VM Import/Export enables you to easily import virtual machine images from your existing environment to Amazon EC2 instances and export them back to your on-premises environment. This offering allows you to leverage your existing investments in the virtual machines that you have built to meet your IT security, configuration management, and compliance requirements by bringing those virtual machines into Amazon EC2 as ready-to-use instances. You can also export imported instances back to your on-premises virtualization infrastructure, allowing you to deploy workloads across your IT infrastructure.
Step 1. : installing the Aws CLI
Step 2. We can get the Access Key ID and Secret Key from
Aws IAM service under the specific User.
aws configure
AWS Access Key ID [None]:
AWS Secret Access Key [None]:
Default region name [None]: us-west-2
Default output format [None]: ENTER
Step 3
Now create two files: trust-policy.json &
role-policy.json, in the second file you’ll need to replace “$bucketname” with
your bucket name.
trust-policy.json:
===============
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"",
"Effect":"Allow",
"Principal":{
"Service":"vmie.amazonaws.com"
},
"Action":"sts:AssumeRole",
"Condition":{
"StringEquals":{
"sts:ExternalId":"vmimport"
}
}
}
]
}
===============
role-policy.json:
=================
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Resource":[
"arn:aws:s3:::$bucketname"
]
},
{
"Effect":"Allow",
"Action":[
"s3:GetObject"
],
"Resource":[
"arn:aws:s3:::$bucketname/*"
]
},
{
"Effect":"Allow",
"Action":[
"ec2:ModifySnapshotAttribute",
"ec2:CopySnapshot",
"ec2:RegisterImage",
"ec2:Describe*"
],
"Resource":"*"
}
]
}
===================
Now, use the aws cli tools to apply the policies:
$ aws iam create-role --role-name vmimport
--assume-role-policy-document file://trust-policy.json
$ aws iam put-role-policy --role-name vmimport --policy-name
vmimport --policy-document file://role-policy.json
Step 4 : Check VM prerequisite before exporting as OVA
========================
In regard of VM, before
exporting it from Vsphere and importing to AWS cloud, please make sure that all
prerequisites for Import have been fullfiled.
Compare your VM with this
checklist:
-Your OS version is supported, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/VMImportPrerequisites.html#vmimport-operating-systems
-all unnecessary services are
disabled,
-no unnecessary applications are
placed in Windows Startup,
-there are no pending reboots
(reboot flag set by Windows Update or by any other software),
-VM volumes are defragmented and
the size of each disk is resized to necessary (bigger disk=longer conversion
time),
-you use single network
interface setup to use DHCP (this should be done prior to import),
-no ISO is attached to this VM,
-make sure that Microsoft .NET
Framework 3.5 Service Pack 1 or later are installed (required to support
Ec2Config),
-your VM's root volume use MBR
partition table,
-your anti-virus and
anti-spyware software and firewalls are disabled,
-only one partition is bootable,
-rdp access is enabled,
-the administrator account and
all other user accounts use secure passwords. All accounts must have passwords
or the importation might fail.
-Uninstall the VMware Tools from
your VMware VM,
-the language of your OS is
EN-US,
-these hotfixes are installed
(according to OS version):
Install Latest Ec2Config
https://aws.amazon.com/developertools/5562082477397515
Step 5 : Uploading the OVA to S3 and Creating the AMI
You can upload your VMs in OVA format to your Amazon S3
bucket using the upload tool of your choice. After you upload your VM to Amazon
S3, you can use the AWS CLI to import your OVA image. These tools accept either
a URL (public Amazon S3 file, a signed GET URL for private Amazon S3 files) or
the Amazon S3 bucket and path to the disk file.
Use aws ec2 import-image to create a new import image task.
The syntax of the command is as follows:
$ aws ec2 import-image --description "Windows 2008
OVA" --disk-containers file://containers.json
The file containers.json is a JSON document that contains
information about the image. The S3Key is the name of the image file you want
to upload to the S3Bucket.
[{
"Description": "First CLI
task",
"Format": "ova",
"UserBucket": {
"S3Bucket": "my-import-bucket",
"S3Key":
"my-windows-2008-vm.ova"
}
}]
Step 6 : Checking the Status
Use the “aws ec2 describe-import-image-tasks” command
to return the status of the task. The syntax of the command is as follows:
Regarding the License licensing,
within the api-call "aws ec2 import-image" we can define a
"--license-type" value.
Based on this option your VM
will use your license (BYOL) or will activate itself in AWS KMS[4].
Option should be set to "AWS" or "BYOL".
No comments:
Post a Comment