Red Hat Bugzilla – Bug 1300768
RFE: add support for native TLS encryption on migration TCP transport
Last modified: 2017-08-01 23:24:58 EDT
Description of problem:
None of the QEMU migration transports have native support for encryption. As such apps/users needing security must tunnel the QEMU migration transport over another channel such as libvirt's secure connection. This is inefficient resulting in many more data copies and lower throughput for migration which reduces chances of it completing.
Providing native TLS encryption support for migration in QEMU will allow for secure migration with a lower performance overhead
Latest upstream code review posting is:
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.