When patching KVM hosts, our preferred way is to live migrate the VMs to
another host temporarily.
I see that the fix for squeeze needed some backporting work. In
particular, it introduces a no_hotplug property.
I wonder if there are precautions to consider in this case. Live
migration looks fine both ways: start a VM on unpatched host and migrate
to patched host, and also the other way round. (Tried with just one VM.)
Is there still a security hole through a migrated (from unpatched to
patched host) VM? Is it necessary to stop and start the VMs?
Cheers
Harry
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
