UPDATE 04/06/2012 – The KDC bug I mention at the bottom of this post has been fixed in Server 2012 Release Candidate. Tested a live migration from a remote WIndows 8 Release Preview client, and all went well.
Hyper-V in Windows 8 Server has had a major uplift. As much as I like working with Hyper-V in Server 2008 R2, there’s certainly a sense that Windows 8 Server leaves that for dead.
And now that I have three physical Windows 8 Server Hyper-V hosts up and running in my lab environment, one of the new features I was really keen to test was Live Migration – WITHOUT SHARED STORAGE!!
Turns out that it’s pretty straightforward. Once the systems are up and running and the Hyper-V role has been installed (which you can do in parallel from a machine which shares credentials, like any domain-joined system, from the new Server Manager) then right-click on the server under Local Server or All Servers (assuming you’ve added them) and select Hyper-V Manager. Then in Hyper-V Manager, select the host, click on Hyper-V settings and navigate to Live Migrations.
Click “Enable incoming and outgoing live migrations”. It’s important to note that this isn’t the process to make use of if you’re planning on making the hosts part of a Failover Cluster. That’s a different process, and Live Migration is automatically configured in those scenarios.
Bear in mind that these are standalone hosts – they are on the same domain, but a shared network is the ONLY thing they have in common.
For the Authentication Protocol, select “Use Kerberos”. This ensures that Hyper-V hosts can talk to each other and perform migrations without the administrative user needing to be logged on (apart from the little bug which breaks that rule, but more on that later).
Make any other changes needed, such as the amount of simultaneous migrations (dependent upon available network bandwidth) or which management IP addresses to use, and select OK to save the changes. Make the same changes on all Hyper-V hosts which you want to be able to Live Migrate between.
Next, set up KDC – Kerberos Contrained Delegation – so that the hosts can authenticate.
On a DC, fire up ADUC (Active Directory Users and Computers), find the host computer object, go into its Properties and select the Delegation tab.
Then, select “Trust this computer for delegation to specified services only” and “Use Kerberos protocol”. Then click Add and search for the host computer object that this host will be migrating TO. So in my case I modified the properties of WIN88HOST02 in order to migrate to WIN8HOST03.
In the Service Type list, select “CIFS” and “Microsoft Virtual System Migration Service” and OK to close. Repeat this for each Hyper-V host (eg: do the same for WIN8HOST03 in order to migrate to WIN8HOST02)
Next, spin up a VM on one of the hosts. Once complete, in Hyper-V Manager log onto the host server and select Move. The wizard will prompt you for what sort of move you want, which host it’s going to move to and whereabouts on the remote filesystem.
Finish the wizard and the migration kicks off. Try setting up a PING -T against the client VM – it’s impressive
The amount of time take to perform the migration is going to vary wildly, dependent on the amount of data you’re transferring (Dynamic Disks transfer faster than Fixed Disks, for example) and the amount of network bandwidth available plays a crucial factor. NIC teaming will help, of course (now supported in Windows 8 Server Hyper-V) as well as using dedicated NICs and 10Gb ethernet.
The eagle-eyed amongst you will have noticed that I had to log onto the host I was migrating from, even though I set up KDC to avoid that particular scenario. Yes – welcome to the world of beta If you try to kick off the migration from a remote management system, the migration starts and then fails to create the VM folder on the remote system. The following errors are logged:
- Virtual machine migration operation for ‘TEMP’ failed at migration source
- Migration did not succeed. Failed to create folder: ‘General access denied error’(’0×80070005′).
Thanks to Ben Armstrong for following up on this one – it’s a bug in the beta build of Windows 8 Server. That’s not supposed to happen, and it will be fixed.
And there we are – Live Migration of a running VM across the network between standalone hosts. It’s not designed for failover or HA, but now you can move VMs between hosts without having to implement shared storage, clustering or SCVMM. Perfect for lab environments and SMEs. So far – Windows 8 Server is SO GOOD