Thursday, July 9, 2020

EC2 States, Termination Protection, Metadata, User data


EC2 States

Stopping
-         Once started again – starts on a new physical host
-         Private IPv4 as well IPv6 are retained, public IPv4 is lost
-         when you stop an instance , the following happens : The instance performs a normal shutdown and stops running, its status changes to stopping and then stopped. Any amazon EBS volume remain attached to the instance and their data persists. Any data stored in the RAM of their host computer or the instance store volumes is gone. In most cases, the instance is migrated to a new underlying host computer when it’s started. For more information on starting and stopping instances: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html

EBS-backed EC2:
-         Any attached EBS volumes remain
-         Instance Store volumes are gone
-         Retain private IPv4, IPv6
-         Public IPv4 is gone
-         Elastic IP remains but becomes chargeable
-         Can detach / attach EBS volumes, inlc root
Instance-Store Based:
-         Can’t be stopped, only Terminated or Rebooted
 
Rebooting
-         Best Practice: reboot from console than from system itself: EBS waits 4 min until issuing hard reboot
-        Console reboot is logged
-         Console reboot is registered by CloudTrail log
 
Terminating
-         EBS Root devices are terminated, manually attached volumes remain.
-         Can change this by "DeleteOnTermination".
 
If EC2 terminates upon staring:
-         Instance store-backed AMI might be missing a part
-         You reached your EBC volume limit
-         EBS snapshot is corrupt

Termination Protection
-         Available on EBS and Instance Store.
-         If enabled – CloudWatch can’t shut down instance. Work around – initiate shut down from OS


Hibernate
-         https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html
-         When you hibernate an instance, we signal the operating system to perform hibernation (suspend-to-disk). Hibernation saves the contents from the instance memory (RAM) to your Amazon EBS root volume. We persist the instance's Amazon EBS root volume and any attached Amazon EBS data volumes. When you start your instance:
         § The Amazon EBS root volume is restored to its previous state
         § The RAM contents are reloaded
         § The processes that were previously running on the instance are resumed
         § Previously attached data volumes are reattached and the instance retains its instance ID
         § You can hibernate an instance only if it's enabled for hibernation and it meets the hibernation prerequisites

Metadata
-         Instance metadata is data about your instance that you can use to configure or manage the running instance. Instance metadata is divided into categories, for example, host name, events, and security groups.
-         IPv4/6, AMI-ID, DNC Hostname, Instance-ID, Sec Group, Public Key, etc.
-         Not encrypted - need to secure access to make sure metadata isn’t exposed
-         To view EC2’s metadata, use hard coded url: 169.254.
         § GET http://169.254.169.254/latest/meta-data
         § Curl GET http://169.254.169.254/latest/meta-data
-         If using it w/in a script – better to cache than to re-query for every attribute. Requests are throttled

User Data - script
-         You can use instance metadata to access user data that you specified when launching your instance. For example, you can specify parameters for configuring your instance, or include a simple script. You can build generic AMIs and use user data to modify the configuration files supplied at launch time. 
-         https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
-         Script that you pass in to be run on start up
-         Max 16KB
-         Can be viewed only form w/in instance
-         To update – stop the instance (EBS- backed only)

-         Not encrypted

Posted by

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)