When you choose to use live migrations, one of the settings you configure is the type of authentication you can use. Choosing the authentication type is a feature listed under the Advanced Features of live migration. You can choose two types of authentication (as shown in Figure 13.8): Kerberos or Credential Security Support Provider (CredSSP).
FIGURE 13.8 Advanced Features for a live migration
Authentication is choosing which protocol you will use to guarantee that live migration traffic between the source and destination servers is verified. Let’s take a look at both options:
Credential Security Support Provider (CredSSP) This option allows you to set up better security but requires constrained delegation for live migration. You have the ability to sign in to the source server by using a local console session, a Remote Desktop session, or a remote Windows PowerShell session.
Kerberos This option lets you avoid having to sign into the server but requires constrained delegation to be set up.
Another section that you configure in the Advanced Features is Performance. This section allows you to choose how the network traffic for live migrations will be configured. You can choose from three options:
TCP/IP The memory of the virtual machine being migrated is copied over the network to the destination server over a TCP/IP connection.
Compression The memory of the virtual machine being migrated is compressed and then copied over the network to the destination server over a TCP/IP connection.
SMB The memory of the virtual machine is copied over the network to the destination server over a SMB (Server Message Block) connection. SMB Direct will be used if the network adapters of both the source and destination server have Remote Direct Memory Access (RDMA) capabilities enabled.
Implementing Live Migration
You will need the following to set up nonclustered hosts for live migration:
■ A user account in the local Hyper- V Administrators group or the Administrators group on both the source and destination computers. Membership in the Domain Administrators group.
■ The Hyper- V role in Windows Server 2022 installed on both the source and destination servers. Live migration can be done if the virtual machine is at least version 5.
■ The source and destination computers must belong to the same Active Directory domain or belong to trusted domains.
■ The Hyper- V management tools installed on the server. The computer must be running Windows Server 2022 or Windows 10/11.
If you want to set up the source and destination of the live migration, use the following steps:
- Open Hyper- V Manager. (Click Start ➢ Administrative Tools ➢ Hyper- V Manager.)
- In the navigation pane, select one of the servers. Right- click the server and choose Hyper- V Settings ➢ Live Migrations.
- In the Live Migrations pane, select Enable Incoming And Outgoing Live Migrations.
- In the section Simultaneous Live Migrations, specify the number of simultaneous live migrations (the default is 2).
- Under Incoming Live Migrations, accept any network for live migrations or specify the IP address you want to use for live migration. If you want to use an IP address, click the Add button and type the IP address information. Click OK when you’re finished.
- For Kerberos and performance options, expand Live Migrations (click the plus sign next to Live Migrations) and then select Advanced Features:
■ Under Authentication Protocol, select Use CredSSP or Use Kerberos.
■ Under Performance options, select performance configuration options (either TCP/ IP, Compression, or SMB).
7. Click OK.
8. If you have another server that you want to set up for live migrations, select the server and repeat the steps.
Implement Shared Nothing Live Migration
Administrators can now live- migrate virtual machines even if the Hyper-V host is not part of a cluster. Before using live migrate without a Windows cluster, you have to configure the servers. Choose Kerberos or Credential Security Support Provider (CredSSP) to authenticate the live migration.
To trigger a Shared Nothing Live Migration remotely, you’ll need to enable Kerberos constrained delegation, which you configure on the Delegation tab of Active Directory Users and Computers for each computer taking part in the Shared Nothing Live Migration.
Implementing Storage Migration
Hyper- V supports moving virtual machine storage without downtime by allowing you to move storage while the virtual machine is running. You do this by using Hyper-V Manager or Windows PowerShell. You can add storage to a Hyper- V cluster or a stand- alone computer, and then move VMs to the new storage while the virtual machines continue to run. You can move virtual machine storage between physical storage devices to respond to a decrease in performance that results from bottlenecks.
Storage Migration Requirements
To use the Hyper- V functionality of moving virtual machine storage, you must meet these prerequisites:
■ One or more installations of Windows Server 2022 with the Hyper-V role installed
■ A server that is capable of running Hyper- V
■ Virtual machines that are configured to use only virtual hard disks for storage
Storage Migration lets you move the virtual hard disks of a virtual machine while the virtual hard disks are still able to be used by the running virtual machine (see Figure 13.9).
When you move a running virtual machine’s virtual hard disks, Hyper- V performs the following steps:
- Disk reads and writes use the source virtual hard disk.
- When reads and writes occur on the source virtual hard disk, the disk data is copied to the new destination virtual hard disk.
- Once the initial disk copy is complete, the disk writes are mirrored to both the source and destination virtual hard disks while outstanding disk changes are replicated.
- After the source and destination virtual hard disks are entirely synchronized, the virtual machine changes over to using the destination virtual hard disk.
- The source virtual hard disk is deleted.
