What is Live Migration?
You are performing Live Migration when you migrate virtual machines from one host to another without powering off the VM. This is especially useful for system administrators when they need to quickly restore operations for critical VMs or when they want to run a maintenance check/update for some VM without downtime for the users.
Load balancing is another benefit of Live Migration, where the load is distributed across different nodes to optimize CPU resource utilization.
Hyper-V Live Migration Types
There are different types of Live Migration in Hyper-V over the years. Initially, migration was possible only among nodes that are part of a Hyper-V Failover Cluster. But after Windows 2012, there are possibilities of migration without failover.
- Quick Migration
- Live Migration
- Quick Storage Migration
- Storage Live Migration
- Shared-Nothing Live Migration
- Hyper-V Replica
The first two technologies involve a failover cluster- a group of servers clustered together to immediately balance loads or migrate VMs to avoid downtime. The difference between Quick/Live Migration and Storage Migration is that in the former, the virtual machines are migrated from one host to another while in the latter the virtual machine’s storage is migrated across hosts.
This blog talks about migrating the virtual machines running on one server to another without Failover Cluster using Windows 2016 server Distributed File System (DFS). This is a part of the Shared-Nothing Live Migration method of migration.
This migration exercise involves two Windows server 2016 hosts, named – NODE1 and NODE2.
Each node has 2 VMs – Windows 10 and Windows Server 2016.
We are going to migrate a Windows 10 VM from NODE2 to NODE1 (DFS Configured).
Setup Hosts for Live Migration
Requirements for Hyper-V Live Migration without Failover clustering
- This Live Migration is possible between the hosts only if they run on OS’s Windows Server 2012 R2 or Windows Server 2016
- Virtual Machines (VMs) running on the host must be with Version 5 or higher
- Both the source and destination servers must be located in the same Active Directory Domain or trusted domains
- Source and Destination Hyper-V hosts must be connected by a reliable network
- Hyper-V management tools must be installed on Windows Server 2016 or Windows 10
Considerations for Live Migration
CredSSP and Kerberos authentication protocols are available in Hyper-V for live migration of VMs.
If we enable CredSSP authentication protocol, it avoids configuring constrained delegation, but it is required to sign in the source server. Server sign-in can be done through a console session or a remote desktop session or remote Windows PowerShell session. If you do not login to the source server you will get the error ‘authentication attempt failed’.
Enabling Kerberos authentication protocol avoids signing into the server, but requires constrained delegation (KCD) set up. With constrained delegation, the services are restricted for access by the server on behalf of the user.
Performance option helps you reduce the Network and CPU usage, which obviously will make the Virtual Machine live migration process faster. Before configuring the performance options consider your requirements and infrastructure, based on which you can test different configurations for better results.
The Live Migration data is not encrypted while it is transferred over a network. Hence, while performing Live Migration, it is recommended to isolate the migration traffic on a private network or trusted network. This is to increase security when Live Migration is carried out. Network isolation can be achieved through a physically isolated network or through trusted networking technology such as VLANs.
Step 1: Configure constrained delegation (optional)
- Login to the Hyper-V configured server. Then open the Active Directory users and computers
- Select the domain name and click computers
- Inside the computer folder, it will display all the computers which belong to a particular domain (here we use vembublog.com)
- Select the computer account of the source server, right click and then go to properties
- From properties, click delegation tab
- From Delegation tab, choose the option “Trust this computer for delegation to specified services only”, and then click “use any authentication protocol”
- Click add. Then, click the users and computers and type the name of the destination server and click check names. Verify the server details and click ok
- In the add services, select the service and click ok
- To move the Storage, you can select CIFS service
- To move the Virtual machines, select Microsoft Virtual System Migration Service
- On the delegation tab, verify if the selected services are listed and selected destination computer is present in the delegation credentials.
- These changes are replicated to the domain controllers in which the servers running Hyper-V are logged in
- The domain controller supplies a new Kerberos ticket
Step 2: Set up the source and destination computers for live migration
You can set the source and destination computers in two ways:
- Using Hyper-V Manager
- Using PowerShell
Using Hyper-V Manager:
- Open Hyper-V Manager
- In the navigation pane, select the servers. If servers are not added, right-click Hyper-V Manager and click ‘Connect to server’. Type the server name and click ok. In the same way, add the other servers also. After that select the servers you require
- Click Hyper-V settings and select live migrations
- Now Enable the incoming and outgoing live migration options in the live migration pane
- Under simultaneous live migration, specify the number of simultaneous live migration you want to use. The default number is 2
- In incoming live migrations, you can add the IP address and specify a network connection for live migration traffic else you can select from the available network. Finally, click ok
For Kerberos and performance option, expand live migration and select Advanced features
- For Constrained delegation authentication protocol, you can select Kerberos
- To enable Credssp, you need to login to the destination server to perform the live migration
- Under the performance options, select the performance configurations based on your requirement
- The similar configuration process is carried out for the other servers, that need to be added to Hyper-V manager
There are 3 cmdlets you will be using to setup the source and destination computers.
Configuring live migration on the host machine – PS C:\> Enable-VMMigration
Allowing incoming traffic for specific networks – PS C:\> Set-VMMigrationNetwork
Choosing Kerberos for authentication – PS C:\> Set-VMHost-VirtualMachineMigrationAuthenticationType Kerberos
Step 3: Use Hyper-V Manager to move a running virtual machine
- In the navigation pane select one of the servers, in which you want to move the Virtual machine from one host to another host
- After selecting the server, in the Virtual machine pane, right-click the virtual machine and select move
- Now choose the move type, then specify the destination host machine details and click finish. Below are the screenshots for your reference
Finally, you will see a pop-up window showing the virtual machine migration process.
Once virtual machine migration is completed, you can login to the destination host machine and check the machine status. Note: we created DFS (Distributed File System) in NODE1 server to store the Virtual Machines virtual hard disks.
Hyper-V Live Migration is often related to failover clustering technology. But, in this blog, a comprehensive overview of how to set up the Live Migration process without Failover Cluster is briefly narrated.
While these options to migrate without the need for failover cluster exists, most of the Hyper-V infrastructure these days have deployed clustering models for better resource utilization. Migrating VMs across hosts definitely reduces the downtime, but that doesn’t protect the systems from large scale attacks or disasters.
The entire HA model depends on the same AD, reliable network and other conditions, the privileges you will not have when your entire infrastructure is flooded. That is when a good Backup & DR strategy will rescue your business.
By having a backup of your machines in another site, you can quickly resume operations without much downtime by turning on the VMs in that site while the main office recovers from the disaster. This means you need to be able to backup VMs that are migrating from one host to another within a Failover Cluster.
Vembu BDR Suite is a comprehensive backup & DR solution that offers agentless backups of VMs running on Hyper-V servers (Standalone/SMB/Cluster). This makes it easier for you to perform disaster recovery for the machines that you migrate across servers.
Experience modern data protection with this latest Vembu BDR Suite v.4.0.1.
Start your 30-day FREE TRIAL Now!