alphaspirit - Fotolia
Although the benefits of live migrations are well-documented, the issue of actually initiating the migration is often overlooked or ignored until it's required. Administrators then must grapple with the dynamics of signing onto the servers to perform the migration. Think about system sign-on and authentication requirements before wrestling with live migrations. And there are two ways to authenticate a sign-on for Hyper-V live migration -- Kerberos or Credential Security Support Provider.
Kerberos, which can work remotely, is typically used when remote management tools are trusted to initiate live migrations, such as through System Center. In this case, select constrained delegation through the Active Directory Users and Computers console or via PowerShell and then choose Kerberos as the preferred authentication protocol. Kerberos can provide mutual authentication, ensuring that both ends of the connection are correct.
To initiate a live migration manually using Windows PowerShell scripts, remote desktop sessions or local console management, sign on to the originating server and use Credential Security Support Provider (CredSSP) to authenticate the migration process. CredSSP is simple and easy to use, but it requires a local login to the server originating the migration. This requirement works for most small- or midsize businesses, but it might not be practical for large enterprises with multiple remote facilities that require live migrations.
The local sign-on requirement for CredSSP can pose unexpected problems when the destination server is remote. If an admin signs onto a local server A and migrates a VM to remote server B, the sign-on works without issues because server A is local. But if IT teams need to move the VM from remote server B back to local server A, it may not be possible because they'd need to sign onto server B locally to initiate the migration back to server A. This is a common oversight that has come back to trouble many overworked administrators; the migration attempt will fail -- citing that no credentials are available.
Dig Deeper on Microsoft Hyper-V management
Related Q&A from Stephen J. Bigelow
Navigating data center malfunctions when hardware is off premises can be tricky. Organizations must have strong SLAs with their colo provider to ... Continue Reading
Regression tests and UAT ensure software quality and both require a sizeable investment. Learn when and how to perform each one, and some tips to get... Continue Reading
Learn the meaning of functional vs. nonfunctional requirements in software engineering, with helpful examples. Then, see how to write both and build ... Continue Reading