Manually Provisioning AWS VMs
Views > Inventory > Applications
Views > Service Requests > Request Details
Administrator, Operator, Operator with Approval Access Rights
Use Commander to:
- deploy a requested service or VM component by clicking Deploy at the appropriate level of the tree in the Request Details dialog. Note that once a component in a service has been deployed, it's no longer possible to deploy at the service level; you must deploy at the component level.
When deploying an entire service, if the deployment of one or more components fails, Commander will still attempt to deploy other components in the service.
- deploy a VM from a template. Right-click and choose Provisioning > Deploy to VM.
The following sections provide details and additional help links for the manual deployment wizard. The pages and options displayed depend on whether you're deploying an entire service or a VM component.
If you're provisioning AWS CloudFormation templates, see Manually Provisioning AWS CloudFormation Templates.
Naming options are not available on this page if you're deploying an entire service as individual components that is, if you clicked Deploy at the Service level in the Request Details dialog (rather than at the Component level).
- Let the system name this Service / VM automatically: See also Customizing Naming Conventions.
- Manually name this Service / VM: Note that you can't use variables in this field, but you can use variables in the global VM naming convention. See also Customizing Naming Conventions.
The name must be unique in the region.
If Commander detects that the name is not unique when you have specified the target (on the next page of the wizard), an error is displayed.
- Placement Options: Although the option you choose here allows Commander to preselect destination choices for you, you can change those selections throughout this wizard. The available options are:
- Last Specified: Uses the placement location that was last used to deploy this service or component. If the service or component has not been previously deployed, no destination is selected.
- User Specified: No destination is selected; the destination must be selected manually.
- Automated Deployment: Uses the placement options configured for automated deployment. If you see the error "Automated deployment has not been configured", see Configuring Automated Deployment for Approved Service Requests to learn how to set up automated deployment.
- Destination: Select a VPC in the AMI's region (if you're not using VPCs, select EC2-Classic).
This page appears only when deploying an entire requested service that is, you clicked Deploy at the Service level in the Request Details dialog, rather than at the Component level.
All components in the service are listed. Custom components in the service are listed for information purposes only.
Deselect the components you don't want to deploy at this time. Components are deployed serially, not in parallel.
This page allows you to customize VM resources and security settings.
- Instance Type: Select an instance type from the drop-down menu. This option is not available if you're deploying an entire service as individual components that is, if you clicked Deploy at the Service level in the Request Details dialog (rather than at the Component level).
- EBS Optimized: If the selected instance type supports EBS optimization, this option is active. EBS optimization enables additional, dedicated throughput between Amazon EC2 and Amazon EBS, and therefore improved performance for Amazon EBS volumes. Additional charges from AWS apply if you enable this option.
- Subnet: If your deployment target is a VPC, select a subnet. If you have tagged subnets with zones, the Subnet drop-down list groups subnets by zone.
- Availability Zone: If your deployment target is EC2-Classic, select an availability zone, or keep the default, Let the system decide.
- Key Pair Name: Allows you to optionally specify a key pair credential to assign to the deployed VM. For this drop-down menu, you can:
- Select a listed key pair. This will assign a key pair that's associated with the region.
- Leave the field blank. This will ensure that no key pair is assigned.
- Select Let System Decide: With this option, Commander will choose one of the following key pairs for assignment in the order of precedence listed below:
- a key pair configured for the service request form.
If the Key Pair form element has been added to the VM service request form, users can specify a key pair for requested VMs. Their selection is not displayed in the manual Service deployment wizard. In this case, you should deploy each component separately by clicking Deploy at the Component level of the Request Details, rather than at the Service level. Doing so ensures that you won't override the requester's individual key pair selections with a single key pair for all VMs in the service.
- a key pair configured for the user
- a key pair configured for the user's organization
- a key pair configured for the deployment destination
- a key pair configured for the service request form.
- Security Group Names: Optionally, specify one or more security groups. Only security groups assigned to the target VPC are shown (or, if your target is EC2-Classic, those not assigned to a VPC). If no security group is specified, AWS assigns the deployed VM to the default security group.
- User Data: Optionally, enter user data to customize this VM during provisioning. If you're deploying a requested VM and user data was specified for this component in the service catalog, the User Data field is prepopulated. See AWS User Data Syntax and Supported Variables for more information.
- IAM Role: Optionally, enter the name of an IAM role to assign to the VM. The maximum number of characters is 255. If an IAM role was configured in the deployment destination or in the catalog blueprint, or specified on the request form, the IAM Role field is prepopulated. Important: Commander doesn't validate IAM role names, so ensure that role names entered in Commander match those in AWS. IAM role names are not case-sensitive. To learn more, see IAM roles.
- Monitor Memory Usage: To enable memory usage monitoring, enable the option Send guest OS memory usage statistics to Amazon CloudWatch. Memory usage monitoring requires the VM to have credentials with full access to CloudWatch. You can enter a role in the IAM Role field for this purpose. To learn more, see Monitoring Memory Metrics for EC2 Linux Instances and Monitoring Memory Metrics for EC2 Windows Instances.
Clicking Details provides the full set of properties for the selected instance type.
If you have a large number of subnets, click next to the Subnet drop-down menu to open a pop-up dialog for easier searching.
See Order of precedence for assigning key pairs to requested services for more information.
This page allows you to add, modify and delete disks. Note that when deploying an entire service, all VMs in the service are deployed with the same storage options, and you can't edit disk information.
- add a disk.
- delete a disk (other than the base disk, which can't be deleted).
- modify a disk by selecting it in the Disks list and editing its settings as required:
Device Name: Specify the name that the block device driver for the instance will assign when mounting the volume. The name recommended by Amazon is provided; edit this value if required. See Block Device Mapping in the AWS documentation for more information.
Capacity: Specify the disk capacity, in GB.
Volume Type: Select one of the following types from the drop-down menu. Hover over the icon for details on each type; see Amazon EBS Volume Types in the AWS documentation for more information.
- General Purpose (SSD): General purpose Solid-State Drive volume that balances price and performance for a wide variety of transactional workloads. Recommended for system boot volumes, virtual desktops, low-latency interactive apps, development and test environments.
- Provisioned IOPS (SSD): Highest-performance SSD volume designed for mission-critical applications. Best for critical business applications that require sustained IOPS performance, or more than 10,000 IOPS or 160 MiB/s of throughput per volume, such as large database workloads and EBS-optimized instances. The ratio of IOPS provisioned and the volume size requested can be a maximum of 50.
- Magnetic: Previous-generation Hard Disk Drive volumes for workloads where data is infrequently accessed. Not recommended for new applications.
- Throughput Optimized (HDD): Low-cost Hard Disk Drive volume designed for frequently accessed, throughput-intensive workloads. Best for streaming workloads requiring consistent, fast throughput at a low price, such as big data, data warehouses, and log processing. The minimum disk size for this type is 500 GB. can't be a boot volume.
- Cold (HDD): Lowest-cost Hard Disk Drive volume designed for less frequently accessed workloads. Best for throughput-oriented storage for large amounts of data that's infrequently accessed. The minimum disk size for this type is 500 GB. can't be a boot volume.
IOPS: If you select the Provisioned IOPS (SSD) volume type, you must specify the number of I/O operations per second (IOPS) this volume will support. Specify a number between 100 and 10,000. A maximum ratio of 50:1 is permitted between IOPS and volume size; for example, a volume with 3000 IOPS must be at least 60 GB in size. The minimum disk size for this storage type is 4 GB.
Encryption: Specify whether to encrypt the disk. Note that not all instance types support disk encryption; see Amazon EBS Encryption in the AWS documentation for the list of supported instance types.
Delete on Termination: By default, this disk will be deleted when the VM to which it's attached is terminated. If you want to preserve this disk so that it can be attached to a different VM when this VM is terminated, disable this option.
The new disk is created in the same availability zone as the instance it's attached to.
Custom attributes allow you to provide more metadata about your virtualized infrastructure. For information on custom attributes, see Using Custom Attributes to Add Infrastructure Metadata.
This page doesn't appear when deploying an entire service that's configured to be deployed as individual VM components.
When deploying at the service level, values entered on this page are applied only to the components of the service. This means that if the service contains a virtual service component, values entered on this page are not applied to any VMs which are components of the virtual service.
If the Expiry Date form element or the Primary Owner form element has been added to the Component request form, users can specify expiry and/or ownership information for requested components. Their selection is not displayed in the manual Service deployment wizard. In this case, you should deploy each component separately by clicking Deploy at the Component level of the Request Details, rather than at the Service level. Doing so ensures that you won't override the requester's individual selections for all components in the service. See also Order of Precedence for Metadata and Service Settings.
- VM / Virtual Service Name: Click Edit to override the service name. You can't use Commander variables in this field. See also Customizing Naming Conventions.
- Expiry Date: Click Edit to set or override the expiry date, or to specify that the service will never expire. See also Managing Service Expiry.
- Expiry Group: Click Edit and choose an expiry group from the drop-down menu.
- Guest OS Scan Group: Click Edit and choose a guest OS scan group from the drop-down menu. Displayed for VM components only.
- Maintenance Group: Click Edit and choose a maintenance group from the drop-down menu.
- Power Schedule Group: Click Edit and choose a power schedule group from the drop-down menu. Displayed for VM components only.
- Rightsizing Group: Click Edit and choose a rightsizing group from the drop-down menu. Displayed for VM components only.
Owners: To edit ownership assignment, click Edit. In the Edit Ownership dialog, if the user you assign is a member of an organization, make sure to select the owner's organization, so that the service is visible to organization members. Assign users by entering a login or email address. See also Assigning Ownership to Services.
- Service Request: When deploying a service request, the Release checkbox is visible and is enabled by default, so that components advance to completion automatically. When the Release checkbox is enabled, if one or more completion workflows have been assigned, the service request is automatically transferred to the completion workflow process. If no completion workflows are assigned, once all components in a service are deployed, releasing the components makes the service visible to the requester (for example, the Service Portal user).
If there are manual steps in your provisioning process, disable the Release checkbox so that you can carry out these steps before the completion workflow starts. For example, you may need to install software, check operating system patches, or migrate VMs. Click Comment to enter more information for the service request comment log.
A summary of your settings is displayed. New public cloud VMs are always powered on when created.
- Policy Actions: If one or more policies will be triggered once deployment occurs, policy actions are listed here.
When policies have been applied at the availability zone level and the deployment target is a region (meaning that the public cloud vendor chooses the destination), policy actions can't be simulated, because Commander can't determine the destination.