61f122637b
Given the impact of libvirt tunnelling mechanism this patch changes default value of live_migration_tunnelled to False. There are few reasons to do that: * Internal libvirt mechanisms increases number of memory copies and it is just a single-threaded encryption mechanism. Because of that transfer between source and destination is around 2Gb/s on a 10Gb network. Given how fast memory is it effectively prevents live migrations from finishing without entering post-copy mode. Most operators are turning tunnelling off to increase convergence without using such hammers like post-copy or pausing an instance during live migration. * It also has some limitations, e.g., selective disk migration does not work when tunnelling is enabled, which means that by default it is not possible to block live migrate image-backed VMs with additional volumes atteched * Default value of live_migration_tunnelled - None - supposed to choose the best option for encrypting live migration basing on e.g., availability of native encryption in hypervisor. However, this will only solve problems with LM limitations when libvirt tunnelling is in use. Poor performance will still be an issue. Change-Id: I0323e8bb2ded938522c15b220b84ddfc606e1c97
9 lines
391 B
YAML
9 lines
391 B
YAML
---
|
|
upgrade:
|
|
- Default value of live_migration_tunnelled config option in
|
|
libvirt section has been changed to False. After upgrading
|
|
nova to Newton all live migrations will be non-tunnelled
|
|
unless live_migration_tunnelled is explicitly set to True.
|
|
It means that, by default, the migration traffic will not
|
|
go through libvirt and therefore will no longer be encrypted.
|