It can be very challenging for a traditional VMware vSphere administrator to get up to speed with the ever-changing realm of public cloud services – especially Amazon Web Services (AWS). By its very nature, AWS requires a different mindset over traditional IT architecture design and operation. The lack of time required to truly master the new skills required to succeed with an AWS deployment is the most common blocker. Thankfully, Amazon has realized this constraint and is attempting to help speed adoption of AWS as an available resource through the use of its AWS Management Portal for vCenter.
What is it?
The AWS Management Portal for vCenter is deployed as a plug-in that allows administrators to easily create and manage AWS resources from within an existing vCenter environment.
In order to get started with the AWS Management Portal, all you need is an administrative vCenter user and AWS credentials. The AWS credentials are “owned” by the plug-in itself and are shared amongst all users of the plug-in. A vSphere administrator can delegate access and usage permissions to the plug-in as with any other plug-in native to vSphere. The plug-in gets installed into vCenter through the deployment of a standard virtual appliance (for example, this is similar to how VMware vRealize Operations Manager works…)
Once installed, the AWS Management Portal will appear as an icon within the vSphere Client (figure 1).
Figure 1: The AWS Management Portal plug-in within the vSphere Client
The plug-in allows vSphere administrators to quickly and easily provision AWS EC2 instances in any of the available AWS geographical regions across the world (figure 2). The plug-in also allows administrators to create and manage AWS VPCs, their corresponding subnets, and security groups (firewalls). Management of these pieces is done through the use “environments”. An environment is nothing more than a grouping of a VPC, subnets to use, and a tag that gets applied to the corresponding AWS resources created within.
Figure 2: The AWS Management Portal for vCenter allows for provisioning into all of the AWS geographical regions.
Before virtual machines can be created with the plug-in, administrators must create define standard templates. Templates specify the information that EC2 requires when creating an instance. Template parameters include an AMI ID, instance type, key pair, subnet, volumes, and security group(s). The plug-in does a great job of walking users through configuration in a step-by-step fashion. Once templates have been created, they will appear within the navigation pane of the plug-ins interface (figure 3).
Figure 3: The plug-in interface showing a “Dev/Test” environment definition, along with some instance templates.
This diagram (figure 4) does a great job of summarizing the hierarchy of the configuration components involved:
Figure 4: Hierarchy of configuration components required to use the AWS Management Portal for vCenter plug-in.
What does it do?
The AWS Management Portal for vCenter is very useful for IT organizations of any size. By allowing administrators to easily provision EC2 instances on demand from within the familiar vSphere Client environment, the core benefits of AWS can be realized.
Use cases range from capacity expansion during times of peak resource demand to rapid test-case prototyping. These use cases are especially helpful when physical resources within vSphere are scarce or are struggling to keep up with current workloads.
Another major use case for the AWS Management Portal plug-in is to facilitate resource migration to AWS. If a virtual machine meets the list of prerequisites (found here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/VMImportPrerequisites.html) it can be migrated to EC2 automatically. This is an especially useful feature for lift and shift migration strategies. Once a conversion task is complete, the imported instance is available within the standard AWS EC2 management console. Keep in mind that these migrations are “cold” migrations (not a “hot” operation like a typical vMotion). Conversion operations can be queued, and logs can be uploaded to AWS for troubleshooting purposes.
The plug-in now has a self-update feature, and can be configured to either prompt administrators when an upgrade is available or automatically upgrade itself. This allows users to quickly take advantage of future feature enhancements to the plug-in.
Where do I go from here?
The AWS Management Portal for vCenter is not designed to be an “end all, be all” solution to using the many services offered by AWS. It was designed (and is intended to be used) as a gateway to allow administrators that are new to AWS to get up and running quickly. The portal only exposes the tip of the iceberg of the services that AWS has to offer. Do not be afraid to dig deeper once familiarity with AWS starts to grow.