Live migration

A Confidential VM instance must have the following configuration to support live migration:

All other Confidential VM types don't support live migration, and must set their onHostMaintenance policy to TERMINATE when being created. This means the VM stops during host maintenance events.

Host maintenance events for Confidential VM instances that don't support live migration

During host maintenance events, Confidential VM instances that don't support live migration and have default host maintenance policy settings are stopped. They are restarted after the maintenance is complete.

The following table details the default values for host maintenance policy settings on a Confidential VM instance.

Host maintenance policy Confidential VM default values Description
onHostMaintenance TERMINATE

This property must be set to TERMINATE for Confidential VM instances that don't support live migration. This means your Confidential VM instance stops and its status is set to TERMINATED during a maintenance event.

automaticRestart true When set to true, your Confidential VM instance restarts after the maintenance is complete.
hostErrorTimeoutSeconds 330 The number of seconds between 90 and 330 before the host attempts to restart an unresponsive VM.

With planning, you can minimize the impact of host maintenance events on your Confidential VM instances.

Minimize the impact of host maintenance events

To minimize the impact of host maintenance events, you can simulate one to make sure you're prepared, and optionally provision your Confidential VM instances on a sole-tenancy node.

Simulate a host maintenance event

To test how your applications behave when a Confidential VM instance is restarted, you can simulate a host maintenance event.

Provision your VMs on sole-tenancy nodes

If it fits your needs, you can provision your Confidential VM instances on a sole-tenant node. This lets you determine a 4-hour window in which Google can perform maintenance on your VMs. It also lets you perform a manual live migration, which moves your VM to a different node or node group you control.

See Sole-tenant node pricing.

What's next

Learn about designing resilient systems.