summaryrefslogtreecommitdiff
path: root/doc/source/admin/secure-live-migration-with-qemu-native-tls.rst
diff options
context:
space:
mode:
Diffstat (limited to 'doc/source/admin/secure-live-migration-with-qemu-native-tls.rst')
-rw-r--r--doc/source/admin/secure-live-migration-with-qemu-native-tls.rst11
1 files changed, 10 insertions, 1 deletions
diff --git a/doc/source/admin/secure-live-migration-with-qemu-native-tls.rst b/doc/source/admin/secure-live-migration-with-qemu-native-tls.rst
index 012d78e93b..fb76f656af 100644
--- a/doc/source/admin/secure-live-migration-with-qemu-native-tls.rst
+++ b/doc/source/admin/secure-live-migration-with-qemu-native-tls.rst
@@ -120,10 +120,13 @@ Performing the migration
(1) On all relevant compute nodes, enable the
:oslo.config:option:`libvirt.live_migration_with_native_tls`
- configuration attribute::
+ configuration attribute and set the
+ :oslo.config:option:`libvirt.live_migration_scheme`
+ configuration attribute to tls::
[libvirt]
live_migration_with_native_tls = true
+ live_migration_scheme = tls
.. note::
Setting both
@@ -131,6 +134,12 @@ Performing the migration
:oslo.config:option:`libvirt.live_migration_tunnelled` at the
same time is invalid (and disallowed).
+ .. note::
+ Not setting
+ :oslo.config:option:`libvirt.live_migration_scheme` to ``tls``
+ will result in libvirt using the unencrypted TCP connection
+ without displaying any error or a warning in the logs.
+
And restart the ``nova-compute`` service::
$ systemctl restart openstack-nova-compute
View Lorry Controller Status