Uploaded image for project: 'CloudStack'
  1. CloudStack
  2. CLOUDSTACK-10333

Secure VM Live migration for KVM

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Reviewable
    • Major
    • Resolution: Unresolved
    • None
    • 4.12.0.0, 4.11.1.0
    • None
    • Security Level: Public (Anyone can view this level - this is the default.)
    • None

    Description

      With use of CA framework to secure hosts, the current mechanisms don't secure libvirtd to use those certificates (used by agent to connect to mgmt server). This causes insecure vm migration over tcp instead of tls. The aim is to use the same framework and certificates to secure live VM migration. This could be coupled with securing of a host and renewal/provisioning of certificates to host.

       

      FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Secure+Live+VM+Migration+for+KVM

      Attachments

        Activity

          People

            bhaisaab Rohit Yadav
            bhaisaab Rohit Yadav
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: