In this post I going to configure the compute nodes to enable the instance live migration on kvm instances backed with CEPH. In my set-up cinder volumes and the nova instances ephimeral disks are backed with CEPH so all the compute nodes can see all the storage.<\/p>\n
Assuming that cinder and nova is correctly integrated with CEPH we have to follow these steps to set up live migration:<\/p>\n
In libvirt-bin service configuration file we have to enable -l flag to libvirt-bin service args so it listen through tcp socket. In libvirtd configuration, set the options needed to listen on tcp: Because we are setting no auth for tcp connection you should take other actions for your production environment to ensure only certain servers are allowed to connect to this port, for example using iptables.<\/p>\n Configure qemu user and group with root. Once the changes are made restart the libvirt-bin service:<\/p>\n Check if libvirt-bin is listening on tcp port 16509<\/p>\n Set the needed flags in libvirt for live migration: Assuming that the compute nodes have different hardware you have to set up a common cpu model in nova.conf configuration file. You can set kvm64, the most compatible mode across Intel and AMD platforms or if you have intel cpus, like me, you can set SandyBridge. In any case, the mode you selected must be supported in all compute nodes.<\/p>\n \/etc\/nova\/nova.conf<\/strong><\/p>\n You can see all the cpu modes that kvm support with:<\/p>\n After these changes, if you see a message like this:<\/p>\n
\n\/etc\/default\/libvirt-bin<\/strong><\/p>\n# Defaults for libvirt-bin initscript (\/etc\/init.d\/libvirt-bin)\r\n# This is a POSIX shell fragment\r\n\r\n# Start libvirtd to handle qemu\/kvm:\r\nstart_libvirtd="yes"\r\n\r\n# options passed to libvirtd, add "-l" to listen on tcp\r\nlibvirtd_opts="-d -l"\r\n<\/pre>\n
\n\/etc\/libvirt\/libvirtd.conf<\/strong><\/p>\n# Flag listening for secure TLS connections on the public TCP\/IP port.\r\nlisten_tls = 0\r\n# Listen for unencrypted TCP connections on the public TCP\/IP port.\r\nlisten_tcp = 1\r\ntcp_port = "16509"\r\n# Override the default configuration which binds to all network\r\n# interfaces. This can be a numeric IPv4\/6 address, or hostname\r\nlisten_addr = "172.17.16.117"\r\n# Authentication.\r\n#\r\n# - none: do not perform auth checks. If you can connect to the\r\n# socket you are allowed. This is suitable if there are\r\n# restrictions on connecting to the socket (eg, UNIX\r\n# socket permissions), or if there is a lower layer in\r\n# the network providing auth (eg, TLS\/x509 certilos resultadosficates)\r\nauth_unix_ro = "none"\r\nauth_unix_rw = "none"\r\nauth_tcp = "none"\r\n<\/pre>\n
\n\/etc\/libvirt\/qemu.conf<\/strong><\/p>\n# The user for QEMU processes run by the system instance. It can be\r\n# specified as a user name or as a user id. The qemu driver will try to\r\n# parse this value first as a name and then, if the name doesn't exist,\r\n# as a user id.\r\nuser = "root"\r\n# The group for QEMU processes run by the system instance. It can be\r\n# specified in a similar way to user.\r\ngroup = "root"\r\n# Whether libvirt should dynamically change file ownership\r\n# to match the configured user\/group above. Defaults to 1.\r\n# Set to 0 to disable file ownership changes.\r\ndynamic_ownership = 0\r\n<\/pre>\n
\r\n$ sudo service libvirt-bin restart\r\nlibvirt-bin stop\/waiting\r\nlibvirt-bin start\/running, process 21411\r\n<\/pre>\n
\r\n$ sudo netstat -npta | grep 16509 \r\ntcp 0 0 172.17.16.117:16509 0.0.0.0:* LISTEN 21411\/libvirtd \r\n<\/pre>\n
\n\/etc\/nova\/nova.conf<\/strong><\/p>\n[libvirt]\r\n[..]\r\nlive_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_TUNNELLED\r\nlive_migration_uri=qemu+tcp:\/\/%s\/system\r\n<\/pre>\n
[libvirt]\r\n[..]\r\ntype = qemu\r\ncpu_mode=custom\r\ncpu_model=kvm64\r\n<\/pre>\n
[libvirt]\r\n[..]\r\ntype = qemu\r\ncpu_mode=custom\r\ncpu_model=SandyBridge\r\n<\/pre>\n
\r\n$ \/usr\/bin\/qemu-system-x86_64 -cpu help\r\nx86 qemu64 QEMU Virtual CPU version 2.0.0 \r\nx86 phenom AMD Phenom(tm) 9550 Quad-Core Processor \r\nx86 core2duo Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz \r\nx86 kvm64 Common KVM processor \r\nx86 qemu32 QEMU Virtual CPU version 2.0.0 \r\nx86 kvm32 Common 32-bit KVM processor \r\nx86 coreduo Genuine Intel(R) CPU T2600 @ 2.16GHz \r\nx86 486 \r\nx86 pentium \r\nx86 pentium2 \r\nx86 pentium3 \r\nx86 athlon QEMU Virtual CPU version 2.0.0 \r\nx86 n270 Intel(R) Atom(TM) CPU N270 @ 1.60GHz \r\nx86 Conroe Intel Celeron_4x0 (Conroe\/Merom Class Core 2) \r\nx86 Penryn Intel Core 2 Duo P9xxx (Penryn Class Core 2) \r\nx86 Nehalem Intel Core i7 9xx (Nehalem Class Core i7) \r\nx86 Westmere Westmere E56xx\/L56xx\/X56xx (Nehalem-C) \r\nx86 SandyBridge Intel Xeon E312xx (Sandy Bridge) \r\nx86 Haswell Intel Core Processor (Haswell) \r\nx86 Opteron_G1 AMD Opteron 240 (Gen 1 Class Opteron) \r\nx86 Opteron_G2 AMD Opteron 22xx (Gen 2 Class Opteron) \r\nx86 Opteron_G3 AMD Opteron 23xx (Gen 3 Class Opteron) \r\nx86 Opteron_G4 AMD Opteron 62xx class CPU \r\nx86 Opteron_G5 AMD Opteron 63xx class CPU \r\nx86 host KVM processor with all supported host features (only available in KVM mode)\r\n<\/pre>\n
\r\n$ sudo nova live-migration 6fba9cbe-66e2-484d-ba90-18ad519865ff host3\r\nERROR (BadRequest): Unacceptable CPU info: CPU doesn't have compatibility.\r\n<\/pre>\n