yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

migrate: add insecure parameter

Browse Source 
This uses mtunnel's new -run-command parameter in
combination with the ssh-info's network cidr option to use
an unprotected TCP port.
This commit is contained in:
Wolfgang Bumiller
2017-05-30 15:30:08 +02:00
committed by Dietmar Maurer
parent 01f7e902e9
commit 7ba34faa6e
1 changed files with 23 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
PVE/Storage.pm
View File

@ -7,6 +7,7 @@ use Data::Dumper;
use POSIX;
use IO::Select;
use IO::File;
use IO::Socket::IP;
use File::Basename;
use File::Path;
use Cwd 'abs_path';
@ -525,7 +526,7 @@ sub abs_filesystem_path {
}
sub storage_migrate {
my ($cfg, $volid, $target_sshinfo, $target_storeid, $target_volname, $base_snapshot, $snapshot, $ratelimit_bps) = @_;
my ($cfg, $volid, $target_sshinfo, $target_storeid, $target_volname, $base_snapshot, $snapshot, $ratelimit_bps, $insecure) = @_;
my ($storeid, $volname) = parse_volume_id($volid);
$target_volname = $volname if !$target_volname;
@ -645,8 +646,16 @@ sub storage_migrate {
die "cannot migrate from storage type '$scfg->{type}' to '$tcfg->{type}'\n" if !@formats;
my $format = $formats[0];
my @insecurecmd;
if ($insecure) {
@insecurecmd = ('pvecm', 'mtunnel', '-run-command', 1);
if (my $network = $target_sshinfo->{network}) {
push @insecurecmd, '-migration_network', $network;
}
}
my $send = ['pvesm', 'export', $volid, $format, '-', '-snapshot', $snapshot, '-with-snapshots', '1'];
my $recv = [@$ssh, '--', 'pvesm', 'import', $volid, $format, '-', '-with-snapshots', '1'];
my $recv = [@$ssh, @insecurecmd, '--', 'pvesm', 'import', $volid, $format, '-', '-with-snapshots', '1'];
if ($migration_snapshot) {
push @$recv, '-delete-snapshot', $snapshot;
}
@ -659,7 +668,18 @@ sub storage_migrate {
volume_snapshot($cfg, $volid, $snapshot) if $migration_snapshot;
eval {
run_command([$send, @cstream, $recv]);
if ($insecure) {
my $pid = open(my $info, '-|', @$recv)
or die "receive command failed: $!\n";
my $ip = <$info> // die "no tunnel IP received\n";
my $port = <$info> // die "no tunnel port received\n";
chomp($ip, $port);
my $socket = IO::Socket::IP->new(PeerHost => $ip, PeerPort => $port, Type => SOCK_STREAM)
or die "failed to connect to tunnel at $ip:$port\n";
run_command([$send, @cstream], output => '>&'.fileno($socket));
} else {
run_command([$send, @cstream, $recv]);
}
};
my $err = $@;
warn "send/receive failed, cleaning up snapshot(s)..\n" if $err;