini 727bccb135eSPaolo Bonzini qemu-img create gluster://HOST/VOLUME/PATH SIZE 728bccb135eSPaolo Bonzini 729bccb135eSPaolo BonziniExamples 730bccb135eSPaolo Bonzini 731bccb135eSPaolo Bonzini.. parsed-literal:: 732bccb135eSPaolo Bonzini 733bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster://1.2.3.4/testvol/a.img 734bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://1.2.3.4/testvol/a.img 735bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://1.2.3.4:24007/testvol/dir/a.img 736bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://[1:2:3:4:5:6:7:8]/testvol/dir/a.img 737bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://[1:2:3:4:5:6:7:8]:24007/testvol/dir/a.img 738bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://server.domain.com:24007/testvol/dir/a.img 739bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+unix:///testvol/dir/a.img?socket=/tmp/glusterd.socket 740bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster://1.2.3.4/testvol/a.img,file.debug=9,file.logfile=/var/log/qemu-gluster.log 741bccb135eSPaolo Bonzini |qemu_system| 'json:{"driver":"qcow2", 742bccb135eSPaolo Bonzini "file":{"driver":"gluster", 743bccb135eSPaolo Bonzini "volume":"testvol","path":"a.img", 744bccb135eSPaolo Bonzini "debug":9,"logfile":"/var/log/qemu-gluster.log", 745bccb135eSPaolo Bonzini "server":[{"type":"tcp","host":"1.2.3.4","port":24007}, 746bccb135eSPaolo Bonzini {"type":"unix","socket":"/var/run/glusterd.socket"}]}}' 747bccb135eSPaolo Bonzini |qemu_system| -drive driver=qcow2,file.driver=gluster,file.volume=testvol,file.path=/path/a.img, 748bccb135eSPaolo Bonzini file.debug=9,file.logfile=/var/log/qemu-gluster.log, 749bccb135eSPaolo Bonzini file.server.0.type=tcp,file.server.0.host=1.2.3.4,file.server.0.port=24007, 750bccb135eSPaolo Bonzini file.server.1.type=unix,file.server.1.socket=/var/run/glusterd.socket 751bccb135eSPaolo Bonzini 752bccb135eSPaolo BonziniSecure Shell (ssh) disk images 753bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 754bccb135eSPaolo Bonzini 755bccb135eSPaolo BonziniYou can access disk images located on a remote ssh server 756bccb135eSPaolo Bonziniby using the ssh protocol: 757bccb135eSPaolo Bonzini 758bccb135eSPaolo Bonzini.. parsed-literal:: 759bccb135eSPaolo Bonzini 760bccb135eSPaolo Bonzini |qemu_system| -drive file=ssh://[USER@]SERVER[:PORT]/PATH[?host_key_check=HOST_KEY_CHECK] 761bccb135eSPaolo Bonzini 762bccb135eSPaolo BonziniAlternative syntax using properties: 763bccb135eSPaolo Bonzini 764bccb135eSPaolo Bonzini.. parsed-literal:: 765bccb135eSPaolo Bonzini 766bccb135eSPaolo Bonzini |qemu_system| -drive file.driver=ssh[,file.user=USER],file.host=SERVER[,file.port=PORT],file.path=PATH[,file.host_key_check=HOST_KEY_CHECK] 767bccb135eSPaolo Bonzini 768bccb135eSPaolo Bonzini*ssh* is the protocol. 769bccb135eSPaolo Bonzini 770bccb135eSPaolo Bonzini*USER* is the remote user. If not specified, then the local 771bccb135eSPaolo Bonziniusername is tried. 772bccb135eSPaolo Bonzini 773bccb135eSPaolo Bonzini*SERVER* specifies the remote ssh server. Any ssh server can be 774bccb135eSPaolo Bonziniused, but it must implement the sftp-server protocol. Most Unix/Linux 775bccb135eSPaolo Bonzinisystems should work without requiring any extra configuration. 776bccb135eSPaolo Bonzini 777bccb135eSPaolo Bonzini*PORT* is the port number on which sshd is listening. By default 778bccb135eSPaolo Bonzinithe standard ssh port (22) is used. 779bccb135eSPaolo Bonzini 780bccb135eSPaolo Bonzini*PATH* is the path to the disk image. 781bccb135eSPaolo Bonzini 782bccb135eSPaolo BonziniThe optional *HOST_KEY_CHECK* parameter controls how the remote 783bccb135eSPaolo Bonzinihost's key is checked. The default is ``yes`` which means to use 784bccb135eSPaolo Bonzinithe local ``.ssh/known_hosts`` file. Setting this to ``no`` 785bccb135eSPaolo Bonziniturns off known-hosts checking. Or you can check that the host key 786ab458750SDaniel P. Berrangématches a specific fingerprint. The fingerprint can be provided in 787ab458750SDaniel P. Berrangé``md5``, ``sha1``, or ``sha256`` format, however, it is strongly 788ab458750SDaniel P. Berrangérecommended to only use ``sha256``, since the other options are 789ab458750SDaniel P. Berrangéconsidered insecure by modern standards. The fingerprint value 790ab458750SDaniel P. Berrangémust be given as a hex encoded string:: 791ab458750SDaniel P. Berrangé 792ab458750SDaniel P. Berrangé host_key_check=sha256:04ce2ae89ff4295a6b9c4111640bdcb3297858ee55cb434d9dd88796e93aa795 793ab458750SDaniel P. Berrangé 794ab458750SDaniel P. BerrangéThe key string may optionally contain ":" separators between 795ab458750SDaniel P. Berrangéeach pair of hex digits. 796ab458750SDaniel P. Berrangé 797ab458750SDaniel P. BerrangéThe ``$HOME/.ssh/known_hosts`` file contains the base64 encoded 798ab458750SDaniel P. Berrangéhost keys. These can be converted into the format needed for 799ab458750SDaniel P. BerrangéQEMU using a command such as:: 800ab458750SDaniel P. Berrangé 801ab458750SDaniel P. Berrangé $ for key in `grep 10.33.8.112 known_hosts | awk '{print $3}'` 802ab458750SDaniel P. Berrangé do 803ab458750SDaniel P. Berrangé echo $key | base64 -d | sha256sum 804ab458750SDaniel P. Berrangé done 805ab458750SDaniel P. Berrangé 6c3aa525beda9dc83eadfbd7e5ba7d976ecb59575d1633c87cd06ed2ed6e366f - 806ab458750SDaniel P. Berrangé 12214fd9ea5b408086f98ecccd9958609bd9ac7c0ea316734006bc7818b45dc8 - 807ab458750SDaniel P. Berrangé d36420137bcbd101209ef70c3b15dc07362fbe0fa53c5b135eba6e6afa82f0ce - 808ab458750SDaniel P. Berrangé 809ab458750SDaniel P. BerrangéNote that there can be multiple keys present per host, each with 810ab458750SDaniel P. Berrangédifferent key ciphers. Care is needed to pick the key fingerprint 811ab458750SDaniel P. Berrangéthat matches the cipher QEMU will negotiate with the remote server. 812bccb135eSPaolo Bonzini 813bccb135eSPaolo BonziniCurrently authentication must be done using ssh-agent. Other 814bccb135eSPaolo Bonziniauthentication methods may be supported in future. 815bccb135eSPaolo Bonzini 816bccb135eSPaolo BonziniNote: Many ssh servers do not support an ``fsync``-style operation. 817bccb135eSPaolo BonziniThe ssh driver cannot guarantee that disk flush requests are 818bccb135eSPaolo Bonziniobeyed, and this causes a risk of disk corruption if the remote 819bccb135eSPaolo Bonziniserver or network goes down during writes. The driver will 820bccb135eSPaolo Bonziniprint a warning when ``fsync`` is not supported: 821bccb135eSPaolo Bonzini 822bccb135eSPaolo Bonzini:: 823bccb135eSPaolo Bonzini 824bccb135eSPaolo Bonzini warning: ssh server ssh.example.com:22 does not support fsync 825bccb135eSPaolo Bonzini 826bccb135eSPaolo BonziniWith sufficiently new versions of libssh and OpenSSH, ``fsync`` is 827bccb135eSPaolo Bonzinisupported. 828bccb135eSPaolo Bonzini 829bccb135eSPaolo BonziniNVMe disk images 830bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~ 831bccb135eSPaolo Bonzini 832bccb135eSPaolo BonziniNVM Express (NVMe) storage controllers can be accessed directly by a userspace 833bccb135eSPaolo Bonzinidriver in QEMU. This bypasses the host kernel file system and block layers 834bccb135eSPaolo Bonziniwhile retaining QEMU block layer functionalities, such as block jobs, I/O 835bccb135eSPaolo Bonzinithrottling, image formats, etc. Disk I/O performance is typically higher than 836bccb135eSPaolo Bonziniwith ``-drive file=/dev/sda`` using either thread pool or linux-aio. 837bccb135eSPaolo Bonzini 838bccb135eSPaolo BonziniThe controller will be exclusively used by the QEMU process once started. To be 839bccb135eSPaolo Bonziniable to share storage between multiple VMs and other applications on the host, 840bccb135eSPaolo Bonziniplease use the file based protocols. 841bccb135eSPaolo Bonzini 842bccb135eSPaolo BonziniBefore starting QEMU, bind the host NVMe controller to the host vfio-pci 843bccb135eSPaolo Bonzinidriver. For example: 844bccb135eSPaolo Bonzini 845bccb135eSPaolo Bonzini.. parsed-literal:: 846bccb135eSPaolo Bonzini 847bccb135eSPaolo Bonzini # modprobe vfio-pci 848bccb135eSPaolo Bonzini # lspci -n -s 0000:06:0d.0 849bccb135eSPaolo Bonzini 06:0d.0 0401: 1102:0002 (rev 08) 850bccb135eSPaolo Bonzini # echo 0000:06:0d.0 > /sys/bus/pci/devices/0000:06:0d.0/driver/unbind 851bccb135eSPaolo Bonzini # echo 1102 0002 > /sys/bus/pci/drivers/vfio-pci/new_id 852bccb135eSPaolo Bonzini 853bccb135eSPaolo Bonzini # |qemu_system| -drive file=nvme://HOST:BUS:SLOT.FUNC/NAMESPACE 854bccb135eSPaolo Bonzini 855bccb135eSPaolo BonziniAlternative syntax using properties: 856bccb135eSPaolo Bonzini 857bccb135eSPaolo Bonzini.. parsed-literal:: 858bccb135eSPaolo Bonzini 859bccb135eSPaolo Bonzini |qemu_system| -drive file.driver=nvme,file.device=HOST:BUS:SLOT.FUNC,file.namespace=NAMESPACE 860bccb135eSPaolo Bonzini 861bccb135eSPaolo Bonzini*HOST*:*BUS*:*SLOT*.\ *FUNC* is the NVMe controller's PCI device 862bccb135eSPaolo Bonziniaddress on the host. 863bccb135eSPaolo Bonzini 864bccb135eSPaolo Bonzini*NAMESPACE* is the NVMe namespace number, starting from 1. 865bccb135eSPaolo Bonzini 866bccb135eSPaolo BonziniDisk image file locking 867bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~ 868bccb135eSPaolo Bonzini 869bccb135eSPaolo BonziniBy default, QEMU tries to protect image files from unexpected concurrent 870bccb135eSPaolo Bonziniaccess, as long as it's supported by the block protocol driver and host 871bccb135eSPaolo Bonzinioperating system. If multiple QEMU processes (including QEMU emulators and 872bccb135eSPaolo Bonziniutilities) try to open the same image with conflicting accessing modes, all but 873bccb135eSPaolo Bonzinithe first one will get an error. 874bccb135eSPaolo Bonzini 875bccb135eSPaolo BonziniThis feature is currently supported by the file protocol on Linux with the Open 876bccb135eSPaolo BonziniFile Descriptor (OFD) locking API, and can be configured to fall back to POSIX 877bccb135eSPaolo Bonzinilocking if the POSIX host doesn't support Linux OFD locking. 878bccb135eSPaolo Bonzini 879bccb135eSPaolo BonziniTo explicitly enable image locking, specify "locking=on" in the file protocol 880bccb135eSPaolo Bonzinidriver options. If OFD locking is not possible, a warning will be printed and 881bccb135eSPaolo Bonzinithe POSIX locking API will be used. In this case there is a risk that the lock 882bccb135eSPaolo Bonziniwill get silently lost when doing hot plugging and block jobs, due to the 883bccb135eSPaolo Bonzinishortcomings of the POSIX locking API. 884bccb135eSPaolo Bonzini 885bccb135eSPaolo BonziniQEMU transparently handles lock handover during shared storage migration. For 886bccb135eSPaolo Bonzinishared virtual disk images between multiple VMs, the "share-rw" device option 887bccb135eSPaolo Bonzinishould be used. 888bccb135eSPaolo Bonzini 889bccb135eSPaolo BonziniBy default, the guest has exclusive write access to its disk image. If the 890bccb135eSPaolo Bonziniguest can safely share the disk image with other writers the 891bccb135eSPaolo Bonzini``-device ...,share-rw=on`` parameter can be used. This is only safe if 892bccb135eSPaolo Bonzinithe guest is running software, such as a cluster file system, that 893bccb135eSPaolo Bonzinicoordinates disk accesses to avoid corruption. 894bccb135eSPaolo Bonzini 895bccb135eSPaolo BonziniNote that share-rw=on only declares the guest's ability to share the disk. 896bccb135eSPaolo BonziniSome QEMU features, such as image file formats, require exclusive write access 897bccb135eSPaolo Bonzinito the disk image and this is unaffected by the share-rw=on option. 898bccb135eSPaolo Bonzini 899bccb135eSPaolo BonziniAlternatively, locking can be fully disabled by "locking=off" block device 900bccb135eSPaolo Bonzinioption. In the command line, the option is usually in the form of 901bccb135eSPaolo Bonzini"file.locking=off" as the protocol driver is normally placed as a "file" child 902bccb135eSPaolo Bonziniunder a format driver. For example: 903bccb135eSPaolo Bonzini 904bccb135eSPaolo Bonzini:: 905bccb135eSPaolo Bonzini 906bccb135eSPaolo Bonzini -blockdev driver=qcow2,file.filename=/path/to/image,file.locking=off,file.driver=file 907bccb135eSPaolo Bonzini 908bccb135eSPaolo BonziniTo check if image locking is active, check the output of the "lslocks" command 909bccb135eSPaolo Bonzinion host and see if there are locks held by the QEMU process on the image file. 910bccb135eSPaolo BonziniMore than one byte could be locked by the QEMU instance, each byte of which 911bccb135eSPaolo Bonzinireflects a particular permission that is acquired or protected by the running 912bccb135eSPaolo Bonziniblock driver. 91333fa2222SVladimir Sementsov-Ogievskiy 91433fa2222SVladimir Sementsov-OgievskiyFilter drivers 91533fa2222SVladimir Sementsov-Ogievskiy~~~~~~~~~~~~~~ 91633fa2222SVladimir Sementsov-Ogievskiy 91733fa2222SVladimir Sementsov-OgievskiyQEMU supports several filter drivers, which don't store any data, but perform 91833fa2222SVladimir Sementsov-Ogievskiysome additional tasks, hooking io requests. 91933fa2222SVladimir Sementsov-Ogievskiy 92033fa2222SVladimir Sementsov-Ogievskiy.. program:: filter-drivers 92133fa2222SVladimir Sementsov-Ogievskiy.. option:: preallocate 92233fa2222SVladimir Sementsov-Ogievskiy 92333fa2222SVladimir Sementsov-Ogievskiy The preallocate filter driver is intended to be inserted between format 92433fa2222SVladimir Sementsov-Ogievskiy and protocol nodes and preallocates some additional space 92533fa2222SVladimir Sementsov-Ogievskiy (expanding the protocol file) when writing past the file’s end. This can be 92633fa2222SVladimir Sementsov-Ogievskiy useful for file-systems with slow allocation. 92733fa2222SVladimir Sementsov-Ogievskiy 92833fa2222SVladimir Sementsov-Ogievskiy Supported options: 92933fa2222SVladimir Sementsov-Ogievskiy 93033fa2222SVladimir Sementsov-Ogievskiy .. program:: preallocate 93133fa2222SVladimir Sementsov-Ogievskiy .. option:: prealloc-align 93233fa2222SVladimir Sementsov-Ogievskiy 93333fa2222SVladimir Sementsov-Ogievskiy On preallocation, align the file length to this value (in bytes), default 1M. 93433fa2222SVladimir Sementsov-Ogievskiy 93533fa2222SVladimir Sementsov-Ogievskiy .. program:: preallocate 93633fa2222SVladimir Sementsov-Ogievskiy .. option:: prealloc-size 93733fa2222SVladimir Sementsov-Ogievskiy 93833fa2222SVladimir Sementsov-Ogievskiy How much to preallocate (in bytes), default 128M. 939