cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-10333) Secure VM Live migration for KVM
Date Wed, 18 Apr 2018 14:46:00 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-10333?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16442618#comment-16442618
] 

ASF GitHub Bot commented on CLOUDSTACK-10333:
---------------------------------------------

blueorangutan commented on issue #2505: WIP CLOUDSTACK-10333: Secure Live VM Migration for
KVM
URL: https://github.com/apache/cloudstack/pull/2505#issuecomment-382412378
 
 
   <b>Trillian test result (tid-2514)</b>
   Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
   Total time taken: 107105 seconds
   Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2505-t2514-kvm-centos7.zip
   Intermitten failure detected: /marvin/tests/smoke/test_public_ip_range.py
   Intermitten failure detected: /marvin/tests/smoke/test_routers.py
   Intermitten failure detected: /marvin/tests/smoke/test_templates.py
   Intermitten failure detected: /marvin/tests/smoke/test_usage.py
   Intermitten failure detected: /marvin/tests/smoke/test_volumes.py
   Intermitten failure detected: /marvin/tests/smoke/test_hostha_kvm.py
   Smoke tests completed. 62 look OK, 5 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   test_04_restart_network_wo_cleanup | `Failure` | 2.96 | test_routers.py
   test_04_extract_template | `Failure` | 128.34 | test_templates.py
   ContextSuite context=TestISOUsage>:setup | `Error` | 0.00 | test_usage.py
   test_06_download_detached_volume | `Failure` | 137.61 | test_volumes.py
   test_hostha_enable_ha_when_host_in_maintenance | `Error` | 2.48 | test_hostha_kvm.py
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Secure VM Live migration for KVM
> --------------------------------
>
>                 Key: CLOUDSTACK-10333
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10333
>             Project: CloudStack
>          Issue Type: Improvement
>      Security Level: Public(Anyone can view this level - this is the default.) 
>            Reporter: Rohit Yadav
>            Assignee: Rohit Yadav
>            Priority: Major
>             Fix For: 4.12.0.0, 4.11.1.0
>
>
> With use of CA framework to secure hosts, the current mechanisms don't secure libvirtd
to use those certificates (used by agent to connect to mgmt server). This causes insecure
vm migration over tcp instead of tls. The aim is to use the same framework and certificates
to secure live VM migration. This could be coupled with securing of a host and renewal/provisioning
of certificates to host.
>  
> FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Secure+Live+VM+Migration+for+KVM



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message