Enabling Live cVM Migration

A live migration is the process of transferring running cVMs across different servers.

cVMs do not support live migration in device passthrough scenarios or SVE-based live migration. QEMU does not support autostart.
A live migration requires that the source and peer servers be in the same network segment, have the same CPU configuration (model, number of cores, frequency, and sysreg flag), and use a shared storage pool to store cVM images.
Restrictions on cVM specifications: The number of vCPUs on the cVM to be migrated is less than or equal to 32, and the memory is less than or equal to 512 GB. If the cVM has multiple vNUMA nodes, the memory of all vNUMA nodes except the last one must be 1 GB aligned.
Before starting a live migration, start one cVM on both the source and peer servers and complete remote attestation. Specifically, start the migcvm cVM on the source server, the migcvm cVM on the peer server, and the cVM to be migrated from the source server.
The migcvm cVM is controlled by a trusted third party and is used to run the migcvm-agent to perform remote attestation and key exchange between the source and peer ends.

On the source and peer servers, add the migvm-cap=migvm parameter to the QEMU XML configuration file of the migvm cVM to enable the migvm migration function, and specify the VSOCK and CID for communication.
```
  <qemu:commandline>
    <qemu:arg value='-object'/>
    <qemu:arg value='tmm-guest,id=tmm0,sve-vector-length=128,num-pmu-counters=1,migvm-cap=migvm'/>
  </qemu:commandline>
```
```
  <vsock model='virtio'>
    <cid auto='no' address='8'/>
  </vsock>
```
The CID address may be randomly allocated by the cloud management platform. Since the host kernel CID is 2, the platform allocates a CID greater than 2 to prevent conflicts between the VM CID and the system.
After the configuration is complete, start the migvm VM by following instructions in Configuring cVMs.
Download virtCCA_sdk, install it on the migvm, and obtain the RIM values of the source and peer servers. For details about how to obtain the RIM values, see the gen_rim_ref tool description in Enabling Remote Attestation.
1. Pull the master branch code of the organization repository.
```
git clone https://gitee.com/openeuler/virtCCA_sdk.git --depth 10
```
2. Compile and install dependencies based on GitCode. (If QCBOR, t_cose, and libcbor already exist in the environment, skip this step.)
```
cd migcvm-agent/
git clone https://github.com/inclavare-containers/rats-tls.git
cd rats-tls
git reset --hard 40f7b78403d75d13b1a372c769b2600f62b02692
git apply ../../attestation/rats-tls/*.patch
bash build.sh -s -r -c -v gcc
cp -rf output/lib/rats-tls /usr/lib/
cp -rfL output/lib/rats-tls/librats_tls.so.0 /lib64/
cd -
bash ./build.sh
# Place the compilation product migcvm-agent to mig-cvm.
cp build/migcvm-agent   ${CVM_PATH}/home/
```
3. Deploy the certificate in the directory where migcvm-agent is located. For details, see Enabling Remote Attestation.

Before the migration, perform remote attestation to ensure that the RIM values on the source and peer servers are the same.

virsh console migvm-src
cd ${CVM_PATH}/home
./migcvm-agent -s <Local_migcvm_VM_listen_IP_address> -c <Remote_migcvm_VM_listen_IP_address> -r <migcvm_RIM_value>

virsh console migvm-dst
cd ${CVM_PATH}/home
./migcvm-agent -s <Local_migcvm_VM_listen_IP_address> -c <Remote_migcvm_VM_listen_IP_address> -r <migcvm_RIM_value>

To enable migration, add virtcca-migration-cap=1 to the QEMU startup parameter of the source server.

  <qemu:commandline>
    <qemu:arg value='-object'/>
    <qemu:arg value='tmm-guest,id=tmm0,sve-vector-length=128,num-pmu-counters=1,virtcca-migration-cap=1'/>
  </qemu:commandline>

Start the VM to be migrated.
```
virsh start <cvm-name>
```
cvm-name indicates the name of the VM to be migrated.
Perform a live cVM migration.
```
virsh migrate --live <cvm-name> qemu+ssh://<dest-ip>/system
```
Where,
- cvm-name indicates the name of the VM to be migrated.
- dest-ip indicates the IP address of the peer server.

Parent topic: Feature Usage