On Azure, if we've windows VM and want to upgrade it to latest version e.g. Windows server 2019, there is no direct way or available template on Azure to do it smoothly. Though there is a couple of alternative to achieve this like,
- Download the OS drive (c:) VHD on one of your systems, do the in-place upgrade (keeping all the files intact) and post local in-place upgrade upload the upgraded OS drive (c drive) VHD to the Azure storage account and replace the C drive of your VM.
- Create the new VM all-together with the new OS version, install your required software, setup file share user permission & do all the required settings, do the thorough testing and switch the old server domain name to new one & discard the old server.
What if we upgrade on Azure windows VM it-self (in-place upgrade) with more confidence. Yes we can and it can be done in 4-6 hours. Keep in mind before upgrading take the backup of VHDs (OS & data disks), make not of extensions, NIC. Here is the step by step process to achieve this:
1. Enable boot diagnostic:2. Take Screenshot of Disks from Portal:
The idea is to get the LUN number and disk names detail.
3. Take Screenshot of Disks from Server: (Idea is to get the LUN number and disk drive letter mapped to it,
- Step 2 & 3 will help us when we are going to create a new VM from disk snapshot, if requires
$vmName = "<<your-vm-name"
$rgName = "<<your-resource-group-name>>"
Disable-AzureRmVMDiskEncryption -ResourceGroupName $rgName -VMName $vmName -VolumeType All
5. Remove the disk encryption
·
Wait for few minutes until all disks are fully
decrypted. Wait time all depends-on disk size. Depending on your disk size it
may vary. For TBs of data disk, it will take a few hours to fully decrypt the disks.
Steps to verify:
·
Open PowerShell in admin mode
·
Command: Get-BitLockerVolume
·
If we see VolumeStatus (FullyDecrypted) or
EncryptionPercentage (0)
We are good to proceed with next step with
removing the disk encryption
NOTE: Before executing the below command make sure all OS & Data disks are fully decrypted.
Remove-AzureRmVMDiskEncryptionExtension -ResourceGroupName $rgName -VMName $vmName
6. Take the snapshot or full backup of C drive and Other data drives (Other drives are for UAT & PROD)
Remove-AzureRmVMDiskEncryptionExtension -ResourceGroupName $rgName -VMName $vmName
6. Take the snapshot or full backup of C drive and Other data drives (Other drives are for UAT & PROD)
·
keep the name of snapshot as
<ORIGINAL-Name>_snapshot
7. Login to server
8. Un-install System Center Endpoint Protection (SCEP)
9. Get the Windows server 2019 bit (Windows Server 2019 Standard and Datacenter)
10. Start the in-place upgrade.
7. Login to server
8. Un-install System Center Endpoint Protection (SCEP)
9. Get the Windows server 2019 bit (Windows Server 2019 Standard and Datacenter)
10. Start the in-place upgrade.
When getting the option “select image” choose the
“Desktop experience”
§ Windows Server 2019 Standard
§ Windows Server 2019 Standard(Desktop Experience)§ Windows Server 2019 DataCenter
§ Windows Server 2019 DataCeneter(Desktop Experience)
Select the Windows server 2019 DataCenter (Desktop Experience)
·
In the screen “Choose what to keep” select “Keep
personal files and apps”
11. You may get warning/alert to remove some of the protection software’s like (SCEP)
We can keep track of the upgrade activity from Boot diagnostics from Azure portal
13. Restart the server couple of time after in-lace upgrade.
14. Do the sanity testing and share the result with team.
15. Do the disk encryption. [may be we can take this activity after a day or two]
16. Look into the protection software’s [from Step 8], in ideal case it should be installed in couple of days as it will be handled by Extension if not we have to install it manually or take your server admin help..
After all the above steps we’re good with upgrade.
11. You may get warning/alert to remove some of the protection software’s like (SCEP)
- Take note and un-install them one by one.
- And again restart the in-place upgrade
We can keep track of the upgrade activity from Boot diagnostics from Azure portal
13. Restart the server couple of time after in-lace upgrade.
14. Do the sanity testing and share the result with team.
15. Do the disk encryption. [may be we can take this activity after a day or two]
16. Look into the protection software’s [from Step 8], in ideal case it should be installed in couple of days as it will be handled by Extension if not we have to install it manually or take your server admin help..
After all the above steps we’re good with upgrade.
Comments
Post a Comment