Here is a new tip of the day. We’ll discuss only the Azure Resource Manager. Azure Service Management (ASM or classical) won’t be covered.
Azure portal has a simple built-in tool to migrate resources between subscriptions/resource groups and it’s available under Resource Group – Move
Or using PowerShell : Move-AzureRmResource
It’s also well described @MSDN and there are some main limitations that we need to consider:
- Move in Azure Portal works only for subscriptions/resources groups in the same tenant (the most important!)
- Not any resources can be migrated. For example, it’s not supported to move VPN Gateway or Recovery vaults. So we need to create and configure the new ones in the target subscription.
- There are different limitations for ASM (classical deployments) and ARM. Check them before migration.
If the tenant IDs for the source and destination subscriptions are not the same, you can attempt to change the directory for the subscription. This operation requires Service Administrator which sometimes are not available for user. For example, migration from CSP to EA.
In this case, manual migration is required.
To get list of subscriptions and TenantIDs associated with them use PowerShell:
In this example, the first two subscriptions are in the same tenant and migration between them can be done through Azure portal using Move option.
However, moving resources between the subscriptions “Visual Studio Premium..” and “Microsoft Azure Sponsorship” requires manual migration steps (look at the TenantID..they are different).
So, how to move? It’s quiet simple if you are familiar with AzCopy and Azure PowerShell.
The process of migration consists of several simple steps:
- Prepare your target subscription (general services like storage accounts and networks)
- Download and install AzCopy, stop VMs, copy VHDs of each VM to the target
- Install AzureRM module, create VMs using the copied VHDs
- Add additional resources such as VPN Gateways/S2S connections and Recovery vaults (optional)
Some details
1) To copy (asynchronously) VHDs use the following command
AzCopy /Source:<Source URI> /Dest:<Dest URI> /SourceKey:<Source Key> /Pattern:<sorcevhdname.vhd>
<Source Key> is one of the access keys (Storage Account – Access Keys or use PowerShell):
List of all storage accounts in the source subscription
Get-AzureRmStorageAccount|Ft ResourceGroupName,StorageAccountName
List of source storage account keys (example). Use one of the keys value with AzCopy
Get-AzureRmStorageAccountKey -ResourceGroupName <resource group name> -Name <storage account name>|ft -AutoSize
To get URIs and VHDs name (Storage Account – Containers – <name of container>):
(Get-AzureRmStorageAccount -Name <stor acc name> -ResourceGroupName <rg name>|Get-AzureStorageContainer|Get-AzureStorageBlob).ICloudBlob.uri.AbsoluteUri
Stop VM or VMs and run copy in AzCopy then. Wait while AzCopy finishes initiated process.
Tip: prepare script for all VMs before stopping them. simultaneous copies are allowed.
2) Open PowerShell ISE with installed AzureRM module, replace values (variables and subID) with yours and run:
#Open new Azure session
Login-AzureRMAccount
#Target subscription details
$sub=(Get-AzureRMSubscription -SubscriptionName "your subscription name" ).TenantId
Select-AzureRmSubscription -SubscriptionId $sub
#Variables
$rgname = "your rg name"
$vmsize = "required VM size <Example:Standard_A4>"
$vmname = "your vm name"
$locName="location (example:East US)"
$nicName="VMName_Nic"
$vnetName="Virtual Network Name"
$SubName = "Subnet Name"
$osDiskName = "vmdiskname"
$osDiskVhdUri = "https://destination.blob.core.windows.net/vhds/name.vhd"
#New VM config
$newvm = New-AzureRmVMConfig -VMName $vmname -VMSize $vmsize
#Get virtual network
$vnet=Get-AzureRmVirtualNetwork -Name $vnetName -ResourceGroupName $rgName
#Get subnet
$subnet = $vnet.Subnets | Where-Object { $_.Name -eq $SubName}
#New Public IP
$publicip=New-AzureRmPublicIpAddress -Name $nicName -ResourceGroupName $rgName -Location $locName -AllocationMethod Dynamic
#New nic for VM
$nic=New-AzureRmNetworkInterface -Name $nicName -ResourceGroupName $rgName -Location $locName -SubnetId $subnet.Id -PublicIpAddressId $publicip.Id
#Update VM config
$newvm = Add-AzureRmVMNetworkInterface -VM $newvm -Id $nic.Id
#Attach copied disk to VM (sample. just one OS disk)
$newvm = Set-AzureRmVMOSDisk -VM $newvm -VhdUri $osDiskVhdUri -name $osDiskName -CreateOption attach -Windows
#Create VM
New-AzureRmVM -ResourceGroupName $rgname -Location $locName -VM $newvm
Verify that VM is running in the target subscription and all disks are attached.
Note: latest AzureRM (3.5.0) module doesn’t output status of VM creation (it’ll be corrected in future releases). Use Azure Portal instead.
FAQ
How to run synchronous copy in AzCopy?
Place /SyncCopy parameter to the end of the AzCopy command above. It ensures that the copy operation will get consistent speed. AzCopy performs the synchronous copy by downloading the blobs to copy from the specified source to local memory, and then uploading them to the Blob storage destination. It’s recommended to prepare VM in the source subscription and run AzCopy from there to avoid egress cost
Should I pay for traffic during migration?
If you are moving data within the same region, you don’t have to pay for it. It’s free. Additional costs required only for moving data between different regions.
What’s the maximum speed of data transferring?
It depends on VM and storage types. Basically, for standard accounts it’s up to 60 Mb/s. Premium storage accounts can provide throughput up to 200 Mb/s. In the real world throughput can vary widely.
Example: about 1 Tb were migrated in 14 hours between subscriptions with standard accounts, VMs with Ax size and within the same region
UseIT | Roman Levchenko 