{"id":7903,"date":"2019-07-26T09:49:46","date_gmt":"2019-07-26T01:49:46","guid":{"rendered":"http:\/\/rmohan.com\/?p=7903"},"modified":"2019-07-26T09:49:48","modified_gmt":"2019-07-26T01:49:48","slug":"converting-your-virtual-machine-to-aws-ec2-ami","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=7903","title":{"rendered":"Converting your virtual machine to AWS EC2 AMI"},"content":{"rendered":"\n<p>The way to use AWS is not limited to AMI provided by Amazon (or 3rd party\/community), but is possible to instantiate an EC2 workload starting from your own image, and converting to AMI.<\/p>\n\n\n\n<p>The steps to create your custom AMI starting from VMware runs through these macro steps:<\/p>\n\n\n\n<ul><li>create VM template (ova)<\/li><li>create S3 bucket and upload the template<\/li><li>convert with awscli<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">OVA creation and upload in S3<\/h2>\n\n\n\n<p>This is the easiest part of this how-to that I don\u2019t want to explain is how to export the Virtual Machine ova from the vInfrastructure or Workstation\/Fusion\u2026 anyway IMHO the best method to manage VM template is using ova; starting from ovf and vmdk files, you could simply converting these files to ovf using ovftool (<a href=\"https:\/\/www.vmware.com\/support\/developer\/ovf\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.vmware.com\/support\/developer\/ovf\/<\/a>), and executing the following command:<\/p>\n\n\n\n<table class=\"wp-block-table\"><tbody><tr><td>1<\/td><td>ovftool &lt;vm_image&gt;.ovf &lt;vm_image&gt;.ova<\/td><\/tr><\/tbody><\/table>\n\n\n\n<p>Create an S3 bucket and upload the ova template via web, keeping in mind the name of the bucket and the name of the ova.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">AMI conversion<\/h2>\n\n\n\n<p>{<br>\n   &#8220;Version&#8221;: &#8220;2012-10-17&#8221;,<br>\n   &#8220;Statement&#8221;: [<br>\n      {<br>\n         &#8220;Effect&#8221;: &#8220;Allow&#8221;,<br>\n         &#8220;Principal&#8221;: { &#8220;Service&#8221;: &#8220;vmie.amazonaws.com&#8221; },<br>\n         &#8220;Action&#8221;: &#8220;sts:AssumeRole&#8221;,<br>\n         &#8220;Condition&#8221;: {<br>\n            &#8220;StringEquals&#8221;:{<br>\n               &#8220;sts:Externalid&#8221;: &#8220;vmimport&#8221;<br>\n            }<br>\n         }<br>\n      }<br>\n   ]<br>\n}<\/p>\n\n\n\n<p>\n\nPrepare the policy document trust-policy.json:\n\n<\/p>\n\n\n\n<p>Then, create the role:<\/p>\n\n\n\n<table class=\"wp-block-table\"><tbody><tr><td>1<\/td><td>aws iam create-role &#8211;role-name vmimport &#8211;assume-role-policy-document file:\/\/trust-policy.json<\/td><\/tr><\/tbody><\/table>\n\n\n\n<p> \u2026and repare the role policy document named role-policy.json <\/p>\n\n\n\n<p>{<br>\n   &#8220;Version&#8221;:&#8221;2012-10-17&#8243;,<br>\n   &#8220;Statement&#8221;:[<br>\n      {<br>\n         &#8220;Effect&#8221;:&#8221;Allow&#8221;,<br>\n         &#8220;Action&#8221;:[<br>\n            &#8220;s3:GetBucketLocation&#8221;,<br>\n            &#8220;s3:GetObject&#8221;,<br>\n            &#8220;s3:ListBucket&#8221; <br>\n         ],<br>\n         &#8220;Resource&#8221;:[<br>\n            &#8220;arn:aws:s3:::mohanawss3&#8221;,<br>\n            &#8220;arn:aws:s3:::mohanawss3\/<em>&#8221;\n         ]\n      },\n      {\n         &#8220;Effect&#8221;:&#8221;Allow&#8221;,\n         &#8220;Action&#8221;:[\n            &#8220;ec2:ModifySnapshotAttribute&#8221;,\n            &#8220;ec2:CopySnapshot&#8221;,\n            &#8220;ec2:RegisterImage&#8221;,\n            &#8220;ec2:Describe<\/em>&#8220;<br>\n         ],<br>\n         &#8220;Resource&#8221;:&#8221;*&#8221;<br>\n      }<br>\n   ]<br>\n}<\/p>\n\n\n\n<p>After role, create the role policy:<\/p>\n\n\n\n<table class=\"wp-block-table\"><tbody><tr><td>1<\/td><td>aws iam put-role-policy &#8211;role-name vmimport &#8211;policy-name vmimport &#8211;policy-document file:\/\/role-policy.json<\/td><\/tr><\/tbody><\/table>\n\n\n\n<p>Finally we could proceed with the real conversion, uploading the ova file into S3 bucket and creating the \u201ccontainer\u201d description file.<\/p>\n\n\n\n<p>The container.json will look like this:<\/p>\n\n\n\n<p>[<br>\n  {<br>\n    &#8220;Description&#8221;: &#8220;mycentos OVA&#8221;,<br>\n    &#8220;Format&#8221;: &#8220;ova&#8221;,<br>\n    &#8220;UserBucket&#8221;: {<br>\n        &#8220;S3Bucket&#8221;: &#8220;mohanawss3&#8221;,<br>\n        &#8220;S3Key&#8221;: &#8220;awsmohan.ova&#8221;<br>\n    }<br>\n}]<\/p>\n\n\n\n<p>Then execute the command:<\/p>\n\n\n\n<table class=\"wp-block-table\"><tbody><tr><td>1<\/td><td>aws ec2 import-image &#8211;description &#8220;Mohanaws&#8221; &#8211;license-type BYOL &#8211;disk-containers file:\/\/containers.json<\/td><\/tr><\/tbody><\/table>\n\n\n\n<p>The process is asynchronous and to see what is the state of this task, simply issuing the following command using \u201cimport-ami-xxxxxx\u201d as task id:<\/p>\n\n\n\n<table class=\"wp-block-table\"><tbody><tr><td>1<\/td><td>aws ec2 describe-import-image-tasks &#8211;import-task-ids import-ami-xxxx<\/td><\/tr><\/tbody><\/table>\n\n\n\n<p>Following the official documentation (&nbsp;<a href=\"http:\/\/docs.aws.amazon.com\/vm-import\/latest\/userguide\/vmimport-image-import.html\" target=\"_blank\" rel=\"noreferrer noopener\">http:\/\/docs.aws.amazon.com\/vm-import\/latest\/userguide\/vmimport-image-import.html<\/a>&nbsp;) the states are:<\/p>\n\n\n\n<ul><li><code>active<\/code>&nbsp;\u2014 The import task is in progress.<\/li><li><code>deleting<\/code>&nbsp;\u2014 The import task is being canceled.<\/li><li><code>deleted<\/code>&nbsp;\u2014 The import task is canceled.<\/li><li><code>updating<\/code>&nbsp;\u2014 Import status is updating.<\/li><li><code>validating<\/code>&nbsp;\u2014 The imported image is being validated.<\/li><li><code>converting<\/code>&nbsp;\u2014 The imported image is being converted into an AMI.<\/li><li><code>completed<\/code>&nbsp;\u2014 The import task is completed and the AMI is ready to use.<\/li><\/ul>\n\n\n\n<p>When the conversion is completed, you could start the first EC2 instance to see if all is gone well.<\/p>\n\n\n\n<p><br><\/p>\n","protected":false},"excerpt":{"rendered":"\n<p>The way to use AWS is not limited to AMI provided by Amazon (or 3rd party\/community), but is possible to instantiate an EC2 workload starting from your own image, and converting to AMI.<\/p>\n<p>The steps to create your custom AMI starting from VMware runs through these macro steps:<\/p>\n<p> create VM template (ova)create S3 bucket [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[49],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7903"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7903"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7903\/revisions"}],"predecessor-version":[{"id":7904,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7903\/revisions\/7904"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7903"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7903"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7903"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}