[libvirt] [PATCH v4 08/10] qemu: Set up the migration TLS objects for target
Jiri Denemark
jdenemar at redhat.com
Fri Mar 24 15:17:55 UTC 2017
On Thu, Mar 23, 2017 at 19:02:09 -0400, John Ferlan wrote:
> If the migration flags indicate this migration will be using TLS,
> then set up the destination during the prepare phase once the target
> domain has been started to add the TLS objects to perform the migration.
>
> This will create at least an "-object tls-creds-x509,endpoint=server,..."
> for TLS credentials and potentially an "-object secret,..." to handle the
It looks like you are still only thinking about changing this to match
the code which does not generate any command line options :-)
> passphrase response to access the TLS credentials. The alias/id used for
> the TLS objects will contain "libvirt_migrate".
>
> Once the objects are created, the code will set the "tls-creds" and
> "tls-hostname" migration parameters to signify usage of TLS.
>
> During the Finish phase we'll be sure to attempt to clear the
> migration parameters and delete those objects (whether or not they
> were created). We'll also perform the same reset during recovery
> if we've reached FINISH3.
>
> If the migration isn't using TLS, then be sure to check if the
> migration parameters exist and clear them if so.
>
> Signed-off-by: John Ferlan <jferlan at redhat.com>
> ---
> src/qemu/qemu_domain.c | 7 +-
> src/qemu/qemu_domain.h | 91 +++++++++------
> src/qemu/qemu_migration.c | 286 ++++++++++++++++++++++++++++++++++++++++++++++
> src/qemu/qemu_migration.h | 7 ++
> src/qemu/qemu_process.c | 3 +
> 5 files changed, 355 insertions(+), 39 deletions(-)
ACK
Jirka
More information about the libvir-list
mailing list