Shulou(Shulou.com)06/02 Report--

How to import a self-created operating system template and create an EC2 instance on AWS platform

The AMI provided by the AWS platform, especially the domestic AMI is very small, and we are full of worries about using all kinds of AMI provided unofficially by the community.

Therefore, it is a better choice to install the system by yourself and import the AWS platform.

Note:

Basic steps

Create virtual machines in the local Vcenter/ESXI5.X, and install all kinds of environments and software as needed

Requirements for prepared virtual machines can be found in: http://docs.amazonaws.cn/vm-import/latest/userguide/prepare-vm-p_w_picpath.html

Use Vcenter's server template export function to export an ova type template, size1-5G, depending on how much the system installs the software.

How to export reference http://docs.amazonaws.cn/vm-import/latest/userguide/export-vm-p_w_picpath.html

Import the OVA file into the Amazon S3 bucket, which authorizes the vmimport in step 4, at least listed and read-only, as in the authorization process

Create a service role

4.1 create a file named trust-policy.json using the following policy

{"Version": "2012-10-17", "Statement": [{"Effect": "Allow", "Principal": {"Service": "vmie.amazonaws.com"}, "Action": "sts:AssumeRole" "Condition": {"StringEquals": {"sts:Externalid": "vmimport"]}

You can save the file anywhere on your computer. Make a note of the location of the file, because you need to specify it in the next step.

Use the create-role command to create a role named vmimport and provide VM Import/Export with access to that role. Be sure to specify the full path to the trust-policy.json file location.

Aws iam create-role-role-name vmimport-assume-role-policy-document file://trust-policy.json

4.3 create a file called role-policy.json and write the following policy, where disk-p_w_picpath-file-bucket is the bucket that stores the disk image:

{"Version": "2012-10-17", "Statement": [{"Effect": "Allow", "Action": ["s3:ListBucket", "s3:GetBucketLocation"], "Resource": ["arn:aws-cn:s3:::"]} {"Effect": "Allow", "Action": ["s3:GetObject"], "Resource": ["arn:aws-cn:s3:::/*"]}, {"Effect": "Allow", "Action": ["ec2:ModifySnapshotAttribute" "ec2:CopySnapshot", "ec2:RegisterImage", "ec2:Describe*"], "Resource": "*"]}

4.4 use the following put-role-policy command to mount the policy to the previously created role. Be sure to specify the full path to the role-policy.json file location.

Aws iam put-role-policy-role-name vmimport-policy-name vmimport-policy-document file://role-policy.json

5 Import OVA

After uploading your VM image file to Amazon S3, you can import the image using AWS CLI. These tools accept paths to URL (public Amazon S3 files, signed GET URL for private Amazon S3 files) or Amazon S3 buckets and disk files.

Aws ec2 import-p_w_picpath-description "Windows 2008 OVA"-disk-containers file://containers.json

The following is a sample containers.json file.

[{"Description": "Windows 2008 OVA", "Format": "ova", "UserBucket": {"S3Bucket": "my-import-bucket", "S3Key": "vms/my-windows-2008-vm.ova"}}]

If you are importing multiple disks

Copy [{"Description": "First disk", "Format": "vmdk", "UserBucket": {"S3Bucket": "my-import-bucket", "S3Key": "disks/my-windows-2008-vm-disk1.vmdk"}}, {"Description": "Second disk", "Format": "vmdk" "UserBucket": {"S3Bucket": "my-import-bucket", "S3Key": "disks/my-windows-2008-vm-disk2.vmdk"}}] check the status of the import task

Use the describe-import-p_w_picpath-tasks command to return the status of the import task.

The included status values are as follows:

Active-the import task is running.

Deleting-canceling the import task.

Deleted-the import task has been cancelled.

Validating-validating imported images.

Converting-converting the imported image to AMI.

Completed-the import task is complete and the AMI is ready to use.

Aws ec2 describe-import-p_w_picpath-tasks-import-task-ids import-ami-fgxn195v (optional) cancels the import task

Use the cancel-import-task command to cancel the running import task.

Aws ec2 cancel-import-task-the next steps of import-task-id import-ami-fg4z7c9h

Now that you have AMI, you can start it as an instance or copy it to another area. For more information, see the following topics in the Amazon EC2 documentation.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.