Hi Marc, Thanks for your comments, I'll reply to them on the cwiki page.
Briefly - CloudStack does support live VM migration already and presently on adding a KVM host using CloudStack 's addHost runs cloudstack-setup-agent and configures libvirtd by adding suitable options to enable libvirtd on tcp. I'll have another look at your PR too. Regards. Get Outlook for Android<https://aka.ms/ghei36> ________________________________ From: Marc-Aurèle Brothier - Exoscale <ma...@exoscale.ch> Sent: Friday, November 17, 2017 8:06:55 PM To: dev@cloudstack.apache.org Subject: Re: [FS] Request for comments: Secure VM Live Migration for KVM Working, thanks! rohit.ya...@shapeblue.com www.shapeblue.com 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue On Fri, 2017-11-17 at 11:27 -0200, Rafael Weingärtner wrote: > Marc I added permission to you; can you test if you can make comments > now? > > On Fri, Nov 17, 2017 at 11:20 AM, Marc-Aurèle Brothier - Exoscale < > ma...@exoscale.ch> wrote: > > > I'm not able to post comments on the wiki even when logged in so I > > post > > to the mailing list. I guess I'm not in any special wiki group to > > edit > > CS pages. > > > > Good news you made the live migration working (right?) on master. > > Is it > > really something we want to control under CS on the agent > > installation > > all this libvirt TLS setup? Maybe the installation could write > > libvirtd > > configuration file for TLS and non-TLS setup in CS and/or libvirt > > /etc > > directory but without overriding the normal one. I have to admit > > I'm > > not familiar with how things are usually done in CS for external > > components. > > > > You can also add to cloudstack configuration the libvirt flags used > > for > > the live migration, which should be customizable in some way. On my > > PR > > it's in agent.properties, but it could be sent along with the > > migration > > command. > > > > I would welcome if you could setup a wiki page that I could edit on > > the > > KVM live migration so I could add my remark on my experience and > > things > > to config/consider. > > > > On your question: +1 on having the configuration value for TLS or > > plain > > tcp. > > > > Marc-Aurèle > > > > On Thu, 2017-11-16 at 10:32 +0000, Rohit Yadav wrote: > > > All, > > > > > > > > > Kindly review and share your thoughts and comments for a new > > > feature > > > - Secure VM live migration for KVM, this feature builds on top of > > > the > > > previous feature that brought in a new CA framework [1] for > > > CloudStack. > > > > > > > > > Here is a rough first draft for your review: > > > > > > https://cwiki.apache.org/confluence/display/CLOUDSTACK/Secure+KVM > > > +VM+ > > > Live+Migration > > > > > > > > > [1] https://cwiki.apache.org/confluence/display/CLOUDSTACK/Secure > > > +Age > > > nt+Communications > > > > > > > > > Regards. > > > > > > rohit.ya...@shapeblue.com > > > www.shapeblue.com<http://www.shapeblue.com> > > > 53 Chandos Place, Covent Garden, London WC2N 4HSUK > > > @shapeblue > > > > > > > > > > > >
