Re: Live migration without SDL

["Ty! Boyack" <ty@nrel.colostate.edu>]

Great point.  I'm hoping to get control of all the VMs on multiple 
hosts, but I plan to have a distributed application across all the hosts 
that talks over secure channels, but then the app on each host would 
connect to the individual monitors via a local socket. 

FWIW, the goal is to have a tool that can (based on rules/policies) 
perform live migration of VMs to dynamically balance the loads and 
reduce total power consumption by powering down/up the hosts 
automatically.  Do you know of any such project in the works already to 
which I should be looking to contribute, rather than starting from scratch?

And as long as I'm jumping topics all over on this thread (sorry), do 
you happen to have any idea why my live migration is failing on F9's 
qemu-kvm (kvm 65, qemu 0.9.1) with the following error:
qemu: warning: instance 0x38313339 of device '' not present in current VM

My startup line for both VMs is:
source:
/usr/bin/qemu-kvm -M pc -m 512 -smp 1 -name f9test -monitor 
tcp:127.0.0.1:4444,server,nowait -boot c -drive 
file=/VirtGuestRoots/F9test.img,if=ide,index=0,boot=on -net 
nic,macaddr=de:ad:be:ef:74:00,vlan=0 -net 
tap,script=/root/qemu-ifup,vlan=0,ifname=vnet0 -parallel none -vnc 
127.0.0.1:0 -k en-us
destination:
/usr/bin/qemu-kvm -M pc -m 512 -smp 1 -name f9test -monitor 
tcp:127.0.0.1:4444,server,nowait -boot c -drive 
file=/VirtGuestRoots/F9test.img,if=ide,index=0,boot=on -net 
nic,macaddr=de:ad:be:ef:74:00,vlan=0 -net 
tap,script=/root/qemu-ifup,vlan=0,ifname=vnet0 -parallel none -vnc 
127.0.0.1:0 -k en-us -incoming tcp://0:636

And initiating the migration from the source's monitor via:
migrate -d tcp://destination:636

I had set serial to pty and enabled USB, but I pulled those options off 
thinking they might be causing the missing device.  But still no luck.  
The disk image file is on a GFS share, and I have not yet looked to see 
if there is a locking issue with multiple hosts trying to open that 
image file at the same time.  I don't think that is the case since I get 
the same error with offline migration where I stop the source VM, copy 
the image file to a new image file, start the destination VM in incoming 
mode with the new copy of the image file, and then initiate the 
migration.  So it looks to me like somehow I'm getting a different 
device setup on the two systems.

Thanks again for all the help!

-Ty!



> Please be aware of the security implications of allowing the monitor
> to be accessed via VNC, or any other channel which does not require
> strong authentication. If you have access to the monitor & guest, 
> then in effect you have access to any file on the host machine that
> is readable by the user running QEMU, since you can use the monitor
> to map any files into the guest as disks.
>
>   
>
> This is totally unauthenticated so anyone on your network can 
> connect to it. I'd recommend using only the local-access methods
> for the monitor - UNIX socket, PIPE, PTY or STDIO, so that anyone
> accessing it has to first login via secure channel like SSH.
>
> Daniel
>   


-- 
-===========================-
  Ty! Boyack
  NREL Unix Network Manager
  ty@nrel.colostate.edu
  (970) 491-1186
-===========================-