[libvirt] [RFC]: Secure migration

Daniel Veillard veillard at redhat.com
Thu Mar 5 08:58:46 UTC 2009

On Wed, Mar 04, 2009 at 11:03:17AM +0100, Chris Lalancette wrote:
> > These are all just minor auth credentials/acl config tasks that the admin 
> > has to deal with for normal remote usage already, so I don't see that they
> > present a particular problem for migration
> Yes, they are certainly all solvable from the admin's point-of-view, so they are
> not show stoppers.  The thing is that I think admins will have a difficult time
> discovering what the problems are when migration doesn't work for them.  There
> are just so many combinations that it's very easy for the admin to get one of
> them wrong, and then it may be difficult to figure out exactly what they need to
> do to get it working.  On the other hand, having a dedicated channel makes it
> relatively easy; if the admin is having problems, then the answer is going to be
> "open port XYZ on the destination", and that will usually solve the problem.

  From my POV, I think getting the auth fixed is a matter of installing
proper files on a machine and of the responsability of the sysadmins
basically and purely within their realm. On the other hand opening a new
port is a decision involving network admins and security, it's not the
same scope within a company with strict policies.
  I would really stay with the existing RPC model and avoid the
requirement of adding a new open port, from a pure sysadmin "upgrade"
perspective this can turn into a nightmare,


Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel at veillard.com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/

More information about the libvir-list mailing list