mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-10-03 12:55:45 +00:00
qemu: migration: Use 'VIR_MIGRATE_PARAM_TLS_DESTINATION' for the NBD connection
The NBD connection for non-shared storage migration can have the same issue regarding TLS certificate name match as the migration connection itself. Propagate the configured name also for the NBD connections. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1901394 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Peter Krempa
parent
e6d1ed4a76
commit
e8fa09d66b
@ -883,7 +883,8 @@ qemuMigrationSrcNBDStorageCopyBlockdevPrepareSource(virDomainDiskDef *disk,
|
||||
const char *host,
|
||||
int port,
|
||||
const char *socket,
|
||||
const char *tlsAlias)
|
||||
const char *tlsAlias,
|
||||
const char *tlsHostname)
|
||||
{
|
||||
g_autoptr(virStorageSource) copysrc = NULL;
|
||||
|
||||
@ -910,6 +911,7 @@ qemuMigrationSrcNBDStorageCopyBlockdevPrepareSource(virDomainDiskDef *disk,
|
||||
}
|
||||
|
||||
copysrc->tlsAlias = g_strdup(tlsAlias);
|
||||
copysrc->tlsHostname = g_strdup(tlsHostname);
|
||||
|
||||
copysrc->nodestorage = g_strdup_printf("migration-%s-storage", disk->dst);
|
||||
copysrc->nodeformat = g_strdup_printf("migration-%s-format", disk->dst);
|
||||
@ -931,6 +933,7 @@ qemuMigrationSrcNBDStorageCopyBlockdev(virQEMUDriver *driver,
|
||||
unsigned long long mirror_speed,
|
||||
unsigned int mirror_shallow,
|
||||
const char *tlsAlias,
|
||||
const char *tlsHostname,
|
||||
bool syncWrites)
|
||||
{
|
||||
g_autoptr(qemuBlockStorageSourceAttachData) data = NULL;
|
||||
@ -940,7 +943,8 @@ qemuMigrationSrcNBDStorageCopyBlockdev(virQEMUDriver *driver,
|
||||
|
||||
VIR_DEBUG("starting blockdev mirror for disk=%s to host=%s", disk->dst, host);
|
||||
|
||||
if (!(copysrc = qemuMigrationSrcNBDStorageCopyBlockdevPrepareSource(disk, host, port, socket, tlsAlias)))
|
||||
if (!(copysrc = qemuMigrationSrcNBDStorageCopyBlockdevPrepareSource(disk, host, port, socket,
|
||||
tlsAlias, tlsHostname)))
|
||||
return -1;
|
||||
|
||||
/* Migration via blockdev-mirror was supported sooner than the auto-read-only
|
||||
@ -1025,6 +1029,7 @@ qemuMigrationSrcNBDStorageCopyOne(virQEMUDriver *driver,
|
||||
unsigned long long mirror_speed,
|
||||
bool mirror_shallow,
|
||||
const char *tlsAlias,
|
||||
const char *tlsHostname,
|
||||
unsigned int flags)
|
||||
{
|
||||
qemuDomainObjPrivate *priv = vm->privateData;
|
||||
@ -1065,6 +1070,7 @@ qemuMigrationSrcNBDStorageCopyOne(virQEMUDriver *driver,
|
||||
mirror_speed,
|
||||
mirror_shallow,
|
||||
tlsAlias,
|
||||
tlsHostname,
|
||||
syncWrites);
|
||||
} else {
|
||||
rc = qemuMigrationSrcNBDStorageCopyDriveMirror(driver, vm, diskAlias,
|
||||
@ -1114,6 +1120,7 @@ qemuMigrationSrcNBDStorageCopy(virQEMUDriver *driver,
|
||||
const char **migrate_disks,
|
||||
virConnectPtr dconn,
|
||||
const char *tlsAlias,
|
||||
const char *tlsHostname,
|
||||
const char *nbdURI,
|
||||
unsigned int flags)
|
||||
{
|
||||
@ -1137,6 +1144,11 @@ qemuMigrationSrcNBDStorageCopy(virQEMUDriver *driver,
|
||||
}
|
||||
mirror_speed <<= 20;
|
||||
|
||||
/* If qemu doesn't support overriding of TLS hostname for NBD connections
|
||||
* we won't attempt it */
|
||||
if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV_NBD_TLS_HOSTNAME))
|
||||
tlsHostname = NULL;
|
||||
|
||||
/* steal NBD port and thus prevent its propagation back to destination */
|
||||
port = mig->nbd->port;
|
||||
mig->nbd->port = 0;
|
||||
@ -1185,7 +1197,7 @@ qemuMigrationSrcNBDStorageCopy(virQEMUDriver *driver,
|
||||
if (qemuMigrationSrcNBDStorageCopyOne(driver, vm, disk, host, port,
|
||||
socket,
|
||||
mirror_speed, mirror_shallow,
|
||||
tlsAlias, flags) < 0)
|
||||
tlsAlias, tlsHostname, flags) < 0)
|
||||
return -1;
|
||||
|
||||
if (virDomainObjSave(vm, driver->xmlopt, cfg->stateDir) < 0) {
|
||||
@ -4138,6 +4150,7 @@ qemuMigrationSrcRun(virQEMUDriver *driver,
|
||||
if (storageMigration) {
|
||||
if (mig->nbd) {
|
||||
const char *host = "";
|
||||
const char *tlsHostname = qemuMigrationParamsGetTLSHostname(migParams);
|
||||
|
||||
if (spec->destType == MIGRATION_DEST_HOST ||
|
||||
spec->destType == MIGRATION_DEST_CONNECT_HOST) {
|
||||
@ -4157,7 +4170,7 @@ qemuMigrationSrcRun(virQEMUDriver *driver,
|
||||
priv->migMaxBandwidth,
|
||||
nmigrate_disks,
|
||||
migrate_disks,
|
||||
dconn, tlsAlias,
|
||||
dconn, tlsAlias, tlsHostname,
|
||||
nbdURI, flags) < 0) {
|
||||
goto error;
|
||||
}
|
||||
|
||||
@ -1464,3 +1464,20 @@ qemuMigrationCapsGet(virDomainObj *vm,
|
||||
|
||||
return enabled;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* qemuMigrationParamsGetTLSHostname:
|
||||
* @migParams: Migration params object
|
||||
*
|
||||
* Fetches the value of the QEMU_MIGRATION_PARAM_TLS_HOSTNAME parameter which is
|
||||
* passed from the user as VIR_MIGRATE_PARAM_TLS_DESTINATION
|
||||
*/
|
||||
const char *
|
||||
qemuMigrationParamsGetTLSHostname(qemuMigrationParams *migParams)
|
||||
{
|
||||
if (!migParams->params[QEMU_MIGRATION_PARAM_TLS_HOSTNAME].set)
|
||||
return NULL;
|
||||
|
||||
return migParams->params[QEMU_MIGRATION_PARAM_TLS_HOSTNAME].value.s;
|
||||
}
|
||||
|
||||
@ -167,3 +167,6 @@ qemuMigrationCapsCheck(virQEMUDriver *driver,
|
||||
bool
|
||||
qemuMigrationCapsGet(virDomainObj *vm,
|
||||
qemuMigrationCapability cap);
|
||||
|
||||
const char *
|
||||
qemuMigrationParamsGetTLSHostname(qemuMigrationParams *migParams);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user