kvm: During migrate change the VNC listen address

The migrate method from libvirt supports passing down a different XML for running
the instance of the target hypervisor.

This enables the VNC to bind to the private IP Address of the hypervisor and during
migration this will be changed to the private IP address of the target host.

This way VNC doesn't listen world wide and is much safer.

docs/en-US/hypervisor-host-install-libvirt.xml

@@ -46,11 +46,6 @@
             <para>so it looks like:</para>
             <programlisting>libvirtd_opts="-d -l"</programlisting>
         </listitem>
-        <listitem>
-            <para>In order to have the VNC Console work we have to make sure it will bind on 0.0.0.0. We do this by editing <filename>/etc/libvirt/qemu.conf</filename></para>
-            <para>Make sure this parameter is set:</para>
-            <programlisting>vnc_listen = "0.0.0.0"</programlisting>
-        </listitem>
         <listitem>
             <para>Restart libvirt</para>
             <para>In RHEL or CentOS:</para>

plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java

@@ -2878,17 +2878,34 @@ private Answer execute(MigrateCommand cmd) {
         Connect dconn = null;
         Domain destDomain = null;
         Connect conn = null;
+        String xmlDesc = null;
         try {
             conn = LibvirtConnection.getConnectionByVmName(cmd.getVmName());
             ifaces = getInterfaces(conn, vmName);
-            dm = conn.domainLookupByName(vmName);
+            dm = conn.domainLookupByUUID(UUID.nameUUIDFromBytes(vmName
+                    .getBytes()));
+            /*
+                We replace the private IP address with the address of the destination host.
+                This is because the VNC listens on the private IP address of the hypervisor,
+                but that address is ofcourse different on the target host.
+
+                MigrateCommand.getDestinationIp() returns the private IP address of the target
+                hypervisor. So it's safe to use.
+
+                The Domain.migrate method from libvirt supports passing a different XML
+                description for the instance to be used on the target host.
+
+                This is supported by libvirt-java from version 0.50.0
+            */
+            xmlDesc = dm.getXMLDesc(0).replace(_privateIp, cmd.getDestinationIp());
+
             dconn = new Connect("qemu+tcp://" + cmd.getDestinationIp()
                     + "/system");
             /*
              * Hard code lm flags: VIR_MIGRATE_LIVE(1<<0) and
              * VIR_MIGRATE_PERSIST_DEST(1<<3)
              */
-            destDomain = dm.migrate(dconn, (1 << 0) | (1 << 3), vmName, "tcp:"
+            destDomain = dm.migrate(dconn, (1 << 0) | (1 << 3), xmlDesc, vmName, "tcp:"
                     + cmd.getDestinationIp(), _migrateSpeed);
         } catch (LibvirtException e) {
             s_logger.debug("Can't migrate domain: " + e.getMessage());
@@ -3441,7 +3458,7 @@ So if getMinSpeed() returns null we fall back to getSpeed().
 
          //add the VNC port passwd here, get the passwd from the vmInstance.
         String passwd = vmTO.getVncPassword();
-        GraphicDef grap = new GraphicDef("vnc", (short) 0, true, null, passwd,
+        GraphicDef grap = new GraphicDef("vnc", (short) 0, true, vmTO.getVncAddr(), passwd,
                 null);
         devices.addDevice(grap);
 

pom.xml

@@ -81,11 +81,11 @@
     <cs.reflections.version>0.9.8</cs.reflections.version>
     <cs.java-ipv6.version>0.10</cs.java-ipv6.version>
     <cs.replace.properties>build/replace.properties</cs.replace.properties>
-    <cs.libvirt-java.version>0.4.9</cs.libvirt-java.version>
+    <cs.libvirt-java.version>0.5.0</cs.libvirt-java.version>
     <cs.rados-java.version>0.1.3</cs.rados-java.version>
     <cs.target.dir>target</cs.target.dir>
     <cs.daemon.version>1.0.10</cs.daemon.version>
-    <cs.jna.version>3.0.9</cs.jna.version>
+    <cs.jna.version>4.0.0</cs.jna.version>
   </properties>
 
   <distributionManagement>