You can launch an EC2 instance from a virtual machine that you migrate from VMware vCenter to Amazon EC2. You'll use the AWS Connector for vCenter to migrate your virtual machines to Amazon EC2.
The following diagram illustrates the migration process. When you request a migration, we create a conversion task. When the conversion task completes successfully, your imported instance is available.
Amazon EC2 limits the number of active migrations to 5. If the connector is already in the process of migrating 4 virtual machines, it queues any additional migration tasks until one of the active migration tasks completes successfully or is canceled.
An administrator must install and configure the connector. The connector is part of AWS Management Portal for vCenter. For more information, see Setting Up AWS Management Portal for vCenter.
An administrator must create at least one environment and grant you permission to migrate a virtual machine into one or more environments. This environment is in addition to the default environment and must be explicitly created. For more information, see Managing Environments.
Ensure that your VM uses one of the supported operating systems and that you select one of the supported instance types. For more information, see VM Import/Export Prerequisites in the Amazon EC2 User Guide for Linux Instances.
Ensure that your VM does not have a disk whose compressed size is greater than 215 GB.
You can't migrate a VM that has multiple disks. For more information about this limit and other limits, see VM Import/Export Requirements and Limitations in the Amazon EC2 User Guide for Linux Instances.
Your users don't have direct access to AWS. The following diagram describes the process by which a user can migrate a VM to Amazon EC2.
The vSphere client authorizes import to the environment.
The management portal verifies that the user has permission to migrate VMs to the environment and returns a token.
The vSphere client sends an import request to the connector along with the token.
The connector verifies the token.
The connector verifies that the user has permission to export the VM.
The connector starts the migration.
The connector sends a response to the vSphere client with the import task ID.
To migrate a VM to Amazon EC2, use vCenter with the connector. The connector can migrate up to four VMs concurrently.
You can't create a migration task while the connector is updating.
To migrate your virtual machine to Amazon EC2
From vCenter, click Home and then click VMs and Templates.
Select the VM.
Right-click the VM, and then click Migrate VM to EC2. If your administrator did not grant you permission to migrate VMs, you'll see a message to ask your administrator to grant you permission.
Complete the form as follows:
Select the operating system running on the VM.
Select the region and environment for the resulting EC2 instance. The list of environments contains only the environments to which your administrator has granted you permission.
Select a subnet, instance type, and security group for the instance.
(Optional) Enter a private IP address. If you don't specify a private IP address, we'll select one for you.
Select a security group. The list of security groups contains only the security groups associated with the environment you've selected.
Click Begin migration to Amazon EC2.
[Prior to connector 2.4.0] If the connector displays a warning that there are already four active migration tasks and that this will affect the speed of these tasks, you can either continue or cancel the migration task.
After the migration begins, we display the import task ID if the migration task started immediately or the queued task ID otherwise. Note the ID if you'd like to monitor the migration task. Otherwise, you can close the import window and your vSphere client after the connector notifies you that the import task was created or queued, and the migration will continue.
(Optional) To monitor the status of the migration, do the following:
From vCenter, click Home and then click AWS Management Portal.
Expand the region for the instance, select the environment, and then click the VM-to-EC2 Migrations tab.
Find the entry with the import task ID or queued task ID that you noted earlier. The ID of the instance is shown in the Instance ID field.
To start the EC2 instance after the migration has completed, expand the environment, expand Imported Instances, select the instance, and then click the Summary tab. The ID of the instance should be the instance ID that you noted from the VM-to-EC2 Migrations tab. On the Getting Started tab, click Start instance.
After you start an instance, it runs until it is terminated. If your instance is terminated, you can't connect to or recover the instance. To ensure that you can start a new instance with the same software as an migrated instance if needed, create an Amazon Machine Image (AMI) from the instance, and then create a template that specifies the AMI.
To create an AMI, you must use the Amazon EC2 console or command line tools. For information about creating an AMI using Amazon EC2, see the following topics in the Amazon EC2 User Guide for Linux Instances.
For information about creating a template so that you can launch instances from the AMI that you've created from your migrated instance, see Managing Templates.
To export an EC2 instance, you must use the Amazon EC2 CLI. For more information, see Exporting EC2 Instances in the Amazon EC2 User Guide for Linux Instances.
Error: Connector is unable to reach ESX host
You receive the following error when migrating a virtual machine: "Connector is unable to reach ESX host [hostname] to migrate virtual machine [name]".
If the hostname specified in the error message is not the fully-qualified domain name of an ESX host, use the following procedure to configure the DNS suffix search list so that connector can append the suffix and resolve the ESX hostname:
Locate the connector VM in the vSphere client, right-click it, and select Open Console.
Log in as
ec2-user. For more information, see
Logging into the Virtual Machine Console.
Run the following command:
The command displays the following menu:
Choose one of the following options 1. Reset password 2. Reconfigure network settings 3. Restart services 4. Factory reset 5. Delete unused upgrade-related files 6. Enable/disable SSL certificate validation 7. Display connector's SSL certificate 8. Generate log bundle 9. Exit Please enter your option [1-9]:
2, and then press Enter. The command displays the following menu:
Reconfigure your network: 1. Renew or acquire a DHCP lease 2. Set up a static IP 3. Set up a web proxy for AWS communication 4. Set up a DNS suffix search list 5. Exit Please enter your option [1-5]:
4, and then press Enter. The command displays the current
DNS suffix search list. Follow the directions to update the search list to
include the domain name of the ESX host from the error message.
Connector can't validate the certificates of the host
By default, the connector validates the certificates of all entities that it communicates with over HTTPS, including vCenter and ESXi servers. This is essential to prevent man-in-the-middle attacks. However, if you are migrating a virtual machine from ESX version 4.1 or earlier to Amazon EC2, the connector can't validate the certificates of the host, so the migration fails.
To work around this problem, you can do one of the following:
Option 1: Update to ESX 5.0 or later.
Option 2: Disable ESX certificate validation, migrate the virtual machine, and then re-enable ESX certificate validation as follows:
From your web browser, open the connector management console (https://ip_address/, where ip_address is the IP address of the management console) and log in using your password.
Click Register the Connector.
On the Register Plugin page, under ESX SSL certificate options, click Ignore any ESX certificate errors, and then click Register.
We recommend that you keep ESX certificate validation enabled unless you are migrating virtual machines from ESX 4.1 or earlier.
When you have finished migrating the virtual machine, return to the Register Plugin page of the connector management console, click Trust vCenter to validate ESX certificates, and then click Register.