| title | description | author | ms.author | ms.manager | ms.topic | ms.date |
|---|---|---|---|---|---|---|
Support for VMware migration in Azure Migrate |
Learn about support for VMware VM migration in Azure Migrate. |
anvar-ms |
anvar |
bsiva |
conceptual |
06/08/2020 |
This article summarizes support settings and limitations for migrating VMware VMs with Azure Migrate: Server Migration . If you're looking for information about assessing VMware VMs for migration to Azure, review the assessment support matrix.
You can migrate VMware VMs in a couple of ways:
- Using agentless migration: Migrate VMs without needing to install anything on them. You deploy the Azure Migrate appliance for agentless migration.
- Using agent-based migration: Install an agent on the VM for replication. For agent-based migration, you deploy a replication appliance.
Review this article to figure out which method you want to use.
This section summarizes requirements for agentless VMware VM migration to Azure.
The table summarizes VMware hypervisor requirements.
| VMware | Details |
|---|---|
| VMware vCenter Server | Version 5.5, 6.0, 6.5, 6.7, 7.0. |
| VMware vSphere ESXI host | Version 5.5, 6.0, 6.5, 6.7, 7.0. |
| vCenter Server permissions | Agentless migration uses the Migrate Appliance. The appliance needs these permissions in vCenter Server: - Datastore.Browse (Datastore -> Browse datastore): Allow browsing of VM log files to troubleshoot snapshot creation and deletion. - Datastore.FileManagement (Datastore -> Low level file operations): Allow read/write/delete/rename operations in the datastore browser, to troubleshoot snapshot creation and deletion. - VirtualMachine.Config.ChangeTracking (Virtual machine -> Disk change tracking): Allow enable or disable change tracking of VM disks, to pull changed blocks of data between snapshots. - VirtualMachine.Config.DiskLease (Virtual machine -> Disk lease): Allow disk lease operations for a VM, to read the disk using the VMware vSphere Virtual Disk Development Kit (VDDK). - VirtualMachine.Provisioning.DiskRandomRead (Virtual machine -> Provisioning -> Allow read-only disk access): Allow opening a disk on a VM, to read the disk using the VDDK. - VirtualMachine.Provisioning.DiskRandomAccess (Virtual machine -> Provisioning -> Allow disk access): Allow opening a disk on a VM, to read the disk using the VDDK. - VirtualMachine.Provisioning.GetVmFiles (Virtual machine -> Provisioning -> Allow virtual machine download): Allows read operations on files associated with a VM, to download the logs and troubleshoot if failure occurs. - VirtualMachine.State.* (Virtual machine -> Snapshot management): Allow creation and management of VM snapshots for replication. - VirtualMachine.Interact.PowerOff (Virtual machine -> Interaction -> Power off): Allow the VM to be powered off during migration to Azure. |
| Multiple vCenter Servers | A single appliance can connect to up to 10 vCenter Servers. |
The table summarizes agentless migration requirements for VMware VMs.
| Support | Details |
|---|---|
| Supported operating systems | You can migrate Windows and Linux operating systems that are supported by Azure. |
| Windows VMs in Azure | You might need to make some changes on VMs before migration. |
| Linux VMs in Azure | Some VMs might require changes so that they can run in Azure. For Linux, Azure Migrate makes the changes automatically for these operating systems: - Red Hat Enterprise Linux 8, 7.9, 7.8, 7.7, 7.6, 7.5, 7.4, 7.0, 6.x - Cent OS 8.x, 7.7, 7.6, 7.5, 7.4, 6.x - SUSE Linux Enterprise Server 15 SP0, 15 SP1, 12, 11 SP4, 11 SP3 - Ubuntu 20.04, 19.04, 19.10, 14.04LTS, 16.04LTS, 18.04LTS - Debian 10, 9, 8, 7 - Oracle Linux 8, 7.7-CI, 7.7, 6 For other operating systems, you make the required changes manually. |
| Boot requirements | If /boot is on a dedicated partition, it should reside on the OS disk, and not be spread across multiple disks. If /boot is part of the root (/) partition, then the '/' partition should be on the OS disk, and not span other disks. |
| UEFI boot | Supported. UEFI-based VMs will be migrated to Azure generation 2 VMs. |
| Disk size | up to 2 TB OS disk for gen 1 VM and gen 2 VMs; 32 TB for data disks. |
| Disk limits | Up to 60 disks per VM. |
| Encrypted disks/volumes | VMs with encrypted disks/volumes aren't supported for migration. |
| Shared disk cluster | Not supported. |
| Independent disks | Not supported. |
| RDM/passthrough disks | If VMs have RDM or passthrough disks, these disks won't be replicated to Azure. |
| NFS | NFS volumes mounted as volumes on the VMs won't be replicated. |
| iSCSI targets | VMs with iSCSI targets aren't supported for agentless migration. |
| Multipath IO | Not supported. |
| Storage vMotion | Not supported. Replication won't work if a VM uses storage vMotion. |
| Teamed NICs | Not supported. |
| IPv6 | Not supported. |
| Target disk | VMs can only be migrated to managed disks (standard HDD, standard SSD, premium SSD) in Azure. |
| Simultaneous replication | Up to 300 simultaneously replicating VMs per vCenter Server with 1 appliance. Up to 500 simultaneously replicating VMs per vCenter Server when an additional scale-out appliance is deployed. |
| Automatic installation of Azure VM agent (Windows and Linux Agent) | Supported for Windows Server 2008 R2 onwards. Supported for RHEL6, RHEL7, CentOS7, Ubuntu 14.04, Ubuntu 16.04, Ubuntu18.04, Ubuntu 19.04, Ubuntu 19.10, Ubuntu 20.04. |
Note
In addition to the Internet connectivity, for Linux VMs, ensure that the following packages are installed for successful installation of Microsoft Azure Linux agent (waagent):
- Python 2.6+
- OpenSSL 1.0+
- OpenSSH 5.3+
- Filesystem utilities: sfdisk, fdisk, mkfs, parted
- Password tools: chpasswd, sudo
- Text processing tools: sed, grep
- Network tools: ip-route
Tip
Using the Azure portal you'll be able to select up to 10 VMs at a time to configure replication. To replicate more VMs you can use the portal and add the VMs to be replicated in multiple batches of 10 VMs, or use the Azure Migrate PowerShell interface to configure replication. Ensure that you don't configure simultaneous replication on more than the maximum supported number of VMs for simultaneous replications.
Agentless migration uses the Azure Migrate appliance. You can deploy the appliance as a VMware VM using an OVA template, imported into vCenter Server, or using a PowerShell script.
- Learn about appliance requirements for VMware.
- Learn about URLs that the appliance needs to access in public and government clouds.
- In Azure Government, you must deploy the appliance using the script.
| Device | Connection |
|---|---|
| Appliance | Outbound connections on port 443 to upload replicated data to Azure, and to communicate with Azure Migrate services orchestrating replication and migration. |
| vCenter server | Inbound connections on port 443 to allow the appliance to orchestrate replication - create snapshots, copy data, release snapshots. |
| vSphere/ESXI host | Inbound on TCP port 902 for the appliance to replicate data from snapshots. Outbound port 902 from ESXi host. |
This section summarizes requirements for agent-based migration.
This table summarizes assessment support and limitations for VMware virtualization servers.
| VMware requirements | Details |
|---|---|
| VMware vCenter Server | Version 5.5, 6.0, 6.5, or 6.7. |
| VMware vSphere ESXI host | Version 5.5, 6.0, 6.5, or 6.7. |
| vCenter Server permissions | A read-only account for vCenter Server. |
The table summarizes VMware VM support for VMware VMs you want to migrate using agent-based migration.
| Support | Details |
|---|---|
| Machine workload | Azure Migrate supports migration of any workload (say Active Directory, SQL server, etc.) running on a supported machine. |
| Operating systems | For the latest information, review the operating system support for Site Recovery. Azure Migrate provides identical VM operating system support. |
| Linux file system/guest storage | For the latest information, review the Linux file system support for Site Recovery. Azure Migrate has identical Linux file system support. |
| Network/Storage | For the latest information, review the network and storage prerequisites for Site Recovery. Azure Migrate provides identical network/storage requirements. |
| Azure requirements | For the latest information, review the Azure network, storage, and compute requirements for Site Recovery. Azure Migrate has identical requirements for VMware migration. |
| Mobility service | The Mobility service agent must be installed on each VM you want to migrate. |
| UEFI boot | Supported. UEFI-based VMs will be migrated to Azure generation 2 VMs. |
| UEFI - Secure boot | Not supported for migration. |
| Target disk | VMs can only be migrated to managed disks (standard HDD, standard SSD, premium SSD) in Azure. |
| Disk size | up to 2 TB OS disk for gen 1 VM; up to 4 TB OS disk for gen 2 VM; 32 TB for data disks. |
| Disk limits | Up to 63 disks per VM. |
| Encrypted disks/volumes | VMs with encrypted disks/volumes aren't supported for migration. |
| Shared disk cluster | Not supported. |
| Independent disks | Supported. |
| Passthrough disks | Supported. |
| NFS | NFS volumes mounted as volumes on the VMs won't be replicated. |
| iSCSI targets | Supported. |
| Multipath IO | Not supported. |
| Storage vMotion | Supported |
| Teamed NICs | Not supported. |
| IPv6 | Not supported. |
When you set up the replication appliance using the OVA template provided in the Azure Migrate hub, the appliance runs Windows Server 2016 and complies with the support requirements. If you set up the replication appliance manually on a physical server, then make sure that it complies with the requirements.
- Learn about replication appliance requirements for VMware.
- MySQL must be installed on the appliance. Learn about installation options.
- Learn about URLs that the replication appliance needs to access in public and government clouds.
- Review the ports the replication appliance needs to access.
| Device | Connection |
|---|---|
| VMs | The Mobility service running on VMs communicates with the on-premises replication appliance (configuration server) on port HTTPS 443 inbound, for replication management. VMs send replication data to the process server (running on the configuration server machine) on port HTTPS 9443 inbound. This port can be modified. |
| Replication appliance | The replication appliance orchestrates replication with Azure over port HTTPS 443 outbound. |
| Process server | The process server receives replication data, optimizes, and encrypts it, and sends it to Azure storage over port 443 outbound. By default the process server runs on the replication appliance. |
All on-premises VMs replicated to Azure (with agentless or agent-based migration) must meet the Azure VM requirements summarized in this table.
Component | Requirements
--- | --- | ---
Guest operating system | Verifies supported VMware VM operating systems for migration.
You can migrate any workload running on a supported operating system.
Guest operating system architecture | 64-bit.
Operating system disk size | Up to 2,048 GB.
Operating system disk count | 1
Data disk count | 64 or less.
Data disk size | Up to 32 TB
Network adapters | Multiple adapters are supported.
Shared VHD | Not supported.
FC disk | Not supported.
BitLocker | Not supported.
BitLocker must be disabled before you migrate the machine.
VM name | From 1 to 63 characters.
Restricted to letters, numbers, and hyphens.
The machine name must start and end with a letter or number.
Connect after migration-Windows | To connect to Azure VMs running Windows after migration:
- Before migration, enable RDP on the on-premises VM.
Make sure that TCP, and UDP rules are added for the Public profile, and that RDP is allowed in Windows Firewall > Allowed Apps, for all profiles.
For site-to-site VPN access, enable RDP and allow RDP in Windows Firewall -> Allowed apps and features for Domain and Private networks.
In addition, check that the operating system's SAN policy is set to OnlineAll. Learn more.
Connect after migration-Linux | To connect to Azure VMs after migration using SSH:
Before migration, on the on-premises machine, check that the Secure Shell service is set to Start, and that firewall rules allow an SSH connection.
After failover, on the Azure VM, allow incoming connections to the SSH port for the network security group rules on the failed over VM, and for the Azure subnet to which it's connected.
In addition, add a public IP address for the VM.
Select a VMware migration option.