You can use the restore process to convert VMs/instances to Amazon EC2 instances.
Prerequisites
-
Set the source VM to Dynamic Host Configuration Protocol (DHCP).
-
The AWS IAM identity (user, role) that you use for the restore must have the amazon_restricted_role_permissions.json role applied, with permissions to perform restores.
For more information, see the following pages:
-
If a passkey is configured for restores, you must have the passkey.
Start the Restore Wizard
-
From the Command Center navigation pane, go to Protect > Virtualization.
The Overview page appears.
-
On the VM groups tab, in the row for the VM group that contains the VMs/instances that you want to restore, click the action button , and then click Restore.
The Select restore type page appears.
-
Click Full instance.
The Full instance page appears.
-
Select the check boxes for the VMs/instances to restore.
To select all the VMs/instances, select the check box above the list of VMs/instances.
-
To select a specific source copy and/or MediaAgent for the restore, in the upper-right area of the page, click Change source.
By default, the software automatically selects the MediaAgent and source copy as follows:
-
MediaAgent: The software uses the MediaAgent that performed the backup.
-
Source copy: By default, the software searches for the requested data in the primary copy. If the data is not found in the primary copy, the software selects a secondary or auxiliary copy.
Potential for egress charges
Restoring from a copy that is outside the destination Region incurs egress charges. For more information, see Data Transfer on the Amazon EC2 On-Demand Pricing page in the AWS documentation.
For more information, see MediaAgent and Copy Precedence Considerations for Virtualization Restores.
-
Specify the Restore Destination
-
For Type, select Out of place.
-
For Restore as, leave Amazon Web Services selected.
-
For Destination, select the AWS account to restore the VMs/instances to.
-
For Access node, leave Automatic (the default value) selected, or select an access node or an access node group.
-
For the best results, use the Automatic option because it does the following:
-
Selects the most appropriate access nodes.
Potential for egress charges
The Commvault software assigns the EC2 instances to access nodes as follows:
1. To access nodes in same AZ.
2. If no access nodes in same AZ are available, to access nodes in same Region.
3. If no access nodes in the same Region are available, to any available access node (which incurs egress charges).
-
Provides resiliency against access node failure (that is, if an access node fails during a restore, the software restarts the restore on other, available access nodes).
-
For a restore of multiple VMs/instances, distributes the workload across the access nodes that are assigned for the destination AWS account.
-
-
If you select a specific access node or access node group, consider the following:
-
If you select an access node that is outside of AWS, the software uploads volume information to Amazon S3 and uses the volumes to create the EC2 instance.
-
If you select an access node group, the software distributes the workload across the access nodes that are available in the access node group.
-
Important
-
When you restore an EC2 instance from an Amazon S3 library in one AWS Region to another Region, consider Amazon Virtual Private Cloud (VPC) egress costs. For more information, see Data Transfer on the Amazon EC2 On-Demand Pricing page in the AWS documentation.
-
For certain Linux versions, Commvault supports automatically injecting the drivers if a Linux access node is used. See, Automatically Inject Xen and Nitro Drivers for Linux Guest VMs.
-
For AWS to AWS conversion, if you assigned an access node at the hypervisor and VM group levels, both the access nodes are used. For AWS conversions, if you assigned an access node at the hypervisor level and the VM group level for both the source and the destination hypervisors, the access nodes assigned for the destination hypervisor are used.
-
-
Click Next.
The Virtual Machines page appears.
Configure Restore Options for the VMs/Instances and EBS Volumes (If Any)
-
To configure the restore options for one or more VMs/instances, select them, and then click Configure restore options.
The Configure restore options dialog box appears.
-
For the names of the restored EC2 instances, specify the following:
-
For a single VM/instance, in VM display name, enter a name for the restored EC2 instance.
-
For multiple VMs/instances, you can add a prefix and/or a suffix to the names of the source VMs/instances. For example, you can add a suffix of "-restored".
The Commvault software sets the AWS Resource Tag 'Name' to the value that you enter in VM display name. For information about which characters are supported for AWS Resource tags, see Tagging your AWS resources in the AWS documentation.
-
-
For Availability zone, select the AZ to restore the VMs/instances to.
-
For Instance type, select the EC2 instance type for the restored VMs/instances.
The Automatic option attempts to restore the instances as the same EC2 instance type as the source.
-
For Key pair, enter the Amazon EC2 key pair to access the restored EC2 instances.
-
For Network settings, if you are restoring multiple VMs or instances, specify whether to use the source network configuration or a different configuration:
-
To re-create the source network (VPC, Subnets, Security Groups, elastic network interfaces, ENIs) as part of the restore, move the Restore source network configuration toggle key to the right.
-
To restore to an existing VPC in the destination AWS account, do the following:
-
If you are installing to a new AWS account or Region and you want the Commvault software to create your Amazon Virtual Private Cloud (VPC) and related resources as part of the restore of the EC2 instance, move the Restore source network configuration toggle key to the left.
-
For Network, to select an VPC network, subnet, and ENI, do the following:
-
Click the browse button.
The Select network settings dialog box appears.
-
Select an existing ENI or create a new ENI.
When you create a new ENI, you can specify an IP address.
-
Click Save.
-
-
To specify a custom IPv4 primary IP address for Network Interface 1 (Primary Interface) for the restored EC2 instances, in Private IP address, enter the IPv4 address.
Important
If you enter an IP address that is not within the available range or that is already in use, the restore fails.
-
For Security groups, do one of the following:
-
To have the Commvault software attempt to assign the same security group from the source VMs or instances to the restored EC2 instances, select Auto-assign.
-
To select a security group from the AWS account that you're restoring the intances to, select Custom, and then select the security group.
-
-
-
-
For Volume options, modify the settings for EBS volumes as follows:
-
You can select one or more volumes to modify.
If you select multiple volumes, and the volumes have different values for either Volume type or KMS key, then Leave value unchanged is displayed for that setting. Consider the following points:
-
Leave value unchanged indicates that the restored volumes will have the same value as the source volumes.
-
You can select a different value, and the value that you select applies to all the volumes that you are modifying.
-
-
For backups from Commvault Platform Release 2024 (11.34) and previous releases, in Volume type and KMS key, Original is displayed. Original indicates that the volumes will be restored with the same volume type and KMS key as the source volumes.
-
For Volume type, the options are limited to only those that are supported for the volume size.
Volume types that are not supported for the volume size are visible, but not available to select.
To see why a volume type is not available/not supported, hover over the volume type to view the minimum and maximum supported volume sizes for the volume type.
The default value for Volume type is based on volume size. If the volume size is less than 16 TB, then the default value is gp3. If the volume size is greater than 16 TB, then the default value is io2.
-
If IOPS applies, given the volume type, then you can modify the value.
After you click Save, the Commvault software validates the value you enter. If the value is not in the supported range for the EBS volume type, the software displays the minimum and maximum supported values. Enter a value that is in the supported range, and then click Save.
The default value for IOPS is 3000.
-
If Throughput applies, given the volume type, then you can modify the value.
If you modify the value, as you are typing, the Commvault software validates the value you enter and briefly displays the minimum, maximum, and baseline values. If you enter a value that is not in the supported range for the EBS volume type, after you click Save, the Commvault software displays the minimum and maximum supported values, and you cannot click Save until you enter a value that is in the supported range.
After you click Save, the Commvault software validates the value you enter. If the value is not in the supported range, the software briefly displays the minimum, maximum, and baseline supported values. Enter a value that is in the supported range, and then click Save.
Note
Some Amazon EBS volumes require a specific IOPS and throughput ratio. Verify both that your IOPS and throughput values are within the supported ranges for those values and that the ratio between your values is supported.
The default value for Throughput is based on the volume type. For io2, the default value is Not Applicable because throughput does not apply to io2. For all other volume types, the default value is 125.
-
For KMS key, select an encryption key or option:
Important
-
Commvault recommends that you enable default encryption of EBS volumes in each AWS account that creates EBS volumes. For information, see Enable encryption by default in the AWS documentation.
-
The following key types are supported:
-
AWS managed keys
-
AWS owned keys
-
Customer managed keys, including multi-region keys
-
-
Auto (default value): This option is available for restores to a different AWS Region.
The Auto option looks up the default KMS key for EBS encryption using the ec2:GetEbsEncryptionByDefault action (if permitted by the identity that is performing the restore).
-
No encryption: This option is not recommended. The AWS Well-Architected Framework (SEC08-BP02) recommends enforcing encryption at rest for sensitive data.
-
-
-
For Tags, you can add, modify, and delete AWS resource tags.
If the backed up VM has tags, then those tags are displayed (excluding the Name tag and the AWS reserved tags).
For information about AWS resource tags, see Tagging your AWS resources in the AWS documentation.
Important
For backups from Commvault Platform Release 2022E (11.28) and previous releases, if you add new tags, any existing tags on the EBS volume are removed.
-
Click Next.
The Restore Options page appears.
Specify the Restore Options
Specify the following settings:
-
Power on VMs after restore: Automatically restart virtual machines after they are restored.
The power state of the virtual machine does not affect subsequent backups. If the virtual machine is powered on during backups, by default, the virtual machine is powered on again after the restore completes (unless you clear this check box).
-
Unconditionally overwrite if it already exists: Delete an existing virtual machine and replace it with the restored virtual machine.
Note
If an existing virtual machine with the same name exists on the destination host and you do not select Unconditionally overwrite if it already exists, the restore job fails.
-
Reuse existing VM client: Reuse the existing virtual machine and map its information, such as client name, host name, and client ID, to the source virtual machine.
-
Notify user on job completion: Receive an email notification that the restore is complete.
The Summary page appears.
Review the Summary and Start the Restore
-
Review the summary to verify the settings.
-
Click Submit to start the restore.
Related Pages
-
Restrictions and Known Limitations for Protecting Amazon EC2 with Commvault.
-
AWS managed keys in the AWS documentation
-
AWS owned keys in the AWS documentation
-
Customer managed keys in the AWS documentation
-
Multi-Region keys in AWS KMS in the AWS documentation