AWS Virtualization
- 11 Oct 2024
- 12 Minutes to read
- Print
AWS Virtualization
- Updated on 11 Oct 2024
- 12 Minutes to read
- Print
Article summary
Did you find this summary helpful?
Thank you for your feedback
This document describes the steps required to create a Virtual Machine (VM) that is hosted in Amazon Web Services (AWS). This process requires several steps in AWS, as well as Skillable Studio. If any steps are missed or skipped, the VM may not function as expected. AWS Virtualization runs Virtual Machines using the AWS service Elastic Compute Cloud (EC2). To use this service, you can either use an existing Amazon Machine Image (AMI), Customize an existing AMI or upload a Virtual Machine from an on-premises copy, all of these activities are managed within the AWS console. AWS supports the importing of Virtual Machines from the following sources:
Microsoft Hyper-V
Microsoft Azure
VMware
Citrix
Skillable recommends using the AWS VM Import/Export service as the service itself is free and automates a number of tasks. Full AWS documentation on the VM Import/Export process can be found here and should take precedence over anything written in this document.
Overview of Steps Required to Create an AWS Hosted VM
Create an organization account in AWS
Create an IAM user in AWS
Configure a Skillable Studio Subscription
Add the Subscription to a Cloud Subscription Pool in Skillable Studio
Creating a Custom AMI (optional)
Importing a Virtual Machine (optional)
Prepare and Export the Virtual Machine
Import the Virtual Machine or Virtual Hard Disk to AWS
Create an Amazon Machine Image (AMI) based on imported object
Create a VM Profile in Skillable Studio
Organization Account creation
An account must be created in your AWS organization. This account will be used to launch an AWS VM when a user launches a lab.
Log in to the AWS Management Console with your root account credentials.
Go to My Organization from the menu in the upper-right corner of the page.
Select Add Account.
If you already have an organization account, select Invite Account.
Enter the email or Account ID of the organization account.
Select Invite.
If you need to create an Account, select Create account.
Enter an AWS account name.
Enter an email address for the account, that belongs to the catch all domain. This is the email address that will be used to contact you about this account.
Enter an IAM role name for this account. AWS Organizations create this role to grant the organization full administrative control over the new account.
Log out of the AWS portal and log in to the account that was just created, using the email address used during account creation.
Select Forgot Password. The password for the account will be sent to the Organizations Master account. The Master account is the account that was used to created the AWS Organization initially.
You may need to contact the administrator that created the AWS organization for assistance with the password reset email.
Once you receive the password, log in to the AWS Portal.
Next an IAM user needs to be created.
IAM User Creation
Select the AWS icon in the upper-left corner to return home.
Under Find Services, search for IAM.
Select IAM.
Select User on the left side of the page
Select Add User.
Enter a name for the user. For example, SkillableStudioAPI. The naming doesn't really matter, as long as the lab author will recognize it later.
Next, select programmatic Access. This enables an access key ID and secret access key for the AWS API, CLI, SDK, and other development tools.
Select Next: permissions.
Under Set Permissions, select Attach existing policies directly.
In the Filter Policies field, search for Org.
Select the checkbox to select the policy name AWSOrganizationsFullAccess. AWSOrganizationsFullAccess being assigned is required, so that the Skillable Studio service account can manage the organization.
In the Filter Policies field, search for Admin
Select the checkbox to select AdministratorAccess. This will allow the Skillable Studio service account full access to manage the root AWS Account.
Select Next: tags.
Select Next: review.
Select Create user.
Record your access key ID and secret access key in a secure location. Once this page is closed, you will not be able to obtain this information again. These will be used in later steps, when configuring the Cloud Subscription in the Subscription Pool.
Skillable Studio Subscription Pool Setup
From the Skillable Studio Admin page, select Subscription Pools on the Cloud Services tile.
Select Create Cloud Subscription Pool in the upper-right corner.
.png?sv=2022-11-02&spr=https&st=2024-11-11T11%3A20%3A18Z&se=2024-11-11T11%3A30%3A18Z&sr=c&sp=r&sig=yzuOc28dTVVg3tjxCHoEA0KB0Gmw%2FDe5aqSHQjP02XE%3D "image(497).png")
Select AWS from the Cloud Platform drop-down menu.
Select Shared from the Subscription Mode drop-down menu.
Select Manual from the Pool type drop-down menu.
Enter a Name for the pool.
Enter a Description for the pool.
Select the Organization that the pool will be owned by.
(Optional) Enter a custom subscription unavailable message. This message will display to lab users if the subscription is unavailable.
Check the box to enable the subscription pool for use.
Enable or disable Health Checks. This enables health checks across all subscriptions in this pool. Skillable Studio will periodically check the subscription for configuration errors and other potential problems.
If Health Checks are enabled, select the frequency that the health check will occur. The health check for each subscription will be completed at the specified interval.
Skillable Studio Subscription Setup in Subscription Pool
Navigate to the Subscription Pool that was created in previous steps.
Select Create Cloud Subscription.
On the Basic Information tab, configure the following:
.png?sv=2022-11-02&spr=https&st=2024-11-11T11%3A20%3A18Z&se=2024-11-11T11%3A30%3A18Z&sr=c&sp=r&sig=yzuOc28dTVVg3tjxCHoEA0KB0Gmw%2FDe5aqSHQjP02XE%3D "image(500).png")
Enter a Name for the subscription
Enter a Description for the subscription.
(Optional) Enter an expiration date and time. The subscription will not be available to use once the expiration date and time occurs.
Check the box to enable the subscription for use.
On the Authentication tab, configure the following:
.png?sv=2022-11-02&spr=https&st=2024-11-11T11%3A20%3A18Z&se=2024-11-11T11%3A30%3A18Z&sr=c&sp=r&sig=yzuOc28dTVVg3tjxCHoEA0KB0Gmw%2FDe5aqSHQjP02XE%3D "image(499).png")
Check the box to Override Pool Authentication. Selecting this will use the authentication information on the subscription instead of the authentication information on the subscription pool.
Enter the Catch All Domain that was used during organization account creation.
Enter the Access Key ID that was generated during IAM user account creation.
Enter the Access key Secret that was generated during IAM user account creation.
.png?sv=2022-11-02&spr=https&st=2024-11-11T11%3A20%3A18Z&se=2024-11-11T11%3A30%3A18Z&sr=c&sp=r&sig=yzuOc28dTVVg3tjxCHoEA0KB0Gmw%2FDe5aqSHQjP02XE%3D "image(500).png")
.png?sv=2022-11-02&spr=https&st=2024-11-11T11%3A20%3A18Z&se=2024-11-11T11%3A30%3A18Z&sr=c&sp=r&sig=yzuOc28dTVVg3tjxCHoEA0KB0Gmw%2FDe5aqSHQjP02XE%3D "image(499).png")
Virtual Machine Configuration
Depending on the source of the Virtual Machine(s) that will be used in the Skillable lab impacts the next steps that need to be taken. Use table for the next steps:
Virtual Machine Source | Section to follow |
|---|---|
Existing AMI either AWS supplied or Custom | Virtual Machine Profile Creation |
New custom AMI from an AWS supplied AMI | Creating a Custom AWS AMI |
External VM that requires importing into AWS | Importing a Virtual Machine into AWS |
Creating a Custom AWS AMI
When creating a custom AWS AMI the process requires the following steps to be followed:
Create an EC2 instance from an existing AMI
Modify the EX2 instance as required
Optionally snapshot the EC2 instance
Create an AMI Image from the EC2 instance or snapshot
See the AWS Amazon EC2 documentation for creating AMI’s: Create an Amazon EBS-backed AMI
Once the custom AMI has been created jump to the section on Virtual Machine Profile Creation to complete the configuration to make the EC2 AMI available in Skillable Studio.
Importing a Virtual Machine into AWS
The AWS documentation has detailed information on the configuration and preparation steps to be completed before the export of a Virtual Machine. The information below summarizes the key requirements discussed in the AWS documentation, AWS VM Import/Export Requirements
Virtual Machine Core Requirements
Image Format: Open Virtual Appliance (OVA), Streamed-Optimized ESX Virtual Hard Disk (VMDK), Fixed or Dynamic Virtual Hard Disk (VHD/VHDX) or RAW format
Operating Systems: Linux or Windows
Volume types
Linux: MBR and GUID (GPT)
Windows: MBR and GUID (GPT)
File Systems
Linux: ext2, ext3, ext4, Btrfs, JFS or XFS (Note: Btrfs subvolumes are NOT supported)
Windows: NTFS
Physical Machine Images
VMs that are created as the result of a physical-to-virtual (P2V) conversion are not supported.
General Configuration Requirements
The following configurations should be made in your VM before you export it from your virtualization environment. You should also review the section specific to your operating system for additional required configurations.
Disable any antivirus or intrusion detection software on your VM. These services can be re-enabled after the import process is complete.
Uninstall the VMware Tools from your VMware VM.
Disconnect any CD-ROM drives (virtual or physical).
Your source VM must have a functional DHCP client service. Ensure that the service can start and is not disabled administratively. All static IP addresses currently assigned to the source VM are removed during import.
Windows Configurations
The following configurations should be made in your Windows VM before you export it from your virtualization environment.
Enable Remote Desktop (RDP) for remote access.
Make sure that your host firewall (Windows firewall or similar), if configured, allows access to RDP. Otherwise, you cannot access your instance after the import is complete.
Make sure that the administrator account and all other user accounts use secure passwords. All accounts must have passwords or the import process might fail.
Install .NET Framework 4.5 or later on the VM. We install the .NET framework on your VM as needed.
Disable Autologon on your Windows VM.
Apply the following hot fixes as needed:
Set the RealTimeIsUniversal registry key. For more information, see Set the time for your Amazon EC2 instance in the Amazon EC2 User Guide.
Run System Preparation (Sysprep) on your Windows Server VM images.
If you run Sysprep before importing your VM, the import process adds an answer file (unattend.xml) to the VM that automatically accepts the End User License Agreement (EULA) and sets the locale to EN-US.
If you choose to run Sysprep after importing your VM, we recommend that you use EC2Launch (Windows Server 2016 and later) or EC2Config (through Windows Server 2012 R2) to run Sysprep.
Linux/Unix Configurations
The following configurations should be made in your Linux VM before you export it from your virtualization environment.
Enable Secure Shell (SSH) for remote access.
Make sure that your host firewall (such as Linux iptables) allows access to SSH. Otherwise, you won't be able to access your instance after the import is complete.
Make sure that you have configured a non-root user to use public key-based SSH to access your instance after it is imported. The use of password-based SSH and root login over SSH are both possible, but not recommended. The use of public keys and a non-root user is recommended because it is more secure. VM Import does not configure an ec2-user account as part of the import process.
Make sure that your Linux VM uses GRUB (GRUB legacy) or GRUB 2 as its bootloader.
Make sure that your Linux VM uses one of the following for the root file system: EXT2, EXT3, EXT4, Btrfs, JFS, or XFS.
Make sure that your Linux VM is not using predictable network interface device names.
Shut down your VM before exporting it from your virtualization environment.
Export your VM from its virtualization environment
Once the preparation steps have been completed follow the vendors documentation for exporting the VM that is required to be uploaded to AWS. The following vendor documents should provide assistance on the export processes:
Vendor | Documentation |
|---|---|
VMware | Search for "Export an OVF Template" on the VMware Docs site. Follow the instructions to export an OVA |
Citrix | Importing and Exporting VMs on the Citrix website. |
Microsoft Hyper-V | Overview of exporting and importing a virtual machine on the Microsoft website. |
Microsoft Azure | Download a Windows VHD from Azure or Download a Linux VHD from Azure on the Microsoft website. From the Azure Portal, Choose the VM to migrate, and then choose Disks. Select each disk (either OS or data) and choose Create Snapshot. On the completed snapshot resource, choose Export. This creates a URL that you can use to download the virtual image. |
Import your VM as an image
After the VM has been exported from the source virtualization environment, it can now be imported to AWS to create a new Amazon EC2. The import process is the same regardless of the VM source.
The required steps are:
Prerequisites for importing a VM into Amazon EC2
Upload the image to Amazon S3
Import the VM
Test the AMI by creating an instance from the Image
The details for these steps can be found on the AWS documentation website: Import your VM as an image
Having created and tested the AMI a Virtual Machine Lab Profile can now be created in Skillable Studio.
Virtual Machine Profile Creation
Go to Skillable Studio .
From the Admin page, select Create Virtual Machine Profile from the Virtual Machines tile.
.png?sv=2022-11-02&spr=https&st=2024-11-11T11%3A20%3A18Z&se=2024-11-11T11%3A30%3A18Z&sr=c&sp=r&sig=yzuOc28dTVVg3tjxCHoEA0KB0Gmw%2FDe5aqSHQjP02XE%3D "image(495).png")
Complete the following fields on the VM profile:
.png?sv=2022-11-02&spr=https&st=2024-11-11T11%3A20%3A18Z&se=2024-11-11T11%3A30%3A18Z&sr=c&sp=r&sig=yzuOc28dTVVg3tjxCHoEA0KB0Gmw%2FDe5aqSHQjP02XE%3D "image(496).png")
Name: use the same friendly name that was used for the AMI in the AWS management console.
Description: describe the intended use of the VM.
Series: Select the lab series that the lab profile will be associated with.
Organization: Select the organization that will own the VM profile and be responsible for maintaining the profile.
Select AWS from the Platform drop-down menu.
Machine Type: Select the machine type that is preferred. It is best to choose the machine type chosen when the AMI was captured.
Machine Image
Image Name: use the same friendly name that was used for the AMI in the AWS management console.
Region: select the region where the AMI is uploaded.
Image Owner Account: enter the account number that is listed as the Owner on the Details tab of the AMI in the AWS Management Console.
Operating System: select the operating system that corresponds with the AMI.
Username: enter the username used to log in to the operating system on the AMI.
Password: enter the password used to log in to the operating system on the AMI.
Check the Enabled box to enable the VM profile.
Select Save.
.png?sv=2022-11-02&spr=https&st=2024-11-11T11%3A20%3A18Z&se=2024-11-11T11%3A30%3A18Z&sr=c&sp=r&sig=yzuOc28dTVVg3tjxCHoEA0KB0Gmw%2FDe5aqSHQjP02XE%3D "image(495).png")
.png?sv=2022-11-02&spr=https&st=2024-11-11T11%3A20%3A18Z&se=2024-11-11T11%3A30%3A18Z&sr=c&sp=r&sig=yzuOc28dTVVg3tjxCHoEA0KB0Gmw%2FDe5aqSHQjP02XE%3D "image(496).png")
The VM profile can now be added to a lab profile and launched in the lab.
Whenever a running lab profile is saved, the EC2 resources in AWS are suspended and do not continue to be billed. When the lab is resumed, billing will resume, the EC2 instance will reboot and then the EC2 resource will be available for use in the lab.
Was this article helpful?