[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] xl migrate command - disable ssh



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/14/2013 01:28 AM, Sean Greenslade wrote:
> On Wed, Mar 13, 2013 at 5:50 AM, Katerina Mparmpopoulou 
> <kate_mparmpop@xxxxxxxxxxx> wrote: Hi all,
> 
> I use xen 4.2.1 and i'm trying to do live migration without ssh.
> 
> I read at the manual page of xl that if i place the option -s
> empty the command is running as run <host>, instead of ssh <host>.
> 
> I 've used the command with the following alternatives:
> 
> - sudo xl migrate VM3 root@ip -s
> 
> - sudo xl migrate VM3 root@ip -s ''
> 
> the problem is that in the same time i run tcpdump (filtering the 
> particular interface/port 22/and the target host) and i can see
> the ssh packets, even the -s option is empty (no parameters).
> 
> my question is:
> 
> How can I disable ssh????
>> 
>> _______________________________________________ Xen-users mailing
>> list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users
> 
> I'm rather curious as to why you want to disable SSH. Since the 
> migration is passing raw memory blocks across the network, this is 
> certainly something that ought to be encrypted to prevent both 
> monkeying and sniffing.
> 

also if the migration takes place in a private dedicated network for
example this is not the case. disabling ssh decreases cpu load and
probably gives better performance. However my real intention is only
to monitor the difference in performance for purely research purposes. :)

> Regardless, to migrate using some program other than SSH, you need 
> something akin to it (e.g. tenlet, RSH, etc.). Xen does not create
> a migration "socket" on its own,

yeah i have understand that. I think that it uses the same certificate
as the target machine uses for the ssh login for example.

 AFAIK the xl migrate scheme passes the
> data to xl on the receiving side through stdin on the terminal.
> 

I would be grateful if you can place me hints of how i can use that to
achieve my goal. :)

Thanks,

Katerina
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJRQR7UAAoJEIrShLVVnSKr1doIAJM9CldXO+fQLZGGk1tDMF24
AZPrLcgvixQJWx72Tz84V5UcDTLzYS6GwTTidY65/6UzdANUx6lbe2FuuNKQN63X
QA7w2d9mPXnmLA21I+u1iocLdeQAbpVr3uIPYbRbHGK26hkDg4X4+pbIBmncRrjO
CokT1gqj+JARG+H7EdqHoy7Rh35XN2bcScXn4WY5uwN7HK7uKrHybRQU/zNh8aY6
9SQbbmuZzy7EJg0e0qtQO6b4JVSUD2TJp//1blZRK/BRGhsIiQUApFUi72QH/zXw
UQPFZW2utOd7fxR8nKRVReGgtKQuoiTiWcEuzpCUL0+mgnndxmHiG/XTeSmP8MY=
=oVhA
-----END PGP SIGNATURE-----

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.