VM deployment guide
- Product documentation
- Inseego 5G SD EDGE™
- VM deployment guide
Upload OVA to the AWS S3 bucket
1. Login to AWS console and go to S3 service. Select Buckets from the left panel, click Upload, and upload OVA to the S3 bucket.
2. Login to AWS console again (NOTE: You must use your credentials). Go to IAM service and select Users from the left panel, then click the Security credentials tab and create access keys.
NOTE: Make sure to keep your access keys in a secure location.
3. Install AWS CLI installation on your server using the following command:
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" sudo apt-get install unzip unzip awscliv2.zip sudo ./aws/install
4. Check the AWS CLI version using:
$ aws --version
5. Configure AWS CLI by running the command: aws configure and enter the AWS access credentials as inputs:
For example:
- Access key id - XXXXXXXXXXXXXXXXXXX
- Secret Access key - **************************
- Default region name - <your primary region>
- Default output format - leave blank (press enter)
6. Without root login, create trust-Policy.json, role-policy.json, Container.json.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "vmie.amazonaws.com"
},
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals": {
"sts:Externalid": "vmimport"
}
}
}
]
}{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::disk-image-file-bucket",
"arn:aws:s3:::disk-image-file-bucket/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject",
"s3:GetBucketAcl"
],
"Resource": [
"arn:aws:s3:::export-bucket",
"arn:aws:s3:::export-bucket/*"
]
},
{
"Effect": "Allow",
"Action": [
"ec2:ModifySnapshotAttribute",
"ec2:CopySnapshot",
"ec2:RegisterImage",
"ec2:Describe*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"kms:CreateGrant",
"kms:Decrypt",
"kms:DescribeKey",
"kms:Encrypt",
"kms:GenerateDataKey*",
"kms:ReEncrypt*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"license-manager:GetLicenseConfiguration",
"license-manager:UpdateLicenseSpecificationsForResource",
"license-manager:ListLicenseSpecificationsForResource"
],
"Resource": "*"
}
]
}[
{
"Description": "My server VM",
"Format": "ova",
"UserBucket": {
"S3Bucket": "importdemolongship",
"S3Key": "EM-2022.11.1.1.ova"
}
}
]7. Create a role.
Use the create-role command to create a role named vmimport and grant VM Import/Export access to it. Ensure that you specify the full path to the location of the trust- policy.json file that you created in the previous step, and that you include the file:// prefix as shown the following example:
On ubuntu cli:
aws iam create-role --role-name vmimport --assume-role-policy-document "file://trust-policy.json"
8. Copy the S3 bucket key in the container.json file from the S3 bucket:
- Login to AWS console.
- Go to S3 bucket and select your bucket.
- Copy the key and update the same in the container.json file
9. Create the AMI of the existing OVA file using the command:
aws ec2 import-image --description "My server VM" --disk-containers "file://containers.json
10. Check the status of the snapshot using the command:
aws ec2 describe-import-image-tasks --import-task-ids import-ami-<ami-id>
<ImportTaskId>: Find from the previous command output.
11. Check that the AMI has been created in the AWS console:
- Login to the AWS console.
- Go to EC2 service and click AMI. NOTE: Make sure your region is correctly selected from top right menu.
- You should see that the New AMI has been created using the OVA.