<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<!--
This file is autogenerated from formatstorageencryption.html.in
Do not edit this file. Changes will be lost.
-->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="stylesheet" type="text/css" href="main.css" />
<link rel="SHORTCUT ICON" href="32favicon.png" />
<title>libvirt: Storage volume encryption XML format</title>
<meta name="description" content="libvirt, virtualization, virtualization API" />
</head>
<body>
<div id="header">
<div id="headerLogo"></div>
<div id="headerSearch">
<form action="search.php" enctype="application/x-www-form-urlencoded" method="get"><div>
<input id="query" name="query" type="text" size="12" value="" />
<input id="submit" name="submit" type="submit" value="Search" />
</div></form>
</div>
</div>
<div id="body">
<div id="menu">
<ul class="l0"><li>
<div>
<a title="Front page of the libvirt website" class="inactive" href="index.html">Home</a>
</div>
</li><li>
<div>
<a title="Details of new features and bugs fixed in each release" class="inactive" href="news.html">News</a>
</div>
</li><li>
<div>
<a title="Applications known to use libvirt" class="inactive" href="apps.html">Applications</a>
</div>
</li><li>
<div>
<a title="Get the latest source releases, binary builds and get access to the source repository" class="inactive" href="downloads.html">Downloads</a>
</div>
</li><li>
<div>
<a title="Information for users, administrators and developers" class="active" href="docs.html">Documentation</a>
<ul class="l1"><li>
<div>
<a title="How to compile libvirt" class="inactive" href="compiling.html">Compiling</a>
</div>
</li><li>
<div>
<a title="Information about deploying and using libvirt" class="inactive" href="deployment.html">Deployment</a>
</div>
</li><li>
<div>
<a title="Overview of the logical subsystems in the libvirt API" class="inactive" href="intro.html">Architecture</a>
</div>
</li><li>
<div>
<a title="Description of the XML formats used in libvirt" class="active" href="format.html">XML format</a>
<ul class="l2"><li>
<div>
<a title="The domain XML format" class="inactive" href="formatdomain.html">Domains</a>
</div>
</li><li>
<div>
<a title="The virtual network XML format" class="inactive" href="formatnetwork.html">Networks</a>
</div>
</li><li>
<div>
<a title="Network filter XML format" class="inactive" href="formatnwfilter.html">Network Filtering</a>
</div>
</li><li>
<div>
<a title="The storage pool and volume XML format" class="inactive" href="formatstorage.html">Storage</a>
</div>
</li><li>
<div>
<span class="active">Storage Encryption</span>
</div>
</li><li>
<div>
<a title="The driver capabilities XML format" class="inactive" href="formatcaps.html">Capabilities</a>
</div>
</li><li>
<div>
<a title="The host device XML format" class="inactive" href="formatnode.html">Node Devices</a>
</div>
</li><li>
<div>
<a title="The secret XML format" class="inactive" href="formatsecret.html">Secrets</a>
</div>
</li><li>
<div>
<a title="The snapshot XML format" class="inactive" href="formatsnapshot.html">Snapshots</a>
</div>
</li></ul>
</div>
</li><li>
<div>
<a title="Hypervisor specific driver information" class="inactive" href="drivers.html">Drivers</a>
</div>
</li><li>
<div>
<a title="Reference manual for the C public API" class="inactive" href="html/index.html">API reference</a>
</div>
</li><li>
<div>
<a title="Bindings of the libvirt API for other languages" class="inactive" href="bindings.html">Language bindings</a>
</div>
</li><li>
<div>
<a title="Working on the internals of libvirt API, driver and daemon code" class="inactive" href="internals.html">Internals</a>
</div>
</li><li>
<div>
<a title="A guide and reference for developing with libvirt" class="inactive" href="devguide.html">Development Guide</a>
</div>
</li><li>
<div>
<a title="Command reference for virsh" class="inactive" href="virshcmdref.html">Virsh Commands</a>
</div>
</li><li>
<div>
<a title="Project governance and code of conduct" class="inactive" href="governance.html">Governance</a>
</div>
</li></ul>
</div>
</li><li>
<div>
<a title="User contributed content" class="inactive" href="http://wiki.libvirt.org">Wiki</a>
</div>
</li><li>
<div>
<a title="Frequently asked questions" class="inactive" href="http://wiki.libvirt.org/page/FAQ">FAQ</a>
</div>
</li><li>
<div>
<a title="How and where to report bugs and request features" class="inactive" href="bugs.html">Bug reports</a>
</div>
</li><li>
<div>
<a title="How to contact the developers via email and IRC" class="inactive" href="contact.html">Contact</a>
</div>
</li><li>
<div>
<a title="Available test suites for libvirt" class="inactive" href="testsuites.html">Test suites</a>
</div>
</li><li>
<div>
<a title="Miscellaneous links of interest related to libvirt" class="inactive" href="relatedlinks.html">Related Links</a>
</div>
</li><li>
<div>
<a title="Overview of all content on the website" class="inactive" href="sitemap.html">Sitemap</a>
</div>
</li></ul>
</div>
<div id="content">
<h1>Storage volume encryption XML format</h1>
<ul><li>
<a href="#StorageEncryption">Storage volume encryption XML</a>
<ul><li>
<a href="#StorageEncryptionDefault">"default" format</a>
</li><li>
<a href="#StorageEncryptionQcow">"qcow" format</a>
</li></ul>
</li><li>
<a href="#example">Example</a>
</li></ul>
<h2>
<a name="StorageEncryption" shape="rect" id="StorageEncryption">Storage volume encryption XML</a>
<a class="headerlink" href="#StorageEncryption" title="Permalink to this headline">¶</a>
</h2>
<p>
Storage volumes may be encrypted, the XML snippet described below is used
to represent the details of the encryption. It can be used as a part
of a domain or storage configuration.
</p>
<p>
The top-level tag of volume encryption specification
is <code>encryption</code>, with a mandatory
attribute <code>format</code>. Currently defined values
of <code>format</code> are <code>default</code> and <code>qcow</code>.
Each value of <code>format</code> implies some expectations about the
content of the <code>encryption</code> tag. Other format values may be
defined in the future.
</p>
<p>
The <code>encryption</code> tag can currently contain a sequence of
<code>secret</code> tags, each with mandatory attributes <code>type</code>
and <code>uuid</code>. The only currently defined value of
<code>type</code> is <code>passphrase</code>. <code>uuid</code>
refers to a secret known to libvirt. libvirt can use a secret value
previously set using <code>virSecretSetValue()</code>, or, if supported
by the particular volume format and driver, automatically generate a
secret value at the time of volume creation, and store it using the
specified <code>uuid</code>.
</p>
<h3>
<a name="StorageEncryptionDefault" shape="rect" id="StorageEncryptionDefault">"default" format</a>
<a class="headerlink" href="#StorageEncryptionDefault" title="Permalink to this headline">¶</a>
</h3>
<p>
<code><encryption type="default"/></code> can be specified only
when creating a volume. If the volume is successfully created, the
encryption formats, parameters and secrets will be auto-generated by
libvirt and the attached <code>encryption</code> tag will be updated.
The unmodified contents of the <code>encryption</code> tag can be used
in later operations with the volume, or when setting up a domain that
uses the volume.
</p>
<h3>
<a name="StorageEncryptionQcow" shape="rect" id="StorageEncryptionQcow">"qcow" format</a>
<a class="headerlink" href="#StorageEncryptionQcow" title="Permalink to this headline">¶</a>
</h3>
<p>
The <code>qcow</code> format specifies that the built-in encryption
support in <code>qcow</code>- or <code>qcow2</code>-formatted volume
images should be used. A single
<code><secret type='passphrase'></code> element is expected. If
the <code>secret</code> element is not present during volume creation,
a secret is automatically generated and attached to the volume.
</p>
<h2>
<a name="example" shape="rect" id="example">Example</a>
<a class="headerlink" href="#example" title="Permalink to this headline">¶</a>
</h2>
<p>
Here is a simple example, specifying use of the <code>qcow</code> format:
</p>
<pre xml:space="preserve">
<encryption format='qcow'>
<secret type='passphrase' uuid='c1f11a6d-8c5d-4a3e-ac7a-4e171c5e0d4a' />
</encryption></pre>
</div>
</div>
<div id="footer">
<p id="sponsor">
Sponsored by:<br /><a href="http://et.redhat.com/"><img src="et.png" alt="Project sponsored by Red Hat Emerging Technology" /></a></p>
</div>
</body>
</html>
