How to migrate an Amazon Linux 2 AMI to OCI
Let’s say you have an Amazon Linux 2 AMI instance, which at this moment, it’s not officially supported by Oracle, and you want to migrate it to OCI, can I do that ? how do I do that?
The answer is, well, technically you can… Let’s check it out.
We need to do some preparations to get there, so, let’s start installing the tools that we will need. In my lab, I’m using a Linux VM running on OCI to install the tools and migrate the AMI AWS Linux. This tutorial also works for other Linux flavours such as Ubuntu/RedHat.
curl “https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o “awscliv2.zip”
unzip awscliv2.zipsudo ./aws/install
Now make sure you have created all IAM Policies for your S3 bucket to allows us to start the export migration process. I’m assuming you already have your AWS environment set in place, so, I’m not covering it here.
Now let’s configure our AWS CLi, do:
aws configure
So, complete the setup with your AWS User account:
[opc@ocimanagement ~]$ aws configure
AWS Access Key ID [None]: AKIA3******************A42
AWS Secret Access Key [None]: F6RRIXi***************SX1Y
Default region name [None]: eu-west-2
Default output format [None]: json
We also need the rclone tool, so, let’s install the rclone tool and configure it:
You can find it in: https://rclone.org/downloads/ in this lab, I’m using:
curl https://rclone.org/install.sh | sudo bash
So, once installed, go to:
vi .config/rclone/rclone.conf
and edit like this (changing the fields with your own credentials):
cat .config/rclone/rclone.conf
[aws]
type = s3
provider = AWS
env_auth = true
access_key_id = AKIA3T6*************
secret_access_key = F6RRI*****************h
region = eu-west-2
location_constraint = eu-west-2
acl = bucket-owner-full-control[oci]
type = s3
provider = Other
env_auth = True
access_key_id = 6246dd109*********************7
secret_access_key = 3LhprvX*********************v9T8=
region = uk-london-1
endpoint = https://ocicpaasmigration.compat.objectstorage.uk-london-1.oraclecloud.com
location_constraint = uk-london-1
acl = bucket-owner-full-control
! I’m not covering in this tutorial how to create users/groups and the buckets on AWS !
On OCI ->
Now you need to create a Customer Secret Key for that: https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/managingcredentials.htm#To4
So, when you create your Access Key, OCI generates an OTP (One Time Password) for it, so, make sure you don’t lose it, there’s not way to recover it.
Paste this password to the secret_access_key field onto rclone.conf file.
Copy and save it, in case you loose this password, you gonna recreate the Access Key entirely again
So, now copy you Access Key and paste onto rclone.conf file.
To make it work well on OCI, we must install some packages on the AMI AWS Linux VM:
yum install libvirt qemu-kvm virt-install virt-viewer
After the drivers installation, you must do:
- Rebuild the initramfs with the Virtio Drivers.
Make a Copy of the initramfs image prior to rebuild as the below command will over-write it.
dracut -v -f --add-drivers "virtio virtio_pci virtio_scsi virtio_ring" /boot/initramfs-$(uname -r).img $(uname -r)
- Verify Virtio Drivers are included on new initramfs for current kernel.
[[root@ip-172–31–44–75 /]# lsinitrd /boot/initramfs-$(uname -r).img | grep -i virtio
So, because the AWS and OCI use different Hypervisors and/also Hardware we need to do some preparation for the network configuration, this is very important, otherwise your VM will not start properly.
Delete/move this file in case it exist:
sudo rm /etc/netplan/50-cloud-init.yaml
Create a new file with this content: /etc/netplan/config.yaml
cat /etc/netplan/config.yaml
/etc/netplan/config.yaml
network:
version: 2
ethernets:
ens3:
dhcp4: true
Create this second file with this content: /etc/cloud/cloud.cfg.d/01_network.cfg
cat /etc/cloud/cloud.cfg.d/01_network.cfg
/etc/cloud/cloud.cfg.d/01_network.cfg
network:
version: 2
ethernets:
ens*:
dhcp4: true
Once you have done all this configuration, it’s time to start the VM Export job, so, let’s run the export command (make sure you have created your bucket on S3, in my lab is ocimigration):
aws ec2 create-instance-export-task --instance-id i-0a9c832bfc380343f --target-environment vmware --export-to-s3-task DiskImageFormat=vmdk,ContainerFormat=ova,S3Bucket=ocimigration
If your configuration at aws config file and your S3 Policies are correct, you should see this output:
{
“ExportTask”: {
“ExportTaskId”: “export-i-03bcd81f87d67b68a”,
“ExportToS3Task”: {
“ContainerFormat”: “ova”,
“DiskImageFormat”: “vmdk”,
“S3Bucket”: “ocimigration”,
“S3Key”: “export-i-03bcd81f87d67b68a.ova”
},
“InstanceExportDetails”: {
“InstanceId”: “i-0a9c832bfc380343f”,
“TargetEnvironment”: “vmware”
},
“State”: “active”
}
}
When the Job “State” change to “completed” from “active”, you are ready to Download the OVA file to your local CLi (your laptop or in a Linux VM on Cloud).
! Not covering in this topic how to configure OCI CLi !
Now import the file to OCI Object Storage:
To create to create a bucket you can follow this guide:
Oracle Cloud Infrastructure (OCI) : Create an Object Storage Bucket.
[opc@ocimanagement ~]$ oci os object put -bn bucket-image --file export-i-03bcd81f87d67b68a.ova
You gonna se this output:
Upload ID: bcdd8afb-691a-f0bc-10f2–6197023b3cfd
Split file into 7 parts for upload.
Uploading object [####################################] 100%
{
“etag”: “e1fb68ab-5bc7–41a1-b335-f0f1f5068f2d”,
“last-modified”: “Sat, 09 Jan 2021 21:22:14 GMT”,
“opc-multipart-md5”: “zfteVcUJVtAMGfj/2MiHcA==-7”
}
Yes, upload it as .ova file, on OCI it will be converted automatically behind scenes when you create a Custom Image.
Once it is uploaded, it’s time to create a Custom Image from the file on the Object Storage, go to:
The go to Import Image:
You will have to fill up some fields for the Custom Image:
- Name
- Operating System
- Bucket
- Select the Object Name (.ova file)
- Image type leave as VMDK
So, one you complete all the fields required, please go for Import Image.
Once the process is completed, time to create our AMI AWS Linux VM on OCI!
Complete the requirement for Compute Creation as you need:
- Name
- Compartment
- Shape
- VCN & Subnet Configuration
- New bundle of SSH Keys.
Once you have it all configured, click on Create Instance and wait for the VM come up & running.
So, that’s it guys :
Now we have our AMI AWS Linux 2 up & running on OCI, enjoy!
I didn’t cover in this tutorial how to install other OCI Management drivers, which can be found here:
Please note, according AWS Exporting instances and volumes is subject to the following limitations:
You must export your instances and volumes to one of the following image formats that your virtualization environment supports:
Open Virtual Appliance (OVA), which is compatible with VMware vSphere versions 4, 5, and 6.
Virtual Hard Disk (VHD), which is compatible with Citrix Xen and Microsoft Hyper-V virtualization products.
Stream-optimized ESX Virtual Machine Disk (VMDK), which is compatible with VMware ESX and VMware vSphere versions 4, 5, and 6.
You can’t export an instance if it contains third-party software provided by AWS. For example, VM Export cannot export Windows or SQL Server instances, or any instance created from an image in the AWS Marketplace.
You can’t export an instance with encrypted EBS snapshots in the block device mapping.
You can’t export an instance with instance store volumes in the block device mapping.
You can only export EBS volumes that are specified in the block device mapping, not EBS volumes attached after instance launch.
You can’t export an instance launched from an imported image if you deleted the AMI or the EBS snapshot for the AMI. To work around the issue, create an AMI from the instance and export the AMI.
You can’t export an instance that has more than one virtual disk.
You can’t export an instance that has more than one network interface.
You can’t export an instance from Amazon EC2 if you’ve shared it from another AWS account.
By default, you can’t have more than 5 conversion tasks per Region in progress at the same time. This limit is adjustable up to 20.
VMs with volumes larger than 1 TiB are not supported.
You can export a volume to either an unencrypted S3 bucket or to a bucket encrypted using SSE-S3. You cannot export to an S3 bucket encrypted using SSE-KMS.
REFERENCE: https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport.html
Enjoy Oracle Cloud Free Services!