How to import VM to AWS

One of the coolest features I like about AWS is it not only gives you the powerful images through AMI but also allows you to import your VM images running in your data center as well. In this, I would like to show you how simple it is to import the VM image into the AWS

The prerequisites for VM import are

For S3 Bucket I have created  “my-vm-imports” bucket

Creating IAM Role

You cannot create using the AWS management console. You have to follow the aws- only

  1. create a trust policy trust-policy.json
{

   "Version": "2012-10-17",

   "Statement": [

      {

         "Effect": "Allow",

         "Principal": { "Service": "vmie.amazonaws.com" },

         "Action": "sts:AssumeRole",

         "Condition": {

            "StringEquals":{

               "sts:Externalid": "vmimport"

            }

         }

      }

   ]

}

2. Using aws command line create a role vmimport

aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json

3. Create a file named role-policy.json with the following policy

{

   "Version": "2012-10-17",

   "Statement": [

      {

         "Effect": "Allow",

         "Action": [

            "s3:ListBucket",

            "s3:GetBucketLocation",

            "s3:FullAccess"

         ],

         "Resource": [

            "arn:aws:s3:::my-vm-imports"

         ]

      },

      {

         "Effect": "Allow",

         "Action": [

            "s3:GetObject"

         ],

         "Resource": [

            "arn:aws:s3:::my-vm-imports/*"

         ]

      },

      {

         "Effect": "Allow",

         "Action":[

            "ec2:ModifySnapshotAttribute",

            "ec2:CopySnapshot",

            "ec2:RegisterImage",

            "ec2:Describe*",

            "ec2:FullAccess"

         ],

         "Resource": "*"

      }

   ]

}


4. Use the following command “put-role-policy” to the role we created before.

aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json

Next steps :

  1. Upload the VM image to S3
aws s3 cp file_path s3://my-vm-imports

2. Create a container file which contains the s3 bucket name, format, description and key name in the s3 bucket. Save this file as JSON

[

  {

    "Description": “My VM",

    "Format": "ova",

    "UserBucket": {

        "S3Bucket": “my-vm-imports",

        "S3Key": "my-vm-imports/myVm.ova"

    }

}]

Note: Only OVA,VMDK image formats are supported in AWS

4. Finally, import the image from S3 with import-image command. After that, your image(AMI) will be ready for use

aws ec2 import-image —description “Linux or Window VM” —-disk-containers file://container.json

Thanks for Reading.

Best Regards

Naveen

Nagios Vs CloudWatch AWS

Monitoring is certainly an important thing in maintaining consistent infrastructure in cloud or on-premise network infrastructure. AWS CloudWatch is a native tool to monitor the AWS Services.CloudWatch can monitor AWS resources like EC2, DynamoDB, Lambda, RDS, and Custom Metrics generated by your application or service. We can use CloudWatch to have automated monitoring by use of ALARMS. With the use of ALARM’s in CloudWatch, you can send alerts to your team whenever the ALARM breaches.

On EC2 CloudWatch provides system-wide metrics like CPU Utilization, Brust balance for T2 type instances, Available Memory( with use of Custom Metrics) and it also provides metrics for EBS Volumes such as BytesRead, BytesWrite, VolumeQueueLength i.e Number of reading, writes operations waiting to be completed in a specific duration of time. By using these metrics we can analyze the performance of the applications and audit the logs for security and compliance.

There is no shortage of monitoring tools besides CloudWatch. One such popular tool is Nagios, it has its advantage of being an early player in monitoring the IT infrastructure. Nagios is trusted monitoring tool for enterprises who are working with on-premise networks.It can monitor the network, servers, and applications as well.

Nagios extends its usage to monitoring the Cloud Computing resources too. The following described highlights can be used for deciding which monitoring tool to be used based on your usage.

  • ALARMS:

AWS CloudWatch and Nagios both have capabilities of monitoring the deployment of Computing resources in AWS. When it comes to monitoring the metrics of other AWS Resources such as RDS, DynamoDB or other managed services, CloudWatch unsurprisingly leads over Nagios. CloudWatch is not interoperable with third-party messaging tools like slack. Instead, ALARM’s in CloudWatch uses SNS to publish Email Alerts. In this Nagios much matured with its wide community plugins.

It is to be noted that Nagios can not monitor the IOPS of EBS and Burst Balance of EC2 resources. These metrics provide good reasons to find out the application performance and system level metrics over given period of time.

  1.     Resource Metrics:

If comes to AWS Cloud resources, CloudWatch provides many detailed metrics for every resource in AWS. CloudWatch can even store these metrics over a period of 4 weeks. With these stored metrics you can analyze the performance of your application servers based on the generated load. CloudWatch is on top of Nagios in storing the Metrics for Cloud Services.

CloudWatch provides a rich set of graphics for all AWS resource metrics. 

3.Events

Events are set of rules that will trigger the other AWS resources like calling lambda, creating an Ec2 instance etc. This feature quite useful in the cloud to automate the things. Events in CloudWatch can also be used as Cron job as to trigger for every 5 minutes a lambda function or call some other service. Nagios lacks these kinds of the feature.

  4.Ease of Use

Nagios is a centralized monitoring system provides support for monitoring the network, storage and computing devices. Being a legacy monitoring system it is a bit hard to understand the things in Nagios.You need to have a learning curve in Nagios. CloudWatch is more user-friendly and provides graphs for each metric.

  5.Pricing

Nagios is free open sourced, but when it comes to using enterprise features you have to be prepared to pay from your pocket.Nagios Enterprise features price starts from $1995.

Comparative to Nagios enterprise edition CloudWatch is cost effective. Each Dashboard in CloudWatch cost about $3.00 per month where detailed monitoring cost $3.50 per month

Bottom Line: If you are enterprise and wants to move your existing infrastructure from on-premise to Cloud try with your existing monitoring tools and start using CloudWatch monitoring features and if it satisfies your monitoring needs replace Nagios with CloudWatch.

 

If you need to monitoring any network appliance which most telecom companies use in Cloud, I would strongly suggest using existing Nagios. Because CloudWatch does not provide application metrics as Nagios provides.

Best Regards

Naveen