Description of suggestion:
Right now, the vm.sh only supports using a migration_uri over direct TCP ports between nodes.
virsh also supports a '--tunneled' option that will perform the migration over SSH instead of requiring firewall ports to be open between the nodes.
Before fix running a vm on ask-03:
OCF_RESKEY_name="test3" OCF_RESKEY_xmlfile=/etc/libvirt/qemu/test3.xml /usr/share/cluster/vm.sh migrate ask-04
tcpdump shows lots of traffic over a random 49xxx port:
15:55:11.220530 IP 10.15.85.4.49162 > 10.15.85.3.35559: Flags [.], ack 143716529, win 24576, options [nop,nop,TS val 263638322 ecr 254144338], length 0
After fix on a vm running on ask-04:
OCF_RESKEY_name="test3" OCF_RESKEY_xmlfile=/etc/libvirt/qemu/test3.xml /usr/share/cluster/vm.sh migrate ask-03
tcpdumps shows traffic over ssh
15:52:00.986503 IP 10.15.85.4.57094 > 10.15.85.3.ssh: Flags [.], seq 98251302:98252750, ack 47102, win 176, options [nop,nop,TS val 263448089 ecr 253954129], length 1448
Commit Here: https://github.com/ClusterLabs/resource-agents/commit/e5ffcdd105dbf792de43b210706ecc0f58c75104
Would you be willing to test out a new package built with a fix for this issue?
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
Cause: Couldn't set tunneled migration option with KVM
Consequence: Couldn't use tunneled migration with KVM
Fix: Added option for setting tunneled migration
Result: You can now use tunneled migration with KVM
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.