[openstack-dev] [nova][libvirt] Deprecating the live_migration_flag and block_migration_flag config options
Sahid Orentino Ferdjaoui
sahid.ferdjaoui at redhat.com
Thu Jan 7 11:23:11 UTC 2016
On Mon, Jan 04, 2016 at 09:12:06PM +0000, Mark McLoughlin wrote:
> Hi
>
> commit 8ecf93e[1] got me thinking - the live_migration_flag config
> option unnecessarily allows operators choose arbitrary behavior of the
> migrateToURI() libvirt call, to the extent that we allow the operator
> to configure a behavior that can result in data loss[1].
>
> I see that danpb recently said something similar:
>
> https://review.openstack.org/171098
>
> "Honestly, I wish we'd just kill off 'live_migration_flag' and
> 'block_migration_flag' as config options. We really should not be
> exposing low level libvirt API flags as admin tunable settings.
>
> Nova should really be in charge of picking the correct set of flags
> for the current libvirt version, and the operation it needs to
> perform. We might need to add other more sensible config options in
> their place [..]"
Nova should really handle internal flags and this serie is running in
the right way.
> ...
> 4) Add a new config option for tunneled versus native:
>
> [libvirt]
> live_migration_tunneled = true
>
> This enables the use of the VIR_MIGRATE_TUNNELLED flag. We have
> historically defaulted to tunneled mode because it requires the
> least configuration and is currently the only way to have a
> secure migration channel.
>
> danpb's quote above continues with:
>
> "perhaps a "live_migration_secure_channel" to indicate that
> migration must use encryption, which would imply use of
> TUNNELLED flag"
>
> So we need to discuss whether the config option should express the
> choice of tunneled vs native, or whether it should express another
> choice which implies tunneled vs native.
>
> https://review.openstack.org/263434
We probably have to consider that operator does not know much about
internal libvirt flags, so options we are exposing for him should
reflect benefice of using them. I commented on your review we should
at least explain benefice of using this option whatever the name is.
> 5) Add a new config option for additional migration flags:
>
> [libvirt]
> live_migration_extra_flags = VIR_MIGRATE_COMPRESSED
>
> This allows operators to continue to experiment with libvirt behaviors
> in safe ways without each use case having to be accounted for.
>
> https://review.openstack.org/263435
>
> We would disallow setting the following flags via this option:
>
> VIR_MIGRATE_LIVE
> VIR_MIGRATE_PEER2PEER
> VIR_MIGRATE_TUNNELLED
> VIR_MIGRATE_PERSIST_DEST
> VIR_MIGRATE_UNDEFINE_SOURCE
> VIR_MIGRATE_NON_SHARED_INC
> VIR_MIGRATE_NON_SHARED_DISK
>
> which would allow the following currently available flags to be set:
> VIR_MIGRATE_PAUSED
> VIR_MIGRATE_CHANGE_PROTECTION
> VIR_MIGRATE_UNSAFE
> VIR_MIGRATE_OFFLINE
> VIR_MIGRATE_COMPRESSED
> VIR_MIGRATE_ABORT_ON_ERROR
> VIR_MIGRATE_AUTO_CONVERGE
> VIR_MIGRATE_RDMA_PIN_ALL
We can probably consider to provide VIR_MIGRATE_PAUSED and
VIR_MIGRATE_COMPRESSED as dedicated options too ?
More information about the OpenStack-dev
mailing list