[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Suggestion for merging xl save/restore/migrate/migrate-receive

On 16/09/13 17:05, George Dunlap wrote:
XL Migrate

:Date: 2013-09-16

Current Status

* xl migrate leverages ssh/sshd::

       xl migrate <domain> <host>

* In order to migrate a VM without user interactive, we have to configure ssh keys for all Servers in a pool. Key management with dynamic Server Pools is
   error prone.
* In certain cases, customers need non-ssl migrate, which greatly improves the
   migration speed. There's no way to do it with ssh.

Just to make sure I understand correctly then: you're throwing authentication out the window, assuming that the host network is entirely trusted -- even when using ssl?

FWIW, I think XenServer (via xapi) manage to do the host ssh keys for a pool all right. But having an option to do the migration unencrypted, if you trust your network, seems like it might be a worthwhile option.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.