Edit

Rehost an on-premises dev/test environment on Azure Virtual Machines via Azure Migrate

  • Article

This article demonstrates how the fictional company, Contoso, rehosts its dev/test environment for two applications that run on VMware virtual machines (VMs) by migrating to Azure Virtual Machines.

The SmartHotel360 and osTicket applications in this example are open source. Download them for your own testing purposes.

Migration options

Contoso has several options available to move dev/test environments to Azure:

Migration options Outcome
Azure Migrate Assess and migrate on-premises VMs.

Run dev/test servers by using Azure infrastructure as a service (IaaS).

Manage VMs with Azure Resource Manager.
Azure DevTest Labs Quickly prepare development and test environments.

Minimize waste with quotas and policies.

Set automated shutdowns to minimize costs.

Build Windows and Linux environments.

Note

Read how Contoso moved its dev/test environment to Azure by using DevTest Labs.

Business drivers

The development leadership team outlines what they want to achieve with this migration. They aim to quickly move dev/test capabilities out of an on-premises datacenter and stop purchasing hardware to develop software. They seek to empower developers to create and run their environments without involvement from IT.

Note

Contoso uses the Pay-As-You-Go Dev/Test subscription offer for its environments. Each active Visual Studio subscriber on the team can use the Microsoft software that's included with the subscription virtual machines for dev/test at no extra charge. Contoso just pays the Linux rate for VMs that it runs. That includes VMs with SQL Server, SharePoint Server, or other software that's usually billed at a higher rate.

Migration goals

The Contoso development team pins down goals for this migration. These goals are used to determine the best migration method:

  • Contoso wants to quickly move out of its on-premises dev/test environments.
  • After migration, Contoso's dev/test environment in Azure should have enhanced capabilities over the current system in VMware.
  • The operations model moves from IT provisioned to DevOps with self-service provisioning.

Solution design

After Contoso pins down goals and requirements, they design and review a deployment solution and identify the migration process. The process includes the Azure services that Contoso uses for the migration.

Current application

  • The dev/test VMs for the two applications are running on VMs (WEBVMDEV, SQLVMDEV, OSTICKETWEBDEV, OSTICKETMYSQLDEV). These VMs are used for development before code is promoted to the production VMs.
  • The VMs are located on VMware ESXi host contosohost1.contoso.com (version 6.5).
  • The vCenter Server 6.5 (vcenter.contoso.com), which runs on a VM, manages the VMware environment.
  • Contoso has an on-premises datacenter (contoso-datacenter) with an on-premises domain controller (contosodc1).

Proposed architecture

  • Because the VMs are used for dev/test, they reside in the ContosoDevRG resource group in Azure.

  • The VMs are migrated to the primary Azure region (East US 2) and placed in the development virtual network (VNET-DEV-EUS2).

  • The web front-end VMs reside in the front-end subnet (DEV-FE-EUS2) in the development network.

  • The database VM resides in the database subnet (DEV-DB-EUS2) in the development network.

  • The on-premises VMs in the Contoso datacenter are decommissioned after the migration is done.

    Diagram of the proposed scenario architecture, with on-premises and virtual machines.

Database considerations

To support ongoing development, Contoso decides to continue to use existing VMs and migrate them to Azure. In the future, Contoso pursues the use of platform as a service (PaaS) services, such as Azure SQL Database and Azure Database for MySQL.

  • Database VMs are migrated as is without changes.
  • With the use of the Azure Dev/Test subscription offer, the computers running Windows Server and SQL Server don't incur licensing fees. The compute costs are kept to a minimum.
  • In the future, Contoso looks to integrate its development with PaaS services.

Solution review

Contoso evaluates the proposed design by listing pros and cons.

Consideration Details
Pros All of the development VMs are moved to Azure without changes, which makes the migration simple.

Contoso uses a lift-and-shift approach for both sets of VMs, so special configuration or migration tools aren't needed for the application database.

Contoso can take advantage of its investment in the Azure Dev/Test subscription to save on licensing fees.

Contoso retains full control of the application VMs in Azure.

Developers obtain rights to the subscription, which empowers them to create new resources without waiting for IT to respond to their requests.
Cons The migration only moves the VMs and doesn't move them to PaaS services for their development. Contoso needs to start supporting the operations of its VMs, including security patches. IT maintained the operation in the past, so Contoso needs to find a solution for this new operational task.

The cloud-based solution empowers the developers, and it doesn't have safeguards for overprovisioning systems. Developers can instantly provision their systems, but they might create resources that cost money and aren't included in the budget.

Note

Contoso can address the cons in its list by using DevTest Labs.

Migration process

Contoso migrates its development front end and database to Azure VMs by using the agentless method in the Azure Migrate: Server Migration tool.

  • Contoso prepares and sets up Azure components for Azure Migrate: Server Migration and prepares the on-premises VMware infrastructure.
  • The Azure infrastructure is in place, so Contoso configures the replication of the VMs through the Azure Migrate: Server Migration tool.
  • With everything prepared, Contoso starts replicating the VMs.
  • After replication is enabled and working, Contoso migrates the VMs by testing the migration. If successful, it's failed over to Azure.
  • After the development VMs are up and running in Azure, Contoso reconfigures its development workstations to point at the VMs now running in Azure.

Diagram of an overview of the migration process.

Azure services

Service Description Cost
Azure Migrate: Server Migration The service orchestrates and manages migrating on-premises applications, workloads, and AWS or GCP VM instances. During replication to Azure, Azure Storage charges are incurred. Azure VMs are created and incur charges when the migration occurs and the VMs are running in Azure. Learn more about charges and pricing.

Prerequisites

To run this scenario, Contoso needs:

Requirements Details
Azure Dev/Test subscription Contoso creates an Azure Dev/Test subscription to reduce costs up to 80 percent.

If you don't have an Azure subscription, create a free account.

If you create a free account, you're the admin of your subscription, and you can perform all actions.

If you use an existing subscription, but you're not the admin, work with the admin to assign you owner or contributor permissions.

If you need more granular permissions, see Manage Site Recovery access with Azure role-based access control.
Azure infrastructure Learn how Contoso set up an Azure infrastructure.
On-premises servers On-premises vCenter servers should run version 5.5, 6.0, 6.5, or 6.7.

ESXi hosts should run version 5.5, 6.0, 6.5, or 6.7.

One or more VMware VMs should run on the ESXi host.

Scenario steps

Contoso admins run the migration by following this process:

  • Step 1: Prepare Azure for Azure Migrate: Server Migration. Add the server migration tool to the Azure Migrate project.
  • Step 2: Prepare on-premises VMware for Azure Migrate: Server Migration. Prepare accounts for VM discovery and prepare to connect to Azure VMs after migration.
  • Step 3: Replicate VMs. Set up replication and start replicating VMs to Azure Storage.
  • Step 4: Migrate the VMs with Azure Migrate: Server Migration. Run a test migration to make sure everything's working and then run a full migration to move the VMs to Azure.

Step 1: Prepare Azure for the Azure Migrate: Server Migration tool

Contoso migrates the VMs to a virtual network where the Azure VMs reside when they're created, provisioned, and configured through the Azure Migrate: Server Migration tool.

Set up a network

Contoso already set up a network that can be for Azure Migrate: Server Migration when it deployed the Azure infrastructure.

  • The VMs that are migrated are used for development. They're migrated to the Azure development virtual network (VNET-DEV-EUS2) in the primary East US 2 region.
  • Both VMs are placed in the ContosoDevRG resource group, which is used for development resources.
  • The application front-end VMs (WEBVMDEV and OSTICKETWEBDEV) are migrated to the front-end subnet (DEV-FE-EUS2) in the development virtual network.
  • The application database VMs (SQLVMDEV and OSTICKETMYSQLDEV) are migrated to the database subnet (DEV-DB-EUS2) in the development virtual network.

Provision the Azure Migrate: Server Migration tool

  1. From Azure Migrate, download the .OVA image file and import it into VMware.

    Screenshot of downloading the OVA file in the Discover machines window.

  2. Open the imported image and configure the tool. Set up the prerequisites.

    Screenshot of the section for setting up prerequisites.

  3. Point the tool to the Azure subscription.

    Screenshot of the section for setting up discovery for Azure Migrate.

  4. Set the VMware vCenter credentials.

    Screenshot of the section for setting VMware vCenter credentials.

  5. Add Windows-based credentials for discovery.

    Screenshot of the section for discovering applications and dependencies on VMs.

  6. When you complete the configuration, the tool takes time to enumerate all the VMs. They populate in the Azure Migrate tool in Azure when this process finishes.

    For more information, see Add migration tools.

Step 2: Prepare on-premises VMs

After migration, Contoso wants to connect to the Azure VMs and allow Azure to manage the VMs. Before the migration, Contoso admins do the following steps:

  1. For access over the internet, the admins:

    • Enable RDP or SSH on the on-premises VM before migration.
    • Ensure that TCP and UDP rules are added for the Public profile.
    • Check that RDP or SSH is allowed in the operating system firewall.
    • Install SSH via the command sudo apt-get ssh install -y.

  2. For access over Site-to-Site VPN, the admins:

    • Enable RDP or SSH on the on-premises VM before migration.
    • Check that RDP or SSH is allowed in the operating system firewall.
    • For Windows, set the operating system's SAN policy on the on-premises VM to OnlineAll.

  3. Install the Azure Windows agent and the Azure Linux agent.

For Windows, there shouldn't be Windows updates pending on the VM when you trigger a migration. If there are, the admins can't sign in to the VM until the updates finish. After the migration, the admins can check Boot diagnostics to view a screenshot of the VM. If it's not visible, they should verify that the VM is running and review troubleshooting tips.

For more information, see Prepare on-premises machines for migration to Azure.

Step 3: Replicate the on-premises VMs

Before Contoso admins can run a migration to Azure, they need to set up and enable replication. With discovery completed, they can begin replicating VMware VMs to Azure.

  1. In the Azure Migrate project, go to Servers > Azure Migrate: Server Migration. Select Replicate.

    Screenshot that shows the Replicate button in the migration tools section.

  2. Go to Replicate > Source settings > Are your machines virtualized?, and select Yes, with VMware vSphere.

  3. In the On-premises appliance field, select the name of the Azure Migrate appliance that you set up, and then select OK.

    Screenshot that shows source settings and the box for the appliance name.

  4. In the Virtual machines tab, select the machines that you want to replicate.

    • If you've run an assessment for the VMs, you can apply VM sizing and disk type (premium or standard) recommendations from the assessment results. In the Import migration settings from an assessment? field, select Yes, apply migration settings from a Azure Migrate assessment.

    • If you didn't run an assessment or you don't want to use the assessment settings, select No, I'll specify the migration settings manually.

    • If you selected to use the assessment, select the VM group and assessment name.

      Screenshot that shows the assessment selection for virtual machines.

  5. In the Virtual machines tab, search for VMs as needed and check each VM you want to migrate. Then select Next: Target settings.

  6. In the Target settings tab, select the subscription and target region where you want to migrate. Specify the resource group where the Azure VMs reside after migration. In Virtual Network, select the virtual network or subnet to which the Azure VMs are joined after migration.

  7. In the Azure Hybrid Benefit field, select No if you don't want to apply Azure Hybrid Benefit and then select Next. Select Yes if you have Windows Server machines that are covered with active Software Assurance or Windows Server subscriptions and you want to apply the benefit to the machines you're migrating. Select Next.

    Note

    For Contoso, the admins select No for Azure Hybrid Benefit because this is an Azure Dev/Test subscription, so they only pay for the compute. Azure Hybrid Benefit is only used for production systems that have Software Assurance benefits.

  8. In the Compute tab, review the VM name, size, OS disk type, and availability set. VMs must conform with Azure requirements.

    • VM size: If you're using assessment recommendations, this dropdown list contains the recommended size. Otherwise, Azure Migrate selects a size based on the closest match in the Azure subscription. You can choose a manual size in Azure VM size.
    • OS disk: Specify the OS (boot) disk for the VM. The OS disk has the operating system bootloader and installer.
    • Availability set: If the VM should be in an Azure availability set after migration, specify the set. The set must be in the target resource group that you specify for the migration.

  9. In the Disks tab, specify whether to replicate the VM disks to Azure, select the disk type (Standard SSD/HDD or Premium SSD), and then select Next. You can exclude disks from replication. If you do, they aren't present on the Azure VM after migration.

  10. In the Review and start replication tab, review the settings, and select Replicate to start the initial replication for the servers.

Note

Before the replication starts, you can update the replication settings in Manage > Replicating machines. You can't change the settings after the replication starts.

Step 4: Migrate the VMs

Contoso admins run a quick test migration and then a full migration to migrate the VMs.

Run a test migration

  1. Go to Migration goals > Servers > Azure Migrate: Server Migration, and select Test migrated servers.

    Screenshot that shows the selection to test migrated servers.

  2. Select and hold (or right-click) the VM that you want to test, and then select Test migrate.

    Screenshot that shows the button for testing migration.

  3. In Test Migration, select the virtual network where the Azure VM is located after the migration. We recommend that you use a nonproduction virtual network.

  4. The Test migration job starts. Monitor the job in the portal notifications.

  5. After the migration finishes, view the migrated Azure VM in Virtual Machines in the Azure portal. The machine name has a -Test suffix.

  6. After the test is done, select and hold (or right-click) the Azure VM in Replicating machines, and then select Clean up test migration.

    Screenshot that shows the selection for cleaning up the test migration.

Run a full migration

Now Contoso admins run a full migration.

  1. In the Azure Migrate project, select Servers > Azure Migrate: Server Migration > Replicating servers.

    Screenshot that shows the selections for replicating servers.

  2. In Replicating machines, select and hold (or right-click) the VM, and then select Migrate.

  3. Go to Migrate > Shut down virtual machines and perform a planned migration with no data loss, and select Yes > OK. By default, Azure Migrate shuts down the on-premises VM and runs an on-demand replication to synchronize any VM changes that occurred since the last replication. This process ensures that no data is lost. If you don't want to shut down the VM, select No.

  4. A migration job starts for the VM. Track the job in Azure notifications.

  5. After the job finishes, you can view and manage the VM from the Virtual Machines page.

For more information, see Run a test migration and Migrate VMs to Azure.

Clean up after migration

The development VMs for the SmartHotel360 and osTicket applications run on Azure VMs when the migration is complete.

Contoso completes cleanup steps:

  • After the migration is complete, stop replication.
  • Remove the WEBVMDEV, SQLVMDEV, OSTICKETWEBDEV, and OSTICKETMYSQLDEV VMs from the vCenter inventory.
  • Remove all the VMs from local backup jobs.
  • Update the internal documentation to show the new location and IP addresses for the VMs.
  • Review any resources that interact with the VMs, and update any relevant settings or documentation to reflect the new configuration.

Review the deployment

With the application now running, Contoso now needs to fully operationalize and secure it in Azure.

Security

The Contoso security team reviews the Azure VMs to determine any security issues. To control access, the team reviews the network security groups (NSGs) for the VMs. NSGs are used to ensure that only traffic allowed to the application can reach it. The team considers securing the data on the disk by using Azure Disk Encryption and Azure Key Vault.

For more information, see Security best practices for IaaS workloads in Azure.

Business continuity and disaster recovery

For business continuity and disaster recovery, Contoso keeps the data safe. Contoso backs up the data on the VMs by using the Azure Backup service. For more information, see An overview of Azure VM backup.

Licensing and cost optimization

Contoso ensures that all development Azure resources are created through an Azure Dev/Test subscription to save 80 percent. The admins enable Azure Cost Management + Billing to help monitor and manage the Azure resources.

Conclusion

In this article, Contoso rehosted the development VMs that were used for its SmartHotel360 and osTicket applications in Azure. The admins migrated the application VMs to Azure VMs by using the Azure Migrate: Server Migration tool.