HP Integrity Virtual Machines 4.3: Installation, Configuration, Administration

ManualsBrandsHP ManualsSoftwareHP-UX Virtual Partitions (vPars) Software

291

292

293

294

295

296

297

298

299

300

HPVM_OVMM_ENCRYPT_BY_DEFAULT variable to 0,

changes this default behavior.

-y

Requires encryption negotiation and sends guest memory

data with protection.

You can modify the default behavior by setting variables

in the /etc/rc.config.d/hpvmconf file using the

ch_rc command. The variable

HPVM_OVMM_ENCRYPT_BY_DEFAULT controls whether

any attempt at encryption negotiation is done. The default

setting of 1 attempts an encryption negotiation. The

variable HPVM_OVMM_ENCRYPT_ALGORITHM can be

changed from its default value of aes-128–cbc to aes-256–cbc

for sites with stronger security concerns.

If you do not specify either the -Y or the -y option, and

you set the HPVM_OVMM_ENCRYPT_BY DEFAULT variable

to its default setting of 1, the target-host-alisas-or-IP-addr

name given to the -h option for an online migration is

examined to see whether it matches the private network

convention for guest migration. If the name given ends in

—hpvm-migr, or if such a name was chosen because of

finding a match in the /etc/hosts file, encryption is

suppressed for the private network. The default is to

encrypt guest data for all other connections. Explicit use

of the -Y or -y option, as well as changing the

HPVM_OVMM_ENCRYPT_BY_DEFAULT variable to 0,

changes this default behavior.

RETURN VALUES

The hpvmmigrate command exits with one of the following values:

0: Successful completion.

1: One or more error conditions

occurred.

2: One or more operational failures

occurred.

DIAGNOSTICS

The hpvmmigrate command displays error messages on stderr for any of the following

conditions:

• An invalid option is specified.

• An invalid value is specified for an option.

• A value is omitted for an argument that requires one, or a value is supplied for an argument

that does not take one.

• The source-vm-name or source-vm-number attribute does not exist, cannot be accessed,

is not a virtual machine, or is corrupt.

• SSH does not seem to be properly configured between the source and the target VM Hosts.

• The hpvmmigrate command and Integrity Virtual Machines are at different revision levels.

• The virtual machine already exists on the target VM Host and is Runnable, or the virtual

machine name exists on the target but the configuration has a different UUID.

• The guest is running, and online migration is not being used. Or, the virtual machine is not

running, and online migration is attempted.

291