nova/releasenotes at 78be7de1e5f8798ddd2a19cc69ad74309fcfae6c - nova

History

Kashyap Chamarthy 14071dfb11 libvirt: Deprecate `live_migration_tunnelled` We are well above the required MIN_LIBVIRT_VERSION and MIN_QEMU_VERSION (4.4.0 and 2.11.0, respectively) to get QEMU-native TLS[1] support by default. So we can now deprecate (and later remove) the support for "tunnelled live migration", which has two inherent limitations: (a) it cannot handle live migration of disks in a non-shared storage setup (a.k.a. "block migration"); and (b) it has a huge performance overhead and latency, because it burns more CPU and memory bandwidth due to increased number of data copies, on both source and destination hosts. Both the above limitations are addressed by the QEMU-native TLS support `live_migration_with_native_tls`, which is the recommended approach for securing all live migration streams (guest RAM, device state, and disks). [1] https://docs.openstack.org/nova/latest/admin/secure-live-migration-with-qemu-native-tls.html Change-Id: I34fd5a4788a2ad4380d9a57b84512fa94a6f9c37 Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>	2021-03-16 16:50:32 +01:00
..
notes	libvirt: Deprecate `live_migration_tunnelled`	2021-03-16 16:50:32 +01:00
source	Update master for stable/victoria	2020-09-25 08:40:38 +00:00

Kashyap Chamarthy 14071dfb11 libvirt: Deprecate `live_migration_tunnelled`

We are well above the required MIN_LIBVIRT_VERSION and MIN_QEMU_VERSION
(4.4.0 and 2.11.0, respectively) to get QEMU-native TLS[1] support by
default.

So we can now deprecate (and later remove) the support for "tunnelled
live migration", which has two inherent limitations: (a) it cannot
handle live migration of disks in a non-shared storage setup (a.k.a.
"block migration"); and (b) it has a huge performance overhead and
latency, because it burns more CPU and memory bandwidth due to increased
number of data copies, on both source and destination hosts.

Both the above limitations are addressed by the QEMU-native TLS support
`live_migration_with_native_tls`, which is the recommended approach for
securing all live migration streams (guest RAM, device state, and
disks).

[1] https://docs.openstack.org/nova/latest/admin/secure-live-migration-with-qemu-native-tls.html

Change-Id: I34fd5a4788a2ad4380d9a57b84512fa94a6f9c37
Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>

2021-03-16 16:50:32 +01:00

notes

libvirt: Deprecate `live_migration_tunnelled`

2021-03-16 16:50:32 +01:00

source

Update master for stable/victoria

2020-09-25 08:40:38 +00:00