Live Migration

QV-MIG-001 Rev 1.0 — January 2026

Complete guide to QuantaVirt live migration — moving running VMs between physical hosts with minimal downtime, PQC-encrypted migration channels, dirty page tracking, convergence control, storage migration, and rollback procedures.

Migration Overview #

Live migration moves a running VM from a source hypervisor host to a destination host while the guest continues executing. QuantaVirt uses iterative pre-copy memory transfer with dirty page tracking, transferring all VM state (memory, vCPU registers, device state) over a PQC-encrypted channel.

Migration TypeVM StateStorageDowntime
Live (pre-copy)Running throughoutShared storage (NFS, Ceph, iSCSI)~10–100 ms
Live + StorageRunning throughoutLocal → local (block copy)~50–200 ms
OfflineStoppedAnyFull transfer time

Prerequisites #

RequirementDetail
Compatible CPUsSource and destination must have compatible CPU feature sets (same vendor, compatible microarchitecture). Use cpu.model: "host" cautiously.
QuantaVirt versionSame major version on both hosts (e.g., both 0.1.x)
Network connectivitySource and destination must have routable IP connectivity (migration port 9410 default)
Shared storage (live)VM disk images must be accessible from both hosts (NFS, Ceph, iSCSI, GlusterFS)
PQC trustDestination host's public key must be imported on source (or vice versa for bidirectional)
QUAC 100 (optional)Hardware PQC acceleration on both hosts for fastest encrypted transfer

Live Migration #

# Basic live migration (shared storage)
quantavirt vm migrate web-01 --dest 192.168.1.20:9410

# Migration with PQC encryption (recommended)
quantavirt vm migrate web-01 \
  --dest 192.168.1.20:9410 \
  --pqc \
  --pqc-kem ML-KEM-768

# Migration with bandwidth limit
quantavirt vm migrate web-01 \
  --dest 192.168.1.20:9410 \
  --pqc \
  --bandwidth 10G \
  --timeout 600

# Offline migration (VM must be stopped)
quantavirt vm migrate web-01 \
  --dest 192.168.1.20:9410 \
  --offline

PQC-Encrypted Migration #

When --pqc is enabled, the entire migration data stream is encrypted with post-quantum cryptography, preventing harvest-now-decrypt-later attacks on VM memory in transit.

/* PQC migration handshake */

Source Host                                    Destination Host
    │                                               │
    │──── ML-DSA-65 signed hello ──────────────────►│
    │                                               │
    │◄─── ML-DSA-65 signed hello + ML-KEM pubkey ──│
    │                                               │
    │──── ML-KEM encapsulate → ciphertext ─────────►│
    │     (shared secret established)               │ ML-KEM decapsulate → shared secret
    │                                               │
    │──── AES-256-GCM encrypted memory pages ──────►│
    │──── AES-256-GCM encrypted vCPU state ────────►│
    │──── AES-256-GCM encrypted device state ──────►│
    │                                               │
    │──── migration complete signal ───────────────►│
    │                                               │ resume VM

Trust Establishment

# On source host: export public key
quantavirt pqc key-export host-identity --public --output source-host.pub

# Transfer to destination host (via secure channel)
scp source-host.pub admin@192.168.1.20:/tmp/

# On destination host: import source's public key
quantavirt pqc key-import --name source-host --input /tmp/source-host.pub

# Repeat in reverse direction for bidirectional migration

Migration Phases #

PhaseDescriptionVM State
1. SetupPQC handshake, authenticate hosts, negotiate parametersRunning
2. Initial transferCopy all VM memory pages to destination (full RAM transfer)Running
3. Iterative dirty copyRe-transfer pages dirtied since last round (repeat until convergence)Running
4. Stop-and-copyPause VM, transfer final dirty pages + vCPU state + device statePaused (brief)
5. ActivationResume VM on destination, redirect network (GARP), release source resourcesRunning on destination

Convergence & Downtime #

Migration converges when the dirty page rate falls below the transfer rate. For write-heavy workloads (databases), convergence may require tuning:

ParameterFlagDefaultEffect
Bandwidth limit--bandwidthUnlimitedCap migration bandwidth to avoid saturating network
Max iterations--max-iterations30Maximum dirty copy rounds before forced stop-and-copy
Downtime limit--max-downtime300msMaximum acceptable pause during stop-and-copy
Auto-converge--auto-convergeEnabledThrottle guest vCPUs to reduce dirty rate
Compression--compressDisabledzstd compress pages in transit (CPU trade-off)
Multithread--threads N4Parallel page transfer threads

Storage Migration #

When VMs use local storage (not shared), the disk image must also be transferred. QuantaVirt uses incremental block copy with dirty block tracking to migrate storage concurrently with memory.

# Live migration with storage (non-shared storage)
quantavirt vm migrate db-01 \
  --dest 192.168.1.20:9410 \
  --pqc \
  --storage-migrate \
  --dest-pool /var/lib/quantavirt/images/

Cross-Host Setup #

# Step 1: Ensure matching QuantaVirt versions
# Source:  quantavirt --version   # 0.1.0
# Dest:    quantavirt --version   # 0.1.0

# Step 2: Configure migration listener on destination
# /etc/quantavirt/quantavirt.conf on destination:
[migration]
  listen = "0.0.0.0:9410"
  pqc_required = true

# Step 3: Exchange host identity keys (see PQC trust above)

# Step 4: Verify connectivity
quantavirt system ping --host 192.168.1.20:9410
# Host: 192.168.1.20:9410
# Version: 0.1.0
# PQC: QUAC 100 Hardware
# Trust: ✅ (key: source-host)

# Step 5: Shared storage check
quantavirt system storage-check --host 192.168.1.20 --path /mnt/nfs/images/web-server.qcow2
# Accessible: ✅

Monitoring Progress #

# Watch migration progress
quantavirt vm migrate-status web-01
# VM:              web-01
# State:           MIGRATING (phase 3: iterative dirty copy)
# Destination:     192.168.1.20:9410
# Encryption:      ML-KEM-768 / AES-256-GCM (QUAC 100)
# Progress:        78% (6.2 GiB / 8.0 GiB transferred)
# Iteration:       5 / 30
# Dirty Rate:      120 MB/s
# Transfer Rate:   800 MB/s
# Est. Downtime:   ~25 ms
# Elapsed:         45s

# API: stream migration events
curl -N http://127.0.0.1:9400/api/v1/vms/web-01/migrate/events

Rollback & Recovery #

# Cancel in-progress migration (VM resumes on source)
quantavirt vm migrate-cancel web-01

# Automatic rollback scenarios:
# - Network failure during transfer → VM resumes on source
# - Timeout exceeded → VM resumes on source
# - PQC authentication failure → Migration rejected, VM untouched
# - Destination out of resources → Migration rejected before start

Migration Troubleshooting #

SymptomCauseResolution
Migration rejected: "untrusted host"Host public key not importedExchange and import PQC keys between hosts
Migration rejected: "CPU incompatible"Destination CPU lacks featuresUse cpu.model with explicit feature flags, not "host"
Migration stalls, doesn't convergeDirty rate exceeds transfer rateEnable auto-converge, increase bandwidth, or reduce VM write load
High downtime (>1s)Large device state, vGPU memoryReduce VirtIO-GPU framebuffer size, use --max-downtime
Connection reset during transferFirewall blocking, network instabilityCheck port 9410 open, verify network route, retry
Storage not found on destinationShared storage not mountedRun storage-check, verify NFS/Ceph mount on destination
PQC handshake timeoutQUAC 100 not respondingCheck pqc status on both hosts, verify firmware
← GUI Guide Troubleshooting →