virt-v2v -ic 'xen+ssh://email@example.com' -ip passwordfile GUEST_NAME [-o* options]
This page documents how to use virt-v2v(1) to convert guests from RHEL 5 Xen, or SLES and OpenSUSE Xen hosts.
Input from Xen
You can use SSH password authentication, by supplying the name of a file containing the password to the -ip option (note this option does not take the password directly). You may need to adjust /etc/ssh/sshd_config on the Xen server to set
If you are not using password authentication, an alternative is to use ssh-agent, and add your ssh public key to /root/.ssh/authorized_keys (on the Xen host). After doing this, you should check that passwordless access works from the virt-v2v server to the Xen host. For example:
$ ssh firstname.lastname@example.org [ logs straight into the shell, no password is requested ]
Note that support for non-interactive authentication via the -ip option is incomplete. Some operations remain that still require the user to enter the password manually. Therefore ssh-agent is recommended over the -ip option. See https://bugzilla.redhat.com/1854275.
With some modern ssh implementations, legacy crypto algorithms required to interoperate with RHEL 5 sshd are disabled. To enable them, you may need to add the following
Host stanza to your ~/.ssh/config:
Host xen.example.com KexAlgorithms +diffie-hellman-group14-sha1 MACs +hmac-sha1 HostKeyAlgorithms +ssh-rsa PubkeyAcceptedKeyTypes +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms have identical meaning; the former is the old option name, the latter is the new one. Virt-v2v uses both
ssh when converting a guest from Xen, and on some operating systems,
ssh may not both accept the same option variant.)
When connecting to RHEL 5 sshd from RHEL 9, the SHA1 algorithm's use in signatures has to be re-enabled at the OpenSSL level, in addition to the above SSH configuration. Create a file called
$HOME/openssl-sha1.cnf with the following contents:
.include /etc/ssl/openssl.cnf [openssl_init] alg_section = evp_properties [evp_properties] rh-allow-sha1-signatures = yes
and export the following variable into the environment of the
Note that the
OPENSSL_CONF environment variable will only take effect if the libvirt client library used by virt-v2v is at least version 8.6.0.
Test libvirt connection to remote Xen host
Use the virsh(1) command to list the guests on the remote Xen host:
$ virsh -c xen+ssh://email@example.com list --all Id Name State ---------------------------------------------------- 0 Domain-0 running - rhel49-x86_64-pv shut off
You should also try dumping the metadata from any guest on your server, like this:
$ virsh -c xen+ssh://firstname.lastname@example.org dumpxml rhel49-x86_64-pv <domain type='xen'> <name>rhel49-x86_64-pv</name> [...] </domain>
If the above commands do not work, then virt-v2v is not going to work either. Fix your libvirt configuration or the remote server before continuing.
If the guest disks are located on a host block device, then the conversion will fail. See "Xen or ssh conversions from block devices" below for a workaround.
Importing a guest
To import a particular guest from a Xen server, do:
$ virt-v2v -ic 'xen+ssh://email@example.com' \ rhel49-x86_64-pv \ -o local -os /var/tmp
rhel49-x86_64-pv is the name of the guest (which must be shut down).
In this case the output flags are set to write the converted guest to a temporary directory as this is just an example, but you can also write to libvirt or any other supported target.
Xen or ssh conversions from block devices
Currently virt-v2v cannot directly access a Xen guest (or any guest located remotely over ssh) if that guest’s disks are located on host block devices.
To tell if a Xen guest uses host block devices, look at the guest XML. You will see:
<disk type='block' device='disk'> ... <source dev='/dev/VG/guest'/>
source dev= and
/dev/... are all indications that the disk is located on a host block device.
This happens because the qemu ssh block driver that we use to access remote disks uses the ssh sftp protocol, and this protocol cannot correctly detect the size of host block devices.
The workaround is to copy the block device from the remote Xen server to a regular local file, copy the libvirt guest XML, adjust the
disk element to point to the local file, and use
-i libvirtxml mode instead.
Richard W.M. Jones
Copyright (C) 2009-2020 Red Hat Inc.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
To get a list of bugs against libguestfs, use this link: https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools
To report a new bug against libguestfs, use this link: https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools
When reporting a bug, please supply:
- The version of libguestfs.
- Where you got libguestfs (eg. which Linux distro, compiled from source, etc)
- Describe the bug accurately and give a way to reproduce it.
- Run libguestfs-test-tool(1) and paste the complete, unedited output into the bug report.