After I initiated an Amazon ECS following their tutorial (But I don't recall there is one step that asks me for the key-pair information.)
After I set it up, I found that there is an extra EC2 in my EC2 instance list that starts to charge me money. I wonder what that EC2 is doing.
Is it the EC2 that is associated with ECS that I can start to build my own server on?
If so, how can I log into it? (There is no key-pair information for me to log in. It says I need to log in via valid username-password pair, but I don't even know my username.)
If not, how can I kill it? (Directly terminating it in EC2 service is not helping since it seems ECS will just start another one)
The username will be ec2-user. ECS creates a launch configuration in which you can set key pair
ECS creates an autoscaling group you can find it under ec2/autoscaling/home you can edit this group and set min and desired to 0 this will shut down the instance automatically.
Related
I have an EC2 instance managed by Elastic Beanstalk, and I recently changed my key pair to a new one (findy-key-2) by modifying authorized_keys, because I lost my old private key (findy-key).
$ cat authorized_keys
ssh-rsa [my private key] findy-key-2
So right now I have ssh access to my own instance.
However, perhaps because I changed the key pair manually, it seems that EC2 doesn't recognize the new key pair name correctly. In the EC2 console, it still says the key pair name is findy-key, which I already deleted.
And because of that, I'm getting the error below when trying to upgrade to Amazon Linux 2 on the EB dashboard.
Configuration validation exception: Invalid option value: 'findy-key' (Namespace: 'aws:autoscaling:launchconfiguration', OptionName: 'EC2KeyName'): The key pair 'findy-key' does not exist
I noticed that under Elastic Beanstalk Dashboard > Configuration > Security, I can choose the new key from the EC2 key pair drop-down. But the warning message, Each of your existing EC2 instances will be replaced and your new settings will take effect then. implying that my current instance will be terminated, is frightening me because there might be some side effects such as loosing connection to my RDS volume (yes, I'm a newbie to AWS).
Hence, I'm trying to find a way to change the key pair name of an EC2 instance without terminating and creating a new one. If that's not possible, I want to know what are the possible side effects of replacing an EC2 instance.
Thank you.
For short term solution, you can use AWS Systems Manager Session Manager to login to your instances. For this you will need to add SSM permissions to your EB instance profile/role.
You can also try using EC2 Instance Connect which may work out of the box on the instances and you don't have to do anything special to use it.
But for the long term solution, you have to use EB options for that. The reason is that you instances run in Autoscaling group and they can be terminated at any time anyway. So if you are worrying about "some side effects", they you have to redesign your application so that it is stateless. This means that your application does not depend on any instance terminations and re-launch due to autoscaling events.
I solved this by creating another private key named findy-key (which is the name of the old key I deleted before) in AWS Console, and adding its public key in authorized_keys.
I got the mail from Amazon regarding my EC2 as follows:
EC2 has detected degradation of the underlying hardware hosting your Amazon EC2 instance (instance-ID: xxxxxxxx) associated with your AWS account (AWS Account ID: xxxxxx) in the ap-south-1 region. Due to this degradation your instance could already be unreachable. We will stop your instance after 2020-12-29 22:00:00 UTC. Please take appropriate action before this time.
The affected instances are listed below:
xxxxxxx
So what would I do now to keep my data safe ?
AWS provides guides on what to do when an instance is about to be retired:
What do I need to know when my Amazon EC2 instance is scheduled for retirement?
The easiest way would be to stop/start the instance:
You are required to stop and then start the instance at your preferred time before the instance retirement date. Stopping and starting the instance moves the instance to another healthy host.
However, exact details depend on your instance type (e.g. EBS based or instance store based), thus please read the guide in the link provided to understand your options which are mostly determined on your actual EC2 instance setup.
I'm launching an EC2 instance in AWS. And there is an auto-created EC2 instance, named Test-env. Every time I terminated it, AWS would auto-created a new one for me. is there any way to terminate the auto-created instance and prevent it from creating a new one?
Shown in the picture above, I terminated the Test-env twice, and AWS just created a new Test-env for me.
Thank a lot.
It seems like you have been using Elastic Beanstalk. If you open up that section of the AWS Management Console, you can delete the application/environment from there. This will bring down the instance as well. When you terminate the Elastic Beanstalk instance manually through the EC2 section, the system thinks that it has failed and will launch a replacement.
Reference: https://forums.aws.amazon.com/thread.jspa?threadID=115913
It seems that AutoScaling group configuration is present for the EC2 instance Test-env.
Can you please check under EC2 -> AutoScaling Groups -> Test-env -> Scaling Policies?
It seems that ScaleUp Policy has been configured for that instance. It means that whenever total number of EC2 instances are less than or equal to 0 (or any limit which was set) then spawn new one.
You need to update these policies or remove it as per your need.
Other than Elastic Beanstalk and AutoScaling group,
another possibility is you have
an on-going Spot Request.
You can cancel it in order to prevent the instance from recreating.
EC2 -> Instances -> Spot Requests
Then, Actions -> Cancel Request
I am running amazon AWS ECS container which creates one single instance of EC2. I made sure that it is 1 instance when I created ECS.
My issue is that I have another instance running in EC2 and amazon has sent me an email that I am using double of the free quota and will be charged.
But I am not sure why this second EC2 instance is coming from.
I have terminated it many times but it is recreated. When I terminate it, this is the prompt i receive which advises me that it is created from EBS but there is no app in EBS
On an EBS-backed instance, the default action is for the root EBS volume to be deleted when the instance is terminated.
Storage on any local drives will be lost.
This name of the instance is.
ECS Instance - amazon-ecs-cli-setup-ecs-cricketscorer
Please help.
check if you have any Auto Scaling Groups that you do not recognize. It is most probably being created because of it. If not, change your account password and deactivate/delete your existing AccessKeys.
I'm running custom transactional tasks on my EC2 instances. The decision to shutdown or not an instance is taken under many conditions by special process running on this instance. The termination should be done by instance itself, because Autoscaling Group does not know when data processing is finish. Do the following steps are consistent with the philosophy of AWS?
Creates AMI with option: "Shutdown behaviour: Terminate".
Autoscaling group creates a new instance with option "Protect From Scale In".
Custom process on EC2 calls command:
$ sudo shutdown -P now
to terminate an instance in proper time.
Is that correct? Or maybe AWS has some tools to do that, eg. emit special signal to terminate an instance?
Thank you
That process has one issue I believe:
In step 1, the "Shutdown behaviour: Terminate" option is not an AMI level setting. It is a launch time setting, for instances launched outside of an autoscaling group.
Within an Autoscaling Group, there is no option to configure a Launch Configuration with the equivalent of "Shutdown behaviour: Terminate". Presumably, ASG instances must be terminated during scale in events.
The simple approach would be to have the instance call the AWS CLI terminate-instances command:
aws ec2 terminate-instances --instance-ids i-xxxxxxxx
You would need to acquire the instance id from the AWS Metadata in order to run the terminate-instances command.
We have a similar pattern, but getting a working solution seems kludgy. We do it a little differently:
Start with Protect From Scale In
When processing is complete, have the instance turn of it's "Protect From Scale In" flag
Have instance trigger the Scale-In policy, by reducing count by 1.
ASG then terminates this instance and doesn't restart a new one because scale in was called
One of the things I don't like about this is that you end up with creating the IAM Role for the EC2 instances, then create the ASG, then go back and update the IAM Role, to give it permissions to SetInstanceProtection and ExecutePolicy for it's own group. You need to do this because we couldn't figure out how to create a policy that referenced the autoscalegroup that the caller is in.
Did you ever resolve this with a different solution?