If ‘virt-v2v -oo insecure’ is used then ‘openstack --insecure’ flag is added whenever we invoke the openstack command. This turns of SSL certificate validation. --- v2v/output_openstack.ml | 14 +++++++++++++- v2v/virt-v2v-output-openstack.pod | 1 + v2v/virt-v2v.pod | 7 +++++++ 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/v2v/output_openstack.ml b/v2v/output_openstack.ml index b901ab262..b5bbc9195 100644 --- a/v2v/output_openstack.ml +++ b/v2v/output_openstack.ml @@ -53,6 +53,11 @@ type os_options = { *) authentication : string list; + (* Add the [openstack --insecure] switch (turns off SSL cert + * validation). + *) + insecure : bool; + (* Optional guest_id which, if present, is saved as * Cinder volume property virt_v2v_guest_id on every disk * associated with this guest. @@ -97,6 +102,7 @@ The os-* parameters and environment variables are optional. let parse_output_options options = let server_id = ref None in let dev_disk_by_id = ref None in + let insecure = ref false in let guest_id = ref None in let authentication = ref [] in List.iter ( @@ -105,6 +111,10 @@ let parse_output_options options = server_id := Some v | "dev-disk-by-id", v -> dev_disk_by_id := Some v + | "insecure", "" -> + insecure := true + | "insecure", v -> + insecure := bool_of_string v | "guest-id", v -> guest_id := Some v | k, v -> @@ -117,9 +127,10 @@ let parse_output_options options = ) options; let server_id = !server_id in let authentication = List.rev !authentication in + let insecure = !insecure in let guest_id = !guest_id in let dev_disk_by_id = !dev_disk_by_id in - { server_id; authentication; guest_id; dev_disk_by_id } + { server_id; authentication; insecure; guest_id; dev_disk_by_id } (* UTC conversion time. *) let iso_time = @@ -137,6 +148,7 @@ class output_openstack output_conn output_password output_storage let args = ref os_options.authentication in Option.may (fun oc -> List.push_back args (sprintf "--os-auth-url=%s" oc)) output_conn; + if os_options.insecure then List.push_back args "--insecure"; !args in (* The server ID (the name or UUID of the conversion appliance) can diff --git a/v2v/virt-v2v-output-openstack.pod b/v2v/virt-v2v-output-openstack.pod index 7ea3bc75c..25c7ab627 100644 --- a/v2v/virt-v2v-output-openstack.pod +++ b/v2v/virt-v2v-output-openstack.pod @@ -7,6 +7,7 @@ virt-v2v-output-openstack - Using virt-v2v to convert guests to OpenStack virt-v2v [-i* options] -o openstack [-oo server-id=SERVER] [-oo guest-id=GUEST] + [-oo insecure] [-oo os-username=admin] [-oo os-*=*] virt-v2v [-i* options] -o glance diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod index 3f0620bc6..b9155cb87 100644 --- a/v2v/virt-v2v.pod +++ b/v2v/virt-v2v.pod @@ -555,6 +555,13 @@ For I<-o openstack> (L<virt-v2v-output-openstack(1)>) only, set a guest ID which is saved on each Cinder volume in the C<virt_v2v_guest_id> volume property. +=item B<-oo insecure> + +=item B<-oo insecure=>C<true|false> + +For I<-o openstack> (L<virt-v2v-output-openstack(1)>) only, this +disables SSL certification validation when connecting to OpenStack. + =item B<-oo os->*B<=>* For I<-o openstack> (L<virt-v2v-output-openstack(1)>) only, set optional -- 2.19.0.rc0