1bccb135eSPaolo BonziniDisk image file formats 2bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~ 3bccb135eSPaolo Bonzini 4bccb135eSPaolo BonziniQEMU supports many image file formats that can be used with VMs as well as with 5bccb135eSPaolo Bonziniany of the tools (like ``qemu-img``). This includes the preferred formats 6bccb135eSPaolo Bonziniraw and qcow2 as well as formats that are supported for compatibility with 7bccb135eSPaolo Bonziniolder QEMU versions or other hypervisors. 8bccb135eSPaolo Bonzini 9bccb135eSPaolo BonziniDepending on the image format, different options can be passed to 10bccb135eSPaolo Bonzini``qemu-img create`` and ``qemu-img convert`` using the ``-o`` option. 11bccb135eSPaolo BonziniThis section describes each format and the options that are supported for it. 12bccb135eSPaolo Bonzini 13bccb135eSPaolo Bonzini.. program:: image-formats 14bccb135eSPaolo Bonzini.. option:: raw 15bccb135eSPaolo Bonzini 16bccb135eSPaolo Bonzini Raw disk image format. This format has the advantage of 17bccb135eSPaolo Bonzini being simple and easily exportable to all other emulators. If your 18bccb135eSPaolo Bonzini file system supports *holes* (for example in ext2 or ext3 on 19bccb135eSPaolo Bonzini Linux or NTFS on Windows), then only the written sectors will reserve 20bccb135eSPaolo Bonzini space. Use ``qemu-img info`` to know the real size used by the 21bccb135eSPaolo Bonzini image or ``ls -ls`` on Unix/Linux. 22bccb135eSPaolo Bonzini 23bccb135eSPaolo Bonzini Supported options: 24bccb135eSPaolo Bonzini 25bccb135eSPaolo Bonzini .. program:: raw 26bccb135eSPaolo Bonzini .. option:: preallocation 27bccb135eSPaolo Bonzini 28bccb135eSPaolo Bonzini Preallocation mode (allowed values: ``off``, ``falloc``, 29bccb135eSPaolo Bonzini ``full``). ``falloc`` mode preallocates space for image by 30bccb135eSPaolo Bonzini calling ``posix_fallocate()``. ``full`` mode preallocates space 31bccb135eSPaolo Bonzini for image by writing data to underlying storage. This data may or 32bccb135eSPaolo Bonzini may not be zero, depending on the storage location. 33bccb135eSPaolo Bonzini 34bccb135eSPaolo Bonzini.. program:: image-formats 35bccb135eSPaolo Bonzini.. option:: qcow2 36bccb135eSPaolo Bonzini 37bccb135eSPaolo Bonzini QEMU image format, the most versatile format. Use it to have smaller 38bccb135eSPaolo Bonzini images (useful if your filesystem does not supports holes, for example 39bccb135eSPaolo Bonzini on Windows), zlib based compression and support of multiple VM 40bccb135eSPaolo Bonzini snapshots. 41bccb135eSPaolo Bonzini 42bccb135eSPaolo Bonzini Supported options: 43bccb135eSPaolo Bonzini 44bccb135eSPaolo Bonzini .. program:: qcow2 45bccb135eSPaolo Bonzini .. option:: compat 46bccb135eSPaolo Bonzini 47bccb135eSPaolo Bonzini Determines the qcow2 version to use. ``compat=0.10`` uses the 48bccb135eSPaolo Bonzini traditional image format that can be read by any QEMU since 0.10. 49bccb135eSPaolo Bonzini ``compat=1.1`` enables image format extensions that only QEMU 1.1 and 50bccb135eSPaolo Bonzini newer understand (this is the default). Amongst others, this includes 51bccb135eSPaolo Bonzini zero clusters, which allow efficient copy-on-read for sparse images. 52bccb135eSPaolo Bonzini 53bccb135eSPaolo Bonzini .. option:: backing_file 54bccb135eSPaolo Bonzini 55bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand) 56bccb135eSPaolo Bonzini 57bccb135eSPaolo Bonzini .. option:: backing_fmt 58bccb135eSPaolo Bonzini 59bccb135eSPaolo Bonzini Image format of the base image 60bccb135eSPaolo Bonzini 61bccb135eSPaolo Bonzini .. option:: encryption 62bccb135eSPaolo Bonzini 63bccb135eSPaolo Bonzini This option is deprecated and equivalent to ``encrypt.format=aes`` 64bccb135eSPaolo Bonzini 65bccb135eSPaolo Bonzini .. option:: encrypt.format 66bccb135eSPaolo Bonzini 67bccb135eSPaolo Bonzini If this is set to ``luks``, it requests that the qcow2 payload (not 68bccb135eSPaolo Bonzini qcow2 header) be encrypted using the LUKS format. The passphrase to 69bccb135eSPaolo Bonzini use to unlock the LUKS key slot is given by the ``encrypt.key-secret`` 70bccb135eSPaolo Bonzini parameter. LUKS encryption parameters can be tuned with the other 71bccb135eSPaolo Bonzini ``encrypt.*`` parameters. 72bccb135eSPaolo Bonzini 73bccb135eSPaolo Bonzini If this is set to ``aes``, the image is encrypted with 128-bit AES-CBC. 74bccb135eSPaolo Bonzini The encryption key is given by the ``encrypt.key-secret`` parameter. 75bccb135eSPaolo Bonzini This encryption format is considered to be flawed by modern cryptography 76bccb135eSPaolo Bonzini standards, suffering from a number of design problems: 77bccb135eSPaolo Bonzini 78bccb135eSPaolo Bonzini - The AES-CBC cipher is used with predictable initialization vectors based 79bccb135eSPaolo Bonzini on the sector number. This makes it vulnerable to chosen plaintext attacks 80bccb135eSPaolo Bonzini which can reveal the existence of encrypted data. 81bccb135eSPaolo Bonzini - The user passphrase is directly used as the encryption key. A poorly 82bccb135eSPaolo Bonzini chosen or short passphrase will compromise the security of the encryption. 83bccb135eSPaolo Bonzini - In the event of the passphrase being compromised there is no way to 84bccb135eSPaolo Bonzini change the passphrase to protect data in any qcow images. The files must 85bccb135eSPaolo Bonzini be cloned, using a different encryption passphrase in the new file. The 86bccb135eSPaolo Bonzini original file must then be securely erased using a program like shred, 87bccb135eSPaolo Bonzini though even this is ineffective with many modern storage technologies. 88bccb135eSPaolo Bonzini 89bccb135eSPaolo Bonzini The use of this is no longer supported in system emulators. Support only 90bccb135eSPaolo Bonzini remains in the command line utilities, for the purposes of data liberation 91bccb135eSPaolo Bonzini and interoperability with old versions of QEMU. The ``luks`` format 92bccb135eSPaolo Bonzini should be used instead. 93bccb135eSPaolo Bonzini 94bccb135eSPaolo Bonzini .. option:: encrypt.key-secret 95bccb135eSPaolo Bonzini 96bccb135eSPaolo Bonzini Provides the ID of a ``secret`` object that contains the passphrase 97bccb135eSPaolo Bonzini (``encrypt.format=luks``) or encryption key (``encrypt.format=aes``). 98bccb135eSPaolo Bonzini 99bccb135eSPaolo Bonzini .. option:: encrypt.cipher-alg 100bccb135eSPaolo Bonzini 101bccb135eSPaolo Bonzini Name of the cipher algorithm and key length. Currently defaults 102bccb135eSPaolo Bonzini to ``aes-256``. Only used when ``encrypt.format=luks``. 103bccb135eSPaolo Bonzini 104bccb135eSPaolo Bonzini .. option:: encrypt.cipher-mode 105bccb135eSPaolo Bonzini 106bccb135eSPaolo Bonzini Name of the encryption mode to use. Currently defaults to ``xts``. 107bccb135eSPaolo Bonzini Only used when ``encrypt.format=luks``. 108bccb135eSPaolo Bonzini 109bccb135eSPaolo Bonzini .. option:: encrypt.ivgen-alg 110bccb135eSPaolo Bonzini 111bccb135eSPaolo Bonzini Name of the initialization vector generator algorithm. Currently defaults 112bccb135eSPaolo Bonzini to ``plain64``. Only used when ``encrypt.format=luks``. 113bccb135eSPaolo Bonzini 114bccb135eSPaolo Bonzini .. option:: encrypt.ivgen-hash-alg 115bccb135eSPaolo Bonzini 116bccb135eSPaolo Bonzini Name of the hash algorithm to use with the initialization vector generator 117bccb135eSPaolo Bonzini (if required). Defaults to ``sha256``. Only used when ``encrypt.format=luks``. 118bccb135eSPaolo Bonzini 119bccb135eSPaolo Bonzini .. option:: encrypt.hash-alg 120bccb135eSPaolo Bonzini 121bccb135eSPaolo Bonzini Name of the hash algorithm to use for PBKDF algorithm 122bccb135eSPaolo Bonzini Defaults to ``sha256``. Only used when ``encrypt.format=luks``. 123bccb135eSPaolo Bonzini 124bccb135eSPaolo Bonzini .. option:: encrypt.iter-time 125bccb135eSPaolo Bonzini 126bccb135eSPaolo Bonzini Amount of time, in milliseconds, to use for PBKDF algorithm per key slot. 127bccb135eSPaolo Bonzini Defaults to ``2000``. Only used when ``encrypt.format=luks``. 128bccb135eSPaolo Bonzini 129bccb135eSPaolo Bonzini .. option:: cluster_size 130bccb135eSPaolo Bonzini 131bccb135eSPaolo Bonzini Changes the qcow2 cluster size (must be between 512 and 2M). Smaller cluster 132bccb135eSPaolo Bonzini sizes can improve the image file size whereas larger cluster sizes generally 133bccb135eSPaolo Bonzini provide better performance. 134bccb135eSPaolo Bonzini 135bccb135eSPaolo Bonzini .. option:: preallocation 136bccb135eSPaolo Bonzini 137bccb135eSPaolo Bonzini Preallocation mode (allowed values: ``off``, ``metadata``, ``falloc``, 138bccb135eSPaolo Bonzini ``full``). An image with preallocated metadata is initially larger but can 139bccb135eSPaolo Bonzini improve performance when the image needs to grow. ``falloc`` and ``full`` 140bccb135eSPaolo Bonzini preallocations are like the same options of ``raw`` format, but sets up 141bccb135eSPaolo Bonzini metadata also. 142bccb135eSPaolo Bonzini 143bccb135eSPaolo Bonzini .. option:: lazy_refcounts 144bccb135eSPaolo Bonzini 145bccb135eSPaolo Bonzini If this option is set to ``on``, reference count updates are postponed with 146bccb135eSPaolo Bonzini the goal of avoiding metadata I/O and improving performance. This is 147bccb135eSPaolo Bonzini particularly interesting with :option:`cache=writethrough` which doesn't batch 148bccb135eSPaolo Bonzini metadata updates. The tradeoff is that after a host crash, the reference count 149bccb135eSPaolo Bonzini tables must be rebuilt, i.e. on the next open an (automatic) ``qemu-img 150bccb135eSPaolo Bonzini check -r all`` is required, which may take some time. 151bccb135eSPaolo Bonzini 152bccb135eSPaolo Bonzini This option can only be enabled if ``compat=1.1`` is specified. 153bccb135eSPaolo Bonzini 154bccb135eSPaolo Bonzini .. option:: nocow 155bccb135eSPaolo Bonzini 156bccb135eSPaolo Bonzini If this option is set to ``on``, it will turn off COW of the file. It's only 157bccb135eSPaolo Bonzini valid on btrfs, no effect on other file systems. 158bccb135eSPaolo Bonzini 159bccb135eSPaolo Bonzini Btrfs has low performance when hosting a VM image file, even more 160bccb135eSPaolo Bonzini when the guest on the VM also using btrfs as file system. Turning off 161bccb135eSPaolo Bonzini COW is a way to mitigate this bad performance. Generally there are two 162bccb135eSPaolo Bonzini ways to turn off COW on btrfs: 163bccb135eSPaolo Bonzini 164bccb135eSPaolo Bonzini - Disable it by mounting with nodatacow, then all newly created files 165bccb135eSPaolo Bonzini will be NOCOW. 166bccb135eSPaolo Bonzini - For an empty file, add the NOCOW file attribute. That's what this 167bccb135eSPaolo Bonzini option does. 168bccb135eSPaolo Bonzini 169bccb135eSPaolo Bonzini Note: this option is only valid to new or empty files. If there is 170bccb135eSPaolo Bonzini an existing file which is COW and has data blocks already, it couldn't 171bccb135eSPaolo Bonzini be changed to NOCOW by setting ``nocow=on``. One can issue ``lsattr 172bccb135eSPaolo Bonzini filename`` to check if the NOCOW flag is set or not (Capital 'C' is 173bccb135eSPaolo Bonzini NOCOW flag). 174bccb135eSPaolo Bonzini 175bccb135eSPaolo Bonzini.. program:: image-formats 176bccb135eSPaolo Bonzini.. option:: qed 177bccb135eSPaolo Bonzini 178bccb135eSPaolo Bonzini Old QEMU image format with support for backing files and compact image files 179bccb135eSPaolo Bonzini (when your filesystem or transport medium does not support holes). 180bccb135eSPaolo Bonzini 181bccb135eSPaolo Bonzini When converting QED images to qcow2, you might want to consider using the 182bccb135eSPaolo Bonzini ``lazy_refcounts=on`` option to get a more QED-like behaviour. 183bccb135eSPaolo Bonzini 184bccb135eSPaolo Bonzini Supported options: 185bccb135eSPaolo Bonzini 186bccb135eSPaolo Bonzini .. program:: qed 187bccb135eSPaolo Bonzini .. option:: backing_file 188bccb135eSPaolo Bonzini 189bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand). 190bccb135eSPaolo Bonzini 191bccb135eSPaolo Bonzini .. option:: backing_fmt 192bccb135eSPaolo Bonzini 193bccb135eSPaolo Bonzini Image file format of backing file (optional). Useful if the format cannot be 194bccb135eSPaolo Bonzini autodetected because it has no header, like some vhd/vpc files. 195bccb135eSPaolo Bonzini 196bccb135eSPaolo Bonzini .. option:: cluster_size 197bccb135eSPaolo Bonzini 198bccb135eSPaolo Bonzini Changes the cluster size (must be power-of-2 between 4K and 64K). Smaller 199bccb135eSPaolo Bonzini cluster sizes can improve the image file size whereas larger cluster sizes 200bccb135eSPaolo Bonzini generally provide better performance. 201bccb135eSPaolo Bonzini 202bccb135eSPaolo Bonzini .. option:: table_size 203bccb135eSPaolo Bonzini 204bccb135eSPaolo Bonzini Changes the number of clusters per L1/L2 table (must be 205bccb135eSPaolo Bonzini power-of-2 between 1 and 16). There is normally no need to 206bccb135eSPaolo Bonzini change this value but this option can between used for 207bccb135eSPaolo Bonzini performance benchmarking. 208bccb135eSPaolo Bonzini 209bccb135eSPaolo Bonzini.. program:: image-formats 210bccb135eSPaolo Bonzini.. option:: qcow 211bccb135eSPaolo Bonzini 212bccb135eSPaolo Bonzini Old QEMU image format with support for backing files, compact image files, 213bccb135eSPaolo Bonzini encryption and compression. 214bccb135eSPaolo Bonzini 215bccb135eSPaolo Bonzini Supported options: 216bccb135eSPaolo Bonzini 217bccb135eSPaolo Bonzini .. program:: qcow 218bccb135eSPaolo Bonzini .. option:: backing_file 219bccb135eSPaolo Bonzini 220bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand) 221bccb135eSPaolo Bonzini 222bccb135eSPaolo Bonzini .. option:: encryption 223bccb135eSPaolo Bonzini 224bccb135eSPaolo Bonzini This option is deprecated and equivalent to ``encrypt.format=aes`` 225bccb135eSPaolo Bonzini 226bccb135eSPaolo Bonzini .. option:: encrypt.format 227bccb135eSPaolo Bonzini 228bccb135eSPaolo Bonzini If this is set to ``aes``, the image is encrypted with 128-bit AES-CBC. 229bccb135eSPaolo Bonzini The encryption key is given by the ``encrypt.key-secret`` parameter. 230bccb135eSPaolo Bonzini This encryption format is considered to be flawed by modern cryptography 231bccb135eSPaolo Bonzini standards, suffering from a number of design problems enumerated previously 232bccb135eSPaolo Bonzini against the ``qcow2`` image format. 233bccb135eSPaolo Bonzini 234bccb135eSPaolo Bonzini The use of this is no longer supported in system emulators. Support only 235bccb135eSPaolo Bonzini remains in the command line utilities, for the purposes of data liberation 236bccb135eSPaolo Bonzini and interoperability with old versions of QEMU. 237bccb135eSPaolo Bonzini 238bccb135eSPaolo Bonzini Users requiring native encryption should use the ``qcow2`` format 239bccb135eSPaolo Bonzini instead with ``encrypt.format=luks``. 240bccb135eSPaolo Bonzini 241bccb135eSPaolo Bonzini .. option:: encrypt.key-secret 242bccb135eSPaolo Bonzini 243bccb135eSPaolo Bonzini Provides the ID of a ``secret`` object that contains the encryption 244bccb135eSPaolo Bonzini key (``encrypt.format=aes``). 245bccb135eSPaolo Bonzini 246bccb135eSPaolo Bonzini.. program:: image-formats 247bccb135eSPaolo Bonzini.. option:: luks 248bccb135eSPaolo Bonzini 249bccb135eSPaolo Bonzini LUKS v1 encryption format, compatible with Linux dm-crypt/cryptsetup 250bccb135eSPaolo Bonzini 251bccb135eSPaolo Bonzini Supported options: 252bccb135eSPaolo Bonzini 253bccb135eSPaolo Bonzini .. program:: luks 254bccb135eSPaolo Bonzini .. option:: key-secret 255bccb135eSPaolo Bonzini 256bccb135eSPaolo Bonzini Provides the ID of a ``secret`` object that contains the passphrase. 257bccb135eSPaolo Bonzini 258bccb135eSPaolo Bonzini .. option:: cipher-alg 259bccb135eSPaolo Bonzini 260bccb135eSPaolo Bonzini Name of the cipher algorithm and key length. Currently defaults 261bccb135eSPaolo Bonzini to ``aes-256``. 262bccb135eSPaolo Bonzini 263bccb135eSPaolo Bonzini .. option:: cipher-mode 264bccb135eSPaolo Bonzini 265bccb135eSPaolo Bonzini Name of the encryption mode to use. Currently defaults to ``xts``. 266bccb135eSPaolo Bonzini 267bccb135eSPaolo Bonzini .. option:: ivgen-alg 268bccb135eSPaolo Bonzini 269bccb135eSPaolo Bonzini Name of the initialization vector generator algorithm. Currently defaults 270bccb135eSPaolo Bonzini to ``plain64``. 271bccb135eSPaolo Bonzini 272bccb135eSPaolo Bonzini .. option:: ivgen-hash-alg 273bccb135eSPaolo Bonzini 274bccb135eSPaolo Bonzini Name of the hash algorithm to use with the initialization vector generator 275bccb135eSPaolo Bonzini (if required). Defaults to ``sha256``. 276bccb135eSPaolo Bonzini 277bccb135eSPaolo Bonzini .. option:: hash-alg 278bccb135eSPaolo Bonzini 279bccb135eSPaolo Bonzini Name of the hash algorithm to use for PBKDF algorithm 280bccb135eSPaolo Bonzini Defaults to ``sha256``. 281bccb135eSPaolo Bonzini 282bccb135eSPaolo Bonzini .. option:: iter-time 283bccb135eSPaolo Bonzini 284bccb135eSPaolo Bonzini Amount of time, in milliseconds, to use for PBKDF algorithm per key slot. 285bccb135eSPaolo Bonzini Defaults to ``2000``. 286bccb135eSPaolo Bonzini 287bccb135eSPaolo Bonzini.. program:: image-formats 288bccb135eSPaolo Bonzini.. option:: vdi 289bccb135eSPaolo Bonzini 290bccb135eSPaolo Bonzini VirtualBox 1.1 compatible image format. 291bccb135eSPaolo Bonzini 292bccb135eSPaolo Bonzini Supported options: 293bccb135eSPaolo Bonzini 294bccb135eSPaolo Bonzini .. program:: vdi 295bccb135eSPaolo Bonzini .. option:: static 296bccb135eSPaolo Bonzini 297bccb135eSPaolo Bonzini If this option is set to ``on``, the image is created with metadata 298bccb135eSPaolo Bonzini preallocation. 299bccb135eSPaolo Bonzini 300bccb135eSPaolo Bonzini.. program:: image-formats 301bccb135eSPaolo Bonzini.. option:: vmdk 302bccb135eSPaolo Bonzini 303bccb135eSPaolo Bonzini VMware 3 and 4 compatible image format. 304bccb135eSPaolo Bonzini 305bccb135eSPaolo Bonzini Supported options: 306bccb135eSPaolo Bonzini 307bccb135eSPaolo Bonzini .. program: vmdk 308bccb135eSPaolo Bonzini .. option:: backing_file 309bccb135eSPaolo Bonzini 310bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand). 311bccb135eSPaolo Bonzini 312bccb135eSPaolo Bonzini .. option:: compat6 313bccb135eSPaolo Bonzini 314bccb135eSPaolo Bonzini Create a VMDK version 6 image (instead of version 4) 315bccb135eSPaolo Bonzini 316bccb135eSPaolo Bonzini .. option:: hwversion 317bccb135eSPaolo Bonzini 318bccb135eSPaolo Bonzini Specify vmdk virtual hardware version. Compat6 flag cannot be enabled 319bccb135eSPaolo Bonzini if hwversion is specified. 320bccb135eSPaolo Bonzini 321bccb135eSPaolo Bonzini .. option:: subformat 322bccb135eSPaolo Bonzini 323bccb135eSPaolo Bonzini Specifies which VMDK subformat to use. Valid options are 324bccb135eSPaolo Bonzini ``monolithicSparse`` (default), 325bccb135eSPaolo Bonzini ``monolithicFlat``, 326bccb135eSPaolo Bonzini ``twoGbMaxExtentSparse``, 327bccb135eSPaolo Bonzini ``twoGbMaxExtentFlat`` and 328bccb135eSPaolo Bonzini ``streamOptimized``. 329bccb135eSPaolo Bonzini 330bccb135eSPaolo Bonzini.. program:: image-formats 331bccb135eSPaolo Bonzini.. option:: vpc 332bccb135eSPaolo Bonzini 333bccb135eSPaolo Bonzini VirtualPC compatible image format (VHD). 334bccb135eSPaolo Bonzini 335bccb135eSPaolo Bonzini Supported options: 336bccb135eSPaolo Bonzini 337bccb135eSPaolo Bonzini .. program:: vpc 338bccb135eSPaolo Bonzini .. option:: subformat 339bccb135eSPaolo Bonzini 340bccb135eSPaolo Bonzini Specifies which VHD subformat to use. Valid options are 341bccb135eSPaolo Bonzini ``dynamic`` (default) and ``fixed``. 342bccb135eSPaolo Bonzini 343bccb135eSPaolo Bonzini.. program:: image-formats 344bccb135eSPaolo Bonzini.. option:: VHDX 345bccb135eSPaolo Bonzini 346bccb135eSPaolo Bonzini Hyper-V compatible image format (VHDX). 347bccb135eSPaolo Bonzini 348bccb135eSPaolo Bonzini Supported options: 349bccb135eSPaolo Bonzini 350bccb135eSPaolo Bonzini .. program:: VHDX 351bccb135eSPaolo Bonzini .. option:: subformat 352bccb135eSPaolo Bonzini 353bccb135eSPaolo Bonzini Specifies which VHDX subformat to use. Valid options are 354bccb135eSPaolo Bonzini ``dynamic`` (default) and ``fixed``. 355bccb135eSPaolo Bonzini 356bccb135eSPaolo Bonzini .. option:: block_state_zero 357bccb135eSPaolo Bonzini 358bccb135eSPaolo Bonzini Force use of payload blocks of type 'ZERO'. Can be set to ``on`` (default) 359bccb135eSPaolo Bonzini or ``off``. When set to ``off``, new blocks will be created as 360bccb135eSPaolo Bonzini ``PAYLOAD_BLOCK_NOT_PRESENT``, which means parsers are free to return 361bccb135eSPaolo Bonzini arbitrary data for those blocks. Do not set to ``off`` when using 362bccb135eSPaolo Bonzini ``qemu-img convert`` with ``subformat=dynamic``. 363bccb135eSPaolo Bonzini 364bccb135eSPaolo Bonzini .. option:: block_size 365bccb135eSPaolo Bonzini 366bccb135eSPaolo Bonzini Block size; min 1 MB, max 256 MB. 0 means auto-calculate based on 367bccb135eSPaolo Bonzini image size. 368bccb135eSPaolo Bonzini 369bccb135eSPaolo Bonzini .. option:: log_size 370bccb135eSPaolo Bonzini 371bccb135eSPaolo Bonzini Log size; min 1 MB. 372bccb135eSPaolo Bonzini 373bccb135eSPaolo BonziniRead-only formats 374bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~ 375bccb135eSPaolo Bonzini 376bccb135eSPaolo BonziniMore disk image file formats are supported in a read-only mode. 377bccb135eSPaolo Bonzini 378bccb135eSPaolo Bonzini.. program:: image-formats 379bccb135eSPaolo Bonzini.. option:: bochs 380bccb135eSPaolo Bonzini 381bccb135eSPaolo Bonzini Bochs images of ``growing`` type. 382bccb135eSPaolo Bonzini 383bccb135eSPaolo Bonzini.. program:: image-formats 384bccb135eSPaolo Bonzini.. option:: cloop 385bccb135eSPaolo Bonzini 386bccb135eSPaolo Bonzini Linux Compressed Loop image, useful only to reuse directly compressed 387bccb135eSPaolo Bonzini CD-ROM images present for example in the Knoppix CD-ROMs. 388bccb135eSPaolo Bonzini 389bccb135eSPaolo Bonzini.. program:: image-formats 390bccb135eSPaolo Bonzini.. option:: dmg 391bccb135eSPaolo Bonzini 392bccb135eSPaolo Bonzini Apple disk image. 393bccb135eSPaolo Bonzini 394bccb135eSPaolo Bonzini.. program:: image-formats 395bccb135eSPaolo Bonzini.. option:: parallels 396bccb135eSPaolo Bonzini 397bccb135eSPaolo Bonzini Parallels disk image format. 398bccb135eSPaolo Bonzini 399bccb135eSPaolo BonziniUsing host drives 400bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~ 401bccb135eSPaolo Bonzini 402bccb135eSPaolo BonziniIn addition to disk image files, QEMU can directly access host 403bccb135eSPaolo Bonzinidevices. We describe here the usage for QEMU version >= 0.8.3. 404bccb135eSPaolo Bonzini 405bccb135eSPaolo BonziniLinux 406bccb135eSPaolo Bonzini^^^^^ 407bccb135eSPaolo Bonzini 408bccb135eSPaolo BonziniOn Linux, you can directly use the host device filename instead of a 409bccb135eSPaolo Bonzinidisk image filename provided you have enough privileges to access 410bccb135eSPaolo Bonziniit. For example, use ``/dev/cdrom`` to access to the CDROM. 411bccb135eSPaolo Bonzini 412bccb135eSPaolo BonziniCD 413bccb135eSPaolo Bonzini You can specify a CDROM device even if no CDROM is loaded. QEMU has 414bccb135eSPaolo Bonzini specific code to detect CDROM insertion or removal. CDROM ejection by 415bccb135eSPaolo Bonzini the guest OS is supported. Currently only data CDs are supported. 416bccb135eSPaolo Bonzini 417bccb135eSPaolo BonziniFloppy 418bccb135eSPaolo Bonzini You can specify a floppy device even if no floppy is loaded. Floppy 419bccb135eSPaolo Bonzini removal is currently not detected accurately (if you change floppy 420bccb135eSPaolo Bonzini without doing floppy access while the floppy is not loaded, the guest 421bccb135eSPaolo Bonzini OS will think that the same floppy is loaded). 422bccb135eSPaolo Bonzini Use of the host's floppy device is deprecated, and support for it will 423bccb135eSPaolo Bonzini be removed in a future release. 424bccb135eSPaolo Bonzini 425bccb135eSPaolo BonziniHard disks 426bccb135eSPaolo Bonzini Hard disks can be used. Normally you must specify the whole disk 427bccb135eSPaolo Bonzini (``/dev/hdb`` instead of ``/dev/hdb1``) so that the guest OS can 428bccb135eSPaolo Bonzini see it as a partitioned disk. WARNING: unless you know what you do, it 429bccb135eSPaolo Bonzini is better to only make READ-ONLY accesses to the hard disk otherwise 430bccb135eSPaolo Bonzini you may corrupt your host data (use the ``-snapshot`` command 431bccb135eSPaolo Bonzini line option or modify the device permissions accordingly). 432bccb135eSPaolo Bonzini 433bccb135eSPaolo BonziniWindows 434bccb135eSPaolo Bonzini^^^^^^^ 435bccb135eSPaolo Bonzini 436bccb135eSPaolo BonziniCD 437bccb135eSPaolo Bonzini The preferred syntax is the drive letter (e.g. ``d:``). The 438bccb135eSPaolo Bonzini alternate syntax ``\\.\d:`` is supported. ``/dev/cdrom`` is 439bccb135eSPaolo Bonzini supported as an alias to the first CDROM drive. 440bccb135eSPaolo Bonzini 441bccb135eSPaolo Bonzini Currently there is no specific code to handle removable media, so it 442bccb135eSPaolo Bonzini is better to use the ``change`` or ``eject`` monitor commands to 443bccb135eSPaolo Bonzini change or eject media. 444bccb135eSPaolo Bonzini 445bccb135eSPaolo BonziniHard disks 446bccb135eSPaolo Bonzini Hard disks can be used with the syntax: ``\\.\PhysicalDriveN`` 447bccb135eSPaolo Bonzini where *N* is the drive number (0 is the first hard disk). 448bccb135eSPaolo Bonzini 449bccb135eSPaolo Bonzini WARNING: unless you know what you do, it is better to only make 450bccb135eSPaolo Bonzini READ-ONLY accesses to the hard disk otherwise you may corrupt your 451bccb135eSPaolo Bonzini host data (use the ``-snapshot`` command line so that the 452bccb135eSPaolo Bonzini modifications are written in a temporary file). 453bccb135eSPaolo Bonzini 454bccb135eSPaolo BonziniMac OS X 455bccb135eSPaolo Bonzini^^^^^^^^ 456bccb135eSPaolo Bonzini 457bccb135eSPaolo Bonzini``/dev/cdrom`` is an alias to the first CDROM. 458bccb135eSPaolo Bonzini 459bccb135eSPaolo BonziniCurrently there is no specific code to handle removable media, so it 460bccb135eSPaolo Bonziniis better to use the ``change`` or ``eject`` monitor commands to 461bccb135eSPaolo Bonzinichange or eject media. 462bccb135eSPaolo Bonzini 463bccb135eSPaolo BonziniVirtual FAT disk images 464bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~ 465bccb135eSPaolo Bonzini 466bccb135eSPaolo BonziniQEMU can automatically create a virtual FAT disk image from a 467bccb135eSPaolo Bonzinidirectory tree. In order to use it, just type: 468bccb135eSPaolo Bonzini 469bccb135eSPaolo Bonzini.. parsed-literal:: 470bccb135eSPaolo Bonzini 471bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb fat:/my_directory 472bccb135eSPaolo Bonzini 473bccb135eSPaolo BonziniThen you access access to all the files in the ``/my_directory`` 474bccb135eSPaolo Bonzinidirectory without having to copy them in a disk image or to export 475bccb135eSPaolo Bonzinithem via SAMBA or NFS. The default access is *read-only*. 476bccb135eSPaolo Bonzini 477bccb135eSPaolo BonziniFloppies can be emulated with the ``:floppy:`` option: 478bccb135eSPaolo Bonzini 479bccb135eSPaolo Bonzini.. parsed-literal:: 480bccb135eSPaolo Bonzini 481bccb135eSPaolo Bonzini |qemu_system| linux.img -fda fat:floppy:/my_directory 482bccb135eSPaolo Bonzini 483bccb135eSPaolo BonziniA read/write support is available for testing (beta stage) with the 484bccb135eSPaolo Bonzini``:rw:`` option: 485bccb135eSPaolo Bonzini 486bccb135eSPaolo Bonzini.. parsed-literal:: 487bccb135eSPaolo Bonzini 488bccb135eSPaolo Bonzini |qemu_system| linux.img -fda fat:floppy:rw:/my_directory 489bccb135eSPaolo Bonzini 490bccb135eSPaolo BonziniWhat you should *never* do: 491bccb135eSPaolo Bonzini 492bccb135eSPaolo Bonzini- use non-ASCII filenames 493bccb135eSPaolo Bonzini- use "-snapshot" together with ":rw:" 494bccb135eSPaolo Bonzini- expect it to work when loadvm'ing 495bccb135eSPaolo Bonzini- write to the FAT directory on the host system while accessing it with the guest system 496bccb135eSPaolo Bonzini 497bccb135eSPaolo BonziniNBD access 498bccb135eSPaolo Bonzini~~~~~~~~~~ 499bccb135eSPaolo Bonzini 500bccb135eSPaolo BonziniQEMU can access directly to block device exported using the Network Block Device 501bccb135eSPaolo Bonziniprotocol. 502bccb135eSPaolo Bonzini 503bccb135eSPaolo Bonzini.. parsed-literal:: 504bccb135eSPaolo Bonzini 505bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb nbd://my_nbd_server.mydomain.org:1024/ 506bccb135eSPaolo Bonzini 507bccb135eSPaolo BonziniIf the NBD server is located on the same host, you can use an unix socket instead 508bccb135eSPaolo Bonziniof an inet socket: 509bccb135eSPaolo Bonzini 510bccb135eSPaolo Bonzini.. parsed-literal:: 511bccb135eSPaolo Bonzini 512bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb nbd+unix://?socket=/tmp/my_socket 513bccb135eSPaolo Bonzini 514c5ba6219SPhilippe Mathieu-DaudéIn this case, the block device must be exported using ``qemu-nbd``: 515bccb135eSPaolo Bonzini 516bccb135eSPaolo Bonzini.. parsed-literal:: 517bccb135eSPaolo Bonzini 518bccb135eSPaolo Bonzini qemu-nbd --socket=/tmp/my_socket my_disk.qcow2 519bccb135eSPaolo Bonzini 520c5ba6219SPhilippe Mathieu-DaudéThe use of ``qemu-nbd`` allows sharing of a disk between several guests: 521bccb135eSPaolo Bonzini 522bccb135eSPaolo Bonzini.. parsed-literal:: 523bccb135eSPaolo Bonzini 524bccb135eSPaolo Bonzini qemu-nbd --socket=/tmp/my_socket --share=2 my_disk.qcow2 525bccb135eSPaolo Bonzini 526bccb135eSPaolo Bonziniand then you can use it with two guests: 527bccb135eSPaolo Bonzini 528bccb135eSPaolo Bonzini.. parsed-literal:: 529bccb135eSPaolo Bonzini 530bccb135eSPaolo Bonzini |qemu_system| linux1.img -hdb nbd+unix://?socket=/tmp/my_socket 531bccb135eSPaolo Bonzini |qemu_system| linux2.img -hdb nbd+unix://?socket=/tmp/my_socket 532bccb135eSPaolo Bonzini 533c5ba6219SPhilippe Mathieu-DaudéIf the ``nbd-server`` uses named exports (supported since NBD 2.9.18, or with QEMU's 534bccb135eSPaolo Bonziniown embedded NBD server), you must specify an export name in the URI: 535bccb135eSPaolo Bonzini 536bccb135eSPaolo Bonzini.. parsed-literal:: 537bccb135eSPaolo Bonzini 538bccb135eSPaolo Bonzini |qemu_system| -cdrom nbd://localhost/debian-500-ppc-netinst 539bccb135eSPaolo Bonzini |qemu_system| -cdrom nbd://localhost/openSUSE-11.1-ppc-netinst 540bccb135eSPaolo Bonzini 541bccb135eSPaolo BonziniThe URI syntax for NBD is supported since QEMU 1.3. An alternative syntax is 542bccb135eSPaolo Bonzinialso available. Here are some example of the older syntax: 543bccb135eSPaolo Bonzini 544bccb135eSPaolo Bonzini.. parsed-literal:: 545bccb135eSPaolo Bonzini 546bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb nbd:my_nbd_server.mydomain.org:1024 547bccb135eSPaolo Bonzini |qemu_system| linux2.img -hdb nbd:unix:/tmp/my_socket 548bccb135eSPaolo Bonzini |qemu_system| -cdrom nbd:localhost:10809:exportname=debian-500-ppc-netinst 549bccb135eSPaolo Bonzini 550bccb135eSPaolo BonziniiSCSI LUNs 551bccb135eSPaolo Bonzini~~~~~~~~~~ 552bccb135eSPaolo Bonzini 553bccb135eSPaolo BonziniiSCSI is a popular protocol used to access SCSI devices across a computer 554bccb135eSPaolo Bonzininetwork. 555bccb135eSPaolo Bonzini 556bccb135eSPaolo BonziniThere are two different ways iSCSI devices can be used by QEMU. 557bccb135eSPaolo Bonzini 558bccb135eSPaolo BonziniThe first method is to mount the iSCSI LUN on the host, and make it appear as 559bccb135eSPaolo Bonziniany other ordinary SCSI device on the host and then to access this device as a 560bccb135eSPaolo Bonzini/dev/sd device from QEMU. How to do this differs between host OSes. 561bccb135eSPaolo Bonzini 562bccb135eSPaolo BonziniThe second method involves using the iSCSI initiator that is built into 563bccb135eSPaolo BonziniQEMU. This provides a mechanism that works the same way regardless of which 564bccb135eSPaolo Bonzinihost OS you are running QEMU on. This section will describe this second method 565bccb135eSPaolo Bonziniof using iSCSI together with QEMU. 566bccb135eSPaolo Bonzini 567bccb135eSPaolo BonziniIn QEMU, iSCSI devices are described using special iSCSI URLs. URL syntax: 568bccb135eSPaolo Bonzini 569bccb135eSPaolo Bonzini:: 570bccb135eSPaolo Bonzini 571bccb135eSPaolo Bonzini iscsi://[<username>[%<password>]@]<host>[:<port>]/<target-iqn-name>/<lun> 572bccb135eSPaolo Bonzini 573bccb135eSPaolo BonziniUsername and password are optional and only used if your target is set up 574bccb135eSPaolo Bonziniusing CHAP authentication for access control. 575bccb135eSPaolo BonziniAlternatively the username and password can also be set via environment 576bccb135eSPaolo Bonzinivariables to have these not show up in the process list: 577bccb135eSPaolo Bonzini 578bccb135eSPaolo Bonzini:: 579bccb135eSPaolo Bonzini 580bccb135eSPaolo Bonzini export LIBISCSI_CHAP_USERNAME=<username> 581bccb135eSPaolo Bonzini export LIBISCSI_CHAP_PASSWORD=<password> 582bccb135eSPaolo Bonzini iscsi://<host>/<target-iqn-name>/<lun> 583bccb135eSPaolo Bonzini 584bccb135eSPaolo BonziniVarious session related parameters can be set via special options, either 585bccb135eSPaolo Bonziniin a configuration file provided via '-readconfig' or directly on the 586bccb135eSPaolo Bonzinicommand line. 587bccb135eSPaolo Bonzini 588bccb135eSPaolo BonziniIf the initiator-name is not specified qemu will use a default name 589bccb135eSPaolo Bonziniof 'iqn.2008-11.org.linux-kvm[:<uuid>'] where <uuid> is the UUID of the 590bccb135eSPaolo Bonzinivirtual machine. If the UUID is not specified qemu will use 591bccb135eSPaolo Bonzini'iqn.2008-11.org.linux-kvm[:<name>'] where <name> is the name of the 592bccb135eSPaolo Bonzinivirtual machine. 593bccb135eSPaolo Bonzini 594bccb135eSPaolo BonziniSetting a specific initiator name to use when logging in to the target: 595bccb135eSPaolo Bonzini 596bccb135eSPaolo Bonzini:: 597bccb135eSPaolo Bonzini 598bccb135eSPaolo Bonzini -iscsi initiator-name=iqn.qemu.test:my-initiator 599bccb135eSPaolo Bonzini 600bccb135eSPaolo BonziniControlling which type of header digest to negotiate with the target: 601bccb135eSPaolo Bonzini 602bccb135eSPaolo Bonzini:: 603bccb135eSPaolo Bonzini 604bccb135eSPaolo Bonzini -iscsi header-digest=CRC32C|CRC32C-NONE|NONE-CRC32C|NONE 605bccb135eSPaolo Bonzini 606bccb135eSPaolo BonziniThese can also be set via a configuration file: 607bccb135eSPaolo Bonzini 608bccb135eSPaolo Bonzini:: 609bccb135eSPaolo Bonzini 610bccb135eSPaolo Bonzini [iscsi] 611bccb135eSPaolo Bonzini user = "CHAP username" 612bccb135eSPaolo Bonzini password = "CHAP password" 613bccb135eSPaolo Bonzini initiator-name = "iqn.qemu.test:my-initiator" 614bccb135eSPaolo Bonzini # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE 615bccb135eSPaolo Bonzini header-digest = "CRC32C" 616bccb135eSPaolo Bonzini 617bccb135eSPaolo BonziniSetting the target name allows different options for different targets: 618bccb135eSPaolo Bonzini 619bccb135eSPaolo Bonzini:: 620bccb135eSPaolo Bonzini 621bccb135eSPaolo Bonzini [iscsi "iqn.target.name"] 622bccb135eSPaolo Bonzini user = "CHAP username" 623bccb135eSPaolo Bonzini password = "CHAP password" 624bccb135eSPaolo Bonzini initiator-name = "iqn.qemu.test:my-initiator" 625bccb135eSPaolo Bonzini # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE 626bccb135eSPaolo Bonzini header-digest = "CRC32C" 627bccb135eSPaolo Bonzini 628bccb135eSPaolo BonziniHow to use a configuration file to set iSCSI configuration options: 629bccb135eSPaolo Bonzini 630bccb135eSPaolo Bonzini.. parsed-literal:: 631bccb135eSPaolo Bonzini 632bccb135eSPaolo Bonzini cat >iscsi.conf <<EOF 633bccb135eSPaolo Bonzini [iscsi] 634bccb135eSPaolo Bonzini user = "me" 635bccb135eSPaolo Bonzini password = "my password" 636bccb135eSPaolo Bonzini initiator-name = "iqn.qemu.test:my-initiator" 637bccb135eSPaolo Bonzini header-digest = "CRC32C" 638bccb135eSPaolo Bonzini EOF 639bccb135eSPaolo Bonzini 640bccb135eSPaolo Bonzini |qemu_system| -drive file=iscsi://127.0.0.1/iqn.qemu.test/1 \\ 641bccb135eSPaolo Bonzini -readconfig iscsi.conf 642bccb135eSPaolo Bonzini 643bccb135eSPaolo BonziniHow to set up a simple iSCSI target on loopback and access it via QEMU: 644bccb135eSPaolo Bonzinithis example shows how to set up an iSCSI target with one CDROM and one DISK 645bccb135eSPaolo Bonziniusing the Linux STGT software target. This target is available on Red Hat based 646bccb135eSPaolo Bonzinisystems as the package 'scsi-target-utils'. 647bccb135eSPaolo Bonzini 648bccb135eSPaolo Bonzini.. parsed-literal:: 649bccb135eSPaolo Bonzini 650bccb135eSPaolo Bonzini tgtd --iscsi portal=127.0.0.1:3260 651bccb135eSPaolo Bonzini tgtadm --lld iscsi --op new --mode target --tid 1 -T iqn.qemu.test 652bccb135eSPaolo Bonzini tgtadm --lld iscsi --mode logicalunit --op new --tid 1 --lun 1 \\ 653bccb135eSPaolo Bonzini -b /IMAGES/disk.img --device-type=disk 654bccb135eSPaolo Bonzini tgtadm --lld iscsi --mode logicalunit --op new --tid 1 --lun 2 \\ 655bccb135eSPaolo Bonzini -b /IMAGES/cd.iso --device-type=cd 656bccb135eSPaolo Bonzini tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL 657bccb135eSPaolo Bonzini 658bccb135eSPaolo Bonzini |qemu_system| -iscsi initiator-name=iqn.qemu.test:my-initiator \\ 659bccb135eSPaolo Bonzini -boot d -drive file=iscsi://127.0.0.1/iqn.qemu.test/1 \\ 660bccb135eSPaolo Bonzini -cdrom iscsi://127.0.0.1/iqn.qemu.test/2 661bccb135eSPaolo Bonzini 662bccb135eSPaolo BonziniGlusterFS disk images 663bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~ 664bccb135eSPaolo Bonzini 665bccb135eSPaolo BonziniGlusterFS is a user space distributed file system. 666bccb135eSPaolo Bonzini 667bccb135eSPaolo BonziniYou can boot from the GlusterFS disk image with the command: 668bccb135eSPaolo Bonzini 669bccb135eSPaolo BonziniURI: 670bccb135eSPaolo Bonzini 671bccb135eSPaolo Bonzini.. parsed-literal:: 672bccb135eSPaolo Bonzini 673bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster[+TYPE]://[HOST}[:PORT]]/VOLUME/PATH 674bccb135eSPaolo Bonzini [?socket=...][,file.debug=9][,file.logfile=...] 675bccb135eSPaolo Bonzini 676bccb135eSPaolo BonziniJSON: 677bccb135eSPaolo Bonzini 678bccb135eSPaolo Bonzini.. parsed-literal:: 679bccb135eSPaolo Bonzini 680bccb135eSPaolo Bonzini |qemu_system| 'json:{"driver":"qcow2", 681bccb135eSPaolo Bonzini "file":{"driver":"gluster", 682bccb135eSPaolo Bonzini "volume":"testvol","path":"a.img","debug":9,"logfile":"...", 683bccb135eSPaolo Bonzini "server":[{"type":"tcp","host":"...","port":"..."}, 684bccb135eSPaolo Bonzini {"type":"unix","socket":"..."}]}}' 685bccb135eSPaolo Bonzini 686bccb135eSPaolo Bonzini*gluster* is the protocol. 687bccb135eSPaolo Bonzini 688bccb135eSPaolo Bonzini*TYPE* specifies the transport type used to connect to gluster 689bccb135eSPaolo Bonzinimanagement daemon (glusterd). Valid transport types are 690bccb135eSPaolo Bonzinitcp and unix. In the URI form, if a transport type isn't specified, 691bccb135eSPaolo Bonzinithen tcp type is assumed. 692bccb135eSPaolo Bonzini 693bccb135eSPaolo Bonzini*HOST* specifies the server where the volume file specification for 694bccb135eSPaolo Bonzinithe given volume resides. This can be either a hostname or an ipv4 address. 695bccb135eSPaolo BonziniIf transport type is unix, then *HOST* field should not be specified. 696bccb135eSPaolo BonziniInstead *socket* field needs to be populated with the path to unix domain 697bccb135eSPaolo Bonzinisocket. 698bccb135eSPaolo Bonzini 699bccb135eSPaolo Bonzini*PORT* is the port number on which glusterd is listening. This is optional 700bccb135eSPaolo Bonziniand if not specified, it defaults to port 24007. If the transport type is unix, 701bccb135eSPaolo Bonzinithen *PORT* should not be specified. 702bccb135eSPaolo Bonzini 703bccb135eSPaolo Bonzini*VOLUME* is the name of the gluster volume which contains the disk image. 704bccb135eSPaolo Bonzini 705bccb135eSPaolo Bonzini*PATH* is the path to the actual disk image that resides on gluster volume. 706bccb135eSPaolo Bonzini 707bccb135eSPaolo Bonzini*debug* is the logging level of the gluster protocol driver. Debug levels 708bccb135eSPaolo Bonziniare 0-9, with 9 being the most verbose, and 0 representing no debugging output. 709bccb135eSPaolo BonziniThe default level is 4. The current logging levels defined in the gluster source 710bccb135eSPaolo Bonziniare 0 - None, 1 - Emergency, 2 - Alert, 3 - Critical, 4 - Error, 5 - Warning, 711bccb135eSPaolo Bonzini6 - Notice, 7 - Info, 8 - Debug, 9 - Trace 712bccb135eSPaolo Bonzini 713bccb135eSPaolo Bonzini*logfile* is a commandline option to mention log file path which helps in 714bccb135eSPaolo Bonzinilogging to the specified file and also help in persisting the gfapi logs. The 715bccb135eSPaolo Bonzinidefault is stderr. 716bccb135eSPaolo Bonzini 717bccb135eSPaolo BonziniYou can create a GlusterFS disk image with the command: 718bccb135eSPaolo Bonzini 719bccb135eSPaolo Bonzini.. parsed-literal:: 720bccb135eSPaolo Bonzini 721bccb135eSPaolo Bonzini qemu-img create gluster://HOST/VOLUME/PATH SIZE 722bccb135eSPaolo Bonzini 723bccb135eSPaolo BonziniExamples 724bccb135eSPaolo Bonzini 725bccb135eSPaolo Bonzini.. parsed-literal:: 726bccb135eSPaolo Bonzini 727bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster://1.2.3.4/testvol/a.img 728bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://1.2.3.4/testvol/a.img 729bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://1.2.3.4:24007/testvol/dir/a.img 730bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://[1:2:3:4:5:6:7:8]/testvol/dir/a.img 731bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://[1:2:3:4:5:6:7:8]:24007/testvol/dir/a.img 732bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://server.domain.com:24007/testvol/dir/a.img 733bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+unix:///testvol/dir/a.img?socket=/tmp/glusterd.socket 734bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+rdma://1.2.3.4:24007/testvol/a.img 735bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster://1.2.3.4/testvol/a.img,file.debug=9,file.logfile=/var/log/qemu-gluster.log 736bccb135eSPaolo Bonzini |qemu_system| 'json:{"driver":"qcow2", 737bccb135eSPaolo Bonzini "file":{"driver":"gluster", 738bccb135eSPaolo Bonzini "volume":"testvol","path":"a.img", 739bccb135eSPaolo Bonzini "debug":9,"logfile":"/var/log/qemu-gluster.log", 740bccb135eSPaolo Bonzini "server":[{"type":"tcp","host":"1.2.3.4","port":24007}, 741bccb135eSPaolo Bonzini {"type":"unix","socket":"/var/run/glusterd.socket"}]}}' 742bccb135eSPaolo Bonzini |qemu_system| -drive driver=qcow2,file.driver=gluster,file.volume=testvol,file.path=/path/a.img, 743bccb135eSPaolo Bonzini file.debug=9,file.logfile=/var/log/qemu-gluster.log, 744bccb135eSPaolo Bonzini file.server.0.type=tcp,file.server.0.host=1.2.3.4,file.server.0.port=24007, 745bccb135eSPaolo Bonzini file.server.1.type=unix,file.server.1.socket=/var/run/glusterd.socket 746bccb135eSPaolo Bonzini 747bccb135eSPaolo BonziniSecure Shell (ssh) disk images 748bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 749bccb135eSPaolo Bonzini 750bccb135eSPaolo BonziniYou can access disk images located on a remote ssh server 751bccb135eSPaolo Bonziniby using the ssh protocol: 752bccb135eSPaolo Bonzini 753bccb135eSPaolo Bonzini.. parsed-literal:: 754bccb135eSPaolo Bonzini 755bccb135eSPaolo Bonzini |qemu_system| -drive file=ssh://[USER@]SERVER[:PORT]/PATH[?host_key_check=HOST_KEY_CHECK] 756bccb135eSPaolo Bonzini 757bccb135eSPaolo BonziniAlternative syntax using properties: 758bccb135eSPaolo Bonzini 759bccb135eSPaolo Bonzini.. parsed-literal:: 760bccb135eSPaolo Bonzini 761bccb135eSPaolo Bonzini |qemu_system| -drive file.driver=ssh[,file.user=USER],file.host=SERVER[,file.port=PORT],file.path=PATH[,file.host_key_check=HOST_KEY_CHECK] 762bccb135eSPaolo Bonzini 763bccb135eSPaolo Bonzini*ssh* is the protocol. 764bccb135eSPaolo Bonzini 765bccb135eSPaolo Bonzini*USER* is the remote user. If not specified, then the local 766bccb135eSPaolo Bonziniusername is tried. 767bccb135eSPaolo Bonzini 768bccb135eSPaolo Bonzini*SERVER* specifies the remote ssh server. Any ssh server can be 769bccb135eSPaolo Bonziniused, but it must implement the sftp-server protocol. Most Unix/Linux 770bccb135eSPaolo Bonzinisystems should work without requiring any extra configuration. 771bccb135eSPaolo Bonzini 772bccb135eSPaolo Bonzini*PORT* is the port number on which sshd is listening. By default 773bccb135eSPaolo Bonzinithe standard ssh port (22) is used. 774bccb135eSPaolo Bonzini 775bccb135eSPaolo Bonzini*PATH* is the path to the disk image. 776bccb135eSPaolo Bonzini 777bccb135eSPaolo BonziniThe optional *HOST_KEY_CHECK* parameter controls how the remote 778bccb135eSPaolo Bonzinihost's key is checked. The default is ``yes`` which means to use 779bccb135eSPaolo Bonzinithe local ``.ssh/known_hosts`` file. Setting this to ``no`` 780bccb135eSPaolo Bonziniturns off known-hosts checking. Or you can check that the host key 781*ab458750SDaniel P. Berrangématches a specific fingerprint. The fingerprint can be provided in 782*ab458750SDaniel P. Berrangé``md5``, ``sha1``, or ``sha256`` format, however, it is strongly 783*ab458750SDaniel P. Berrangérecommended to only use ``sha256``, since the other options are 784*ab458750SDaniel P. Berrangéconsidered insecure by modern standards. The fingerprint value 785*ab458750SDaniel P. Berrangémust be given as a hex encoded string:: 786*ab458750SDaniel P. Berrangé 787*ab458750SDaniel P. Berrangé host_key_check=sha256:04ce2ae89ff4295a6b9c4111640bdcb3297858ee55cb434d9dd88796e93aa795 788*ab458750SDaniel P. Berrangé 789*ab458750SDaniel P. BerrangéThe key string may optionally contain ":" separators between 790*ab458750SDaniel P. Berrangéeach pair of hex digits. 791*ab458750SDaniel P. Berrangé 792*ab458750SDaniel P. BerrangéThe ``$HOME/.ssh/known_hosts`` file contains the base64 encoded 793*ab458750SDaniel P. Berrangéhost keys. These can be converted into the format needed for 794*ab458750SDaniel P. BerrangéQEMU using a command such as:: 795*ab458750SDaniel P. Berrangé 796*ab458750SDaniel P. Berrangé $ for key in `grep 10.33.8.112 known_hosts | awk '{print $3}'` 797*ab458750SDaniel P. Berrangé do 798*ab458750SDaniel P. Berrangé echo $key | base64 -d | sha256sum 799*ab458750SDaniel P. Berrangé done 800*ab458750SDaniel P. Berrangé 6c3aa525beda9dc83eadfbd7e5ba7d976ecb59575d1633c87cd06ed2ed6e366f - 801*ab458750SDaniel P. Berrangé 12214fd9ea5b408086f98ecccd9958609bd9ac7c0ea316734006bc7818b45dc8 - 802*ab458750SDaniel P. Berrangé d36420137bcbd101209ef70c3b15dc07362fbe0fa53c5b135eba6e6afa82f0ce - 803*ab458750SDaniel P. Berrangé 804*ab458750SDaniel P. BerrangéNote that there can be multiple keys present per host, each with 805*ab458750SDaniel P. Berrangédifferent key ciphers. Care is needed to pick the key fingerprint 806*ab458750SDaniel P. Berrangéthat matches the cipher QEMU will negotiate with the remote server. 807bccb135eSPaolo Bonzini 808bccb135eSPaolo BonziniCurrently authentication must be done using ssh-agent. Other 809bccb135eSPaolo Bonziniauthentication methods may be supported in future. 810bccb135eSPaolo Bonzini 811bccb135eSPaolo BonziniNote: Many ssh servers do not support an ``fsync``-style operation. 812bccb135eSPaolo BonziniThe ssh driver cannot guarantee that disk flush requests are 813bccb135eSPaolo Bonziniobeyed, and this causes a risk of disk corruption if the remote 814bccb135eSPaolo Bonziniserver or network goes down during writes. The driver will 815bccb135eSPaolo Bonziniprint a warning when ``fsync`` is not supported: 816bccb135eSPaolo Bonzini 817bccb135eSPaolo Bonzini:: 818bccb135eSPaolo Bonzini 819bccb135eSPaolo Bonzini warning: ssh server ssh.example.com:22 does not support fsync 820bccb135eSPaolo Bonzini 821bccb135eSPaolo BonziniWith sufficiently new versions of libssh and OpenSSH, ``fsync`` is 822bccb135eSPaolo Bonzinisupported. 823bccb135eSPaolo Bonzini 824bccb135eSPaolo BonziniNVMe disk images 825bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~ 826bccb135eSPaolo Bonzini 827bccb135eSPaolo BonziniNVM Express (NVMe) storage controllers can be accessed directly by a userspace 828bccb135eSPaolo Bonzinidriver in QEMU. This bypasses the host kernel file system and block layers 829bccb135eSPaolo Bonziniwhile retaining QEMU block layer functionalities, such as block jobs, I/O 830bccb135eSPaolo Bonzinithrottling, image formats, etc. Disk I/O performance is typically higher than 831bccb135eSPaolo Bonziniwith ``-drive file=/dev/sda`` using either thread pool or linux-aio. 832bccb135eSPaolo Bonzini 833bccb135eSPaolo BonziniThe controller will be exclusively used by the QEMU process once started. To be 834bccb135eSPaolo Bonziniable to share storage between multiple VMs and other applications on the host, 835bccb135eSPaolo Bonziniplease use the file based protocols. 836bccb135eSPaolo Bonzini 837bccb135eSPaolo BonziniBefore starting QEMU, bind the host NVMe controller to the host vfio-pci 838bccb135eSPaolo Bonzinidriver. For example: 839bccb135eSPaolo Bonzini 840bccb135eSPaolo Bonzini.. parsed-literal:: 841bccb135eSPaolo Bonzini 842bccb135eSPaolo Bonzini # modprobe vfio-pci 843bccb135eSPaolo Bonzini # lspci -n -s 0000:06:0d.0 844bccb135eSPaolo Bonzini 06:0d.0 0401: 1102:0002 (rev 08) 845bccb135eSPaolo Bonzini # echo 0000:06:0d.0 > /sys/bus/pci/devices/0000:06:0d.0/driver/unbind 846bccb135eSPaolo Bonzini # echo 1102 0002 > /sys/bus/pci/drivers/vfio-pci/new_id 847bccb135eSPaolo Bonzini 848bccb135eSPaolo Bonzini # |qemu_system| -drive file=nvme://HOST:BUS:SLOT.FUNC/NAMESPACE 849bccb135eSPaolo Bonzini 850bccb135eSPaolo BonziniAlternative syntax using properties: 851bccb135eSPaolo Bonzini 852bccb135eSPaolo Bonzini.. parsed-literal:: 853bccb135eSPaolo Bonzini 854bccb135eSPaolo Bonzini |qemu_system| -drive file.driver=nvme,file.device=HOST:BUS:SLOT.FUNC,file.namespace=NAMESPACE 855bccb135eSPaolo Bonzini 856bccb135eSPaolo Bonzini*HOST*:*BUS*:*SLOT*.\ *FUNC* is the NVMe controller's PCI device 857bccb135eSPaolo Bonziniaddress on the host. 858bccb135eSPaolo Bonzini 859bccb135eSPaolo Bonzini*NAMESPACE* is the NVMe namespace number, starting from 1. 860bccb135eSPaolo Bonzini 861bccb135eSPaolo BonziniDisk image file locking 862bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~ 863bccb135eSPaolo Bonzini 864bccb135eSPaolo BonziniBy default, QEMU tries to protect image files from unexpected concurrent 865bccb135eSPaolo Bonziniaccess, as long as it's supported by the block protocol driver and host 866bccb135eSPaolo Bonzinioperating system. If multiple QEMU processes (including QEMU emulators and 867bccb135eSPaolo Bonziniutilities) try to open the same image with conflicting accessing modes, all but 868bccb135eSPaolo Bonzinithe first one will get an error. 869bccb135eSPaolo Bonzini 870bccb135eSPaolo BonziniThis feature is currently supported by the file protocol on Linux with the Open 871bccb135eSPaolo BonziniFile Descriptor (OFD) locking API, and can be configured to fall back to POSIX 872bccb135eSPaolo Bonzinilocking if the POSIX host doesn't support Linux OFD locking. 873bccb135eSPaolo Bonzini 874bccb135eSPaolo BonziniTo explicitly enable image locking, specify "locking=on" in the file protocol 875bccb135eSPaolo Bonzinidriver options. If OFD locking is not possible, a warning will be printed and 876bccb135eSPaolo Bonzinithe POSIX locking API will be used. In this case there is a risk that the lock 877bccb135eSPaolo Bonziniwill get silently lost when doing hot plugging and block jobs, due to the 878bccb135eSPaolo Bonzinishortcomings of the POSIX locking API. 879bccb135eSPaolo Bonzini 880bccb135eSPaolo BonziniQEMU transparently handles lock handover during shared storage migration. For 881bccb135eSPaolo Bonzinishared virtual disk images between multiple VMs, the "share-rw" device option 882bccb135eSPaolo Bonzinishould be used. 883bccb135eSPaolo Bonzini 884bccb135eSPaolo BonziniBy default, the guest has exclusive write access to its disk image. If the 885bccb135eSPaolo Bonziniguest can safely share the disk image with other writers the 886bccb135eSPaolo Bonzini``-device ...,share-rw=on`` parameter can be used. This is only safe if 887bccb135eSPaolo Bonzinithe guest is running software, such as a cluster file system, that 888bccb135eSPaolo Bonzinicoordinates disk accesses to avoid corruption. 889bccb135eSPaolo Bonzini 890bccb135eSPaolo BonziniNote that share-rw=on only declares the guest's ability to share the disk. 891bccb135eSPaolo BonziniSome QEMU features, such as image file formats, require exclusive write access 892bccb135eSPaolo Bonzinito the disk image and this is unaffected by the share-rw=on option. 893bccb135eSPaolo Bonzini 894bccb135eSPaolo BonziniAlternatively, locking can be fully disabled by "locking=off" block device 895bccb135eSPaolo Bonzinioption. In the command line, the option is usually in the form of 896bccb135eSPaolo Bonzini"file.locking=off" as the protocol driver is normally placed as a "file" child 897bccb135eSPaolo Bonziniunder a format driver. For example: 898bccb135eSPaolo Bonzini 899bccb135eSPaolo Bonzini:: 900bccb135eSPaolo Bonzini 901bccb135eSPaolo Bonzini -blockdev driver=qcow2,file.filename=/path/to/image,file.locking=off,file.driver=file 902bccb135eSPaolo Bonzini 903bccb135eSPaolo BonziniTo check if image locking is active, check the output of the "lslocks" command 904bccb135eSPaolo Bonzinion host and see if there are locks held by the QEMU process on the image file. 905bccb135eSPaolo BonziniMore than one byte could be locked by the QEMU instance, each byte of which 906bccb135eSPaolo Bonzinireflects a particular permission that is acquired or protected by the running 907bccb135eSPaolo Bonziniblock driver. 90833fa2222SVladimir Sementsov-Ogievskiy 90933fa2222SVladimir Sementsov-OgievskiyFilter drivers 91033fa2222SVladimir Sementsov-Ogievskiy~~~~~~~~~~~~~~ 91133fa2222SVladimir Sementsov-Ogievskiy 91233fa2222SVladimir Sementsov-OgievskiyQEMU supports several filter drivers, which don't store any data, but perform 91333fa2222SVladimir Sementsov-Ogievskiysome additional tasks, hooking io requests. 91433fa2222SVladimir Sementsov-Ogievskiy 91533fa2222SVladimir Sementsov-Ogievskiy.. program:: filter-drivers 91633fa2222SVladimir Sementsov-Ogievskiy.. option:: preallocate 91733fa2222SVladimir Sementsov-Ogievskiy 91833fa2222SVladimir Sementsov-Ogievskiy The preallocate filter driver is intended to be inserted between format 91933fa2222SVladimir Sementsov-Ogievskiy and protocol nodes and preallocates some additional space 92033fa2222SVladimir Sementsov-Ogievskiy (expanding the protocol file) when writing past the file’s end. This can be 92133fa2222SVladimir Sementsov-Ogievskiy useful for file-systems with slow allocation. 92233fa2222SVladimir Sementsov-Ogievskiy 92333fa2222SVladimir Sementsov-Ogievskiy Supported options: 92433fa2222SVladimir Sementsov-Ogievskiy 92533fa2222SVladimir Sementsov-Ogievskiy .. program:: preallocate 92633fa2222SVladimir Sementsov-Ogievskiy .. option:: prealloc-align 92733fa2222SVladimir Sementsov-Ogievskiy 92833fa2222SVladimir Sementsov-Ogievskiy On preallocation, align the file length to this value (in bytes), default 1M. 92933fa2222SVladimir Sementsov-Ogievskiy 93033fa2222SVladimir Sementsov-Ogievskiy .. program:: preallocate 93133fa2222SVladimir Sementsov-Ogievskiy .. option:: prealloc-size 93233fa2222SVladimir Sementsov-Ogievskiy 93333fa2222SVladimir Sementsov-Ogievskiy How much to preallocate (in bytes), default 128M. 934