Sunday, May 4, 2008

Manual "P2V" migration of a Windows server into a XEN VM instance

Xen doesn't officially offer a P2V solution for migrating existing physical Windows instances into XEN VMs. Their answer is a link to two vendors that offer XEN support for their P2V products. Both companies, however, charge a few hundred bucks per-migration, which makes it a bit expensive for the one-off migrations here and there (in both vendors' defense, the P2V functions aren't the main purpose of their products). I've used the following steps to perform migrations of Dell-based Windows 2003 Server instances into XEN virtual machines simply using NTBackup, without having to purchase any "P2V" tools/licenses.

These steps basically mimic how one can recover a Windows server onto new hardware after a failure, with some extra precautions taken to avoid interrupting the existing physical instance until it's ready to be replaced.

The steps:
  1. From the original server, I perform an NTBACKUP-based backup of the system state and the harddrives to a file share on the network.
  2. On the XEN host I provision a new machine of the same OS type and SP level as the physical machine to be moved. For example: if I'm moving a multi-CPU Windows 2003 Standard 32-bit server with Service Pack2, I provision a VM with Windows 2003 Standard 32-bit with Service Pack2 and multiple VCPUs. (Note: the HAL of the VM must match the original server's, so if you're migrating a single, non-hyperthreaded CPU machine, provision the VM with only one VCPU).
  3. This new VM must have the same drive layouts as the original server. I.e. if I have the OS on "C:" and the applications on "D:" and the CDROM mapped to "Z:" on the original server, I do the same on this VM. The only exception can be to create additional VM disk images that don't exist on the original server as long as they're mounted on a drive letters not used on the original server. I create "E:" for temporary space for below as I want the .BKF file local for the restore.
  4. On the new VM I copy the following files off the C drive to the "E:" local disk:
    1. c:\boot.ini
    2. c:\windows\repair
  5. I copy in the .BKF file created in step 1 to the new VM's "E:" disk as I want to disconnect the NIC before restoring.
  6. In the XEN console, I switch the VM's NIC to a non-used network so that it won't be able to talk to our network or domain controllers. This is to avoid interrupting the physical machine's functionality until I'm done, as the VM will take its SID, domain credentials, and possibly IP address.
  7. On the new VM I run NTBACKUP and choose "Restore".
  8. Under "Tools / Options" I choose the "Restore" tab and click the radio button "Always replace the file on my computer", as otherwise NTBACKUP will skip any existing newer files.
  9. I then restore the local harddrives and system state from the backup
  10. BEFORE REBOOTING I copy the boot.ini and windows\repair folders back in from the copies made in step 4 above
  11. I run the Xen Tools installer to install XEN's PV, NIC, and SCSI drivers
  12. I reboot. Sometimes at this point I get a blue-screen saying helpfully "An error has occurred." If this happens I reboot into safe mode and:
    1. Go into the device manager
    2. Delete the existing SCSI card (do this even if it shows up as a Citrix XEN SCSI card)
    3. Install Xen Tools again
    4. Reboot
  13. When the machine comes up, I verify all the settings match the live server's. If they do, I then:
    1. Turn off the physical instance
    2. In the Xen console, switch the NIC to be on the proper network, allowing it to talk to our domain controller
    3. I assign it the same IP address as the physical server, if appropriate
    4. I reboot and allow it to log into the domain

If there are any failures logging into the domain, its most likely because the physical computer reset its security channel between the time the backup was made and the time the VM replaced the phyiscal server. This can usually be fixed by typing the following commands, or demoting the machine to a workgroup server and then re-joining it to the domain:
    1. NLTEST /SC_RESET:
    2. netdom reset Destination computer /domain:domain_name usero:admin_user /passwordo:admin_user_password
Note: these commands require the Windows Support Tools to have been installed. You can find them on the Windows install CD.

There have been a few instances where I've wanted to clone a physical machine but not actually replace it with the VM. This has been mostly in cases where I wasn't100% sure how the physical machine is set up or functions (inheriting old applications) but need to start the migration process. The modifications to this procedure below allow me to have the new VM running in tandem with the old physical so that testing can be done to verify functionality.

To keep the physical running in tandem with the VM, before starting the process above, place a copy of NewSid from Microsoft on the VM. Then, instead of step 13 above, do the following:
  1. While the VM is still off the network, demote it from a domain member to a workgroup machine
  2. Reboot
  3. Run NewSid and as part of running it, change the name to something unique
  4. Reboot
  5. Give the VM a new IP address, different than the physical
  6. Now you can bring the server onto the network and join it to the domain under the new name, IP, and SID

5 comments:

Theune said...

I followed this set of instructions today to virtualize an old Server 2k running on 8 year old hardware. Instead of the SCSI driver, mine died on the video driver. Safe mode, uninstall device, reboot worked just fine. I did the same thing for the NIC and needed to reset the IP address to match the physical server's.

I would anticipate that these instructions could work for nearly any VM environment. Thank you very much for posting these (found by Google search of P2V Xen).

JAKKI said...

Good usefull info

umbala said...

I used the this manual to migrate Windows 2000 SP4 Server to XEN
It worked like a charm.

Anonymous said...

Dear,
Sound interesting, Could you clarify me how to do the step using xen tool to reload the Xen ´s PV, MIC & SCSI drives ?.
Thanks,
jm3

Aaron Dodd said...

Anonymous,

Using XenCenter, view the console of the migrated server. At the top of the console screen is a selection for CD images to attach. Attach the one for the XenTools CD. Then, within Windows, open the CDRom drive and run setup.exe (if it doesn't auto-run)