[pve-devel] [RFC qemu-server++ 0/22] remote migration
Fabian Grünbichler
f.gruenbichler at proxmox.com
Tue Apr 13 14:16:18 CEST 2021
this series adds remote migration for VMs. there's still plenty of
TODOs/FIXMEs/stuff that requires discussion, hence the RFC. live
migration with NBD and storage-migrated disks should work already.
the performance bottle neck (~190MB/s on loopback) for the websocket
connection seems to be in pveproxy at the moment - the rust code should
manage about 700MB/s.
overview over affected repos and changes, see individual patches for
more details.
proxmox:
some compatible changes to make websocket code usable for client-side
connections, required by proxmox-websocket-tunnel
proxmox-websocket-tunnel:
new tunnel helper tool for forwarding commands and data over websocket
connections, required by qemu-server on source side
TODO: better error handling
TODO: fingerprint checking/valid certs/..
TODO: WS key generation
TODO: decide on mask?
TODO: investigate performance bottlenecks once PVE api server gets
faster
pve-access-control:
new ticket type, required by qemu-server on target side
pve-cluster:
new remote.cfg and related helpers, required by qemu-server on source
side
TODO: ACLs, CLI, API for managing config
TODO: handling of discovered nodes with valid certificates
TODO: add additional information like default bwlimits, storage/bridge
mappings
pve-common:
bridgepair format akin to storage pair, pve-bridge-id option, required
by qemu-server
TODO: adapt pve-container
pve-guest-common:
handle remote migration (no SSH) in AbstractMigrate,
required by qemu-server
pve-manager:
new 'addr' endpoint for retrieving remote node IPs, required on target
node
pve-storage:
extend 'pvesm import' to allow import from UNIX socket, required on
target node by qemu-server
qemu-server:
some refactoring, new mtunnel endpoints, new remote_migration endpoints
TODO: check remote ACLs
TODO: handle pending changes and snapshots
TODO: CLI for remote migration
potential TODO: expose remote info via additional endpoints (resources? vmids?
permissions? ...)
as usual, some of the patches are best viewed with '-w', especially in
qemu-server..
More information about the pve-devel
mailing list