Advertisement Header

Tuesday, 21 March 2017

HandsON! Review: AWS EC2Rescue for Windows instances

When it comes to troubleshooting Windows server issues, it is not easy to get all required logs at same time with single tool. Systems Administrators will spend their valuable time on collecting logs when troubleshooting below issues:

  • Boot Issues
  • Restore
  • Disk issues
  • Generate OS logs
  • Generate Memory dumps
  • Export Registry entries
  • Windows Update Logs
  • Export Event Logs

We will spend time on lot of multiple tools/utilities to generate or export above logs/dumps when it comes to cloud environment expectation to resolve the issues is much higher at the same time we need to equip with right tools to achieve the same supporting the cause Amazon had recently released EC2Rescue GUI based troubleshooting tool to help us to resolve operations system issues to generate logs faster.


The following are a few common issues that are addressed by EC2Rescue:

  • Instance connectivity issues due to:
    • Firewall configuration
    • RDP service configuration
    • Network interface configuration
  • Operating system (OS) boot issues due to:
    • Blue screen or stop error
    • Boot loop
    • Corrupted registry
  • Any issues that might require advanced log analysis and troubleshooting

Here are the System Requirements to install EC2Rescue which can be downloaded

  • Windows Server 2008 R2 or later
  • NET Framework 3.5 SP1 or later installed
  • Is accessible from a Remote Desktop Protocol (RDP) connection
Note: EC2Rescue can only be run on Windows Server 2008 R2 or later, but it can also analyze the offline volumes of Windows Server 2008 or later.

How to USE:

Note: Here are the few things where this tool cannot help:
  • Windows Update logs are not captured on Windows Server 2016 instances.
  • Offline instance refers to a stopped instance whose root volume has been detached and then attached to another instance as a secondary volume for troubleshooting with EC2Rescue.
  • Run this tool with the account which have local administrator access.

Step 1: One we downloaded tool from here 



Step 2: Unzip the download zip file



Step 3: Double click on EC2Rescue.exe to open and click on next to begin.


Step 4: Now we can select mode Current Instance / Offline instance

Current Instance Mode
This mode analyzes the instance on which EC2Rescue is currently running. It is read-only and does not modify the current instance, and therefore it does not directly fix any issues. Use this mode to gather system information and logs for analysis or for submission to system administrators or AWS Support.



When we select Current instance mode, we will get option to capture logs:


Here EC2Rescue tool will give us more options to select which ever logs we need to generate based on kind of issue we can select type of logs we need.


Once we select required logs click on Collect and it will prompt information dialog box (Note: Read it very carefully when you are sharing logs with any third party vendors).



Once you accept by clicking yes it will be prompted to select the filename and file location to store. Give appropriate filename and location as required.


It will generate above selected logs and place @ your mentioned location, once you extract selected logs will be available as below:

We can share this logs with third party as required or we can use ourself to troubleshoot.

Now lets see what we can perform using Offline Instance Mode:

Offline Instance Mode
This mode allows you to select the volume of the offline system. EC2Rescue analyzes the volume and presents a number of automated rescue and restore options. Also included is the same log collection feature as the Current Instance Mode.

Note: Offline instance refers to a stopped instance whose root volume has been detached and then attached to another instance as a secondary volume for troubleshooting with EC2Rescue.

Once we attach the volume which we need to troubleshoot to the instance where we can run Ec2Rescue Tool. we can select offline instance as above.

Now we should be able to see newly attached volume in Computer Management panel:


Make it disk Online by right clicking (In my case it is Disk 1 your disk number may change based on number of existing disks you may have)


Open Ec2Rescue tool by double clicking on Ec2Rescue.exe as mentioned above.

This time we have to select Offline Instance


Now we will get the additional Volume which is Disk 1 in my case will be visible to select.


It will be prompter the warning whether we selected appropriate volume and we can agree the same by clicking yes


Volume Successfully loaded


Now we will have Offline instance troubleshooting options a follows:
  • Diagnose and Rescue
  • Restore
  • Capture Logs


Lets Explore "Diagnose and Rescue"


Now it will display summary of possible issues:


We can select Next to proceed to issue selection


Select appropriate option as required to fix the issue. In my case I tried to set Ec2 Password to Rescue.


Lets Explore "Restore"



We will have below restore options:

Select appropriate restore option in my case restore registry and then click on restore.

Lets Explore "Capture Logs" this as like as which we perform for Current instance option.



Select appropriate logs to collect



Once we are done with troubleshooting for additional volume which we attached can be detached and add back to original instance to boot as usual.


Final Verdict 

As we can see Ec2Rescue tool will be very handy for troubleshooting windows instance (Online/offline) related issues, So I would definitely encourage others to use and make benefit out of it.

Hope this review post help you.

Tuesday, 14 March 2017

How to migrate VM to AWS (Cold Migration)


Now a days there is a lot of demand for AWS and of course it is easy to adopt AWS services like EC2, S3, etc., but not all the time we may able to deploy new instances and install applications, there may be some scenarios where we may need to migrate complete VM from physical datacenter to AWS. So here we will discuss about how we can do cold migration of VM to AWS.

VM Import/Export enables us to import virtual machine (VM) images from our existing virtualization environment to Amazon EC2, and then deploy new instance using same AMI, this will enable us to copy our VM image catalog to Amazon EC2, or create a repository of VM images for backup and disaster recovery.

Below Software’s /applications will be used to complete this cold migration:
  • VMware Workstation
  • Ovftool 

Step 1: Setup a VM

Install a windows 2012 r2 server using VMWare Workstation using the windows 2012 r2 ISO. 

Step 2: Exporting the VM

We need to export this VM as OVA file or VMDK, VHD OR RAW. So, power off the VM and
Go to -> File -> Export to OVF. 
Now the VM is exported in the format of OVF.



https://aws.amazon.com/ec2/vm-import/ gives us the detailed information. 

Step 3: Conversion of OVF to OVA

The OVF file should be converted to OVA file to import the VM in AWS. VMware player helps to convert OVF to OVA, 

VMware OVFtool can be downloaded ovftool-download

After installation of ovftool, run the below commands

cd "Program Files\VMware\VMware OVF Tool"
ovftool.exe H:\Image\Windows-2012-Server.ovf H:\Image\Windows-2012-Server.ova (This command converts from .ovf to .ova)



Now the VM is successfully converted from OVF to OVA.



Step 4: Exporting OVA to S3 

For exporting this OVA to S3, we need to have a user and an IAM role in AWS. 
And also install AWS CLI for 64bit. 

After installing AWS CLI, run the commands using command prompt.

aws configure (Give the access key , secret key and region)
aws s3 ls
aws s3 cp Windows-2012-Server.ova s3://migratebucket/ (Cpoying the ova file to s3 bucket)


aws s3 ls s3://migratebucket/ (To view the uploaded ova in s3)

Step 5: Importing OVA

To import OVA as an image, there are few steps that needed to be followed.

1.       Open a notepad and type the below commands and save it as trust-policy.json
{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Principal": { "Service": "vmie.amazonaws.com" },
         "Action": "sts:AssumeRole",
         "Condition": {
            "StringEquals":{
               "sts:Externalid": "vmimport"
            }
         }
      }
   ]
}

As an aws user, run the command 
aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json (Need to go the path where the trust-policy.json is saved)  



     2. Type the below commands in a notepad and name it as role-policy.json
{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Action": [
            "s3:ListBucket",
            "s3:GetBucketLocation"
         ],
         "Resource": [
            "arn:aws:s3:::disk-image-file-bucket"
         ]
      },
      {
         "Effect": "Allow",
         "Action": [
            "s3:GetObject"
         ],
         "Resource": [
            "arn:aws:s3:::disk-image-file-bucket/*"
         ]
      },
      {
         "Effect": "Allow",
         "Action":[
            "ec2:ModifySnapshotAttribute",
            "ec2:CopySnapshot",
            "ec2:RegisterImage",
            "ec2:Describe*"
         ],
         "Resource": "*"
      }
   ]
}

    disk-image-file-bucket -> implies the bucket name 

    Now run the command 
    aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json



     3. Finally importing the VM- Open a notepad and type the below commands and save this fie as containers.json file. 

[
  {
    "Description": "Windows 2008 OVA",
    "Format": "ova",
    "UserBucket": {
        "S3Bucket": "my-import-bucket",
        "S3Key": "vms/my-windows-2008-vm.ova"
    }
}]
         
         S3Bucket -> It indicates the bucket name
         S3Key -> It is the path of the ova file in S3 (Make this file public and copy that location). 
         
    aws ec2 import-image --description "Windows 2012 OVA" --disk-containers file://containers.json
       (This command imports the image in reference with containers.json file).

    
          The ova is imported and it is pending state. 

    Step 6: Check the Import task
     
    To check the status of the Import,
     aws ec2 describe-import-image-tasks --import-task-ids import-ami-ffrnccwy
     (we get the AMI id from import task id from the containers.json policy)
     After multiple checks, the status of the import shows "Completed"
     
    
      Finally, the AMI is created in AWS and now that we have an AMI, we can launch it as an instance or copy it to another region. 
      


      Step 7: Verifying the VM Imported as AMI.

      Launch an instance using the AMI (Image of the VM) which is created in our AWS EC2 environment. Connect to the instance using Remote desktop connection and give the password which we have set it during the installation of the VM in VMware workstation. 
      
  

     Hence, the VM is imported successfully with the migration of the applications 😊
     


Note: This process will help us to perform VM cold migration, if somebody want to perform physical server, then process would remain same apart from converting Physical to VM, In future post will convert how to convert physical machine to VM.

Hope this post will help you.