Skip to content

Release v0.3.11

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 21 Jun 16:52
v0.3.11
76827d9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

VirtRigaud v0.3.11 — storage-agnostic cross-hypervisor VM migration 🎉

A major milestone: VirtRigaud can now migrate a VM's disk between any two of its three hypervisors — vSphere, Libvirt/KVM, and Proxmox VE — in either direction, over either of two storage-agnostic staging backends (S3 and NFS). The disk never traverses a CSI PVC; the source exports its native format and the target converts on import (ADR-0006).

This release adds the NFS staging backend and brings Proxmox VE in as a first-class migration participant (both completing the any-direction matrix), on top of the existing S3 path.

✨ Highlights

  • NFS migration backend (ADR-0006 Slice 4) — stage on an NFS export and move with qemu-img's native transport, no PVC and no provider-pod relay. libvirt (host-side) and vSphere (pod-side) use qemu-img's nfs:// libnfs driver; Proxmox kernel-mounts the export (its pve-qemu ships no libnfs). Lab-validated across all three providers, both directions. (#269#278)
  • Proxmox VE cross-hypervisor migration — Proxmox joins as a full migration source and target over S3 (#259) and NFS (#273, #277), advertising s3 + nfs.
  • Proxmox parity epic (#261) — Delete stops+purges, VMClass CPU/memory honored on Create/Reconfigure/Clone, graceful-shutdown timeout + node discovery, collision-free VMIDs via /cluster/nextid, real disk size/format reporting, relay-only transfer enforcement.

🔒 Security

  • Migration-storage host allowlist (ADR-0006 C3, #269) — closes a live S3-endpoint SSRF: the tenant-controlled S3 endpoint / NFS server is now validated before use. Loopback, link-local, and cloud-metadata (169.254.169.254) targets are always rejected; an operator allowlist is configurable via the new manager flag --migration-storage-allowed-hosts. RFC-1918 is permitted by default.
  • Libvirt SSH key dir is memory-backed (#250) and SSH private-key auth works end-to-end (#249).

🐛 Fixes & hardening

  • vSphere Reconfigure honors VMClass CPU/memory — fixed wrong JSON keys that silently dropped the resize (#268).
  • libvirt: drop the hard-coded emulator (let libvirt resolve it) (#254); lighten connection validation to avoid a gRPC deadline (#256).
  • Migration-controller hardening + regression coverage for the migration-PVC mount lifecycle (#252).

📊 Chart / observability

  • The chart now renders the observability templatesServiceMonitor, PrometheusRule, and the Grafana dashboard (#251).

⬆️ Upgrade & operator notes

  • NFS migrations require spec.storage.nfs.uid / gid set to the uid/gid that owns the export — AUTH_SYS authorizes by the presented numeric id and each provider's qemu-img runs as a different identity. Omitting them typically fails with NFS3ERR_ACCES. See examples/vmmigration-nfs.yaml.
  • Harden the NFS export (ADR-0006 C6): root_squash on, one export per tenant, narrow client ACLs. AUTH_SYS/NFSv3 is cleartext with no Kerberos — run it on a trusted migration network.
  • The vSphere provider image now bundles qemu-block-extra (libnfs). The Proxmox node-side NFS path needs nfs-common + setpriv (standard on PVE) and SSH access to the node.
  • To use a non-RFC-1918 staging endpoint, set --migration-storage-allowed-hosts on the manager.

✅ Validation

Driven GREEN end-to-end against a real NFS server (OpenMediaVault): libvirt↔libvirt, libvirt→vSphere, vSphere→libvirt, libvirt→Proxmox, Proxmox→libvirt — plus the previously-validated S3 matrix across all three providers (ADR-0006 Slices 1–4).

📦 Install

helm repo add virtrigaud https://projectbeskar.github.io/virtrigaud
helm repo update
helm install virtrigaud virtrigaud/virtrigaud --version 0.3.11 \
  --namespace virtrigaud-system --create-namespace

Full changelog: v0.3.10...v0.3.11

Assets 34
Loading