From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id A72D472AD3 for ; Tue, 13 Apr 2021 14:17:12 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 9CEE52A5E4 for ; Tue, 13 Apr 2021 14:16:42 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [212.186.127.180]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 27F2B2A5DA for ; Tue, 13 Apr 2021 14:16:42 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id E831445A71 for ; Tue, 13 Apr 2021 14:16:41 +0200 (CEST) From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= To: pve-devel@lists.proxmox.com Date: Tue, 13 Apr 2021 14:16:18 +0200 Message-Id: <20210413121640.3602975-1-f.gruenbichler@proxmox.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.027 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [RFC qemu-server++ 0/22] remote migration X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Apr 2021 12:17:12 -0000 this series adds remote migration for VMs. there's still plenty of TODOs/FIXMEs/stuff that requires discussion, hence the RFC. live migration with NBD and storage-migrated disks should work already. the performance bottle neck (~190MB/s on loopback) for the websocket connection seems to be in pveproxy at the moment - the rust code should manage about 700MB/s. overview over affected repos and changes, see individual patches for more details. proxmox: some compatible changes to make websocket code usable for client-side connections, required by proxmox-websocket-tunnel proxmox-websocket-tunnel: new tunnel helper tool for forwarding commands and data over websocket connections, required by qemu-server on source side TODO: better error handling TODO: fingerprint checking/valid certs/.. TODO: WS key generation TODO: decide on mask? TODO: investigate performance bottlenecks once PVE api server gets faster pve-access-control: new ticket type, required by qemu-server on target side pve-cluster: new remote.cfg and related helpers, required by qemu-server on source side TODO: ACLs, CLI, API for managing config TODO: handling of discovered nodes with valid certificates TODO: add additional information like default bwlimits, storage/bridge mappings pve-common: bridgepair format akin to storage pair, pve-bridge-id option, required by qemu-server TODO: adapt pve-container pve-guest-common: handle remote migration (no SSH) in AbstractMigrate, required by qemu-server pve-manager: new 'addr' endpoint for retrieving remote node IPs, required on target node pve-storage: extend 'pvesm import' to allow import from UNIX socket, required on target node by qemu-server qemu-server: some refactoring, new mtunnel endpoints, new remote_migration endpoints TODO: check remote ACLs TODO: handle pending changes and snapshots TODO: CLI for remote migration potential TODO: expose remote info via additional endpoints (resources? vmids? permissions? ...) as usual, some of the patches are best viewed with '-w', especially in qemu-server..