Professional Documents
Culture Documents
Having established a plan for the first migration waves, here’s where you get started.
At this point, you have will proceeded through the Discover/Assess and
Plan/Foundation phases. You should know what you're going to move, and have a
prepared environment to move into.
The goal for this phase is to get Migrate for Compute Engine up and running,
configure your automation, and do the migrations.
Coming out of this phase, you should have both migrated workloads, and
improvements to the migration sprint process.
Migrations happen in sprints and waves
Migrate
Prepare Execute move of
Build target
apps and
environments and
services to GCP
select migration
candidates from
backlog
Migration
Improve
Learn lessons,
Sprint
improve Test / Verify
Conduct UAT and
migration
regression testing
process
Optimize
Decouple state
and stateless,
scale horizontally,
rightsize & PVM
1. Sprint = time-bound work period, with specific apps to migrate pulled from
backlog
2. Do any sprint-specific discovery tasks that need revision/completion
3. Do any remaining sprint-specific planning tasks that need revision/complete
4. Execute the migration
5. Test your migration and make sure everything works
6. Consolidate your learning and refine your process for future waves
7. For some workloads, you will move onto the Optimize phase (which we'll be
doing later in this class)
In this course, Migrate is focused on lift and shift
What we're talking about is large scale lift and shift migrations. We're not focused on
manually-intensive single VM migrations, or on refactoring of applications.
Agenda
Introduction
● Field-proven
● VMware, AWS, and Azure
sources
● Moves compute immediately
(<10 minutes)
● Data is "streamed" to cloud until
app is live in cloud
● Testing and fallback/reversion
available
Migrate for Compute Engine was acquired by Google. It's been used to migrates tens
of thousands of VMs to date. It supports migrating workloads from VMware
installations using vCenter, as well as AWS/Azure accounts. Should note that this is
an agentless technology.
1. Creates a new VM in GCP to handle the processing for the workload and
shuts down the original
2. Creates a data streaming conduit from the disks in the source environment.
a. VM disk data is sent over the network to a caching location in GCP,
where the GCP VM accesses it.
b. VM disk data that's changed on the GCP VM can be synched back
with original disk
c. For full migration, you can have Migrate for Compute Engine cache all
data into GCP and then detach from the source (creating a GCP disk
that has all the VM data and is attached to the VM)
Because of the streaming data strategy, VMs can moved to the cloud with 10 minutes
downtime as opposed to hours that might be required to replicate all the VM disk data
over. Note that there is another chunk of downtime as the "detach" process is
completed.
Migrate for Compute Engine allows you to clone a VM for testing purposes. This will
create a new VM in the cloud while leaving the original VM active. The VM in the
cloud gets streamed data from the source, and doesn't sync changes made on the
clone back to the source. This allows you to test a copy of your workload in the cloud
prior to migration. You can then delete the clone when testing is done.
Migrate for Compute Engine allows you to take a VM running in the cloud and move it
back on prem. This reverses the streaming, deletes the cloud VM, and rebuilds the
original VM.
1. The source and target networks are connected, in this case using VPN tunnels
2. The Migrate for Compute Engine Manager is a GCE VM deployed into a GCP
project. This VM will orchestrates the migration operations and provides a
Web UI.
3. The Migrate for Compute Engine backend is a virtual appliance deployed into
your vSphere environment. It handles the datacenter part of streaming data.
a. It communicates with GCP API endpoints and Stackdriver
4. The Migrate for Compute Engine vCenter Plugin provides management
functionality within the vCenter UI.
5. The Cloud Extension handles the data streaming on the GCP side.
a. It's comprised of a couple of edge node VMs (2 VMs in 2 zones for HA)
b. The serve as a bridge between the migrated VMs and the storage
caching tier (using iscsi)
c. Edge nodes communicate with GCS and Stackdriver
6. In AWS, the Migrate for Compute Engine importer handles the AWS side of
data streaming
Note that the Migrate for Compute Engine Exporter is not shown here. When you
detach a VM, and exporter instance is deployed and continues to handle the GCP
side of data sync until the detach is complete.
● Connectivity via…
○ Dedicated Interconnect
○ Partner Interconnect
○ VPN
● Bandwidth recommended...
○ 50 Mbit/sec base
○ 1Mbit/sec for each VM
concurrently migrated
https://cloud.google.com/migrate/compute-engine/docs/4.8/concepts/requirements
https://cloud.google.com/migrate/compute-engine/docs/4.8/concepts/planning-a-migra
tion/network-access-requirements
Docs say minimum bandwidth required is 20/0.5. Realistically, you should go with
recommendations.
For connectivity, you will want a robust interconnect between source and target
networks. If using VPNs, you might consider HA VPN.
You can limit the amount of bandwidth used by Migrate for Compute Engine by using
bandwidth throttling. Obviously, the lower the limit of bandwidth used, the smaller the
batches of VMs you can migrate.
The firewall rules noted in the diagram are recommendations focused on successful
Migrate for Compute Engine use. Notice…
1. The Migrate for Compute Engine manager talks to the cloud edge nodes and
the migrated VMs
2. The Migrate for Compute Engine backend talks to the Migrate for Compute
Engine Manager and the Cloud Extension
3. vCenter talks to the Migrate for Compute Engine Manager
4. The edge nodes talk to each other and the Migrate for Compute Engine
Manager
1. The migrated VMs talk to the edge nodes
2. You need to ensure additional firewall rules to allow for correct operation of
workloads
Note: Your on-prem and AWS networks must be configured to allow appropriate traffic
flow as well. For instance, the Migrate for Compute Engine Backend must be able to
talk to the vCenter and ESXi hosts, as well as Stackdriver and GCP-based Migrate for
Compute Engine components.
Migrate for Compute Engine pre-reqs: OS versions
https://cloud.google.com/migrate/compute-engine/docs/4.8/concepts/requirements
https://cloud.google.com/migrate/compute-engine/docs/4.8/reference/supported-os-ve
rsions
Offline migration entails greater downtime. Also remember that Linux VMs require
preparation in the form of installing the Migrate for Compute Engine RPM.
https://cloud.google.com/migrate/compute-engine/docs/4.8/resources/downloads
https://cloud.google.com/migrate/compute-engine/docs/4.8/concepts/requirements
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/configure-manager
/configuring-vms-vm
Note that vCenter is mandatory. Version 5.0/1 may be used in certain configurations.
For operation, the best way is to create a role with required privileges using the
provided script.
● Alarms
○ Create alarm
○ Modify alarm
○ Remove alarm
○ Set alarm status
● Datastore
○ Low level file operations
● Extension
○ Register extension
○ Unregister extension
○ Update extension
● Global
○ Cancel task
○ Enable methods
○ Disable methods
○ Licenses
○ Log event
● Task
○ Create task
○ Update task
● Virtual Machine
○ Provisioning > Allow disk access
○ Provisioning > Allow disk read-only access
○ Provisioning > Allow virtual machine download
○ Snapshot management > Create snapshot
○ Snapshot management > Remove snapshot
○ Snapshot management > Revert to Snapshot
○ Snapshot management > Rename Snapshot
○ Configuration > Configure managedBy
○ Interaction > Power On
○ Interaction > Power Off
Migrate for Compute Engine pre-reqs: AWS source
● AWS account
● AWS IAM user account to manage resources
○ Programmatic Access
○ Downloaded keys provided to Migrate for Compute Engine
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/migrate-aws-to-gc
p/aws-prerequisites
https://storage.googleapis.com/Migrate for Compute
Engine-release/V4.2.0/Latest/CloudFormation.zip
Agenda
Introduction
VPC
Project
Migrate for Compute VM subnet (us-east 1)
Engine subnet (us-east1)
Using a single project for the Migrate for Compute Engine infrastructure and migrated
workloads is the simplest scheme.
In this setup
● You create roles at the project level that combine the necessary permissions
for the Manager and Extension services.
● You also create service accounts, one for the Manager and one for
extensions.
● You then assign the roles to the service accounts
● You can place all the Migrate for Compute Engine components in their own
subnet (or not)
● All migrated resources end up within the source project
This structure might make sense for POCs, but 99% of the time it's too simple.
Resource management: Shared VPC
Infra Role assignment
CE Role assignment (optional)
Cloud Migration Infra Manager Role
Organization Cloud Migration Storage Access Role
Velostrata Manager SA
Velostrata Cloud Extension SA
VM Role assignment
Migrate for Compute Engine Project (Shared VPC Host) CE Role assignment
Service project
VPC
Velos Manager
Compute Engine
Often, companies will want to place different workloads in different project. In these
cases, you can use Shared VPC networks and multiple projects.
In this setup
● You create roles at the project level that combine the necessary permissions
for the Manager and Extension services, but at the ORG level so they can be
used by all projects.
● You also create service accounts, one for the Manager and one for
extensions, within the Host project (which houses your Migrate for Compute
Engine resources)
● You can either assign roles to the service accounts on individual service
projects, or assign at the org of folder level and have the assignment inherit
down
● Migrated VMs go into service projects, but are connected to the host VPC
assets
Configuring required service accounts and roles
Velostrata Manager Cloud Migration Infra
service account Manager role
Velostrata Cloud
Cloud Migration Cloud
Extension service
Assignments Extension role
account
Cloud IAM
GCP Project
python3 /google/velostrata/velostrata_sa_roles.py -p
infrastructure-project -d deployment-name
Velos Mgr.
Compute Engine
Edge Nodes
Compute Engine
Migrated VMs
Compute Engine
GCP
Cloud APIs
The Migrate for Compute Engine Manager orchestrates migration operations and
serves the Web UI.
The Manager VM needs to access GCP API endpoints. The management UI should
not be accessible from the public internet; you'll need to access it using a machine
that can route traffic to the internal IP address.
You might install multiple Manager appliances if you are migrating to different projects
and shared vpcs, or if there are multiple teams doing migrations, etc.
Migrate for Compute Engine backend
You download to the OVA where you are accessing the vCenter Web UI. You will
upload the OVA file to the vCenter appliance as part of the deployment process.
You create the token in the Migrate for Compute Engine Manager UI, and it's good for
up to 90 minutes. You then copy the token from the UI and paste it into the OVF
deployment wizard.
VMware user and role
You can do the user creation, role creation, and role assignment using the
administrator account, or any other account with appropriate permissions.
You could configure Migrate for Compute Engine to use a full administrator account,
but that's not consistent with the principle of least privilege.
Once the Migrate for Compute Engine Backend has successfully connected and
registered with the Migrate for Compute Engine Manager on GCP, you need to
register and deploy the Migrate for Compute Engine VMware vCenter Web Client
Plugin. This enables Migrate for Compute Engine management operations and
monitoring in the vCenter UI.
Important: Each Migrate for Compute Engine vCenter plugin can communicate with
only one Migrate for Compute Engine Manager per vCenter server. When
administering multiple vCenter servers in Linked Mode, deploy one Migrate for
Compute Engine Manager per cluster. Then register the Migrate for Compute Engine
vCenter Plugin with each vCenter server from the corresponding Migrate for Compute
Engine Manager.
Cloud extensions
Each Cloud Extension supports 10–50 concurrent VMs. Note that these are soft
limits, and actual performance will vary based on various factors.
You can run more than one Cloud Extension simultaneously to handle a larger
migration. You would also typically install a CE for each region you will be migrating
to.
The total number of Cloud Extensions necessary for a migration is a function of the
total number of VMs divided by the capacity of the Cloud Extension. For example, for
a migration of 1000 VMs, Migrate for Compute Engine recommends using five Cloud
Extensions, each hosting 50 VMs. The migration would use these Cloud Extensions in
four waves.
Cloud Extensions are created and configured either using the Migrate for Compute
Engine vCenter plug-in or the Migrate for Compute Engine Manager.
Cloud Extension VMs stop if idle for 60+ minutes. Extensions are considered idle if
there are no VMs running in cloud. If Extensions are stopped, migration operations
will take a little longer as they must wait for extension to start before the operation can
be performed.
AWS source cloud configuration
● Once IAM has been configured in AWS, you need to create a Cloud
Credential object in Migrate for Compute Engine Manager
● Cloud Details objects are also created in Migrate for Compute Engine
Manager
○ Define credentials to use, region, VPC, subnet, etc.
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/migrate-aws-to-gc
p/aws-prerequisites
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/migrate-aws-to-gc
p/configure-aws-as-a-source
The credential object will have AWS user access and secret keys
https://cloud.google.com/migrate/compute-engine/docs/4.8/resources/known-issues
Typical storage throughput - Due to vSphere Storage API limitations, throughput per
on-premises VMDK is limited to about 20-30MB/sec. When workloads are highly
concentrated on a single disk, initial performance may be limited due to increased in
latency back on-premises. This situation typically resolves itself within minutes, as
soon as a sufficient amount of data is cached in the cloud.
Maximum concurrent read sessions per ESX host - Due to vSphere Storage API
limitations, the number of storage sessions per ESX host is constrained. Migrate for
Compute Engine limits the number of VMDKs or RDMs that can be connected to VMs
in the cloud to 60 per ESX host. Multiple ESX hosts may be used. These hosts can be
of minimal specs.
If you need to migrate VMs to multiple VPCs, you can perform multiple installations of
Migrate for Compute Engine Manager. However, you can only have one connection
from a vCenter host to a Migrate for Compute Engine manager, so you'll need to
reconfigure source environments between migrations.
Lab 9
Installing Migrate for Compute Engine
Agenda
Introduction
Migrate Prepare to
Model Test Run-in-cloud
storage detach Detach
Run on Prem
/ Cancel
Optional “safety
net” that allows
reverting to an
on-prem VM
Modelling, runbooks, and automation will be covered in the next section. This section
focuses on the other operations represented in the diagram.
Pre-migration testing with clones
Datacenter
Cloned VM
● Benchmark latency, throughput, errors, etc. Compute Engine
Caching
A clone VM is started in GCP, boots using a proprietary boot image, gets data via
streaming. Cloned VM will boot in approximately 10 minutes. The storage policy is
write isolation, which means that any changes to VM-connected storage are cached
locally in GCP, and never replicated back to original VM. This allows for a certain level
of isolation in your testing.
Keep in mind side-effects that might occur when testing clones. While VM storage
changes won't affect production, other application activities on your clone might
impact production:
- Changes to production DB
- Messages sent via message broker might get handled by production services
- Calls to other microservice might get handled by production services
- Network traffic generated might impact production networks
It's your responsibility to ensure your testing is isolated and doesn't impact product.
Running in the cloud Migrate for Compute
Engine RPM
Datacenter
migration Caching
Cloud Storage
● Can be monitored
○ Progress via Migrate for Compute Engine Manager
○ Bandwidth consumption via vCenter
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/migrate-on-premis
es-to-gcp/migrating-on-premises-storage
Preparing to detach
Datacenter
Caching
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/vm-operations/det
aching-a-vm
You are offered choice of standard or SSD persistent disk types when creating
the GCP native PDs.
Migrate vs. Run in Cloud
By not performing the Prepare to Detach operation, you avoid building and
paying for the exporter instance.
Detaching
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/vm-operations/det
aching-a-vm
Any changes to vm-attached storage after detach will be lost if you cancel the
detach and/or run on prem.
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/vm-operations/det
aching-a-vm#start-detach-cleanup
If you choose to force clean up, it will complete the action without waiting for
internal subtasks to complete (deleting object store, talking to cloud
extension).
Cancel Detach and Run On-Premises
Datacenter
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/migrate-on-premis
es-to-gcp/migrating-on-premises-storage
You might choose to cancel detach but not Run On-Premises if there are
problems with detached machine that didn't exist when running in cloud, and
you want to return to a steady state, but not return to datacenter (which might
entail unwanted on-prem configuration changes).
If you choose to force a Run On-Premises, when using the write-back storage
policy, the latest consistency checkpoint is used, and changes made after the
checkpoint are abandoned. This might be necessary if the cloud cache is
inaccessible.
Miscellaneous operations
● Reconfiguration operations
○ Change instance type
○ Change storage policy
○ Performed via wizard in vCenter Web Client
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/vm-operations/pow
ering-on
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/vm-operations/rec
onfiguring-a-vm
Note: A reboot is required when changing the instance type. The VM's private
IP address and other identifiers remain the same.
You can change the storage policy from write-back mode to write-isolation
mode and vice versa. A typical reason for changing the storage mode is to
promote an instance from a test environment to production.
If you change the storage policy from write-isolation mode to write-back mode,
the data is written back to on-premises. After the data is synchronized, you can
then run the VM back on-premises.
If you do a power off in the GCP Console, it will trigger a Stop in Cloud
operation in vCenter/Migrate for Compute Engine. However, if you start a VM
via the console, Migrate for Compute Engine - which consider the VM stopped -
will immediately initiate a Stop in Cloud action and turn it back off. It's best to
start/stop VM from vCenter or Migrate for Compute Engine Manager.
Migrating from AWS
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/migrate-aws-to-gc
p/migrating-aws-vms
Data is not synched back into AWS; if you perform a Run On Premises
operation, you will lose any changes to local storage that have occurred in the
cloud.
At the end of the Run-in-cloud process, the original instance in AWS is intact
and powered off.
You may perform AWS migrations manually or via automation (covered in next
section).
Migrating from Azure
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/migrate-aws-to-gc
p/migrating-aws-vms
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/migrate-azure-to-g
cp/migrating-azure-vms
Data is not synched back into AWS; if you perform a Run On Premises
operation, you will lose any changes to local storage that have occurred in the
cloud.
At the end of the Run-in-cloud process, the original instance in AWS is intact
and powered off.
You may perform AWS migrations manually or via automation (covered in next
section).
Be careful of...
Migrated VMs will always be provisioned with a single NIC. You will need to do
post-migration configuration to add additional network interfaces.
Lab 10a
Migration Operations with Migrate for Compute
Engine
Agenda
Introduction
Eliminate toil
Automated tools can ensure that each machine is moved the same way. This means
either all the machines are moved successfully, or they fail in the same way - which
makes it easier to diagnose and resolve.
Automation also significantly reduces the amount of hands-on time required from
operations staff during migration.
Scheduling with sprints
Sprints will obviously be ordered according to the priorities for the project overall.
One sprint will typically comprise all the VMs for a given app or set of apps.
Organizing waves of machines in runbooks
A sprint will often be broken into waves. For purposes of the class, we define a wave
as the machines associated with an application.
A runbook is a CSV file with a list of machines to migrate, ordering information, and
per-machine migration settings.
Migrate for Compute Engine creates configuration objects called Wave, populated via
a runbook (you will operate against the machines in the runbook as a unit).
A job is a specific migration operation performed against a wave (e.g. run in cloud).
Working with Runbooks
https://cloud.google.com/migrate/compute-engine/docs/4.8/reference/runbooks/
Other tools that can generate runbooks include Stratozone and any custom tooling
that teams build to write CSV files conforming to the Runbook schema.
The runbook generated by querying AWS or vCenter will require significant editing to
make it usable. At a minimum, you will need to set a RunGroup for at least one VM,
and set the targetinstancertype for any VMs assigned to run groups.
Rightsizing VMWare VM
(2 vCPU; 7GB RAM)
Cost-based recommendation
https://cloud.google.com/migrate/compute-engine/docs/4.8/concepts/planning-a-migra
tion/cloud-instance-rightsizing
The output of the Right-Sizing action is a new Runbook file that includes a OptRec
column that contains the recommendations. If you wish to use the recommendations,
you must copy the values from this column into the TargetInstanceType column.
There's no one-size-fits-all practice for choosing the right size. Tools will make
recommendations for peak loads, 99% loads, etc. You will have to work with the
customer to determine the desired approach. Once you've decided, you can configure
the right-sizing as part of your runbook. Keep in mind you can always over-provision a
bit here, and then during the optimize phase take GCP's recommendations to adjust
vm sizing.
Migrating Waves
Runbook
Job 2: Job 3:
Detach Cleanup
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/organizing-migratio
ns/creating-new-waves
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/organizing-migratio
ns/creating-aborting-jobs
Before taking any action on a wave by creating jobs, the wave must be validated.
Validation finds semantic errors such as invalid or nonexistent:
- VM IDs
- Connectivity from GCP to the vSphere environment or AWS
- Cloud Extension IDs
- GCP instance types
- GCP cloud details
- GCP subnets
- GCP projects
- GCP service accounts
Migrate for Compute Engine supports custom service accounts only. Validation fails
with built-in GCP service accounts.
For sole-tenant and Windows Bring Your Own License (BYOL) VMs, Migrate for
Compute Engine performs the following additional validations:
- Whether the keys and values for node affinity exist.
- Whether the selected instance type has more than two cores.
- Whether the Host Maintenance Policy agrees with the type of license selected.
- Validation must complete without errors in order to add jobs.
To perform a validation:
The validation may take several minutes to complete. When it completes, a validation
status column appears in the table. If a validation fails, click Failed within the row to
see the failure messages.
If validation fails, fix your runbook and reload it, or change your environment settings,
for example, Cloud Details in Migrate for Compute Engine Manager. Then re-run the
validation until it succeeds.
Monitoring Waves
● REST APIs allow for automation and integration with third-party tools
○ Manage Cloud Extensions, VMs, Tasks, Runbooks
○ Protected by basic HTTP authentication
○ Easy exploration via https://<Migrate for Compute Engine
ip>/swaggerUI/
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/automating-migrati
on/installing-powershell-module
https://storage.googleapis.com/Migrate for Compute
Engine-release/V4.2.0/Latest/Migrate for Compute Engine.PowerShell.4.2.0.msi
● The strategy for moving an app will depend on the app and the
requirements of the business
Criticality
Sensitivity to downtime
● For stateless apps, you can load balance across the interconnect
○ Load balancers in front of on-prem and GCP instances
○ DNS load balancing sending traffic to both load balancers
○ Minimizes downtime
1.
Offline migration install package
Windows Server 2008
32-bit
● Enables migration of operating systems that
don't support streaming
Offline Migration
○ Windows Server 2003
○ Window Server 2008 (non-R2)
○ Ubuntu 12 Run in cloud /
Shut down VM
stop
● The process is automated and will
○ Shut down on-prem VM
Storage Detach/
○ Run-in-cloud, then shut off cloud instance migration cleanup
○ Perform full storage migration, detach, cleanup
○ Power on cloud VM
Start VM
● Special preparation required for some OSes
With offline migration, Migrate for Compute Engine enables you to migrate
workloads running on vSphere with operating systems that are not currently
supported by Migrate for Compute Engine's streaming technology.
During the offline migration process, all storage migrates to the cloud first, and
then the VM starts.
Another use case for offline migration is storage-only migration for VMs that
aren't supported by the cloud provider. These are typically VMs with older
operating systems, for example Red Hat 4. With storage-only migration, you
can migrate volumes and then reattach them to a VM with a supported OS.
For Windows Server 2008 non-R2, 32-bit: Windows Server 2008 32-bit requires
package installation before starting offline migration.
https://storage.googleapis.com/Migrate for Compute
Engine-release/V4.2.0/Windows-2008R1-Drivers/Windows%202008R1%2032b
it%20Drivers.zip
Physical server migration concepts
Migrate for Compute Engine
● Physical server can be migrated much like VMs
Connector ISO
○ VM is created in GCP
○ Data is streamed from physical server
○ Storage can be migrated, VM can be detached, Physical Server
(supported OS)
etc.
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/prepare-vms-serve
rs/physical-servers
You can migrate a physical server to the cloud by booting a Migrate for
Compute Engine Connector ISO image into RAM from a virtual or physical DVD
ROM/CD ROM device.
The Migrate for Compute Engine connector maps the local storage of the
physical server and creates a stub VMware VM as a management object for
Migrate for Compute Engine cloud migration operations.
The migration proceeds the same as the migration of other VMs, except that
migrations are performed in write-isolation mode, where data changes made in
the cloud are not synced back on-premises.
Note: The stub VM only allows Migrate for Compute Engine to manage the
physical server's migration via vSphere, and does not perform operations
beyond that. It has no network interface and minimal CPU and RAM.
Physical server migration requirements
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/prepare-vms-serve
rs/physical-servers
System requirements
- Disk types: supported include SAS, SATA, SSD, virtual disks presented
by the hardware controller, and SAN volumes mounted on physical
HBAs. PATA/IDE disks are not supported.
- RAM: A minimum of 4GB RAM is recommended. For machines with less
than 4 GB RAM, press any key during the boot splash screen (the screen
with the keyboard icon), and choose the Migrate for Compute Engine
Connector low memory option from the menu. This option reads
on-demand from the CD image.
- DVDROM/CDROM: A physical DVDROM/CDROM or virtual CDROM from
which to boot the Migrate for Compute Engine Connector ISO.
Multiple IP addresses
You can set the metadata properties in waves by configuring tag columns in the
runbook. You will have to configure the alias ranges manually or with some
extra-Migrate for Compute Engine automation.
DNS configuration
instances
○ dns-servers
○ dns-domain-suffixes
Metadata Corp DNS Server
○ dns-domain-name (Windows)
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/networking/using-e
xternal-dns
Google Cloud Platform (GCP) VPC networks have an internal DNS service but do not
automatically support configuring external DNS for a VM. Enterprises, however, may
prefer to manage their own DNS servers and thus need to configure external DNS on
migrated VMs.
Migrate for Compute Engine provides a way to set and control the external DNS
settings of migrated VMs. To do this, you configure DNS settings in the GCP project
(and region) using GCP project metadata. These settings are applied to new VMs as
they are migrated.
Note: DHCP retrieves the primary IP address, subnet masks, gateway, and other
necessary network details.
When empty DNS metadata is provided (such as default-dns-servers = ""), DHCP
overwrites the DNS configuration.
You can set the metadata properties in waves by configuring tag columns in the
runbook.
Linux and premium OS licenses
● There are two licensing options when migrating VMs running Red Hat
Enterprise Linux or SUSE Linux Enterprise Server
○ BYOL licensing
○ Premium OS licensing via Marketplace
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/prepare-vms-serve
rs/using-premium-os-licenses
With BYOL - you are responsible for managing the licensing, and you pay full license
fee regardless of how much you use the VM.
With Marketplace licensing, you only pay a pro-rated amount for the software license
based on VM usage.
● RHEL 6 - https://www.googleapis.com/compute/v1/projects/rhel-cloud/global/
licenses/rhel-6-server
● RHEL 7 - https://www.googleapis.com/compute/v1/projects/rhel-cloud/global/
licenses/rhel-7-server
● SLES 11 - https://www.googleapis.com/compute/v1/projects/suse-cloud/global/
licenses/sles-11
● SLES 12 - https://www.googleapis.com/compute/v1/projects/suse-cloud/global/
licenses/sles-12
Microsoft BYOL licensing with Migrate for Compute
Engine
● VMs are migrated with Waves/Runbooks
● Configure the columns within Runbook
Column Value
SoleTenancy-VmHostMaintenancePolicy terminate
Adaptations
Linux VM Windows VM
C:\Program
Migrate for Compute Engine
Files\velostrata\System
RPM
Scripts
C:\Program
/opt/velostrata/actions/
Files\velostrata\User
<phase>.rules
Scripts
/etc/velostrata/actions/
<phase>.rules
https://cloud.google.com/migrate/compute-engine/docs/4.8/concepts/planning-a-migra
tion/vm-adaptations
Migrate for Compute Engine prepares Linux VMs for booting in GCP using an
automatically installed package. Changes are activated only when detecting a
run-in-cloud operation, and the package can remain installed after the VM has been
migrated. If the package is uninstalled, all changes are reverted.
When you migrate a VM that has VMware tools installed, Migrate for Compute Engine
shuts down the VM gracefully and takes a snapshot of the VM. Migrate for Compute
Engine then modifies the networking and storage drivers to allow the VM to boot on
GCP. These modifications include:
● Linux VMs use rules files which specify actions and order
○ One file per phase (on-prem, run-in-cloud, detach)
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/prepare-vms-serve
rs/windows-adaptations
https://cloud.google.com/migrate/compute-engine/docs/4.8/how-to/prepare-vms-serve
rs/linux-adaptations
origin = on-prem
velos = run in cloud
detach = after detach
Rule parameters
The following parameters for rules can be defined in each <PHASE>.rules file:
For Windows systems, Migrate for Compute Engine provides some OS adaptation
scripts by default. You can also provide additional scripts by saving them to this
directory:
The registry is updated to run the scripts (also known as UserTasks) on startup
depending on the environment where the VM is running (also known as the
MachineState).
The tasks are executed sequentially in alphabetical order. If the order of the tasks is
important, use numerical prefixes in the task names, such as 10_ResetWMI and
20_ConfigKMS. Be sure to use absolute paths in the user script because relative
paths won't resolve correctly.
Important: In order for the tasks to be properly configured, scripts must be saved in
the UserScripts directory and the registry keys must be updated. The following section
describes how you can easily do this using an assistance script. Note that only
PowerShell scripts can be used for this purpose.
Migrate for Compute Engine provides a PowerShell module that simplifies installation
of your user script on a relevant VM. The script validates user input to prevent
inconsistent states, copies the user script to the UserScripts directory, and creates a
tree if needed. The PowerShell module also creates the relevant registry keys and
their trees, and fills in the appropriate values.
Run on Prem
/ Cancel
Optional “safety
net” that allows
reverting to an
on-prem VM
Migrations happen in sprints and waves
Migrate
Prepare Execute move of
Build target
apps and
environments and
services to GCP
select migration
candidates from
backlog
Migration
Improve
Learn lessons,
Sprint
improve Test / Verify
Conduct UAT and
migration
regression testing
process
Optimize
Decouple state
and stateless,
scale horizontally,
rightsize & PVM
Improving the process
Review Retrospective
Done/Not Done What went well Decide on what to improve
● You should create a test environment to further practice with Migrate for
Compute Engine (if you don't already have one)
● A guide for setting up your lab environment can be found at
http://bit.ly/velos-lab
< Action Safe