[Openstack-operators] Live-migration experiences?
Clint Byrum
clint at fewbar.com
Mon Aug 6 13:12:22 UTC 2018
Hello! At GoDaddy, we're about to start experimenting with live
migration. While setting it up, we've found a number of options that
seem attractive/useful, but we're wondering if anyone has data/anecdotes
about specific configurations of live migration. Your time in reading
them is appreciated!
First a few facts about our installation:
* We're using kolla-ansible and basically leaving most nova settings at
the default, meaning libvirt+kvm
* We will be using block migration, as we have no shared storage of any
kind.
* We use routed networks to set up L2 segments per-rack. Each rack is
basically an island unto itself. The VMs on one rack cannot be migrated
to another rack because of this.
* Our main resource limitation is disk, followed closely by RAM. As
such, our main motivation for wanting to do live migration is to be able
to move VMs off of machines where over-subscribed disk users start to
threaten the free space of the others.
Now, some things we'd love your help with:
* TLS for libvirt - We do not want to transfer the contents of VMs' RAM
over unencrypted sockets. We want to setup TLS with an internal CA and
tls_allowed_dn_list controlling access. Has anyone reading this used
this setup? Do you have suggestions, reservations, or encouragement for
us wanting to do it this way?
* Raw backed qcow2 files - Our instances use qcow2, and our images are
uploaded as a raw-backed qcow2. As a result we get maximum disk savings
with excellent read performance. When live migrating these around, have
you found that they continue to use the same space on the target node as
they did on the source? If not, did you find a workaround?
* Do people have feedback on live_migrate_permit_auto_convergence? It
seems like a reasonable trade-off, but since it is defaulted to false, I
wonder if there are some hidden gotchas there.
* General pointers to excellent guides, white papers, etc, that might
help us avoid doing all of our learning via trial/error.
Thanks very much for your time!
More information about the OpenStack-operators
mailing list