docs: migration: Add a mention of VIR_MIGRATE_TLS and its enforcement for qemu

Mention the flag to enable TLS and also the knob to enforce it in the
qemu hypervisor driver.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/docs/migration.html.in b/docs/migration.html.in
index c3c64fb51f58340f6845ae421f595eff49fd9825..b080e3a7f591c36d551c73e4e7f3e05ecb9ba925 100644 (file)
--- a/docs/migration.html.in
+++ b/docs/migration.html.in
@@ -31,6 +31,14 @@
       of ports on the firewall to allow multiple concurrent migration operations.
     </p>
 
+    <p>
+      Modern hypervisors support TLS for encryption and authentication of the
+      migration connections which can be enabled using the
+      <code>VIR_MIGRATE_TLS</code> flag. The <em>qemu</em> hypervisor driver
+      allows users to force use of TLS via the <code>migrate_tls_force</code>
+      knob configured in <code>/etc/libvirt/qemu.conf</code>.
+    </p>
+
     <p>
       <img class="diagram" src="migration-native.png" alt="Migration native path"/>
     </p>