RHEL/CentOS 7: KVM – Moving Virtual Machines


Moving disks will mitigate the risk of failing disks. When your CPUs, memory, and other non-disk-related components start failing, you have no other option but to move the guests to other host(s).

This task is simple, but it’s the prerequisites that can make it succeed or fail miserably.

The prerequisites for this task are quite extended.

For the host, the following are the requirements:

  1. You’ll need to have access to shared data. Both the source and destination KVM machine will need to be able to access the same storage—for example, iSCSI, NFS, and so on.
  2. Both hosts need the same type of CPU—that is, Intel or AMD (one cannot live migrate a guest from a host with Intel CPUs to a host with AMD CPUs).
  3. Both hosts need to be installed with the same version and updates of libvirt.
  4. Both hosts need to have the same network ports open.
  5. Both hosts must have identical KVM network configurations or at least the same network configurations for the interfaces used by the guest.
  6. Both hosts must be accessible through the network.
  7. It’s a good idea to have a management network set up and connected to the two hosts, which can be used for data transfer. This will cause less network traffic on your “production” network and increase the overall speed.
  8. The No execution bit must be the same on both hosts.

The requirement for the guest is:

  • The cache=none must be specified for all block devices that are opened in write mode.

There are multiple ways to migrate hosts, but I will only highlight the two most common ways.

Live native migration over the default network

This process to migrate a host is luckily very simple and can be summarized in one command.

On the source host, execute the following:

~]# virsh migrate --domain <guestname> --live –-persistent --undefinesource --verbose --desturl qemu+ssh://<host 2>/system

Live native migration over a dedicated network

It is possible to perform the migration over a dedicated network. By default, this will use the first network it finds that suits it needs. You’ll need to specify the listening address (on the host) and the protocol. This requires the same command as before, but we’ll need to specify the local listening IP address and protocol, such as TCP.

On the source host, execute the following:

~]# virsh migrate --domain <guestname> --live –-persistent --undefinesource --verbose --desturl qemu+ssh://<host 2>/system tcp://<local ip address on dedicated network>/

This type of migration is called a “hypervisor native” transport. The biggest advantage of this type of migration is that it incurs the lowest computational cost by minimizing the number of data copies involved.

When we migrate a host, it performs a copy of the memory of the guest to the new host. When the copying is successful, it kills the guest on the source host and starts it on the new host. As the memory is copied, the interruption will be very short-lived.

Communication between the two hosts is over SSH, which is already pretty secure. However, it’s also possible to tunnel the data over an even more strongly encrypted channel by specifying the --tunnelled option. This will impose more traffic on your network as there will be extra data communication between the two hosts.

The --compress option can help you out if you wish to reduce the traffic over your network, but this will increase the load on both your hosts as they need to compress/decompress the data, which, in turn, may impact your guests performance. If time is not of the essence but traffic is, this is a good solution.

There’s very good and in-depth documentation about this process at https://libvirt.org/migration.html.


Please enter your comment!
Please enter your name here