VMware VM Migration | Pure CBS on Azure
This document illustrates the steps to perform a migration of hosts VMs in a VMWare environment residing on a FlashArray to Azure. The tools involved include Azure Migrate and native replication technology on the FlashArray and Cloud Block Store (CBS).
Abstract
The solution leverages two workflows. First, by using Azure Migrate to migrate and convert the VM(s) to Azure including the VM’s boot volume. Second, Pure Storage array-based replication will be replicating the data volumes from FlashArray to CBS. Data volume replication requires the VM(s) volume to be in a vVol or RDM datastore. the replicated data volume can be presented to the newly created Azure VM via in-guest iSCSi.
This document can be used as a playbook for lift-and-shift migration scenarios to Azure.
Architecture
The following video is a demo of the full process:
Pure Cloud Block Store on Azure along with Azure Migrate provides a simple and cost-effective replication approach for Pure Customers with an on-premises FlashArray and VMware environment. This approach offers a unique hybrid-cloud environment for the data to be mobile and live anywhere.
The simplicity and the cost-effectiveness of this solution come from combining both Pure array-based replication which reduces the total bandwidth preserving dedupe and compression on the wire, and Azure migrate centralized hub and comprehensive agentless discovery and migration capabilities.
As shown in the solution diagram below, Azure Migrate, Pure FlashArray and CBS will be configured to migrate the on-premises VM(s) to Azure. First Azure Migrate discovers the VM resides on the connected VMware vCente, then it will be configured to migrates the boot disk/volume only. Once the initial sync is complete, Azure handles the creation of the instance (Azure VM) and attaches the boot volume to it. Since the migration configuration excluding the data volumes. Those data volumes will be replicated using the built-in Pure replication between FlashArray and CBS, and can be mounted using in-guest iSCSi to the created instance.
Prerequisites
-
Deployment of Cloud Block Store on Azure. Cloud Block Store can be deployed from the Azure portal via Azure Marketplace (See Cloud Block Store Deployment and Configuration Guide), or it can be deployed using Terraform ( See Using Terraform to deploy Cloud Block Store).
-
Async replication connection established from on-premises FlashArray to Cloud Block Store.
-
VM volumes are contained on a vVol datastore or on raw device mapping (RDM) disks and backed by on-premises FlashArray. If VMFS datastores are in use, please convert them to vVols, Check the example in Appendix A.
Prepare Azure Migrate
Step 1:
Verify Azure account permissions
In the Azure portal, search for Subscription, and select Access control (IAM) from the left panel.
Under Check access, click on View my access, the user should have Contributor or Owner permissions.
Step 2:
Create a new Azure Migrate project
-
Search for Azure Migrate, and under Get started click on Discover, assess and migrate.
-
In Windows, Linux and SQL Server, select Create project.
-
In Create Project, select Azure subscription and resource group. Create a new resource group if you don't have one ready.
-
Under Project details, specify the name of the project and select the geography. Note that geography is only used to store the metadata from the on-premises server, you still can use any region as a migration target.
-
The Advance section can be used to identify the connectivity method. two options can be used here:
-
Public endpoint is using the internet to connect to Azure Migrate.
-
Private endpoint is using private networks over Azure ExpressRoute or site-to-site VPN connection to connect to Azure Migrate.
Step 3:
Deploy Azure Migrate appliance
1. Once Azure Project is created from the previous step, search for Azure Migrate from the Azure portal and select Discover.
2. Select Vmware vSphere as the Hypervisor and then specify the appliance name and click on Generate key. This key will be used later to complete the registration of the appliance once it is deployed.
An additional step is to validate the OVA file is secure by verifying the hash value of the downloaded file matches the latest version found here.
Run this PowerShell command to generate the hash then compare it to the one on the link mentioned above.
CertUtil -Hashfile .\MicrosoftAzureMigration.ova SHA256
Example:
3. Download the OVA file, and then deploy it in vCenter using vSphere Client console, right-click on cluster or host, and select Deploy OVF Template.
4. Follow the deployment wizard and do the following:
-
Select the location of the downloaded OVA file.
-
Specify the name of the virtual appliance.
-
Select the cluster/host where the appliance will run.
-
Select the storage/datastore.
-
Specify the Network. If public endpoint is used here, the network requires internet connectivity to send metadata to Azure.
-
Review and select Finish to start the deployment.
Step 4:
Configure Azure Migrate appliance
1. Once the deployment finishes, In vSphere Client console navigate to VMs and Templates, select the VM appliance, and then select Launch Console.
2. Accept the License, and enter the password for the Administrator user.
3. Open any browser in the server or any server that has network connectivity to the Azure Migrate appliance. and navigate to the URL of the appliance configuration manager.
https://<appliance name or IP address>: 44368
4. The configuration manager starts by checking the prerequisites. Refer back to Microsoft docs for more information.
5. Register the appliance with Azure Migrate by pasting the generated key from the earlier step, and select Login. This will generate a device code used to authenticate with Azure.
6. Finish logging in to Azure and it takes few minutes to finalize the registration process of the appliance.
Step 5:
Discovery VMware VMs
1. Provide vCenter server credentials in order for the appliance to perform the discovery of VMs. In the same Appliance Configuration Manager portal, under Manage credentials and discovery sources. Assign a friendly name to your vCenter(s), and add the vCenter username/password and IP address/FQDN and the port.
2. Add source VM credentials, this is important to perform software inventory and for agentless dependencies.
3. Go back to the Azure portal, then select Discovered items on the left panel in Azure Migrate. A list of the discovered VM(s) should appear.
Step 6:
(Optional) Create Azure VM assessments
The assessments help size the discovered VMs and recommend which Azure VM size and disk type the machines can fit to. There are two types of sizing: one is performance-based and it relies on the collected data from vCenter. The second one is based on the actual sizes of the VMs in the VMware environment. For more details please follow Create an Azure VM assessment.
Step 7:
Prepare source VM before migration
These steps include configuring the source machines for remote connections.
1. For Windows VMs make sure remote desktop is enabled and allowed in Windows Firewall.
2. For Linux VMs make sure Secure Shell service is enabled and starts automatically on boot, also check the firewall rules allows SSH connections.
Migrate: Azure Migrate
Step1:
Replicate the VM(s)
1. In Azure Migrate, select Windows, Linux and SQL Server, then under Azure Migrate: Serer Migration, click on Replicate.
2. In Source settings, select VMware vSphere and the on-premises appliances
3. In Virtual Machines, select the VM(s) to be replicated.
4. In Target settings, select where the machines will be located after the migration.
5. In Compute, enter the Azure VM name that will be assigned after migration, also select the VM size, and specify the OS disk device.
6. In Disks, select only the OS/boot disk and deselect the rest data volumes. You can specify the OS disk by its VMware virtual device node (Example: scsi0:0).
7. Assign Tags, then review and start the replication. It will take some time based on the size of the OS/boot disk, once finished go to the next step.
Step2:
Migrate the VM(s)
1. In Azure Migrate, select Windows, Linux and SQL Server, then under Azure Migrate: Serer Migration, click on Migrate.
2. From the top bar notification icon, click on the starting migration job to follow the migration job process.
Step3:
Connect to Azure VM
1. In Virtual Machines, search and select the migrated VM. The VM will have only a private IP address. In order to connect to the VM there are two options. One is to use a Jump Box machine or bastion to connect via the private IP address.
2. The other option is to create and assign a public IP address, follow this Associate a public IP address to a virtual machine.
Migrate: Cloud Block Store
Step 1:
Connect and configure replication from on-premises FlashArray
1. Access Cloud Block Store and get the connection key.
2. Access on-premises FlashArray and establish the connection with Cloud Block Store by clicking on the plus icon, and fill the following
-
Management Address: this is the Cloud Block Store floating IP address used to access the GUI.
-
Type: Async Replication
-
Connection Key: The key obtained in the previous step.
-
Replication Address: The replication addresses are auto-discovered unless NAT is used. (In order to get the replication address use the CBS GUI and go to Settings > Network).
3. Create a protection group for replication to Cloud Block Store.
4. Click on the created protection group and enable and edit replication schedule.
For more detail information on protection group replication interval and retention schedule. See FlashArray Asynchronous Replication Configuration and Best Practices Guide.
5. Click on the shown ellipsis to add target to the protection group. The target for this should be Cloud Block Store connected in the previous steps.
6. Import the protection group created using the Pure Storage plugin in vCenter.
7. From VM and Templates, Right click on the VM(s) to be replicated to CBS and click on Edit VM Storage Polices.
8. In this step, enable Configure per disk and assign the replication policy to the data disks/volumes (No need to select the OS disk since it has been already replicated using Azure Migrate in the previous sections).
9. Once protection group snapshots are replicated to CBS, copy the replicated snapshot out to a volume.
10. Create a host on CBS and configure it with the IQN collected from new Azure VM instance once the cutover is complete.
11. Attach the VM volumes to the newly created host.
See Creating Hosts in the deployment and configuration guide for detailed examples on how to create and attach a volume to a host.
Step 2:
Connect and configure Azure VM with Cloud Block Store
1. Access the replicated Virtual machine via RDP/SSH or configure Azure Bastion.
2. Install iSCSi and Multipath required packages on the host and perform iSCSi login and MPIO configuration.
3. Perform iSCSi rescan to find attached volumes.
4. Mount the volume(s) and bring up the application.
For detailed steps on how to connect and configure Azure VM with CBS volumes, please refer to this section (Mounting a volume) in the deployment and configuration guide.