Restart the AWS Replication Agent automatically without disabling SELinux after rebooting a RHEL source server
Created by Anil Kunapareddy (AWS), Shanmugam Shanker (AWS), and Venkatramana Chintha (AWS)
Summary
AWS Application Migration Service helps simplify, expedite, and automate the migration of your Red Hat Enterprise Linux (RHEL) workload to the Amazon Web Services (AWS) Cloud. To add source servers to Application Migration Service, you install the AWS Replication Agent on the servers.
Application Migration Service provides real-time, asynchronous, block-level replication. This means that you can continue normal IT operations during the entire replication process. These IT operations might require that you reboot or restart your RHEL source server during the migration. If this happens, the AWS Replication Agent will not restart automatically, and your data replication will stop. Typically, you can set Security-Enhanced Linux (SELinux) to disabled or permissive mode to automatically restart AWS Replication Agent. However, your organization’s security policies might prohibit disabling SELinux, and you might also have to relabel your files
This pattern describes how to automatically restart the AWS Replication Agent without turning off SELinux when your RHEL source server reboots or restarts during a migration.
Prerequisites and limitations
Prerequisites
An active AWS account.
An on-premises RHEL workload that you want to migrate to the AWS Cloud.
Application Migration Service initialized from the Application Migration Service console. Initialization is required only the first time you use this service. For instructions, see the Application Migration Service documentation.
An existing AWS Identity and Access Management (IAM) policy for Application Migration Service. For more information, see the Application Migration Service documentation.
Versions
RHEL version 7 or later
Tools
AWS services
AWS Application Migration Service is a highly automated lift-and-shift (rehost) solution that simplifies, expedites, and reduces the cost of migrating applications to AWS.
Linux commands
The following table provides a list of Linux commands that you will run on your RHEL source server. These are also described in the epics and stories for this pattern.
Command | Description |
| Identifies the system version. |
| Lists all active services that are available on the RHEL server. |
| Lists all services that are currently running on the RHEL server. |
| Lists all services that failed to load after the RHEL server rebooted or restarted. |
| Changes the context to |
| Installs the policy core utilities that are required for the operation of the SELinux system. |
| Searches the audit log and creates a module for policies. |
| Activates the policy. |
| Displays the contents of the |
| Checks whether the policy has been loaded to the SELinux module. |
Epics
| Task | Description | Skills required |
|---|---|---|
Create an Application Migration Service user with an access key and a secret access key. | To install the AWS Replication Agent, you must create an Application Migration Service user with the required AWS credentials. For instructions, see the Application Migration Service documentation. | Migration engineer |
Install the AWS Replication Agent. |
| Migration engineer |
Restart or reboot the RHEL source server. | Restart or reboot your RHEL source server when its Data replication status displays Stalled on the Migration dashboard. | Migration engineer |
Check data replication status. | Wait for one hour and then check the Data replication status again on the Migration dashboard. It should be in the Healthy state. | Migration engineer |
| Task | Description | Skills required |
|---|---|---|
Identify the system version. | Open the command line interface for your RHEL source server and run the following command to identify the system version:
| Migration engineer |
List all active services. | To list all active services available on the RHEL server, run the command:
| Migration engineer |
List all running services. | To list all services that are currently running on the RHEL server, use the command:
| Migration engineer |
List all services that failed to load. | To list all services that failed to load after the RHEL server rebooted or restarted, run the command:
| Migration engineer |
| Task | Description | Skills required |
|---|---|---|
Change the security context. | In the command line interface for your RHEL source server, run the following command to change the security context to the AWS replication service:
| Migration engineer |
Install core utilities. | To install the core utilities required for the operation of the SELinux system and its policies, run the command:
| Migration engineer |
Search the audit log and create a module for policies. | Run the command:
| Migration engineer |
Display the contents of the my-modprobe-te file. | The
| Migration engineer |
Activate the policy. | To insert the module and make the policy package active, run the command:
| Migration engineer |
Check whether the module has been loaded. | Run the command:
After the SELinux module is loaded, you will no longer have to set SELinux to disabled or permissive mode during your migration. | Migration engineer |
Reboot or restart the RHEL source server and verify the data replication status. | Open the AWS Migration Service console, navigate to Data replication progress, and then reboot or restart your RHEL source server. Data replication should now resume automatically after the RHEL source server reboots. | Migration engineer |
Related resources
