diff options
| author |   Oliver Walsh <owalsh@redhat.com> | 2017-03-28 16:15:08 +0100 |
|---|---|---|
| committer | Oliver Walsh <owalsh@redhat.com> | 2017-04-15 16:53:40 +0100 |
| commit | 0271a63e52b961eab0da2f5c6a61811a7a1498f7 (patch) | |
| tree | 58a07896ebf32056c7ca34ac1c5a10b42f718a32 | |
| parent | 7d3552a105ad5aa62cad0998c11df5ec6bd06ed6 (diff) | |
Add migration SSH tunneling support
This enables nova cold migration.
This also switches to SSH as the default transport for live-migration.
The tripleo-common mistral action that generates passwords supplies the
MigrationSshKey parameter that enables this.
The TCP transport is no longer used for live-migration and the firewall
port has been closed.
Change-Id: I4e55a987c93673796525988a2e4cc264a6b5c24f
Depends-On: I367757cbe8757d11943af7e41af620f9ce919a06
Depends-On: I9e7a1862911312ad942233ac8fc828f4e1be1dcf
Depends-On: Iac1763761c652bed637cb7cf85bc12347b5fe7ec
| -rw-r--r-- | puppet/services/nova-compute.yaml | 8 | ||||
| -rw-r--r-- | puppet/services/nova-libvirt.yaml | 1 | ||||
| -rw-r--r-- | releasenotes/notes/migration_over_ssh-003e2a92f5f5374d.yaml | 14 |
3 files changed, 22 insertions, 1 deletions
diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index d208bede..9057c71e 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -79,6 +79,13 @@ parameters: type: string description: Nova Compute upgrade level default: auto + MigrationSshKey: + type: json + description: > + SSH key for migration. + Expects a dictionary with keys 'public_key' and 'private_key'. + Values should be identical to SSH public/private key files. + default: {} resources: NovaBase: @@ -107,6 +114,7 @@ outputs: # we manage migration in nova common puppet profile nova::compute::libvirt::migration_support: false tripleo::profile::base::nova::manage_migration: true + tripleo::profile::base::nova::migration_ssh_key: {get_param: MigrationSshKey} tripleo::profile::base::nova::nova_compute_enabled: true nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml index faf1ae48..b297424e 100644 --- a/puppet/services/nova-libvirt.yaml +++ b/puppet/services/nova-libvirt.yaml @@ -66,7 +66,6 @@ outputs: tripleo.nova_libvirt.firewall_rules: '200 nova_libvirt': dport: - - 16509 - 16514 - '49152-49215' - '5900-5999' diff --git a/releasenotes/notes/migration_over_ssh-003e2a92f5f5374d.yaml b/releasenotes/notes/migration_over_ssh-003e2a92f5f5374d.yaml new file mode 100644 index 00000000..45ca9fe5 --- /dev/null +++ b/releasenotes/notes/migration_over_ssh-003e2a92f5f5374d.yaml @@ -0,0 +1,14 @@ +--- +features: + - | + Add support for cold migration over ssh. + + This enables nova cold migration. + + This also switches to SSH as the default transport for live-migration. + The tripleo-common mistral action that generates passwords supplies the + MigrationSshKey parameter that enables this. +deprecations: + - | + The TCP transport is no longer used for live-migration and the firewall + port has been closed. |