[pve-devel] qemu-server : spice seamless migration

Alexandre DERUMIER aderumier at odiso.com
Mon Jul 22 08:31:39 CEST 2013


>>I guess we need to subscript to the spice developer list and try to fix that upstream?
Already done ;)  I have send them a mail for ca= value.

I'll try to see if we can fix it by hacking the spicelib. (server side).
I think that the server send new values to the client, so maybe it's possible to send password and ca.

I will try that today.



----- Mail original ----- 

De: "Dietmar Maurer" <dietmar at proxmox.com> 
À: "Alexandre Derumier" <aderumier at odiso.com>, pve-devel at pve.proxmox.com 
Envoyé: Lundi 22 Juillet 2013 07:55:27 
Objet: RE: [pve-devel] qemu-server : spice seamless migration 

> - Fixme: 
> 
> 1)remote-viewer will resend same password to the targetvm, so we need to 
> set the last spice password when we start the target vm. 
> Is it safe to store on hosts the last spice password used ? 

No, I do not want to add such dirty hacks. 

Solution: fix remote-viewer 

> 2)with tls, ca= option seem to not be keep by the client. 
> workaround : cp pve-root-ca.pem to client .spicec/spice_truststore.pem. 
> 

Solution: fix remote-viewer 

> Maybe is is possible to send to the client the ca, and a new password ticket 
> 
> in spicelib, server/reds.c 
> 
> /* returns FALSE if info is invalid */ 
> static int reds_set_migration_dest_info(const char* dest, 
> int port, int secure_port, 
> const char* cert_subject) { 
> RedsMigSpice *spice_migration = NULL; 
> 
> reds_mig_release(); 
> if ((port == -1 && secure_port == -1) || !dest) { 
> return FALSE; 
> } 
> 
> spice_migration = spice_new0(RedsMigSpice, 1); 
> spice_migration->port = port; 
> spice_migration->sport = secure_port; 
> spice_migration->host = spice_strdup(dest); 
> if (cert_subject) { 
> spice_migration->cert_subject = spice_strdup(cert_subject); 
> } 
> 
> reds->mig_spice = spice_migration; 
> 
> return TRUE; 
> } 
> 

I guess we need to subscript to the spice developer list and try to fix that upstream? 


More information about the pve-devel mailing list