Running migcvm-agent on migcvm
- On the source and peer servers, add the migvm-cap=migvm parameter to the QEMU XML configuration file of the migvm cVM to enable the migvm migration function, and specify the VSOCK and CID for communication.
<qemu:commandline> <qemu:arg value='-object'/> <qemu:arg value='tmm-guest,id=tmm0,sve-vector-length=128,num-pmu-counters=1,migvm-cap=migvm'/> </qemu:commandline><vsock model='virtio'> <cid auto='no' address='8'/> </vsock>The CID address may be randomly allocated by the cloud management platform. Since the host kernel CID is 2, the platform allocates a CID greater than 2 to prevent conflicts between the VM CID and the system.
- After the configuration is complete, start the migvm VM by following instructions in Configuring cVMs.
- Download virtCCA_sdk, install it on the migvm, and obtain the RIM values of the source and peer servers. For details about how to obtain the RIM values, see the gen_rim_ref tool description in Enabling Remote Attestation.
- Pull the master branch code of the organization repository.
git clone https://atomgit.com/openeuler/virtCCA_sdk.git --depth 10
- Compile and install dependencies based on GitCode. (If QCBOR, t_cose, and libcbor already exist in the environment, skip this step.)
cd migcvm-agent/ git clone https://github.com/inclavare-containers/rats-tls.git cd rats-tls git reset --hard 40f7b78403d75d13b1a372c769b2600f62b02692 git apply ../../attestation/rats-tls/*.patch bash build.sh -s -r -c -v gcc cp -rf output/lib/rats-tls /usr/lib/ cp -rfL output/lib/rats-tls/librats_tls.so.0 /lib64/ cd - bash ./build.sh # Place the compilation product migcvm-agent to mig-cvm. cp build/migcvm-agent ${CVM_PATH}/home/ - Deploy the certificate in the directory where migcvm-agent is located. For details, see Enabling Remote Attestation.
- Pull the master branch code of the organization repository.
- Before the migration, perform remote attestation to ensure that the RIM values on the source and peer servers are the same.
- Log in to the source VM and verify the RIM value of the peer server.
virsh console migvm-src cd ${CVM_PATH}/home ./migcvm-agent -c <remote migcvm listening IP address> - Log in to the migvm VM on the peer server and verify the RIM value of the source server.
virsh console migvm-dst cd ${CVM_PATH}/home ./migcvm-agent -c <remote migcvm listening IP address>The -c option is not required if cvm-miguri has been set during the migration in Step 3 of section 4.11.3.
- Log in to the source VM and verify the RIM value of the peer server.
Parent topic: Enabling Live cVM Migration