[pve-devel] qemu-server : spice seamless migration
Dietmar Maurer
dietmar at proxmox.com
Mon Jul 22 07:55:27 CEST 2013
> - Fixme:
>
> 1)remote-viewer will resend same password to the targetvm, so we need to
> set the last spice password when we start the target vm.
> Is it safe to store on hosts the last spice password used ?
No, I do not want to add such dirty hacks.
Solution: fix remote-viewer
> 2)with tls, ca= option seem to not be keep by the client.
> workaround : cp pve-root-ca.pem to client .spicec/spice_truststore.pem.
>
Solution: fix remote-viewer
> Maybe is is possible to send to the client the ca, and a new password ticket
>
> in spicelib, server/reds.c
>
> /* returns FALSE if info is invalid */
> static int reds_set_migration_dest_info(const char* dest,
> int port, int secure_port,
> const char* cert_subject) {
> RedsMigSpice *spice_migration = NULL;
>
> reds_mig_release();
> if ((port == -1 && secure_port == -1) || !dest) {
> return FALSE;
> }
>
> spice_migration = spice_new0(RedsMigSpice, 1);
> spice_migration->port = port;
> spice_migration->sport = secure_port;
> spice_migration->host = spice_strdup(dest);
> if (cert_subject) {
> spice_migration->cert_subject = spice_strdup(cert_subject);
> }
>
> reds->mig_spice = spice_migration;
>
> return TRUE;
> }
>
I guess we need to subscript to the spice developer list and try to fix that upstream?
More information about the pve-devel
mailing list