1*bccb135eSPaolo BonziniDisk image file formats 2*bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~ 3*bccb135eSPaolo Bonzini 4*bccb135eSPaolo BonziniQEMU supports many image file formats that can be used with VMs as well as with 5*bccb135eSPaolo Bonziniany of the tools (like ``qemu-img``). This includes the preferred formats 6*bccb135eSPaolo Bonziniraw and qcow2 as well as formats that are supported for compatibility with 7*bccb135eSPaolo Bonziniolder QEMU versions or other hypervisors. 8*bccb135eSPaolo Bonzini 9*bccb135eSPaolo BonziniDepending on the image format, different options can be passed to 10*bccb135eSPaolo Bonzini``qemu-img create`` and ``qemu-img convert`` using the ``-o`` option. 11*bccb135eSPaolo BonziniThis section describes each format and the options that are supported for it. 12*bccb135eSPaolo Bonzini 13*bccb135eSPaolo Bonzini.. program:: image-formats 14*bccb135eSPaolo Bonzini.. option:: raw 15*bccb135eSPaolo Bonzini 16*bccb135eSPaolo Bonzini Raw disk image format. This format has the advantage of 17*bccb135eSPaolo Bonzini being simple and easily exportable to all other emulators. If your 18*bccb135eSPaolo Bonzini file system supports *holes* (for example in ext2 or ext3 on 19*bccb135eSPaolo Bonzini Linux or NTFS on Windows), then only the written sectors will reserve 20*bccb135eSPaolo Bonzini space. Use ``qemu-img info`` to know the real size used by the 21*bccb135eSPaolo Bonzini image or ``ls -ls`` on Unix/Linux. 22*bccb135eSPaolo Bonzini 23*bccb135eSPaolo Bonzini Supported options: 24*bccb135eSPaolo Bonzini 25*bccb135eSPaolo Bonzini .. program:: raw 26*bccb135eSPaolo Bonzini .. option:: preallocation 27*bccb135eSPaolo Bonzini 28*bccb135eSPaolo Bonzini Preallocation mode (allowed values: ``off``, ``falloc``, 29*bccb135eSPaolo Bonzini ``full``). ``falloc`` mode preallocates space for image by 30*bccb135eSPaolo Bonzini calling ``posix_fallocate()``. ``full`` mode preallocates space 31*bccb135eSPaolo Bonzini for image by writing data to underlying storage. This data may or 32*bccb135eSPaolo Bonzini may not be zero, depending on the storage location. 33*bccb135eSPaolo Bonzini 34*bccb135eSPaolo Bonzini.. program:: image-formats 35*bccb135eSPaolo Bonzini.. option:: qcow2 36*bccb135eSPaolo Bonzini 37*bccb135eSPaolo Bonzini QEMU image format, the most versatile format. Use it to have smaller 38*bccb135eSPaolo Bonzini images (useful if your filesystem does not supports holes, for example 39*bccb135eSPaolo Bonzini on Windows), zlib based compression and support of multiple VM 40*bccb135eSPaolo Bonzini snapshots. 41*bccb135eSPaolo Bonzini 42*bccb135eSPaolo Bonzini Supported options: 43*bccb135eSPaolo Bonzini 44*bccb135eSPaolo Bonzini .. program:: qcow2 45*bccb135eSPaolo Bonzini .. option:: compat 46*bccb135eSPaolo Bonzini 47*bccb135eSPaolo Bonzini Determines the qcow2 version to use. ``compat=0.10`` uses the 48*bccb135eSPaolo Bonzini traditional image format that can be read by any QEMU since 0.10. 49*bccb135eSPaolo Bonzini ``compat=1.1`` enables image format extensions that only QEMU 1.1 and 50*bccb135eSPaolo Bonzini newer understand (this is the default). Amongst others, this includes 51*bccb135eSPaolo Bonzini zero clusters, which allow efficient copy-on-read for sparse images. 52*bccb135eSPaolo Bonzini 53*bccb135eSPaolo Bonzini .. option:: backing_file 54*bccb135eSPaolo Bonzini 55*bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand) 56*bccb135eSPaolo Bonzini 57*bccb135eSPaolo Bonzini .. option:: backing_fmt 58*bccb135eSPaolo Bonzini 59*bccb135eSPaolo Bonzini Image format of the base image 60*bccb135eSPaolo Bonzini 61*bccb135eSPaolo Bonzini .. option:: encryption 62*bccb135eSPaolo Bonzini 63*bccb135eSPaolo Bonzini This option is deprecated and equivalent to ``encrypt.format=aes`` 64*bccb135eSPaolo Bonzini 65*bccb135eSPaolo Bonzini .. option:: encrypt.format 66*bccb135eSPaolo Bonzini 67*bccb135eSPaolo Bonzini If this is set to ``luks``, it requests that the qcow2 payload (not 68*bccb135eSPaolo Bonzini qcow2 header) be encrypted using the LUKS format. The passphrase to 69*bccb135eSPaolo Bonzini use to unlock the LUKS key slot is given by the ``encrypt.key-secret`` 70*bccb135eSPaolo Bonzini parameter. LUKS encryption parameters can be tuned with the other 71*bccb135eSPaolo Bonzini ``encrypt.*`` parameters. 72*bccb135eSPaolo Bonzini 73*bccb135eSPaolo Bonzini If this is set to ``aes``, the image is encrypted with 128-bit AES-CBC. 74*bccb135eSPaolo Bonzini The encryption key is given by the ``encrypt.key-secret`` parameter. 75*bccb135eSPaolo Bonzini This encryption format is considered to be flawed by modern cryptography 76*bccb135eSPaolo Bonzini standards, suffering from a number of design problems: 77*bccb135eSPaolo Bonzini 78*bccb135eSPaolo Bonzini - The AES-CBC cipher is used with predictable initialization vectors based 79*bccb135eSPaolo Bonzini on the sector number. This makes it vulnerable to chosen plaintext attacks 80*bccb135eSPaolo Bonzini which can reveal the existence of encrypted data. 81*bccb135eSPaolo Bonzini - The user passphrase is directly used as the encryption key. A poorly 82*bccb135eSPaolo Bonzini chosen or short passphrase will compromise the security of the encryption. 83*bccb135eSPaolo Bonzini - In the event of the passphrase being compromised there is no way to 84*bccb135eSPaolo Bonzini change the passphrase to protect data in any qcow images. The files must 85*bccb135eSPaolo Bonzini be cloned, using a different encryption passphrase in the new file. The 86*bccb135eSPaolo Bonzini original file must then be securely erased using a program like shred, 87*bccb135eSPaolo Bonzini though even this is ineffective with many modern storage technologies. 88*bccb135eSPaolo Bonzini 89*bccb135eSPaolo Bonzini The use of this is no longer supported in system emulators. Support only 90*bccb135eSPaolo Bonzini remains in the command line utilities, for the purposes of data liberation 91*bccb135eSPaolo Bonzini and interoperability with old versions of QEMU. The ``luks`` format 92*bccb135eSPaolo Bonzini should be used instead. 93*bccb135eSPaolo Bonzini 94*bccb135eSPaolo Bonzini .. option:: encrypt.key-secret 95*bccb135eSPaolo Bonzini 96*bccb135eSPaolo Bonzini Provides the ID of a ``secret`` object that contains the passphrase 97*bccb135eSPaolo Bonzini (``encrypt.format=luks``) or encryption key (``encrypt.format=aes``). 98*bccb135eSPaolo Bonzini 99*bccb135eSPaolo Bonzini .. option:: encrypt.cipher-alg 100*bccb135eSPaolo Bonzini 101*bccb135eSPaolo Bonzini Name of the cipher algorithm and key length. Currently defaults 102*bccb135eSPaolo Bonzini to ``aes-256``. Only used when ``encrypt.format=luks``. 103*bccb135eSPaolo Bonzini 104*bccb135eSPaolo Bonzini .. option:: encrypt.cipher-mode 105*bccb135eSPaolo Bonzini 106*bccb135eSPaolo Bonzini Name of the encryption mode to use. Currently defaults to ``xts``. 107*bccb135eSPaolo Bonzini Only used when ``encrypt.format=luks``. 108*bccb135eSPaolo Bonzini 109*bccb135eSPaolo Bonzini .. option:: encrypt.ivgen-alg 110*bccb135eSPaolo Bonzini 111*bccb135eSPaolo Bonzini Name of the initialization vector generator algorithm. Currently defaults 112*bccb135eSPaolo Bonzini to ``plain64``. Only used when ``encrypt.format=luks``. 113*bccb135eSPaolo Bonzini 114*bccb135eSPaolo Bonzini .. option:: encrypt.ivgen-hash-alg 115*bccb135eSPaolo Bonzini 116*bccb135eSPaolo Bonzini Name of the hash algorithm to use with the initialization vector generator 117*bccb135eSPaolo Bonzini (if required). Defaults to ``sha256``. Only used when ``encrypt.format=luks``. 118*bccb135eSPaolo Bonzini 119*bccb135eSPaolo Bonzini .. option:: encrypt.hash-alg 120*bccb135eSPaolo Bonzini 121*bccb135eSPaolo Bonzini Name of the hash algorithm to use for PBKDF algorithm 122*bccb135eSPaolo Bonzini Defaults to ``sha256``. Only used when ``encrypt.format=luks``. 123*bccb135eSPaolo Bonzini 124*bccb135eSPaolo Bonzini .. option:: encrypt.iter-time 125*bccb135eSPaolo Bonzini 126*bccb135eSPaolo Bonzini Amount of time, in milliseconds, to use for PBKDF algorithm per key slot. 127*bccb135eSPaolo Bonzini Defaults to ``2000``. Only used when ``encrypt.format=luks``. 128*bccb135eSPaolo Bonzini 129*bccb135eSPaolo Bonzini .. option:: cluster_size 130*bccb135eSPaolo Bonzini 131*bccb135eSPaolo Bonzini Changes the qcow2 cluster size (must be between 512 and 2M). Smaller cluster 132*bccb135eSPaolo Bonzini sizes can improve the image file size whereas larger cluster sizes generally 133*bccb135eSPaolo Bonzini provide better performance. 134*bccb135eSPaolo Bonzini 135*bccb135eSPaolo Bonzini .. option:: preallocation 136*bccb135eSPaolo Bonzini 137*bccb135eSPaolo Bonzini Preallocation mode (allowed values: ``off``, ``metadata``, ``falloc``, 138*bccb135eSPaolo Bonzini ``full``). An image with preallocated metadata is initially larger but can 139*bccb135eSPaolo Bonzini improve performance when the image needs to grow. ``falloc`` and ``full`` 140*bccb135eSPaolo Bonzini preallocations are like the same options of ``raw`` format, but sets up 141*bccb135eSPaolo Bonzini metadata also. 142*bccb135eSPaolo Bonzini 143*bccb135eSPaolo Bonzini .. option:: lazy_refcounts 144*bccb135eSPaolo Bonzini 145*bccb135eSPaolo Bonzini If this option is set to ``on``, reference count updates are postponed with 146*bccb135eSPaolo Bonzini the goal of avoiding metadata I/O and improving performance. This is 147*bccb135eSPaolo Bonzini particularly interesting with :option:`cache=writethrough` which doesn't batch 148*bccb135eSPaolo Bonzini metadata updates. The tradeoff is that after a host crash, the reference count 149*bccb135eSPaolo Bonzini tables must be rebuilt, i.e. on the next open an (automatic) ``qemu-img 150*bccb135eSPaolo Bonzini check -r all`` is required, which may take some time. 151*bccb135eSPaolo Bonzini 152*bccb135eSPaolo Bonzini This option can only be enabled if ``compat=1.1`` is specified. 153*bccb135eSPaolo Bonzini 154*bccb135eSPaolo Bonzini .. option:: nocow 155*bccb135eSPaolo Bonzini 156*bccb135eSPaolo Bonzini If this option is set to ``on``, it will turn off COW of the file. It's only 157*bccb135eSPaolo Bonzini valid on btrfs, no effect on other file systems. 158*bccb135eSPaolo Bonzini 159*bccb135eSPaolo Bonzini Btrfs has low performance when hosting a VM image file, even more 160*bccb135eSPaolo Bonzini when the guest on the VM also using btrfs as file system. Turning off 161*bccb135eSPaolo Bonzini COW is a way to mitigate this bad performance. Generally there are two 162*bccb135eSPaolo Bonzini ways to turn off COW on btrfs: 163*bccb135eSPaolo Bonzini 164*bccb135eSPaolo Bonzini - Disable it by mounting with nodatacow, then all newly created files 165*bccb135eSPaolo Bonzini will be NOCOW. 166*bccb135eSPaolo Bonzini - For an empty file, add the NOCOW file attribute. That's what this 167*bccb135eSPaolo Bonzini option does. 168*bccb135eSPaolo Bonzini 169*bccb135eSPaolo Bonzini Note: this option is only valid to new or empty files. If there is 170*bccb135eSPaolo Bonzini an existing file which is COW and has data blocks already, it couldn't 171*bccb135eSPaolo Bonzini be changed to NOCOW by setting ``nocow=on``. One can issue ``lsattr 172*bccb135eSPaolo Bonzini filename`` to check if the NOCOW flag is set or not (Capital 'C' is 173*bccb135eSPaolo Bonzini NOCOW flag). 174*bccb135eSPaolo Bonzini 175*bccb135eSPaolo Bonzini.. program:: image-formats 176*bccb135eSPaolo Bonzini.. option:: qed 177*bccb135eSPaolo Bonzini 178*bccb135eSPaolo Bonzini Old QEMU image format with support for backing files and compact image files 179*bccb135eSPaolo Bonzini (when your filesystem or transport medium does not support holes). 180*bccb135eSPaolo Bonzini 181*bccb135eSPaolo Bonzini When converting QED images to qcow2, you might want to consider using the 182*bccb135eSPaolo Bonzini ``lazy_refcounts=on`` option to get a more QED-like behaviour. 183*bccb135eSPaolo Bonzini 184*bccb135eSPaolo Bonzini Supported options: 185*bccb135eSPaolo Bonzini 186*bccb135eSPaolo Bonzini .. program:: qed 187*bccb135eSPaolo Bonzini .. option:: backing_file 188*bccb135eSPaolo Bonzini 189*bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand). 190*bccb135eSPaolo Bonzini 191*bccb135eSPaolo Bonzini .. option:: backing_fmt 192*bccb135eSPaolo Bonzini 193*bccb135eSPaolo Bonzini Image file format of backing file (optional). Useful if the format cannot be 194*bccb135eSPaolo Bonzini autodetected because it has no header, like some vhd/vpc files. 195*bccb135eSPaolo Bonzini 196*bccb135eSPaolo Bonzini .. option:: cluster_size 197*bccb135eSPaolo Bonzini 198*bccb135eSPaolo Bonzini Changes the cluster size (must be power-of-2 between 4K and 64K). Smaller 199*bccb135eSPaolo Bonzini cluster sizes can improve the image file size whereas larger cluster sizes 200*bccb135eSPaolo Bonzini generally provide better performance. 201*bccb135eSPaolo Bonzini 202*bccb135eSPaolo Bonzini .. option:: table_size 203*bccb135eSPaolo Bonzini 204*bccb135eSPaolo Bonzini Changes the number of clusters per L1/L2 table (must be 205*bccb135eSPaolo Bonzini power-of-2 between 1 and 16). There is normally no need to 206*bccb135eSPaolo Bonzini change this value but this option can between used for 207*bccb135eSPaolo Bonzini performance benchmarking. 208*bccb135eSPaolo Bonzini 209*bccb135eSPaolo Bonzini.. program:: image-formats 210*bccb135eSPaolo Bonzini.. option:: qcow 211*bccb135eSPaolo Bonzini 212*bccb135eSPaolo Bonzini Old QEMU image format with support for backing files, compact image files, 213*bccb135eSPaolo Bonzini encryption and compression. 214*bccb135eSPaolo Bonzini 215*bccb135eSPaolo Bonzini Supported options: 216*bccb135eSPaolo Bonzini 217*bccb135eSPaolo Bonzini .. program:: qcow 218*bccb135eSPaolo Bonzini .. option:: backing_file 219*bccb135eSPaolo Bonzini 220*bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand) 221*bccb135eSPaolo Bonzini 222*bccb135eSPaolo Bonzini .. option:: encryption 223*bccb135eSPaolo Bonzini 224*bccb135eSPaolo Bonzini This option is deprecated and equivalent to ``encrypt.format=aes`` 225*bccb135eSPaolo Bonzini 226*bccb135eSPaolo Bonzini .. option:: encrypt.format 227*bccb135eSPaolo Bonzini 228*bccb135eSPaolo Bonzini If this is set to ``aes``, the image is encrypted with 128-bit AES-CBC. 229*bccb135eSPaolo Bonzini The encryption key is given by the ``encrypt.key-secret`` parameter. 230*bccb135eSPaolo Bonzini This encryption format is considered to be flawed by modern cryptography 231*bccb135eSPaolo Bonzini standards, suffering from a number of design problems enumerated previously 232*bccb135eSPaolo Bonzini against the ``qcow2`` image format. 233*bccb135eSPaolo Bonzini 234*bccb135eSPaolo Bonzini The use of this is no longer supported in system emulators. Support only 235*bccb135eSPaolo Bonzini remains in the command line utilities, for the purposes of data liberation 236*bccb135eSPaolo Bonzini and interoperability with old versions of QEMU. 237*bccb135eSPaolo Bonzini 238*bccb135eSPaolo Bonzini Users requiring native encryption should use the ``qcow2`` format 239*bccb135eSPaolo Bonzini instead with ``encrypt.format=luks``. 240*bccb135eSPaolo Bonzini 241*bccb135eSPaolo Bonzini .. option:: encrypt.key-secret 242*bccb135eSPaolo Bonzini 243*bccb135eSPaolo Bonzini Provides the ID of a ``secret`` object that contains the encryption 244*bccb135eSPaolo Bonzini key (``encrypt.format=aes``). 245*bccb135eSPaolo Bonzini 246*bccb135eSPaolo Bonzini.. program:: image-formats 247*bccb135eSPaolo Bonzini.. option:: luks 248*bccb135eSPaolo Bonzini 249*bccb135eSPaolo Bonzini LUKS v1 encryption format, compatible with Linux dm-crypt/cryptsetup 250*bccb135eSPaolo Bonzini 251*bccb135eSPaolo Bonzini Supported options: 252*bccb135eSPaolo Bonzini 253*bccb135eSPaolo Bonzini .. program:: luks 254*bccb135eSPaolo Bonzini .. option:: key-secret 255*bccb135eSPaolo Bonzini 256*bccb135eSPaolo Bonzini Provides the ID of a ``secret`` object that contains the passphrase. 257*bccb135eSPaolo Bonzini 258*bccb135eSPaolo Bonzini .. option:: cipher-alg 259*bccb135eSPaolo Bonzini 260*bccb135eSPaolo Bonzini Name of the cipher algorithm and key length. Currently defaults 261*bccb135eSPaolo Bonzini to ``aes-256``. 262*bccb135eSPaolo Bonzini 263*bccb135eSPaolo Bonzini .. option:: cipher-mode 264*bccb135eSPaolo Bonzini 265*bccb135eSPaolo Bonzini Name of the encryption mode to use. Currently defaults to ``xts``. 266*bccb135eSPaolo Bonzini 267*bccb135eSPaolo Bonzini .. option:: ivgen-alg 268*bccb135eSPaolo Bonzini 269*bccb135eSPaolo Bonzini Name of the initialization vector generator algorithm. Currently defaults 270*bccb135eSPaolo Bonzini to ``plain64``. 271*bccb135eSPaolo Bonzini 272*bccb135eSPaolo Bonzini .. option:: ivgen-hash-alg 273*bccb135eSPaolo Bonzini 274*bccb135eSPaolo Bonzini Name of the hash algorithm to use with the initialization vector generator 275*bccb135eSPaolo Bonzini (if required). Defaults to ``sha256``. 276*bccb135eSPaolo Bonzini 277*bccb135eSPaolo Bonzini .. option:: hash-alg 278*bccb135eSPaolo Bonzini 279*bccb135eSPaolo Bonzini Name of the hash algorithm to use for PBKDF algorithm 280*bccb135eSPaolo Bonzini Defaults to ``sha256``. 281*bccb135eSPaolo Bonzini 282*bccb135eSPaolo Bonzini .. option:: iter-time 283*bccb135eSPaolo Bonzini 284*bccb135eSPaolo Bonzini Amount of time, in milliseconds, to use for PBKDF algorithm per key slot. 285*bccb135eSPaolo Bonzini Defaults to ``2000``. 286*bccb135eSPaolo Bonzini 287*bccb135eSPaolo Bonzini.. program:: image-formats 288*bccb135eSPaolo Bonzini.. option:: vdi 289*bccb135eSPaolo Bonzini 290*bccb135eSPaolo Bonzini VirtualBox 1.1 compatible image format. 291*bccb135eSPaolo Bonzini 292*bccb135eSPaolo Bonzini Supported options: 293*bccb135eSPaolo Bonzini 294*bccb135eSPaolo Bonzini .. program:: vdi 295*bccb135eSPaolo Bonzini .. option:: static 296*bccb135eSPaolo Bonzini 297*bccb135eSPaolo Bonzini If this option is set to ``on``, the image is created with metadata 298*bccb135eSPaolo Bonzini preallocation. 299*bccb135eSPaolo Bonzini 300*bccb135eSPaolo Bonzini.. program:: image-formats 301*bccb135eSPaolo Bonzini.. option:: vmdk 302*bccb135eSPaolo Bonzini 303*bccb135eSPaolo Bonzini VMware 3 and 4 compatible image format. 304*bccb135eSPaolo Bonzini 305*bccb135eSPaolo Bonzini Supported options: 306*bccb135eSPaolo Bonzini 307*bccb135eSPaolo Bonzini .. program: vmdk 308*bccb135eSPaolo Bonzini .. option:: backing_file 309*bccb135eSPaolo Bonzini 310*bccb135eSPaolo Bonzini File name of a base image (see ``create`` subcommand). 311*bccb135eSPaolo Bonzini 312*bccb135eSPaolo Bonzini .. option:: compat6 313*bccb135eSPaolo Bonzini 314*bccb135eSPaolo Bonzini Create a VMDK version 6 image (instead of version 4) 315*bccb135eSPaolo Bonzini 316*bccb135eSPaolo Bonzini .. option:: hwversion 317*bccb135eSPaolo Bonzini 318*bccb135eSPaolo Bonzini Specify vmdk virtual hardware version. Compat6 flag cannot be enabled 319*bccb135eSPaolo Bonzini if hwversion is specified. 320*bccb135eSPaolo Bonzini 321*bccb135eSPaolo Bonzini .. option:: subformat 322*bccb135eSPaolo Bonzini 323*bccb135eSPaolo Bonzini Specifies which VMDK subformat to use. Valid options are 324*bccb135eSPaolo Bonzini ``monolithicSparse`` (default), 325*bccb135eSPaolo Bonzini ``monolithicFlat``, 326*bccb135eSPaolo Bonzini ``twoGbMaxExtentSparse``, 327*bccb135eSPaolo Bonzini ``twoGbMaxExtentFlat`` and 328*bccb135eSPaolo Bonzini ``streamOptimized``. 329*bccb135eSPaolo Bonzini 330*bccb135eSPaolo Bonzini.. program:: image-formats 331*bccb135eSPaolo Bonzini.. option:: vpc 332*bccb135eSPaolo Bonzini 333*bccb135eSPaolo Bonzini VirtualPC compatible image format (VHD). 334*bccb135eSPaolo Bonzini 335*bccb135eSPaolo Bonzini Supported options: 336*bccb135eSPaolo Bonzini 337*bccb135eSPaolo Bonzini .. program:: vpc 338*bccb135eSPaolo Bonzini .. option:: subformat 339*bccb135eSPaolo Bonzini 340*bccb135eSPaolo Bonzini Specifies which VHD subformat to use. Valid options are 341*bccb135eSPaolo Bonzini ``dynamic`` (default) and ``fixed``. 342*bccb135eSPaolo Bonzini 343*bccb135eSPaolo Bonzini.. program:: image-formats 344*bccb135eSPaolo Bonzini.. option:: VHDX 345*bccb135eSPaolo Bonzini 346*bccb135eSPaolo Bonzini Hyper-V compatible image format (VHDX). 347*bccb135eSPaolo Bonzini 348*bccb135eSPaolo Bonzini Supported options: 349*bccb135eSPaolo Bonzini 350*bccb135eSPaolo Bonzini .. program:: VHDX 351*bccb135eSPaolo Bonzini .. option:: subformat 352*bccb135eSPaolo Bonzini 353*bccb135eSPaolo Bonzini Specifies which VHDX subformat to use. Valid options are 354*bccb135eSPaolo Bonzini ``dynamic`` (default) and ``fixed``. 355*bccb135eSPaolo Bonzini 356*bccb135eSPaolo Bonzini .. option:: block_state_zero 357*bccb135eSPaolo Bonzini 358*bccb135eSPaolo Bonzini Force use of payload blocks of type 'ZERO'. Can be set to ``on`` (default) 359*bccb135eSPaolo Bonzini or ``off``. When set to ``off``, new blocks will be created as 360*bccb135eSPaolo Bonzini ``PAYLOAD_BLOCK_NOT_PRESENT``, which means parsers are free to return 361*bccb135eSPaolo Bonzini arbitrary data for those blocks. Do not set to ``off`` when using 362*bccb135eSPaolo Bonzini ``qemu-img convert`` with ``subformat=dynamic``. 363*bccb135eSPaolo Bonzini 364*bccb135eSPaolo Bonzini .. option:: block_size 365*bccb135eSPaolo Bonzini 366*bccb135eSPaolo Bonzini Block size; min 1 MB, max 256 MB. 0 means auto-calculate based on 367*bccb135eSPaolo Bonzini image size. 368*bccb135eSPaolo Bonzini 369*bccb135eSPaolo Bonzini .. option:: log_size 370*bccb135eSPaolo Bonzini 371*bccb135eSPaolo Bonzini Log size; min 1 MB. 372*bccb135eSPaolo Bonzini 373*bccb135eSPaolo BonziniRead-only formats 374*bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~ 375*bccb135eSPaolo Bonzini 376*bccb135eSPaolo BonziniMore disk image file formats are supported in a read-only mode. 377*bccb135eSPaolo Bonzini 378*bccb135eSPaolo Bonzini.. program:: image-formats 379*bccb135eSPaolo Bonzini.. option:: bochs 380*bccb135eSPaolo Bonzini 381*bccb135eSPaolo Bonzini Bochs images of ``growing`` type. 382*bccb135eSPaolo Bonzini 383*bccb135eSPaolo Bonzini.. program:: image-formats 384*bccb135eSPaolo Bonzini.. option:: cloop 385*bccb135eSPaolo Bonzini 386*bccb135eSPaolo Bonzini Linux Compressed Loop image, useful only to reuse directly compressed 387*bccb135eSPaolo Bonzini CD-ROM images present for example in the Knoppix CD-ROMs. 388*bccb135eSPaolo Bonzini 389*bccb135eSPaolo Bonzini.. program:: image-formats 390*bccb135eSPaolo Bonzini.. option:: dmg 391*bccb135eSPaolo Bonzini 392*bccb135eSPaolo Bonzini Apple disk image. 393*bccb135eSPaolo Bonzini 394*bccb135eSPaolo Bonzini.. program:: image-formats 395*bccb135eSPaolo Bonzini.. option:: parallels 396*bccb135eSPaolo Bonzini 397*bccb135eSPaolo Bonzini Parallels disk image format. 398*bccb135eSPaolo Bonzini 399*bccb135eSPaolo BonziniUsing host drives 400*bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~ 401*bccb135eSPaolo Bonzini 402*bccb135eSPaolo BonziniIn addition to disk image files, QEMU can directly access host 403*bccb135eSPaolo Bonzinidevices. We describe here the usage for QEMU version >= 0.8.3. 404*bccb135eSPaolo Bonzini 405*bccb135eSPaolo BonziniLinux 406*bccb135eSPaolo Bonzini^^^^^ 407*bccb135eSPaolo Bonzini 408*bccb135eSPaolo BonziniOn Linux, you can directly use the host device filename instead of a 409*bccb135eSPaolo Bonzinidisk image filename provided you have enough privileges to access 410*bccb135eSPaolo Bonziniit. For example, use ``/dev/cdrom`` to access to the CDROM. 411*bccb135eSPaolo Bonzini 412*bccb135eSPaolo BonziniCD 413*bccb135eSPaolo Bonzini You can specify a CDROM device even if no CDROM is loaded. QEMU has 414*bccb135eSPaolo Bonzini specific code to detect CDROM insertion or removal. CDROM ejection by 415*bccb135eSPaolo Bonzini the guest OS is supported. Currently only data CDs are supported. 416*bccb135eSPaolo Bonzini 417*bccb135eSPaolo BonziniFloppy 418*bccb135eSPaolo Bonzini You can specify a floppy device even if no floppy is loaded. Floppy 419*bccb135eSPaolo Bonzini removal is currently not detected accurately (if you change floppy 420*bccb135eSPaolo Bonzini without doing floppy access while the floppy is not loaded, the guest 421*bccb135eSPaolo Bonzini OS will think that the same floppy is loaded). 422*bccb135eSPaolo Bonzini Use of the host's floppy device is deprecated, and support for it will 423*bccb135eSPaolo Bonzini be removed in a future release. 424*bccb135eSPaolo Bonzini 425*bccb135eSPaolo BonziniHard disks 426*bccb135eSPaolo Bonzini Hard disks can be used. Normally you must specify the whole disk 427*bccb135eSPaolo Bonzini (``/dev/hdb`` instead of ``/dev/hdb1``) so that the guest OS can 428*bccb135eSPaolo Bonzini see it as a partitioned disk. WARNING: unless you know what you do, it 429*bccb135eSPaolo Bonzini is better to only make READ-ONLY accesses to the hard disk otherwise 430*bccb135eSPaolo Bonzini you may corrupt your host data (use the ``-snapshot`` command 431*bccb135eSPaolo Bonzini line option or modify the device permissions accordingly). 432*bccb135eSPaolo Bonzini 433*bccb135eSPaolo BonziniWindows 434*bccb135eSPaolo Bonzini^^^^^^^ 435*bccb135eSPaolo Bonzini 436*bccb135eSPaolo BonziniCD 437*bccb135eSPaolo Bonzini The preferred syntax is the drive letter (e.g. ``d:``). The 438*bccb135eSPaolo Bonzini alternate syntax ``\\.\d:`` is supported. ``/dev/cdrom`` is 439*bccb135eSPaolo Bonzini supported as an alias to the first CDROM drive. 440*bccb135eSPaolo Bonzini 441*bccb135eSPaolo Bonzini Currently there is no specific code to handle removable media, so it 442*bccb135eSPaolo Bonzini is better to use the ``change`` or ``eject`` monitor commands to 443*bccb135eSPaolo Bonzini change or eject media. 444*bccb135eSPaolo Bonzini 445*bccb135eSPaolo BonziniHard disks 446*bccb135eSPaolo Bonzini Hard disks can be used with the syntax: ``\\.\PhysicalDriveN`` 447*bccb135eSPaolo Bonzini where *N* is the drive number (0 is the first hard disk). 448*bccb135eSPaolo Bonzini 449*bccb135eSPaolo Bonzini WARNING: unless you know what you do, it is better to only make 450*bccb135eSPaolo Bonzini READ-ONLY accesses to the hard disk otherwise you may corrupt your 451*bccb135eSPaolo Bonzini host data (use the ``-snapshot`` command line so that the 452*bccb135eSPaolo Bonzini modifications are written in a temporary file). 453*bccb135eSPaolo Bonzini 454*bccb135eSPaolo BonziniMac OS X 455*bccb135eSPaolo Bonzini^^^^^^^^ 456*bccb135eSPaolo Bonzini 457*bccb135eSPaolo Bonzini``/dev/cdrom`` is an alias to the first CDROM. 458*bccb135eSPaolo Bonzini 459*bccb135eSPaolo BonziniCurrently there is no specific code to handle removable media, so it 460*bccb135eSPaolo Bonziniis better to use the ``change`` or ``eject`` monitor commands to 461*bccb135eSPaolo Bonzinichange or eject media. 462*bccb135eSPaolo Bonzini 463*bccb135eSPaolo BonziniVirtual FAT disk images 464*bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~ 465*bccb135eSPaolo Bonzini 466*bccb135eSPaolo BonziniQEMU can automatically create a virtual FAT disk image from a 467*bccb135eSPaolo Bonzinidirectory tree. In order to use it, just type: 468*bccb135eSPaolo Bonzini 469*bccb135eSPaolo Bonzini.. parsed-literal:: 470*bccb135eSPaolo Bonzini 471*bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb fat:/my_directory 472*bccb135eSPaolo Bonzini 473*bccb135eSPaolo BonziniThen you access access to all the files in the ``/my_directory`` 474*bccb135eSPaolo Bonzinidirectory without having to copy them in a disk image or to export 475*bccb135eSPaolo Bonzinithem via SAMBA or NFS. The default access is *read-only*. 476*bccb135eSPaolo Bonzini 477*bccb135eSPaolo BonziniFloppies can be emulated with the ``:floppy:`` option: 478*bccb135eSPaolo Bonzini 479*bccb135eSPaolo Bonzini.. parsed-literal:: 480*bccb135eSPaolo Bonzini 481*bccb135eSPaolo Bonzini |qemu_system| linux.img -fda fat:floppy:/my_directory 482*bccb135eSPaolo Bonzini 483*bccb135eSPaolo BonziniA read/write support is available for testing (beta stage) with the 484*bccb135eSPaolo Bonzini``:rw:`` option: 485*bccb135eSPaolo Bonzini 486*bccb135eSPaolo Bonzini.. parsed-literal:: 487*bccb135eSPaolo Bonzini 488*bccb135eSPaolo Bonzini |qemu_system| linux.img -fda fat:floppy:rw:/my_directory 489*bccb135eSPaolo Bonzini 490*bccb135eSPaolo BonziniWhat you should *never* do: 491*bccb135eSPaolo Bonzini 492*bccb135eSPaolo Bonzini- use non-ASCII filenames 493*bccb135eSPaolo Bonzini- use "-snapshot" together with ":rw:" 494*bccb135eSPaolo Bonzini- expect it to work when loadvm'ing 495*bccb135eSPaolo Bonzini- write to the FAT directory on the host system while accessing it with the guest system 496*bccb135eSPaolo Bonzini 497*bccb135eSPaolo BonziniNBD access 498*bccb135eSPaolo Bonzini~~~~~~~~~~ 499*bccb135eSPaolo Bonzini 500*bccb135eSPaolo BonziniQEMU can access directly to block device exported using the Network Block Device 501*bccb135eSPaolo Bonziniprotocol. 502*bccb135eSPaolo Bonzini 503*bccb135eSPaolo Bonzini.. parsed-literal:: 504*bccb135eSPaolo Bonzini 505*bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb nbd://my_nbd_server.mydomain.org:1024/ 506*bccb135eSPaolo Bonzini 507*bccb135eSPaolo BonziniIf the NBD server is located on the same host, you can use an unix socket instead 508*bccb135eSPaolo Bonziniof an inet socket: 509*bccb135eSPaolo Bonzini 510*bccb135eSPaolo Bonzini.. parsed-literal:: 511*bccb135eSPaolo Bonzini 512*bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb nbd+unix://?socket=/tmp/my_socket 513*bccb135eSPaolo Bonzini 514*bccb135eSPaolo BonziniIn this case, the block device must be exported using qemu-nbd: 515*bccb135eSPaolo Bonzini 516*bccb135eSPaolo Bonzini.. parsed-literal:: 517*bccb135eSPaolo Bonzini 518*bccb135eSPaolo Bonzini qemu-nbd --socket=/tmp/my_socket my_disk.qcow2 519*bccb135eSPaolo Bonzini 520*bccb135eSPaolo BonziniThe use of qemu-nbd allows sharing of a disk between several guests: 521*bccb135eSPaolo Bonzini 522*bccb135eSPaolo Bonzini.. parsed-literal:: 523*bccb135eSPaolo Bonzini 524*bccb135eSPaolo Bonzini qemu-nbd --socket=/tmp/my_socket --share=2 my_disk.qcow2 525*bccb135eSPaolo Bonzini 526*bccb135eSPaolo Bonziniand then you can use it with two guests: 527*bccb135eSPaolo Bonzini 528*bccb135eSPaolo Bonzini.. parsed-literal:: 529*bccb135eSPaolo Bonzini 530*bccb135eSPaolo Bonzini |qemu_system| linux1.img -hdb nbd+unix://?socket=/tmp/my_socket 531*bccb135eSPaolo Bonzini |qemu_system| linux2.img -hdb nbd+unix://?socket=/tmp/my_socket 532*bccb135eSPaolo Bonzini 533*bccb135eSPaolo BonziniIf the nbd-server uses named exports (supported since NBD 2.9.18, or with QEMU's 534*bccb135eSPaolo Bonziniown embedded NBD server), you must specify an export name in the URI: 535*bccb135eSPaolo Bonzini 536*bccb135eSPaolo Bonzini.. parsed-literal:: 537*bccb135eSPaolo Bonzini 538*bccb135eSPaolo Bonzini |qemu_system| -cdrom nbd://localhost/debian-500-ppc-netinst 539*bccb135eSPaolo Bonzini |qemu_system| -cdrom nbd://localhost/openSUSE-11.1-ppc-netinst 540*bccb135eSPaolo Bonzini 541*bccb135eSPaolo BonziniThe URI syntax for NBD is supported since QEMU 1.3. An alternative syntax is 542*bccb135eSPaolo Bonzinialso available. Here are some example of the older syntax: 543*bccb135eSPaolo Bonzini 544*bccb135eSPaolo Bonzini.. parsed-literal:: 545*bccb135eSPaolo Bonzini 546*bccb135eSPaolo Bonzini |qemu_system| linux.img -hdb nbd:my_nbd_server.mydomain.org:1024 547*bccb135eSPaolo Bonzini |qemu_system| linux2.img -hdb nbd:unix:/tmp/my_socket 548*bccb135eSPaolo Bonzini |qemu_system| -cdrom nbd:localhost:10809:exportname=debian-500-ppc-netinst 549*bccb135eSPaolo Bonzini 550*bccb135eSPaolo Bonzini 551*bccb135eSPaolo Bonzini 552*bccb135eSPaolo BonziniSheepdog disk images 553*bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~ 554*bccb135eSPaolo Bonzini 555*bccb135eSPaolo BonziniSheepdog is a distributed storage system for QEMU. It provides highly 556*bccb135eSPaolo Bonziniavailable block level storage volumes that can be attached to 557*bccb135eSPaolo BonziniQEMU-based virtual machines. 558*bccb135eSPaolo Bonzini 559*bccb135eSPaolo BonziniYou can create a Sheepdog disk image with the command: 560*bccb135eSPaolo Bonzini 561*bccb135eSPaolo Bonzini.. parsed-literal:: 562*bccb135eSPaolo Bonzini 563*bccb135eSPaolo Bonzini qemu-img create sheepdog:///IMAGE SIZE 564*bccb135eSPaolo Bonzini 565*bccb135eSPaolo Bonziniwhere *IMAGE* is the Sheepdog image name and *SIZE* is its 566*bccb135eSPaolo Bonzinisize. 567*bccb135eSPaolo Bonzini 568*bccb135eSPaolo BonziniTo import the existing *FILENAME* to Sheepdog, you can use a 569*bccb135eSPaolo Bonziniconvert command. 570*bccb135eSPaolo Bonzini 571*bccb135eSPaolo Bonzini.. parsed-literal:: 572*bccb135eSPaolo Bonzini 573*bccb135eSPaolo Bonzini qemu-img convert FILENAME sheepdog:///IMAGE 574*bccb135eSPaolo Bonzini 575*bccb135eSPaolo BonziniYou can boot from the Sheepdog disk image with the command: 576*bccb135eSPaolo Bonzini 577*bccb135eSPaolo Bonzini.. parsed-literal:: 578*bccb135eSPaolo Bonzini 579*bccb135eSPaolo Bonzini |qemu_system| sheepdog:///IMAGE 580*bccb135eSPaolo Bonzini 581*bccb135eSPaolo BonziniYou can also create a snapshot of the Sheepdog image like qcow2. 582*bccb135eSPaolo Bonzini 583*bccb135eSPaolo Bonzini.. parsed-literal:: 584*bccb135eSPaolo Bonzini 585*bccb135eSPaolo Bonzini qemu-img snapshot -c TAG sheepdog:///IMAGE 586*bccb135eSPaolo Bonzini 587*bccb135eSPaolo Bonziniwhere *TAG* is a tag name of the newly created snapshot. 588*bccb135eSPaolo Bonzini 589*bccb135eSPaolo BonziniTo boot from the Sheepdog snapshot, specify the tag name of the 590*bccb135eSPaolo Bonzinisnapshot. 591*bccb135eSPaolo Bonzini 592*bccb135eSPaolo Bonzini.. parsed-literal:: 593*bccb135eSPaolo Bonzini 594*bccb135eSPaolo Bonzini |qemu_system| sheepdog:///IMAGE#TAG 595*bccb135eSPaolo Bonzini 596*bccb135eSPaolo BonziniYou can create a cloned image from the existing snapshot. 597*bccb135eSPaolo Bonzini 598*bccb135eSPaolo Bonzini.. parsed-literal:: 599*bccb135eSPaolo Bonzini 600*bccb135eSPaolo Bonzini qemu-img create -b sheepdog:///BASE#TAG sheepdog:///IMAGE 601*bccb135eSPaolo Bonzini 602*bccb135eSPaolo Bonziniwhere *BASE* is an image name of the source snapshot and *TAG* 603*bccb135eSPaolo Bonziniis its tag name. 604*bccb135eSPaolo Bonzini 605*bccb135eSPaolo BonziniYou can use an unix socket instead of an inet socket: 606*bccb135eSPaolo Bonzini 607*bccb135eSPaolo Bonzini.. parsed-literal:: 608*bccb135eSPaolo Bonzini 609*bccb135eSPaolo Bonzini |qemu_system| sheepdog+unix:///IMAGE?socket=PATH 610*bccb135eSPaolo Bonzini 611*bccb135eSPaolo BonziniIf the Sheepdog daemon doesn't run on the local host, you need to 612*bccb135eSPaolo Bonzinispecify one of the Sheepdog servers to connect to. 613*bccb135eSPaolo Bonzini 614*bccb135eSPaolo Bonzini.. parsed-literal:: 615*bccb135eSPaolo Bonzini 616*bccb135eSPaolo Bonzini qemu-img create sheepdog://HOSTNAME:PORT/IMAGE SIZE 617*bccb135eSPaolo Bonzini |qemu_system| sheepdog://HOSTNAME:PORT/IMAGE 618*bccb135eSPaolo Bonzini 619*bccb135eSPaolo BonziniiSCSI LUNs 620*bccb135eSPaolo Bonzini~~~~~~~~~~ 621*bccb135eSPaolo Bonzini 622*bccb135eSPaolo BonziniiSCSI is a popular protocol used to access SCSI devices across a computer 623*bccb135eSPaolo Bonzininetwork. 624*bccb135eSPaolo Bonzini 625*bccb135eSPaolo BonziniThere are two different ways iSCSI devices can be used by QEMU. 626*bccb135eSPaolo Bonzini 627*bccb135eSPaolo BonziniThe first method is to mount the iSCSI LUN on the host, and make it appear as 628*bccb135eSPaolo Bonziniany other ordinary SCSI device on the host and then to access this device as a 629*bccb135eSPaolo Bonzini/dev/sd device from QEMU. How to do this differs between host OSes. 630*bccb135eSPaolo Bonzini 631*bccb135eSPaolo BonziniThe second method involves using the iSCSI initiator that is built into 632*bccb135eSPaolo BonziniQEMU. This provides a mechanism that works the same way regardless of which 633*bccb135eSPaolo Bonzinihost OS you are running QEMU on. This section will describe this second method 634*bccb135eSPaolo Bonziniof using iSCSI together with QEMU. 635*bccb135eSPaolo Bonzini 636*bccb135eSPaolo BonziniIn QEMU, iSCSI devices are described using special iSCSI URLs. URL syntax: 637*bccb135eSPaolo Bonzini 638*bccb135eSPaolo Bonzini:: 639*bccb135eSPaolo Bonzini 640*bccb135eSPaolo Bonzini iscsi://[<username>[%<password>]@]<host>[:<port>]/<target-iqn-name>/<lun> 641*bccb135eSPaolo Bonzini 642*bccb135eSPaolo BonziniUsername and password are optional and only used if your target is set up 643*bccb135eSPaolo Bonziniusing CHAP authentication for access control. 644*bccb135eSPaolo BonziniAlternatively the username and password can also be set via environment 645*bccb135eSPaolo Bonzinivariables to have these not show up in the process list: 646*bccb135eSPaolo Bonzini 647*bccb135eSPaolo Bonzini:: 648*bccb135eSPaolo Bonzini 649*bccb135eSPaolo Bonzini export LIBISCSI_CHAP_USERNAME=<username> 650*bccb135eSPaolo Bonzini export LIBISCSI_CHAP_PASSWORD=<password> 651*bccb135eSPaolo Bonzini iscsi://<host>/<target-iqn-name>/<lun> 652*bccb135eSPaolo Bonzini 653*bccb135eSPaolo BonziniVarious session related parameters can be set via special options, either 654*bccb135eSPaolo Bonziniin a configuration file provided via '-readconfig' or directly on the 655*bccb135eSPaolo Bonzinicommand line. 656*bccb135eSPaolo Bonzini 657*bccb135eSPaolo BonziniIf the initiator-name is not specified qemu will use a default name 658*bccb135eSPaolo Bonziniof 'iqn.2008-11.org.linux-kvm[:<uuid>'] where <uuid> is the UUID of the 659*bccb135eSPaolo Bonzinivirtual machine. If the UUID is not specified qemu will use 660*bccb135eSPaolo Bonzini'iqn.2008-11.org.linux-kvm[:<name>'] where <name> is the name of the 661*bccb135eSPaolo Bonzinivirtual machine. 662*bccb135eSPaolo Bonzini 663*bccb135eSPaolo BonziniSetting a specific initiator name to use when logging in to the target: 664*bccb135eSPaolo Bonzini 665*bccb135eSPaolo Bonzini:: 666*bccb135eSPaolo Bonzini 667*bccb135eSPaolo Bonzini -iscsi initiator-name=iqn.qemu.test:my-initiator 668*bccb135eSPaolo Bonzini 669*bccb135eSPaolo BonziniControlling which type of header digest to negotiate with the target: 670*bccb135eSPaolo Bonzini 671*bccb135eSPaolo Bonzini:: 672*bccb135eSPaolo Bonzini 673*bccb135eSPaolo Bonzini -iscsi header-digest=CRC32C|CRC32C-NONE|NONE-CRC32C|NONE 674*bccb135eSPaolo Bonzini 675*bccb135eSPaolo BonziniThese can also be set via a configuration file: 676*bccb135eSPaolo Bonzini 677*bccb135eSPaolo Bonzini:: 678*bccb135eSPaolo Bonzini 679*bccb135eSPaolo Bonzini [iscsi] 680*bccb135eSPaolo Bonzini user = "CHAP username" 681*bccb135eSPaolo Bonzini password = "CHAP password" 682*bccb135eSPaolo Bonzini initiator-name = "iqn.qemu.test:my-initiator" 683*bccb135eSPaolo Bonzini # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE 684*bccb135eSPaolo Bonzini header-digest = "CRC32C" 685*bccb135eSPaolo Bonzini 686*bccb135eSPaolo BonziniSetting the target name allows different options for different targets: 687*bccb135eSPaolo Bonzini 688*bccb135eSPaolo Bonzini:: 689*bccb135eSPaolo Bonzini 690*bccb135eSPaolo Bonzini [iscsi "iqn.target.name"] 691*bccb135eSPaolo Bonzini user = "CHAP username" 692*bccb135eSPaolo Bonzini password = "CHAP password" 693*bccb135eSPaolo Bonzini initiator-name = "iqn.qemu.test:my-initiator" 694*bccb135eSPaolo Bonzini # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE 695*bccb135eSPaolo Bonzini header-digest = "CRC32C" 696*bccb135eSPaolo Bonzini 697*bccb135eSPaolo BonziniHow to use a configuration file to set iSCSI configuration options: 698*bccb135eSPaolo Bonzini 699*bccb135eSPaolo Bonzini.. parsed-literal:: 700*bccb135eSPaolo Bonzini 701*bccb135eSPaolo Bonzini cat >iscsi.conf <<EOF 702*bccb135eSPaolo Bonzini [iscsi] 703*bccb135eSPaolo Bonzini user = "me" 704*bccb135eSPaolo Bonzini password = "my password" 705*bccb135eSPaolo Bonzini initiator-name = "iqn.qemu.test:my-initiator" 706*bccb135eSPaolo Bonzini header-digest = "CRC32C" 707*bccb135eSPaolo Bonzini EOF 708*bccb135eSPaolo Bonzini 709*bccb135eSPaolo Bonzini |qemu_system| -drive file=iscsi://127.0.0.1/iqn.qemu.test/1 \\ 710*bccb135eSPaolo Bonzini -readconfig iscsi.conf 711*bccb135eSPaolo Bonzini 712*bccb135eSPaolo BonziniHow to set up a simple iSCSI target on loopback and access it via QEMU: 713*bccb135eSPaolo Bonzinithis example shows how to set up an iSCSI target with one CDROM and one DISK 714*bccb135eSPaolo Bonziniusing the Linux STGT software target. This target is available on Red Hat based 715*bccb135eSPaolo Bonzinisystems as the package 'scsi-target-utils'. 716*bccb135eSPaolo Bonzini 717*bccb135eSPaolo Bonzini.. parsed-literal:: 718*bccb135eSPaolo Bonzini 719*bccb135eSPaolo Bonzini tgtd --iscsi portal=127.0.0.1:3260 720*bccb135eSPaolo Bonzini tgtadm --lld iscsi --op new --mode target --tid 1 -T iqn.qemu.test 721*bccb135eSPaolo Bonzini tgtadm --lld iscsi --mode logicalunit --op new --tid 1 --lun 1 \\ 722*bccb135eSPaolo Bonzini -b /IMAGES/disk.img --device-type=disk 723*bccb135eSPaolo Bonzini tgtadm --lld iscsi --mode logicalunit --op new --tid 1 --lun 2 \\ 724*bccb135eSPaolo Bonzini -b /IMAGES/cd.iso --device-type=cd 725*bccb135eSPaolo Bonzini tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL 726*bccb135eSPaolo Bonzini 727*bccb135eSPaolo Bonzini |qemu_system| -iscsi initiator-name=iqn.qemu.test:my-initiator \\ 728*bccb135eSPaolo Bonzini -boot d -drive file=iscsi://127.0.0.1/iqn.qemu.test/1 \\ 729*bccb135eSPaolo Bonzini -cdrom iscsi://127.0.0.1/iqn.qemu.test/2 730*bccb135eSPaolo Bonzini 731*bccb135eSPaolo BonziniGlusterFS disk images 732*bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~ 733*bccb135eSPaolo Bonzini 734*bccb135eSPaolo BonziniGlusterFS is a user space distributed file system. 735*bccb135eSPaolo Bonzini 736*bccb135eSPaolo BonziniYou can boot from the GlusterFS disk image with the command: 737*bccb135eSPaolo Bonzini 738*bccb135eSPaolo BonziniURI: 739*bccb135eSPaolo Bonzini 740*bccb135eSPaolo Bonzini.. parsed-literal:: 741*bccb135eSPaolo Bonzini 742*bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster[+TYPE]://[HOST}[:PORT]]/VOLUME/PATH 743*bccb135eSPaolo Bonzini [?socket=...][,file.debug=9][,file.logfile=...] 744*bccb135eSPaolo Bonzini 745*bccb135eSPaolo BonziniJSON: 746*bccb135eSPaolo Bonzini 747*bccb135eSPaolo Bonzini.. parsed-literal:: 748*bccb135eSPaolo Bonzini 749*bccb135eSPaolo Bonzini |qemu_system| 'json:{"driver":"qcow2", 750*bccb135eSPaolo Bonzini "file":{"driver":"gluster", 751*bccb135eSPaolo Bonzini "volume":"testvol","path":"a.img","debug":9,"logfile":"...", 752*bccb135eSPaolo Bonzini "server":[{"type":"tcp","host":"...","port":"..."}, 753*bccb135eSPaolo Bonzini {"type":"unix","socket":"..."}]}}' 754*bccb135eSPaolo Bonzini 755*bccb135eSPaolo Bonzini*gluster* is the protocol. 756*bccb135eSPaolo Bonzini 757*bccb135eSPaolo Bonzini*TYPE* specifies the transport type used to connect to gluster 758*bccb135eSPaolo Bonzinimanagement daemon (glusterd). Valid transport types are 759*bccb135eSPaolo Bonzinitcp and unix. In the URI form, if a transport type isn't specified, 760*bccb135eSPaolo Bonzinithen tcp type is assumed. 761*bccb135eSPaolo Bonzini 762*bccb135eSPaolo Bonzini*HOST* specifies the server where the volume file specification for 763*bccb135eSPaolo Bonzinithe given volume resides. This can be either a hostname or an ipv4 address. 764*bccb135eSPaolo BonziniIf transport type is unix, then *HOST* field should not be specified. 765*bccb135eSPaolo BonziniInstead *socket* field needs to be populated with the path to unix domain 766*bccb135eSPaolo Bonzinisocket. 767*bccb135eSPaolo Bonzini 768*bccb135eSPaolo Bonzini*PORT* is the port number on which glusterd is listening. This is optional 769*bccb135eSPaolo Bonziniand if not specified, it defaults to port 24007. If the transport type is unix, 770*bccb135eSPaolo Bonzinithen *PORT* should not be specified. 771*bccb135eSPaolo Bonzini 772*bccb135eSPaolo Bonzini*VOLUME* is the name of the gluster volume which contains the disk image. 773*bccb135eSPaolo Bonzini 774*bccb135eSPaolo Bonzini*PATH* is the path to the actual disk image that resides on gluster volume. 775*bccb135eSPaolo Bonzini 776*bccb135eSPaolo Bonzini*debug* is the logging level of the gluster protocol driver. Debug levels 777*bccb135eSPaolo Bonziniare 0-9, with 9 being the most verbose, and 0 representing no debugging output. 778*bccb135eSPaolo BonziniThe default level is 4. The current logging levels defined in the gluster source 779*bccb135eSPaolo Bonziniare 0 - None, 1 - Emergency, 2 - Alert, 3 - Critical, 4 - Error, 5 - Warning, 780*bccb135eSPaolo Bonzini6 - Notice, 7 - Info, 8 - Debug, 9 - Trace 781*bccb135eSPaolo Bonzini 782*bccb135eSPaolo Bonzini*logfile* is a commandline option to mention log file path which helps in 783*bccb135eSPaolo Bonzinilogging to the specified file and also help in persisting the gfapi logs. The 784*bccb135eSPaolo Bonzinidefault is stderr. 785*bccb135eSPaolo Bonzini 786*bccb135eSPaolo BonziniYou can create a GlusterFS disk image with the command: 787*bccb135eSPaolo Bonzini 788*bccb135eSPaolo Bonzini.. parsed-literal:: 789*bccb135eSPaolo Bonzini 790*bccb135eSPaolo Bonzini qemu-img create gluster://HOST/VOLUME/PATH SIZE 791*bccb135eSPaolo Bonzini 792*bccb135eSPaolo BonziniExamples 793*bccb135eSPaolo Bonzini 794*bccb135eSPaolo Bonzini.. parsed-literal:: 795*bccb135eSPaolo Bonzini 796*bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster://1.2.3.4/testvol/a.img 797*bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://1.2.3.4/testvol/a.img 798*bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://1.2.3.4:24007/testvol/dir/a.img 799*bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://[1:2:3:4:5:6:7:8]/testvol/dir/a.img 800*bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://[1:2:3:4:5:6:7:8]:24007/testvol/dir/a.img 801*bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+tcp://server.domain.com:24007/testvol/dir/a.img 802*bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+unix:///testvol/dir/a.img?socket=/tmp/glusterd.socket 803*bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster+rdma://1.2.3.4:24007/testvol/a.img 804*bccb135eSPaolo Bonzini |qemu_system| -drive file=gluster://1.2.3.4/testvol/a.img,file.debug=9,file.logfile=/var/log/qemu-gluster.log 805*bccb135eSPaolo Bonzini |qemu_system| 'json:{"driver":"qcow2", 806*bccb135eSPaolo Bonzini "file":{"driver":"gluster", 807*bccb135eSPaolo Bonzini "volume":"testvol","path":"a.img", 808*bccb135eSPaolo Bonzini "debug":9,"logfile":"/var/log/qemu-gluster.log", 809*bccb135eSPaolo Bonzini "server":[{"type":"tcp","host":"1.2.3.4","port":24007}, 810*bccb135eSPaolo Bonzini {"type":"unix","socket":"/var/run/glusterd.socket"}]}}' 811*bccb135eSPaolo Bonzini |qemu_system| -drive driver=qcow2,file.driver=gluster,file.volume=testvol,file.path=/path/a.img, 812*bccb135eSPaolo Bonzini file.debug=9,file.logfile=/var/log/qemu-gluster.log, 813*bccb135eSPaolo Bonzini file.server.0.type=tcp,file.server.0.host=1.2.3.4,file.server.0.port=24007, 814*bccb135eSPaolo Bonzini file.server.1.type=unix,file.server.1.socket=/var/run/glusterd.socket 815*bccb135eSPaolo Bonzini 816*bccb135eSPaolo BonziniSecure Shell (ssh) disk images 817*bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 818*bccb135eSPaolo Bonzini 819*bccb135eSPaolo BonziniYou can access disk images located on a remote ssh server 820*bccb135eSPaolo Bonziniby using the ssh protocol: 821*bccb135eSPaolo Bonzini 822*bccb135eSPaolo Bonzini.. parsed-literal:: 823*bccb135eSPaolo Bonzini 824*bccb135eSPaolo Bonzini |qemu_system| -drive file=ssh://[USER@]SERVER[:PORT]/PATH[?host_key_check=HOST_KEY_CHECK] 825*bccb135eSPaolo Bonzini 826*bccb135eSPaolo BonziniAlternative syntax using properties: 827*bccb135eSPaolo Bonzini 828*bccb135eSPaolo Bonzini.. parsed-literal:: 829*bccb135eSPaolo Bonzini 830*bccb135eSPaolo Bonzini |qemu_system| -drive file.driver=ssh[,file.user=USER],file.host=SERVER[,file.port=PORT],file.path=PATH[,file.host_key_check=HOST_KEY_CHECK] 831*bccb135eSPaolo Bonzini 832*bccb135eSPaolo Bonzini*ssh* is the protocol. 833*bccb135eSPaolo Bonzini 834*bccb135eSPaolo Bonzini*USER* is the remote user. If not specified, then the local 835*bccb135eSPaolo Bonziniusername is tried. 836*bccb135eSPaolo Bonzini 837*bccb135eSPaolo Bonzini*SERVER* specifies the remote ssh server. Any ssh server can be 838*bccb135eSPaolo Bonziniused, but it must implement the sftp-server protocol. Most Unix/Linux 839*bccb135eSPaolo Bonzinisystems should work without requiring any extra configuration. 840*bccb135eSPaolo Bonzini 841*bccb135eSPaolo Bonzini*PORT* is the port number on which sshd is listening. By default 842*bccb135eSPaolo Bonzinithe standard ssh port (22) is used. 843*bccb135eSPaolo Bonzini 844*bccb135eSPaolo Bonzini*PATH* is the path to the disk image. 845*bccb135eSPaolo Bonzini 846*bccb135eSPaolo BonziniThe optional *HOST_KEY_CHECK* parameter controls how the remote 847*bccb135eSPaolo Bonzinihost's key is checked. The default is ``yes`` which means to use 848*bccb135eSPaolo Bonzinithe local ``.ssh/known_hosts`` file. Setting this to ``no`` 849*bccb135eSPaolo Bonziniturns off known-hosts checking. Or you can check that the host key 850*bccb135eSPaolo Bonzinimatches a specific fingerprint: 851*bccb135eSPaolo Bonzini``host_key_check=md5:78:45:8e:14:57:4f:d5:45:83:0a:0e:f3:49:82:c9:c8`` 852*bccb135eSPaolo Bonzini(``sha1:`` can also be used as a prefix, but note that OpenSSH 853*bccb135eSPaolo Bonzinitools only use MD5 to print fingerprints). 854*bccb135eSPaolo Bonzini 855*bccb135eSPaolo BonziniCurrently authentication must be done using ssh-agent. Other 856*bccb135eSPaolo Bonziniauthentication methods may be supported in future. 857*bccb135eSPaolo Bonzini 858*bccb135eSPaolo BonziniNote: Many ssh servers do not support an ``fsync``-style operation. 859*bccb135eSPaolo BonziniThe ssh driver cannot guarantee that disk flush requests are 860*bccb135eSPaolo Bonziniobeyed, and this causes a risk of disk corruption if the remote 861*bccb135eSPaolo Bonziniserver or network goes down during writes. The driver will 862*bccb135eSPaolo Bonziniprint a warning when ``fsync`` is not supported: 863*bccb135eSPaolo Bonzini 864*bccb135eSPaolo Bonzini:: 865*bccb135eSPaolo Bonzini 866*bccb135eSPaolo Bonzini warning: ssh server ssh.example.com:22 does not support fsync 867*bccb135eSPaolo Bonzini 868*bccb135eSPaolo BonziniWith sufficiently new versions of libssh and OpenSSH, ``fsync`` is 869*bccb135eSPaolo Bonzinisupported. 870*bccb135eSPaolo Bonzini 871*bccb135eSPaolo BonziniNVMe disk images 872*bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~ 873*bccb135eSPaolo Bonzini 874*bccb135eSPaolo BonziniNVM Express (NVMe) storage controllers can be accessed directly by a userspace 875*bccb135eSPaolo Bonzinidriver in QEMU. This bypasses the host kernel file system and block layers 876*bccb135eSPaolo Bonziniwhile retaining QEMU block layer functionalities, such as block jobs, I/O 877*bccb135eSPaolo Bonzinithrottling, image formats, etc. Disk I/O performance is typically higher than 878*bccb135eSPaolo Bonziniwith ``-drive file=/dev/sda`` using either thread pool or linux-aio. 879*bccb135eSPaolo Bonzini 880*bccb135eSPaolo BonziniThe controller will be exclusively used by the QEMU process once started. To be 881*bccb135eSPaolo Bonziniable to share storage between multiple VMs and other applications on the host, 882*bccb135eSPaolo Bonziniplease use the file based protocols. 883*bccb135eSPaolo Bonzini 884*bccb135eSPaolo BonziniBefore starting QEMU, bind the host NVMe controller to the host vfio-pci 885*bccb135eSPaolo Bonzinidriver. For example: 886*bccb135eSPaolo Bonzini 887*bccb135eSPaolo Bonzini.. parsed-literal:: 888*bccb135eSPaolo Bonzini 889*bccb135eSPaolo Bonzini # modprobe vfio-pci 890*bccb135eSPaolo Bonzini # lspci -n -s 0000:06:0d.0 891*bccb135eSPaolo Bonzini 06:0d.0 0401: 1102:0002 (rev 08) 892*bccb135eSPaolo Bonzini # echo 0000:06:0d.0 > /sys/bus/pci/devices/0000:06:0d.0/driver/unbind 893*bccb135eSPaolo Bonzini # echo 1102 0002 > /sys/bus/pci/drivers/vfio-pci/new_id 894*bccb135eSPaolo Bonzini 895*bccb135eSPaolo Bonzini # |qemu_system| -drive file=nvme://HOST:BUS:SLOT.FUNC/NAMESPACE 896*bccb135eSPaolo Bonzini 897*bccb135eSPaolo BonziniAlternative syntax using properties: 898*bccb135eSPaolo Bonzini 899*bccb135eSPaolo Bonzini.. parsed-literal:: 900*bccb135eSPaolo Bonzini 901*bccb135eSPaolo Bonzini |qemu_system| -drive file.driver=nvme,file.device=HOST:BUS:SLOT.FUNC,file.namespace=NAMESPACE 902*bccb135eSPaolo Bonzini 903*bccb135eSPaolo Bonzini*HOST*:*BUS*:*SLOT*.\ *FUNC* is the NVMe controller's PCI device 904*bccb135eSPaolo Bonziniaddress on the host. 905*bccb135eSPaolo Bonzini 906*bccb135eSPaolo Bonzini*NAMESPACE* is the NVMe namespace number, starting from 1. 907*bccb135eSPaolo Bonzini 908*bccb135eSPaolo BonziniDisk image file locking 909*bccb135eSPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~ 910*bccb135eSPaolo Bonzini 911*bccb135eSPaolo BonziniBy default, QEMU tries to protect image files from unexpected concurrent 912*bccb135eSPaolo Bonziniaccess, as long as it's supported by the block protocol driver and host 913*bccb135eSPaolo Bonzinioperating system. If multiple QEMU processes (including QEMU emulators and 914*bccb135eSPaolo Bonziniutilities) try to open the same image with conflicting accessing modes, all but 915*bccb135eSPaolo Bonzinithe first one will get an error. 916*bccb135eSPaolo Bonzini 917*bccb135eSPaolo BonziniThis feature is currently supported by the file protocol on Linux with the Open 918*bccb135eSPaolo BonziniFile Descriptor (OFD) locking API, and can be configured to fall back to POSIX 919*bccb135eSPaolo Bonzinilocking if the POSIX host doesn't support Linux OFD locking. 920*bccb135eSPaolo Bonzini 921*bccb135eSPaolo BonziniTo explicitly enable image locking, specify "locking=on" in the file protocol 922*bccb135eSPaolo Bonzinidriver options. If OFD locking is not possible, a warning will be printed and 923*bccb135eSPaolo Bonzinithe POSIX locking API will be used. In this case there is a risk that the lock 924*bccb135eSPaolo Bonziniwill get silently lost when doing hot plugging and block jobs, due to the 925*bccb135eSPaolo Bonzinishortcomings of the POSIX locking API. 926*bccb135eSPaolo Bonzini 927*bccb135eSPaolo BonziniQEMU transparently handles lock handover during shared storage migration. For 928*bccb135eSPaolo Bonzinishared virtual disk images between multiple VMs, the "share-rw" device option 929*bccb135eSPaolo Bonzinishould be used. 930*bccb135eSPaolo Bonzini 931*bccb135eSPaolo BonziniBy default, the guest has exclusive write access to its disk image. If the 932*bccb135eSPaolo Bonziniguest can safely share the disk image with other writers the 933*bccb135eSPaolo Bonzini``-device ...,share-rw=on`` parameter can be used. This is only safe if 934*bccb135eSPaolo Bonzinithe guest is running software, such as a cluster file system, that 935*bccb135eSPaolo Bonzinicoordinates disk accesses to avoid corruption. 936*bccb135eSPaolo Bonzini 937*bccb135eSPaolo BonziniNote that share-rw=on only declares the guest's ability to share the disk. 938*bccb135eSPaolo BonziniSome QEMU features, such as image file formats, require exclusive write access 939*bccb135eSPaolo Bonzinito the disk image and this is unaffected by the share-rw=on option. 940*bccb135eSPaolo Bonzini 941*bccb135eSPaolo BonziniAlternatively, locking can be fully disabled by "locking=off" block device 942*bccb135eSPaolo Bonzinioption. In the command line, the option is usually in the form of 943*bccb135eSPaolo Bonzini"file.locking=off" as the protocol driver is normally placed as a "file" child 944*bccb135eSPaolo Bonziniunder a format driver. For example: 945*bccb135eSPaolo Bonzini 946*bccb135eSPaolo Bonzini:: 947*bccb135eSPaolo Bonzini 948*bccb135eSPaolo Bonzini -blockdev driver=qcow2,file.filename=/path/to/image,file.locking=off,file.driver=file 949*bccb135eSPaolo Bonzini 950*bccb135eSPaolo BonziniTo check if image locking is active, check the output of the "lslocks" command 951*bccb135eSPaolo Bonzinion host and see if there are locks held by the QEMU process on the image file. 952*bccb135eSPaolo BonziniMore than one byte could be locked by the QEMU instance, each byte of which 953*bccb135eSPaolo Bonzinireflects a particular permission that is acquired or protected by the running 954*bccb135eSPaolo Bonziniblock driver. 955