Enable libvirt daemon to listen for remote connections

Enable the libvirt daemon to listen for remote connections. This enables the live migration of instances between nodes in a microstack cluster. Note, this is using TCP based connections and not secured TLS based connections. That work should be done as part of enabling TLS everywhere. Closes-Bug: #1925707 Change-Id: If00d825c52c2d0dd12bc652ba26f67160dc7a6c5
2021-04-27 12:39:12 -07:00 · 2021-04-27 12:39:12 -07:00 · 6bb7c63cd1
parent 0d7785f233
commit 6bb7c63cd1
3 changed files with 27 additions and 11 deletions
--- a/snap-overlay/templates/libvirtd.conf.j2
+++ b/snap-overlay/templates/libvirtd.conf.j2
@ -19,7 +19,7 @@
 # using this capability.
 #
 # This is enabled by default, uncomment this to disable it
-#listen_tls = 0
+listen_tls = 0

 # Listen for unencrypted TCP connections on the public TCP/IP port.
 # NB, must pass the --listen flag to the libvirtd process for this to
@ -30,7 +30,7 @@
 # DIGEST_MD5 and GSSAPI (Kerberos5)
 #
 # This is disabled by default, uncomment this to enable it.
-#listen_tcp = 1
+listen_tcp = 1



@ -42,7 +42,7 @@
 # Override the port for accepting insecure TCP connections
 # This can be a port number, or service name
 #
-#tcp_port = "16509"
+tcp_port = "16509"


 # Override the default configuration which binds to all network
--- a/snapcraft.yaml
+++ b/snapcraft.yaml
@ -409,7 +409,7 @@ apps:

  # Libvirt/Qemu
  libvirtd:
-    command: usr/sbin/libvirtd --pid $SNAP_DATA/libvirt.pid
+    command: usr/sbin/libvirtd --pid $SNAP_DATA/libvirt.pid --listen
    daemon: simple
    plugs:
      - network
@ -686,6 +686,7 @@ parts:
      - libsystemd0
      - petname
      - python3
+      - openssh-client
      - spice-html5
      - sg3-utils
      # LIO userspace dependencies
--- a/tests/test_cluster.py
+++ b/tests/test_cluster.py
@ -128,15 +128,13 @@ class TestCluster(Framework):

        # Ping the instance
        ip = None
-        servers = compute_host.check_output([
+        server = compute_host.check_output([
            openstack_cmd,
-            'server', 'list', '--format', 'json'
+            'server', 'show', instance_name, '--format', 'json'
        ]).decode('utf-8')
-        servers = json.loads(servers)
-        for server in servers:
-            if server['Name'] == instance_name:
-                ip = server['Networks'].split(",")[1].strip()
-                break
+        server = json.loads(server)
+        ip = server['addresses'].split(",")[1].strip()
+        start_hypervisor = server['OS-EXT-SRV-ATTR:hypervisor_hostname']

        self.assertTrue(ip)

@ -148,6 +146,23 @@ class TestCluster(Framework):

        wait_ping()

+        # Test live migration of the instance
+        compute_host.check_call([
+            openstack_cmd,
+            'server', 'migrate', '--live-migration', '--block-migration',
+            '--wait', instance_name
+        ])
+        server = compute_host.check_output([
+            openstack_cmd,
+            'server', 'show', instance_name, '--format', 'json'
+        ]).decode('utf-8')
+        server = json.loads(server)
+        end_hypervisor = server['OS-EXT-SRV-ATTR:hypervisor_hostname']
+
+        self.assertNotEqual(start_hypervisor, end_hypervisor,
+                            "Failed migration test. Start hypervisor is the "
+                            "same as end hypervisor")
+
        self.passed = True