[pve-devel] Allow dedicated migration network (bug #1177)

Thomas Lamprecht t.lamprecht at proxmox.com
Fri Oct 28 09:17:40 CEST 2016 

On 10/28/2016 08:44 AM, Alexandre DERUMIER wrote:
>>> Note that it's also possible to use nbd server (without qemu) for offline migration, and it's
>>> possible to use tls too. (I don't have yet added patches for the live storage migration, but it's possible too).
> See this blog about qemu live migration && nbd support for tls
>
> https://www.berrange.com/posts/2016/04/05/improving-qemu-security-part-5-tls-support-for-nbd-server-client/
>
> I don't have benchmarked it, but I think it should be faster than ssh

Ok, thanks for the link.

I wanted to look at tls migration too, but this series was more 
important to me now.

Next would be storage migration without ssh for secure networks and then 
a look at tls with qemu :)



>
> ----- Mail original -----
> De: "aderumier" <aderumier at odiso.com>
> À: "pve-devel" <pve-devel at pve.proxmox.com>
> Envoyé: Vendredi 28 Octobre 2016 08:40:21
> Objet: Re: [pve-devel] Allow dedicated migration network (bug #1177)
>
>>> a) this does also the storage migration over the network, but storage
>>> migration is currently
>>> always with ssh (+ rsync) there are plans to use a dd + netcat (+
>>> maybe also compression in between)
>>> combination if the migration type is insecure, to speed things up.
> Note that it's also possible to use nbd server (without qemu) for offline migration, and it's
> possible to use tls too. (I don't have yet added patches for the live storage migration, but it's possible too).
>
> The only thing missing from nbd is sparse support, but it's comming for qemu 2.8.
>
>
>>> b) some patches of this series conflicts quite a bit with Alexandres
>>> live storage migration series,
>>> so I can rebase those if his code gets merged, should be mainly the
>>> patches in qemu-server :)
> Feel free to apply your patches, I can rebase my patches later as it's not yet finished.
>
>
>
> ----- Mail original -----
> De: "Thomas Lamprecht" <t.lamprecht at proxmox.com>
> À: "pve-devel" <pve-devel at pve.proxmox.com>
> Envoyé: Jeudi 27 Octobre 2016 17:24:18
> Objet: Re: [pve-devel] Allow dedicated migration network (bug #1177)
>
> Two notes I possible forgot:
>
> a) this does also the storage migration over the network, but storage
> migration is currently
> always with ssh (+ rsync) there are plans to use a dd + netcat (+
> maybe also compression in between)
> combination if the migration type is insecure, to speed things up.
>
> b) some patches of this series conflicts quite a bit with Alexandres
> live storage migration series,
> so I can rebase those if his code gets merged, should be mainly the
> patches in qemu-server :)
>
> -- Thomas
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

More information about the pve-devel mailing list