virt-v2v-input-xen - Man Page

Using virt-v2v to convert guests from Xen

Synopsis

 virt-v2v -ic 'xen+ssh://root@xen.example.com'
          -ip passwordfile
          GUEST_NAME [-o* options]

Description

This page documents how to use virt-v2v(1) to convert guests from RHEL 5 Xen, or SLES and OpenSUSE Xen hosts.

Input from Xen

SSH authentication

You can use SSH password authentication, by supplying the name of a file containing the password to the -ip option (note this option does not take the password directly).  You may need to adjust /etc/ssh/sshd_config on the Xen server to set PasswordAuthentication yes.

If you are not using password authentication, an alternative is to use ssh-agent, and add your ssh public key to /root/.ssh/authorized_keys (on the Xen host).  After doing this, you should check that passwordless access works from the virt-v2v server to the Xen host.  For example:

 $ ssh root@xen.example.com
 [ logs straight into the shell, no password is requested ]

Note that support for non-interactive authentication via the -ip option is incomplete.  Some operations remain that still require the user to enter the password manually.  Therefore ssh-agent is recommended over the -ip option.  See https://bugzilla.redhat.com/1854275.

With some modern ssh implementations, legacy crypto algorithms required to interoperate with RHEL 5 sshd are disabled.  To enable them, you may need to add the following Host stanza to your ~/.ssh/config:

 Host xen.example.com
   KexAlgorithms            +diffie-hellman-group14-sha1
   MACs                     +hmac-sha1
   HostKeyAlgorithms        +ssh-rsa
   PubkeyAcceptedKeyTypes   +ssh-rsa
   PubkeyAcceptedAlgorithms +ssh-rsa

(PubkeyAcceptedKeyTypes and PubkeyAcceptedAlgorithms have identical meaning; the former is the old option name, the latter is the new one. Virt-v2v uses both libssh and ssh when converting a guest from Xen, and on some operating systems, libssh and ssh may not both accept the same option variant.)

When connecting to RHEL 5 sshd from RHEL 9, the SHA1 algorithm's use in signatures has to be re-enabled at the OpenSSL level, in addition to the above SSH configuration.  Create a file called $HOME/openssl-sha1.cnf with the following contents:

 .include /etc/ssl/openssl.cnf
 [openssl_init]
 alg_section = evp_properties
 [evp_properties]
 rh-allow-sha1-signatures = yes

and export the following variable into the environment of the virt-v2v process:

 OPENSSL_CONF=$HOME/openssl-sha1.cnf

Note that the OPENSSL_CONF environment variable will only take effect if the libvirt client library used by virt-v2v is at least version 8.6.0.

Test libvirt connection to remote Xen host

Use the virsh(1) command to list the guests on the remote Xen host:

 $ virsh -c xen+ssh://root@xen.example.com list --all
  Id    Name                           State
 ----------------------------------------------------
  0     Domain-0                       running
  -     rhel49-x86_64-pv               shut off

You should also try dumping the metadata from any guest on your server, like this:

 $ virsh -c xen+ssh://root@xen.example.com dumpxml rhel49-x86_64-pv
 <domain type='xen'>
   <name>rhel49-x86_64-pv</name>
   [...]
 </domain>

If the above commands do not work, then virt-v2v is not going to work either.  Fix your libvirt configuration or the remote server before continuing.

If the guest disks are located on a host block device, then the conversion will fail.  See "Xen or ssh conversions from block devices" below for a workaround.

Importing a guest

To import a particular guest from a Xen server, do:

 $ virt-v2v -ic 'xen+ssh://root@xen.example.com' \
           rhel49-x86_64-pv \
           -o local -os /var/tmp

where rhel49-x86_64-pv is the name of the guest (which must be shut down).

In this case the output flags are set to write the converted guest to a temporary directory as this is just an example, but you can also write to libvirt or any other supported target.

Xen or ssh conversions from block devices

Currently virt-v2v cannot directly access a Xen guest (or any guest located remotely over ssh) if that guest’s disks are located on host block devices.

To tell if a Xen guest uses host block devices, look at the guest XML. You will see:

  <disk type='block' device='disk'>
    ...
    <source dev='/dev/VG/guest'/>

where type='block', source dev= and /dev/... are all indications that the disk is located on a host block device.

This happens because the qemu ssh block driver that we use to access remote disks uses the ssh sftp protocol, and this protocol cannot correctly detect the size of host block devices.

The workaround is to copy the block device from the remote Xen server to a regular local file, copy the libvirt guest XML, adjust the disk element to point to the local file, and use -i libvirtxml mode instead.

See Also

virt-v2v(1).

Author

Richard W.M. Jones

License

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

Bugs

To get a list of bugs against libguestfs, use this link: https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools

To report a new bug against libguestfs, use this link: https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools

When reporting a bug, please supply:

Referenced By

virt-v2v(1).

2024-11-18 virt-v2v-2.7.2 Virtualization Support