On Thu, May 13, 2010 at 04:31:59PM +0300, Dan Kenigsberg wrote:
> On Thu, May 13, 2010 at 07:58:51AM -0400, Daniel P. Berrange wrote:
> > ... I discovered that the virDomainMigratePrepareTunnel
> > method is missing the cookie/cookielen commands. This means that
> > seemless migration will *NOT* be possible when the TUNNELLED
> > migration flag is set. Fortunately VDSM only set PEER2PEER
> > flag which now works fine.
> Ouch. I hoped that we would be able to harness libvirt to enjoy
> migration encryption some time. What are the chances of having that?
> Does it require a who API addition?
Yep, we'll have to define a new API for the tunnelled migration and make
sure it wires up the cookie stuff correctly this time :-(
We've never had encryption on migration data in rhev, but I thought we would get that for almost free by using libvirt.
Miki, if the PRD for rhev 2.3 wants that, this bug may be a blocker.
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release. Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release. This request is not yet committed for
This isn't compelling for 6.0, moving to 6.1
Development Management has reviewed and declined this request. You may appeal
this decision by reopening this request.
I perfectly agree with NACKing this from 6.0.z; but please reconsider for 6.1 or further.
6.1 is fine from RHEV perspective.
Targeting for 6.1.
NACKing for 6.0.z per comments 7 & 8.
The API required for this RFE is being developed as part of the sanlock work, and when that functionality was deferred to 6.2, this BZ should have been deferred as well. I have done that now.
The new migration code has been through several iterations and is nearing upstream commit.
Migration version 3 protocol is upstream now. It's hard to pick a specific commit since the migration patch series was followed by many bug fixes. All of that is included in 0.9.2-rc1.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.