From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <f.gruenbichler@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 3EEA160711
 for <pve-devel@lists.proxmox.com>; Wed, 16 Feb 2022 13:58:58 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 361D747D0
 for <pve-devel@lists.proxmox.com>; Wed, 16 Feb 2022 13:58:28 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id 347F447C7
 for <pve-devel@lists.proxmox.com>; Wed, 16 Feb 2022 13:58:27 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id F0D124621C
 for <pve-devel@lists.proxmox.com>; Wed, 16 Feb 2022 13:58:26 +0100 (CET)
Date: Wed, 16 Feb 2022 13:58:19 +0100
From: Fabian =?iso-8859-1?q?Gr=FCnbichler?= <f.gruenbichler@proxmox.com>
To: Fabian Ebner <f.ebner@proxmox.com>, pve-devel@lists.proxmox.com
References: <20220209130750.902245-1-f.gruenbichler@proxmox.com>
 <20220209130750.902245-16-f.gruenbichler@proxmox.com>
 <ce49d9a8-03b6-01ed-ad01-5cc500bfba19@proxmox.com>
In-Reply-To: <<ce49d9a8-03b6-01ed-ad01-5cc500bfba19@proxmox.com>
MIME-Version: 1.0
User-Agent: astroid/0.15.0 (https://github.com/astroidmail/astroid)
Message-Id: <1645014790.j3zvypjvhr.astroid@nora.none>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.188 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
Subject: Re: [pve-devel] [PATCH v5 qemu-server 08/11] migrate: refactor
 remote VM/tunnel start
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Wed, 16 Feb 2022 12:58:58 -0000

On February 11, 2022 2:01 pm, Fabian Ebner wrote:
> Am 09.02.22 um 14:07 schrieb Fabian Gr=C3=BCnbichler:
>> no semantic changes intended, except for:
>> - no longer passing the main migration UNIX socket to SSH twice for
>> forwarding
>> - dropping the 'unix:' prefix in start_remote_tunnel's timeout error mes=
sage
>>=20
>> Signed-off-by: Fabian Gr=C3=BCnbichler <f.gruenbichler@proxmox.com>
>>
>> [..]
>>
>> @@ -82,23 +87,23 @@ sub start_remote_tunnel {
>>  	    if ($unix_socket_try > 100) {
>>  		$self->{errors} =3D 1;
>>  		PVE::Tunnel::finish_tunnel($self->{tunnel});
>> -		die "Timeout, migration socket $ruri did not get ready";
>> +		die "Timeout, migration socket $tunnel_info->{addr} did not get ready=
";
>>  	    }
>>  	    $self->{tunnel}->{unix_sockets} =3D $unix_sockets if (@$unix_socke=
ts);
>> =20
>> -	} elsif ($ruri =3D~ /^tcp:/) {
>> +	} elsif ($tunnel_info->{proto} eq 'tcp') {
>>  	    my $ssh_forward_info =3D [];
>> -	    if ($raddr eq "localhost") {
>> +	    if ($tunnel_info->{addr} eq "localhost") {
>>  		# for backwards compatibility with older qemu-server versions
>>  		my $pfamily =3D PVE::Tools::get_host_address_family($nodename);
>>  		my $lport =3D PVE::Tools::next_migrate_port($pfamily);
>> -		push @$ssh_forward_info, "$lport:localhost:$rport";
>> +		push @$ssh_forward_info, "$lport:localhost:$tunnel_info->{rport}";
>=20
> Should be $tunnel_info->{port}

right! never triggered since AFAICT this is dead code. we switched to=20
using unix sockets for SSH migration in 2016/PVE 4[0], and this was just=20
the fallback for compat reasons. unless I am missing something this can=20
probably just be dropped altogether/replaced with a

die "secure TCP migration not supported\n";

0: https://git.proxmox.com/?p=3Dqemu-server.git;a=3Dcommitdiff;h=3D1c9d54bf=
d05e0d017a6e2ac5524d75466b1a4455

source node will always use unix for secure and tcp for insecure
target node will only use 'localhost' as addr for tcp + secure, which no=20
PVE 5/6/7 source node will ever set

>=20
>>  	    }
>> =20
>>  	    $self->{tunnel} =3D $self->fork_tunnel($ssh_forward_info);
>> =20
>>  	} else {
>> -	    die "unsupported protocol in migration URI: $ruri\n";
>> +	    die "unsupported protocol in migration URI: $tunnel_info->{proto}\=
n";
>>  	}
>>      } else {
>>  	#fork tunnel for insecure migration, to send faster commands like resu=
me
>> @@ -650,52 +655,40 @@ sub phase1_cleanup {
>>      }
>>  }
>> =20
>> -sub phase2 {
>> -    my ($self, $vmid) =3D @_;
>> +sub phase2_start_local_cluster {
>> +    my ($self, $vmid, $params) =3D @_;
>> =20
>>      my $conf =3D $self->{vmconf};
>>      my $local_volumes =3D $self->{local_volumes};
>>      my @online_local_volumes =3D $self->filter_local_volumes('online');
>> =20
>>      $self->{storage_migration} =3D 1 if scalar(@online_local_volumes);
>> +    my $start =3D $params->{start_params};
>> +    my $migrate =3D $params->{migrate_opts};
>> =20
>>      $self->log('info', "starting VM $vmid on remote node '$self->{node}=
'");
>> =20
>> -    my $raddr;
>> -    my $rport;
>> -    my $ruri; # the whole migration dst. URI (protocol:address[:port])
>> -    my $nodename =3D PVE::INotify::nodename();
>> +    my $tunnel_info =3D {};
>> =20
>>      ## start on remote node
>>      my $cmd =3D [@{$self->{rem_ssh}}];
>> =20
>> -    my $spice_ticket;
>> -    if (PVE::QemuServer::vga_conf_has_spice($conf->{vga})) {
>> -	my $res =3D mon_cmd($vmid, 'query-spice');
>> -	$spice_ticket =3D $res->{ticket};
>> -    }
>> +    push @$cmd, 'qm', 'start', $vmid, '--skiplock';
>=20
> Nit: the parameter $start->{skiplock} that's passed in is ignored
> (although it is always 1 currently)

fixed.

>=20
>> +    push @$cmd, '--migratedfrom', $migrate->{migratedfrom};
>> =20
>> -    push @$cmd , 'qm', 'start', $vmid, '--skiplock', '--migratedfrom', =
$nodename;
>> +    push @$cmd, '--migration_type', $migrate->{type};
>> =20
>> -    my $migration_type =3D $self->{opts}->{migration_type};
>> +    push @$cmd, '--migration_network', $migrate->{network}
>> +      if $migrate->{network};
>> =20
>> -    push @$cmd, '--migration_type', $migration_type;
>> +    push @$cmd, '--stateuri', $start->{statefile};
>> =20
>> -    push @$cmd, '--migration_network', $self->{opts}->{migration_networ=
k}
>> -      if $self->{opts}->{migration_network};
>> -
>> -    if ($migration_type eq 'insecure') {
>> -	push @$cmd, '--stateuri', 'tcp';
>> -    } else {
>> -	push @$cmd, '--stateuri', 'unix';
>> +    if ($start->{forcemachine}) {
>> +	push @$cmd, '--machine', $start->{forcemachine};
>>      }
>> =20
>> -    if ($self->{forcemachine}) {
>> -	push @$cmd, '--machine', $self->{forcemachine};
>> -    }
>> -
>> -    if ($self->{forcecpu}) {
>> -	push @$cmd, '--force-cpu', $self->{forcecpu};
>> +    if ($start->{forcecpu}) {
>> +	push @$cmd, '--force-cpu', $start->{forcecpu};
>>      }
>> =20
>>      if ($self->{storage_migration}) {
>=20