AWS Replication Agent installation instructions - AWS Elastic Disaster Recovery

AWS Replication Agent installation instructions

You must install the AWS Replication Agent on each source server that you want to add to Elastic Disaster Recovery. Agent installation is composed of the following steps:

Generating the required AWS credentials

In order to install the AWS Replication Agent, you must first generate the required AWS credentials. You can either create temporary credentials with AWS STS or you can create permanent credentials with an IAM User. We recommend creating temporary credentials.

Temporary credentials

To create temporary credentials, you will need to do the following:

  1. create a new IAM User with the AWSElasticDisasterRecoveryAgentInstallationPolicy policy.

  2. Request temporary security credentials through AWS STS through the AssumeRole API.

Permanent credentials

To create permanent credentials, you will need to create at least one AWS Identity and Access Management (IAM) user, and assign the proper permission policy to this user. You will obtain an Access key ID and Secret access key, which you will need to enter into the Agent installation prompt in order to begin the installation.

Note

You can use the same credentials to install multiple Agents.

  1. Open the AWS Management Console and look for IAM under Find Services.

  2. From the IAM main page, choose Users from the left-hand navigation menu.

  3. You can either select an existing user or add a new user. These steps show the path for adding a new user for Elastic Disaster Recovery. Choose Add user.

  4. Give the user a User name and select the Programmatic access access type. Choose Next: Permissions.

  5. Choose the Attach existing policies directly option. Search for AWSElasticDisasterRecoveryAgentInstallationPolicy. Select the policy and choose Next: Tags.

  6. Add tags if you wish to use them. Tags are optional. These instructions do not include adding tags. Choose Next: Review.

  7. Review the information. Ensure that the Programmatic access type is selected and that the correct policy is attached to the user. Choose Create user.

  8. The AWS Management Console will confirm that the user has been successfully created and will provide you with the Access key ID and Secret access key that you will need in order to install the AWS Replication Agent.

    You need the Access key ID and secret access key in order to install the AWS Replication Agent on your source servers. You can save this information as .csv file by choosing the Download .csv option.

    You can also access this information and re-generate your security credentials by navigating to IM > Users > Your user.

    Open the Security credentials tab and scroll down to Access keys. Here you can manage your access keys (create, delete, etc).

Installation instructions

Once you have generated the required AWS credentials, you can install the AWS Replication Agent on your source servers. There are separate installation instructions for Linux and for Windows. Each operating system has its own installer and various installation options and parameters.

Linux

  1. Download the agent installer with the wget command your Linux source server. This wget command will download the Agent installer file - aws-replication-installet-init.py onto your server.

    The Agent installer follows the following format: https://aws-elastic-disaster-recovery-<REGION>.s3.amazonaws.com/latest/linux/aws-replication-installer-init.py . Replace <region> with the AWS Region into which you are replicating.

    The following is an example of the full wget command for us-east-1:

    wget -O ./aws-replication-installer-init.py https://aws-elastic-disaster-recovery-us-east-1.s3.amazonaws.com/latest/linux/aws-replication-installer-init.py

    The command line will indicate when the installer has been successfully downloaded.

    Important

    You need root privileges to run the Agent installer file on a Linux server. Alternatively, you can run the Agent Installer file with sudo permissions.

    Important

    If you need to validate the installer hash, the correct hash can be found here: https://aws-elastic-disaster-recovery-hashes-{REGION}.s3.amazonaws.com/latest/linux/aws-replication-installer-init.py.sha512 (replace <region> with the AWS Region into which you are replicating. Ex. us-east-1:

    https://aws-elastic-disaster-recovery-hashes-us-east-1.s3.amazonaws.com/latest/linux/aws-replication-installer-init.py.sha512

    Note

    The Linux installer creates the "aws-replication" group and "aws-replication" user within that group. The Agent will run within the context of the newly created user. Agent installation will attempt to add the user to "sudoers". Installation will fail if the Agent is unable to add the newly created "aws-replication" user to "sudoers" .

  2. Once the Agent installer has successfully downloaded, copy and input the installer command into the command line on your source server in order to run the installation script.

    sudo python3 aws-replication-installer-init.py

    If you require additional customization, you can add a variety of parameters to the installation script in order to manipulate the way the Agent is installed on your server. Add the parameters to the end of the installation script.

    Available parameters include:

    • --no-prompt

      This parameter will run a silent installation.

    • --devices

      This parameter specifies which specific disks to replicate. This parameter does not function when your source servers are located on AWS.

    • --force-volumes

      This parameter must be used with the --no-prompt parameter. This parameter will cancel the automatic detection of physical disks to replicate. You will need to specify the exact disks to replicate using the --devices parameter (including the root disk, failure to specify the root disk will cause replication to fail). This parameter should only be used as a troubleshooting tool if the --devices parameter fails to identify the disks correctly. This parameter does not function when your source servers are located on AWS.

    • --tags

      Use this parameter to add resource tags to the Source server. Use a space to separate each tag (for example: --tags KEY=VALUE [KEY=VALUE ...])

    • --s3-endpoint

      Use this parameter to specify a VPC endpoint you created for S3 if you do not wish to open your firewall ports to access the default S3 endpoint. Learn more about installing the Agent on a blocked network.

    • --endpoint

      Use this parameter to specify the Private Link endpoint you created for Elastic Disaster Recovery if you do not wish to open your firewall ports to access the default Elastic Disaster Recovery endpoint. Learn more about installing the Agent on a blocked network.

    • --install-as-recovery-instance

      Use this parameter to add an existing AWS instance to Elastic Disaster Recovery as a Recovery instance. You may opt to add Recovery instances if you have added additional EC2 instances to AWS and now want to recover them into source servers. You will be asked to pair the newly added Recovery instance with a source server during AWS Replication Agent installation.

    The installer will confirm that the installation of the AWS Replication Agent has started.

  3. The installer will prompt you to enter your AWS Region Name, the AWS Access Key ID and AWS Secret Access Key that you previously generated. Enter the complete AWS Region name (for example: eu-central-1), the full AWS Access Key ID and the full AWS Secret Access Key.

    Note

    You can also enter these values as part of the installation script command parameters. If you do not enter these parameters as part of the installation script, you will be prompted to enter them one by one as described above. (for example: sudo python3 aws-replication-installer-init.py --region regionname --aws-access-key-id AKIAIOSFODNN7EXAMPLE --aws-secret-access-key wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY)

  4. Once you have entered your credentials, the installer will identify volumes for replication. The installer will display the identified disks and prompt you to choose the disks you want to replicate.

    To replicate some of the disks, type the path of the disks, separated by a comma, as illustrated in the installer (such as: /dev/sda, /dev/sdb, etc). To replicate all of the disks, press Enter. The installer will identify the selected disks and print their size.

    The installer will confirm that all disks were successfully identified.

    Note

    When identifying specific disks for replication, do not use apostrophes, brackets, or disk paths that do not exist. Type only existing disk paths. Each disk you selected for replication is displayed with the caption Disk to replicate identified. However, the displayed list of identified disks for replication may differ from the data you entered. This difference can due to several reasons:

    • The root disk of the source server is always replicated, whether you select it or not. Therefore, it always appears on the list of identified disks for replication.

    • Elastic Disaster Recovery replicates whole disks. Therefore, if you choose to replicate a partition, its entire disk will appear on the list and will later be replicated. If several partitions on the same disk are selected, then the disk encompassing all of them will appear only once on the list.

    • Incorrect disks may be chosen by accident. Ensure that the correct disks have been chosen.

    Important

    If disks are disconnected from a server, Elastic Disaster Recovery can no longer replicate them, so they are removed from the list of replicated disks. When they are re-connected, the AWS Replication Agent cannot know that these were the same disks that were disconnected and therefore does not add them automatically. To add the disks after they are reconnected, rerun the AWS Replication Agent installer on the server.

    Note that the returned disks will need be replicated from the beginning. Any disk size changes will be automatically identified, but this will also cause a resync. Perform a test after installing the Agent to ensure that the correct disks have been added.

  5. After all of the disks that will be replicated have been successfully identified, the installer will download and install the AWS Replication Agent on the source server.

  6. Once the AWS Replication Agent is installed, the server will be added to the Elastic Disaster Recovery Console and will undergo the initial sync process. The installer will provide you with the source server's ID.

    You can review this process in real time on the Source Servers page. Learn more about the initial sync process

Windows

  1. Download the Agent installer (AWSReplicationWindowsInstaller.exe). Copy or distribute the downloaded Agent installer to each Windows source server that you want to add to Elastic Disaster Recovery.

    The Agent installer follows the following format: https://aws-elastic-disaster-recovery-{REGION}.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe . Replace <region> with the AWS Region into which you are replicating.

    The following is an example of the installer link for us-east-1:

    https://aws-elastic-disaster-recovery-us-east-1.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe

    Important

    You need to run the Agent Installer file as an Administrator on each Windows server.

    Important

    If you need to validate the installer hash, the correct hash can be found here: https://aws-elastic-disaster-recovery-hashes-{REGION}.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe.sha512 (replace <region> with the AWS Region into which you are replicating. Ex. us-east-1:

    https://aws-elastic-disaster-recovery-hashes-us-east-1.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe.sha512

    Important

    We recommend using Windows PowerShell, which support ctrl+v pasting, and not Windows Command Prompt (cmd), which does not.

    The following table contains the installer download link by supported AWS Region:

    Region name Region identity Download Link
    US East (N. Virginia) us-east-1 https://aws-elastic-disaster-recovery-us-east-1.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe
    US East (Ohio) us-east-2 https://aws-elastic-disaster-recovery-us-east-2.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe
    US West (Oregon) us-west-2 https://aws-elastic-disaster-recovery-us-west-2.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe
    Asia Pacific (Tokyo) ap-northeast-1 https://aws-elastic-disaster-recovery-us-northeast-1.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe
    Asia Pacific (Singapore) ap-southeast-1 https://aws-elastic-disaster-recovery-us-southeast-1.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe
    Asia Pacific (Sydney) ap-southeast-2 https://aws-elastic-disaster-recovery-us-southeast-2.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe
    Europe (Frankfurt) eu-central-1 https://aws-elastic-disaster-recovery-eu-central-1.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe
    Europe (Ireland) eu-west-1 https://aws-elastic-disaster-recovery-eu-west-1.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe
    Europe (London) eu-west-2 https://aws-elastic-disaster-recovery-eu-west-2.s3.amazonaws.com/latest/windows/AwsReplicationWindowsInstaller.exe
  2. Run the agent installer file - AWSReplicationWindowsInstaller.exe - as an Administrator. The CMD will open.

    To run the installer with the default settings, enter your AWS Region Name, the AWS Access Key ID and the AWS Secret Access Key as described in the next step.

    If you require additional customization, you can add a variety of parameters to the installation script in order to manipulate the way the Agent is installed on your server. Add the parameters to the end of the installation script.

    Available parameters include:

    • --no-prompt

      This parameter will run a silent installation.

    • --devices

      This parameter specifies which specific disks to replicate. This parameter does not function when your source servers are located on AWS.

    • --force-volumes

      This parameter must be used with the --no-prompt parameter. This parameter will cancel the automatic detection of physical disks to replicate. You will need to specify the exact disks to replicate using the --devices parameter (including the root disk, failure to specify the root disk will cause replication to fail). This parameter should only be used as a troubleshooting tool if the --devices parameter fails to identify the disks correctly. This parameter does not function when your source servers are located on AWS.

    • --tags

      Use this parameter to add resource tags to the Source server. Use a space to separate each tag (for example: --tags KEY=VALUE [KEY=VALUE ...])

    • --s3-endpoint

      Use this parameter to specify a VPC endpoint you created for S3 if you do not wish to open your firewall ports to access the default S3 endpoint. Learn more about installing the Agent on a blocked network.

    • --endpoint

      Use this parameter to specify the Private Link endpoint you created for Elastic Disaster Recovery if you do not wish to open your firewall ports to access the default Elastic Disaster Recovery endpoint. Learn more about installing the Agent on a blocked network.

    • --install-as-recovery-instance

      Use this parameter to add an existing AWS instance to Elastic Disaster Recovery as a Recovery instance. You may opt to add Recovery instances if you have added additional EC2 instances to AWS and now want to recover them into source servers. You will be asked to pair the newly added Recovery instance with a source server during AWS Replication Agent installation.

    The installer will confirm that the installation of the AWS Replication Agent has started.

  3. The installer will prompt you to enter your AWS Region Name, the AWS Access Key ID and the AWS Secret Access Key that you previously generated. Enter the complete AWS Region name (for example: eu-central-1), and the full AWS Access Key ID and AWS Secret Access Key.

    Note

    You can also enter these values as part of the installation script command parameters. If you do not enter these parameters as part of the installation script, you will be prompted to enter them one by one as described above. (for example: AwsReplicationWindowsInstaller.exe --region regionname --aws-access-key-id AKIAIOSFODNN7EXAMPLE --aws-secret-access-key wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY)

  4. Once you have entered your credentials, the installer will verify that the source server has enough free disk space for Agent installation and identify volumes for replication. The installer will display the identified disks and prompt you to choose the disks you want to replicate.

    To replicate some of the disks, type the path of the disks, separated by a comma, as illustrated in the installer (for example: C:, D:, etc). To replicate all of the disks, press Enter. The installer will identify the selected disks and print their size.

    The installer will confirm that all of the disks were successfully identified.

    Note

    When identifying specific disks for replication, do not use apostrophes, brackets, or disk paths that do not exist. Type only existing disk paths. Each disk that you selected for replication is displayed with the caption Disk to replicate identified. However, the displayed list of identified disks for replication may differ from the data you entered. This difference can due to several reasons:

    • The root disk of the source server is always replicated, whether you select it or not. Therefore, it always appears on the list of identified disks for replication.

    • Elastic Disaster Recovery replicates whole disks. Therefore, if you choose to replicate a partition, its entire disk will appear on the list and will later be replicated. If several partitions on the same disk are selected, then the disk encompassing all of them will only appear once on the list.

    • Incorrect disks may be chosen by accident. Ensure that the correct disks have been chosen.

    Important

    If disks are disconnected from a server, Elastic Disaster Recovery can no longer replicate them, so they are removed from the list of replicated disks. When they are re-connected, the AWS Replication Agent cannot know that these were the same disks that were disconnected and therefore does not add them automatically. To add the disks after they are reconnected, rerun the AWS Replication Agent installer on the server.

    Note that the returned disks will need be replicated from the beginning. Any disk size changes will be automatically identified, but will also cause a resync. Perform a test after installing the Agent to ensure that the correct disks have been added.

  5. After all of the disks that will be replicated have been successfully identified, the installer will download and install the AWS Replication Agent on the source server.

  6. Once the AWS Replication Agent is installed, the server will be added to the Elastic Disaster Recovery Console and will undergo the initial sync process. The installer will provide you with the source server's ID.

    You can review this process in real time on the Source Servers page. Learn more about the initial sync process

Installing the Agent on a secured network

The Elastic Disaster Recovery AWS Replication Agent installer needs network access to Elastic Disaster Recovery and S3 endpoints. If your on premise network is not open to Elastic Disaster Recovery and S3 endpoints, then you can install the Agent with the aid of PrivateLink.

You can connect your on premise network to the subnet in your staging area VPC using AWS VPN or DirectConnect. To use the AWS VPN or DirectConnect, you must enable private IP in the Replication Settings

Create a VPC Endpoint for Elastic Disaster Recovery

To allow the AWS Replication Agent installer to communicate with Elastic Disaster Recovery, create an interface VPC endpoint for Elastic Disaster Recovery in your staging area subnet. For more information, see Creating an Interface Endpoint in the Amazon VPC User Guide.

Use the created VPC Endpoint for Elastic Disaster Recovery

Once you have created the VPC Endpoint, the AWS Replication Agent can connect to Elastic Disaster Recovery via VPN/DirectConnect by using the --endpoint installation parameter. Learn more about Private DNS for interface endpoints in the Amazon VPC User Guide.

Run the AWS Replication Agent installer with the --endpoint parameter. Enter your endpoint-specific DNS hostname within the parameter. The installer will then be able to connect to Elastic Disaster Recovery via the endpoint over your VPN/DirectConnect connection.

Create a S3 Endpoint for Elastic Disaster Recovery

To allow the AWS Replication Agent installer to communicate with S3, create an interface S3 endpoint for Elastic Disaster Recovery in your staging area subnet. For more information, see Endpoints for Amazon S3 in the Amazon VPC User Guide.

Use the created S3 Endpoint for Elastic Disaster Recovery

Once you have created the VPC Endpoint, the AWS Replication Agent can connect to S3 via VPN/DirectConnect by using the --s3-endpoint installation parameter. Learn more about Private DNS for interface endpoints in the Amazon VPC User Guide.

Run the AWS Replication Agent installer with the --s3-endpoint parameter. Enter your endpoint-specific DNS hostname. he installer will then be able to connect to Elastic Disaster Recovery via the endpoint over your VPN/DirectConnect connection.

Uninstalling the Agent

Uninstalling the AWS Replication Agent from a source server stops the replication of that server. Uninstalling the AWS Replication Agent will remove the source server from the Elastic Disaster Recovery Console.

Uninstalling the Agent through the Elastic Disaster Recovery Console

To uninstall the AWS Replication Agent though the Elastic Disaster Recovery Console.

Navigate to the Source Servers page.

Check the box to the left of each server that you want to disconnect from Elastic Disaster Recovery (by uninstalling the AWS Replication Agent). Open the Actions menu, and choose the Disconnect from AWS option to disconnect the selected server from Elastic Disaster Recovery and AWS.

On the Disconnect X server/s from service dialog, choose Disconnect.

The AWS Replication Agent will be uninstalled from all of the selected source servers.