You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
**License** | The downloaded appliance template comes with a Windows Server 2016 evaluation license, which is valid for 180 days. If the evaluation period is close to expiry, we recommend that you download and deploy a new appliance, or that you activate the operating system license of the appliance VM.
31
-
**Deployment** | You deploy the appliance as a VMware VM. You need enough resources on the vCenter Server to allocate a VM with 32-GB RAM, 8 vCPUs, around 80 GB of disk storage, and an external virtual switch.<br/><br/> The appliance requires internet access, either directly or through a proxy.<br/> The appliance VM must be deployed on an ESXi host running version 5.5 or later.<br/><br/> The appliance can connect to a single vCenter Server.
31
+
**Deployment** | You deploy the appliance as a VMware VM. You need enough resources on the vCenter Server to allocate a VM with 32-GB RAM, 8 vCPUs, around 80 GB of disk storage, and an external virtual switch.<br/> The appliance requires internet access, either directly or through a proxy.<br/> The appliance can connect to a single vCenter Server.
32
32
**Hardware** | Resources on vCenter to allocate a VM with 32-GB RAM 8 vCPUs, around 80 GB of disk storage, and an external virtual switch.
**vCenter server/host** | The appliance VM must be deployed on an ESXi host running version 5.5 or later.<br/><br/> vCenter Server running 5.5, 6.0, 6.5, or 6.7.
35
35
**Azure Migrate project** | An appliance can be associated with a single project. <br/> Any number of appliances can be associated with a single project.<br/>
36
36
**Discovery** | An appliance can discover up to 10,000 VMware VMs on a vCenter Server.<br/> An appliance can connect to a single vCenter Server.
37
37
**Appliance components** | Management app: Web app in appliance for user input during deployment.<br/> Discovery agent: Gathers machine configuration data.<br/> Assessment agent: Collect performance data.<br/> DRA: Orchestrates VM replication, and coordinates communication between machines/Azure.<br/> Gateway: Sends replicated data to Azure.<br/> Auto update service: Update components (runs every 24 hours).
38
-
**VDDK (agentless migration)** | If you're running an agentless migration with Azure Migrate Server Migration, the VMware vSphere VDDK must be installed on the appliance VM).
38
+
**VDDK (agentless migration)** | If you're running an agentless migration with Azure Migrate Server Migration, the VMware vSphere VDDK must be installed on the appliance VM.
39
39
40
40
41
41
## Appliance - Hyper-V
@@ -62,14 +62,12 @@ Physical machine | Azure Migrate: Server Assessment | Discover physical server
**Hardware** | Dedicated physical machine, or VM. The machine running appliance needs 16-GB RAM, 8 vCPUs, around 80 GB of storage space, and an external switch.<br/><br/> The appliance needs a static or dynamic IP address, and internet access.
**Hardware** | Dedicated physical machine, or VM. The machine running appliance needs 16-GB RAM, 8 vCPUs, around 80 GB of storage space, and an external switch.<br/> The appliance needs a static or dynamic IP address, and internet access.
**Software** | Appliance machine should run Windows Server 2016.
68
68
**Appliance deployment** | The appliance installer script is downloaded from the portal (in a zipped folder). <br/> You unzip the folder, and run the PowerShell script (AzureMigrateInstaller.ps1).
69
69
**Discovery** | An appliance can discover up to 250 physical servers.
70
70
**Appliance components** | Management app: Web app in appliance for user input during deployment.<br/> Discovery agent: Gathers machine configuration data.<br/> Assessment agent: Collect performance data.<br/> Auto update service: Update components (runs every 24 hours).
71
-
**Port access** | After you have configured the appliance, inbound connections on TCP port 3389 to allow remote desktop connections to the appliance.<br/><br/> Inbound connections on port 44368 to remotely access the appliance management app using the URL: `https://<appliance-ip-or-name>:44368.<br/><br/> Outbound connections on port 443, 5671 and 5672 to send discovery and performance metadata to Azure Migrate.
72
-
73
71
74
72
75
73
## URL access
@@ -89,9 +87,9 @@ dc.services.visualstudio.com | Upload app logs used for internal monitoring.
89
87
*.vault.azure.net | Manage secrets in the Azure Key Vault.
90
88
aka.ms/* | Allow access to aka links. Used for Azure Migrate appliance updates.
91
89
download.microsoft.com/download | Allow downloads from Microsoft download.
92
-
*.servicebus.windows.net | Used for VMware agentless migration.<br/><br/> Communication between the appliance and the Azure Migrate service.
93
-
*.discoverysrv.windowsazure.com <br/> *.migration.windowsazure.com <br/> *.hypervrecoverymanager.windowsazure.com | Used for VMware agentless migration.<br/><br/> Connect to Azure Migrate service URLs.
94
-
*.blob.core.windows.net | Used for VMware agentless migration.<br/><br/>Upload data to storage.
90
+
*.servicebus.windows.net | **Used for VMware agentless migration**<br/><br/> Communication between the appliance and the Azure Migrate service.
91
+
*.discoverysrv.windowsazure.com <br/> *.migration.windowsazure.com <br/> *.hypervrecoverymanager.windowsazure.com | **Used for VMware agentless migration**<br/><br/> Connect to Azure Migrate service URLs.
92
+
*.blob.core.windows.net | **Used for VMware agentless migration**<br/><br/>Upload data to storage.
Copy file name to clipboardExpand all lines: articles/migrate/migrate-support-matrix-physical.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -33,7 +33,7 @@ To assess on-premises machines for migration to Azure with this article, you add
33
33
| **Support** | **Details**
34
34
| :------------------- | :------------------- |
35
35
|**Physical server deployment**| The physical server can be standalone or deployed in a cluster. |
36
-
|**Permissions**|**Windows:** Set up a local user account on all the Windows servers that you want to include in the discovery. The user account needs to be added to these groups-Remote Desktop Users, Performance Monitor Users and Performance Log users. <br/> **Linux:** You need a root account on the Linux servers that you want to discover. |
36
+
|**Permissions**|**Windows:** Set up a local or domain user account on all the Windows servers that you want to include in the discovery. The user account needs to be added to these groups-Remote Desktop Users, Performance Monitor Users and Performance Log users. <br/> **Linux:** You need a root account on the Linux servers that you want to discover. |
37
37
|**Operating system**| All [Windows](https://support.microsoft.com/help/2721672/microsoft-server-software-support-for-microsoft-azure-virtual-machines) and [Linux](https://docs.microsoft.com/azure/virtual-machines/linux/endorsed-distros) operating systems are supported except the following:<br/> Windows Server 2003 <br/> SUSE Linux|
Copy file name to clipboardExpand all lines: articles/migrate/tutorial-prepare-hyper-v.md
+8-9Lines changed: 8 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -34,10 +34,10 @@ If you don't have an Azure subscription, create a [free account](https://azure.m
34
34
35
35
You need set up permissions for Azure Migrate deployment.
36
36
37
-
- Permissions for your Azure account to create an Azure Migrate project.
38
-
- Permissions for your account to register the Azure Migrate appliance. The appliance is used for discovery and assessment of Hyper-V VMs you migrate. During appliance registration, Azure Migrate creates two Azure Active Directory (Azure AD) apps that uniquely identify the appliance:
39
-
- The first app communicates with Azure Migrate service endpoints.
40
-
- The second app accesses an Azure Key Vault that's created during registration, to store Azure AD app info and appliance configuration settings.
37
+
**Task** | **Permissions**
38
+
--- | ---
39
+
**Create an Azure Migrate project** | Your Azure account needs permissions to create a project.
40
+
**Register the Azure Migrate appliance** | Azure Migrate uses a lightweight Azure Migrate appliance to discover and assess Hyper-v VMs with Azure Migrate Server Assessment. This appliance discovers VMs, and sends VM metadata and performance data to Azure Migrate.<br/><br/>During appliance registration, the following Register Providers are registered with the subscription chosen in the appliance- Microsoft.OffAzure, Microsoft.Migrate and Microsoft.KeyVault. Registering a resource provider configures your subscription to work with the resource provider. To register the resource providers, you need a Contributor or Owner role on the subscription.<br/><br/> As part of onboarding, Azure Migrate creates an Azure Active Directory (Azure AD) app:<br/> The AAD app is used for communication (authentication and authorization) between the agents running on the appliance with their respective services running on Azure. This app does not have privileges to make ARM calls or RBAC access on any resource.
41
41
42
42
43
43
@@ -54,15 +54,14 @@ Check you have permissions to create an Azure Migrate project.
54
54
55
55
### Assign permissions to register the appliance
56
56
57
-
You can assign permissions for Azure Migrate to create the Azure AD apps created during appliance registration, using one of the following methods:
57
+
You can assign permissions for Azure Migrate to create the Azure AD app during appliance registration, using one of the following methods:
58
58
59
59
- A tenant/global admin can grant permissions to users in the tenant, to create and register Azure AD apps.
60
60
- A tenant/global admin can assign the Application Developer role (that has the permissions) to the account.
61
61
62
-
It's worth noting that:
63
-
64
-
- The apps don't have any other access permissions on the subscription other than those described above.
65
-
- You only need these permissions when you register a new appliance. You can remove the permissions after the appliance is set up.
62
+
> [!NOTE]
63
+
> - The app does not have any other access permissions on the subscription other than those described above.
64
+
> - You only need these permissions when you register a new appliance. You can remove the permissions after the appliance is set up.
Copy file name to clipboardExpand all lines: articles/migrate/tutorial-prepare-physical.md
+8-9Lines changed: 8 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -36,10 +36,10 @@ If you don't have an Azure subscription, create a [free account](https://azure.m
36
36
37
37
You need set up permissions for Azure Migrate deployment.
38
38
39
-
- Permissions for your Azure account to create an Azure Migrate project.
40
-
- Permissions for your account to register the Azure Migrate appliance. The appliance is used for Hyper-V discovery and migration. During appliance registration, Azure Migrate creates two Azure Active Directory (Azure AD) apps that uniquely identify the appliance:
41
-
- The first app communicates with Azure Migrate service endpoints.
42
-
- The second app accesses an Azure Key Vault that's created during registration, to store Azure AD app info and appliance configuration settings.
39
+
**Task** | **Permissions**
40
+
--- | ---
41
+
**Create an Azure Migrate project** | Your Azure account needs permissions to create a project.
42
+
**Register the Azure Migrate appliance** | Azure Migrate uses a lightweight Azure Migrate appliance to discover and assess physical servers with Azure Migrate Server Assessment. This appliance discovers servers, and sends their metadata and performance data to Azure Migrate.<br/><br/>During appliance registration, the following Register Providers are registered with the subscription chosen in the appliance- Microsoft.OffAzure, Microsoft.Migrate and Microsoft.KeyVault. Registering a resource provider configures your subscription to work with the resource provider. To register the resource providers, you need a Contributor or Owner role on the subscription.<br/><br/> As part of onboarding, Azure Migrate creates an Azure Active Directory (Azure AD) app:<br/> The AAD app is used for communication (authentication and authorization) between the agents running on the appliance with their respective services running on Azure. This app does not have privileges to make ARM calls or RBAC access on any resource.
43
43
44
44
45
45
@@ -56,15 +56,14 @@ Check you have permissions to create an Azure Migrate project.
56
56
57
57
### Assign permissions to register the appliance
58
58
59
-
You can assign permissions for Azure Migrate to create the Azure AD apps creating during appliance registration, using one of the following methods:
59
+
You can assign permissions for Azure Migrate to create the Azure AD app during appliance registration, using one of the following methods:
60
60
61
61
- A tenant/global admin can grant permissions to users in the tenant, to create and register Azure AD apps.
62
62
- A tenant/global admin can assign the Application Developer role (that has the permissions) to the account.
63
63
64
-
It's worth noting that:
65
-
66
-
- The apps don't have any other access permissions on the subscription other than those described above.
67
-
- You only need these permissions when you register a new appliance. You can remove the permissions after the appliance is set up.
64
+
> [!NOTE]
65
+
> - The app does not have any other access permissions on the subscription other than those described above.
66
+
> - You only need these permissions when you register a new appliance. You can remove the permissions after the appliance is set up.
Copy file name to clipboardExpand all lines: articles/migrate/tutorial-prepare-vmware.md
+6-2Lines changed: 6 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -33,8 +33,12 @@ You need these permissions.
33
33
**Task** | **Permissions**
34
34
--- | ---
35
35
**Create an Azure Migrate project** | Your Azure account needs permissions to create a project.
36
-
**Register the Azure Migrate appliance** | Azure Migrate uses a lightweight Azure Migrate appliance to assess VMware VMs with Azure Migrate Server Assessment, and to run [agentless migration](server-migrate-overview.md) of VMware VMs with Azure Migrate Server Migration. This appliance discovers VMs, and sends VM metadata and performance data to Azure Migrate.<br/><br/>During registration, Azure Migrate creates two Azure Active Directory (Azure AD) apps that uniquely identify the appliance, and needs permissions to create these apps.<br/> - The first app communicates with Azure Migrate service endpoints.<br/> - The second app accesses an Azure Key Vault created during registration to store Azure AD app info and appliance configuration settings.
37
-
**Create a Key Vault** | To migrate VMware VMs with Azure Migrate Server Migration, Azure Migrate creates a Key Vault to manage access keys to the replication storage account in your subscription. To create the vault, you need permissions on the resource group in which the Azure Migrate project resides.
36
+
**Register the Azure Migrate appliance** | Azure Migrate uses a lightweight Azure Migrate appliance to assess VMware VMs with Azure Migrate Server Assessment, and to run [agentless migration](server-migrate-overview.md) of VMware VMs with Azure Migrate Server Migration. This appliance discovers VMs, and sends VM metadata and performance data to Azure Migrate.<br/><br/>During appliance registration, the following Register Providers are registered with the subscription chosen in the appliance- Microsoft.OffAzure, Microsoft.Migrate and Microsoft.KeyVault. Registering a resource provider configures your subscription to work with the resource provider. To register the resource providers, you need a Contributor or Owner role on the subscription.<br/><br/> As part of onboarding, Azure Migrate creates two Azure Active Directory (Azure AD) apps:<br/> - The first app is used for communication (authentication and authorization) between the agents running on the appliance with their respective services running on Azure. This app does not have privileges to make ARM calls or RBAC access on any resource.<br/> - The second app is used exclusively to access KeyVault created in the user's subscription for agentless migration. It is provided with an RBAC access on the Azure Key Vault (created in customer's tenant) when discovery is initiated from the appliance.
37
+
**Create a Key Vault** | To migrate VMware VMs with Azure Migrate Server Migration, Azure Migrate creates a Key Vault to manage access keys to the replication storage account in your subscription. To create the vault, you need role assignment permissions on the resource group in which the Azure Migrate project resides.
0 commit comments