AWS Related - Application Migration Service

AWS Related

What does the Application Migration Service Machine Conversion Server do?

The Machine Conversion Server converts the disks to boot and run on AWS.

Specifically, the Machine Conversion Server makes bootloader changes, injects hypervisor drivers and installs cloud tools.

How do I change the server AMI on AWS after Migration?

After the machine has been launched by Application Migration Service switching the AMI can be done by launching a vanilla machine from the required AMI, stopping that machine, detaching all the disks (including the root) and then attaching the disks from the Test or Cutover instance created by Application Migration Service.

Which AWS services are automatically installed when launching a Test or Cutover instance?

Application Migration Service automatically installs EC2Config. After installation, EC2Config automatically installs the SSM EC2 Configuration Service.

CloudWatch, AWS Powershell or CLI are not automatically installed. This can be done by combining the Application Migration Service APIs and the AWS APIs - you can use the Application Migration Service APIs to determine the EC2 instance IDs of the machines and then use AWS API/CLI to turn on the detailed monitoring. An alternative approach would be to do it via AWS API only based on the tags you associate with the machine. A third approach would be to do so from the post-launch script.

Application Migration Service installs EC2Launch (Windows 2016 only.) Customers need to configure EC2Launch based on the specific requirements explained here. This configuration step needs to be performed post Migration using the wizard in C:\Program Data\Amazon\EC2-Windows\Launch\Settings\Ec2LaunchSettings.exe on the Test or Cutover instance.

How long does it take to copy a disk from the Application Migration Service Staging Area to production?

Application Migration Service uses internal cloud provider snapshots. This process typically takes less than a minute and the size of the volume does not impact the time.

What are the differences between Conversion Servers and Replication Servers?

Replication Servers run on Linux and Conversion Servers (for Windows machines) run on Windows.

The conversion is done by Application Migration Service automatically bringing up a vanilla Windows Conversion Server machines in the same subnet with the Replication Servers as part of the launch job.

Both Conversion and Replication servers have Public IPs

The Conversion Servers will use the same Security Groups as the Replication Server.

The Conversion Server must be able to access the Application Migration Service Service Manager.

The Conversion Server machines, just like the Replication servers are managed automatically by Application Migration Service. Any attempt to disrupt their automated functionality will result in failed conversions.

Can I prevent Application Migration Service from cleaning up Test instance resources in AWS?

Application Migration Service will, by default, removes any resources created during the test process either when requested by the user or when a new Test instance is launched.

To prevent this in AWS, you can enable Termination Protection for the Test or Cutover instance, and the resources will not be removed upon a new instance launch.

Why are my Windows Server disks read-only after launching the Test or Cutover instance?

When launching Test or Cutover instances Windows Server may boot with all the disks as read-only.

This a common issue that occurs when detaching and attaching data disks. This issue can be resolved using steps in this Microsoft TechNet article.

What impacts the conversion and boot time of Test and Cutover instances?

Prior to launching the Test or Cutover instance, Application Migration Service goes through a machine Conversion Server process on the boot volume. The conversion process is fairly quick.

While the actual conversion process itself is quick, the time to boot the Test or Cutover instance varies depending on many factors unrelated to any Application Migration Service processes. Some of these are controllable and should be taken into account when Recovery or Cutover times are of importance.

  • Operating system - The amount of time required to boot the operating system is dependent on the OS itself. While Linux servers typically boot quickly, Windows servers may take additional time, due to the nature of the Windows OS. If opportunity permits, test the boot time of the Source server. If Linux OS takes a long time to boot ensure to check that dhclient (Dynamic Host Configuration Protocol Client) is installed and the system so it can pull an IP.

  • Scheduled Windows Updates - If the Windows server has pending patches, ensure those are installed prior to launching the Test or Cutover instance. If pending patches remain, the boot time in the cloud may be severely impacted as the patch process may commence upon the initial boot.

  • Boot volume type - Depending on services/applications, boot time may be impacted by disk performance. It is recommended that boot volumes be tested with a higher performance SSD and even by provisioning IOPs to ensure throughput. This may be more critical during the first initial boot of the server in the cloud, as all initial settings are applied. In many cases, the boot volume type may be scaled back after the initial boot and should be tested.

How is the AWS Licensing Model Tenancy chosen for Application Migration Service?

Application Migration Service conforms to the Microsoft Licensing on AWS guidelines.

How does Application Migration Service interact with Interface VPC Endpoints?

If you use Amazon Virtual Private Cloud (Amazon VPC) to host your AWS resources, you can establish a private connection between your VPC and Application Migration Service. You can use this connection to enable Application Migration Service to communicate with your resources on your VPC without going through the public internet.

Amazon VPC is an AWS service that you can use to launch AWS resources in a virtual network that you define. With a VPC, you have control over your network settings, such the IP address range, subnets, route tables, and network gateways. With VPC endpoints, the routing between the VPC and AWS Services is handled by the AWS network, and you can use IAM policies to control access to service resources.

To connect your VPC to Application Migration Service, you define an interface VPC endpoint for Application Migration Service. An interface endpoint is an elastic network interface with a private IP address that serves as an entry point for traffic destined to a supported AWS service. The endpoint provides reliable, scalable connectivity to Application Migration Service without requiring an internet gateway, network address translation (NAT) instance, or VPN connection. For more information, see What is Amazon VPC in the Amazon VPC User Guide.

Interface VPC endpoints are powered by AWS PrivateLink, an AWS technology that enables private communication between AWS services using an elastic network interface with private IP addresses. For more information, see AWS PrivateLink.

For more information, see Getting Started in the Amazon VPC User Guide.

How do I use MGN with CloudWatch and EventBridge dashboards?

You can monitor Application Migration Service using CloudWatch, which collects raw data and processes it into readable, near real-time metrics. Application Migration Service sends events to Amazon EventBridge whenever a Source server launch has completed, a Source server reaches the READY_FOR_TEST lifecycle state for the first time, and when the data replication state becomes Stalled or when the data replication state is no longer Stalled. You can use EventBridge and these events to write rules that take actions, such as notifying you, when a relevant event occurs.

You can see MGN in CloudWatch automatic dashboards:

MGN events can be selected when defining a rule from the EventBridge console:

Learn more about monitoring MGN.