Presentation given at the Nordic Infrastructure Conference (NIC) 2015 about migrating servers to Azure IaaS using the Microsoft Migration Accelerator (MA).
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migration Accelerator
1. Massive Lift & Shift Migrations to Microsoft Azure
with the Microsoft Migration Accelerator
Morgan Simonsen
2. Morgan Simonsen
• Principal Consultant Cloud and Datacenter
Product Manager Microsoft Azure @Lumagate
• P-TSP@Microsoft
• MCSE, MCSA, MCT
• MVP (Directory Services)
• Twitter: @msimonsen
• Email: morgan.simonsen@lumagate.com
• Blog: morgansimonsen.wordpress.com
3. Agenda
• Azure Infrastructure-as-a-Service overview
• Migrating VMs and data to Azure IaaS
• Introduction to Microsoft Migration Accelerator
• MA
– Components
– Setup
– Protection
– Migration
• Troubleshooting
4. Demo Environment
• The company Langskip builds viking longships
• Hybrid network on-premises/Microsoft Azure
• IAM using FIM
• Hybrid Identity with Active Directory/Azure AD
• MDM with Windows Intune
• Data Protection with Azure RMS
• Azure RemoteApp for app access
7. Azure Virtual Machines – OS Options
Windows Server 2008 and 2012
OpenSUSE and SUSE Enterprise
CentOS
Ubuntu
Oracle Linux
8. Top application patterns
• Develop and Test in Azure
• Lift and Shift your production apps
• Extend your infrastructure
– For Disaster Recovery
– For Hybrid Topologies that support
Application bursting
• Cloud Scale
Your
Datacenter
Active
Directory
SharePoint SQL
Server
9. The A family
Highest value VM Size
Basic and Standard Sizes
General Purpose and High Memory
High Performance A8/A9 (RDMA)
A
10. The D family
60% faster CPU
Up to 112 GB Memory
Local SSD storage
D
11. The G family
Optimized for data workloads
Up to 32 CPU cores, 448 GB RAM, 6.5
TB local SSD
Latest generation Intel processor
G
12. Premium storage
Up to 32 TB of storage per VM
>50,000 IOPS per VM
Less than 1ms read latency
15. Migrating machines into Azure
• Manual VHD copy (offline)
• CSUpload
• AzCopy
• Azure storage explorer
• Azure PowerShell (offline)
• Add-AzureVHD
• Add-AzureDisk
• Microsoft Virtual Machine Migration Accelerator (MVMC) (offline)
• Version 3.0 (December 2014)
• Convert virtual machines and disks from VMware hosts to Hyper-V hosts and Microsoft Azure
• Convert physical machines and disks to Hyper-V hosts
• Azure Site Recovery for Hyper-V (online)
• Sync VMs to Azure for Disaster Recovery purposes (Hyper-V)
• Can double as migration
• Microsoft Migration Accelerator (MMA) (online)
• InMage Scout
• Sync VMs to Azure for Disaster Recovery purposes (Hyper-V, VMWare, AWS, Physical)
16. Azure VM Restrictions - Disks
• Only VHD supported, no VHDX
• Only thick provisioning (no dynamically expanding VHDs)
• But thin charging
• Max OS disk size: 127 GB
• Max data disk size: 1023 GB
• Disks cannot be resized
• Always create 1023 GB data disks
• Disk sizes must be exact KB multiples (1024)
• Disks must be stored in page blobs
17. Azure Resctrictions – VMs
• Only x64 Guest OSs supported
• No Hyper-V Gen 2 VM support, no:
• PXE boot by using a standard network adapter
• Boot from a SCSI virtual hard disk
• Boot from a SCSI virtual DVD
• Secure Boot
• UEFI firmware
• No support for Windows Failover Clustering or NLB
• http://support.microsoft.com/kb/2721672
18. Introducing the Microsoft Migration Accelerator
(MA)
• The Microsoft Migration Accelerator for Azure (MA), enables easy migration of
physical and virtual servers running on VMWare, Hyper-V or AWS cloud
environments to Azure
• In preview release of MA, workload instances running on any edition of Windows
(2008 or R2 or 2012 or R2) and Linux (CentOS 6.4 or 6.5 and Oracle Linux 6.5)
Operating systems are supported
• MA supports migration of
• single standalone server instances
• group of servers that run distributed multi-tier production applications
19. MA Features
• Automated asset discovery and
migration
• Migration cutovers to Azure in as little
as minutes
• Self-provisioned target Azure VM’s
• Heterogeneous platform support
• Continuous replication, with near zero
downtime
• Multi-tier application support
• Automated networking reconfiguration
VM’s
• Integrated compression, encryption and
bandwidth management
20. Try out MA
• Migration Accelerator is free in public preview
• Orchestration portal only available in North America
• But your resources can be in any Azure DC
• You pay only for any Azure services consumed
• There is no SLA for Azure services in public preview
• Sign up at the MA landing page
• Expect a few days before you are activated
21. MA Architecture
Microsoft Azure
InMage
Scout Data
Channel
ProcessServer– Used for
Caching,Compression&
Encryption
ConfigServer– Used for
Centralized Managementof
InMageScout
MasterTarget– Used asa
repository& forretention
Contoso
Fabrikam
RXService– Used formulti-
tenantmanagement in
Azure
RXServer
Orchestration
Orchestration
22. MA Components: MA Orchestration Portal (RX)
• Milti-tenant portal hosted by Microsoft in Azure
– .cloudapp.net
• Deployed outside your subscription
• Orchestrates the MA processes
• No protection traffic passes through the RX
• Can handle several subscriptions/customers
23. MA Components: Configuration Server (CS/CX)
• Azure VM
• One pr. subscription
• Centralized management of InMage Scout
• No protection traffic passes through CS
24. MA Components: Master Target server(s) (MT)
• Azure VM(s)
• At least one pr. subscription
• Receives replication and handles retention for protected servers
25. MA Components: Process Server (PS/PX)
• On-Premises server(s)
– MA Team recommends this be a physical server
• Performs:
– Caching
– Compression
– Encryption
• Reachable by Azure S2S VPN tunnel or externally published port
• Continuously receives changes from configured protected systems
• Asynchronously replicates to a Master Target server
26. MA Components: Mobility Service (UA)
• Locally installed agent on all protected servers
• Monitors disks using VSS
• FX: File Replication agent
• VX: Volume Replication agent
• Copies data to Process Server
29. High Level Deployment Steps
1. Register Azure subscription(s) in MA portal
2. Create MA resources in Azure
3. Install MA components in Azure
4. Install MA components in source Enterprise
5. Deploy MA agents in source Enterprise
6. Configure Protection
7. Monitor Protected Servers
8. Migrate protected sources to Azure
30. MA Third Party components
• MA core based on PERL
• All MA components except agent requires:
– Cygwin
– RRDtool
• CS requires MySQL
31. Scaling MA Azure Components
Component in Azure Size
CS A3 Standard
MT A4 Standard
Retention drive on MT 1023 GB
• MT needs a lot of data disks, MA expects to be able to mount 15 data
disks on each MT
32. Scaling PS server(s)
Data
Change
Rate CPU Memory
Boot
Volume
Capacity
Cache Directory Disk
Size Including Cache
Directory Based on
Outage
Minimum Total
Disk Throughput
Required NIC Details
<= 300 GB/day 1 Quad core
(2.2GHz, 4.0MB
Cache or Higher)
8 GB 40 GB Usable
Filesystem
Minimum of 400 GB
(6 Hours Outage)
15 - 20 MBps 2 x 1 GigE NIC cards
recommended with
Static IP addressing
scheme
<= 700GB/day 2 Quad core
(2.66GHz, 4.0MB
Cache or Higher)
16 GB 40 GB Usable
Filesystem
Minimum of 790 GB
(6 Hours Outage)
34.9 - 46.6 MBps 2 x 1 GigE NIC cards
recommended with
Static IP addressing
scheme
<= 1 TB/day 2 Quad core
(2.66GHz, 4.0MB
Cache or Higher)
32 GB 40 GB Usable
Filesystem
Minimum of 790 GB
(6 Hours Outage)
51.2 - 68.27 MBps 2 x 1 GigE NIC cards
recommended with
Static IP addressing
scheme
Greater than 1 TB Recommend Multiple PS servers
33. MA Compatibilty
MA components can be installed on:
• Windows Server 2008/2012
MA can migrate from:
• Physical
• VMware VM (running on ESX/ESXi/vSphere/vCenter 4.x or 5.x)
• Hyper-V VM
• AWS
MA can protect/migrate:
• Windows Server 2008 R2 (64 bit), R2 SP1 (64 bit) - Web, Standard, Enterprise,
Datacenter editions
• Windows Server 2012 (64 bit), R2 (64 bit) - Standard, Datacenter, Essentials
editions
• Linux CentOS 6.4, 6.5
• Oracle Linux 6.4, 6.5
34. Deployment tips and best practices
• Create a new Cloud Service to house MA components
– CS needs TCP port 443 inbound via cloud service VIP
• Be mindful of Storage Account limitations
– Migrated disks will remain in the storage account where you put them
• Azure S2S VPN Standard GW SKU max throughput: ~100 Mbps
– Opening endpoints on PS might be faster
36. MA Protection Basics
1. MA Portal orchestrates enabling protection
1. Selected CS sets up protection based on protection plan
2. Selected MT provisions disks
2. PS/UA starts syncing data
3. Resync is performed
1. Initial 2-step sync
4. Differential Sync
37. Protection setup (if demo fails)
1. Protect server in MA portal
2. Verify protection in MA portal or CS portal
38. Demo
• A lap around the setup
• Install Agent (UA)
• Enable protection
• Migrate a workload
39. Troubleshooting, tips and tricks
• Both Mobility Service (UA) and DPM use VSS for snapshots, they do not play
well with each other…
– Might affect other VSS users too…
• Always preserve case in Azure VNet names
– Or you will not be able to place VMs in subnets
• Watch out for Azure VM restrictions, MA will not warn you
• Local servers with D: drives
– Azure, by default, allocates D: for temporary storage
– Either switch once migrated or diskpart |san policy onlineall
• CS Public IP changes
– CS Config/PS/MT/UA
– CS/PS: etc/amethyst.conf
– MT/UA: Host Agent Config utility
• CS Logs
40. Morgan’s whishes…
• Login to MA portal with Azure AD account
– Make the MA portal AAD multi-tenant and role-based
• Azure Gallery image VMs for CS and MT
• Scriptable install
• PERL? Cygwin? Really?
– Kudos to PERL and Cygwin in general, but…
41. More information
• Migration Accelerator Landing page: http://aka.ms/malanding
– Sign up for preview here
• Migration Accelerator Support Forums: http://aka.ms/maforum
• Known issues, troubleshooting and FAQ: http://aka.ms/mafaq