diff options
Diffstat (limited to 'recipes-extended/libvirt/README')
-rw-r--r-- | recipes-extended/libvirt/README | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/recipes-extended/libvirt/README b/recipes-extended/libvirt/README new file mode 100644 index 00000000..af4fd170 --- /dev/null +++ b/recipes-extended/libvirt/README | |||
@@ -0,0 +1,26 @@ | |||
1 | libvirt default connection mode between client(where for example virsh runs) and | ||
2 | server(where libvirtd runs) is tls which requires keys and certificates for | ||
3 | certificate authority, client and server to be properly generated and deployed. | ||
4 | Otherwise, servers and clients cannot be connected. | ||
5 | |||
6 | recipes-extended/libvirt/libvirt/gnutls-help.py is provided to help generate | ||
7 | required keys and certificates. | ||
8 | |||
9 | Usage: | ||
10 | gnutls-help.py [-a|--ca-info] <ca.info> [-b|--server-info] <server.info> [-c|--client-info] <client.info> | ||
11 | If ca.info or server.info or client.info is not provided, a corresponding sample file will be generated. | ||
12 | |||
13 | !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | ||
14 | !! "ip_address" field of server.info must be IP address of the server. !! | ||
15 | !! For more details, please refer to: !! | ||
16 | !! https://libvirt.org/remote.html#Remote_certificates !! | ||
17 | !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | ||
18 | |||
19 | Please deploy cacert.pem to CA and server and client /etc/pki/CA/cacert.pem | ||
20 | Please deploy serverkey.pem to server /etc/pki/libvirt/private/serverkey.pem | ||
21 | Please deploy servercert.pem to server /etc/pki/libvirt/servercert.pem | ||
22 | Please deploy clientkey.pem to client /etc/pki/libvirt/private/clientkey.pem | ||
23 | Please deploy clientcert.pem to client /etc/pki/libvirt/clientcert.pem" | ||
24 | |||
25 | For more details please refer to libvirt official document, | ||
26 | https://libvirt.org/remote.html#Remote_certificates | ||