On Thu, Mar 23, 2017 at 19:02:09 -0400, John Ferlan wrote: > If the migration flags indicate this migration will be using TLS, > then set up the destination during the prepare phase once the target > domain has been started to add the TLS objects to perform the migration. > > This will create at least an "-object tls-creds-x509,endpoint=server,..." > for TLS credentials and potentially an "-object secret,..." to handle the It looks like you are still only thinking about changing this to match the code which does not generate any command line options :-) > passphrase response to access the TLS credentials. The alias/id used for > the TLS objects will contain "libvirt_migrate". > > Once the objects are created, the code will set the "tls-creds" and > "tls-hostname" migration parameters to signify usage of TLS. > > During the Finish phase we'll be sure to attempt to clear the > migration parameters and delete those objects (whether or not they > were created). We'll also perform the same reset during recovery > if we've reached FINISH3. > > If the migration isn't using TLS, then be sure to check if the > migration parameters exist and clear them if so. > > Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx> > --- > src/qemu/qemu_domain.c | 7 +- > src/qemu/qemu_domain.h | 91 +++++++++------ > src/qemu/qemu_migration.c | 286 ++++++++++++++++++++++++++++++++++++++++++++++ > src/qemu/qemu_migration.h | 7 ++ > src/qemu/qemu_process.c | 3 + > 5 files changed, 355 insertions(+), 39 deletions(-) ACK Jirka -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
