The way to use AWS is not limited to AMI provided by Amazon (or 3rd party/community), but is possible to instantiate an EC2 workload starting from your own image, and converting to AMI.
The steps to create your custom AMI starting from VMware runs through these macro steps:
- create VM template (ova)
- create S3 bucket and upload the template
- convert with awscli
OVA creation and upload in S3
This is the easiest part of this how-to that I don’t want to explain is how to export the Virtual Machine ova from the vInfrastructure or Workstation/Fusion… anyway IMHO the best method to manage VM template is using ova; starting from ovf and vmdk files, you could simply converting these files to ovf using ovftool (https://www.vmware.com/support/developer/ovf/), and executing the following command:
| 1 | ovftool <vm_image>.ovf <vm_image>.ova |
Create an S3 bucket and upload the ova template via web, keeping in mind the name of the bucket and the name of the ova.
AMI conversion
{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Principal”: { “Service”: “vmie.amazonaws.com” },
“Action”: “sts:AssumeRole”,
“Condition”: {
“StringEquals”:{
“sts:Externalid”: “vmimport”
}
}
}
]
}
Prepare the policy document trust-policy.json:
Then, create the role:
| 1 | aws iam create-role –role-name vmimport –assume-role-policy-document file://trust-policy.json |
…and repare the role policy document named role-policy.json
{
“Version”:”2012-10-17″,
“Statement”:[
{
“Effect”:”Allow”,
“Action”:[
“s3:GetBucketLocation”,
“s3:GetObject”,
“s3:ListBucket”
],
“Resource”:[
“arn:aws:s3:::mohanawss3”,
“arn:aws:s3:::mohanawss3/”
]
},
{
“Effect”:”Allow”,
“Action”:[
“ec2:ModifySnapshotAttribute”,
“ec2:CopySnapshot”,
“ec2:RegisterImage”,
“ec2:Describe“
],
“Resource”:”*”
}
]
}
After role, create the role policy:
| 1 | aws iam put-role-policy –role-name vmimport –policy-name vmimport –policy-document file://role-policy.json |
Finally we could proceed with the real conversion, uploading the ova file into S3 bucket and creating the “container” description file.
The container.json will look like this:
[
{
“Description”: “mycentos OVA”,
“Format”: “ova”,
“UserBucket”: {
“S3Bucket”: “mohanawss3”,
“S3Key”: “awsmohan.ova”
}
}]
Then execute the command:
| 1 | aws ec2 import-image –description “Mohanaws” –license-type BYOL –disk-containers file://containers.json |
The process is asynchronous and to see what is the state of this task, simply issuing the following command using “import-ami-xxxxxx” as task id:
| 1 | aws ec2 describe-import-image-tasks –import-task-ids import-ami-xxxx |
Following the official documentation ( http://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html ) the states are:
active— The import task is in progress.deleting— The import task is being canceled.deleted— The import task is canceled.updating— Import status is updating.validating— The imported image is being validated.converting— The imported image is being converted into an AMI.completed— The import task is completed and the AMI is ready to use.
When the conversion is completed, you could start the first EC2 instance to see if all is gone well.
Recent Comments