Create Image from running instance will change the public IP address? - amazon-ec2

As far as I know, if you create an image from a running instance, it would by default reboot the instance. Do correct me if I am wrong on this.
For my situation, my free elastic ip are all used up and I need to do some heavy modification on the instance operating system. Before proceeding with those modifications, I would like to at least do a complete backup on everything. Which means I need to create an AMI and do snapshot on the EBS before proceeding. Problem is, I can't afford to lose the public and private IP address of that instance because it would take me more work to update all other softwares in different servers that would connect to it (unless of course if I mess it up and had to use the backup created AMI image after all).
So my questions are:
If I just simply create an image from that instance that is still running without stopping it. It will reboot by default, but would it change it's public and private IP addresses? I noticed that a normal "reboot" when you right click the instance does not change those IP address. Is it the same kind of "reboot" when you create image without stopping the instance?
Is it safer that I stop the instance first before creating an image or creating the image while it's running is safe enough? Consider data integrity.
Thank you

The default reboot during AMI creation will just do a normal reboot. It will not change IP addresses.
The Private IP address will never change.
The Public IP address might change if the instance is stopped.
Best practice is to either use an Elastic IP address (free if attached to a running instance, and you can request more if you need them) or use a DNS Name that resolves to an IP address. That way, if the IP address changes, simple update the DNS entry without needing to change any references.

Related

EC2 Private IP changes on every server restart

We have a RHEL 7.2 EC2 instance and we are trying to install Oracle 12C EE server. We have assigned an Elastic IP to the instance to make sure that the Public IP address does not change when we restart the server. But we saw that the hostname of the instance gets changed on a server restart.
Problem: There are a few steps in oracle installation where we need to mention the hostname of the EC2 instance (i.e. private DNS), so we are hardcoding the hostname during oracle installation. But the problem is if in case the hostname gets changed in every server restart then the installed software wont work (since it holds previous host name) - how to resolve this issue?
Please let us know on the best practices to resolve this issue.
IP addresses do not change in EC2 with a simple restart. They only change with a complete stop, followed later by a start. If you are using a VPC, which you most likely are, then the private IP address will not change even with a stop/start.
If you want a solution that will work even if you move the installation to a different EC2 instance, then you should create a Route53 private hosted zone, attach it to your VPC, and then create a custom DNS name for this server.
If you are using VPC (which is the default now) the private IP should not change upon restart or stop start.
My understanding is that you're having issue with hostname reset to the default ip-x-y-z-k upon os reboot causing issues with oracle database.
This is usually caused by cloud-init (embedded in the AMI).
I suggest you to go through these steps:
First set the hostname in your os:
$: hostnamectl set-hostname Your-New-Host-Name-Here --static
Edit your '/etc/hosts' to match the private IP:
<private_ip> <hostname>
Check the value of HOSTNAME in '/etc/sysconfig/network' it should match your hostname.
Finally, to solve the issue, I suggest to remove the following lines from '/etc/cloud/cloud.cfg'
set_hostname
update_hostname
update_etc_host
To test if it works stop and start the instance, the private IP should stay the same as before and the hostname should be the one you defined.
I hope this helps.
G.

Do i need to install the packages again on ec2 micro if stopped

I have a EC2 micro instance(ubuntu) running with tomcat and apache installed .
I am confused what happens if the system crashes , or shuts down. or If i stop it.
Will i have to install and configure all the packages(tomcat,apache) again on the instance , or will the instance on restart or reboot will have all these packages in the pre-stop state?
I know micro instance uses EBS for storage. And I assume on stop it maintains the state (i.e. it is not deleted). is it?
So on restart only the IP address changes right?
Or do i need to configure the instance again.
You are pretty much spot on with all your assumptions:
All EBS backed instances retain their installation state and configuration, which under normal circumstances shouldn't ever have any parts located on the (often called ephemeral) instance store volume(s), if any (see Root Device Storage Concepts for a detailed explanation of the differences between EBS and instance store backed AMIs).
Given the Amazon EC2 Instance Type t1.micro is EBS storage only indeed, this is guaranteed in your case.
Interestingly EBS storage only also applies to the newest regular instance types m3.xlarge and m3.2xlarge btw., so AWS might be slowly moving away from instance storage eventually.
Likewise, on restart only the IP address changes, be it a default public one or an Elastic IP address, see e.g. the FAQ Do I need one Elastic IP address for every instance that I have running?:
No. You do not need an Elastic IP address for all your instances. By
default, every instance comes with a private IP address and an
internet routable public IP address. The private address is associated
exclusively with the instance and is only returned to Amazon EC2 when
the instance is stopped or terminated. The public address is
associated exclusively with the instance until it is stopped,
terminated or replaced with an Elastic IP address. [...] [emphasis mine]
Please note that EC2 instances started within an Amazon VPC slightly differ here, insofar they don't have get a default public IP address and do retain an Elastic IP address (if any) throughout a stop/start cycle.

How to refer to other ec2 instances? Is Elastic IP the only feasible solution?

Initially my issue was "How do I RDP into an EC2 instance without having to first find its ip address". To solve that I wrote a script that executes periodically on each instance. The script reads a particular tag value and updates the corresponding entry in Route53 with the public dns name of the instance.
This way I can always rdp into web-01.ec2.mydomain.com and be connected to the right instance.
As I continued with setting up my instances, I realized to setup mongodb replication, I will need to somehow refer to three separated instances. I cannot use the internal private ip addresses as they keep changing (or are prone to change on instance stop/start & when the dhcp lease expires).
Trying to access web-01.ec2.mydomain.com from within my EC2 instance returns the internal ip address of the instance. Which seems to be standard behaviour. Thus by mentioning the route53 cnames for my three instances, I can ensure that they can always be discovered by each other. I wouldn't be paying any extra data transfer charges, as the cnames will always resolve to internal ip. I would however be paying for all those route53 queries.
I can run my script every 30 secs or even lesser to ensure that the dns entries are as uptodate as possible.
At this point, I realized that what I have in place is very much an Elastic IP alternative. Maybe not completely, but surely for all my use cases. So I am wondering, whether to use Elastic IP or not. There is no charge involved as long as my instances are running. It does seem an easier option.
What do most people do? If someone with experience with this could reply, I would appreciate that.
Secondly, what happens in those few seconds/minutes during which the instance loses its current private ip and gets a new internal ip. Am assuming all existing connections get dropped. Does that affect the ELB health checks (A ping every 30 secs)? Am assuming if I were using an Elastic IP, the dns name would immediately resolve to the new ip, as opposed to say after my script executes. Assuming my script runs every 30 secs, will there be only 30secs of downtime, or can there possibly be more? Will an Elastic ip always perform better than my scripted solution?
According to the official AWS documentation a "private IP address is associated exclusively with the instance for its lifetime and is only returned to Amazon EC2 when the instance is stopped or terminated. In Amazon VPC, an instance retains its private IP addresses when the instance is stopped.". Therefore checking nevertheless every 30s if something changed seems inherently wrong. This leaves you with two obvious options:
Update the DNS once at/after boot time
Use an elastic IP and static DNS
Used elastic IPs don't cost you anything, and even parked ones cost only little. If your instances are mostly up, use an elastic IP. If they are mostly down, go the boot time update route. If your instance sits in a VPC, not even the boot time update is strictly needed (but in a VPC you probably have different needs and a more complex network setup anyways).
Another option that you could consider is to use a software defined datacenter solution such as Amazon VPC or Ravello Systems (disclaimer: our company).
Using such a solution will allow you to create a walled off private environment in the public cloud. Inside the environment you have full control, including your own private L2 network on which you manage IP addressing and can use e.g. statically allocated IPs. Communications with the outside (e.g. your app servers) happens via the IPs and ports that you configure.

AWS: elastic IP disassociated without API call

For what reason would an elastic IP disassociate from a running Instance without any API calls being made?
I am experiencing an odd situation where my running AWS instance is being disassociated from the elastic IP address without any action on my part.
I tried allocating a new address and associating the instance with the new Elastic IP, but the same situation occurs where the IP address is "automatically" disassociated from the instance.
The only thing I haven't tried is stopping and restarting the instance (to move it to new hardware) but I'd rather not lose my internal IP address.
Has anyone else experience such an issue?
It seems that there is currently an issue with Elastic IP address that requires an Instance stop/start in order to ensure that the Elastic IP address "sticks"
https://forums.aws.amazon.com/thread.jspa?threadID=84952&tstart=0
We've noticed this happening to our instances also... I think the problem is a result of the internal IP changing because they are dynamic. When the internal IP changes, the elastic IP drops and you have to associate it again. It's happened to us during a reboot we initiated and it happened on an amazon reboot d

How does EC2‘s public ip works?

When I launch an EC2 instance,I will get a private ip and public ip.The public ip can be
visited by a dns domain like 'ec2-184-73-237-10.compute-1.amazonaws.com'.When I ping it,I got ip address 184.73.237.10.
My question is: does 184.73.237.10 only belongs to me or it's shared by different instances?
If it's shared by different instances,how does it work? As far as I know, each instances(linux) can be accessed by ssh.
Thanks in advance :-)
It only belongs to you (there is a 1:1 mapping between public and private IP addresses), but it can change at any time. For this reason, if you need an instance to be permanently accessible by IP they recommend using an Elastic IP Address. EIP is free as long as it's actually associated with an instance.
It is recommended to create and associate an Elastic IP (AWS's static IP) to your instance. And this IP will be only yours.
The benefit of Elastic IP, is that, even you can associate it to other instance, restored server from the AMI image of parent instance, thus bring back your site in case of any issues/attacks.

Resources