0

we want to move all of our Linux VMs from a subscription in one region to a subscription in another region. I found a few threads that this isn't possible at the moment, but there are workarounds. Unfortunately I'm stuck. Since I want to move the VMs as they are (the subscription where the VMs are currently running will be terminated) I guess I don't have to deprovision the images? Do I have to generalize them for the transfer?

Whats the best way to get them to the other subscription? I played with the AzCopy command and actually was able to copy files from a container from the first subscription to a container of the other one in another region. Then I thought I could copy the vhds of the VMs but couldn't find them in the blob containers of our storage accounts. After that, I created a snapshot, but couldn't find it in the blob containers as well. So I also couldn't copy them with AzCopy.

Thank you for every help, kopi

kopi_b
  • 1,453
  • 3
  • 16
  • 20

1 Answers1

2

As with everything, it depends how you've set your VM's disks up. The two options are managed and unmanaged disks.

If your disks are managed, they won't be in a storage account and that's probably why you can't find them, however you should check in the Disks blade of the VM to be certain. An unmanaged disk will show a reference to the VHD URI when you look closer inside the disks blade of the VM resource and will include "unmanaged" in brackets as per this screenshot.

Unmanaged disk sample screenshot

If your disk is managed, and you want to copy it to a storage account as a VHD, these few lines will get you started. Obviously this is PowerShell. You will need to be running a recent version (WMF 5.1 preferably) of PowerShell and install the latest AzureRM modules (Install-Module AzureRm -Scope CurrentUser). 

$token = Grant-AzureRmDiskAccess -ResourceGroupName sourceresourcegroupname -DiskName sourcemanageddiskname -DurationInSecond 3600 -Access Read 
$destContext = New-AzureStorageContext –StorageAccountName destinationstorageaccount -StorageAccountKey 'destinationstorageaccountkey' 
Start-AzureStorageBlobCopy -AbsoluteUri $token.AccessSAS -DestContainer 'vhds' -DestContext $destContext -DestBlob 'destinationblobname.vhd'

If on the other hand you have unmanaged disks, the process is a little more complex. Again, the following is PowerShell. You need the source VHD URI (see the screenshot above) and then to provide the destination blob information.

Select-AzureRmSubscription 'SourceSubscription'

### Source VHD - authenticated container ###
$srcUri = "https://sourcestorageaccount.blob.core.windows.net/vhds/nameoffile.vhd" 

### Source Storage Account ###
$srcStorageAccount = "sourcestorageaccount"
$srcStorageKey = "sourcestorageaccountkey=="

### Create the source storage account context ### 
$srcContext = New-AzureStorageContext  –StorageAccountName $srcStorageAccount `
                                        -StorageAccountKey $srcStorageKey

# Target Storage Account
Select-AzureRmSubscription 'DestinationSubscription'

### Target Storage Account ###
$destStorageAccount = "destinationstorageaccount"
$destStorageKey = "destinationstorageaccountkey=="


### Create the destination storage account context ### 
$destContext = New-AzureStorageContext  –StorageAccountName $destStorageAccount `
                                        -StorageAccountKey $destStorageKey  

### Destination Container Name ### 
$containerName = "copiedvhds"

### Create the container on the destination ### 
New-AzureStorageContainer -Name $containerName -Context $destContext 

### Start the asynchronous copy - specify the source authentication with -SrcContext ### 
$blob1 = Start-AzureStorageBlobCopy -srcUri $srcUri `
                                    -SrcContext $srcContext `
                                    -DestContainer $containerName `
                                    -DestBlob "destinationblob.vhd" `
                                    -DestContext $destContext


### Loop until complete ###                                    
While($status.Status -eq "Pending"){
  $status = $blob1 | Get-AzureStorageBlobCopyState 
  Start-Sleep 300
  ### Print out status ###
  $status
}

One thing I will mention is that if you are running managed disks, there are options in the portal to move the disk to another subscription. If you wish, come back with your current disk type (managed or unmanaged) and let me know what the target type you expect/want it to be and we can work from there.

On the assumption that you created a copy of a VHD blob in a new storage account in the target subscription (ie. You didn't create a snapshot of a managed disk), you can "wrap" a VM container around the disk using the following PowerShell. The important line is the Set-AzureRmVMOSDisk where we use the Attach option to simply create the config and plug the disk in.

# Name the new server
$ServerName = 'MYSERVER'
# Provide the URI of the disk to be attached as the OS disk.
$LocationOfVHD = "https://destinationstorageaccount.blob.core.windows.net/copiedvhds/destinationblob.vhd"
# Create a NIC and get the target VNET and subnet references.
$nicName = "$ServerName-nic"
# Set the private IP Address of the NIC
$PrivateIPAddress = '10.203.99.4'
# Set the DNS server for the NIC
$DNSServerAddress = '10.203.99.4'
# Destination resource group
$DestinationResourceGroupName = 'RG-DESTINATION'
# Location where the resources are to be built
$LocationOfResources = 'UK West'

# Select the appropriate subscription
Select-AzureRmSubscription 'DestinationSubscription'

# Create a VM machine configuration
$VM = New-AzureRmVMConfig -VMSize 'Standard_DS2_v2' -VMName $ServerName

# Set the VM OS Disk value to the URI where the disk was restored/copied and attach it. Set the OS type and caching as desired
Set-AzureRmVMOSDisk -VM $VM -Name "$ServerName-OS" -VhdUri $LocationOfVHD -CreateOption "Attach" -Windows -Caching ReadWrite

# Get the reference to the VNET in which the NIC will be bound.
$vnet = Get-AzureRmVirtualNetwork -Name "TargetAzureNetwork" -ResourceGroupName 'TARGETVIRTUALNETWORK'

# Get the reference to the Subnet ID in which the NIC will be bound.
$Subnet = $vnet.Subnets | Where-Object {$_.Name -eq 'TARGETSUBNET'} | Select-Object 'Id'

# Get the ID of the NSG which will be bound to the NIC - if you want.
$NSG = Get-AzureRmNetworkSecurityGroup -ResourceGroupName $DestinationResourceGroupName -Name 'NSG-DESTINATIONVM'

# Create the NIC with the VNET/subnet reference
# You could also define here the backend load balanced pool etc that this NIC belongs to.
$NIC = New-AzureRmNetworkInterface `
                    -Name $nicName `
                    -ResourceGroupName $DestinationResourceGroupName `
                    -Location $LocationOfResources `
                    -SubnetId $Subnet.Id `
                    -NetworkSecurityGroupId $NSG.Id  `
                    -PrivateIpAddress $PrivateIPAddress `
                    -DnsServer $DNSServerAddress

# Add the newly created NIC to the VM definition.
$VM = Add-AzureRmVMNetworkInterface -VM $VM -Id $NIC.Id

# Create the VM
New-AzureRmVM -ResourceGroupName $DestinationResourceGroupName -Location $LocationOfResources -VM $VM

Hopefully that's a decent starter for you but come back if you need more. If you're new to PowerShell though, I apologise but to do what you're asking, you either need PowerShell or the Azure CLI.

UPDATE (now I know these are managed disks):

With a little more clarity, here's your process.

I personally would do most if not all of this in PowerShell (Azure modules) but sensing you’re new to it, I’ll navigate you through the portal method. Unfortunately, a little PowerShell will be needed so prepare yourself.

  1. Create a target storage account in the destination subscription – you need to use an intermediate storage account as part of this process. You also need a Virtual Network of course.

  2. Shut down your source VM.

  3. Navigate to the Disks blade and select one of the disks.

  4. Click Create Snapshot. Repeat for any other disks attached to the VM and then of course all other VMs. Once you’ve got your snapshots, you can turn the VMs back on.

  5. One could argue that you don’t have to create snapshots if you’re happy for the VMs to remain off while you copy the source VHD using an access URL like you’d get if you chose Export > Generate URL instead of creating a snapshot. We’re creating snapshot since you might actually want your VMs to be running again quickly.

  6. For each snapshot that you created, you’ll need to copy it as a blob to a new target account.

  7. Open each snapshot and click Export. Increase the valid time to 86400 seconds (one day), then click Generate URL.

  8. Make sure you copy the URL that’s generated and don’t lose it.

  9. Here comes the PowerShell which we use to download the generated URL in to a blob in our destination subscription and storage account. The download process takes a while per disk so be prepared! Remember you need to do this for every snapshot of every disk, altering names and possibly storage accounts for each VM as required. (this is the reason why I would choose to use PowerShell).

    Source VHD - authenticated container ###
$srcUri = "https://md-f0p4tdq5fjpc.blob.core.windows.net/txwptxxxqvct/abcd?sv=2017-04-17&sr=b&si=cce17550-75f7-429c-bf08-31d0ae2da552&sig=oI%2BNOmQ4F75H8AlSwm7rJb%2Frm2Jhl9kfNZ7Jt2cUJpY%3D" 

# Target Storage Account
Select-AzureRmSubscription 'DestinationSubscription'

### Target Storage Account ###
$destStorageAccount = "destinationstorageaccount"
$destStorageKey = "IkEvDdWTvTxN7v45VgAcvyEpZB9rGyYwyZhxvhG6eQaPIB15MQOa0vkvsHxMDpmUIJqq42UGiU8ji5Lqt39rAg=="


### Create the destination storage account context ### 
$destContext = New-AzureStorageContext  –StorageAccountName $destStorageAccount `
                                        -StorageAccountKey $destStorageKey  

### Destination Container Name ### 
$containerName = "vhds"

### Create the container on the destination ### 
New-AzureStorageContainer -Name $containerName -Context $destContext 

### Start the asynchronous copy
$blob1 = Start-AzureStorageBlobCopy -AbsoluteUri $srcUri `
                                    -DestContainer $containerName `
                                    -DestBlob "destinationblob.vhd" `
                                    -DestContext $destContext

$status = $blob1 | Get-AzureStorageBlobCopyState

### Loop until complete ###                                    
While($status.Status -eq "Pending"){
$status = $blob1 | Get-AzureStorageBlobCopyState 
Start-Sleep 300
### Print out status ###
$status
}

  10. Once the blob copy is complete, we will need to wrap a VM around our disk (or disks!). As part of this process though, we will Import the VHD that is now in our target storage account in to a managed disk and attach it to the VM. More PowerShell unfortunately but this looks very similar to the PowerShell I’ve shared earlier. There are comments so you know what’s going on.

    # Name the new server
$ServerName = 'DESTINATIONSERVERNAME'
# Provide the URI of the disk to be attached as the OS disk.
$LocationOfOSVHD = "https://destinationstorage.blob.core.windows.net/vhds/destinationblob.vhd"
$LocationOfDataDisk1 = "https://lrdestinationstorage.blob.core.windows.net/vhds/destinationblob1.vhd"
# Create a NIC and get the target VNET and subnet references.
$nicName = "$ServerName-nic"
# Set the private IP Address of the NIC
$PrivateIPAddress = '10.0.0.4'
# Set the DNS server for the NIC
$DNSServerAddress = '8.8.8.8'
# Destination resource group
$DestinationResourceGroupName = 'RG-DESTINATION'
# Location where the resources are to be built
$LocationOfResources = 'West Europe'

# Select the appropriate subscription
Select-AzureRmSubscription 'DestinationSubscription'

# Create a VM machine configuration
$VM = New-AzureRmVMConfig -VMSize 'Standard_DS2_v2' -VMName $ServerName

# Create a managed disk configuration and import the source VHD
$OSDisk = New-AzureRmDiskConfig -AccountType StandardLRS -Location $LocationOfResources -CreateOption Import -SourceUri $LocationOfOSVHD

# Create the managed disk using the configuration defined above.
$Disk1 = New-AzureRmDisk -DiskName 'OS-DISK' -Disk $OSDisk -ResourceGroupName $DestinationResourceGroupName

# Set the VM’s OS Disk to be the managed disk.
Set-AzureRmVMOSDisk -VM $vm -ManagedDiskId $Disk1.Id -StorageAccountType StandardLRS -DiskSizeInGB 80 -CreateOption Attach -Windows -Caching ReadWrite

# Repeat ourselves for any data disks that must also be attached to the VM in the destination.
# Increase LUN numbering and changing names etc as required.
$DataDisk = New-AzureRmDiskConfig -AccountType StandardLRS -Location $LocationOfResources -CreateOption Import -SourceUri $LocationOfDataDisk1
$Disk2 = New-AzureRmDisk -DiskName 'DATA-1' -Disk $DataDisk -ResourceGroupName $DestinationResourceGroupName
Add-AzureRmVMDataDisk -ManagedDiskId $Disk2.Id -VM $vm -CreateOption Attach -DiskSizeInGB 20 -Caching ReadWrite -StorageAccountType StandardLRS -Name 'DATA-1' -Lun 0

# Get the reference to the VNET in which the NIC will be bound. Might not be in the resource group you’re migrating to so this is left manual.
$vnet = Get-AzureRmVirtualNetwork -Name "DestinationAzureNetwork" -ResourceGroupName 'RG-DESTINATION'

# Get the reference to the Subnet ID in which the NIC will be bound. Replace 'default' with the name of the target subnet
$Subnet = $vnet.Subnets | Where-Object {$_.Name -eq 'default'} | Select-Object 'Id'

# Create the NIC with the VNET/subnet reference
# You could also define here the backend load balanced pool etc that this NIC belongs to.
$NIC = New-AzureRmNetworkInterface `
                    -Name $nicName `
                    -ResourceGroupName $DestinationResourceGroupName `
                    -Location $LocationOfResources `
                    -SubnetId $Subnet.Id `
                    -PrivateIpAddress $PrivateIPAddress `
                    -DnsServer $DNSServerAddress

# Add the newly created NIC to the VM definition.
$VM = Add-AzureRmVMNetworkInterface -VM $VM -Id $NIC.Id

# Create the VM
New-AzureRmVM -ResourceGroupName $DestinationResourceGroupName -Location $LocationOfResources -VM $VM

And that should do what you're after.

There's some considerations obviously and you'll need to edit the script each time you're doing a copy or re-creating the VM. This is not ideal but I've tried to take in to consideration your PowerShell familiarity. Otherwise this whole thing would have been PowerShell.

Lewis
  • 244
  • 2
  • 6
  • Hello Lewis and thank you for your help. As you suspected, all of our VMs are using managed disks and we'd like to keep it that way. During my other tries before, I also installed the Azure PowerShell modules AzureRM, was able to login and test some simple commands. – kopi_b Mar 06 '18 at 09:31
  • No worries, do any of your VMs have data disks? – Lewis Mar 06 '18 at 11:53
  • Yes, one of the VMs has a data disk with 1TB.In the mean time I did as you said, and copied one managed disk to the storage account as a vhd on the old subscription. That one I was able to AzCopy to the new subscription. – kopi_b Mar 06 '18 at 16:44
  • I've updated my answer to include information about dealing with managed disks and included the information about configuring the new VM in the target subscription once the data disks have been migrated. In a nutshell, the process is to copy the managed disks to VHD and then re-wrap them in to managed disks using the VHDs as the source blob. All the info and scripts above. – Lewis Mar 06 '18 at 18:53
  • Thanks again for your help. Based on your description I was able to migrate the VMs. I had to do a few more things like create other networking components (Virtual network, Network security group) and a few commands like the login need the environment switch in the PowerShell for the region Germany Central (eg. -EnvironmentName AzureGermanCloud) – kopi_b Mar 09 '18 at 07:29
  • Good to hear you got it sorted - I think the creation of your Virtual Network and underlying components was what I meant by "...some considerations...". The other thing I didn't change in my script was the `-Windows` switch on VM creation, hopefully you spotted that. – Lewis Mar 10 '18 at 09:30