Hyper-V Live Migration allows you to move a running virtual machine between hosts without stopping it. Initially, Live Migration in Hyper-V was only available under Windows Failover Cluster with Cluster Shared Volumes (CSV). Starting from Windows Server 2012, Hyper-V Live Migration doesn’t require a cluster or shared storage. For VM migration, it is sufficient that the Hyper-V hosts are connected to a fast shared Ethernet network. This type of migration is called Shared-nothing Live Migration.
Hyper-V Live Migration Requirements:
- At least two hosts with Hyper-V 3.0 or newer;
- VM hardware version not lower than 5.0;
- The target host must have enough resources to run the VM;
- Hosts must use processors with the same architecture or you must enable the compatibility mode for VM( Migrate to a physical computer with a different processor version: Set-VMProcessor testvm1 -CompatibilityForMigrationEnabled $true);
- It is desirable to have at least 1GB Ethernet network between hosts (it is recommended to allocate a separate NIC for Live Migration). On network adapters, you must enable the Client for Microsoft Networks and File and Print Sharing for Microsoft Networks protocols
- Each server must have access to its own virtual machine storage (local disks, SAN LUNs, or SMB 3.0 shared network folders);
- Virtual switches on all Hyper-V hosts must be named the same (this will help avoid many migration errors).
You need to enable Live Migration in the Hyper-V configuration of both hosts. Open Hyper-V Settings and enable the option “Enable incoming and outgoing live migration”. You can change the maximum number of simultaneously moving virtual machines. To avoid high load on hosts and the network, it is better to leave the default value—two simultaneous migrations.
In the Incoming live migration section, you can specify which Hyper-V hosts can migrate VMs to this host.
Then go to the Advanced Features section and select the Kerberos authentication protocol (Use Kerberos).
You can do the same using PowerShell (remember to configure all Hyper-V hosts):
Enable-VMMigration Set-VMMigrationNetwork 192.168.1.2 192.168.1.4 Set-VMHost -VirtualMachineMigrationAuthenticationType Kerberos
Hint. Compression is used by default for faster migration. However, you can use SMB Direct for migration. To speed up Live Migration, you can disable end-to-end encryption of SMB data:
Set-SmbServerConfiguration -EncryptData $false -RejectUnencryptedAccess $false
When using Kerberos authentication to transfer VMs between hosts, you need to configure Kerberos Constrained Delegation in the properties of Hyper-V hosts in Active Directory. Run the ADUC console, open properties for Hyper-V host account and go to Delegation tab. Select the option Trust this computer for delegation to specified services only > Use Kerberos Only.
Click the Add button > select the second Hyper-V host and select Microsoft Virtual System Migration Service.
Hint. In Hyper-V on Windows Server 2016/2019, when using this setting, you may face an error during migration “No credentials are available in the security package” (Event ID 20306). The point is that in these versions of Windows Server, Hyper-V services run in the NETWORK SERVICE context. To fix this error, you will have to use the less secure Unconstrained Delegation (Use any authentication protocol) mechanism.
Similar settings must be made on all servers participating in Live Migration.
Now try to migrate VM:
- Right click on the virtual machine and select Move;
- Select the move type Move the virtual machine;
- Specify the name of the Hyper-V host to which you want to migrate the VM;
- Select the following move option: Move the virtual machine’s data to a single location;
- Wait for the virtual machine to migrate to another Hyper-V host.
You can also run Live-Migration using PowerShell:
Move-VM testvm1 lon-hv2 -IncludeStorage -DestinationStoragePath E:\vm\testvm1