OK, just an FYI that the version-checking code I put in based on Marcus'
comments worked. I can now live migrate the VM.
I plan to open a PR for this later tonight.
On Mon, Aug 31, 2015 at 1:49 PM, Mike Tutkowski <
mike.tutkow...@solidfire.com> wrote:
> I see a test was failing: LibvirtComputingResourceTest.testMigrateCommand.
>
> I'm not sure if you can do an "or" with Mockito, but I changed a check to
> the following and it passes now (it was failing because a 1 was being
> passed in now instead of an 8 on my platform):
>
> try {
>
> verify(dm, times(1)).getXMLDesc(8);
>
> } catch (final Throwable t) {
>
> try {
>
> verify(dm, times(1)).getXMLDesc(1);
>
> }
>
> catch (final LibvirtException e) {
>
> fail(e.getMessage());
>
> }
>
> }
>
> On Mon, Aug 31, 2015 at 12:38 PM, Mike Tutkowski <
> mike.tutkow...@solidfire.com> wrote:
>
>> This is probably more esthetically pleasing to most people (and simpler
>> looking):
>>
>> CVE-2015-3252: Get XML with sensitive information
>> suitable for migration by using
>>
>> VIR_DOMAIN_XML_MIGRATABLE flag (value = 8)
>>
>>
>> https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainXMLFlags
>>
>>
>> Use VIR_DOMAIN_XML_SECURE (value = 1)
>> prior to v1.0.0.
>>
>> */
>>
>> int xmlFlag = conn.getLibVirVersion() >= 1000000 ? 8 : 1;
>>
>>
>> xmlDesc =
>> dm.getXMLDesc(xmlFlag).replace(libvirtComputingResource.getPrivateIp(),
>> command.getDestinationIp());
>>
>> On Mon, Aug 31, 2015 at 12:34 PM, Mike Tutkowski <
>> mike.tutkow...@solidfire.com> wrote:
>>
>>> Sounds good
>>>
>>> Does this look reasonable (I haven't tested it yet):
>>>
>>> CVE-2015-3252: Get XML with sensitive information
>>> suitable for migration by using
>>>
>>> VIR_DOMAIN_XML_MIGRATABLE flag (value = 8)
>>>
>>>
>>> https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainXMLFlags
>>>
>>>
>>> Use VIR_DOMAIN_XML_SECURE (value = 1)
>>> prior to v1.0.0.
>>>
>>> */
>>>
>>> if (conn.getLibVirVersion() >= 1000000) { // 1000000 equals
>>> v1.0.0
>>>
>>> xmlDesc =
>>> dm.getXMLDesc(8).replace(libvirtComputingResource.getPrivateIp(),
>>> command.getDestinationIp());
>>>
>>> }
>>>
>>> else {
>>>
>>> xmlDesc =
>>> dm.getXMLDesc(1).replace(libvirtComputingResource.getPrivateIp(),
>>> command.getDestinationIp());
>>>
>>> }
>>>
>>> On Mon, Aug 31, 2015 at 12:06 PM, Marcus <shadow...@gmail.com> wrote:
>>>
>>>> Might as well put the check in, to ensure we don't try to use flags that
>>>> aren't available.
>>>>
>>>> On Mon, Aug 31, 2015 at 10:21 AM, Mike Tutkowski <
>>>> mike.tutkow...@solidfire.com> wrote:
>>>>
>>>> > Thanks, everyone
>>>> >
>>>> > Marcus - Do you think I should put in a version check or is that
>>>> version of
>>>> > Libvirt too old to bother supporting?
>>>> >
>>>> > On Monday, August 31, 2015, Marcus <shadow...@gmail.com> wrote:
>>>> >
>>>> > > Looks like the VIR_DOMAIN_XML_MIGRATABLE flag was introduced in
>>>> v1.0.0
>>>> > > (version 1000000 in how the Libvirt API reports), and
>>>> > VIR_DOMAIN_XML_SECURE
>>>> > > was all the way back in v0.8.0 (version 8000).
>>>> > >
>>>> > > On Mon, Aug 31, 2015 at 8:04 AM, Marcus <shadow...@gmail.com
>>>> > > <javascript:_e(%7B%7D,'cvml','shadow...@gmail.com');>> wrote:
>>>> > >
>>>> > >> There are a bunch of things like this in the code already, and
>>>> they're
>>>> > >> wrapped in version checks. See
>>>> > >>
>>>> > >> _hypervisorLibvirtVersion in LibvirtComputingResource. We just
>>>> need to
>>>> > >> figure out which versions need to be left out.
>>>> > >>
>>>> > >>
>>>> > >>
>>>> > >>
>>>> > >> On Mon, Aug 31, 2015 at 1:56 AM, Rohit Yadav <
>>>> rohit.ya...@shapeblue.com
>>>> > >> <javascript:_e(%7B%7D,'cvml','rohit.ya...@shapeblue.com');>>
>>>> wrote:
>>>> > >>
>>>> > >>> Hi Mike,
>>>> > >>>
>>>> > >>> I think it is related to this, the libvirt version is really old
>>>> that
>>>> > >>> lacks the flags:
>>>> > >>>
>>>> > >>>
>>>> >
>>>> https://github.com/apache/cloudstack/commit/5d29b63cfa98a15d7734798c5b29a43658d7f112
>>>> > >>>
>>>> > >>> If VM migration flag (8) is not available, can you check
>>>> > >>> if VIR_DOMAIN_XML_SECURE (flag=1) works for you, if so we can
>>>> change
>>>> > the
>>>> > >>> above fix to use 0x1 (or 1) to support KVM/12.04 though I’m not
>>>> sure
>>>> > if for
>>>> > >>> vm migration the xml dump method should be provided 0x1 and not
>>>> 0x8
>>>> > >>> (VIR_DOMAIN_XML_MIGRATABLE).
>>>> > >>>
>>>> > >>> On 31-Aug-2015, at 11:29 am, Mike Tutkowski
>>>> <mike.tutkowski@solidfire
>>>> > >>>
>>>> > >>> .com> wrote:
>>>> > >>>
>>>> > >>> Hi,
>>>> > >>>
>>>> > >>> I'm having a problem migrating a VM from one 12.04 KVM host to
>>>> another
>>>> > >>> 12.04 KVM host in the same cluster in CS 4.6.
>>>> > >>>
>>>> > >>> Anyone know why I might be receiving this error message?
>>>> > >>>
>>>> > >>> invalid argument: virDomainDefFormat: unsupported flags (0x8)
>>>> > >>>
>>>> > >>> The root disk is stored on cluster-scoped NFS primary storage.
>>>> > >>>
>>>> > >>> Thanks!
>>>> > >>>
>>>> > >>> --
>>>> > >>> *Mike Tutkowski*
>>>> > >>> *Senior CloudStack Developer, SolidFire Inc.*
>>>> > >>> e: mike.tutkow...@solidfire.com
>>>> > >>> <javascript:_e(%7B%7D,'cvml','mike.tutkow...@solidfire.com');>
>>>> > >>> o: 303.746.7302
>>>> > >>> Advancing the way the world uses the cloud
>>>> > >>> <http://solidfire.com/solution/overview/?video=play>*™*
>>>> > >>>
>>>> > >>>
>>>> > >>> Regards,
>>>> > >>> Rohit Yadav
>>>> > >>> Software Architect, ShapeBlue
>>>> > >>>
>>>> > >>>
>>>> > >>>
>>>> > >>>
>>>> > >>> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
>>>> > >>> <javascript:_e(%7B%7D,'cvml','rohit.ya...@shapeblue.com');>
>>>> > >>> Blog: bhaisaab.org | Twitter: @_bhaisaab
>>>> > >>>
>>>> > >>>
>>>> > >>>
>>>> > >>>
>>>> > >>> Find out more about ShapeBlue and our range of CloudStack related
>>>> > >>> services
>>>> > >>>
>>>> > >>> IaaS Cloud Design & Build
>>>> > >>> <http://shapeblue.com/iaas-cloud-design-and-build//>
>>>> > >>> CSForge – rapid IaaS deployment framework
>>>> > >>> <http://shapeblue.com/csforge/>
>>>> > >>> CloudStack Consulting <
>>>> http://shapeblue.com/cloudstack-consultancy/>
>>>> > >>> CloudStack Software Engineering
>>>> > >>> <http://shapeblue.com/cloudstack-software-engineering/>
>>>> > >>> CloudStack Infrastructure Support
>>>> > >>> <http://shapeblue.com/cloudstack-infrastructure-support/>
>>>> > >>> CloudStack Bootcamp Training Courses
>>>> > >>> <http://shapeblue.com/cloudstack-training/>
>>>> > >>>
>>>> > >>> This email and any attachments to it may be confidential and are
>>>> > >>> intended solely for the use of the individual to whom it is
>>>> addressed.
>>>> > Any
>>>> > >>> views or opinions expressed are solely those of the author and do
>>>> not
>>>> > >>> necessarily represent those of Shape Blue Ltd or related
>>>> companies. If
>>>> > you
>>>> > >>> are not the intended recipient of this email, you must neither
>>>> take any
>>>> > >>> action based upon its contents, nor copy or show it to anyone.
>>>> Please
>>>> > >>> contact the sender if you believe you have received this email in
>>>> > error.
>>>> > >>> Shape Blue Ltd is a company incorporated in England & Wales.
>>>> ShapeBlue
>>>> > >>> Services India LLP is a company incorporated in India and is
>>>> operated
>>>> > under
>>>> > >>> license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda
>>>> is a
>>>> > >>> company incorporated in Brasil and is operated under license from
>>>> Shape
>>>> > >>> Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The
>>>> Republic
>>>> > of
>>>> > >>> South Africa and is traded under license from Shape Blue Ltd.
>>>> > ShapeBlue is
>>>> > >>> a registered trademark.
>>>> > >>>
>>>> > >>
>>>> > >>
>>>> > >
>>>> >
>>>> > --
>>>> > *Mike Tutkowski*
>>>> > *Senior CloudStack Developer, SolidFire Inc.*
>>>> > e: mike.tutkow...@solidfire.com
>>>> > o: 303.746.7302
>>>> > Advancing the way the world uses the cloud
>>>> > <http://solidfire.com/solution/overview/?video=play>*™*
>>>> >
>>>>
>>>
>>>
>>>
>>> --
>>> *Mike Tutkowski*
>>> *Senior CloudStack Developer, SolidFire Inc.*
>>> e: mike.tutkow...@solidfire.com
>>> o: 303.746.7302
>>> Advancing the way the world uses the cloud
>>> <http://solidfire.com/solution/overview/?video=play>*™*
>>>
>>
>>
>>
>> --
>> *Mike Tutkowski*
>> *Senior CloudStack Developer, SolidFire Inc.*
>> e: mike.tutkow...@solidfire.com
>> o: 303.746.7302
>> Advancing the way the world uses the cloud
>> <http://solidfire.com/solution/overview/?video=play>*™*
>>
>
>
>
> --
> *Mike Tutkowski*
> *Senior CloudStack Developer, SolidFire Inc.*
> e: mike.tutkow...@solidfire.com
> o: 303.746.7302
> Advancing the way the world uses the cloud
> <http://solidfire.com/solution/overview/?video=play>*™*
>
--
*Mike Tutkowski*
*Senior CloudStack Developer, SolidFire Inc.*
e: mike.tutkow...@solidfire.com
o: 303.746.7302
Advancing the way the world uses the cloud
<http://solidfire.com/solution/overview/?video=play>*™*
