[Users] Ovirt Node - tls VM Migration Fails

David Elliott david.elliott at shazamteam.com
Thu Mar 29 15:23:10 UTC 2012


Hi

I'm ovirt node using the latest ovirt-node-iso-2.3.0-1.0.fc16.iso, and
having a problem with live migration

After fresh install of node 
/etc/libvirt/libvirtd.conf
listen_tls = 0
listen_tcp = 1
# tcp and tls ports are defaults
# tls_port = "16514"
#tcp_port = "16509"


[root at ovirt-h-6 ~]# netstat -ant |grep -E "16514|16509"
tcp        0      0 0.0.0.0:16509               0.0.0.0:*
LISTEN

iptables is set to accept ALL

When migration is attempted - it then tries and fails to use tls 

2012-03-28 18:33:15.566+0000: 1622: error : doPeer2PeerMigrate:2129 :
operation failed: Failed to connect to remote libvirt URI
qemu+tls://192.168.192.230/system

- manually configuring a registered/running node with listen_tls = 1,
migration will then succeed

- editing the live-cd and setting "listen_tls=1" , a fresh install then has
some problems
libvirtd fails  to start on install due to a certificate error (which am
guessing is installed as part of the node registration process with the
engine)
"Cannot read CA Certifcate /etc/pki/CA/cacert.pem"

This also causes the setting of hostname/network details to fail during the
automated installation; so this seems the wrong way to go

I'm not sure if the problem here is live migration shouldn't be using tls;
or that the node registration process should set "listen_tls=1" l; but isn't

Any assistance appreciated

Cheers,
Dave 













______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________



More information about the Users mailing list