This is the steps to do Live Migration of a virtual machine from one Hyper-V host to another, without using Failover Clustering. This is useful when needing to reboot and patch a Hyper-V host but you do not want to bring down any VMs on it.
- Service Account: A user account with permission to perform the various steps. Membership in the local Hyper-V Administrators group or the Administrators group on both the source and destination computers meets this requirement
- Roles: The Hyper-V role in Windows Server 2016 or Windows Server 2012 R2 installed on the source and destination servers.
- Domain: Source and destination computers that either belong to the same Active Directory domain, or belong to domains that trust each other.
- Hardware: Both Source and Destination must be running the same brand of processor, or you will have to shut down the VM to move it.
- Authentication: You have three choices when it comes to how you will authenticate between the two Hyper-V hosts. The major break-point is if you want to log into the source server for the move, or use Kerberos to enable "constrained delegation" and be able to "pull" a VM from the destination server.
- Network interfaces: The target and source will optimally have the same number of NICs, with the same name, to avoid after-migration clean up of network virtual switch assignments.
- Constrained delegation (optional): This is basically establishing a machine level trust list of machines that can transfer services between each other. We suggest that you set this up between all your Hyper-V hosts at once, so you don't have to go back and do this again when needing to transfer a VM. The below method is NOT the most secure, but will work without having to perform addition out-of-scope configuration of Kerberos certificates.
- On you Domain Controller, open the Active Directory Users and Computers snap-in. (From Server Manager, select the server if it's not selected, click Tools >> Active Directory Users and Computers).
- From the navigation pane in Active Directory Users and Computers, select the domain and double-click the Computers OU (or the OU you keep your machine accounts for your Hyper-V hosts in).
- From the Computers folder, right-click the computer account of the source server and then click Properties.
- From Properties, click the Delegation tab.
- On the delegation tab, select Trust this computer for delegation to the specified services only and then select Use any authentication protocol.
- Click Add.
- From Add Services, click Users or Computers.
- From Select Users or Computers, type the name(s) of the destination server. Click Check Names to verify it, and then click OK.
- From Add Services, in the list of available services, do the following and then click OK (if your doing multiple hosts at once, use shift-click):
- Select cifs. This is required if you want to move the storage along with the virtual machine, as well as if you want to move only a virtual machine's storage. If the server is configured to use SMB storage for Hyper-V, this should already be selected.
- Select Microsoft Virtual System Migration Service.
- On the Delegation tab of the Properties dialog box, verify that the services you selected in the previous step are listed as the services to which the destination computer can present delegated credentials. Click OK.
- From the Computers folder, select the computer account of the destination server and repeat the process. In the Select Users or Computers dialog box, be sure to specify the name of the source server.
- Step 2: Set up the source and destination computers for live migration. The below uses the GUI to perform this. You can also use Powershell, but ATM that is not included in this documentation here.
- Log into the Source Hyper-V host and open Hyper-V Manager. (From Server Manager, click Tools >>Hyper-V Manager.)
- In the Action pane, click Hyper-V Settings >>Live Migrations.
- In the Live Migrations pane, check Enable incoming and outgoing live migrations.
- Under Simultaneous live migrations, specify a different number if you don't want to use the default of 2.
- Under Incoming live migrations, if you want to use specific network connections to accept live migration traffic, click Add to type the IP address information. Otherwise, click Use any available network for live migration. Click OK.
- To choose Kerberos and performance options, expand Live Migrations and then select Advanced Features.
- If you have configured constrained delegation, under Authentication protocol, select Kerberos.
- Under Performance options, review the details and choose a different option if it's appropriate for your environment.
- Make sure you have the SAME "Performance Options" on all Hyper-V hosts
- Click OK.
- Repeat the above on all destination Hyper-V hosts.
- Step 3: Performing the Live Migration. Note the steps below are specific for the TPFND Lab setup, your settings for the Virtual Machines components such as disks and snapshots may differ.
- Log into Source Hyper-V host, and open Hyper-V Manager. (From Server Manager, click Tools >>Hyper-V Manager.)
- From the Virtual Machines pane, right-click the virtual machine and then click Move. This opens the Move Wizard.
- Choose the first option, "Move the Virtual Machine"
- Either type in the name of the destination server, OR browse and find it, Next
- It will take a bit to connect, and show "Connecting"
- Choose Move Options: Select the 2nd choice, "Move the virtual machine's data by selecting where to move the items"
- Choose Advanced Options:"Move the virtual machine's data automatically". We can select this as we have already set up the VHD and VM directory settings on our Destination.
- Summary: Everything it will do will be listed here. If it all looks correct, click Finish
- If it fails, you should be provided the capability of changing whatever is wrong (like missing locations) and trying again.
- Set up hosts for live migration without Failover Clustering
- Use live migration without Failover Clustering to move a virtual machine