AWS Virtualization
    • 11 Oct 2024
    • 12 Minutes to read

    AWS Virtualization


    Article summary

    This document describes the steps required to create a Virtual Machine (VM) that is hosted in Amazon Web Services (AWS). This process requires several steps in AWS, as well as Skillable Studio. If any steps are missed or skipped, the VM may not function as expected. AWS Virtualization runs Virtual Machines using the AWS service Elastic Compute Cloud (EC2). To use this service, you can either use an existing Amazon Machine Image (AMI), Customize an existing AMI or upload a Virtual Machine from an on-premises copy, all of these activities are managed within the AWS console. AWS supports the importing of Virtual Machines from the following sources:

    • Microsoft Hyper-V

    • Microsoft Azure

    • VMware

    • Citrix

    Skillable recommends using the AWS VM Import/Export service as the service itself is free and automates a number of tasks. Full AWS documentation on the VM Import/Export process can be found here and should take precedence over anything written in this document.

    Overview of Steps Required to Create an AWS Hosted VM

    • Create an organization account in AWS

    • Create an IAM user in AWS

    • Configure a Skillable Studio Subscription

    • Add the Subscription to a Cloud Subscription Pool in Skillable Studio

    • Creating a Custom AMI (optional)

    • Importing a Virtual Machine (optional)

      • Prepare and Export the Virtual Machine

      • Import the Virtual Machine or Virtual Hard Disk to AWS

        • Create an Amazon Machine Image (AMI) based on imported object

    • Create a VM Profile in Skillable Studio

    Organization Account creation

    An account must be created in your AWS organization. This account will be used to launch an AWS VM when a user launches a lab.

    1. Log in to the AWS Management Console with your root account credentials.

    2. Go to My Organization from the menu in the upper-right corner of the page.

    3. Select Add Account.

      Add a user to the AWS organization

    4. If you already have an organization account, select Invite Account.

      1. Enter the email or Account ID of the organization account.

      2. Select Invite.

    5. If you need to create an Account, select Create account.

      Create account details

      1. Enter an AWS account name.

      2. Enter an email address for the account, that belongs to the catch all domain. This is the email address that will be used to contact you about this account.

      3. Enter an IAM role name for this account. AWS Organizations create this role to grant the organization full administrative control over the new account.

    6. Log out of the AWS portal and log in to the account that was just created, using the email address used during account creation.

    7. Select Forgot Password. The password for the account will be sent to the Organizations Master account. The Master account is the account that was used to created the AWS Organization initially.

      You may need to contact the administrator that created the AWS organization for assistance with the password reset email.

    8. Once you receive the password, log in to the AWS Portal.

    Next an IAM user needs to be created.

    IAM User Creation

    1. Select the AWS icon in the upper-left corner to return home.

    2. Under Find Services, search for IAM.

      Search for IAM in the Find Services field

    3. Select IAM.

    4. Select User on the left side of the page

    5. Select Add User.

    6. Enter a name for the user. For example, SkillableStudioAPI. The naming doesn't really matter, as long as the lab author will recognize it later.

    7. Next, select programmatic Access. This enables an access key ID and secret access key for the AWS API, CLI, SDK, and other development tools.

    8. Select Next: permissions.

    9. Under Set Permissions, select Attach existing policies directly.

    10. In the Filter Policies field, search for Org.

    11. Select the checkbox to select the policy name AWSOrganizationsFullAccess. AWSOrganizationsFullAccess being assigned is required, so that the Skillable Studio service account can manage the organization.

      Select AWS Organization Full Access

    12. In the Filter Policies field, search for Admin

    13. Select the checkbox to select AdministratorAccess. This will allow the Skillable Studio service account full access to manage the root AWS Account.

      Select Administrator Access

    14. Select Next: tags.

    15. Select Next: review.

    16. Select Create user.

    Record your access key ID and secret access key in a secure location. Once this page is closed, you will not be able to obtain this information again. These will be used in later steps, when configuring the Cloud Subscription in the Subscription Pool.

    Skillable Studio Subscription Pool Setup

    1. From the Skillable Studio Admin page, select Subscription Pools on the Cloud Services tile.

    2. Select Create Cloud Subscription Pool in the upper-right corner.

    1. Select AWS from the Cloud Platform drop-down menu.

    2. Select Shared from the Subscription Mode drop-down menu.

    3. Select Manual from the Pool type drop-down menu.

    4. Enter a Name for the pool.

    5. Enter a Description for the pool.

    6. Select the Organization that the pool will be owned by.

    7. (Optional) Enter a custom subscription unavailable message. This message will display to lab users if the subscription is unavailable.

    8. Check the box to enable the subscription pool for use.

    9. Enable or disable Health Checks. This enables health checks across all subscriptions in this pool. Skillable Studio will periodically check the subscription for configuration errors and other potential problems.

    10. If Health Checks are enabled, select the frequency that the health check will occur. The health check for each subscription will be completed at the specified interval.

    Skillable Studio Subscription Setup in Subscription Pool

    1. Navigate to the Subscription Pool that was created in previous steps.

    2. Select Create Cloud Subscription.

    3. On the Basic Information tab, configure the following:

      1. Enter a Name for the subscription

      2. Enter a Description for the subscription.

      3. (Optional) Enter an expiration date and time. The subscription will not be available to use once the expiration date and time occurs.

      4. Check the box to enable the subscription for use.

    4. On the Authentication tab, configure the following:

      1. Check the box to Override Pool Authentication. Selecting this will use the authentication information on the subscription instead of the authentication information on the subscription pool.

      2. Enter the Catch All Domain that was used during organization account creation.

      3. Enter the Access Key ID that was generated during IAM user account creation.

      4. Enter the Access key Secret that was generated during IAM user account creation.

    Virtual Machine Configuration

    Depending on the source of the Virtual Machine(s) that will be used in the Skillable lab impacts the next steps that need to be taken. Use table for the next steps:

    Virtual Machine Source

    Section to follow

    Existing AMI either AWS supplied or Custom

    Virtual Machine Profile Creation

    New custom AMI from an AWS supplied AMI

    Creating a Custom AWS AMI

    External VM that requires importing into AWS

    Importing a Virtual Machine into AWS

    Creating a Custom AWS AMI

    When creating a custom AWS AMI the process requires the following steps to be followed:

    1. Create an EC2 instance from an existing AMI

    2. Modify the EX2 instance as required

    3. Optionally snapshot the EC2 instance

    4. Create an AMI Image from the EC2 instance or snapshot

    See the AWS Amazon EC2 documentation for creating AMI’s: Create an Amazon EBS-backed AMI

    Once the custom AMI has been created jump to the section on Virtual Machine Profile Creation to complete the configuration to make the EC2 AMI available in Skillable Studio.

    Importing a Virtual Machine into AWS

    The AWS documentation has detailed information on the configuration and preparation steps to be completed before the export of a Virtual Machine. The information below summarizes the key requirements discussed in the AWS documentation, AWS VM Import/Export Requirements

    Virtual Machine Core Requirements

    • Image Format: Open Virtual Appliance (OVA), Streamed-Optimized ESX Virtual Hard Disk (VMDK), Fixed or Dynamic Virtual Hard Disk (VHD/VHDX) or RAW format

    • Operating Systems: Linux or Windows

    • Volume types

      • Linux: MBR and GUID (GPT)

      • Windows: MBR and GUID (GPT)

    • File Systems

      • Linux: ext2, ext3, ext4, Btrfs, JFS or XFS (Note: Btrfs subvolumes are NOT supported)

      • Windows: NTFS

    Physical Machine Images

    VMs that are created as the result of a physical-to-virtual (P2V) conversion are not supported.

    General Configuration Requirements

    The following configurations should be made in your VM before you export it from your virtualization environment. You should also review the section specific to your operating system for additional required configurations.

    • Disable any antivirus or intrusion detection software on your VM. These services can be re-enabled after the import process is complete.

    • Uninstall the VMware Tools from your VMware VM.

    • Disconnect any CD-ROM drives (virtual or physical).

    • Your source VM must have a functional DHCP client service. Ensure that the service can start and is not disabled administratively. All static IP addresses currently assigned to the source VM are removed during import.

    Windows Configurations

    The following configurations should be made in your Windows VM before you export it from your virtualization environment.

    • Enable Remote Desktop (RDP) for remote access.

    • Make sure that your host firewall (Windows firewall or similar), if configured, allows access to RDP. Otherwise, you cannot access your instance after the import is complete.

    • Make sure that the administrator account and all other user accounts use secure passwords. All accounts must have passwords or the import process might fail.

    • Install .NET Framework 4.5 or later on the VM. We install the .NET framework on your VM as needed.

    • Disable Autologon on your Windows VM.

    • Apply the following hot fixes as needed:

    • Set the RealTimeIsUniversal registry key. For more information, see Set the time for your Amazon EC2 instance in the Amazon EC2 User Guide.

    • Run System Preparation (Sysprep) on your Windows Server VM images.

      • If you run Sysprep before importing your VM, the import process adds an answer file (unattend.xml) to the VM that automatically accepts the End User License Agreement (EULA) and sets the locale to EN-US.

      • If you choose to run Sysprep after importing your VM, we recommend that you use EC2Launch (Windows Server 2016 and later) or EC2Config (through Windows Server 2012 R2) to run Sysprep.

    Linux/Unix Configurations

    The following configurations should be made in your Linux VM before you export it from your virtualization environment.

    • Enable Secure Shell (SSH) for remote access.

    • Make sure that your host firewall (such as Linux iptables) allows access to SSH. Otherwise, you won't be able to access your instance after the import is complete.

    • Make sure that you have configured a non-root user to use public key-based SSH to access your instance after it is imported. The use of password-based SSH and root login over SSH are both possible, but not recommended. The use of public keys and a non-root user is recommended because it is more secure. VM Import does not configure an ec2-user account as part of the import process.

    • Make sure that your Linux VM uses GRUB (GRUB legacy) or GRUB 2 as its bootloader.

    • Make sure that your Linux VM uses one of the following for the root file system: EXT2, EXT3, EXT4, Btrfs, JFS, or XFS.

    • Make sure that your Linux VM is not using predictable network interface device names.

    • Shut down your VM before exporting it from your virtualization environment.

    Export your VM from its virtualization environment

    Once the preparation steps have been completed follow the vendors documentation for exporting the VM that is required to be uploaded to AWS. The following vendor documents should provide assistance on the export processes:

    Vendor

    Documentation

    VMware

    Search for "Export an OVF Template" on the VMware Docs site. Follow the instructions to export an OVA

    Citrix

    Importing and Exporting VMs on the Citrix website.

    Microsoft Hyper-V

    Overview of exporting and importing a virtual machine on the Microsoft website.

    Microsoft Azure

    Download a Windows VHD from Azure or Download a Linux VHD from Azure on the Microsoft website. From the Azure Portal, Choose the VM to migrate, and then choose Disks. Select each disk (either OS or data) and choose Create Snapshot. On the completed snapshot resource, choose Export. This creates a URL that you can use to download the virtual image.

    Import your VM as an image

    After the VM has been exported from the source virtualization environment, it can now be imported to AWS to create a new Amazon EC2. The import process is the same regardless of the VM source.

    The required steps are:

    • Prerequisites for importing a VM into Amazon EC2

    • Upload the image to Amazon S3

    • Import the VM

    • Test the AMI by creating an instance from the Image

    The details for these steps can be found on the AWS documentation website: Import your VM as an image

    Having created and tested the AMI a Virtual Machine Lab Profile can now be created in Skillable Studio.

    Virtual Machine Profile Creation

    1. Go to Skillable Studio .

    2. From the Admin page, select Create Virtual Machine Profile from the Virtual Machines tile.

    3. Complete the following fields on the VM profile:

      • Name: use the same friendly name that was used for the AMI in the AWS management console.

      • Description: describe the intended use of the VM.

      • Series: Select the lab series that the lab profile will be associated with.

      • Organization: Select the organization that will own the VM profile and be responsible for maintaining the profile.

    4. Select AWS from the Platform drop-down menu.

    5. Machine Type: Select the machine type that is preferred. It is best to choose the machine type chosen when the AMI was captured.

    6. Machine Image

      • Image Name: use the same friendly name that was used for the AMI in the AWS management console.

      • Region: select the region where the AMI is uploaded.

      • Image Owner Account: enter the account number that is listed as the Owner on the Details tab of the AMI in the AWS Management Console.

    7. Operating System: select the operating system that corresponds with the AMI.

    8. Username: enter the username used to log in to the operating system on the AMI.

    9. Password: enter the password used to log in to the operating system on the AMI.

    10. Check the Enabled box to enable the VM profile.

    11. Select Save.

    The VM profile can now be added to a lab profile and launched in the lab.

    Whenever a running lab profile is saved, the EC2 resources in AWS are suspended and do not continue to be billed. When the lab is resumed, billing will resume, the EC2 instance will reboot and then the EC2 resource will be available for use in the lab.


    Was this article helpful?

    Changing your password will log you out immediately. Use the new password to log back in.
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.