Folks,
We are implementing Live Migration support in "ch" driver of Libvirt.
I'd like to confirm if the approach we have chosen would be accepted
upstream once implemented.
Our immediate goal is to implement "Hypervisor Native" + "Managed
Direct" mode of migration. "Hypervisor Native" here referring to VMM(ch)
being responsible for data flow. This in contrast to TUNNELED migration
where data is sent over libvirt rpc.
"Managed Direct" referring to virsh client responsible for control flow
between source and dest hosts. The libvirtd daemons on source and
destination do not have to communicate with each other. These modes are
described further at
https://libvirt.org/migration.html#network-data-transports.
At the moment, Cloud-Hypervisor supports receiving migration data only
on Unix Domain Sockets. Also, Cloud-Hypervisor does not encrypt the VM
data while sending.
We are considering forking "socat" processes as documented at
https://github.com/cloud-hypervisor/cloud-hypervisor/blob/main/docs/live_migration.md.
The socat processes will be forked in "Prepare" and "Perform" phases on
Destination and Source hosts respectively.
I couldn't find any existing implementation in libvirt to connect Domain
Sockets on different hosts. Please let me know, if you'd recommend a
different approach from forking socat processes to connect Domain
Sockets on source and dest hosts to allow Live VM Migration.
FYI, I had an early discussion on this topic at
https://gitlab.com/libvirt/libvirt/-/issues/352 and Peter suggested I
follow here for broader discussion. Also Peter, rightly, suggested we
look at enabling encryption of VM data in cloud-hypervisor. This is
something we will follow up with after enabling Live Migration in Libvirt.
--
Regards,
Praveen K Paladugu