Ask Your Question

live migration using qemu+ssh fails

asked 2016-01-08 13:29:17 -0500

Hello all

We use the Juno distribution, ceph cluster for storage on RHEL 7. A basic nova live-migration works perfectly. I am trying to make it more secure. Using sasl doesn't seem to work, so am trying ssh tunneling.

I have configured libvirtd/kvm on the compute nodes to listen. From virsh the command below works perfectly. I am able to run:

$ virsh --connect qemu+ssh://nodenamex/system list

I have defined the following in the nova.conf on the compute nodes:


The live_migration_flag's are defined and we know work. The public keys are setup for root and nova. Have tried these settings for both root and nova users. Both users can login using public keys and have valid shells. When I try to nova live-migration command, I get the following error message in my nova-compute.log :

2016-01-07 14:12:12.982 ERROR nova.virt.libvirt.driver [-] [instance: xyz-xyz-zyz] Live Migration Failure: operation failed: Failed to connect to remove libvirt URI qemu+ssh://nova@nodexyz/system: Cannot recv data: Host key verification failed.: connection reset by peer

I am not sure where else to look. Any idea's and pointers would be welcomed. TIA

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2018-04-04 10:49:43 -0500

MikeMcDonough gravatar image

The first thing I see is that the host key is not in the /root/.ssh/known_hosts file. Manually, from the root account on each compute node, you will need to ssh to every other node once to answer the validate host prompt.

Also, you will need to create an ssh key, without passphrase, in the root account of each compute node and copy the public key to every other compute node in the /root/.ssh/authorized_keys file

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools



Asked: 2016-01-08 13:29:17 -0500

Seen: 1,534 times

Last updated: Jan 08 '16