All, Attached is the secure migration patch for libvirt. What this patch implements is a new remote RPC call for secure migration. On the source of the migration, we do a migration from the qemu process to the libvirtd on localhost. As each read() in libvirtd completes, it issues an RPC message to the remote libvirtd, using the standard libvirt RPC mechanisms. On the destination, we do essentially the mirror; the libvirtd accepts the data from RPC, and then writes it to a qemu container process listening on localhost. In order to actually use this, the command-line is pretty complex. If you want to use standard live migration, the command-line looks something like: # virsh -c qemu+tls://source.example.org/system migrate --live guest qemu+tls://dest.example.org/system This says to a live migration of "guest" from "source.example.org" to "dest.example.org", connecting to each of the remote libvirtd via TLS. Note that in this model, the virsh process connects to the remote libvirtd's via the -c argument (source) and the destination argument (dest). To do secure live migration, this becomes: # virsh -c qemu+tls://source.example.org/system migrate --live --secure guest qemu+tls://dest.example.org/system qemu+tls://dest.example.org/system This says to do a secure live migration of "guest" from "source.example.org" to "dest.example.org". The virsh process figures out how to connect to the remote libvirtd's via the -c argument (source) and the destination argument (dest). The second "qemu+tls://dest.example.org/system" is the secure channel from the source libvirtd to the destination libvirtd. Signed-off-by: Chris Lalancette <clalance@redhat.com> docs/apibuild.py | 1 include/libvirt/libvirt.h | 1 include/libvirt/libvirt.h.in | 1 qemud/remote.c | 34 +++ qemud/remote_dispatch_args.h | 1 qemud/remote_dispatch_prototypes.h | 7 qemud/remote_dispatch_table.h | 5 qemud/remote_protocol.c | 13 + qemud/remote_protocol.h | 17 + qemud/remote_protocol.x | 12 + src/driver.h | 10 + src/libvirt.c | 55 ++++- src/libvirt_internal.h | 5 src/libvirt_private.syms | 1 src/lxc_driver.c | 1 src/openvz_driver.c | 1 src/qemu_driver.c | 367 ++++++++++++++++++++++++++++++++----- src/remote_internal.c | 33 +++ src/test.c | 1 src/uml_driver.c | 1 src/virsh.c | 4 src/xen_unified.c | 1 22 files changed, 518 insertions(+), 54 deletions(-)