[libvirt] [PATCH 13/13] qemu: Set up the migration TLS objects for source
Jiri Denemark
jdenemar at redhat.com
Wed Feb 22 08:15:26 UTC 2017
On Tue, Feb 21, 2017 at 22:47:38 +0100, Jiri Denemark wrote:
> On Fri, Feb 17, 2017 at 14:39:30 -0500, John Ferlan wrote:
> > https://bugzilla.redhat.com/show_bug.cgi?id=1300769
> >
> > Modify the Begin phase to add the checks to determine whether a migration
> > wishes to use TLS and whether it's configured including adding the secret
> > into the priv->migSecinfo for the source domain.
> >
> > Modify the Perform phase in qemuMigrationRun in order to generate the
> > TLS objects to be used for the migration and set the migration channel
> > parameters 'tls-creds' and possibly 'tls-hostname' in order to enable TLS.
> >
> > Signed-off-by: John Ferlan <jferlan at redhat.com>
> > ---
> > src/qemu/qemu_migration.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++
> > 1 file changed, 55 insertions(+)
...
> You store the migrateTLS info in the status XML on the destination host
> where libvirtd restart almost always kills the QEMU process. But you
> didn't bother storing the flag on the source where the QEMU process
> almost always remains running when libvirtd is restarted.
>
> The freshly started libvirtd calls qemuProcessRecoverMigration* to
> finish or cancel the ongoing migration and both functions (or functions
> which are called from them) need to properly cleanup the TLS objects.
Actually I think we don't need to store migrateTLS in the status XML at
all since we can just unconditionally delete the objects when a
restarted libvirtd founds a domain with running migration.
Jirka
More information about the libvir-list
mailing list