Migrating VMs with Aviatrix IPMotion and AWS Migration Hub Service¶
1. Solution Overview¶
This document describes how to migrate an on-prem VM to AWS while preserving its IP address. The migration tools we use are AWS Migration Hub service (AWS Server Migration Service) and Aviatrix IPmotion, where Aviatrix IPmotion feature enables IP address preservation after an VM is migrated to AWS via AWS Server Migration Service.
By preserving its IP address of an on-prem VM after migrating to AWS, dependencies of this VM to other on-prems are automatically preserved, thus there is no need to discover the dependencies for migration purpose. There is no need to update on-prem security rules, AD, DNS and Load Balancers.
2. Configuration Workflow¶
The instructions in this section will use the following network diagram. The CIDR and subnets may vary depending on your network setup; however, the general principle will be the same.
2.1 Prerequisites¶
Before setting up Aviatrix IPMotion for migration, make sure the following prerequisites are completed.
- Plan the Cloud Address and create an AWS VPC
- Setup AWS Server Migration Service (SMS) to create migrated AMIs
- Deploy an Aviatrix Virtual Appliance CloudN in On-Premise
These prerequisites are explained in detail below.
2.1.1 Plan the Cloud Address and create an AWS VPC¶
First identify the on-prem subnet from which you plan to migrate VMs. In this example, the subnet is 10.140.0.0/16 with two On-Prem VMs (10.140.0.45 and 10.140.0.46.)
(In this illustration, the cloud subnet is a public subnet. There are other design patterns you can follow.)
Then create an AWS VPC with a public subnet that has identical CIDR as the on-prem subnet where migration is to take place. For example, create a VPC CIDR 10.140.0.0/16 with a public subnet 10.140.0.0/16 in region Oregon. Note that it is not necessary for the migrated VMs to have public IP addresses.
| AWS Example Setting | Value |
|---|---|
| Cloud Type | AWS |
| Region | Oregon |
| VPC CIDR | 10.140.0.0/16 |
| Public Subnet | 10.140.0.0/16 |
2.1.2 Setup AWS Server Migration Service (SMS) to create a migrated AMI¶
Please refer to “AWS Server Migration Service – Server Migration to the Cloud Made Easy!” for detail.
AWS Server Migration Service – Server Migration to the Cloud Made Easy!
- Deploy the Server Migration Connector virtual appliance on On-Premise.
| vCenter Setting | Example |
|---|---|
| Setup networks | 10.140.0.0/16 |
- Configure the connector on On-Premise.
| Connector Setting | Example |
|---|---|
| AWS Region | US West (Oregon) |
- Import the server catalog on AWS SMS console
| AWS SMS Setting | Example |
|---|---|
| Replication job ID | VM which will be migrated to cloud (e.g. VM with ip 10.140.0.45) |
After completing the previous steps, a user is able to view and launch the migrated AMI in below console:
i.) AWS -> Migration -> Server Migration Service
ii.) AWS -> Compute -> EC2 -> Launch Instance
Please confirm the migrated AMI is ready on AWS console. This document will describe how to integrate the migrated AMI with IPMotion feature in 3.2.2 Step b.
2.1.3 Deploy an Aviatrix Virtual Appliance CloudN in On-Premise subnet¶
The Aviatrix Virtual Appliance CloudN must be deployed and setup in the on-prem subnet where you plan to migrate VMs prior to configuring IPMotion. For example, the subnet is 10.140.0.0/16. Please refer to “Virtual Appliance CloudN” on how to deploy the Virtual Appliance CloudN.
Check and make sure you can access the Aviatrix Virtual Appliance CloudN dashboard and login with an administrator account. The default URL for the Aviatrix Virtual Appliance CloudN is:
https://<private ip of Aviatrix Virtual Appliance CloudN>
2.2 Configuration Steps¶
Make sure the pre-configuration steps in the previous section are completed before proceeding.
2.2.1 Step a – Deploy Aviatrix IPMotion gateway¶
The first step is to deploy Aviatrix IPMotion gateway in AWS VPC. Please refer to “IPmotion Setup Instructions” for detail.
Instructions:
a.1. Login to the Aviatrix Virtual Appliance CloudN
a.2. Click on “IP Motion” in the left navigation bar
a.3. For section 1> Specify the on-prem IP Address List, enter both the list of IP addresses of VMs that will be migrated and the list of IP addresses of VMs that will remain on-prem.
| IPMotion Configuration | Example |
|---|---|
| On-prem Subnet IP List | 10.140.0.45-10.140.0.46 |
a.4. Click “Specify”.
a.5. Click “View” to check those specified IPs and its status.
| Status Value | Notes |
|---|---|
| ON-PREM | IP of VM in On-Prem |
| IN-CLOUD-STAGING | IP of VM in staging Mode |
| IN-CLOUD | IP of VM migrated to Cloud |
a.6. For section 2> Reserve IPmotion Gateway IP Address List, specify 10 IP addresses that are not being used by any running VMs and reserve these addresses for Aviatrix IPmotion gateway.
| IPMotion Configuration | Example |
|---|---|
| IPmotion Gateway Reserve IP List | 10.140.0.200-10.140.0.210 |
a.7. Click “View” to check those reserved IPs.
a.8. For section 3> Launch an IPmotion Gateway in the AWS VPC, it launches an Aviatrix IPmotion gateway and builds an encrypted IPSEC tunnel between the subnet of On-Prem and AWS VPC.
| Setting | Value |
|---|---|
| Cloud Type | Choose AWS |
| Account Name | Choose the account name |
| Region | Choose the region of VPC (e.g. us-west-2) |
| VPC ID | Choose the VPC ID of VPC |
| Gateway Name | This name is arbitrary (e.g. IPMotion-GW) |
| Gateway Size | t2.small is fine for testing. |
| Gateway Subnet | Select the public subnet (e.g. 10.140.0.0/16) |
a.9. Click “Launch”. It will take a few minutes for the gateway to deploy. Do not proceed until the gateway is deployed.
a.10. Done
Note
Next 2.2.2 Step b – Integrate Aviatrix IPMotion with AWS AMI will explain how to utilize section 4> Let’s Move! to coordinate IP migration with the migrated AMI created by AWS SMS
2.2.2 Step b – Integrate Aviatrix IPMotion with AWS AMI¶
This step explains how to integrate Aviatrix IPMotion with the AMI that a user migrated from On-Premise VM to AWS via AWS SMS earlier.
b.1. Click on IP Motion in the left navigation bar of GUI of Aviatrix Virtual Appliance CloudN
b.2. Navigate to section 4> Let’s Move!
b.3. Select the IP of VM which will be migrated to cloud. (e.g. 10.140.0.45)
b.4. Click “Staging”. This is the preparation step for a user to shutdown the On-Prem VM with the selected IP and power up its corresponding cloud VM with the same IP.
b.4.1. Shutdown the On-Prem VM via vCenter. (e.g. 10.140.0.45)
b.4.2. Power up the AWS EC2 instance with that selected IP. (e.g. 10.140.0.45)
b.4.2.1. Navigate to AWS -> Compute -> EC2 console
b.4.2.2. Click “Launch Instance”
b.4.2.3. Step 1: Choose an Amazon Machine Image (AMI) -> Click side bar “My AMIs” -> Click “Select” of the AMI which is created by AWS SMS
b.4.2.4. Step 2: Choose an Instance Type
b.4.2.5. Step 3: Configure Instance Details:
b.4.2.5.1. In first section, here is an example for the testing topology
| AWS Example Setting | Value |
|---|---|
| Number of instances | 1 |
| Purchasing Optional | Uncheck this box is fine for testing |
| Network | Choose the VPC ID of the planned VPC |
| Subnet | Choose the Subnet ID of the planned Subnet |
| Auto-assign Public IP | Enable is fine for testing |
| IAM role | None is fine for testing |
| Shutdown behavior | Stop is fine for testing |
| Enable termination protection | Uncheck this box is fine for testing |
| Monitoring | Uncheck this box is fine for testing |
| Tenancy | Shared - Run a shared hardware instance is fine |
b.4.2.5.2. (Important) In second section - Network interfaces, enter the selected IP (e.g. 10.140.0.45)
b.4.2.6. Step 4: Add Storage: default settings is fine for testing.
b.4.2.6. Step 5: Add Tags: default settings is fine for testing.
b.4.2.7. Step 6: Configure Security Group -> Click “Create a new security group”. For this testing topology, adding a rule with Type of “All traffic” and Source of “Custom - 10.140.0.0/16” to allow all traffic between On-Prem VM and Cloud VM. User can further customize the firewall rules.
b.4.2.8. Step 7: Review Instance Launch -> Click “Launch” It will take a few minutes for the EC2 instance to deploy. Do not proceed until the EC2 instance is deployed.
b.5. (Optional) Click “View” of section 1> Specify the on-prem IP Address List to check status. That IP status will change from status “ON-PREM” to “IN-CLOUD-STAGING”.
b.6. Navigate back to the section 4> Let’s Move! of IP Motion of GUI of Aviatrix Virtual Appliance CloudN
b.7. Select IP “10.140.0.45” -> Click “Commit”
b.8. (Optional) Click “View” of section 1> Specify the on-prem IP Address List to check status. That IP status will change from status “IN-CLOUD-STAGING” to “IN-CLOUD”.
b.9. Done
2.2.3 Step c – Test Connectivity¶
This step explains how to test the connectivity between the On-Prem VM to the migrated VM in the cloud.
Instructions:
c.1. Browse the GUI of Aviatrix Virtual Appliance CloudN
c.1.1. Click side bar Troubleshoot -> Diagnostics -> Network -> Ping Utility.
c.1.2. Enter the committed IP address -> click Ping.
c.2. Test bi-directional end-to-end connectivity
c.2.1. Login to the On-Prem VM (e.g. 10.140.0.46)
c.2.2. Check ICMP protocol via command “ping 10.140.45”
c.2.3. Login to the migrated EC2 (e.g. 10.140.0.45)
c.2.4. Check ICMP protocol via command “ping 10.140.46”
Note
Make sure the security group of the migrated EC2 has ICMP allowed. Also make sure the migrated EC2 instance responds to Ping request.
Troubleshooting¶
- Click button “View” of section 1> Specify the on-prem IP Address List of IPMotion of GUI of Aviatrix Virtual Appliance CloudN to check what state an IP address is at.
- Click button “Reset” if all things fail and you like to start over
2.1. First of all, delete the IPmotion gateway by navigating to side bar “Gateway List”
2.2. Select the gateway -> click Delete. It will take a few minutes to delete. Do not proceed until the gateway is deleted.
2.3. After deletion is completed, go back to section 1> Specify the on-prem IP Address List of IPMotion and click button “Reset”.
2.4. You can then start it over by going through Step a – Deploy Aviatrix IPMotion gateway and Step b – Integrate Aviatrix IPMotion with AWS AMI again.
- Get Support email support@aviatrix.com for assistance.