[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH v3 0/2] migration: add option to set target ndb server port



Current libvirt + qemu pair lacks secure migrations in case of
VMs with non-shared disks. The only option to migrate securely
natively is to use tunneled mode and some kind of secure
destination URI. But tunelled mode does not support non-shared
disks.

The other way to make migration secure is to organize a tunnel
by external means. This is possible in case of shared disks
migration thru use of proper combination of destination URI,
migration URI and VIR_MIGRATE_PARAM_LISTEN_ADDRESS migration
param. But again this is not possible in case of non shared disks
migration as we have no option to control target nbd server port.
But fixing this much more simplier that supporting non-shared
disks in tunneled mode.

So this patch series adds option to set target ndb port.

Finally all qemu migration connections will be secured AFAIK but
even in this case this patch could be convinient if one wants
all migration traffic be put in a single connection.

difference from v2:
===================

1. patch is splitted into API and implementation parts
2. code that starts nbd server is reorganized
3. add check for setting disks port for tunneled case
4. misc small changes according to Jiri comments

Nikolay Shirokovskiy (2):
  migration: add target peer disks port
  qemu: implement setting target disks migration port

 include/libvirt/libvirt-domain.h |  10 ++++
 src/qemu/qemu_driver.c           |  25 ++++++---
 src/qemu/qemu_migration.c        | 108 +++++++++++++++++++++++++++++----------
 src/qemu/qemu_migration.h        |   3 ++
 tools/virsh-domain.c             |  12 +++++
 tools/virsh.pod                  |   5 +-
 6 files changed, 127 insertions(+), 36 deletions(-)

-- 
1.8.3.1


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]