[pve-devel] [RFC qemu-server++ 0/22] remote migration

Fabian Grünbichler f.gruenbichler at proxmox.com
Tue Apr 13 14:16:18 CEST 2021


this series adds remote migration for VMs. there's still plenty of
TODOs/FIXMEs/stuff that requires discussion, hence the RFC. live
migration with NBD and storage-migrated disks should work already.

the performance bottle neck (~190MB/s on loopback) for the websocket
connection seems to be in pveproxy at the moment - the rust code should
manage about 700MB/s.

overview over affected repos and changes, see individual patches for
more details.

proxmox:

some compatible changes to make websocket code usable for client-side
connections, required by proxmox-websocket-tunnel

proxmox-websocket-tunnel:

new tunnel helper tool for forwarding commands and data over websocket
connections, required by qemu-server on source side
TODO: better error handling
TODO: fingerprint checking/valid certs/..
TODO: WS key generation
TODO: decide on mask?
TODO: investigate performance bottlenecks once PVE api server gets
faster

pve-access-control:

new ticket type, required by qemu-server on target side

pve-cluster:

new remote.cfg and related helpers, required by qemu-server on source
side
TODO: ACLs, CLI, API for managing config
TODO: handling of discovered nodes with valid certificates
TODO: add additional information like default bwlimits, storage/bridge
mappings

pve-common:

bridgepair format akin to storage pair, pve-bridge-id option, required
by qemu-server
TODO: adapt pve-container

pve-guest-common:

handle remote migration (no SSH) in AbstractMigrate,
required by qemu-server

pve-manager:

new 'addr' endpoint for retrieving remote node IPs, required on target
node

pve-storage:

extend 'pvesm import' to allow import from UNIX socket, required on
target node by qemu-server

qemu-server:

some refactoring, new mtunnel endpoints, new remote_migration endpoints
TODO: check remote ACLs
TODO: handle pending changes and snapshots
TODO: CLI for remote migration
potential TODO: expose remote info via additional endpoints (resources? vmids?
permissions? ...)

as usual, some of the patches are best viewed with '-w', especially in
qemu-server..




More information about the pve-devel mailing list