Lift & Shift to Google Cloud Part 3 - Migrating VMs to the Cloud
by Niels Buekers, on Apr 11, 2018 11:38:00 AM
This series of blog posts intends to share real life experience with an enterprise lift & shift project from on-premise data centers into Google Cloud Platform (from now on referred to as GCP).
Missed part 1? Discover Google’s biggest mistake, before reading any further!
Start zipping your files..
When first confronted with the idea of migrating hundreds of production servers to GCP, we thought we were in over our heads. How was this gonna go? Zipping all files, upload them to Cloud Storage, re-create VM’s and unzipping the files on the new VM’s seemed hardly an option. Existing software packages were either expensive, or new to Cloud migrations. Luckily Google had just created a partnership with CloudEndure, which immediately cleared out 2 important factors: price and compatibility.
Believe it or not, while CloudEndure is a license-based tool when migrating to other clouds, thanks to its agreement with Google, it’s actually totally free when migrating to GCP! Talk about an obvious choice. You get a virtual unlimited amount of licenses on CloudEndure (at the time of writing), so I’m happy to convince any CFO out there.
As the recommended way by Google to migrate both (supported) Windows and Linux workloads onto GCP, you can be strongly confident things will work. Google even has a tutorial on using CloudEndure on its website, and the “import VM” button in the Cloud Console, conveniently and seamlessly redirects you to CloudEndure. Talk about integration!
Plug and Play
Well, that all seems smooth. “But how about actually doing stuff?” I hear you asking. Well that’s where the real surprise lies. The process is dead simple. After settings up the CloudEndure console using a GCP Service Account, you only have 2 more things to do:
- Configure some non-intrusive firewall rules on your on-prem and GCP
- Install a replication agent on the machines you want to migrate
Once configured, the agent will use block-level replication to replicate your entire VM (you can choose select disks vs all disks on a system) onto Google Cloud. CloudEndure spins up a replication server in your GCP project, which will accept incoming data and save it onto several disks in GCP. Installing an agent on every machine might sound scary. What will it do? How many resources will it take up? What about my bandwidth?
Test & Cutover
Once your server is 100% replicated onto the replicator instance in GCP, the most exciting part begins. Spinning up your VM on Google Cloud! CloudEndure makes a distinction between Test and Cutover. Both actions launch an exact replica on GCP. Data replication (to the replicator, not the launched test-VM of course) is not stopped, and you can run as many tests as you like. This is useful to finetune the CloudEndure Blueprint with things like disk types (SSD vs Standard), internal IP’s, validate network settings and machine type.
Once you’re happy with the result, and want to make the migration final, you launch the GCP instance a final time using Cutover.
The best practice we’re using is pointing the DNS to the to-be internal IP for the GCP VM while it’s not yet up, therefore in fact ‘disabling’ access for users. Then we launch the GCP instance, validate everything runs fine one last time, decouple the CloudEndure agent, shutdown the source system, and finally open the firewall to allow users to connect on it. Our migrated machine is now live on GCP!
Of course this is all done in well-communicated time windows, agreed upon with the users of the applications being run on that specific (group of) server(s).
But what about my Windows Server licenses?
As if this wasn’t easy enough, we’ve got one more surprise for you, especially if you’re under SPLA with your current infrastructure partner concerning Microsoft Licensing. Any Microsoft Windows Server license from your source systems is automatically converted to a pay-as-you-go license on Google Cloud.
Before closing of, there’s one recommendation I’d like to make, CloudEndure makes it extremely simple to replicate the data over a VPN. This should be extremely important to you, because it ensures a secure connection, rather than going over the Public Internet. Moreover, if you have a decent VPN, bandwidth is also guaranteed. When moving VM’s with Terabytes of data all combined, that’s definitely an advantage you don’t want to miss out on. Once you have setup your Cloud VPN with your on-premise systems, and tested that decently (e.g. using iperf3), all you need to do is check the checkbox in CloudEndure. The agent will then send the data replication to the internal IP of the GCP replicator, rather than the external IP. This forces the migration to happen over the VPN.
If only everything in IT was as simple.
Summarize lessons learned
- Use CloudEndure for migrations, because apart from being a free tool for Google Migration, it actually works. And in an exceptional case when it doesn’t, their support is really reactive and proactive.
- Go for peace-of-mind with a pay-as-you-go licensing model
Next up: the not-so-easy-parts of a plug-and-play migration. (SOON)