[libvirt] [PATCH 0/9] Support new peer-2-peer migration mode & public API

Daniel Veillard veillard at redhat.com
Wed Oct 7 14:54:34 UTC 2009 

On Mon, Oct 05, 2009 at 12:44:47PM +0100, Daniel P. Berrange wrote:
> This series is an update of
> 
> http://www.redhat.com/archives/libvir-list/2009-September/msg00540.html
> 
> There isn't as much functional change here as you might presume
> from the number of patches. Since Chris' tunnelled migration code
> is added, I thought it better to do alot of small refactoring
> steps rather than munge it all in one patch.
> 
> One particular notable change since last time is that the new
> virDomainMigrateToURI method does *not* mandate use of the
> new "VIR_MIGRATE_PEER2PEER" flag anymore. I will now explain
> why...

  ah ! I won't complain, but I'm curious :)

> Traditionally migration has been a 3 step process
> 
>  1. client -> dest   (prepare)
>  2. client -> source (perform)
>  3. client -> dest   (finish)
> 
> This is why virDomainMigrate requires the extra 'dconn' parameter
> from the client app
> 
> With the tunnelled migration / peer-to-peer migration, the extra
> 'dconn' parameter is no longer required from the client, because
> the source libvirt driver directly opens a connection to the
> destination libvirtd daemon on the remote host. ie libvirtd is
> talking to another libvirtd peer-2-peer.
> 
> In considering the implementation of the PEER_TO_PEER flag for
> the Xen and VMWare drivers though I realized that even this is not
> technically neccessary, and in fact detrimental to use of libvirt
> for migrating with these drivers. Both Xen and VMWare have their
> own management daemon which is perfectly capable of handling the
> entire process without any need for libvirtd to be involved on the
> destination host. libvirt need only initiate the migration op on
> the source host. If you look at the impl of Prepare/Finish ops in
> the Xen driver this should be obvious, since they are pretty much
> no-ops

  Okay

> Thus we in fact have 3 possible migration processes
> 
>  *  Traditional libvirt client managed
> 
>           client -> dest   (prepare)
>           client -> source (perform)
>           client -> dest   (finish)
>  
>  *  New peer-to-peer migration (on which tunnelled mig is built)
> 
>           client -> source (perform)
>           source -> dest (open)
>           source -> dest (prepareTunnel)
>           source -> dest (streamSend)
>           source -> dest (finish)
>           source -> dest (close)
> 
>  *  New direct migration (hypervisor managed)
> 
>           client -> source (perform)
>           source -> dest (whatever the HV's native migration does)
> 

  okay so we split out the last one from the P2P version

> In terms of libvirt public APIs this works out as follows
> 
>  * Traditional libvirt client managed
> 
>    A hypervisor specific URI style, passed to virDomainMigrate()
>    with no flags set
> 
>  * New peer-to-peer migration (on which tunnelled mig is built)
> 
>    The standard libvirt URI style, passed to virDomainMigrate()
>    or virDomainMigrateToURI() with VIR_DOMAIN_MIGRATE_PEER2PEER
>    flag set.
> 
>    The virDomainMigrateToURI() method is better since it avoids
>    the unneccessary burden on the client of connecting to the
>    remote libvirtd.
> 
>  * New direct migration (hypervisor managed)
> 
>    A hypervisor specific URI style, passed to virDomainMigrateToURI()
>    with no flags set
  
  Okay understood, makes sense.

> The QEMU driver can't support the latter, since it has no native
> management daemon - it requires libvirtd's help. Xen and VMWare,
> and probably VirtualBox can support this just fine.
> 
> 
> This is good for flexibility of usage in terms of authentication
> too, since each of these 3 modes has different characteristics
> 
>  * Traditional libvirt client managed
> 
>      client -> source libvirtd auth
>      client -> dest  libvirtd auth
>      possible hypervisor -> hypervisor auth
> 
>  * New peer-to-peer migration, without tunnelling
> 
>      client -> source libvirtd auth
>      source -> dest libvirtd auth
>      possible hypervisor -> hypervisor auth
> 
>  * New peer-to-peer migration, without tunnelling
> 
>      client -> source libvirtd auth
>      source -> dest libvirtd auth
> 
>  * New direct migration (hypervisor managed)
> 
>      client -> source libvirtd auth
>      possible hypervisor -> hypervisor auth
> 
> 
> NB, 'client -> source libvirtd auth' is essentially no-op
> if initiating migration from the source host directly in
> all these cases. 
> 
> With with the combination of the two virDomainMigrate and
> virDomainMigrateToURI methods, and the VIR_MIGRATE_PEER2PEER
> flag, I believe we're well placed to cover all the main 
> deployment/auth scenarios for migration in all hypervisors
> without imposing extra auth burden ourselves as we did in
> the past

  We need some documentation for all those options, people already get
lost when there is only one command for an action, but if you can have
3 ways and multiple auth schemes it gets scary :-)
  
> 
> Further things that need to be done though:
> 
>   - Xen could easily support  PEER2PEER and TUNNELLED flags
> 
>   - Add a VIR_MIGRATE_SECURE flag, to indicate that the app
>     only wants the migration to be performed if the HV can
>     guarentee the data channel is secure.  

  good point !

>   - Document the scenarios I just outlined and give some mre
>     guidance to app developers/administrators about the tradeoff
>     between each scenario

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel at veillard.com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/

More information about the libvir-list mailing list