How to migrate Virtual machine to AWS

There are scenarios when we need to migrate our On-premises Virtual Machine to AWS. General Question is, How can we do that? One such way to solve this situation is to Convert virtual appliance/template to AMI. AWS is not limited to AMI provided by Amazon , it is possible to instantiate an EC2 workload starting from your own image, and converting it to AMI. Let us do that now:

There are basically 3 major steps to achieve this. Let's re-iterate them:

1. Create VM Appliance (ova)
2. Create S3 bucket and upload the Appliance
3. Convert the ova Appliance to AMI with aws cli

Create VM Appliance:

We need to export the VM Appliance for the VM manager we have. In my case i'm using Oracle VM Virtual Box. Please note that before exporting the appliance we need to shutdown the Virtual machine. To export an appliance i need to go to :

• File--> Export Appliance.

• On the Pop-up choose the VM to be Exported and click Next.
• Select where to store the Exported OVA file and click Next.
• Then Click on the Export to start the Export process.

Create S3 bucket and upload the Appliance

Once the the ova has been exported we need to upload that to s3 bucket. Please create the s3 bucket now or Choose existing bucket to be used. Once the bucket has been created we need to upload the ova file there. We can do that in the s3 page of AWS console. Or We can do it through AWS CLI. We need to install and configure the AWS CLI according to your OS.

 PS C:\Users\ManasRanjanTripathy\Desktop> aws2.exe s3 cp  .\nginxserver.ova s3://vmimagestore/nginxserver.ova

Where :
S3 bucket : vmimagestore
OVA file Name : nginxserver.ova


S3 Console:

Convert the ova Appliance to AMI with aws cli

After the appliance has been uploaded we need to Convert it to AMI now. To convert it we  need to :

• Create a role named "vmimport"
• Add the trust policy

 root:/manasmonitoring$ cat trust-policy.json

{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Principal": { "Service": "vmie.amazonaws.com" },
    "Action": "sts:AssumeRole",
    "Condition": {
      "StringEquals":{
         "sts:Externalid": "vmimport"
      }
    }
  }]
}root:/manasmonitoring$

 root:/manasmonitoring$ aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json

Add role policy

 

{
 "Version": "2012-10-17",
 "Statement": [{
   "Effect": "Allow",
   "Action": [
     "s3:ListBucket",
     "s3:GetBucketLocation",
     "s3:FullAccess"
   ],
   "Resource": [
     "arn:aws:s3:::vmimagestore"
   ]},
   {
     "Effect": "Allow",
     "Action": [
       "s3:GetObject"
     ],
     "Resource": [
       "arn:aws:s3:::vmimagestore/*"
     ]
   },{
     "Effect": "Allow",
     "Action":[
       "ec2:ModifySnapshotAttribute",
       "ec2:CopySnapshot",
       "ec2:RegisterImage",
       "ec2:Describe*",
       "ec2:FullAccess"
     ],
     "Resource": "*"
   }
 ]
}

root:/manasmonitoring$
 root:/manasmonitoring$ aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json

Now convert the OVA to AMI

 root:/manasmonitoring$ aws ec2 import-image --disk-containers Format=ova,UserBucket="{S3Bucket=vmimagestore,S3Key=nginxserver.ova}"

{     "Status": "active",
    "SnapshotDetails": [
        {
            "UserBucket": {
                "S3Bucket": "vmimagestore",
                "S3Key": "nginxserver.ova"
            },
            "DiskImageSize": 0.0,
            "Format": "OVA"
        }
    ],
    "Progress": "2",
    "StatusMessage": "pending",
    "ImportTaskId": "import-ami-077e1b692bce6eafd"
}

Check the convert tasks Progress:

root:/manasmonitoring$ aws ec2 describe-import-image-tasks --import-task-ids import-ami-077e1b692bce6eafd
{
    "ImportImageTasks": [
        {
            "Status": "active",
            "Progress": "4",
            "SnapshotDetails": [],
            "StatusMessage": "validated",
            "ImportTaskId": "import-ami-077e1b692bce6eafd"
        }
    ]
}


 Once the OVA appliance has been converted we can check the AMI in AWS console.