Arctera Application Mobility Service Help

Last Published:
Product(s): InfoScale & Storage Foundation (8.0.2, 7.4.2, 7.4.1, 1.0)
Platform: Linux

Configuring the gateway node for Amazon cloud service on an EC2 instance

You can configure the gateway node for AWS virtual private cloud by using an EC2 instance. To configure the gateway node for AWS on an EC2 instance, complete the following steps:

  1. Assign the necessary permissions to gateway EC2:

    • Navigate to Services > IAM > Policies > Create policy > Select JSON option

    • Copy the following content:

      {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ec2:DescribeImages",
                "ec2:DescribeAvailabilityZones",
                "ec2:DescribeTags",
                "ec2:DescribeKeyPairs",
                "ec2:DescribeInstanceTypeOfferings",
                "ec2:RunInstances",
                "ec2:StartInstances",
                "ec2:StopInstances",
                "ec2:TerminateInstances",
                "ec2:RebootInstances",
                "ec2:MonitorInstances",
                "ec2:ModifyInstanceAttribute",
                "ec2:DescribeInstanceStatus",
                "ec2:DescribeInstances",
                "ec2:CreateTags",
                "ec2:AuthorizeSecurityGroupEgress",
                "ec2:AuthorizeSecurityGroupIngress",
                "ec2:CreateSecurityGroup",
                "ec2:DeleteSecurityGroup",
                "ec2:DescribeSecurityGroupRules",
                "ec2:DescribeSecurityGroups",
                "ec2:ModifySecurityGroupRules",
                "ec2:RevokeSecurityGroupEgress",
                "ec2:RevokeSecurityGroupIngress",
                "ec2:UpdateSecurityGroupRuleDescriptionsEgress",
                "ec2:UpdateSecurityGroupRuleDescriptionsIngress",
                "ec2:AttachVolume",
                "ec2:CreateVolume",
                "ec2:DeleteVolume",
                "ec2:DescribeVolumeAttribute",
                "ec2:DescribeVolumes",
                "ec2:DescribeVolumesModifications",
                "ec2:DescribeVolumeStatus",
                "ec2:DetachVolume",
                "ec2:ModifyVolume",
                "ec2:ModifyVolumeAttribute",
                "ec2:AssignPrivateIpAddresses",
                "ec2:AttachNetworkInterface",
                "ec2:CreateNetworkInterface",
                "ec2:CreateNetworkInterfacePermission",
                "ec2:DeleteNetworkInterface",
                "ec2:DeleteNetworkInterfacePermission",
                "ec2:DescribeNetworkInterfaceAttribute",
                "ec2:DescribeNetworkInterfacePermissions",
                "ec2:DescribeNetworkInterfaces",
                "ec2:DetachNetworkInterface",
                "ec2:ModifyNetworkInterfaceAttribute",
                "ec2:ResetNetworkInterfaceAttribute",
                "ec2:UnassignPrivateIpAddresses",
                "ec2:AssociateSubnetCidrBlock",
                "ec2:CreateDefaultSubnet",
                "ec2:CreateSubnet",
                "ec2:CreateSubnetCidrReservation",
                "ec2:DeleteSubnet",
                "ec2:DeleteSubnetCidrReservation",
                "ec2:DescribeSubnets",
                "ec2:DisassociateSubnetCidrBlock",
                "ec2:GetSubnetCidrReservations",
                "ec2:ModifySubnetAttribute",
                "ec2:DescribeVpcAttribute",
                "ec2:DescribeVpcs",
                "ec2:DescribeAccountAttributes",
                "elasticloadbalancing:AddTags",
                "elasticloadbalancing:CreateListener",
                "elasticloadbalancing:CreateLoadBalancer",
                "elasticloadbalancing:CreateRule",
                "elasticloadbalancing:CreateTargetGroup",
                "elasticloadbalancing:DeleteListener",
                "elasticloadbalancing:DeleteLoadBalancer",
                "elasticloadbalancing:DeleteRule",
                "elasticloadbalancing:DeleteTargetGroup",
                "elasticloadbalancing:DeregisterTargets",
                "elasticloadbalancing:DescribeListeners",
                "elasticloadbalancing:DescribeLoadBalancerAttributes",
                "elasticloadbalancing:DescribeLoadBalancers",
                "elasticloadbalancing:DescribeRules",
                "elasticloadbalancing:DescribeTags",
                "elasticloadbalancing:DescribeTargetGroupAttributes",
                "elasticloadbalancing:DescribeTargetGroups",
                "elasticloadbalancing:DescribeTargetHealth",
                "elasticloadbalancing:ModifyListener",
                "elasticloadbalancing:ModifyLoadBalancerAttributes",
                "elasticloadbalancing:ModifyRule",
                "elasticloadbalancing:ModifyTargetGroup",
                "elasticloadbalancing:ModifyTargetGroupAttributes",
                "elasticloadbalancing:RegisterTargets",
                "elasticloadbalancing:RemoveListenerCertificates",
                "elasticloadbalancing:RemoveTags",
                "elasticloadbalancing:SetIpAddressType",
                "elasticloadbalancing:SetRulePriorities",
                "elasticloadbalancing:SetSecurityGroups",
                "elasticloadbalancing:SetSubnets",
                "ssm:getParameter"
            ],
            "Resource": "*"
        }
    ]
}

    • Select Next > Assign <policy_name> > Create.

    • Do one of the following:

      To update a role - Services > IAM > Roles > Select the role > Assign policy > Attach policy > Select a policy, <policy_name> > Add permissions.

      To assign a new role - Services -> IAM -> Roles -> Create role -> AWS service -> Use case: EC2 -> Next -> Add permissions -> Search and select the policy, <policy_name> -> Next -> Assign <role_name> and description -> Create role.

    • Attach this role to the EC2 instance -Services > EC2 > Select the instance > Actions > Security > Modify IAM > Search and select <role_name> > Update IAM role.

  2. Download the latest gateway node installer or RPM from the 'download' icon located at the upper right corner of the Application Mobility portal.
  3. Log on to the gateway node and copy the downloaded VRTSgateway RPM to the gateway node.
  4. Run the following command from the directory where you copied the .rpm file to install the YAML for setting up the gateway node.

    yum localinstall <VRTSgateway rpm file>

    Note:

    To update an existing gateway after downloading the new version, use the command yum upgrade <package name>.

  5. Ensure that you enable outbound network traffic for port numbers 443 and 80 of all hosts.
  6. To update the list of hosts,

    • Do a DNS lookup for the FQDN api-prod.isp.netinsights.veritas.com.

    • Use any one of the IP addresses, and update the /etc/hosts file as follows:

      <IP addr> api-prod.isp.netinsights.veritas.com

  7. Run the following commands as a root user or a sudo user to register the node with the Application Mobility portal.

    • /opt/VRTSgateway/bin/gateway -register

      Enter the Arctera Application Mobility credentials and name of the datacenter when prompted. You can choose the default value of the datacenter.

    • systemctl start gatewayd: To start the gateway node.

    • systemctl enable gatewayd: To ensure that the service starts in case of a gateway node reboot.

After a successful configuration of both the gateway nodes, the datacenters are connected to the Application Mobility Service portal. Automated discovery of datacenters can be executed. Applications in the datacenter can then be discovered and migration plans for the applications can be configured and executed.