By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Automate the install of AWS Application Migration Service agent on multiple Microsoft Windows Servers

9 minute read
Content level: Intermediate
0

You may have a need to deploy the application migration service agent to many Windows systems during a migration. If you don't have another tool to use, leveraging remote PowerShell execution can be a way to distribute the software to many systems. This can help decrease time of VMware or dedicated infra migration to AWS.

Introduction

In this article I'll provide a script you can leverage that will allow you to install the Application Migration Service (MGN) on multiple Microsoft Windows servers that are part of a migration to AWS. This script is fairly straight forward and leverages the WinRM capabilities to execute remote PowerShell commands on the servers in the on-premises environment. Once run it will iterate through the list of servers and install the Application Migration Service replication agent on each host. This can be especially handy for customers with larger fleets of Windows servers that need to migrate to the cloud. If you're running VMware on-premises you can use the agentless replication as well, but if you need continuous replication of your servers to AWS for a migration the agent-based install is the proper method to get continuous replication from your source servers to AWS. As customers work to migrate off legacy data centers to the cloud, it's important they have tools that make migrations easier. The AWS Application Migration service can help customers to migrate off of large VMware footprints to AWS. This script can also apply for usage on cloud to cloud migration as well, where you have Microsoft Windows workloads.

Pre-Requisites

You will need a few items to implement this solution.

  • A list of the Microsoft Windows servers in your environment that are targets for replication to AWS.
  • WinRM enabled on your source (on-prem) servers you can enable it on servers quickly with the winrm quickconfig command. See more in the Microsoft documentation
  • A Microsoft Windows domain that all source servers are joined to.
  • An account in the domain that has Administrator access on all target servers (e.g. A member of the Domain Admins group).
  • A Windows server in the domain to run the script from (on-premises) that has the Active Directory admin tools installed. (This machine should not be on your replication list, and should only be used for executing the install of the agent)
  • A set of AWS IAM credentials with the needed permissions for installing the Application Migration Service.

Solution

Once you have all of the pre-requisites in place you can download a copy of the script from S3 to be used for the installation. We'll need to make a few changes to the script to assure it's all up to date and ready to be used for your workload. If you're not familiar with the general setup of Application Migration service you can see the general overview image in figure 1. This figure shows the normal path for MGN with the need to discover servers, then install agent and being replication to AWS. This solution is helping to speed up the time to deploy the agent.

Application Migration service overview

*figure 1: AWS Application Migration service overview.

In the Walkthrough section we'll provide details on what to modify for the script to function as needed and how to get a list of computers in your environment for install.

Walkthrough

Collecting inventory

First, let's start with collecting a list of all computes in your domain. From this list you can remove any servers your not planning to replicate with Application Migration service. In order to get a full list of server we can use the following script from your system that has the Active Directory administrative tools installed on.

# Import the Active Directory module
Import-Module ActiveDirectory

# Define the path for the output text file
$outputFile = "C:\FOLDER\PATH\computers.txt"

# Get all computers from Active Directory and export to the text file
Get-ADComputer -Filter * | Select-Object -ExpandProperty Name | Out-File -FilePath $outputFile

This script creates a file named computers.txt in a folder you designate. You must change this in the script above to where you want the export to be. (e.g. C:\scripts) The export of the file will look like the following with just a list of hostnames. If there are any servers you don't wish to replicate you should delete them from this list as this will be the source for our deployment to the instances.

replica1
replica2
replica4
replica5
replica6

Once we have the list of servers we can move onto the installation script and using it for deploying the agent to your servers.

Modifying the script

Let's take a look at the script and what needs to be modified.

Note: This script is provided as a basis for how you can automate the install to multiple machines using PowerShell. It's provided as is, and not supported by AWS. You should review the code, and modify to meet your security as needed.

# Define admin credentials
$credential = Get-Credential

# Read computer names from a text file
$computers = Get-Content -Path "C:\scripts\computers.txt"

# Loop through each computer name
foreach ($computer in $computers) {
    Invoke-Command -ComputerName $computer -Credential $credential -ScriptBlock {
        # Define variables
        $directoryPath = "C:\MGN"
        $executableUri = "https://aws-application-migration-service-us-east-1.s3.us-east-1.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe"
        $executablePath = "$directoryPath\AwsReplicationWindowsInstaller.exe"
        $region = "REGION"
        $awsAccessKeyId = "ACCESSKEY"
        $awsSecretAccessKey = "SECRETACCESSKEY"
        
        # Create directory if it doesn't exist
        if (-Not (Test-Path -Path $directoryPath)) {
            New-Item -ItemType Directory -Path $directoryPath
        }
        
        # Download the executable
        Invoke-WebRequest -Uri $executableUri -OutFile $executablePath
        
        # Define arguments for MGN installer
        $arguments = "--region $region --aws-access-key-id $awsAccessKeyId --aws-secret-access-key $awsSecretAccessKey --no-prompt"
        
        # Run the executable with parameters
        Start-Process -FilePath $executablePath -ArgumentList $arguments -Wait
    }
}

The script that proceeds this is using PowerShell to run commands to establish the credentials to be used for the local installation. For these credentials you need a user that has local administrative rights on your servers on-premises. This can be a use in your Domain Admins group in Active Directory or another server admins group you might have established in your environment.

Now for the items you'll need to hard code into the script. Inside the script block provided previously you'll see the three below variable you need to assign.

  • $region = "REGION"
  • $awsAccessKeyId = "ACCESSKEY"
  • $awsSecretAccessKey = "SECRETACCESSKEY"

The three variable need to be set for the install to work. We need to set the region where the servers will be replicated to. Then we need to enter the Access Key and Secret Access Key from our IAM users with permissions to leverage the Application Migration Service. You can find the permissions necessary in the AWS documentation. These credentials are only needed for the time of install for MGN you can leverage temporary credentials from the AWS STS service to avoid creating a long-term credential. This is the advised method for installing the agent as long lived access keys are not recommended. If you need to you can follow the AWS documentation for creating long-term credentials.

Once you have your temporary Access Key and Secret Access Key, replace them into the script file for usage.

Now with all the variables replaced in the script and your text file populated with computers to install we can run the script against our servers. Save the script as mgninstaller.ps1. You'll need this file on your admin box in the next step.

One item of note is that the URI for the Application Migration Installer may change, so you will want to verify the location specified in the $executableUri = variable is still valid. If you don't then the script won't download the proper version of the Application Migration service replication agent.

Running the script:

To run the script, go to your Administrative box on your on-premise network that has the Active Directory Administration Tools installed on it. Copy the script file to a folder on your admin box. I chose c:\scripts\ as an easy location to remember. Copy the computers.txt file to the same location on your admin box.

It is not recommend to run the script on a host that is intended to be replicated to AWS.

Launch a PowerShell window on this instances and change directory to where your script files are located. From there we will launch the mgninstaller.ps1 file which will start the install of the server. Once in the directory where your script is saved type the following command:

.\mgnnstaller.ps1

When prompted during the script execution you'll need to provide the domain credentials once when it pops up like the following image in figure 2. These credentials will be used on all computes in the computers.txt file. Make sure this user has permission on all systems.

credential prompt

figure 2: credential pop up from the get-credentials request

The script will iterate through each server on your list and install the agents. You should then see the servers added to your MGN dashboard as Active Source Servers. If you encounter errors resolving the names of servers, or connecting to them you will need to troubleshoot those individually.

As the script installs on each server you'll see the download progress of the MGN Application Replication Agent to each server. When the prompt returns all servers in the list should be installed.

script installing

figure 3: Script running in PowerShell showing the download progress.

Validating agent replication

In figure 4 that follows you can see the MGN dashboard with two servers ready for testing and three others being replicated to the destination. These servers are the source servers located in our source region and now being replicated to their new destination.

MGN Dashboard

figure 4: The MGN Dashboard showing multiple servers replicating successfully in the console.

Conclusion

In this article we offered guidance on how to install the AWS Application Migration Service on a list of computers in your environment. This hopefully will help you to expedite the install of MGN in your environment to help accelerate your migration to AWS whether it be from legacy bare metal hardware or large VMware , Hyper-V fleets. The Application Migration service makes it easy for you to lift and shift servers to AWS.