AWS is the Amazon public cloud, offering a full range of services and features across the globe in various datacenters. AWS provides businesses with a flexible, highly scalable, and low-cost way to deliver a variety of services using open standard technologies as well as proprietary solutions. This section of documentation will help you get Morpheus and AWS connected to utilize the features below:
- Virtual Machine Provisioning
- Backups / Snapshots
- Resources Groups
- Auto Scaling
- Load Balancing
- AWS Marketplace Search and Provisioning
- Remote Console
- Periodic Synchronization
- Lifecycle Management and Resize
- Restore from Snapshots
- IAM Pofiles
- Network Sync
- Security Group Sync
- Pricing Sync
- Assign Elastic IP's
- Network Pools
Morpheus can provide a single pane of glass and self-service portal for managing instances scattered across both AWS and private cloud offerings like VMWare/Hyper-V.
To get started a few prerequisites must first be met. Firstly, an AWS subscription is required and can be created by going to https://aws.amazon.com/.
Once a subscription has been created we can now login to the management portal: https://console.aws.amazon.com/. After logging in the basics of AWS must be setup to support connectivity between the Morpheus Appliance and AWS.
On the EC2 Dashboard make note of the AWS region as this will be need to configure communication between Morpheus and AWS.
After logging in to the AWS console navigate to the EC2 service to start the configuration of security groups. From an AWS and Morpheus perspective it is important to allow traffic inbound to the AWS EC2/VPC for the purposes of provisioning vms, containers, and applications. Traffic must also be allowed outbound from AWS to Morpheus for the purposes of console access, logging, and monitoring. For the purposes of this documentation we will allow all traffic inbound/outbound.
Note: Please refer to the Morpheus Network Connectivity and Security Considerations section of the documentation for detailed ports.
Navigate to the “Network & Security” section of the EC2 dashboard and select “Security Groups”. The inbound communication source will need to be modified from the defaults to allow any source 0/0.0.0.0. Click edit in the inbound rules section and modify as shown in Figure 4: and click save.
To gain access to AWS from Morpheus the Identity and Access Management (IAM) settings need to be configured to provide an access key/secret key combination. From the services dashboard shown in Figure 1: navigate to the IAM dashboard to create access keys.
Expand the “Delete your root access keys” section and click on “Manage Security Credentials”. After completing this task another pop-up box will be prompted for continuing to security credentials just select that and move on.
Now we should be able to create an access key/secret key combination that will be used to establish the communication pathway between Morpheus and AWS.
Click on the “Create New Access Key” for automated generation of the keys. After completion the keys can be reviewed and downloaded. See Figure 8:
The basic AWS setup is now complete and the defaults for the Virtual Private Cloud will suffice for the purposes of setting up the basics of AWS and Morpheus.
Note: VPC’s can be highly customized for use with particular network setups and configurations. It is also possible to get very granular with IAM access which may be necessary for large scale deployments of AWS.
To finally add the AWS integration into Morpheus navigate to Infrastructure → Clouds and add an AWS cloud. Fill in the form with the AWS Region, Access Key, and Secret Key. Select “Next” to continue.
Groups are used to organize clouds, roles, and hosts. Create a new group or select from and existing group to land the newly created AWS cloud. Select “Next” to continue.
After clicking “Complete” the AWS cloud will be created and Morpheus should now be connected to AWS.