Simple demonstration on how to Lift & Shift OnPremise workload to AWS 🎓
Using VM Import
migrate your existing VM-based applications and preserve the software and settings that you have configured in your existing VM.
*.vmdk
image of your VM that will also be enoughuid
/password
to log into this VMAdministrator
privileges
Depending on virtualization tool, use the appropriate procedure to export your VM into *.vmdk
or *.ova
image. Upload the image to S3 Bucket and note down the bucket_name
and vm_image_name
.
bucket_name="n-backup"
# Add the appropriate S3 Prefix to the VM Image
vm_image_name="VM-Import/vCentOS7-disk002.vmdk"
Create the IAM trust policy json with the name trust-policy.json
cat > "trust-policy.json" << "EOF"
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": { "Service": "vmie.amazonaws.com" },
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals":{
"sts:Externalid": "vmimport"
}
}
}
]
}
EOF
Ensure that you create the role with the name vmimport
. Use the trust policy created in the previous step
aws iam create-role --role-name vmimport --assume-role-policy-document "file://trust-policy.json"
role-policy.json
This policy will be attached to the role vmimport
created in the previous step. The bucket name is picked up from the global variable
.
echo '{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket"
],
"Resource":[
"arn:aws:s3:::'${bucket_name}'",
"arn:aws:s3:::'${bucket_name}'/*"
]
},
{
"Effect":"Allow",
"Action":[
"ec2:ModifySnapshotAttribute",
"ec2:CopySnapshot",
"ec2:RegisterImage",
"ec2:Describe*"
],
"Resource":"*"
}
]
}
' | sudo tee role-policy.json
vmimport
aws iam put-role-policy --role-name vmimport \
--policy-name vmimport \
--policy-document "file://role-policy.json"
The following command will begin the import of the VM Image. The S3 Bucket name & Bucket Key is picked up from the global variables.
# Set the metadata,
echo '[
{
"Description": "centosv7",
"Format": "vmdk",
"UserBucket": {
"S3Bucket": "'${bucket_name}'",
"S3Key": "'${vm_image_name}'"
}
}]
' > containers.json
aws ec2 import-image --description "centosv7" --disk-containers "file://containers.json"
The expected output,
{
"Description": "centosv7",
"ImportTaskId": "import-ami-0d6db3a35d431e4e3",
"Progress": "2",
"SnapshotDetails": [
{
"DiskImageSize": 0.0,
"Format": "VMDK",
"UserBucket": {
"S3Bucket": "n-backup",
"S3Key": "VM-Import/vCentOS7-disk002.vmdk"
}
}
],
"Status": "active",
"StatusMessage": "pending"
}
Note down the ImportTaskId
to check the progress of the import job.
aws ec2 describe-import-image-tasks --import-task-ids "import-ami-0d6db3a35d431e4e3"
# VM Image being updated to AMI
[root:tmp]# aws ec2 describe-import-image-tasks --import-task-ids "import-ami-0d6db3a35d431e4e3"
{
"ImportImageTasks": [
{
"Description": "centosv7",
"ImportTaskId": "import-ami-0d6db3a35d431e4e3",
"Progress": "30",
"SnapshotDetails": [
{
"Description": "centosv7",
"DiskImageSize": 931182592.0,
"Format": "VMDK",
"Status": "completed",
"UserBucket": {
"S3Bucket": "n-backup",
"S3Key": "VM-Import/vCentOS7-disk002.vmdk"
}
}
],
"Status": "active",
"StatusMessage": "updating"
}
]
}
[root:tmp]# aws ec2 describe-import-image-tasks --import-task-ids "import-ami-0d6db3a35d431e4e3"
{
"ImportImageTasks": [
{
"Architecture": "x86_64",
"Description": "centosv7",
"ImageId": "ami-0da97e2296167b5ca",
"ImportTaskId": "import-ami-0d6db3a35d431e4e3",
"LicenseType": "BYOL",
"Platform": "Linux",
"SnapshotDetails": [
{
"Description": "centosv7",
"DeviceName": "/dev/sda1",
"DiskImageSize": 931182592.0,
"Format": "VMDK",
"SnapshotId": "snap-0dc6d32a5924b22c7",
"Status": "completed",
"UserBucket": {
"S3Bucket": "n-backup",
"S3Key": "VM-Import/vCentOS7-disk002.vmdk"
}
}
],
"Status": "completed"
}
]
}
Once you launch the VM, you can login using the same uid
/password
you used onpremise. Typically in real-world you will clean this before the import task and setup SSH key-based authentication
Please open a GitHub issue.
Please open a GitHub issue. I encourage you to contribute your changes and send me pull request.