16 lines
670 B
YAML
16 lines
670 B
YAML
![]() |
---
|
||
|
features:
|
||
|
- |
|
||
|
The libvirt driver now supports "QEMU-native TLS" transport for live
|
||
|
migration. This will provide encryption for all migration streams,
|
||
|
namely: guest RAM, device state and disks on a non-shared setup that are
|
||
|
transported over NBD (Network Block Device), also called as "block
|
||
|
migration".
|
||
|
|
||
|
This can be configured via a new configuration attribute
|
||
|
``[libvirt]/live_migration_with_native_tls``. Refer to its
|
||
|
documentation in ``nova.conf`` for usage details. Note that this is
|
||
|
the preferred the way to secure all migration streams in an
|
||
|
OpenStack network, instead of
|
||
|
``[libvirt]/live_migration_tunnelled``.
|