An Amazon Machine Image (AMI) is a pre-configured operating system image that is used to create an EC2 instance within the Amazon cloud environment. AMI’s are unique per region and they not span across multiple regions, But AMI’s can be migrated across regions using the EC2 AMI copy function available as part of AWS Console, API and CLI. This feature helps customers to maintain consistent Amazon EC2 Multi region deployments and achieve higher availability. Since user-created AMIs are assigned a unique AMI ID within the region, when you configure Auto Scaling Launch configuration or AWS CloudFormation templates in target Amazon EC2 region, it is recommended to update the AMI ID references in these configurations/templates to match the ones that exist in the target region.
Following table illustrates the time it takes to copy EC2 AMI from Different Source and Destination Amazon EC2 regions. Data used was a 50 GB compressed file. Since AWS keeps improving their infrastructure every day, the time taken may vary in coming months/years. But the figures mentioned below can used as an reference to plan your Recovery time objectives and migrations:
EC2 AMI Copy for Different Amazon EC2 Regions Matrix:
Source Region
|
Destination region
|
Size |
Time Taken
|
USA-East
|
Singapore
|
50 GB
|
1 hr 21 min
|
USA-East
|
US-West (Oregon)
|
50 GB
|
27 min
|
USA-East
|
Europe (Ireland)
|
50 GB
|
41 min
|
Important points to note while implementing this are:
- Permissions and user-defined tags applied to the AMI in source region will not be copied to the target region during the AMI copy process. You will have to apply the permissions and tags in the target region after the copy process is completed.
- Imagine you have stored the database connection strings, ElastiCache End points, external IP address and other Integration end points in the AMI of the source region. When you migrate this AMI to the target region these end points might not exist. Worst scenario, if these source end points are accessible over internet like S3, CloudSearch assets etc, you will end up accessing resources from target region itself. This will cause latency issues, performance problems and cost leakage.
- Some best practices to be followed are:
- Prior to copying an AMI from Source region, you must manually ensure that the contents of the source AMI are updated to support running in a different region. It is recommended to add this step as part of your operation process during Cross region migration activities to avoid problems
- Automate the download of configuration information to EC2 from S3 using user data and other scripts in the respective regions. This way when the migration happens to target region, the configuration files and scripts can be downloaded to EC2 instance from the S3 of the target region. This mechanism keeps the end points in tune with respective regions.
- If you are running Java based environment, use NetFlix Archaius to dynamically source properties from multiple configuration stores inside an Amazon EC2 region. Archaius includes a set of java configuration management APIs and is primarily implemented as an extension of Apache's Commons Configuration Library. Refer https://github.com/Netflix/archaius/wiki/Overview
How to use EC2 AMI Copy feature between Amazon EC2 Regions ?
Step 1) Login to the AWS Console at https://console.aws.amazon.com/ec2/
In the navigation pane, click the AMI menu under the Images section
Step 2) Select the AMI ID to copy from the source Amazon EC2 region, click Actions Button and select Copy action.
Step 3) In the EC2 AMI Copy page > Mention the destination region, Name of the AMI and Description and then click Copy
Destination Region: The Target region to which the AMI should be copied. In this case we are copying to Amazon EC2 Asia Pacific (Singapore).
Name: Name of the New Target AMI
Description: Description about the AMI. By default below description will be available for use
Step 4) When the Copy process is initiated a new AMI ID will be provided in the screen. Once noted, Click Done button
Step 5) To check the progress of the copy process, Choose the EC2 Console of the Asia-Pacific(Destination) region and view the new AMI.
In the above figure we can see that Copy Status is pending. Once the copy process is completed the status will be changed to "available" from "pending".
Step 6) If you wish to cancel the copy process you can right click on the New AMI in the Source Region and select Deregister option. This will stop the AMI copy process.
No comments:
Post a Comment