Insecure migration settings
- Thread starter valeech
- Start date
is it working ?
I try with migration: type=insecure and it still use ssh.
if i put migration_unsecure: 1 instead it's working.
i have the last version of pve. ( 9.0.11)
Code:
migration: [type=]<secure|insecure> [,network=<CIDR>]
For cluster wide migration settings.
network=<CIDR>
CIDR of the (sub) network that is used for migration. Used as a fallback for replications jobs if the replication network setting is not set
type=<insecure | secure> (default = secure)
Migration traffic is encrypted using an SSH tunnel by default. On secure, completely private networks this can be disabled to increase performance.
migration_unsecure: <boolean>
Migration is secure using SSH tunnel by default. For secure private networks you can disable it to speed up migration. Deprecated, use the migration property instead!I try with migration: type=insecure and it still use ssh.
if i put migration_unsecure: 1 instead it's working.
i have the last version of pve. ( 9.0.11)
both set the same internal field.. please post your datacenter.cfg and the migration task log..
note that insecure migration will still use SSH for the control part, it will just transfer the migration data stream over plain TCP.
note that insecure migration will still use SSH for the control part, it will just transfer the migration data stream over plain TCP.
Well, the explanation is maybe here.
The ssh connection is only authorize on the vlan for the corosync between the 3 node.
We have an other vlan dedicated for the migration ( in order to control the bandwith ). But the ssh connection isn't allowed on this one.
We thought that with secure migration, obviously ssh is needed , but with insecure, no need to allowed it.
In the migration process in insecure mode, it doesnt use one network for ssh and the other one for the migration data ?