.shock - Fotolia
Although the concept of being able to move a running VM from one host server to another was once revolutionary, features like Microsoft's Live Migration or VMware's vMotion have been around long enough to be considered commonplace. Today, it is easy to enable such features without giving them a lot of thought. However, the way in which you configure Hyper-V's Live Migration feature can make a huge difference in the speed and security of the VM live migration process. This article discusses several best practices for VM live migration configuration.
The authentication protocol
The first thing that you should think about when setting up a VM live migration is the authentication protocol. Microsoft lets you choose between Kerberos and CredSSP -- the default choice, but less secure of the two. It has the distinct disadvantage of requiring administrators to log directly onto the Hyper-V host to initiate a live migration. Kerberos on the other hand, is more secure and allows live migrations to be remotely initiated. If you are going to use Kerberos however, you should enable constrained delegation in order to prevent Kerberos from being used for unintended purposes.
Most of the parameters that can be configured for live migrations are related to performance. Live migrations occur over the network, and since VMs can range in size from a few gigabytes to multiple terabytes, it is important to make sure that the network is able to live migrate VMs as efficiently as possible.
Windows Server 2012 R2 actually contains a section within the Hyper-V Manager called Performance Options. You can access this section by opening the Hyper-V Settings window, expanding the Live Migrations container and selecting Advanced Features. The Performance Options section gives you three different options for configuring the VM live migration process.
The first option is TCP/IP. If you choose this option, you won't see any performance enhancements. The VM that you are live migrating will be copied across the network using standard TCP/IP communications.
The second available option is called compression. When this option is selected, Hyper-V will use a compression algorithm to compress the contents of the VM's memory prior to transmitting it. Compression generally speeds up the VM live migration process because it reduces the volume of data that must be transmitted across the network. However, there is a trade-off. The compression process requires CPU resources. This isn't normally a problem because most virtualization hosts have plenty of CPU resources available, but it's an important factor to consider for important or CPU-intensive workloads.
The third option is Server Message Block (SMB). When this option is selected, the SMB protocol is used for transmitting the contents of the VM across the network. The advantage to using the SMB option is that you can offload a portion of this process to the network card for better performance. The disadvantage is that this option requires special hardware. Both the source and the destination network interface cards (NICs) must support Remote Direct Memory Access.
As you have probably gathered by now, optimizing the live migration process is really all about using network bandwidth efficiently. Many organizations attempt to optimize live migrations by using a dedicated network segment for live migrations and by limiting the number of live migrations that can occur simultaneously (in an effort to reduce bandwidth contention). Both of these techniques are effective, but can be made more effective by leveraging Windows Server's NIC teaming feature.
NIC teaming allows multiple NICs to be aggregated into a single logical NIC. The advantage to this approach is that the NIC team can achieve speeds that the individual NICs within the team are incapable of. If you do use NIC teaming, then you should make sure that all of your Hyper-V hosts are equipped with comparable NIC teams in an effort to prevent any of the hosts from becoming a bottleneck.
In some cases, hardware limitations make it impossible to use a dedicated NIC -- much less a dedicated NIC team -- for live migrations. In these types of situations, you may be able to use QoS to prioritize live migration traffic. If a NIC is being used for multiple purposes, then it is a good idea to create a dedicated VLAN for live migration traffic. This will help to keep live migrations secure
As you can see, optimizing the live migration process is really all about bandwidth management. The more bandwidth you can dedicate to live migrations, the more quickly your live migrations will complete.
Avoid Hyper-V live migration performance problems
VM migration frequently asked questions
Live migration helps improve business continuity