Automatic Assessment Mode

The Assessment mode of VMware NSX Migration for VMware Cloud Director tool verifies the migration preparedness of organization VDCs of the NSX Data Center for vSphere. It performs discovery of features used in all or specified NSX Data Center for vSphere backed organization VDCs and analyzes the suitability of each for migration. The assessment mode can be run on the VMware Cloud Director instance that has not yet been configured and prepared for NSX-T Data Center. It needs access only to the VMware Cloud Director API endpoint.

The Assessment mode creates Detailed and summary report files in the following format:

  • Detailed report: v2tAssessmentReport-DD-MM-YYYY-HH-MM-SS.csv
  • Summary report: v2tAssessmentReport-Summary-DD-MM-YYYY-HH-MM-SS.csv

Renaming Log Files In previous versions, the NSX Migration for Cloud Director saved log files directly without any association with the organization in which the Organization VDC is present. This led to more complexity in sorting the files according to organizations.

The naming convention for the log file was VCD-NSX-Migrator-Main-timestamp, and for the v2tAssessement report was ORG VDC-UUID-v2tAssessmentReport-Summary-timestamp.

Old Logs Format: old-log-file-format

Old Reports Format: old-report-file-format

In 1.4.0, the formatting of the Logs folder is modified to categorize the migration logs based on the instance of the VCD; the migration logs will also include the parent Org name for the Org VDC.

The logs structure is as follows:

 >Logs
    >VCD IP/FQDN
           >Migration
                  >OrgName-VCD-NSX-Migrator-preCheck-Log-timestamp
            >v2tAssessment
                  >VCD-NSX-Migrator-v2tAssessment-Log-timestamp
>Reports
     >VCD IP/FQDN
               >VCD-NSX-Migrator-v2tAssessment-timestamp
 

1.4.0-renaming-log-file

Summary Report

This shows accumulative data of all the organization VDCs combined with the following details:

  • Build Version of the tool
  • UUID of VMware Cloud Director
  • VMware Cloud Director version
  • Start and End Time of the Assessment
  • Total time taken for the Assessment
  • Number of Organization/s evaluated
  • Number of Organization VDC/s evaluated
  • Maximum number of networks to be bridged in a single migration
  • Count of organization VDC/s as per the categories, along with organization VDC RAM and number of VMs
  • Feature wise categorization along with the count of the Organization VDCs, Organization VDC RAM and number of VMs

Detailed Report

This shows report per organization VDC with the following details:

  • Organization Name of organization VDC
  • Name of organization VDC
  • UUID of organization VDC
  • Status (whether it can be automatically migrated with the current migration tool version or not)
  • Number of VMs in organization VDC
  • organization VDC RAM
  • Number of networks to be bridged
  • List of Unsupported features along with TRUE/FALSE/NA values stating which all are present in the specific organization VDCs.

Possible values for the Status column in the detailed report:

  • Can be migrated.
  • Automated migration not supported with the current version: Organization VDC includes one or more blocking features that prevent an automatic migration with the current version of the NSX Migration for Cloud Director tool.
  • Can be migrated with additional preparation work: Organization VDC includes features that can be mitigated to allow migration.
  • The Organization VDCs not accessible for assessments: In case the organization VDCs or their components are busy, critical, or not in a healthy state.

Note While running the assessment mode, the VMware Cloud Director should be in a stable state. If any organization VDC along with its components (undergoing evaluation) is in a critical or busy state, unexpected assessment failures can occur.

Possible Mitigation Steps for Features

Features Mitigation Steps
Unsupported vApps/VMs List of unsupported configurations for vApp migration:
  • vApp in maintenance mode is expected to be busy with external 3rd party automation/tooling (backup): Exit the maintenance Mode.
  • Suspended or partially suspended vApp : Power On/Off the suspended vApp/VM.
Unsupported Routed vApp Network Configuration List of unsupported configuration for routed vApp network migration:
  • Routed vApp parent network should not be a dedicated direct network
  • External network used for routed vApp networks should be overlay backed
  • Invalid NAT rule: if an internal port is ANY, the external port should also be ANY
Fencing enabled on vApps NSX-T backed vApps do not support fencing mode. If possible disable the fencing on source vApp or else connect it to a different parent Org VDC network which does not create a MAC/IP address conflict and the need for fencing.
VM with independent disks having different storage policies and fast provisioning enabled Disable fast provisioning for Organization VDC before migration
No free interface on edge gateways Change the routed organization VDC network connection interface type from the internal to distributed or subinterface to free up one direct interface.
DHCP Binding: Binding IP addresses overlap with static IP Pool range Make sure IPs are not overlapping between DHCP binding and the static pool
DHCP Relay: Domain names are configured Use DHCP relay IP address instead of its domain name
DHCP Relay: More than 8 DHCP servers configured Remove excessive DHCP servers from the VDC Gateway DHCP relay configuration.
Gateway Firewall: Gateway interfaces in rule Replace with supported source/target (IP Set, security group).
Gateway Firewall: Networks connected to different edge gateway used Replace with IPset based rule.
Gateway Firewall: Unsupported grouping object Change to a supported grouping object (network) or an IPSet.
NAT: Range of IPs or network in DNAT rule Change to specific IPs
IPsec: Unsupported Encryption Algorithm Reconfigure the VPN to a supported encryption algorithm.
IPsec: DNAT rules not supported with Policy-based session type Requires NSX-T 4.0 or later version. Migration won't be blocked, but it may not work as expected after migration with older versions of NSX-T
User-defined Static Routes External static routes are not supported. Configure equivalent rules from NSX-T on the destination external network Tier-0/VRF.
LoadBalancer: Custom monitor Remove custom configuration fields (Send, Receive, Expected, Url, Extension) from the health monitor.
LoadBalancer: Default pool not configured Configure the default pool in all virtual services
LoadBalancer: Unsupported persistence Switch to one of the supported persistence methods (client IP, HTTP cookie).
LoadBalancer: Unsupported algorithm Switch to one of the supported algorithms (least connections, round robin, consistent hash)
LoadBalancer: Application profile is not added Add the application profile
L2VPN service Client needs to be reconfigured. The tenant needs to manually reconfigure VPN after the migration.
SSLVPN service Follow the guidance provided in VMware Cloud Director Remote Access VPN Integration Guide and transition to other solutions prior to the migration
Syslog service Disable Syslog service before migration
SSH service Disable SSH service before migration
Distributed Firewall: Invalid objects in rule Replace with equivalent supported objects (networks)
Distributed Firewall: Unsupported type is applied to section Modify rule so it can be applied to the whole organization VDC
Distributed Firewall: Networks connected to different edge gateway used Replace with equivalent IPset-based rule
Distributed Firewall: Layer 2 Rule Replace with equivalent layer 4 rules
Distributed Firewall: Invalid Security Group objects in the rule Replace with supported objects in Security Groups
Published/Subscribed Catalog
  • The published catalogs will be migrated as unpublished and publishing of catalogs has to be done manually after cleanup.
  • The subscribed catalogs are not possible to be migrated, the provider has to remove the subscribed catalogs before cleanup.
check-circle-line exclamation-circle-line close-line
Scroll to top icon