Robert_M
Contributor
Contributor

Migrating ESX environment to new domain

Jump to solution

Firstly - sorry if I chose the wrong category for this discussion...

Environment: ESX 3.5 U4 Enterprise, VC 2.5, 2 ESX hosts, HA, DRS.

We've been acquired. As a result, I am migrating everything over to the corporate domain. My main question is regarding DNS. We will no longer have a local AD/DNS server. That is being provided over the MPLS WAN.

Is this supported or even advisable?

Can you hedge your bets by also adding entries to the Hosts' static address file? Or does this cause conflicts?

My secondary question is a review of my overall plan. Here is what I plan to do:

Migrate all vms onto a single ESX host, ESX1.olddomain.local

From the VI CLient, change the name, domain name and DNS configuration of ESX2.olddomain.local, reboot

Disconnect both ESX hosts from current Virtual Center

Rename the W2K3 VC server from oldname to newname, disjoin from olddomain.local

Reboot server

Join server newname to newdomain.org

Upgrade old VC to VC4 (Seems like a good time to do this, no?)

Connect ESX2.newdomain.org to Virtual Center and make sure all is well

From here 2 possibilities:

IF DNS lookups work properly, may be able to connect ESX1.olddomain.local to VC on new domain

Migrate running vms to ESX2.newdomain.org

From the VI CLient, change the name, domain name and DNS configuration of ESX1.olddomain.local, reboot

IF NOT - Use the VI Client to connect locally to ESX1, power off all vms

From the VI CLient, change the name, domain name and DNS configuration of ESX1.olddomain.local, reboot

Connect ESX1 to Virtual Center

0 Kudos
1 Solution

Accepted Solutions
jamesbowling
VMware Employee
VMware Employee

You should have problems moving your hosts over to the new domain since they are, honestly, just FQDN's and not tied to or controlled by AD. I would assume that the process would be similar to this:

1. Move VC server into new domain.

2. Confirm user accounts that you require are created/added.

3. Check the DSN user account to make sure it is correct.

4. Bring ESX2.olddomain.local into maint mode and change FQDN.

5. Reboot.

6. Rejoin to VC

7. Rinse and repeat for ESX1.olddomain.local

I might be missing something but I think that should do it.






Regards,

James B.

If you found this at all helpful please award points for being correct or helpful! Thanks!

James B. | Blog: http://www.vSential.com | Twitter: @vSential --- If you found this helpful then please awards helpful or correct points accordingly. Thanks!

View solution in original post

0 Kudos
7 Replies
weinstein5
Immortal
Immortal

Having a remote DNS server is supported and works fine as long as your network is reliable -

By default your ESX are not part of your AD domain they just use the domain name for creating the FQDN and really operate independently of your AD Domain - it is VC that ties closely with it using the user and groups -

I I think the first step would be move VC into the new domain. When this is done if you are using domain user and groups that you add approriate users and groups form the new domain - also do not forget to modify the DSN so it has the approriate username -

Once that is done migrate the VMs from one host to the other - place the voided ESX hosts into maintenance and change hostname and domain - reboot the esx host and rejoin it to virtual center - repeat the process for the second server -

You could upgrade VC but I would not do it why add something that might cause issues -

If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful

If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
jamesbowling
VMware Employee
VMware Employee

You should have problems moving your hosts over to the new domain since they are, honestly, just FQDN's and not tied to or controlled by AD. I would assume that the process would be similar to this:

1. Move VC server into new domain.

2. Confirm user accounts that you require are created/added.

3. Check the DSN user account to make sure it is correct.

4. Bring ESX2.olddomain.local into maint mode and change FQDN.

5. Reboot.

6. Rejoin to VC

7. Rinse and repeat for ESX1.olddomain.local

I might be missing something but I think that should do it.






Regards,

James B.

If you found this at all helpful please award points for being correct or helpful! Thanks!

James B. | Blog: http://www.vSential.com | Twitter: @vSential --- If you found this helpful then please awards helpful or correct points accordingly. Thanks!

View solution in original post

0 Kudos
jamesbowling
VMware Employee
VMware Employee

I apparently was typing way too slow here...ha!

If you found this at all helpful please award points for being correct or helpful! Thanks!

James B. | Blog: http://www.vSential.com | Twitter: @vSential --- If you found this helpful then please awards helpful or correct points accordingly. Thanks!
0 Kudos
Robert_M
Contributor
Contributor

Thanks for replies. Seems like I am generally on the right course with my plan. Good call on checking the user account for the DSN. Didn't think of that.

@ Weinstein - I agree it is probably best to skip upgrading to VC 4 until later...

@ James

I know that the ESX servers are just FQDNs and not part of AD, but DNS is AD integrated. There is a trust in place between the domains and DNS forwarders are set up. When ESX2 and VC are part of the new domain, they will be looking at newdomain's DNS servers. ESX1 will still be looking at olddomain's DNS servers. If all goes well with the DNS forwarding, I should be able to reattach ESX2.olddomain.local to the new VC. If not, then I go the "Plan B".

Neither of you commented on my step of removing both ESX hosts from VC before renaming and joining the VC server to the new domain. Do you think this is a necessary step or should I just leave them in there?

Thanks!

0 Kudos
jamesbowling
VMware Employee
VMware Employee

I don't think that is necessary. I would imagine that you would be fine either way. I personally would take them out and then rename and join the VC to the new domain. After that, I would add them back in, but that is just me.

If you found this at all helpful please award points by using the correct or helpful buttons! Thanks!

James B. | Blog: http://www.vSential.com | Twitter: @vSential --- If you found this helpful then please awards helpful or correct points accordingly. Thanks!
PduPreez
VMware Employee
VMware Employee

My 2 Cents

As far as I understand you seem to only have 2 ESX hosts or maybe you just used that as an example.

Regardless of the number of hosts, I would create a new VC on 4.1 with a fresh database.

How I would proceed.

1. Remove all VMs from 1 host and put it in maintenance mode.

2. Upgrade this host to ESX 4.1 (you might wanna reinstall to ESXi 4.1,because ESX days are numbered)

3. Create a new VM, add to new Domain and install VC 4.1 on this VM

4. Import host 1 into new VC, as well as all other hosts. (if DNS is not working, you can use IPs)

5. VMotion VMs from Host 2 to Host 1 (as long as Vmotion network can see each other this will work)

6. Once Host 2 is empty, enter maintenance mode and do a upgrade

7. Do this for all hosts 1 by one untill all on ver 4.1

8. you will need to install the new VMtools and Virtual hardware on each VM, which can be scheduled for a later time.

You can add you VMs to the new domain before or after the whole VMware upgrade

Regards

If you find this or any other answer useful please consider awarding points by marking the answer helpful or correct. Thank you.

0 Kudos
Robert_M
Contributor
Contributor

@PduPreez - I did not ask for advice on upgrading my hosts to 4.1. They are not on the 4.x HCL and have to remain on 3.x.

Here is what I ended up doing with success and zero downtime:

Migrate all vms onto a single ESX host, ESX1.olddomain.local

Disable HA and DRS

From the VI CLient, change the FQDN and DNS configuration of ESX2.olddomain.local, reboot

Disconnected then removed both ESX hosts from Virtual Center

Renamed the W2K3 VC server from oldname to newname, disjoined from olddomain.local

Reboot server

Joined server newname to newdomain.org

Checked the DSN name and made sure that VC could still connect to its database * had to change the server name here

Changed the name of the VMWare license server to the new server name * we didn't talk about this and it threw me for a little loop

Connect ESX2.newdomain.org to Virtual Center

Connect ESX1.olddomain.local to Virtual Center

Migrated all running vms from ESX1.olddomain.local to ESX2.newdomain.org

From the VI CLient, change the FQDN and DNS configuration of ESX1.olddomain.local, reboot

Disconnected then removed ESX1.olddomain.local from Virtual Center

Added ESX1.newdomain.org to Virtual Center

Re-enabled HA and DRS

Thanks for all the comments...

0 Kudos