Simplifying the migration of OCI compute and volumes across tenancies using Python

November 29, 2023 | 4 minute read
Meghashree N
solution Engineer
Text Size 100%:

Migration of the compute resources and volumes across tenancies can be a complicated task. But with the help of properly tested processes, you can migrate your data safely with little downtime across tenancies. What if the data to be migrated is huge? Spanning across multiple virtual machines (VMs) and in hundreds of block volumes, the whole process gets more challenging and even more complicated.

This blog post explains how you can simplify the different tasks in the migration process using Python, while providing a brief on the process involved and the scripts to use. To help customers who want to move their data across tenancies, we show the following capabilities:

  • Migrate the VMs and data to newer tenancies for operational and business reasons like different service providers

  • Protecting the data from ransomware attacks

  • Migrate the VMs across multiple customer tenancies

In this case, the VMs and volumes are moved across two different tenancies as shown in the following architecture:

A graphic depicting the architecture for migrating compute and volumes across tenancies.

Prerequisites

You must have predefined policies to restore the backups across tenancies. These policies are controlled by OCI Identity policies. The admit policy must be defined in the old tenancy and endorse policy must be defined in the new tenancy.

The admit policy includes the following information:

Define tenancy NewTenancy as <new_tenancy_ocid>
Define group NewTenancyIdentityGroup as <new_tenancy_group_ocid>
Admit group NewTenancyIdentityGroup of tenancy NewTenancy to read boot-volume-backups in tenancy
Admit group NewTenancyIdentityGroup of tenancy NewTenancy to read volume-backups in tenancy

The endorse policy includes the following information:

Define tenancy OldTenancy as <old_tenancy_ocid>
Endorse group NewTenancyIdentityGroup to read boot-volume-backups in tenancy OldTenancy
Endorse group NewTenancyIdentityGroup to read volume-backups in tenancy OldTenancy
Endorse group NewTenancyIdentityGroup to inspect volumes in tenancy OldTenancy

Grant the permissions required for cross-migration activities and delete the policies when the activity is completed. For more information on policies, review About Migrating Oracle Cloud Infrastructure Volume Data Across Tenancies.

Recommended hardware

To deploy the Python code, you might have to create the instances in both tenancies. In this case, we’re using Oracle Linux 8 with the VM standard E4.Flex shape with 1 OCPU and 6-GB memory. The script might require you to install pip3, Pandas, and OCI-CLI for the code to work. If you want to run the script from a local machine, ensure that all the Python packages,OCI-CLI and auth credentials are configured for two different tenancies.

Process and scripts

When the instance is running, you can SSH into the instance and install the required Python packages like Pandas. You can import the script from this GitHub repository. Configure the OCI CLI before you test the script in the instance. The Python script covers the creation of the custom images and backups in the old tenancy and moving the custom images and volumes to the newer tenancy. The following scripts must be executed for two different tenancies. You can find the scripts on GitHub.

Script 1

  • For each instance present in the compartment, creates a custom image and save the generated custom image OCID for later use.

  • Checks if the Object Storage bucket exists. If not, creates a bucket and a preauthenticated request for the bucket to export the custom image created.

  • Exports the custom image to the bucket and creates PAR to the objects created and stores it in file.

  • Creates the backup for the each of the block volumes present in the compartment.

Script 2

  • Creates the PAR URL for each of the objects created from the previous step.

Script 3

  • In the new tenancy where you’re running this script, it reads the file, and for the PAR created for each object, imports the image from the PAR access URI. Then it creates the custom image.

  • Creates the block volumes in the new tenancy from the backup created in the old tenancy.

Explore more

This set of scripts migrates the large volume of data and compute across multiple tenancies. It’s a great way to ease the complexities involved in migration with python. Hope it helps and happy learning!

To learn more about migrating Oracle Cloud Infrastructure compute and volumes across tenancies, see the following resources:

Meghashree N

solution Engineer

I have background on terraform, python, kubernetes and docker etc, I have been working on automation to support OCI architecture frameworks in OCI.


Previous Post

Deliver applications with machine learning-powered recommendations

Bertrand Matthelie | 2 min read

Next Post


Troubleshoot integration issues in the OCI IAM Microsoft Active Directory Bridge

Ranjini Rajendran | 3 min read