Introduction to the venmigrate Tool
The venmigrate tool handles migrating a VEN from one PCE to another PCE. Typically, the VEN is migrated from an on-premise PCE to an Illumio Cloud PCE. It is written in golang and is available for Linux, macOS, and Windows. You must run the tool on the host that contains the VEN that you want to migrate. The venmigrate tool unpairs or deactivates the VEN from the current PCE and pairs or activates it to the target PCE. If custom labeling is not disabled, it applies custom labels to the newly migrated managed workloads. You can import the venmigrate YAML file, which contains all of the parameters for migrating the VEN (activation code, pairing ID, and so on) and the workload metadata JSON file, which contains information like enforcement mode, labels, visibility, and the traffic log.
You can override most of these parameters when you run the command.
You must deploy the venmigrate toll on VEN hosts. It handles the migration of the VEN, deactivates/unpairs the VEN from the on-premise PCE and activates/pairs it to the Illumio Cloud with minimal disruption. It provides the following functionality:
Reads encrypted and non-encrypted migration parameters.
If the Illumio Cloud front-end management port is available, venmigrate does the following:
Applies custom labels to the managed workload after it pairs the VEN to the Illumio Cloud.
Deletes the unmanaged workload on the Illumio Cloud after it activates/pairs the VEN.
If the on-premise PCE's front-end management port is available, venmigrate does the following:
Creates the unmanaged workload on the on-premise PCE before it deactivates/unpairs the VEN.
Retrieves the managed workload metadata from the on-premise PCE before it deactivates/unpairs the VEN.