How can I use EC2Rescue to troubleshoot issues with my Amazon EC2 Windows instance?

Last updated: 2020-11-17

I’m experiencing one of the following issues with my Amazon Elastic Compute Cloud (Amazon EC2) Windows instance:

  • I can’t connect to my Amazon EC2 Windows instance.
  • I am experiencing boot issues.
  • I need to perform a restore action.
  • I need to fix common issues such as a disk signature collision.
  • I need to gather operating system (OS) logs for analysis and troubleshooting.

How can I use EC2Rescue to resolve these issues?

Short description

EC2Rescue for EC2 Windows is a troubleshooting tool that you can run on your Amazon EC2 Windows Server instances. Use the tool to troubleshoot OS-level issues and to collect advanced logs and configuration files for further analysis. The following are some common issues that EC2Rescue can address:

  • Instance connectivity issues due to firewall, Remote Desktop Protocol (RDP), or network interface configuration.
  • OS boot issues due to a blue screen or stop error, a boot loop, or a corrupted registry.
  • Any issues that might need advanced log analysis and troubleshooting.

Note: You can capture a screenshot of an Amazon EC2 Windows instance to determine the state of the instance.

You can run EC2Rescue manually or automatically using the AWS Systems Manager AWSSupport-ExecuteEC2Rescue Automation document.

System requirements

EC2Rescue requires an Amazon EC2 Windows instance that:

  • Runs on Windows Server 2008 R2 or later
  • Has .NET Framework 3.5 SPI or later installed
  • Is accessible from an RDP connection

Note: EC2Rescue runs only on Windows Server 2008 R2 or later, but the tool can analyze the offline volumes of Windows Server 2008 or later.

Resolution

First, choose whether you want to use the Systems Manager AWSSupport-ExecuteEC2Rescue Automation document, or run EC2Rescue manually. Then, follow the steps below for your chosen method.

Use the Systems Manager AWSSupport-ExecuteEC2Rescue Automation document

The AWSSupport-ExecuteEC2Rescue Automation document combines AWS Lambda functions with Systems Manager and AWS CloudFormation actions to automate EC2Rescue steps. For more information about how the document works, permissions requirements, and prerequisites for using the tool, see Run the EC2Rescue tool on unreachable instances.

Important: The Automation workflow stops the instance. If the instance has an instance store volume, any data on the volume is lost when the instance stops. If you’re not using an Elastic IP address, the public IP address releases when the instance stops.

When you're ready, run the Systems Manager AWSSupport-ExecuteEC2Rescue Automation document.

Run EC2Rescue manually

You can run EC2Rescue manually using one of the following methods:

First, download EC2Rescue on your Amazon EC2 Windows instance.

Note: The AWSSupport-RunEC2RescueForWindowsTool Systems Manager Run Command document method downloads and verifies EC2Rescue for Windows Server for you.

Then, use EC2Rescue to troubleshoot Amazon EC2 Windows Server instance issues:

  • Instance connectivity issues: Use the Diagnose and Rescue feature in Offline instance mode.
  • OS boot issues: Use the Restore feature in Offline instance mode.
  • Advanced logs and troubleshooting: Use the Capture logs feature in either Current instance mode or Offline instance mode.

Current instance mode

This mode analyzes the instance that EC2Rescue is currently running. Current instance mode is read-only and doesn’t modify the current instance, so this mode doesn’t directly fix any issues. Use Current instance mode to gather system information and logs for analysis or for submission to system administrators or AWS Support.

Features

System Information: Displays important system information about the current system in a text box for easy copying.

Capture logs: First, select from a list of relevant troubleshooting logs. This feature then automatically gathers and packages those logs into a zipped folder under the name and location that you specify.

Offline instance mode

This mode allows you to select the volume of an offline system. EC2Rescue analyzes the volume and presents automated rescue and restore options. Offline instance mode also includes the same Capture logs feature as Current instance mode.

Features

System Information: Displays important system information about the current system in a text box for easy copying.

Select Disk: If multiple offline root volumes are connected to the instance, this feature allows you to select a specific volume.

Note: If the selected disk isn’t already online, this feature automatically brings the disk online for you.

Diagnose and Rescue: Detects and provides options to automatically fix common configuration issues that prevent RDP connections or that cause instance status checks to fail. The following items are inspected for possible configuration issues:

  • System time settings
  • Windows Firewall settings
  • Remote Desktop settings
  • EC2Config version and settings (Windows Server 2012 R2 and earlier)
  • EC2Launch version and settings (Windows Server 2016 and later)
  • Network interface settings

Restore: Set the offline instance to boot to Last Known Good Configuration or Restore registry from backup. Use this feature if you suspect an improperly configured or corrupted registry.

Capture logs: First, select from a list of relevant troubleshooting logs. This feature then automatically gathers and packages those logs into a zipped folder under the name and location that you specify.