From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id E5B237E429 for ; Wed, 10 Nov 2021 13:03:20 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id DBCBD1B2A6 for ; Wed, 10 Nov 2021 13:03:20 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 4359E1B29B for ; Wed, 10 Nov 2021 13:03:20 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 1BC3D42C0E for ; Wed, 10 Nov 2021 13:03:20 +0100 (CET) To: pve-devel@lists.proxmox.com, =?UTF-8?Q?Fabian_Gr=c3=bcnbichler?= References: <20211105130359.40803-1-f.gruenbichler@proxmox.com> <20211105130359.40803-12-f.gruenbichler@proxmox.com> From: Fabian Ebner Message-ID: Date: Wed, 10 Nov 2021 13:03:19 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 MIME-Version: 1.0 In-Reply-To: <20211105130359.40803-12-f.gruenbichler@proxmox.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 1.047 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -1.678 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [abstractmigrate.pm] Subject: Re: [pve-devel] [PATCH guest-common 1/1] migrate: handle migration_network with remote migration X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Nov 2021 12:03:20 -0000 Am 05.11.21 um 14:03 schrieb Fabian Grünbichler: > we only want to use an explicitly provided migration network, not one > for the local cluster. > > Signed-off-by: Fabian Grünbichler > --- > src/PVE/AbstractMigrate.pm | 51 +++++++++++++++++++++++--------------- > 1 file changed, 31 insertions(+), 20 deletions(-) > > diff --git a/src/PVE/AbstractMigrate.pm b/src/PVE/AbstractMigrate.pm > index af2be38..ec60b82 100644 > --- a/src/PVE/AbstractMigrate.pm > +++ b/src/PVE/AbstractMigrate.pm > @@ -115,22 +115,27 @@ sub migrate { > > $class = ref($class) || $class; > > - my $dc_conf = PVE::Cluster::cfs_read_file('datacenter.cfg'); > + my ($ssh_info, $rem_ssh); > + if (!$opts->{remote}) { > + my $dc_conf = PVE::Cluster::cfs_read_file('datacenter.cfg'); > > - my $migration_network = $opts->{migration_network}; > - if (!defined($migration_network)) { > - $migration_network = $dc_conf->{migration}->{network}; > - } > - my $ssh_info = PVE::SSHInfo::get_ssh_info($node, $migration_network); > - $nodeip = $ssh_info->{ip}; > - > - my $migration_type = 'secure'; > - if (defined($opts->{migration_type})) { > - $migration_type = $opts->{migration_type}; > - } elsif (defined($dc_conf->{migration}->{type})) { > - $migration_type = $dc_conf->{migration}->{type}; > + my $migration_network = $opts->{migration_network}; > + if (!defined($migration_network)) { > + $migration_network = $dc_conf->{migration}->{network}; > + } > + $ssh_info = PVE::SSHInfo::get_ssh_info($node, $migration_network); > + $nodeip = $ssh_info->{ip}; > + > + my $migration_type = 'secure'; > + if (defined($opts->{migration_type})) { > + $migration_type = $opts->{migration_type}; > + } elsif (defined($dc_conf->{migration}->{type})) { > + $migration_type = $dc_conf->{migration}->{type}; > + } > + $opts->{migration_type} = $migration_type; > + $opts->{migration_network} = $migration_network; > + $rem_ssh = PVE::SSHInfo::ssh_info_to_command($ssh_info); > } > - $opts->{migration_type} = $migration_type; > > my $self = { > delayed_interrupt => 0, > @@ -139,7 +144,7 @@ sub migrate { > node => $node, > ssh_info => $ssh_info, > nodeip => $nodeip, > - rem_ssh => PVE::SSHInfo::ssh_info_to_command($ssh_info) > + rem_ssh => $rem_ssh, > }; > > $self = bless $self, $class; > @@ -162,15 +167,21 @@ sub migrate { > &$eval_int($self, sub { $self->{running} = $self->prepare($self->{vmid}); }); > die $@ if $@; > > - if (defined($migration_network)) { > + if (defined($self->{opts}->{migration_network})) { > $self->log('info', "use dedicated network address for sending " . > "migration traffic ($self->{nodeip})"); > > # test if we can connect to new IP > - my $cmd = [ @{$self->{rem_ssh}}, '/bin/true' ]; > - eval { $self->cmd_quiet($cmd); }; > - die "Can't connect to destination address ($self->{nodeip}) using " . > - "public key authentication\n" if $@; > + if ($self->{opts}->{remote}) { > + eval { $self->{opts}->{remote}->{client}->get("/") }; Shouldn't the check here happen regardless of whether a migration_network is defined? Actually, isn't the same true for the existing check too? > + die "Can't connect to destination address ($self->{nodeip}) using " . > + "API connection - $@\n" if $@; > + } else { > + my $cmd = [ @{$self->{rem_ssh}}, '/bin/true' ]; > + eval { $self->cmd_quiet($cmd); }; > + die "Can't connect to destination address ($self->{nodeip}) using " . > + "public key authentication\n" if $@; > + } > } > > &$eval_int($self, sub { $self->phase1($self->{vmid}); }); >