AWS Virtualization

This document describes the steps required to create a Virtual Machine (VM) that is hosted in Amazon Web Services (AWS). This process requires several steps in AWS, as well as Skillable Studio. If any steps are missed or skipped, the VM may not function as expected.

Overview of Steps Required to Create an AWS Hosted VM

• Create an organization account in AWS

• Create an IAM user in AWS

• Configure a Skillable Studio Subscription

• Add the Subscription to a Cloud Subscription Pool in Skillable Studio

• Prepare the Virtual Machine

• Upload Virtual Hard Disk (VHDs) to AWS

  • Create an Amazon Machine Image (AMI) based on the VHDs that uploaded

• Create a VM Profile in Skillable Studio

Organization Account creation

An account must be created in your organization. This account will be used to launch an AWS VM when a user launches a lab.

1. Log in to the AWS Management Console with your root account credentials.

2. Go to My Organization from the menu in the upper-right corner of the page.

3. Click Add Account.

   

4. If you already have an organization account, click Invite Account.

   1. Enter the email or Account ID of the organization account.

   2. Click Invite.

5. If you need to create an Account, click Create account.

   

   1. Enter an AWS account name.

   2. Enter an email address for the account, that belongs to the catch all domain. This is the email address that will be used to contact you about this account.

   3. Enter an IAM role name for this account. AWS Organizations create this role to grant the organization full administrative control over the new account.

6. Log out of the AWS portal and log in to the account that was just created, using the email address used during account creation.

7. Click Forgot Password. The password for the account will be sent to the Organizations Master account. The Master account is the account that was used to created the AWS Organization initially.

   You may need to contact the administrator that created the AWS organization for assistance with the password reset email.

8. Once you receive the password, log in to the AWS Portal.

Next an IAM user needs to be created.

IAM User Creation

1. Click the AWS icon in the upper-left corner to return home.

2. Under Find Services, search for IAM.

   

3. Click IAM.

4. Click User on the left side of the page.

5. Click Add User.

6. Enter a name for the user. I.E. SkillableStudioAPI. The naming doesn't really matter, as long as the lab author will recognize it later.

7. Next, select programmatic  Access. This enables an access key ID and secret access key for the AWS API, CLI, SDK, and other development tools.

8. Click Next: permissions.

9. Under Set Permissions, select Attach existing policies directly.

10. In the Filter Policies field, search for Org.

11. Click the checkbox to select the policy name AWSOrganizationsFullAccess. AWSOrganizationsFullAccess being assigned is required, so that the Skillable Studio  service account can manage the organization.

    

12. In the Filter Policies field, search for Admin

13. Click the checkbox to select AdministratorAccess. This will allow the Skillable Studio  service account full access to manage the root AWS Account.

    

14. Click Next: tags.

15. Click Next: review.

16. Click Create user.

Skillable Studio Subscription Pool Setup

1. From the Skillable Studio  Admin page, click Subscription Pools on the Cloud Services tile.

2. Select Create Cloud Subscription Pool in the upper-right corner.

1. Select AWS from the Cloud Platform drop-down menu.

2. Select Shared from the Subscription Mode drop-down menu.

3. Select Manual from the Pool type drop-down menu.

4. Enter a Name for the pool.

5. Enter a Description for the pool.

6. Select the Organization that the pool will be owned by.

7. (Optional) Enter a custom subscription unavailable message. This message will display to lab users if the subscription is unavailable.

8. Check the box to enable the subscription pool for use.

9. Enable or disable Health Checks. This enables health checks across all subscriptions in this pool. Skillable Studio  will periodically check the subscription for configuration errors and other potential problems.

10. If Health Checks are enabled, select the frequency that the health check will occur. The health check for each subscription will be completed at the specified interval.

Skillable Studio Subscription Setup in Subscription Pool

1. Navigate to the Subscription Pool that was created in previous steps.

2. Click Create Cloud Subscription.

3. On the Basic Information tab, configure the following:

   

   1. Enter a Name for the subscription

   2. Enter a Description for the subscription.

   3. (Optional) Enter an expiration date and time. The subscription will not be available to use once the expiration date and time occurs.

   4. Check the box to enable the subscription for use.

4. On the Authentication tab, configure the following:

   

   1. Check the box to Override Pool Authentication. Selecting this will use the authentication information on the subscription instead of the authentication information on the subscription pool.

   2. Enter the Catch All Domain that was used during organization account creation.

   3. Enter the Access Key ID that was generated during IAM user account creation.

   4. Enter the Access key Secret that was generated during IAM user account creation.

Virtual Machine Prep

You must export your virtual machine to a VHD and upload to AWS to create an Amazon Machine Image (AMI).

The virtual machine needs to be prepared:

1. Launch your virtual machine.

2. On your Virtual machine, there are 2 settings that need to be configured before exporting to a VHD.

   • Enable DHCP

   • Enable RDP

3. Capture a final differencing disk of the virtual machine.

4. Export VM to VHD format.

Upload VHD to AWS and Create AMI

1. If the exported VM resulted in multiple VHDs, merge the disk chain into a single VHD.

2. Using the log in credentials created in previous steps, then log in to the AWS portal.

3. In the AWS portal, create an S3 bucket.

4. On your local machine, install AWS CLI. If you already have AWS CLI installed, ensure it is up to date.

5. Create a JSON file with specific information for image import into AWS.

6. Reference the JSON file and run the import command using this AWS documentation.

7. Note the job number that is associated with the command. You must wait until it is noted as Complete before continuing to the next steps.

8. After the job is completed, go to the AWS Management Console and log in to the account where the AMI was created.

9. Go to the EC2 page in the AWS Management Console.

10. On the left side of the page, click AMIs under the Images section.

11. Select the new AMI that you created.

12. Right-click AMI and select Launch.

13. Select the Instance type and size for the machine.

14. Click Review and Launch.

15. Allow the VM to start, then connect via RDP.

    The VM may take a few minutes for resource usage to stabilize.

16. Exit the RDP window, but leave the VM running.

17. Go back to the EC2 page in the AWS Management Console, and click Instances on the left-side of the page under the Instances section.

18. Select the Instance for the AMI that you launched.

19. Right-click the Instance and select Capture new AMI image.

20. After the image finishes capturing, go back to the AMIs section and click AMIs.

21. Select the new AMI image that was just created after capturing an AMI image.

22. Change the name of the AMI to a more friendly name, be specific.

23. The AMI needs to be shared with all accounts that will be used to launch the VM.

    1. Select the AMI.

    2. Click the Permissions tab near the bottom of the page.

    3. Click Edit.

    4. Enter any account numbers that should be given permission to launch the AMI, and then click Add Permission. Account numbers can only be entered one at a time.

    5. After all account numbers are added, click Save.

The AMi can now be configured in a Skillable Studio  lab profile.

VM Profile Creation

1. Go to Skillable Studio .

2. From the Admin page, click Create Virtual Machine Profile from the Virtual Machines tile.

   

3. Complete the following fields on the VM profile:

   

   • Name: use the same friendly name that was used for the AMI in the AWS management console.

   • Description: describe the intended use of the VM.

   • Series: Select the lab series that the lab profile will be associated with.

   • Organization: Select the organization that will own the VM profile and be responsible for maintaining the profile.

4. Select AWS from the Platform drop-down menu.

5. Machine Type: Select the machine type that is preferred. It is best to choose the machine type chosen when the AMI was captured.

6. Machine Image

   • Image Name: use the same friendly name that was used for the AMI in the AWS management console.

   • Region: select the region where the AMI is uploaded.

   • Image Owner Account: enter the account number that is listed as the Owner on the Details tab of the AMI in the AWS Management Console.

7. Operating System: select the operating system that corresponds with the AMI.

8. Username: enter the username used to log in to the operating system on the AMI.

9. Password: enter the password used to log in to the operating system on the AMI.

10. Check the Enabled box to enable the VM profile.

11. Click Save.

The VM profile can now be added to a lab profile and launched in the lab.