DEV Community

Cover image for AWS Import/Export - Part 1: Import
Van Hoang Kha for AWS Community Builders

Posted on • Updated on

AWS Import/Export - Part 1: Import

Content of Table:

  1. Preparing the virtual machine
  2. Export virtual machine from On-premise
  3. Upload virtual machine to AWS
  4. Import virtual machine to AWS
  5. Deploy Instance from AMI

Overview

VM Import/Export

VM Import/Export is a service that allows you to import virtual machines (VMs) from your virtualized environment to Amazon EC2 and vice versa. This feature allows you to migrate applications and infrastructure resources from an on-prem virtualized environment to Amazon EC2, back up your virtual machines to EC2, and create an archive of virtual machines for redundancy, and recovery after the crash.

You can use VM Import/Export with no service charges (except for EC2 VMs and S3 Bucket).

Image description

AWS Simple Storage Service (S3)

AWS S3 is a large data storage service, with a S3 bucket containing many Objects. You can store an object up to 5TB in size and there is no limit to the number of objects stored in a bucket.

In this step, you will perform the initialization of a virtual machine on your on-prem virtualization environment. The virtual machine that will be initialized is Ubuntu Desktop.

As part of the exercise, you will deploy virtual machines in a virtualized environment VMWare Workstation on-premise.

1. Prepare virtual machine in virtualized environment VMWare Workstation

Install VMWare Workstation Pro at Download WMWare Workstation Pro.

Download OS Ubuntu

Access VMWare Workstation, select Create a New Virtual Machine

Image description

At Welcome to the New Virtual Machine WWizard, select Typical (recommended)

Image description

In Guest Operating System Insstallation, select Image file (.iso) of the latest Ubuntu desktop version. You can download this file from the [Ubuntu Release] page (https://ubuntu.com/download/desktop)

Image description

At Easy Install Innformation enter Username as awsstudent and enter password.

Image description

At Name the Virtual MMachine name the virtual machine Ubuntu

Image description

At Specify Disk Cacity enter 20GB

Image description

Review the parameters and select Finish to proceed with the installation.

Image description

Complete the Ubuntu installation in VMware.

Image description

User configuration.

Image description

After the installation and configuration process is complete, you install OpenSSH Server to connect SSH to this virtual machine with the following commands:



sudo apt install openssh-server
sudo systemctl start ssh
sudo systemctl enable ssh


Enter fullscreen mode Exit fullscreen mode

Image description

Image description

Image description

2. Export virtual machine from On-premise

In this step, we will export the virtual machine to use for the migration to the AWS platform.

Go to VMWare Workstation, select the newly created virtual machine, select File, and select Export to OVF…

Image description

Choose the location to save the export file

Image description

Wait about 5 minutes to export.

Image description

Access to the virtual machine export location, the file we use will be the .vmdk file

Image description

Upload virtual machine to AWS

In this step, we will use Amazon S3 to store the virtual machine file that has been exported from the virtualized environment.

Create S3 bucket to store virtual machines

To create an S3 bucket, we perform the following steps:

Access the Amazon S3 Management console.

  • In the navigation bar, select Buckets.
  • Select Create bucket to create a new S3 bucket.

Image description

On the Create bucket page, set the parameters for the S3 bucket.

  • Bucket name: Enter the bucket name. This name must be unique and not duplicate. (Example: import-bucket-2023)
  • Region: Select the storage region of the bucket.

Image description

Uncheck Block all public access to allow public access. AWS will then issue a warning, and you select I acknowledge that the current settings might result in this bucket and the objects within becoming public.

Image description

Select Create bucket.

Image description

Successful bucket creation

Image description

3. Upload virtual machine to S3 Bucket

After creating the bucket, we will proceed to upload the virtual machine file that we exported in the previous section.

  • Access to the S3 bucket you created above. (Example: import-bucket-2023)
  • In the Objects section, select Upload

Image description

Drag and drop the exported virtual machine file from the on-prem virtualization environment into the window or select Add files to select the virtual machine file. Then select Upload.
You create a virtual machine using VMWare Workstation, the virtual machine file in the example is Ubuntu-disk1.vmdk.

Image description

It will take some time for the file to be uploaded to the S3 bucket.

Image description

4. Import virtual machine to AWS

In this step, you will create a role named vmimport and import the virtual machine that was uploaded to the S3 Bucket in the previous step into an AMI. The entire process will be handled with the AWS CLI.

Create vmimport role

Before performing the Import of virtual machines into AWS. You need to check the role required for this implementation.

Access the IAM Management console.
In the navigation bar, select Roles

Image description

If you do not see the vmimport role, proceed to create the vmimport role.
Create a file named trust-policy.json to allow the VM Import/Export service to accept your upcoming vmimport role.



{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Principal": { "Service": "vmie.amazonaws.com" },
         "Action": "sts:AssumeRole",
         "Condition": {
            "StringEquals":{
               "sts:Externalid": "vmimport"
            }
         }
      }
   ]
}


Enter fullscreen mode Exit fullscreen mode

Use the create-role command to create an IAM role named vmimport and assign trust-policy.json to the parameter --assume-role-policy-document



replace "E:\trust-policy.json" with the path to the trust-policy.json file on your environment

aws iam create-role --role-name vmimport --assume-role-policy-document "file://E:\trust-policy.json"


Enter fullscreen mode Exit fullscreen mode

Image description

Check the created role.

Image description

See Trust relationships

Image description

Create a file role-policy.json containing the following policies to allow the IAM role to access buckets containing virtual machines to exercise the permissions in the "Action" section:. Inside:

  • disk-image-file-bucket is the name of the S3 bucket used to store the exported files from onpremise (import-bucket-2023 in this example).
  • export-bucket is the name of the S3 bucket used to export the ec2 instance that will be used for the Export VM from AWS later.


{
   "Version":"2012-10-17",
   "Statement":[
      {
         "Effect": "Allow",
         "Action": [
            "s3:GetBucketLocation",
            "s3:GetObject",
            "s3:ListBucket" 
         ],
         "Resource": [
            "arn:aws:s3:::disk-image-file-bucket",
            "arn:aws:s3:::disk-image-file-bucket/*"
         ]
      },
      {
         "Effect": "Allow",
         "Action": [
            "s3:GetBucketLocation",
            "s3:GetObject",
            "s3:ListBucket",
            "s3:PutObject",
            "s3:GetBucketAcl"
         ],
         "Resource": [
            "arn:aws:s3:::export-bucket",
            "arn:aws:s3:::export-bucket/*"
         ]
      },
      {
         "Effect": "Allow",
         "Action": [
            "ec2:ModifySnapshotAttribute",
            "ec2:CopySnapshot",
            "ec2:RegisterImage",
            "ec2:Describe*"
         ],
         "Resource": "*"
      }
   ]
}


Enter fullscreen mode Exit fullscreen mode
  • Use the following command to assign the roles described in the role-policy.json file to the created vmimport role


aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document "file://E:\role-policy.json"


Enter fullscreen mode Exit fullscreen mode

Image description

Check permissions. You can also check to see if the vmimport role has been successfully created by going to the IAM Management Console and selecting the role. You can also edit the role policy directly by selecting Edit policy.

Image description

Import virtual machine to AMI

We will use the AWS CLI to launch the Import virtual machine to AMI process.

In Terminal on Linux (or Command Prompt/Power Shell on Windows), run the command aws ec2 import-image to start importing the exported virtual machine and convert it to AMI. The following settings are relevant:

  • --deescription: Set description for AMI
  • --disk-ccontainers: Contains information identifying virtual machine files such as:
  • Format format (eg: vhdx or vmdk)
  • Storage bucket (eg import-bucket-2023)
  • File path (e.g. Ubuntu.vhdx or Ubuntu-disk1.vmdk)


aws ec2 import-image --description "VM Image" --disk-containers Format=vhdx,UserBucket="{S3Bucket=import-bucket-2021,S3Key=Ubuntu.vhdx}"


Enter fullscreen mode Exit fullscreen mode

Image description

It will take 5-10 minutes depending on the size of the virtual machine for AWS to convert the virtual machine into an AMI.

Image description

Image description

Once completed, we will see in the AMI list there will be one more AMI with the AMI name being the task id we created above.

Image description

You must check that EBS is not Encrypted

Image description

5. Deploy Instance from AMI

To deploy the virtual machine from the imported AMI, we perform the following steps:

To deploy the virtual machine from the imported AMI, we perform the following steps:

  • Access to EC2 Management console.
  • In the navigation bar, select AMIs.
  • Select the AMI you just imported from the virtual machine (eg import-ami-08a9efac866dfcb04). Then select Launch.

Image description

Name, enter Import-Server

Image description

Keep the default AMI.

Image description

Keep Instance type and select Create new key pair

Image description

Fill in the key pair information and select Create key pair

Image description

Leave the default Network settings

Image description

Select View all instances

Image description

Check the created instance.

Image description

Do SSH into the instance.

Image description

Select SSH

Image description

Complete SSH credentials.

Image description

Enter the password.

Image description

Complete SSH.

Image description

Test ping test.

Image description

The following sections

AWS Import/Export - Part 1: Import

AWS Import/Export - Part 2: Export VM from AWS

Top comments (0)