Currently NBD storage migration always uses unencrypted TCP. The following 4 patches add support for unix sockets that are forwarded over SSH. For backwards compatibility this requires some kind of communication from the source node to the target node, because the NBD server can only be started with either a TCP socket or a Unix socket. This is done by passing the line 'nbd_protocol_version: 1' to the target node via STDIN.
Patch 1 & 2 are for the target side and should be applied before patch 4. Patch 3 & 4 are for the source side and patch 3 is required for the SSH tunnel to close by itself, otherwise it will be terminated after a timeout of 30 seconds. Mira Limbeck (4): parse nbd_protocol_version if available add NBD server unix socket support in vm_start move finish_tunnel to after the VM is stopped add unix socket support for NBD storage migration PVE/API2/Qemu.pm | 10 +++++++++- PVE/QemuMigrate.pm | 50 +++++++++++++++++++++++++++++++++------------- PVE/QemuServer.pm | 19 ++++++++++++++---- 3 files changed, 60 insertions(+), 19 deletions(-) -- 2.20.1 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
