I recently upgraded my laptop from RHEL-7.1 to RHEL-7.2.
I always pay attention to *.rpmnew config files, and I manually diff and
merge them with the ones I have in place.
I did the same with "/etc/libvirt/qemu.conf" this time.
Now libvirtd doesn't start for me. Systemd doesn't actually notice the
startup failure (insert bitter joke about systemd being so much better
than startup scripts); it only reports the service inactive/dead (=
unstarted), rather than failed.
But, the libvirtd log file gives the reason:
migration_address must not be the address of the local machine:
127.0.0.1
The error is easy to fix up in the config file, but my question is:
Why must migration_address not be the address of the local machine?
This comes from:
commit 5e0561e115de10da342296bb7c7361e91e368d9c
Author: Chen Fan <chen.fan.fnst(a)cn.fujitsu.com>
Date: Tue Oct 7 12:07:32 2014 +0800
conf: Check whether migration_address is localhost
When enabling the migration_address option, by default it is
set to "127.0.0.1", but it's not a valid address for migration.
so we should add verification and set the default migration_address
to "0.0.0.0".
Signed-off-by: Chen Fan <chen.fan.fnst(a)cn.fujitsu.com>
Signed-off-by: Ján Tomko <jtomko(a)redhat.com>
I checked the mailing list archive. AFAICS, the earliest appearance of
this check is:
https://www.redhat.com/archives/libvir-list/2014-August/msg01503.html
The validity of the proposed check was never questioned, nor explained.
What gives?
BTW, my purpose is not in-host migration (perhaps that's indeed
unsupported, I don't know); I just want to lock down the incoming
migration port (and not just with firewall rules).
If there's a way to disable incoming migration in libvirtd, I'd be
interested in that.
Thanks!
Laszlo