Instructions Azure Gen1 to Gen2 VM Upgrades

Introduction

Upgrading an Azure virtual machine from Generation 1 to Generation 2 offers enhanced features such as improved security through UEFI firmware, larger boot disk size support, and VHDX format compatibility. This manual provides a step-by-step guide to help you perform this upgrade safely and efficiently.

When you want to deploy Windows 11 for Azure Virtual Desktop or Citrix VDI, you need the UEFI capabilities; hence, many VMs need an upgrade. If you want to read some of the reasons, go to our blog Azure Gen1 to Gen2 upgrades

Before you start:

Please take the time to read these instructions thoroughly. Following the guidelines and the example provided will ensure a smooth upgrade process. Ensuring you have a complete backup of your virtual machine before beginning the upgrade is crucial. This will protect your data in case of any unforeseen issues during the process.

Once you're ready, you can download the NUDGEIT upgrade script here:

Script Requirements

Ensure the following prerequisites and constraints are met before running the script:

• Ensure the following prerequisites and constraints are met before running the script:
• Save the script as Convert-AzVMv1TOv2.ps1.
• The MBR2GPT.EXE tool exists only in Windows (client or server) starting from build 1703.
• The script will fail in any lesser build..
• The VM must be in a 'running' state.
• You must have Contributor rights on the VM's resource group.
• For 'TrustedLaunch' enablement, ensure the VM is not under the standard backup policy, as enhanced security features require an "Enhanced" backup policy.
• If your VM components, like disk, NIC, and Public IP, have the setting ‘Delete with VM’ enabled, please uncheck this option before running the script.
• The script will create the Gen2 VM without Zone Redundancy. If it was enabled on the original VM, please turn it on manually.
• Some unforeseen VM configurations may not work as expected.
• The script execution creates resources, some of them will remain after the execution.

The Script is quite easy to use but uses popular patterns in Azure VM configurations. Using popular patterns means it will reuse the exact NICs, data disks, and availability sets if they exist. In case of unique configurations, like VM extensions, Application Security Groups, Bastion, or any other configuration not listed above, please be sure to complete it manually.

Nonetheless, resources like Availability Set, data disks, NICs, Public IPs, Load Balancer configuration (bound to a NIC), and Tags (on the VM) will keep their settings.

Gen 1 to Gen2 Azure upgrade - Step by Step with an example

For this example, we have set up a Windows 2019 Datacenter VM using the Gen1 image in an Availability Set and an additional data disk:

The VM, at the moment, had this configuration:

Inside the OS we can observe the following information:

As evident, the BIOS mode operates in Legacy, and the partition style of the OS disk is MBR, a standard feature across all Gen1 Azure VMs.

Execute the script with the following command:

• Note: The ‘-EnableGen2Security’ parameter is optional. The Gen2 VM can continue with the “Standard” security setting
• You will be required to provide a local admin username and password. This is only to create the new Gen2 VM. These credentials will not be present in the final

Here's a snapshot of what the script churned out during the VM transformation process: In this particular case, the VM slated for upgrade was initially spun up using an image straight out of the Azure Marketplace. This detail proved advantageous, as the script deftly identified a matching Gen2 image, ensuring a smooth transition. 

The VMs you try to convert may have no image signature, and the OS value is inaccurate or incomplete because it could have been migrated from a non-Azure datacenter or re-created from snapshot/backup. In such cases, you will be presented with a choice to select the correct OS version image to deploy as the new Gen2 OS:

The script execution runtime was slightly more than 12 minutes. Let’s examine the outcome.
As we have chosen to keep the resources created during the script execution, this is how the Azure resources related to the conversion look like:

• The resources in GREEN are the newly created VM and OS disk after the conversion
• The resources in RED are the reused resources in the Gen2 VM (NIC(s), data disk(s), etc.)
• The resources in YELLOW are the ones that you can boldly dispose of, because of the following reasons:
  • The OS disk snapshot in Gen2 state – the one that was created after MBR to GPT conversion. It can be reused in case the new VM creation, with the script parameters, failed.
  • The original OS disk from the newly created VM. We swap it after the VM is created and it has very little value if any. But in the case of troubleshooting, it might be required.
  • If you select ‘Yes’ when asked to
• The resource in CYAN is the snapshot of the original V1 VM that we keep as backup of the last working state.

Let’s have a look at the VM resource state after the conversion.

The VM now operates under Generation V2, seamlessly maintaining the networking configurations from its Gen1 predecessor.

Additionally, you'll find that the VM has its virtualization security features activated:

Now, let's have a look at the OS state after the conversion:

2

And there you have it! You've successfully navigated through the process and have now upgraded to a Generation 2 machine. In less than 15 minutes, your VM transitioned to Gen2, complete with enhanced virtualization security features. The journey wasn’t as daunting as one might think, right? 😊 Leverage this script to your advantage, but don’t forget to meticulously review the instructions and heed the warnings provided in this guide and accompanying blog.

If you're hesitant about tackling this upgrade by yourself, don't worry! NUDGEIT is here to help. We can quickly and confidently handle the process for you. Reach out Get Help