AdvLab5: Building Hyper-V on AWS using Bare-Metal Instance

Imagine that you need to build out a Hyper-V infrastructure in AWS. In this labs, you will build out a Hyper-V infrastructure on AWS using BareMatal instance.

The key elements of this process include the following steps:

  1. Launch a Windows Server 2019 with Hyper-V AMI provided by Amazon.

  2. Deploying AWS Managed Active Directory (MAD)

  3. Connect Hyper-V Host.

  4. Configure Hyper-V networking.

  5. Launch a Hyper-V guest VM.

  6. Join Hyper-V guest VM to AWS Managed ID

  7. Manage Hyper-V host using AWS System Manager

This is the workshop that will allow you to experience Microsoft Hyper-V host deployment on AWS. Follow Step1 to step 7.

Section 1: Launch a Windows Server 2019 with Hyper-V AMI provided by Amazon

  1. Login to the AWS Console and navigate to the EC2 console. In the find a service search field, type Dedicated Host.

  2. Click Allocate Dedicated Host

  1. Now launch instance onto bare metal Host

  1. Choose Windows_Server-2019-English-Full-HyperV-2020.10.14 AMI

  1. Choose instance type

  1. Choose instance

  1. Add Storage

  1. Add Tags

Congratulations

You have successfully deployed Hyper-V host on bare metal instance.

Deploying AWS Managed Active Directory (MAD)

In this module, you will deploy AWS Managed Microsoft Active Directory.

  1. Login to the AWS Console and navigate to the Directory Service console. In the find a service search field, type Directory Services.

  2. Make sure you are in the “N. Virginia” region by checking on the top right corner in the AWS Console.

  3. If this is the first time you are opening the Directory Services in this region, you’ll be prompted with a welcome screen. Select “AWS Managed Microsoft AD” and click on Set up directory.

  1. If you have already worked with the Directory Service in this region, you may see the screen below. If you do, please click on Set up directory

  1. In the next screen, select “AWS Managed Microsoft AD” and click Next.

  1. In the Enter Directory Information screen, enter the following information:

    1. For Edition: select Standard Edition. Note, we provide a brief outline of the differences between the Standard Edition and Enterprise Edition and rough estimates of the costs.

    2. Directory DNS name: test.local [Make this DNS name unique from your other directories so you can establish trusts in the future if required.]

    3. Directory NetBIOS name test. [Make this NetBIOS unique from your other directories as well if you need establish trusts in the future if required.]

    4. Directory Description: This is a managed AD on AWS for the domain corp

    5. Admin password: <use a password you can remember. You will use this in future labs>. Please also review the password complexity requirements outlined on the screen.

    6. Confirm password: <confirm the password again>

    7. Click Next.

  1. For the VPC and subnets, please select the Default that you have.

  1. After selecting the VPC and Subnets, Click Next.

  1. On the Review & create screen, review the settings and click on Create Directory**.**

The directory will take about 20-25 minutes to create. During this time, AWS is provisioning two Windows servers, and promoting them to be Active Directory domain controllers for the AD forest that you specified. This AD forest will be a new AD forest.

This is a good time to take a presentation break as the creation process will take time.

You can see Active Status and DNS servers IP addresses once AWS Managed AD deployment completed successfully.

Congratulations!

You have successfully created a new AWS Managed Microsoft Active Directory (AD) in your environment.

Connect Hyper-V Host.

In this module, you will connet Hyper-v host which you have deployed in Step 1

  1. Log in to the AWS Console and go to Elastic Compute Cloud (EC2) console.

  2. On the left hand menu, select Instances.

  3. Select the checkbox near to the Hyper-V server.

  4. Click the Connect button. Click the “Download Remote Desktop File” to download the RDP file.

  5. Click the Get Password button.

  6. Click the Choose File button and browse to the location of the key pair file that you downloaded earlier.

  7. Click Decrypt Password

  8. Once the password is decrypted, copy it to the clipboard

  9. Double click the RDP connection file that you downloaded and paste the password from the clipboard into the password field.

Congratulations

You logged into the Hyper-V server. This is one approach to providing your administrator the ability to remote desktop into your AWS environment

Configure Hyper-V networking.

In this module, you will configire Hyper-v networking.

To enable networking for your Hyper-V guests—so they can have connectivity to other resources in your VPC, or to the internet via your VPC internet gateway, ensure that you have first configured your VPC.

Hyper-V provides three types of virtual switches for networking:

  • External

  • Internal

  • Private

In this solution, you are creating an internal virtual switch and using the Hyper-V host as the NAT server for the guest VMs.

Open Powershell on Hyper-V server.

  1. Run the following PowerShell command to create the internal virtual switch :

New-VMSwitch -SwitchName “Hyper-VSwitch” -SwitchType Internal

  1. Determine which network interface is associated with the virtual switch. For this solution, the Get-NetAdapter command shows that the Hyper-V virtual switch has an ifIndex value of 14.

  1. Run the following PowerShell command to configure the Hyper-V Virtual Ethernet adapter with the NAT gateway IP address. This IP address used as default gateway (Router IP) for the guest VMs. The following command sets the IP address 192.168.0.1 with a subnet mask 255.255.255.0 on the Interface (Interface Index 14):

New-NetIPAddress -IPAddress 192.168.0.1 -PrefixLength 24 -InterfaceIndex 14

  1. Run the following PowerShell command to create a NAT virtual network using the range of 192.168.0.0/24:

    New-NetNat -Name MyNATnetwork -InternalIPInterfaceAddressPrefix 192.168.0.0/24

Now the environment is ready for the guest VMs to have outbound communication with other resources through the host NAT. For each VM, assign an IP address with the default gateway (192.168.0.1). This can be done manually within each guest VM.

In this solution, you make it easier by enabling a DHCP server within the Hyper-V host to automatic assign IP addresses.

Setting up DHCP server role on the host

  1. Run the following command to add the DHCP role to the host:

    **Install-WindowsFeature -Name ‘DHCP’ -IncludeManagementToolsPP

  1. Run the following PowerShell command to configure the DHCP scope and specify a range from the subnet that you determined earlier. In this example, use 192.168.0.10~192.168.0.20.

Add-DhcpServerv4Scope -Name GuestIPRange -StartRange 192.168.0.10 -EndRange 192.168.0.20 -SubnetMask 255.255.255.0 -State Active

You should be able to see the range in the DHCP console, as in the following screenshot:

  1. To configure the DHCP server to bind on the Hyper-V virtual interface, choose Control Panel, Administrative Tools, and DHCP.

  1. For Router, choose the NAT gateway IP address assigned it to the Hyper-V network adapter (192.168.0.1)

  1. For DNS Server, choose the DNS server from AWS Managed AD which you have configured in previous section.

Go to Directory service in AWS Console and locate DNS server IP addresses under AWS Managed AD which you have deployed in Step 2.

  1. Disabled Enhance security from Hyper-V host.

Congratulations!

You have configured Hyper-V server networking with DHCP confirmation

Launch a Hyper-V guest VM.

In this module, you will deploy guest Virtual machine on Hyper-V Host.

First, download the free evaluation installation /images in .VHD File format from Microsoft site

https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019

Note: It will take 5 -10 min to download 9GB .vhd file.

For this post, follow the new VM wizard to create a Windows Server 2019 guest VM.

Open Hyper-V Manager on Server.

  1. In Hyper-V Manager, choose Actions, New, Virtual Machine.

  1. Follow the wizard with your desired or default configuration up to the Configure Networking section.

  1. In the Configure Networking step, for Connection, choose Hyper-V Switch, and choose Next.

  1. In the Connect Virtual Hard Disk step, Use an existing hard disk and point to the .vhd that you just downloaded.

  1. Finish the wizard and start the VM, then follow the steps on the Windows 2019 installation wizard as you have already set up DHCP and NAT for the Hyper-V network, the Windows 2019 Server VM automatically gets an IP address from the DHCP scope that you defined earlier.

  1. Go through the Windows setup wizard

  1. Type the password and click finish.

  1. You can login to guest VM.

Congratulations!

You have successfully launched Hyper-V guest server with DHCP. Just built a Hyper-V host on an EC2 bare metal instance. Now you are ready to add more guest VMs and put them to work!

Join guest Hyper-V machine to AWS Managed AD.

In this module, you will join guest Virtual machine to Active Directory domain.

To join a computer to a domain,

  • Navigate to System and Security, and then click System.

  • Under Computer name, domain, and workgroup settings, click Change settings.

  • On the Computer Name tab, click Change.

Under Member of, click Domain, type the name of the domain that you wish this computer to join, and then click OK.

Enter managed AD credentials

Congratulations!

You have successfully domain joined Hyper-V guest server to AWS Managed AD. Now you are ready to manage Hyper-V guest machines with Domain

Manage Hyper-V host using AWS System manager tools.

In this section, you will get hands-on experience using AWS tools to help you manage your Windows environment. AWS provides a suite of system management tools in AWS System Manager. AWS System Manager can be used to manage your infrastructure in AWS.

Session Manager: Provides secure and auditable instance management without the need to open inbound ports, maintain bastion hosts, or manage SSH keys through an interactive one-click browser-based shell or through the AWS CLI.

Create IAM role to manage Hyper-V host with System Manager.

Connect back the RDP window and run the following commands in PowerShell on the Hyper-V host.

  • Net stop AmazonSSMAgent

  • Net start AmazonSSMAgent

Return to the Systems Manager Console and choose Managed Instance from the left navigation to verify instace is showing online.

Run Command: Lets you remotely and securely manage the configuration of your managed instances.

  1. Return to the Systems Manager Console and choose Run Command from the left navigation.

  1. Click the Run a Command button

  2. Review the available Command documents that are out of the box and commands that can be run.

  3. Search for AWS-RunPowerShellScript. Note that the search box is case sensitive.

  1. Click the radio button to the left of AWS-RunPowerShellScrip

For command, parameter enters:

Test command: Stop-VM -Name “New Virtual Machine”

Click Run

  1. Confirm that the VM was shutdown.

Congratulations!

You have successfully remotely Managed Hyper-V guest server with AWS System Manager.

In recap in this lab, you learned about.

  • Launched dedicated host with Windows Server 2019 with Hyper-V AMI provided by Amazon.

  • Deploy AWS Managed AD

  • Configure Hyper-V networking.

  • Launch a Hyper-V guest VM on BareMetal host.

  • Join Hyper-V guest VM to AWS Managed ID.

  • Manage Hyper-V host using AWS System Manager.