disk. An optional sub-element <code>driver</code> can
also be used, with an attribute <code>type</code> to
specify a destination format different from
- qcow2. </dd>
+ qcow2. See documentation for <code>scratch</code> below for
+ additional configuration.</dd>
<dt><code>scratch</code></dt>
<dd>Valid only for pull mode backups, this is the
primary sub-element that describes the file name of
used without modification. The file is not deleted after the
backup but the contents of the file don't make sense outside
of the backup. The same applies for the block device which
- must be formatted appropriately.</dd>
+ must be formatted appropriately.
+
+ Similarly to the domain
+ <a href="formatdomain.html#elementsDisks"><code>disk</code></a>
+ definition <code>scratch</code> and <code>target</code> can
+ contain <code>seclabel</code> and/or <code>encryption</code>
+ subelements to configure the corresponding properties.
+ </dd>
</dl>
</dd>
</dl>
<include href='domaincommon.rng'/>
+ <define name='backupEncryption'>
+ <element name='encryption'>
+ <attribute name='format'>
+ <choice>
+ <value>luks</value>
+ </choice>
+ </attribute>
+ <interleave>
+ <ref name='secret'/>
+ <optional>
+ <element name='cipher'>
+ <ref name='keycipher'/>
+ </element>
+ <element name='ivgen'>
+ <ref name='keyivgen'/>
+ </element>
+ </optional>
+ </interleave>
+ </element>
+ </define>
+
<define name='domainbackup'>
<element name='domainbackup'>
<interleave>
<attribute name='file'>
<ref name='absFilePath'/>
</attribute>
- <zeroOrMore>
- <ref name='devSeclabel'/>
- </zeroOrMore>
+ <interleave>
+ <zeroOrMore>
+ <ref name='devSeclabel'/>
+ </zeroOrMore>
+ <optional>
+ <ref name='backupEncryption'/>
+ </optional>
+ </interleave>
</element>
</optional>
<ref name='backupPushDriver'/>
<attribute name='dev'>
<ref name='absFilePath'/>
</attribute>
- <zeroOrMore>
- <ref name='devSeclabel'/>
- </zeroOrMore>
+ <interleave>
+ <zeroOrMore>
+ <ref name='devSeclabel'/>
+ </zeroOrMore>
+ <optional>
+ <ref name='backupEncryption'/>
+ </optional>
+ </interleave>
</element>
</optional>
<ref name='backupPushDriver'/>
<attribute name='file'>
<ref name='absFilePath'/>
</attribute>
- <zeroOrMore>
- <ref name='devSeclabel'/>
- </zeroOrMore>
+ <interleave>
+ <zeroOrMore>
+ <ref name='devSeclabel'/>
+ </zeroOrMore>
+ <optional>
+ <ref name='backupEncryption'/>
+ </optional>
+ </interleave>
</element>
<ref name='backupPullDriver'/>
</interleave>
<attribute name='dev'>
<ref name='absFilePath'/>
</attribute>
- <zeroOrMore>
- <ref name='devSeclabel'/>
- </zeroOrMore>
+ <interleave>
+ <zeroOrMore>
+ <ref name='devSeclabel'/>
+ </zeroOrMore>
+ <optional>
+ <ref name='backupEncryption'/>
+ </optional>
+ </interleave>
</element>
<ref name='backupPullDriver'/>
</interleave>
--- /dev/null
+<domainbackup mode="pull">
+ <incremental>1525889631</incremental>
+ <server transport='tcp' name='localhost' port='10809'/>
+ <disks>
+ <disk name='vda' type='file' exportname='test-vda' exportbitmap='blah'>
+ <driver type='qcow2'/>
+ <scratch file='/path/to/file'>
+ <encryption format='luks'>
+ <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+ </encryption>
+ </scratch>
+ </disk>
+ <disk name='vdb' type='file' exportname='test-vda' exportbitmap='blah'>
+ <driver type='qcow2'/>
+ <scratch file='/path/to/file'>
+ <encryption format='luks'>
+ <secret type='passphrase' usage='/storage/backup/vdb'/>
+ </encryption>
+ </scratch>
+ </disk>
+ <disk name='vdc' type='block'>
+ <driver type='qcow2'/>
+ <scratch dev='/dev/block'>
+ <encryption format='luks'>
+ <secret type='passphrase' usage='/storage/backup/vdc'/>
+ </encryption>
+ </scratch>
+ </disk>
+ </disks>
+</domainbackup>
--- /dev/null
+<domainbackup mode="push">
+ <incremental>1525889631</incremental>
+ <disks>
+ <disk name='vda' type='file'>
+ <driver type='qcow2'/>
+ <target file='/path/to/file'>
+ <encryption format='luks'>
+ <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+ </encryption>
+ </target>
+ </disk>
+ <disk name='vdb' type='file'>
+ <driver type='raw'/>
+ <target file='/path/to/file'>
+ <encryption format='luks'>
+ <secret type='passphrase' usage='/storage/backup/vdb'/>
+ </encryption>
+ </target>
+ </disk>
+ <disk name='vdc' type='block'>
+ <driver type='qcow2'/>
+ <target dev='/dev/block'>
+ <encryption format='luks'>
+ <secret type='passphrase' usage='/storage/backup/vdc'/>
+ </encryption>
+ </target>
+ </disk>
+ </disks>
+</domainbackup>
--- /dev/null
+<domainbackup mode='pull'>
+ <incremental>1525889631</incremental>
+ <server transport='tcp' name='localhost' port='10809'/>
+ <disks>
+ <disk name='vda' backup='yes' type='file' exportname='test-vda' exportbitmap='blah'>
+ <driver type='qcow2'/>
+ <scratch file='/path/to/file'>
+ <encryption format='luks'>
+ <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+ </encryption>
+ </scratch>
+ </disk>
+ <disk name='vdb' backup='yes' type='file' exportname='test-vda' exportbitmap='blah'>
+ <driver type='qcow2'/>
+ <scratch file='/path/to/file'>
+ <encryption format='luks'>
+ <secret type='passphrase' usage='/storage/backup/vdb'/>
+ </encryption>
+ </scratch>
+ </disk>
+ <disk name='vdc' backup='yes' type='block'>
+ <driver type='qcow2'/>
+ <scratch dev='/dev/block'>
+ <encryption format='luks'>
+ <secret type='passphrase' usage='/storage/backup/vdc'/>
+ </encryption>
+ </scratch>
+ </disk>
+ </disks>
+</domainbackup>
--- /dev/null
+<domainbackup mode='push'>
+ <incremental>1525889631</incremental>
+ <disks>
+ <disk name='vda' backup='yes' type='file'>
+ <driver type='qcow2'/>
+ <target file='/path/to/file'>
+ <encryption format='luks'>
+ <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+ </encryption>
+ </target>
+ </disk>
+ <disk name='vdb' backup='yes' type='file'>
+ <driver type='raw'/>
+ <target file='/path/to/file'>
+ <encryption format='luks'>
+ <secret type='passphrase' usage='/storage/backup/vdb'/>
+ </encryption>
+ </target>
+ </disk>
+ <disk name='vdc' backup='yes' type='block'>
+ <driver type='qcow2'/>
+ <target dev='/dev/block'>
+ <encryption format='luks'>
+ <secret type='passphrase' usage='/storage/backup/vdc'/>
+ </encryption>
+ </target>
+ </disk>
+ </disks>
+</domainbackup>
DO_TEST_BACKUP("empty");
DO_TEST_BACKUP("backup-pull");
DO_TEST_BACKUP("backup-pull-seclabel");
+ DO_TEST_BACKUP("backup-pull-encrypted");
DO_TEST_BACKUP("backup-push");
DO_TEST_BACKUP("backup-push-seclabel");
+ DO_TEST_BACKUP("backup-push-encrypted");
+
virObjectUnref(caps);
virObjectUnref(xmlopt);
projects / thirdparty / libvirt.git / commitdiff
