Working with your agent on the local console - AWS DataSync

Working with your agent on the local console

For an AWS DataSync setup that is deployed on-premises, you can perform the following tasks using the VM host's local console.

Logging in to the AWS DataSync local console

When the VM is ready for you to log in, the login screen is displayed. If this is your first time logging in to the local console, you use the default user name and password to log in. These default login credentials give you access to menus where you can configure the agent's network settings and change the password from the local console. You don't need to know the default password to set a new password.

For security reasons, you can't connect to the agent using SSH (Secure Shell) or remotely connect to it.

To log in to the agent's local console

  • If this is your first time logging in to the local console, log in to the agent VM with the default credentials. The default user name is admin and the password is password. Otherwise, use your credentials to log in.

    Note

    We recommend changing the default password. You do this by running the passwd command from the local console menu (item 5 on the main menu). For information about how to run the command, see Running AWS DataSync commands on the local console.

Obtaining an activation key using the local console

If your agent has not already been activated, you can obtain an activation key for your agent from the local console. This option is displayed only until the agent has been activated.

To get an activation key for your agent from the local console

  1. Log in to your agent's local console.

  2. On the AWS DataSync Activation - Configuration main menu, enter 0 to get an activation key.

  3. Enter the AWS Region that your agent will be activated in.

  4. Enter the service endpoint type that your agent will be using. Options include public, FIPS, and VPC with AWS PrivateLink.

  5. The activation key is automatically generated and displayed on screen. Select and copy this value.

  6. Using the activation key copied from the last step, use the following CLI command to create and activate the agent:

    $ aws datasync create-agent --agent-name your-new-agent-name --activation-key generated-activation-key

    On successful activation, this command returns something similar to the following.

    { "AgentArn": "arn:aws:datasync:us-west-1:1234567890A:agent/agent-ID" }

    You can also insert the activation key in the DataSync console using the agent creation wizard.

    After the agent is activated, the console menu displays the Agent ID and AWS Region. The option for getting an activation key is no longer visible in the console menu.

Configuring your agent network settings

The default network configuration for the agent is Dynamic Host Configuration Protocol (DHCP). With DHCP, your agent is automatically assigned an IP address. In some cases, you might need to manually assign your agent's IP as a static IP address, as described following.

To configure your agent to use static IP addresses

  1. Log in to your agent's local console

  2. On the AWS DataSync Activation - Configuration main menu, enter 1 to begin configuring your network.

  3. On the Network Configuration menu, choose one of the following options.

    To Do this
    Get information about your network adapter

    Enter 1.

    A list of adapter names appears, and you are prompted to enter an adapter name—for example, eth0. If the adapter you specify is in use, the following information about the adapter is displayed:

    • Media access control (MAC) address

    • IP address

    • Netmask

    • Agent IP address

    • DHCP enabled status

    You use the same adapter name when you configure a static IP address (option 3) as when you set your agent's default route adapter (option 5).

    Configure DHCP

    Enter 2.

    You are prompted to configure the network interface to use DHCP.

    Configure a static IP address for your agent

    Enter 3.

    You are prompted to enter the Network adapter name.

    Important

    If your agent has already been activated, you must shut it down and restart it from the DataSync console for the settings to take effect.

    Reset all your agent's network configuration to DHCP

    Enter 4.

    All network interfaces are set to use DHCP.

    Important

    If your agent has already been activated, you must shut down and restart your agent from the DataSync console for the settings to take effect.

    Set your agent's default route adapter

    Enter 5.

    The available adapters for your agent are shown, and you are prompted to choose one of the adapters—for example, eth0.

    Edit your agent's DNS configuration

    Enter 6.

    The available adapters of the primary and secondary DNS servers are displayed. You are prompted to provide the new IP address.
    View your agent's DNS configuration

    Enter 7.

    The available adapters of the primary and secondary DNS servers are displayed.

    Note

    For some versions of the VMware hypervisor, you can edit the adapter configuration in this menu.

    View routing tables

    Enter 8.

    The default route of your agent is displayed.

Testing your agent connection to the internet

You can use your agent's local console to test your internet connection. This test can be useful when you are troubleshooting network issues with your agent.

To test your agent's connection to the internet

  1. Log in to your agent's local console.

  2. On the AWS DataSync Activation - Configuration main menu, enter 2 to begin testing network connectivity.

  3. Enter the service endpoint type that your agent is connecting to. Valid endpoint types include public, FIPS, and VPC endpoints using AWS PrivateLink.

    When the agent is activated, the Test Network Connectivity option can be initiated without any additional user input, because the Region and endpoint type are taken from the activated agent information.

    1. To test public endpoint connectivity, enter 1, followed by the AWS Region in which your agent is activated. Connectivity test results against the correct endpoints for your agent's Region are displayed. For information about AWS Regions and endpoints, see AWS Regions and Endpoints.

      Each endpoint in the selected AWS Region displays either a PASSED or FAILED message.

    2. To test FIPS endpoint connectivity, enter 2, followed by the AWS Region in which your agent is activated. Connectivity test results against the correct endpoints for your agent's Region are displayed. For information about AWS Regions and endpoints, see AWS Regions and Endpoints.

      Each endpoint in the selected AWS Region displays either a PASSED or FAILED message.

    3. To test VPC connectivity, enter 3. Network connectivity test results for your agent's VPC endpoints are displayed.

      Each VPC endpoint displays either a PASSED or FAILED message.

For information about network and firewall requirements, see Network Requirements for DataSync.

Testing connectivity to self-managed storage

You can use the console to test connectivity to your self-managed storage, including NFS, SMB, or object storage servers.

To test connectivity to self-managed storage servers

  1. Log in to your agent's local console.

  2. On the AWS DataSync Activation - Configuration main menu, enter 3 to begin testing network connectivity of self-managed storage.

  3. Choose the location type for connectivity testing. Options include the following.

    1. Enter 1 to test connectivity to an NFS server.

    2. Enter 2 to test connectivity to an SMB server.

    3. Enter 3 to test connectivity to an object storage server.

    Enter the IP address or server domain name of the NFS server.

    Connectivity test results, either PASSED or FAILED, are displayed for the specified server, along with the IP address and port of the tested server.

Viewing your agent system resource status

When you log in to your agent console, virtual CPU cores, root volume size, and RAM are automatically checked. If there are any errors or warnings, they are flagged on the console menu display with a banner that provides details about those errors or warnings.

If there are no errors or warnings when the console starts, the menu displays white text. The View System Resource Check option will display (0 Errors).

If there are errors or warnings, the console menu displays the number of errors and warnings, in red and yellow respectively, in a banner across the top of the menu. For example, (1 ERROR, 1 WARNING).

To view the status of a system resource check

  1. Log in to your agent's local console.

  2. On the AWS DataSync Activation - Configuration main menu, enter 4 to view the results of the system resource check.

    The console displays an [OK], [WARNING], or [FAIL] message for each resource as described in the table following.

    For Amazon EC2 instances, the system resource check verifies that the instance type is one of the instances recommended for use with DataSync. If the instance type matches that list, a single result is displayed in green text, as follows.

    [ OK ] Instance Type Check

    If the Amazon EC2 instance is not on the recommended list, the system resource check verifies the following resources.

    • CPU cores check: At least four cores are required.

    • Disk size check: A minimum of 80 GB available disk space is required.

    • RAM check: A minimum of 32 GiB of RAM is required for up to 20 million file transfers per task. A minimum of 64 GiB of RAM is required for more than 20 million file transfers per task.

    • CPU flags check: The agent VM CPU must have either SSSE3 or SSE4 instruction set flags.

    If the Amazon EC2 instance is not on the list of recommended instances for DataSync, but it has sufficient resources, the result of the system resource check displays four results, all in green text.

    The same resources are verified for agents deployed in Hyper-V, KVM, and VMware VMs.

    VMware agents are also checked for supported version; unsupported versions trigger a red banner error. Supported versions include VMware version 6.5 and 6.7.

Configuring a Network Time Protocol (NTP) server for VMware agents

If you are using a VMware VM, you can view Network Time Protocol (NTP) server configurations and synchronize the VM time on your agent with your VMware hypervisor host.

To manage system time

  1. Log in to your agent's local console.

  2. On the AWS DataSync Activation - Configuration main menu, enter 5 to manage your system's time.

  3. On the System Time Management menu, enter 1 to view and synchronize the VM system time.

    To Do this
    View and synchronize your VM time with NTP server time

    Enter 1.

    The current time of your agent is displayed. Your agent determines the time difference from your agent VM, and your NTP server time and prompts you to synchronize the agent time with NTP time.

    After your agent is deployed and running, in some scenarios the agent's time can drift. For example, suppose that there is a prolonged network outage and your hypervisor host and agent don't get time updates. In this case, the agent's time is different from the true time. When there is a time drift, a discrepancy occurs between the stated times when operations such as snapshots occur and the actual times that the operations occur.

    Edit your NTP server configuration

    Enter 2.

    You are prompted to provide a preferred and a secondary NTP server.

    View your NTP server configuration

    Enter 3.

    Your NTP server configuration is displayed.

Running AWS DataSync commands on the local console

The VM local console in AWS DataSync helps provide a secure environment for configuring and diagnosing issues with your agent. Using the local console commands, you can perform maintenance tasks such as saving routing tables, connecting to AWS Support, and so on.

To run a configuration or diagnostic command

  1. Log in to your agent's local console.

  2. On the AWS DataSync Activation - Configuration main menu, enter 5 for Command Prompt.

    Note

    If you are using a VMware VM, enter 6 for the Command Prompt.

  3. The commands available to be used through the console include the following.

    Use this command To do this
    ip Display or configure routing, devices, and tunnels
    save-routing-table Save newly added routing table entry
    ifconfig Display or configure network interfaces
    iptables Administer IPv4 packet filtering and network address translation (NAT)
    save-iptables Persist IP tables
    dig Perform DNS lookup for DNS hostname
    open-support-channel Connect to AWS Support
    h Display available command list
    exit Return to console configuration menu
  4. At the command prompt, enter the command that you want to use and follow the instructions.

Enabling AWS Support to help troubleshoot your running agent

You can allow AWS Support to access your AWS DataSync agent and assist you with troubleshooting agent issues. By default, AWS Support access to DataSync is disabled. You enable this access through the host's local console. To give AWS Support access to DataSync, you first log in to the local console for the host and then connect to the support server.

To enable AWS Support access to AWS DataSync

  1. Log in to your host's local console. If this is your first time logging in to the local console, log in to the agent VM with the default credentials. The default user name is admin and the password is password. Otherwise, use your credentials to log in.

    Note

    We recommend changing the default password. You do this by running the passwd command from the local console. (Item 5 on the main menu opens the command prompt. For VMware VMs, choose item 6.) For information about how to run the command, see Running AWS DataSync commands on the local console.

  2. At the prompt, enter 5 to open the command prompt (for VMware VMs, use 6).

  3. Enter h to open the AVAILABLE COMMANDS window.

  4. In the AVAILABLE COMMANDS window, enter the following, using your own VPC endpoint address to connect to AWS Support.

    open-support-channel VPCe IP address

    Your firewall must allow the outbound TCP port 22 to initiate a support channel to AWS. When you connect to AWS Support, DataSync assigns you a support number. Make a note of your support number.

    Note

    The channel number is not a Transmission Control Protocol/User Datagram Protocol (TCP/UDP) port number. Instead, it makes a Secure Shell (SSH) (TCP 22) connection to servers and provides the support channel for the connection.

  5. When the support channel is established, provide your support service number to AWS Support so that they can provide troubleshooting assistance.

  6. When the support session is completed, press Enter to end it.

  7. Enter exit to log out of the DataSync local console.

  8. Follow the prompts to exit the local console.