
On Tue, Feb 21, 2017 at 22:47:38 +0100, Jiri Denemark wrote:
On Fri, Feb 17, 2017 at 14:39:30 -0500, John Ferlan wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=1300769
Modify the Begin phase to add the checks to determine whether a migration wishes to use TLS and whether it's configured including adding the secret into the priv->migSecinfo for the source domain.
Modify the Perform phase in qemuMigrationRun in order to generate the TLS objects to be used for the migration and set the migration channel parameters 'tls-creds' and possibly 'tls-hostname' in order to enable TLS.
Signed-off-by: John Ferlan <jferlan@redhat.com> --- src/qemu/qemu_migration.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) ... You store the migrateTLS info in the status XML on the destination host where libvirtd restart almost always kills the QEMU process. But you didn't bother storing the flag on the source where the QEMU process almost always remains running when libvirtd is restarted.
The freshly started libvirtd calls qemuProcessRecoverMigration* to finish or cancel the ongoing migration and both functions (or functions which are called from them) need to properly cleanup the TLS objects.
Actually I think we don't need to store migrateTLS in the status XML at all since we can just unconditionally delete the objects when a restarted libvirtd founds a domain with running migration. Jirka