Deploying AWS Management Portal for vCenter

AWS_VMwareMany customers find that migrating their workload to the cloud is still a show stopper; this is, in part, due to the complexity of the overall migration journey.  Over the years, many products have been developed to assist customers in making the migration journey to the Cloud less painful.

Introduction

In today’s post, I will show you how to deploy the AWS Management Portal for vCenter to enable the enterprise to move its workload from on-premises, and over to the AWS Amazon Cloud. This blog you are reading today will set the stage for my next blog explaining how to use the Veeam backup Agent to run a backup on an EC2 from AWS Amazon Cloud, and then easily restore back to the AWS.

There are many articles of all types written on the AWS website around the AWS Management Portal for vCenter. Unfortunately, even with all this information, the deployment is still a challenging task to carry out successfully. The challenge comes from the requirement to coordinate the several important parts of the solution that must move together and in the right order. Our user manual usually remains in the drawer until we have tried and failed a few times. I can share my experience with you to help you speed up your deployment.

As this is a deployment blog, and before you start your deployment, I suggest taking a look at the articles written about the AWS Management portal on the AWS Amazon website. The steps below are a summary of what you will find there.

Let’s begin

First, you must download the AWS Management Portal appliance. You can find it here: https://aws.amazon.com/ec2/vcenter-portal/

After the  appliance has been downloaded, you have to deploy the OVF template to your vCentre. While the deployment running, it is time to start preparing the AWS, by creating the AIM account that we will be using during the configuration of the AWS Management Portal.

AWS AIM adds a new Account

Log in to your AWS account, and then select AIM. Under User, select Add user.

adduser1.PNG

The next step is to assign AWSConnector and VMImportExportRoleForAWSConnector permission.

adduser2

Review and create the User

adduser3.PNG

Important: Ensure that you save the Account Key ID and Secret access Key somewhere safe. You will need them later on in this procedure.

adduser16.PNG

Configure the AWS Management Console Trust Relationship

Browse to the following URL and start the guided configuration:

https://amp.aws.amazon.com/VCPlugin.html#setup :

adduser4.PNG

Review your configuration

Click on Review Your Configuration, then click the Download Configuration button to download the config file.  You will need this configuration file later on in the procedure.

adduser5.PNG

Create the AMP-Connector Key

adduser6.PNG

Important: Under Administrators, add all the users you will use to login to your local virtual centre. Remember, these are case sensitive.

adduser7.PNG

Prepare the local virtual centre

Log in to the virtual centre web interface and then create an account without any permissions.

adduser8.PNG

Configure the local appliance

After deploying, (importing the OVF), start and browse to the appliance web GUI using https: to start the configuration.

adduser9.PNG

Provide the required access credentials using an admin account; not the account you created in the previous step, and then accept the vCenter SSL Certificate.  Next, create a password for the AWS Connector.

If , after you have run the steps above, you receive the error shown in the illustration below, you must enable the NTP on the ESX host; otherwise, your Migration to the EC2 process will fail.

adduser10.PNG

You have an option: To enable the NTP from the vCentre client, you must browse to the host configuration; this is where the AWS Management Portal deployed. Time Configuration, Properties, Option, NTP Setting and add pool.ntp.org:

adduser11.PNG

Select the setup type. As you already saved the configuration file, I suggest clicking on the radio button for Upload the configuration file. Press next.

adduser12.PNG

Enter the service account you created earlier; awsaccount user. Click Next.

adduser13

Provide the AWS credentials. Note that the Access Key ID and the Secret Access Key are the credentials for the AWS AIM user we created on the first step at the beginning of this blog:

adduser14.PNG

If the Trust Role ARN account information is missing; perhaps caused by several attempts to re-deploy before you came across this blog, you can recover this information from the AWS Management Portal.

adduser15.PNG

After running the steps above, click Register to complete the configuration.

adduser17.PNG

Check the Connector Management Console page and ensure that all the Health status lines are ticked green.

adduser18.PNG

Login to the vCentre client and configure the AWS Portal

To start the migration to EC2 using the AWS portal, you must assign permissions to the newly created role and then Create an AWS Portal Environment. This is done by following the simple steps below:

Logged into the vCentre client; browse to vCentre > Home > Roles > AWS Connector > Edit Role > and Assign Create and Remove snapshot to the Role (these permissions are under Virtual Machine – Snapshot Management):

adduser19.PNG

Now, browse to Home > AWS Managment Portal > Dashboard; then select your region. At Basic Tasks, click the blue link for Create an Environment.

adduser20.PNG

Provide the necessary information applicable to your AWS Migration configuration such as the Name of the Environment, the Region you wish to migrate to, and the PVC Network and the subnet:

adduser21.PNG

Migrate

On completing the steps above, you are ready to start to Migrate any VM from your local data centre to AWS. Right click on the desired VM, and then select Migrate to EC2.

adduser22.PNG

Conclusion

As you have just seen, the deployment of the AWS Portal for vCenter is a little involved. I hope, with showing you the procedure I use, that I have been able to make your experience more pleasant.

We all need a fast to market deployment; at the end of the day, you need to migrate the VM, not spend a week trying and failing. I will use this blog as the basis for my next blog on Veeam EC2 BMR.

As with all my other blog entries, I hope you find this post informative; and if so, please help reach more readers by sharing.

Thank you…

2 thoughts on “Deploying AWS Management Portal for vCenter

  1. When I try to configure AWS Management POrtal on Vsphere Web Client it shows the error

    Error
    ———————
    No es posible desplazarse hasta la ubicación deseada.
    Detalles del error: se produjo un error al activar la extensión com.amazon.aws.amp.webclient.plugin.ui.mainView.
    Invalid domain view id: com.amazon.aws.amp.webclient.plugin.ui.mainView

    I can´t do or select anything

Leave a Reply