Imagine that you need to build out a Hyper-V infrastructure in AWS. In this labs, you will build out a Hyper-V infrastructure on AWS using BareMatal instance.
The key elements of this process include the following steps:
Launch a Windows Server 2019 with Hyper-V AMI provided by Amazon.
Deploying AWS Managed Active Directory (MAD)
Connect Hyper-V Host.
Configure Hyper-V networking.
Launch a Hyper-V guest VM.
Join Hyper-V guest VM to AWS Managed ID
Manage Hyper-V host using AWS System Manager
This is the workshop that will allow you to experience Microsoft Hyper-V host deployment on AWS. Follow Step1 to step 7.
Login to the AWS Console and navigate to the EC2 console. In the find a service search field, type Dedicated Host.
Click Allocate Dedicated Host
Congratulations
You have successfully deployed Hyper-V host on bare metal instance.
In this module, you will deploy AWS Managed Microsoft Active Directory.
Login to the AWS Console and navigate to the Directory Service console. In the find a service search field, type Directory Services.
Make sure you are in the “N. Virginia” region by checking on the top right corner in the AWS Console.
If this is the first time you are opening the Directory Services in this region, you’ll be prompted with a welcome screen. Select “AWS Managed Microsoft AD” and click on Set up directory.
In the Enter Directory Information screen, enter the following information:
For Edition: select Standard Edition. Note, we provide a brief outline of the differences between the Standard Edition and Enterprise Edition and rough estimates of the costs.
Directory DNS name: test.local [Make this DNS name unique from your other directories so you can establish trusts in the future if required.]
Directory NetBIOS name test. [Make this NetBIOS unique from your other directories as well if you need establish trusts in the future if required.]
Directory Description: This is a managed AD on AWS for the domain corp
Admin password: <use a password you can remember. You will use this in future labs>. Please also review the password complexity requirements outlined on the screen.
Confirm password: <confirm the password again>
Click Next.
The directory will take about 20-25 minutes to create. During this time, AWS is provisioning two Windows servers, and promoting them to be Active Directory domain controllers for the AD forest that you specified. This AD forest will be a new AD forest.
This is a good time to take a presentation break as the creation process will take time.
You can see Active Status and DNS servers IP addresses once AWS Managed AD deployment completed successfully.
Congratulations!
You have successfully created a new AWS Managed Microsoft Active Directory (AD) in your environment.
In this module, you will connet Hyper-v host which you have deployed in Step 1
Log in to the AWS Console and go to Elastic Compute Cloud (EC2) console.
On the left hand menu, select Instances.
Select the checkbox near to the Hyper-V server.
Click the Connect button. Click the “Download Remote Desktop File” to download the RDP file.
Click the Get Password button.
Click the Choose File button and browse to the location of the key pair file that you downloaded earlier.
Click Decrypt Password
Once the password is decrypted, copy it to the clipboard
Double click the RDP connection file that you downloaded and paste the password from the clipboard into the password field.
Congratulations
You logged into the Hyper-V server. This is one approach to providing your administrator the ability to remote desktop into your AWS environment
In this module, you will configire Hyper-v networking.
To enable networking for your Hyper-V guests—so they can have connectivity to other resources in your VPC, or to the internet via your VPC internet gateway, ensure that you have first configured your VPC.
Hyper-V provides three types of virtual switches for networking:
External
Internal
Private
In this solution, you are creating an internal virtual switch and using the Hyper-V host as the NAT server for the guest VMs.
Open Powershell on Hyper-V server.
New-VMSwitch -SwitchName “Hyper-VSwitch” -SwitchType Internal
New-NetIPAddress -IPAddress 192.168.0.1 -PrefixLength 24 -InterfaceIndex 14
Run the following PowerShell command to create a NAT virtual network using the range of 192.168.0.0/24:
New-NetNat -Name MyNATnetwork -InternalIPInterfaceAddressPrefix 192.168.0.0/24
Now the environment is ready for the guest VMs to have outbound communication with other resources through the host NAT. For each VM, assign an IP address with the default gateway (192.168.0.1). This can be done manually within each guest VM.
In this solution, you make it easier by enabling a DHCP server within the Hyper-V host to automatic assign IP addresses.
Setting up DHCP server role on the host
Run the following command to add the DHCP role to the host:
**Install-WindowsFeature -Name ‘DHCP’ -IncludeManagementToolsPP
Add-DhcpServerv4Scope -Name GuestIPRange -StartRange 192.168.0.10 -EndRange 192.168.0.20 -SubnetMask 255.255.255.0 -State Active
You should be able to see the range in the DHCP console, as in the following screenshot:
Go to Directory service in AWS Console and locate DNS server IP addresses under AWS Managed AD which you have deployed in Step 2.
Congratulations!
You have configured Hyper-V server networking with DHCP confirmation
In this module, you will deploy guest Virtual machine on Hyper-V Host.
First, download the free evaluation installation /images in .VHD File format from Microsoft site
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019
Note: It will take 5 -10 min to download 9GB .vhd file.
For this post, follow the new VM wizard to create a Windows Server 2019 guest VM.
Open Hyper-V Manager on Server.
Congratulations!
You have successfully launched Hyper-V guest server with DHCP. Just built a Hyper-V host on an EC2 bare metal instance. Now you are ready to add more guest VMs and put them to work!
In this module, you will join guest Virtual machine to Active Directory domain.
To join a computer to a domain,
Navigate to System and Security, and then click System.
Under Computer name, domain, and workgroup settings, click Change settings.
On the Computer Name tab, click Change.
Under Member of, click Domain, type the name of the domain that you wish this computer to join, and then click OK.
Enter managed AD credentials
Congratulations!
You have successfully domain joined Hyper-V guest server to AWS Managed AD. Now you are ready to manage Hyper-V guest machines with Domain
In this section, you will get hands-on experience using AWS tools to help you manage your Windows environment. AWS provides a suite of system management tools in AWS System Manager. AWS System Manager can be used to manage your infrastructure in AWS.
Session Manager: Provides secure and auditable instance management without the need to open inbound ports, maintain bastion hosts, or manage SSH keys through an interactive one-click browser-based shell or through the AWS CLI.
Create IAM role to manage Hyper-V host with System Manager.
Connect back the RDP window and run the following commands in PowerShell on the Hyper-V host.
Net stop AmazonSSMAgent
Net start AmazonSSMAgent
Return to the Systems Manager Console and choose Managed Instance from the left navigation to verify instace is showing online.
Run Command: Lets you remotely and securely manage the configuration of your managed instances.
Click the Run a Command button
Review the available Command documents that are out of the box and commands that can be run.
Search for AWS-RunPowerShellScript. Note that the search box is case sensitive.
For command, parameter enters:
Test command: Stop-VM -Name “New Virtual Machine”
Click Run
Congratulations!
You have successfully remotely Managed Hyper-V guest server with AWS System Manager.
Launched dedicated host with Windows Server 2019 with Hyper-V AMI provided by Amazon.
Deploy AWS Managed AD
Configure Hyper-V networking.
Launch a Hyper-V guest VM on BareMetal host.
Join Hyper-V guest VM to AWS Managed ID.
Manage Hyper-V host using AWS System Manager.