Force encrypted Live Migration thru Nova API
The main goal of this Blueprint is to allow users to force *encrypted* Live Migration (using libvirt tunneling) thru Nova API.
Currently, such functionality can only be accessed through manual configuration of libvirtd, as described in OpenStack Security Guide:
http://
with additional comments in the following OSSN:
https:/
(This tunneling of migration traffic does not apply to live block migration.)
For doing this it is required to add the ability to force encrypted live-migration thru Nova API. Changes in Nova API are required and to modify libvirt driver manager as follows.
See nova-spec review for details:
https:/
Note 1: I will be opening two other related blueprints, one for Horizon and another for python-novaclient for exposing this functionality in such user interfaces. - BP's Opened,
Note 2: I will be filling the new nova template and process for blueprints being reviewed thru Gerrit - Review on-going.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Cristian Fiorentino
- Direction:
- Needs approval
- Assignee:
- Cristian Fiorentino
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Propose Encrypted LiveMigration thru Nova API
Spec not approved yet, un-targeting blueprint from juno-1 --johnthetubaguy (28th May 2014)
Work Items
Dependency tree
* Blueprints in grey have been implemented.