Microsoft Workloads on AWS
Mastering Windows Server migration to Amazon EC2: Key tactics for success – Part 2
Introduction
This two-part series equips you with essential knowledge for a successful Windows Server migration to Amazon Elastic Compute Cloud (Amazon EC2). Part 1 laid the groundwork by exploring critical licensing decisions and Active Directory integration strategies. Building on that foundation, this post delves into the technical intricacies of preparing your Windows Server instances for the cloud.
Solution overview
Part 2 focuses on preparing your instances for migration by examining key considerations that will ensure a smooth transition to Amazon EC2. We will explore how to:
- Choose the right Amazon EC2 instance type by understanding virtualization technologies like the Xen hypervisor and AWS Nitro System.
- Verify your Windows Server instance’s boot configuration (BIOS or Unified Extensible Firmware Interface (UEFI)) and understand its impact on the Amazon EC2 deployment.
- Run the validation tool to validate boot mode compatibility, confirm driver requirements, and check other prerequisites before migration
By understanding and implementing these practical steps, you’ll be better equipped to migrate, minimize errors, and speed up your transition to Amazon EC2.
Walkthrough
Choosing the right hypervisor between Xen hypervisor and AWS Nitro System
It is important to understand the Xen hypervisor and AWS Nitro System while migrating Windows Servers. Knowing these technologies will dictate the use of different drivers on different platforms and determine if an operating system (OS) version is only able to run on specific instance types. Here are a few key differences between the Xen hypervisor and AWS Nitro System for running Amazon EC2 instances:
Xen hypervisor
The Xen hypervisor is the traditional virtualization technology used in earlier Amazon EC2 instance types like M4 and C4. Instances running under Xen boot from an emulated IDE hard drive, and switch to the Xen paravirtualized block device drivers.
To get details on specific Xen-based instance types using the AWS CLI, use the describe-instance-types command. For example:
aws ec2 describe-instance-types \
--filters Name=hypervisor,Values=xen \
Name=processor-info.supported-architecture,Values=x86_64 \
--query 'sort_by(InstanceTypes, &InstanceType)[*].{InstanceType:InstanceType}' \
--output table
An alternative is using the Amazon EC2 console (Figure 1) to filter specific Xen-based instance types:
Figure 1: Screenshot of the AWS console filtering by instance types based on XEN
AWS Nitro System
The AWS Nitro System is the underlying platform for our next generation of Amazon EC2 instances that enables AWS to innovate faster, further reduce cost for our customers, and deliver added benefits like increased security and new instance types. Instances running under the Nitro Hypervisor boot from Amazon Elastic Block Storage (EBS) volumes using an NVMe interface. Some instance types like M5 and C5 use the AWS Nitro technology.
To get details on specific Nitro-based instance types using the AWS CLI, use the describe-instance-types command.
For example:
aws ec2 describe-instance-types \
--filters Name=hypervisor,Values=nitro \
Name=processor-info.supported-architecture,Values=x86_64 \
--query 'sort_by(InstanceTypes, &InstanceType)[*].{InstanceType:InstanceType}' \
--output table
An alternative is using the Amazon EC2 console (Figure 2) to filter specific Nitro-based instance types:
Figure 2: A screenshot of the AWS console filtering by instance types based on Nitro
Choose the correct driver version and platform according to different Windows operating system versions
Based on Table 1, we recommend prioritizing Xen-based instances when migrating Windows Server 2008 R2 and earlier operating systems. These instances offer superior compatibility and increase the likelihood of successful migration. However, it’s crucial to note that regional availability of Xen-based instances varies across the AWS infrastructure.
Operating System (OS) version | Support Platform | EC2Config | EC2Launch v1 | EC2Launch v2 | PV driver | AWS NVMe | AWS ENA |
2003 | Xen | 4.9.4326 | X | X | Citrix PV 5.9 | X | X |
2003 R2 | Xen | 4.9.4326 | X | X | Citrix PV 5.9 | X | X |
2008 | Xen | 4.9.4326 | X | X | Citrix PV 5.9 | X | X |
2008 R2 | Xen&Nitro | latest | X | X | AWS PV 8.3.5 | 1.3.2 | 2.2.3 |
2012 | Xen&Nitro | latest | X | 2.0.1643 | AWS PV 8.4.3 | 1.5.1 | 2.6.0 |
2012 R2 | Xen&Nitro | latest | X | 2.0.1643 | AWS PV 8.4.3 | 1.5.1 | 2.6.0 |
2016 | Xen&Nitro | X | latest | latest | AWS PV latest | latest | latest |
2019 | Xen&Nitro | X | latest | latest | AWS PV latest | latest | latest |
2022 | Xen&Nitro | X | latest | latest | AWS PV latest | latest | latest |
2025 | Nitro | X | X | latest | X | latest | latest |
Table 1: The comparison table of Windows Server support platform, Amazon EC2 launch agents and drivers.
For example in Figure 3, Asia Pacific regions, Singapore, Tokyo, and Seoul offer a wider range of Xen-based instances, while Hong Kong and Jakarta provide limited support for Xen-based instance types. Most notably, newer regions including Kuala Lumpur, Bangkok, and Taipei do not support Xen-based instances at all. This regional variation in instance availability makes the selection of target AWS region a critical consideration in your Windows Server migration strategy to Amazon EC2.
Figure 3: AWS region supports Xen-based instances type.
Identifying the Boot Mode for Windows Server Migration
It’s important to determine the Windows Server boot mode before migration. When a computer boots, the first software it runs initializes the platform and provides an interface for the OS to perform platform-specific operations.
Amazon EC2 supports two variants of the boot mode software: UEFI and Legacy BIOS. The AMI boot mode parameter signals Amazon EC2 which boot mode to use when launching an instance. Therefore, before migrating a server, it is crucial to identify whether the server’s boot mode is BIOS or UEFI. Using the incorrect boot mode will prevent the migrated server from booting up.
Launch a command prompt window as administrator and input the command “bcdedit
“. In the Windows Boot Loader section, if the file extension for /Windows/System32/winload
is .exe
then the system uses legacy BIOS. If the extension is .efi
then the system uses UEFI.
Figure 4 shows an example of a server running legacy BIOS boot mode.
Figure 4: A screenshot of the bcdedit command output showing boot loader settings for Legacy BIOS
Figure 5 for shows an example of a server using the new UEFI boot mode.
Figure 5: A screenshot of the bcdedit command output showing bootloader settings for UEFI
After migrating a virtual machine (VM) to the Amazon EC2 platform on AWS, you can choose the appropriate instance type to launch the new instance, depending on the VM’s boot mode. Intel and AMD instance types that support UEFI boot mode are built on the AWS Nitro System; however, some instance families don’t support UEFI boot mode. Refer to this article for more information on UEFI boot mode.
Validating your Windows Server environment before migration
Before migrating Windows Servers to Amazon EC2, validate the source environment with purpose-built tools to see if the servers are ready for migration. This validation helps identify issues such as unsupported OS versions, low disk space, or incompatible drivers that will disrupt the migration. Using tools like VM Import Checker or AWS Application Migration Service (MGN) Toolkit ensures the system meets requirements, thus reducing downtime and streamlining troubleshooting. This proactive approach ensures a predictable, efficient, and reliable migration to Amazon EC2.
Choose a validation tool based on the selected migration method. If using the AWS VM Import/Export service to import VM images into Amazon EC2, the tool validates your source Windows Server against service requirements. For AWS Application Migration Service (MGN), use the MGN Toolkit, which provides automated checks for the source server. Selecting the right tool ensures the validation process matches the migration approach and helps prevent unexpected issues. Please refer to the validation tool decision tree below Figure 6.
Figure 6: Validation tool decision tree
VM Import Checker
The VM Import Checker is a PowerShell-based validation tool within AWS Migration Hub Orchestrator that helps assess Windows Server machines before migration. This pre-migration validation tool identifies potential issues early, ensuring a smooth import process.
VM Import Checker Execution
Requires elevated PowerShell permissions to run the tool.
The checker.ps1
script is available from this link.
Run the following script to download and execute the tool.
#VMImportChecker
$uri = 'https://migrationhub-orchestrator-release-us-west-2.s3.amazonaws.com/aws-migrationhub-orchestrator-template-scripts/vmie/v1.0.0/windows/checker.ps1'
$destination = (Get-Location).Path
Write-host "Enable TLS 1.2 for this PowerShell session only."
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$webClient = New-Object System.Net.WebClient
$webClient.DownloadFile($uri, "$destination\checker.ps1")
Write-host "checker.ps1 download successfully"
.\checker.ps1
VM Import Checker Results
SUCCESS
: Test passed successfullyFAIL
: Configuration violates AWS VM Import/Export requirementsWARNING
: Potential issues requiring reviewINFO
: Informational messages about configuration differences
VM Import Checker example output and analysis
The script’s output Figure 7 includes a summary section that shows the result and specific value returned by the tests.
Figure 7: Run VM Import Checker example and shows the summary of test results.
The output Figure 8 includes a section detailing the tests that need attention. The section provides more details on the test results. Each result includes an explanation of why it requires attention and possible remediation steps.
Figure 8: Run VM Import Checker example and shows the summary of the operating system’s configuration
The output Figure 9 also includes a summary of the operating system’s configuration relevant to the AWS VM Import/Export requirements, which you can use to further investigate the recommendations.
Figure 9: Run VM Import Checker example and shows the operating system, storage and filter driver details.
The script’s overall result will fail if any individual test reports a FAILED status. This indicates that the current configuration does not support a successful image import into AWS. Address any issues before attempting the process. Carefully review all test results, not just the overall pass or fail, to identify and resolve any configuration issues.
For example Figure 10, the script will report a failure if:
- There is less than 6GB of free disk space on the C: drive.
- There are over 21 disks attached to the source machine.
- It detects multiple bootable partitions on the source machine.
- The DHCP service is not enabled on the source machine.
Figure 10: Run VM Import Checker example and shows the overall checker status.
AWS Application Migration Service (MGN) Toolkit
The AWS Application Migration Service (MGN) Toolkit extends traditional validation capabilities with a comprehensive set of automation tools for AWS migrations. Available on GitHub, this open-source solution streamlines server preparation and configuration validation.
MGN Toolkit Execution
- Requires elevated PowerShell permissions to run the tool.
- Visit the MGN Toolkit repository on GitHub.
- Clone or download the toolkit by following script to your local environment
#MGN-Toolkit
$uri = 'https://github.com/awslabs/mgn-toolkit/archive/refs/heads/main.zip'
$destination = (Get-Location).Path
if ((Test-Path -Path "$destination\mgn-toolkit.zip" -PathType Leaf) -or (Test-Path -Path "$destination\mgn-toolkit-main")) {
write-host "File $destination\mgn-toolkit.zip or folder $destination\mgn-toolkit-main found, exiting"
}else {
Write-host "Enable TLS 1.2 for this PowerShell session only."
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$webClient = New-Object System.Net.WebClient
Write-host "Downloading mgn-toolkit.zip"
$webClient.DownloadFile($uri, "$destination\mgn-toolkit.zip")
Write-host "mgn-toolkit.zip download successfully"
Add-Type -Assembly "system.io.compression.filesystem"
[System.IO.Compression.ZipFile]::ExtractToDirectory("$destination\mgn-toolkit.zip","$destination")
Write-host "Extracting mgn-toolkit.zip complete successfully"
Import-Module "$destination\mgn-toolkit-main\MGN-Toolkit.psm1"; Invoke-MGNToolkit
}
MGN Toolkit Results
GREEN
: No issues detectedYELLOW
: Items requiring review before migrationRED
: Critical issues blocking migration
MGN Toolkit example output and analysis
This section Figure 11 validates the fundamental system requirements and configurations necessary before starting the migration process. It ensures the source system meets the basic technical requirements for AWS MGN, including system resources, security settings, and network connectivity.
Figure 11: Run MGN Toolkit example and shows the summary of the operating system’s configuration and status.
These validations Figure 12 focus on identifying potential challenges that might arise after the migration is complete. The checks examine system configurations that will impact the server’s functionality in AWS, such as authentication methods, boot configurations, and network settings that might need changes in the cloud environment.
Figure 12: Run MGN Toolkit example and shows the validations focus on identifying potential challenges.
The replication section Figure 13 assesses the system’s capability to perform efficient data replication to AWS. It primarily evaluates disk performance metrics and writes activities to ensure the source system can maintain a stable and efficient data transfer during the migration process, helping prevent replication delays or failures.
Figure 13: Run MGN Toolkit example and shows the system’s capability to perform efficient data replication to AWS.
If you encounter any difficulties interpreting the results or determining the appropriate remediation steps, we recommend reaching out to AWS solutions architect, support or partners for assistance.
Conclusion
A successful migration of Windows Servers to Amazon EC2 requires careful planning beyond simple lift-and-shift strategies. We began in Part 1 by exploring essential foundation elements such as licensing requirements and Active Directory integration. This blog post builds on that foundation by diving into critical technical preparations at the instance level. We showed how to choose between Xen and Nitro virtualization platforms, verify boot mode configurations (BIOS or UEFI), and leverage the validation tool to ensure system compatibility.
By incorporating these steps into your migration strategy, you can now confidently migrate Windows Server workloads on Amazon EC2, minimize deployment risks, and accelerate your time to value, efficient operations in the AWS cloud.
To accelerate your Windows Server migration journey, start by validating your environment before you move workloads. If you are using the VM Import/Export service to bring virtual machine images into Amazon EC2, run the VM Import Checker to confirm compatibility. If you are migrating with AWS Application Migration Service (MGN), leverage the MGN Toolkit to perform automated checks and align with best practices. By pairing the right validation tool with your chosen migration service, you can reduce risk, streamline execution, and lay a stronger foundation for modernization on Amazon EC2.