VMware Cloud Community
crowntech
Contributor
Contributor
Jump to solution

Migrating Essential Business Server 2008 from Hyper-V to ESXi 5

Hi everybody,

I'd like to begin by stating this would be my first time posting on these forums and getting my feet wet with ESX, so please be gentle! After being tasked to come up with a backup plan, I decided to forego using Hyper-V and use ESX. We currently have Essential Business Server (EBS) 2008 which basically consists of 3 Server 2008 VMs running on top of Hyper-V. I have attempted to install from scratch onto the ESX host without any luck, the installation process is VERY particular and fails during the installation process. There weren't any clues as to how to fix it, I just got a dialog box saying to just reformat and start over; gave it a second shot but still fell flat on its face. Lo and behold I discovered the VMware vCenter Converter Standalone Client, seems like the perfect solution because we want a working backup! So far 2 servers have been migrated with only 1 being able to successfully boot to OS. The other is a DC, which I've read can be very tricky to migrate and they are especially sensitive to hardware changes. The KB article I read only seemed to cover NT-2003 DCs so not sure if I can go based off those tips.

I am curious to find out if anyone has had any luck in even dealing with EBS 2008. I haven't found any guides on installing EBS onto an ESX host and as much as I would love to use something different, I'm stuck with it for the time being. Is there something I'm missing when migrating the DC? The one option I did change was to install VMware Tools after migration and to add a NIC because the default option didn't select a NIC. I still have an Exchange server, which also acts as a DC, to migrate but I'm wondering if I'll run into the same problem. I really want to make this work and any suggestions would be helpful.

So in short: migrated vm from Hyper-V to ESX host using Converter, DC won't boot to OS in normal or safe mode it just hangs.

Reply
0 Kudos
1 Solution

Accepted Solutions
JESX35
Enthusiast
Enthusiast
Jump to solution

If you have managed to get away with a hot clone of your AD and it seems fine you can continue on with that, however when you clone a DC a cold clone is always recommended / usally less problems because AD is a sequential database that has no way to turn it off.  A cold clone allows you to boot into a linux boot CD enviroment to clone the box, meaning no services are running, which means you get all the data.

As far as your DMZ question goes you have 2 options.

Option 1 (Keeping it simple)

You can dedicate 1-2 psyhical nics on the ESX host to a DMZ vSwitch, this however can been seen as a "waste of nics" however it keeps it the simplest and allows you to plug everything the same way as if it where psyhical.  For isntance:

vSwitch0

Service Console     VMnic0

VM Network         Vmnic1

vSwitch1

DMZ Network   Vmnic2, Vmnic3

You would then just plug vmnic2, and vmnic3 on the host into your DMZ ports on your switch.  When you create your VM you would create 1 virtual nic and bind it to the VM Network and create a 2nd virtual nic to bind to the DMZ network.

Option 2

VLANS

A VLAN allows you to tag traffic so you can route different traffic to different places.  It also allows you to seperate networks so they can't communicate with each other AKA DMZ or test lab.

In VMware you are able to tag VLAN's on your Port groups and then based off the taging you put on your switch ports your switch will route traffice to the proper location.  For instance if you have your DMZ Network with a VLAN 10 any traffice leaving that virtual switch when it hits your psyhical switch will have a VLAN tag of 10.  So when your psyhical switch see's this traffice (If it is setup correctly) it will see ohh this traffice has VLAN 10 I route this to port 2 on my firewall which is your dmz ect.

I hope this makes sence or has helped shed some light on the topic.

View solution in original post

Reply
0 Kudos
7 Replies
JDLangdon
Expert
Expert
Jump to solution

Have you tried cold-cloning them while powered off?

crowntech
Contributor
Contributor
Jump to solution

I have not attempted cold-cloning yet as I was hoping to avoid having our VMs powered off for an extended period of time (the DC took 14 hours). I'd be willing to clone it with the default settings once more to avoid too much downtime since this is our main DC.

Reply
0 Kudos
JDLangdon
Expert
Expert
Jump to solution

Under normal circumstances, a cold clone will not take nearly as long as a hot one.  The reason being is because during a hot clone you are still using the server and the memory and disk contents are being changed.

crowntech
Contributor
Contributor
Jump to solution

Well I went ahead and did another hot-clone and so far so good. I will take a cold clone into consideration if anything else goes wrong although I did encounter 1 BSOD on our main DC but so far it seems to work.

The next question relates to the configuration of the topology. 1 of the 3 VMs acts as a firewall (Forefront TMG), edge transport server, and gateway/proxy. The live server currently has 1 NIC connected to our DMZ switch using an external address and 1 NIC connected to the internal network. All traffic MUST pass through this VM, are there any settings on the host that I need to set in order to configure this? When I look through network management, I am only able to set a single IP address even though there are 2 NICs on the host.

Reply
0 Kudos
JESX35
Enthusiast
Enthusiast
Jump to solution

If you have managed to get away with a hot clone of your AD and it seems fine you can continue on with that, however when you clone a DC a cold clone is always recommended / usally less problems because AD is a sequential database that has no way to turn it off.  A cold clone allows you to boot into a linux boot CD enviroment to clone the box, meaning no services are running, which means you get all the data.

As far as your DMZ question goes you have 2 options.

Option 1 (Keeping it simple)

You can dedicate 1-2 psyhical nics on the ESX host to a DMZ vSwitch, this however can been seen as a "waste of nics" however it keeps it the simplest and allows you to plug everything the same way as if it where psyhical.  For isntance:

vSwitch0

Service Console     VMnic0

VM Network         Vmnic1

vSwitch1

DMZ Network   Vmnic2, Vmnic3

You would then just plug vmnic2, and vmnic3 on the host into your DMZ ports on your switch.  When you create your VM you would create 1 virtual nic and bind it to the VM Network and create a 2nd virtual nic to bind to the DMZ network.

Option 2

VLANS

A VLAN allows you to tag traffic so you can route different traffic to different places.  It also allows you to seperate networks so they can't communicate with each other AKA DMZ or test lab.

In VMware you are able to tag VLAN's on your Port groups and then based off the taging you put on your switch ports your switch will route traffice to the proper location.  For instance if you have your DMZ Network with a VLAN 10 any traffice leaving that virtual switch when it hits your psyhical switch will have a VLAN tag of 10.  So when your psyhical switch see's this traffice (If it is setup correctly) it will see ohh this traffice has VLAN 10 I route this to port 2 on my firewall which is your dmz ect.

I hope this makes sence or has helped shed some light on the topic.

Reply
0 Kudos
crowntech
Contributor
Contributor
Jump to solution

I did some playing around with the networking configuration and ended up doing option 1 since it made the most sense. I agree that it seems like a waste of a NIC since it will only be utilizing 3-4 Mbps for an external connection but this will work for now. As for playing with VLANs, I'll have to look into it some more before I go messing with any of it. Thanks for the help!

Reply
0 Kudos
JESX35
Enthusiast
Enthusiast
Jump to solution

No problem,  glad it helped you out.

In general if its not a large network and you don't need massive throughput an extra NIC is pretty cheap these days to keep it simple.  To better explain the VLANs you could have a setup like this

vSwitch0

Service Console - No VLAN      - Assoicated Nics - vmnic0, vmnic1,vmnic2,vmnic3

VM Network - VLAN 10

DMZ NEtwork VLAN 20

vMotion VLAN 30                     

You would then plug VMNIC0,VMNIC1,VMNIC2,VMNIC3 into your switch and would tag the ports these nics plug into with something like

Switch Ports 1-4

1, 10,20,30

your default VLAN is typically 0 or 1, which is always passed along which is what your Service Console would use as it has no VLAN assigned/tagged to it.  Any traffice coming out of the other port groups (VMNetwork, DMZNetwork, vMotion) has a tag when it hits your switch ports.  By having your switch ports accepting those tags and passing them along you can route the traffic for different VLANS to different places.  For instance you could have VLAN 20  (DMZ) route to your firewall ports for the DMZ, ect.  VLAN'ing in short gives you seperatation and allows you to use the same psyhical nics in a VMware host for multiple purposes instead of assigning 1-2 for a dedicated purpose which could be used for more things.

However sometimes, its just really nice to keep it simple and for the smaller implmentations i've done most people are okay with buy an additional nic to accomidate things like a DMZ ect, as not a lot of people are comfortable with switching or VLANing,

Glad you got things going !

Cheers

Reply
0 Kudos