diff --git a/nova/conf/libvirt.py b/nova/conf/libvirt.py index 59b8e426d7cc..fd8d13fa6934 100644 --- a/nova/conf/libvirt.py +++ b/nova/conf/libvirt.py @@ -105,6 +105,7 @@ libvirt_general_opts = [ 'block_migration_flag will be removed to ' 'avoid potential misconfiguration.'), cfg.BoolOpt('live_migration_tunnelled', + default=False, help='Whether to use tunnelled migration, where migration ' 'data is transported over the libvirtd connection. If ' 'True, we use the VIR_MIGRATE_TUNNELLED migration flag, ' diff --git a/nova/tests/unit/virt/libvirt/test_driver.py b/nova/tests/unit/virt/libvirt/test_driver.py index e6c80dc67872..8b19e15a8bcf 100644 --- a/nova/tests/unit/virt/libvirt/test_driver.py +++ b/nova/tests/unit/virt/libvirt/test_driver.py @@ -1044,8 +1044,7 @@ class LibvirtConnTestCase(test.NoDBTestCase): 'VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED'), lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | - libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED)) + libvirt_driver.libvirt.VIR_MIGRATE_LIVE)) def test_parse_live_migration_flags(self): self._do_test_parse_migration_flags( @@ -1063,7 +1062,6 @@ class LibvirtConnTestCase(test.NoDBTestCase): bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC)) def test_parse_block_migration_flags(self): @@ -1083,15 +1081,13 @@ class LibvirtConnTestCase(test.NoDBTestCase): 'VIR_MIGRATE_FOO_BAR'), lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | - libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED), + libvirt_driver.libvirt.VIR_MIGRATE_LIVE), bm_config=('VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, ' 'VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED, ' 'VIR_MIGRATE_NON_SHARED_INC, VIR_MIGRATE_FOO_BAR'), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC)) msg = mock_log.warning.call_args_list[0] @@ -1117,12 +1113,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): 'VIR_MIGRATE_TUNNELLED'), lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | - libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED), + libvirt_driver.libvirt.VIR_MIGRATE_LIVE), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC)) msg = mock_log.warning.call_args_list[0] @@ -1142,12 +1136,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): 'VIR_MIGRATE_NON_SHARED_INC'), lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | - libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED), + libvirt_driver.libvirt.VIR_MIGRATE_LIVE), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC)) msg = mock_log.warning.call_args_list[0] @@ -1170,11 +1162,9 @@ class LibvirtConnTestCase(test.NoDBTestCase): 'VIR_MIGRATE_TUNNELLED, ' 'VIR_MIGRATE_NON_SHARED_INC'), lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | - libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED), + libvirt_driver.libvirt.VIR_MIGRATE_LIVE), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC)) msg = mock_log.warning.call_args_list[0] @@ -1196,12 +1186,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): 'VIR_MIGRATE_NON_SHARED_INC'), lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | - libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED), + libvirt_driver.libvirt.VIR_MIGRATE_LIVE), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC)) msg = mock_log.warning.call_args_list[0] @@ -1276,12 +1264,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_POSTCOPY), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC | libvirt_driver.libvirt.VIR_MIGRATE_POSTCOPY)) @@ -1301,12 +1287,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_AUTO_CONVERGE), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC | libvirt_driver.libvirt.VIR_MIGRATE_AUTO_CONVERGE)) @@ -1328,12 +1312,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_POSTCOPY), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC | libvirt_driver.libvirt.VIR_MIGRATE_POSTCOPY)) @@ -1363,12 +1345,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_AUTO_CONVERGE), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC | libvirt_driver.libvirt.VIR_MIGRATE_AUTO_CONVERGE)) @@ -1388,12 +1368,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): 'VIR_MIGRATE_NON_SHARED_INC'), lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | - libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED), + libvirt_driver.libvirt.VIR_MIGRATE_LIVE), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC)) @mock.patch.object(host.Host, 'has_min_version', return_value=False) @@ -1411,12 +1389,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): 'VIR_MIGRATE_NON_SHARED_INC'), lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | - libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED), + libvirt_driver.libvirt.VIR_MIGRATE_LIVE), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC)) def test_live_migration_permit_postcopy_false(self): @@ -1432,12 +1408,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): 'VIR_MIGRATE_NON_SHARED_INC'), lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | - libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED), + libvirt_driver.libvirt.VIR_MIGRATE_LIVE), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC)) def test_live_migration_permit_autoconverge_false(self): @@ -1453,12 +1427,10 @@ class LibvirtConnTestCase(test.NoDBTestCase): 'VIR_MIGRATE_NON_SHARED_INC'), lm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | - libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED), + libvirt_driver.libvirt.VIR_MIGRATE_LIVE), bm_expected=(libvirt_driver.libvirt.VIR_MIGRATE_UNDEFINE_SOURCE | libvirt_driver.libvirt.VIR_MIGRATE_PEER2PEER | libvirt_driver.libvirt.VIR_MIGRATE_LIVE | - libvirt_driver.libvirt.VIR_MIGRATE_TUNNELLED | libvirt_driver.libvirt.VIR_MIGRATE_NON_SHARED_INC)) @mock.patch('nova.utils.get_image_from_system_metadata') diff --git a/releasenotes/notes/libvirt-change-default-value-of-live-migration-tunnelled-4248cf76df605fdf.yaml b/releasenotes/notes/libvirt-change-default-value-of-live-migration-tunnelled-4248cf76df605fdf.yaml new file mode 100644 index 000000000000..d21830cfca51 --- /dev/null +++ b/releasenotes/notes/libvirt-change-default-value-of-live-migration-tunnelled-4248cf76df605fdf.yaml @@ -0,0 +1,8 @@ +--- +upgrade: + - Default value of live_migration_tunnelled config option in + libvirt section has been changed to False. After upgrading + nova to Newton all live migrations will be non-tunnelled + unless live_migration_tunnelled is explicitly set to True. + It means that, by default, the migration traffic will not + go through libvirt and therefore will no longer be encrypted.