domingo, 29 de junio de 2014

AWS: How to auto attach public IP from ElasticIP pool

When an EC2 instance is launched, you can select to attach a Public IP (or not). This Public IP is randomly selected. Here is an example:

i-cf27aa8d instance has Public IP address assigned. This IP is taken from general AWS pool. If you stop and start the instance from AWS EC2 console, a different Public IP address will be selected.

Now, imagine instance launch is controlled by an auto-scaling policy. Following explained behavior, a new random Public IP address will be attached each time a new (or replacement) instance is launched attending auto-scaling group needs.

In the context of need a predictable Public IP addresses, general behavior doesn't fit our needs. When instance is launched manually is easy to resolve: you can attach an IP address from Elastic IP pool through AWS EC2 console, for example. But this could be difficult in an auto-scaling context.

A way to resolve this situation could be using ipassign script. Let verify this with an example!

Imagine previous instance (i-cf27aa8d). To use ipassign script we need to:

  • Verify AWS CLI and ec2-utils packages are installed. By default, Amazon Linux instances arrive with them pre-installed. For Ubuntu distributions, probably you'll need to install them manually using apt-get commands:

  • Login to the instance as root username. If role instance is not assigned, you need to configure AWS CLI with an IAM user allowed to execute describe-addresses, associate-address and disassociate-address EC2 actions.

  • Install ipassign script. Just follow next instructions:
  1. Download ipassign script and copy inside your instance in "/etc/init.d" directory
  2. Modify script permissions: chmod 755 /etc/init.d/ipassign
  3. Add script to instance startup process: chkconfig ipassign on
  • Review ipassign configuration. At the beginning of the script, there are two parameters you need to review and ensure are correctly configured:
  1. REGION: Defines the AWS region. Value must be the same used by instance. By default is set to eu-west-1 (Ireland) region.
  2. IPLOGFILE: Defines log file. By default is set to "/var/log/ipassign.log" and my suggestion is maintain this value.

Done! If we restart the instance, during startup process will try to attach a free Public IP address from Elastic IP pool. Imagine we have three IP address associated to our account, all of them are currently in use:

In this context, instance can't attach any Public IP. Script is designed to avoid changes if an IP from Elastic IP pool can't be attached. Next time we login to the instance, if we review log file will see an error message registered:

Just go to AWS EC2 web console and request a new Elastic IP:

Now (with a free Public IP in Elastic IP pool), if we restart instance again, we'll see ipassign script can find one free IP address in Elastic IP pool and attach it to the instance:

Login to the instance (now, using the new Public IP attached) and checking log file, next information is displayed:

Finally, in instance general information panel, we can review how the instance has a new Public IP address ( from the Elastic IP pool correctly assigned:

By default, 5 Elastic IP addresses can be associated to an AWS account. But this limit could be increased, if needed.

viernes, 6 de junio de 2014

AWS: Convert root volume to XFS

By default, root volume in Amazon Linux instances uses EXT4 filesystem. But maybe you want to use another one, for example XFS. With next procedure you'll be able to convert default root volume filesystem of an existing instance to XFS. For our example, we've an instance named MyInstance using default Amazon Linux distribution:

After login, as you can see default root filesystem device (/dev/sda1 | /dev/xvda1) is EXT4:

Here is suggested steps to successfully achieve the filesystem conversion:
  • Login to the instance and become root
  • Install XFS utils: yum install xfsprogs xfsprogs-devel xfsdump
  • Stop the instance
  • Create a snapshot of root volume

  • Create a new volume from the snapshot. Make sure you don´t modify size and select same availability zone where original root volume of instance is hosted

  • Start the instance and wait until become available. After that, login to the instance and become root
  • Attach new volume as a secondary volume. By default, /dev/sdf device will be selected. This device is mapped as /dev/xvdf in modern kernels. Run dmesg command to review your kernel successfully detect the new attached volume

  • Install Development Tools: yum groupinstall 'Development Tools'
  • Download Fstransform toolkit from here
  • Uncompress, configure, compile and install Fstransform toolkit

  • Now, run: fstransform /dev/xvdf xfs
  • Previous command will convert /dev/xvdf from original EXT4 filesystem to XFS. Process will take time, depends on volume size. Be patient and make sure everything is correctly done. fstransform will provide detailed information about the process. Make sure everything is correctly done. 

  • Label /dev/xvdf device as '/'. Just run: xfs_admin -L \/ /dev/xvdf
  • Create a mountpoint directory, for example /xfs, and mount /dev/xvdf in /xfs directory. Edit fstab file associated to the new XFS volume (/xfs/etc/fstab) and make sure / is associated to volume labeled / and xfs filesystem is configured for root mountpoint

  • Stop the instance
  • Detach original root volume
  • Detach XFS volume
  • Attach XFS volume as root volume. Make sure you specify same device associated to the original root volume (for Amazon Linux instances usually is /dev/sda1
  • Start the instance
Now, your instance should start. Login and verify root volume now is XFS

If there is any issue during instance startup, review System Log in AWS EC2 web console. Useful information for troubleshooting will be provided (if required).