[pve-devel] spice tls + proxy: ssl_verify.c:484:openssl_verify: ssl: hostname
Alexandre DERUMIER
aderumier at odiso.com
Thu Jul 18 16:16:00 CEST 2013
about seamless migration, they are 2 mode:
true seamless migration, adding seamless-migration=on to spice server options.
semi-semless migration (client disconnect/reconnect to spice).
But documentation is not very clear, I don't known if I need to use client_migrate_info with true seamless mode.
Also, in my firsts tests, spice client disconnect when receive client_migrate_info....(it should wait for the end of the migration).
I'll continue tests, I'll send a report tomorrow.
----- Mail original -----
De: "Alexandre DERUMIER" <aderumier at odiso.com>
À: "Dietmar Maurer" <dietmar at proxmox.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Jeudi 18 Juillet 2013 14:30:54
Objet: Re: [pve-devel] spice tls + proxy: ssl_verify.c:484:openssl_verify: ssl: hostname
Works fine on my test cluster ! Thanks !
I'll try to see how seamless migration works.
I known we can send new host,port values with qmp , but I don't known how it's works with proxy and proxyticket (as we have a timestamp).
"
client_migrate_info
------------------
Set the spice/vnc connection info for the migration target. The spice/vnc
server will ask the spice/vnc client to automatically reconnect using the
new parameters (if specified) once the vm migration finished successfully.
Arguments:
- "protocol": protocol: "spice" or "vnc" (json-string)
- "hostname": migration target hostname (json-string)
- "port": spice/vnc tcp port for plaintext channels (json-int, optional)
- "tls-port": spice tcp port for tls-secured channels (json-int, optional)
- "cert-subject": server certificate subject (json-string, optional)
"
----- Mail original -----
De: "Alexandre DERUMIER" <aderumier at odiso.com>
À: "Dietmar Maurer" <dietmar at proxmox.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Jeudi 18 Juillet 2013 13:40:15
Objet: Re: [pve-devel] spice tls + proxy: ssl_verify.c:484:openssl_verify: ssl: hostname
sorry, my fault, I didn't have updated qemuserver package
I'm going testing it now
----- Mail original -----
De: "Alexandre DERUMIER" <aderumier at odiso.com>
À: "Dietmar Maurer" <dietmar at proxmox.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Jeudi 18 Juillet 2013 13:32:42
Objet: Re: [pve-devel] spice tls + proxy: ssl_verify.c:484:openssl_verify: ssl: hostname
I have an error on the call to spiceproxy api. (missing the new proxy propery)
https://kvmtest1.odiso.net:8006/api2/extjs/nodes/kvmtest1/qemu/115/spiceproxy?proxy=kvmtest1.odiso.net
{"success":0,"errors":{"proxy":"property is not defined in schema and the schema does not allow additional properties"},"status":"400","data":null,"message":"Parameter verification failed.\n"}
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Jeudi 18 Juillet 2013 12:36:34
Objet: RE: [pve-devel] spice tls + proxy: ssl_verify.c:484:openssl_verify: ssl: hostname
>
> I don't known if you I have time to implement the proxy forward to connect
> on a vm on a remote node: ?
>
> client ---> http connect proxy1----> http connect proxy2
Just implemented that - please can you test?
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
More information about the pve-devel
mailing list