[libvirt-users] <VM LIVE Migration> <Sync conntrack entries>
bharath paulraj
bharathpaul at gmail.com
Fri Jul 26 11:17:22 UTC 2019
Hi Team,
I am using QEMU/KVM for launching VMs and libvirt to govern those VMs.
I would like to synchronise the connection tracking entries specific
to the VM during the VM LIVE migrations. It is required when the
firewall is implemented at the host level like libvirt's "network
filters". If stateful firewall is enabled, then unless these
connection tracking entries are synchronised, all the connections to
the VM are lost and all TCP connections should be reestablished. Is
there any option already available? I don't think current libvirt
hooks are helpful, as VM pause in the source hypervisor and VM on in
the destination hypervisor is done by QEMU and it does not wait for
any application that needs to sync-up some metadata — In my case, it
is conntrack entries.
Also I tried with the existing hooks - stop, release, startcpus and
nothing worked well.
Has anybody came across similar scenario? If yes, how you overcome this?
--
Regards,
Bharath
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20190726/6d7c20c8/attachment.htm>
More information about the libvirt-users
mailing list