Chapter 1. Installing Red Hat CloudForms

Installing Red Hat CloudForms consists of the following steps:

  1. Downloading the appliance for your environment as a virtual machine image template.
  2. Setting up a virtual machine based on the appliance.
  3. Configuring the CloudForms appliance.

After you have completed all the procedures in this guide, you will have a working environment on which additional customizations and configurations can be performed.

1.1. Obtaining the Appliance

  1. Go to access.redhat.com and log in to the Red Hat Customer Portal using your customer account details.
  2. Click Downloads in the menu bar.
  3. Click A-Z to sort the product downloads alphabetically.
  4. Click Red Hat CloudForms to access the product download page.
  5. From the list of installers and images, click the Download Now link for CFME EC2 Virtual Appliance.

1.2. Requirements

Below are the two sets of requirements for installing Red Hat CloudForms on Amazon EC2.

1.2.1. CloudForms Requirements

  • 44 GB of space on the chosen datastore.
  • 12 GB RAM.
  • 4 vCPUs.

1.2.2. Amazon EC2 Requirements

  • An Amazon S3 bucket to store disk images.
  • A VM import service role (IAM role) named vmimport.

For information on creating an Amazon S3 bucket and a VM Import Service Role, see the Amazon EC2 documentation.

1.3. Uploading the Appliance to an Amazon S3 Bucket

From your local file system, you can now upload the CloudForms appliance VHD image obtained in Section 1.1, “Obtaining the Appliance” to the Amazon S3 bucket, using your choice of tool.

1.4. Configuring Amazon EC2 to Import the Appliance

Important

These are the procedural steps as of the time of writing. For the latest information on importing a virtual machine as an image, see the Amazon EC2 documentation.

  1. Install the AWS client on the computer you want to interact with the AWS API from.

    $ pip install awscli
  2. Configure and download your AWS secret/access key by following the steps in the Managing Access Keys for Your AWS Account documentation.
  3. Configure the AWS client with your access/secret key. For example:

    $ aws configure
    AWS Access Key ID [******]: ACCESS_KEY
    AWS Secret Access Key [******]: SECRET_KEY
    Default region name [None]:
    Default output format [None]:
  4. Create the trust-policy.json file for the vmimport role. For example:

    {
       "Version": "2012-10-17",
       "Statement": [
          {
             "Effect": "Allow",
             "Principal": { "Service": "vmie.amazonaws.com" },
             "Action": "sts:AssumeRole",
             "Condition": {
                "StringEquals":{
                   "sts:Externalid": "vmimport"
                }
             }
          }
       ]
    }
  5. Create the vmimport role using the trust-policy.json file that you just created.

    $ aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
    Note

    This user must have permissions to create and modify IAM roles.

  6. Create the role-policy.json file. Be sure to use the exact image name that you uploaded to the S3 bucket. For example:

    {
       "Version": "2012-10-17",
       "Statement": [
          {
             "Effect": "Allow",
             "Action": [
                "s3:ListBucket",
                "s3:GetBucketLocation",
                "s3:FullAccess"
             ],
             "Resource": [
                "arn:aws:s3:::NAME_OF_IMAGE_IN_S3_BUCKET"
             ]
          },
          {
             "Effect": "Allow",
             "Action": [
                "s3:GetObject"
             ],
             "Resource": [
                "arn:aws:s3:::NAME_OF_IMAGE_IN_S3_BUCKET/*"
             ]
          },
          {
             "Effect": "Allow",
             "Action":[
                "ec2:ModifySnapshotAttribute",
                "ec2:CopySnapshot",
                "ec2:RegisterImage",
                "ec2:Describe*",
                "ec2:FullAccess"
             ],
             "Resource": "*"
          }
       ]
    }
  7. Apply the vmimport role to the CloudForms appliance image you uploaded to the S3 bucket.

    $ aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json

1.5. Importing the Appliance to Amazon Elastic Compute Cloud (Amazon EC2)

To import the appliance:

  1. Create a containers.json file:

    [
      {
      "Description": "NAME OF INSTANCE",
      "Format": "vhd",
      "UserBucket": {
            "S3Bucket": "BUCKET WITH UPLOADED .VHD IMAGE",
            "S3Key": "NAME OF .VHD IMAGE"
          }
      }
    ]
  2. Use AWS-CLI tools to import the image. Run the following command:

    $ aws ec2 import-image --disk-containers file://containers.json --region BUCKET_REGION
  3. Check the progress of your imported image by running the following command:

     $ aws ec2 describe-import-image-tasks --region BUCKET_REGION --import-task-ids import-ami-AMI_ID_GOT_FROM_RESPONSE