Can I "mount" an AMI (or ebs volume) in serverless (aws-lambda)?
My goal is to run some quick scan on AMIs content using Lambda, without using an EC2 instance for that.
Related
I'm aware that there are similar question posted here, but none of them address this specific issue.
How to create an ECS cluster via CLI tools, aws-cli and/or ecs-cli, with using your own custom AMI stored in EC2 as an AMI image?
Is this even possible currently or do I need to turn to CloudFormation?
EDIT: I had a major confusion about the service architecture of ECS in terms of distributing containers on container instances (EC2 instances registered to the cluster).
So the container instance runs on an AMI. Which can be a custom built AMI, but such would needed only in some special circumstances. It's recommended to use an ECS-optimized Amazon Linux AMI by as maintained by AWS and is updated about once a month.
Another confusion point was with Docker Compose approach and the ECS CLI tool. Some experts think that while the ECS CLI is released and maintained by AWS, and being already 3 years old at this point in 2019, it is not suitable for production usage. So am using AWS CLI instead, and dealing with clusters, task definitions, and (task scheduling) services directly.
I would rather run the custom stuff within the container defined by dockerfile on ECS optimized AMI
But to run custom AMI
1) Pre-requisite is to have AMI image with ECS Agent installed
2) Then I would try ecs-cli up command with defined --image-id
ecs-cli up
--keypair <my-keypair>
--launch-type EC2
--size 2
--instance-type t2.micro
--instance-role ECSMediumRole
--vpc <my-vpc>
--image-id ami-XXXXXXXX # Custom Image ID with ECS Agent installed
--cluster-config <my-cluster-config>
--ecs-profile <my-ecs-profile>
--security-group <my-security-group-id>
--region us-east-1
--subnets <my-public-vpc-subnet>
I am new to AWS and had to take over an existing VPC with multiple EC2 instances.
I am looking for a way to backup the instances (whole disks).
I read about EBS snapshots on forums and this seems a good solution.
The instances' root disks are all EBS volumes.
I read the AWS documentation on EBS snapshot which states as shown below:
To create a snapshot for Amazon EBS volumes that serve as root devices, you should stop the instance before taking the snapshot.
I cannot shutdown the EC2 instances just for a backup.
How do senior AWS sysadmins back up their instances with EBS root volumes ?
With KVM it is possible to pause a host. Is there a similar functionality available in AWS?
I'm trying to share my AMI with a colleague, who is testing his change to my cluster computing application.
While it is easy to change the permission of my AMI to 'public', I can't find its manifest anywhere, including in my S3 buckets.
Is this feature missing for AMI created in EC2 console?
A manifest is only required for an Instance-Store Backed AMI. This is where the AMI is copied to Instance Store (ephemeral storage) rather than an EBS volume. This method is quite old and these days it is recommended to use a normal AMI that is used to create an EBS boot volume.
AMIs created in the EC2 Management Console can be shared either publicly or with with specific accounts.
Let's say there is a single disk Disk 0 at an Amazon EC2 instance Instance1 with the corresponding EBS volume having the device-name /dev/sd1. Let's say this disk maps to C-drive on the VM.
Now can we create a new EBS volume attach it to Instance1 with the same device-name /dev/sd1?
If this is possible, does it mean, after the volume is attached, we can go ahead and extend the existing C-drive at Instance1, without having to go through the process of detaching it first, creating a snapshot etc.?
If an EBS volume is already mounted at /dev/sd1, it is not possible to mount another volume as that device.
First, detach the existing volume, then attach a new volume.
To extend the size of an EBS volume:
Detach the EBS volume from the EC2 instance
Create Snapshot of the EBS volume
Create Volume from the snapshot, making the volume larger
Attach the new EBS volume to the EC2 instance
The disk partition will also need to be extended. This can be done with the Disk Management console (Windows) or with the resize2fs command (Linux).
So I create an instance using one of the Public AMI EBS Ubuntu flavors. I create an EBS volume and attach it to the instance. I format the volume and add an entry to /etc/fstab to mount it on /vol. I add mysql to the AMI and move the data files to the EBS volume I formatted and mounted at /vol. I then create an AMI from the running instance. Then I terminate the running instance.
I start a new instance using the freshly created AMI (with mysql on it). The /vol is mounted has the mysql data files - good, I expect that. Here's where I am confused. When I create any directory or files on the EBS volume /vol they aren't there any more after I terminate the instance and create a new one. The mysql stuff is there but no new stuff I created. Aren't those files and directory supposed to be there? Or am I misunderstanding how this works?
When you create an AMI, "Amazon EC2 powers down the instance, takes images of any volumes that were attached, creates and registers the AMI, and then reboots the instance." -Amazon. When the AMI is used to launch an instance, the images (snapshots) of the attached drives are used to create new volumes. It is these new volumes that are attached to the new instance, not your original EBS. (This generates lots of orphan volumes and snapshots with ongoing use.)
There is no automatic attaching of the EBS volume you created. What is automatically attached is the volume it creates at the time of launching the instance from your AMI! It creates this volume from the snapshot it made of your EBS at the time of the AMI creation!
The way to avoid clone volumes from being created and attached to new instances is simple: detach your volumes before making AMIs. You need to attach your EBS volumes manually with the EC2 Web Control Panel, or programmatically with .net or Java programming, scripting or command line tools.
EBS volumes are not tied to an AMI, only to the literal instance you attach them to. When you created your AMI and a new instance from that, the EBS is not cloned, nor does it follow you to the new instance.
You could move the EBS drive to the new instance manually. Alternately you could snapshot the EBS volume & clone a new drive from that.