This is a post about the two deployment models currently available in Azure, Service Management (ASM) and Resource Manager (ARM). And how to migrate from one to the other if necessary.
About the Azure Service Management deployment model
The ASM model, also known as version 1 and Classic mode, started out as a web interface and a backend API for the PaaS services Azure opened with at launch.
- ASM deployments are based on an XML schema.
- ASM operations are based at the cloud service level.
- Cloud services are the logical containers for IaaS VMs and PaaS services.
- ASM is managed through the CLI, old and new portals (features) and PowerShell.
About the Resource Manager deployment model
The ARM model consists of a new web interface and API for resource management in Azure which came out of preview in 2016 and introduced several new features.
- ARM deployments are based on a JSON schema.
- Templates, which can be imported and exported, define deployments.
- RBAC support.
- Resources can be tagged for logical access and grouping.
- Resource groups are the logical containers for all resources.
- ARM is managed through PowerShell (PS), the CLI and new portal only.
Why use Service Management mode?
- Support for all features that are not exclusive to ARM mode.
- No new features will be made available in this mode.
- Cannot process operations in parallel (.e.g. vm start, vm create, etc).
- ASM needs a VPN or ExpressRoute connection to communicate with ARM.
- In Classic mode templates cannot be used to configure resources.
Users should therefore only be using service management mode if they have legacy environments to manage which include features exclusive to it.
Why use Resource Manager mode?
- Support for all features that are not exclusive to ASM mode.
- Can process multiple operations in parallel.
- JSON templates are a practical way of managing resources.
- RBAC, resource groups and tags!
Resource manager mode is the recommended deployment model for all Azure environments going forward.
Means of migration
The following tools and software are available to help with migrating environments.
ASM2ARM is a custom PowerShell script module for migrating a single Virtual Machine from Azure Service Management to Resource Manager stack which makes available two new cmdlets.
[code language=”powershell”]$vm = Get-AzureVm -ServiceName acloudservice -Name atestvm
Add-AzureSMVmToRM -VM $vm -ResourceGroupName aresourcegroupname -DiskAction CopyDisks -OutputFileFolder D:\myarmtemplates -AppendTimeStampForFiles -Deploy[/code]
Using the service name and VM name parameters directly.
[code language=”powershell”]Add-AzureSMVmToRM -ServiceName acloudservice -Name atestvm -ResourceGroupName aresourcegroupname -DiskAction CopyDisks -OutputFileFolder D:\myarmtemplates -AppendTimeStampForFiles -Deploy[/code]
- Copy the VM’s disks to an ARM storage account or create a new one.
- Create a destination vNet and subnet for migrated VMs.
- Create ARM JSON templates and PS script for deployment of resources.
- Create an availability set if one exists at source.
- Create a public IP if the VM is open to the internet.
- Create network security groups for the source VMs public endpoints.
- Cannot migrate running VMs.
- Cannot migrate multiple VMs.
- Cannot migrate a whole ASM network
- Cannot create load balanced VMs.
For more information: https://github.com/fullscale180/asm2arm
About platform supported migrations using PowerShell
Consists of standard PowerShell cmdlets from Microsoft for migrating resources to ARM.
- Migration of virtual machines not in a virtual network (disruptive!).
- Migration of virtual machines in a virtual network (non-disruptive!).
- Storage accounts are cross compatible but can also be migrated.
- More than one availability set in a single cloud service.
- One or more availability sets.
- VMs not in an availability set in a single cloud service.
About platform supported migrations using the Azure CLI
Consists of standard Azure CLI commands from Microsoft for migrating resources to ARM.
Features & Limitations
A video on the subject of platform supported migrations using PowerShell or the CLI.
MigAz comes with an executable which outputs reference JSON files and makes available a Powershell script capable of migrating ASM resources and blob files to ARM mode environments.
- MigAz exports JSON templates from REST API calls for migration.
- New resources are created in and disk blobs copied to their destination, all original resources left intact.
- Exported JSON can (and should) be reviewed and customized before use.
- Export creates all new resources in a single resource group.
- Supports using any subscription target, same or different.
- With JSON being at the core of ARM, templates can be used for DevOPs.
- Can be used to clone existing environments or create new ones for testing.
About Azure Site Recovery (ASR)
ASR is a backup, continuity and recovery solution set which can also be used for migrating resources to ARM.
- Cold backup and replication of both on and off premise virtual machines.
- Cross compatible between ASM and ARM deployment models.
- ASM virtual machines can be restored into ARM environments.
Pros and cons
ASM2ARM: Requires downtime but can be scripted which has potential however this approach only allows for the migration of one VM at a time which is a sizable limitation.
Azure PowerShell and CLI: This approach is well rounded. It can be scripted and allows for rollbacks. Supported migration scenarios include some caveats however and you cannot migrate a whole vNet into an existing network.
MigAz Tool: Exports JSON of ASM resources for customization and uses a PowerShell script for deployment to ARM. Downtime is required going to the same address space or cutting over to new services but this is easily your best and most comprehensive option at this time.
Site Recovery: Possibly the easiest way of migrating resources and managing the overall process but requires a lot of work to set up. Downtime is required in all cases.