We Keep Coding

correctly specifying Device Name for EBS volume while attaching to an ec2 instance and identifying it later using Device name

I am trying to attach an EBS volume on EC2 (RHEL) instance. This is how my attach-volume command looks like:
aws ec2 attach-volume --volume-id vol-xxxxxxxxxxxxxxxxx --instance-id i-yyyyyyyyyyyyyyyyy --device /dev/sdf
{
"AttachTime": "2021-12-02T19:30:13.070000+00:00",
"Device": "/dev/sdf",
"InstanceId": "i-yyyyyyyyyyyyyyyyy ",
"State": "attaching",
"VolumeId": "vol-xxxxxxxxxxxxxxxxx "
}
this is the output of lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
nvme1n1 259:0 0 5G 0 disk
└─aaaaa-aaa 253:2 0 5G 0 lvm /logs
nvme0n1 259:1 0 10G 0 disk
├─nvme0n1p1 259:2 0 1M 0 part
└─nvme0n1p2 259:3 0 10G 0 part /
nvme3n1 259:4 0 35G 0 disk
├─bbbbb-bbb 253:3 0 8G 0 lvm [SWAP]
├─bbbbb-ccc 253:4 0 4G 0 lvm /var/tmp
├─bbbbb-ddd 253:5 0 4G 0 lvm /var
├─bbbbb-eee 253:6 0 4G 0 lvm /var/log
nvme2n1 259:5 0 5G 0 disk
└─ccccc-ffff 253:0 0 5G 0 lvm /products
nvme4n1 259:6 0 5G 0 disk
└─ddddd-gggg 253:1 0 5G 0 lvm /apps
nvme5n1 259:7 0 20G 0 disk
Even though I specified device name as /dev/sdf, it shows up as nvme5n1. This makes it difficult for me to identify the newly attached EBS volume and mount it.
I tried aws ec2 attach-volume --volume-id vol-xxxxxxxxxxxxxxxxx --instance-id i-yyyyyyyyyyyyyyyyy --device /dev/nvme5n1 but that gives me an error saying /dev/nvme5n1 is not a valid EBS device name.
Is there a way I can identify the right name of the EBS volume I just attached so that I can mount it to the directory I desire?

EBS volumes are exposed as NVMe block devices on instances built on the Nitro System.
On an older instance type you might see something like:
$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvda 202:0 0 160G 0 disk
└─xvda1 202:1 0 160G 0 part /
On a Nitro-based instance you'll see something similar to what you provided above.
With Amazon Linux AMIs later than version 2017.09.01, we provide a udev rule that reads this data and creates a symbolic link to the block-device mapping.
$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
nvme0n1 259:0 0 120G 0 disk
├─nvme0n1p1 259:1 0 120G 0 part /
└─nvme0n1p128 259:2 0 1M 0 part
$ ls -l /dev/xvda
lrwxrwxrwx 1 root root 7 Dec 3 08:59 /dev/xvda -> nvme0n1
If you are using an Amazon Linux or FreeBSD AMI, use the sudo ebsnvme-id /dev/nvme0n1 -u command for a consistent NVMe device name. For other distributions, use the sudo ebsnvme-id /dev/nvme0n1 -u command to determine the NVMe device name.
$ sudo ebsnvme-id /dev/nvme0n1
xvda
You could enumerate all the NVMe devices and check for the one that has the associated device name. Perhaps with something like:
$ DEV=xvda
$ lsblk | grep disk | awk '{print $1}' | while read disk; do echo -n "$disk " && sudo ebsnvme-id -b /dev/$disk; done | grep $DEV | awk '{print $1}'
nvme0n1
For more information on device naming see the Amazon EBS and NVMe on Linux instances documentation.

how to make an attached EBS volume accessible?

I changed my instance type, and now previously attached volumes are not available at startup. How do I attach and mount volumes?
In the volume info in the AWS console:
Attachment information i-e85c62d0 (hongse):/dev/sdf (attached)
however there is nothing at /dev/sdf on the instance.
I tried to mount it following the info on the AWS site such as:
ubuntu#hongse:~$ sudo mkdir /ebs1
ubuntu#hongse:~$ sudo mount /dev/sdf /ebs1
mount: special device /dev/sdf does not exist
but failed.
What other steps could I try to mount an existing volume?

Ok, you're using ubuntu in AWS with an ECS volume. Try this:
ubuntu#hostname1:~$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvda 202:0 0 128G 0 disk
└─xvda1 202:1 0 128G 0 part /
xvdf 202:80 0 1000G 0 disk
Note that xvdf (1TB) drive is not mounted in my example.
You will want to type the following to mount your disk:
ubuntu#hostname1:~$ sudo mount /dev/xvdf /ebs1
NOTE: I don't know the reason why the AWS console shows /dev/sdf and the actual host shows /dev/xvdf, but that's the way it is.

Is the EBS volume mounted ? and where?

In my EC2 instance, that is attached to a volume EBS of 100GB, I run this command:
[ec2-user ~]$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvda 202:0 0 100G 0 disk
└─xvda1 202:1 0 8G 0 part /
Here is the file /etc/fstab:
UUID=ue9a1ccd-a7dd-77f8-8be8-08573456abctkv / ext4 defaults 1 1
I want to understand: why only the volume of 8GB has a mount point ?
Also, is the fact of mounting a volume on root '/', means that all the content of root is being stored on EBS volume?

I want to understand: why only the volume of 8GB has a mount point ?
Because additional volumes are not formatted/mounted by default. AWS does not know whether you'd like to have ext4 or NTFS or something else as well as which mount point you'd like to have.
Also, is the fact of mounting a volume on root '/', means that all the content of root is being stored on EBS volume?
Yes if you have EBS-backed instance (unlike so-called instance-backed instances) and if you do not have other volumes mounted (not to be confused with 'attached')
p.s. as far as I see, you initially had created 8GB volume then resized it via AWS console to 100GB. Pls note you resized the EBS volume (xvda) but did not resize the partition (xvda1). AWS will not resize it automatically by the same reason: it doesn't know how you're going to use the extra space.

knife-ec2 not expanding volume at bootstrap

How can I create a larger than 8GB boot partition volume using knife-ec2 on an AWS hvm ami at boostrap?
In the old instance type of m1, i could just add --ebs-size 50 then run resize2fs after the system boot strapped.
When doing a new hvm ami (a t2 instance):
knife ec2 server create scott-base -N scott-base -r "role[base]" -I ami-57cfc412 --ebs-size 50
it will create the 50GB volume, but i cannot expand it after I login.
I see this during the build:
Warning: 50GB EBS volume size is larger than size set in AMI of 8GB.
Use file system tools to make use of the increased volume size.
And when I run resize2fs, this is what I get
[root#scott-base ~ ] resize2fs /dev/xvda
resize2fs 1.41.12 (17-May-2010)
resize2fs: Device or resource busy while trying to open /dev/xvda
Couldn't find valid filesystem superblock
I know I can go through the whole process of unmounting, copying and bringing it back up. I also know i can just add a volume after the fact, but I have to believe there is an easier way at bootstrap to get a larger ebs volume than 8GB.
[root#scott-base ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvda 202:0 0 50G 0 disk
└─xvda1 202:1 0 8G 0 part /

You are trying to apply resize2fs command to device reference /dev/xvda which is not file system itself, you can divide devices into partions, where you create file system (ext3,ext4,etc). You do have partition with filesystem on /dev/xvda1 partion, where you want to use resize2fs. Please read the documentation about devices and partions in linux.

The solution was related to the AMI itself. It turns out that some ami's are just not equipped with the ability to expand online. Our solution:
Launch the ami with a larger partition, knowing it would only default 8GB
Use the cloud-init and dracut module to increase the size during the next reboot
yum install -y cloud-init
yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
yum install -y dracut-modules-growroot.noarch cloud-utils-growpart
dracut -f -v
Create a a personal image from that instance
Use the personal image to launch a new instance. At boot, it will be the larger size

How can I re-download the pem file in AWS EC2?

I made a key pair pem file called "test.pem", and I downloaded to my PC.
I made a new instance with this pem file.
Now I am in a different pc, and I don't have this pem file in my local, and my previous pc is in the middle of the sea (shipping).
How can I re-download the "test.pem" file again?

No, you cannot download .pem file again. You can download the .pem file ONLY once and that is when you create a new key-pair.

You can not download such security key files more than once.
You can reuse them for multiple instances.
The best thing you can do is:
Download it
store it at S3 (Of course in a private access bucket.)

You can recover you machine even if you lost pem file, there is a way:
1.create new instance with same region and VPC.
2.stop old machine (do not terminate).
3.Goto EBS , detach the root volume of old machine.
4.Now time to attach new volume to new instance(/dev/sdf).but this newly
attached volume will
be secondary for new instance because it will have its default root
volume.
5.Login to new machine and follow below steps:
# mount /dev/xvdf1 /mnt
# cp /root/.ssh/authorized_keys /mnt/root/.ssh/
# umount /mnt
detach secondary volume from new instance.
Attach this volume back to old instance.
login back to old machine using pem file you got at time of creation of
new instance for recovery.

You cannot re download the pem file or psk file again.
SOLUTION
Go to network and security --> key-pair
Create new Key pair , SAVE IT NOW
Delete the original one
You are good to go

My notes from doing this recently.
There's a few traps for the unwary and tools which might be unfamiliar to some.
Step 1) Detach your root volume from your machine using AWS console.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html
Amazon EC2 console > dashboard > instances > select instance > copy instance id i-06d2680a4d94c4f59 (29-5-22_flask_gunicorn_nginx)
instance must be in stopped state. (check dashboard as takes a few seconds after telling to stop)
Amazon EC2 console > dashboard > volumes > select volume with matching instance ID. vol-02e720595d57d3591
'actions' dropdown > detach
Step 2) Launch a fresh EC2 instance(Not from your old machine AMI)
(same region and Virtual private cloud)
take note of the new instance id : i-blah
Step 3) Attach your old volume to new EC2 machine
amazon EC2 console > EC2 > Volumes > selected volume.
refresh page after disconnecting the volume to update the 'actions' drop down > 'attach volume'
select the new EC2 instance
wait & refresh page until "Attached Instances" shows "attached"
Volume ID vol-blah
Attached Instances i-blah : /dev/sdf (attached)
Step 4) Now login to new ec2 machine and mount the old EBS volume
list the available disks
lsblk
#------------------------
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop0 7:0 0 26.6M 1 loop /snap/amazon-ssm-agent/5163
loop1 7:1 0 55.5M 1 loop /snap/core18/2344
loop2 7:2 0 61.9M 1 loop /snap/core20/1405
loop3 7:3 0 79.9M 1 loop /snap/lxd/22923
loop4 7:4 0 43.6M 1 loop /snap/snapd/15177
xvda 202:0 0 8G 0 disk
├─xvda1 202:1 0 7.9G 0 part /
├─xvda14 202:14 0 4M 0 part
└─xvda15 202:15 0 106M 0 part /boot/efi
xvdf 202:80 0 8G 0 disk
├─xvdf1 202:81 0 7.9G 0 part
├─xvdf14 202:94 0 4M 0 part
└─xvdf15 202:95 0 106M 0 part
#------------------------
sudo file -s /dev/xvda
/dev/xvda: DOS/MBR boot sector, extended partition table (last)
sudo file -s /dev/xvdf
/dev/xvdf: DOS/MBR boot sector, extended partition table (last)
#check file type used on existing volume
mount | grep "^/dev"
/dev/xvda1 on / type ext4 (rw,relatime,discard,errors=remount-ro)
/dev/xvda15 on /boot/efi type vfat (rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro)
sudo mkfs -t ext4 /dev/xvdf
sudo mkdir /newvolume
sudo mount /dev/xvdf /newvolume/
#check file type used on existing volume
mount | grep "^/dev"
/dev/xvda1 on / type ext4 (rw,relatime,discard,errors=remount-ro)
/dev/xvda15 on /boot/efi type vfat (rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro)
/dev/xvdf on /newvolume type ext4 (rw,relatime)
$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop0 7:0 0 26.6M 1 loop /snap/amazon-ssm-agent/5163
loop1 7:1 0 55.5M 1 loop /snap/core18/2344
loop2 7:2 0 61.9M 1 loop /snap/core20/1405
loop3 7:3 0 79.9M 1 loop /snap/lxd/22923
loop4 7:4 0 43.6M 1 loop /snap/snapd/15177
xvda 202:0 0 8G 0 disk
├─xvda1 202:1 0 7.9G 0 part /
├─xvda14 202:14 0 4M 0 part
└─xvda15 202:15 0 106M 0 part /boot/efi
xvdf 202:80 0 8G 0 disk /newvolume
#check the disk space to validate the volume mount.
cd /newvolume
df -h .
Step 5) Now go to that partition then visit home directory inside that machine and go to .ssh folder.
cd ~/.ssh
cat authorized_keys
Step 6) Now generate a new private and public key. Then paste public key into authorized_keys file.
nb: since login was setup during this ec2 instance creation, this step already complete.
Step 7) Once you done with above steps, detach that volume from this ec2 machine.
stop the new instance, wait for instance to stop.
detach new volume, wait for volume to detach.
Step 8) Now attach this volume to your old machine as root volume
attach new volume to old instance as /dev/sda1 (see prompt as this attaches as root), wait for volume to attach.
start new instance, wait for start to complete.
nb: this error will occur if new volume not attached as root.
Failed to start the instance i-06dblah
Invalid value 'i-06dblah' for instanceId. Instance does not have a volume attached at root (/dev/sda1)
Step 9) Now try to login to your old machine with the newly generated key.
cd ~
sudo ssh-keygen -f "/root/.ssh/known_hosts" -R "xxx.xxx.xxx.xxx"
sudo ssh -i my_key_filename.pem ubuntu#xxx.xxx.xxx.xxx
can then remount your original volume and copy across files to retrieve.
it's worth noting here : all ssh access should be locked down to specific IP's and should be using key rotation tools. It's likely ppl will find this SE post due to their security being breached.

Login to old instance via ftp/sftp and download the key to your pc.