The Assessment mode of VMware NSX Migration for VMware Cloud Director tool verifies the migration preparedness of organization VDCs of the NSX Data Center for vSphere. It performs discovery of features used in all or specified NSX Data Center for vSphere backed organization VDCs and analyzes the suitability of each for migration. The assessment mode can be run on the VMware Cloud Director instance that has not yet been configured and prepared for NSX-T Data Center. It needs access only to the VMware Cloud Director API endpoint.
The Assessment mode creates Detailed and summary report files in the following format:
v2tAssessmentReport-DD-MM-YYYY-HH-MM-SS.csv
v2tAssessmentReport-Summary-DD-MM-YYYY-HH-MM-SS.csv
Renaming Log Files In previous versions, the NSX Migration for Cloud Director saved log files directly without any association with the organization in which the Organization VDC is present. This led to more complexity in sorting the files according to organizations.
The naming convention for the log file was VCD-NSX-Migrator-Main-timestamp, and for the v2tAssessement report was ORG VDC-UUID-v2tAssessmentReport-Summary-timestamp.
Old Logs Format:
Old Reports Format:
In 1.4.0, the formatting of the Logs folder is modified to categorize the migration logs based on the instance of the VCD; the migration logs will also include the parent Org name for the Org VDC.
The logs structure is as follows:
>Logs
>VCD IP/FQDN
>Migration
>OrgName-VCD-NSX-Migrator-preCheck-Log-timestamp
>v2tAssessment
>VCD-NSX-Migrator-v2tAssessment-Log-timestamp
>Reports
>VCD IP/FQDN
>VCD-NSX-Migrator-v2tAssessment-timestamp
This shows accumulative data of all the organization VDCs combined with the following details:
This shows report per organization VDC with the following details:
Possible values for the Status column in the detailed report:
Note While running the assessment mode, the VMware Cloud Director should be in a stable state. If any organization VDC along with its components (undergoing evaluation) is in a critical or busy state, unexpected assessment failures can occur.
Features | Mitigation Steps |
---|---|
Unsupported vApps/VMs | List of unsupported configurations for vApp migration:
|
Unsupported Routed vApp Network Configuration | List of unsupported configuration for routed vApp network migration:
|
Fencing enabled on vApps | NSX-T backed vApps do not support fencing mode. If possible disable the fencing on source vApp or else connect it to a different parent Org VDC network which does not create a MAC/IP address conflict and the need for fencing. |
VM with independent disks having different storage policies and fast provisioning enabled | Disable fast provisioning for Organization VDC before migration |
No free interface on edge gateways | Change the routed organization VDC network connection interface type from the internal to distributed or subinterface to free up one direct interface. |
DHCP Binding: Binding IP addresses overlap with static IP Pool range | Make sure IPs are not overlapping between DHCP binding and the static pool |
DHCP Relay: Domain names are configured | Use DHCP relay IP address instead of its domain name |
DHCP Relay: More than 8 DHCP servers configured | Remove excessive DHCP servers from the VDC Gateway DHCP relay configuration. |
Gateway Firewall: Gateway interfaces in rule | Replace with supported source/target (IP Set, security group). |
Gateway Firewall: Networks connected to different edge gateway used | Replace with IPset based rule. |
Gateway Firewall: Unsupported grouping object | Change to a supported grouping object (network) or an IPSet. |
NAT: Range of IPs or network in DNAT rule | Change to specific IPs |
IPsec: Unsupported Encryption Algorithm | Reconfigure the VPN to a supported encryption algorithm. |
IPsec: DNAT rules not supported with Policy-based session type | Requires NSX-T 4.0 or later version. Migration won't be blocked, but it may not work as expected after migration with older versions of NSX-T |
User-defined Static Routes | External static routes are not supported. Configure equivalent rules from NSX-T on the destination external network Tier-0/VRF. |
LoadBalancer: Custom monitor | Remove custom configuration fields (Send, Receive, Expected, Url, Extension) from the health monitor. |
LoadBalancer: Default pool not configured | Configure the default pool in all virtual services |
LoadBalancer: Unsupported persistence | Switch to one of the supported persistence methods (client IP, HTTP cookie). |
LoadBalancer: Unsupported algorithm | Switch to one of the supported algorithms (least connections, round robin, consistent hash) |
LoadBalancer: Application profile is not added | Add the application profile |
L2VPN service | Client needs to be reconfigured. The tenant needs to manually reconfigure VPN after the migration. |
SSLVPN service | Follow the guidance provided in VMware Cloud Director Remote Access VPN Integration Guide and transition to other solutions prior to the migration |
Syslog service | Disable Syslog service before migration |
SSH service | Disable SSH service before migration |
Distributed Firewall: Invalid objects in rule | Replace with equivalent supported objects (networks) |
Distributed Firewall: Unsupported type is applied to section | Modify rule so it can be applied to the whole organization VDC |
Distributed Firewall: Networks connected to different edge gateway used | Replace with equivalent IPset-based rule |
Distributed Firewall: Layer 2 Rule | Replace with equivalent layer 4 rules |
Distributed Firewall: Invalid Security Group objects in the rule | Replace with supported objects in Security Groups |
Published/Subscribed Catalog |
|