Displaying 3 results from an estimated 3 matches for "default_tls_x509_cert_dir".
2020 Aug 17
2
couple of questions
Hey folks,
I've been experimenting with native NBD live migration w/ TLS and have
a couple of questions.
1) It appears that in some cases modified default_tls_x509_cert_dir
from qemu.conf is not respected, seems like virsh always expects a
default location and does not check default_tls_x509_cert_dir:
virsh # migrate vm1 qemu+tls://ratchet.lan/system --live --persistent
--undefinesource --copy-storage-all --verbose --tls
error: internal error: unable to execute QEMU...
2020 Aug 17
0
Re: couple of questions
On Sun, Aug 16, 2020 at 22:43:30 -0700, Vjaceslavs Klimovs wrote:
> Hey folks,
> I've been experimenting with native NBD live migration w/ TLS and have
> a couple of questions.
>
> 1) It appears that in some cases modified default_tls_x509_cert_dir
> from qemu.conf is not respected, seems like virsh always expects a
> default location and does not check default_tls_x509_cert_dir:
>
> virsh # migrate vm1 qemu+tls://ratchet.lan/system --live --persistent
> --undefinesource --copy-storage-all --verbose --tls
> error: internal...
2020 Nov 19
1
unable to migrate when TLS is used
...s:
libvirt:
key_file = "/etc/ssl/libvirt/server.lan.key"
cert_file = "/etc/ssl/libvirt/server.lan.crt"
ca_file = "/etc/ssl/libvirt/ca.crt"
log_filters="3:remote 4:event 3:util.json 3:rpc 1:*"
log_outputs="1:file:/var/log/libvirt/libvirtd.log"
qemu:
default_tls_x509_cert_dir = "/etc/ssl/qemu"
default_tls_x509_verify = 1
migration with tls:
virsh # migrate vm1 qemu+tls://server2.lan/system --persistent
--undefinesource --copy-storage-all --verbose --tls
never succeeds. Progress stops typically at high progress amounts
(95%-98%), and network traffic drastical...