Marc I added permission to you; can you test if you can make comments now? On Fri, Nov 17, 2017 at 11:20 AM, Marc-Aurèle Brothier - Exoscale < ma...@exoscale.ch> wrote:
> I'm not able to post comments on the wiki even when logged in so I post > to the mailing list. I guess I'm not in any special wiki group to edit > CS pages. > > Good news you made the live migration working (right?) on master. Is it > really something we want to control under CS on the agent installation > all this libvirt TLS setup? Maybe the installation could write libvirtd > configuration file for TLS and non-TLS setup in CS and/or libvirt /etc > directory but without overriding the normal one. I have to admit I'm > not familiar with how things are usually done in CS for external > components. > > You can also add to cloudstack configuration the libvirt flags used for > the live migration, which should be customizable in some way. On my PR > it's in agent.properties, but it could be sent along with the migration > command. > > I would welcome if you could setup a wiki page that I could edit on the > KVM live migration so I could add my remark on my experience and things > to config/consider. > > On your question: +1 on having the configuration value for TLS or plain > tcp. > > Marc-Aurèle > > On Thu, 2017-11-16 at 10:32 +0000, Rohit Yadav wrote: > > All, > > > > > > Kindly review and share your thoughts and comments for a new feature > > - Secure VM live migration for KVM, this feature builds on top of the > > previous feature that brought in a new CA framework [1] for > > CloudStack. > > > > > > Here is a rough first draft for your review: > > > > https://cwiki.apache.org/confluence/display/CLOUDSTACK/Secure+KVM+VM+ > > Live+Migration > > > > > > [1] https://cwiki.apache.org/confluence/display/CLOUDSTACK/Secure+Age > > nt+Communications > > > > > > Regards. > > > > rohit.ya...@shapeblue.com > > www.shapeblue.com > > 53 Chandos Place, Covent Garden, London WC2N 4HSUK > > @shapeblue > > > > > > > -- Rafael Weingärtner
