Amazon Elastic Compute Cloud User Guide API Version 2014-06-15 Amazon Elastic Compute Cloud User Guide Amazon Elastic Compute Cloud: User Guide Copyright © 2014 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. The following are trademarks of Amazon Web Services, Inc.: Amazon, Amazon Web Services Design, AWS, Amazon CloudFront, Cloudfront, Amazon DevPay, DynamoDB, ElastiCache, Amazon EC2, Amazon Elastic Compute Cloud, Amazon Glacier, Kindle, Kindle Fire, AWS Marketplace Design, Mechanical Turk, Amazon Redshift, Amazon Route 53, Amazon S3, Amazon VPC. In addition, Amazon.com graphics, logos, page headers, button icons, scripts, and service names are trademarks, or trade dress of Amazon in the U.S. and/or other countries. Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon. Amazon Elastic Compute Cloud User Guide Table of Contents What Is Amazon EC2?................................................................................................................... 1 Features of Amazon EC2........................................................................................................ 1 How to Get Started with Amazon EC2....................................................................................... 2 Related Services................................................................................................................... 2 Accessing Amazon EC2 ......................................................................................................... 3 Pricing for Amazon EC2 ......................................................................................................... 3 Instances and AMIs ............................................................................................................... 4 Instances ..................................................................................................................... 4 AMIs ........................................................................................................................... 6 Regions and Availability Zones ................................................................................................ 7 Region and Availability Zone Concepts.............................................................................. 7 Describing Your Regions and Availability Zones.................................................................. 9 Specifying the Region for a Resource.............................................................................. 11 Launching Instances in an Availability Zone...................................................................... 12 Migrating an Instance to Another Availability Zone............................................................. 13 Root Device Volume............................................................................................................. 13 Root Device Storage Concepts ...................................................................................... 14 Choosing an AMI by Root Device Type............................................................................ 15 Determining the Root Device Type of Your Instance............................................................ 16 Changing the Root Device Volume to Persist.................................................................... 16 Setting Up .................................................................................................................................. 19 Sign Up for AWS ................................................................................................................. 19 Create an IAM User ............................................................................................................. 20 Create a Key Pair ................................................................................................................ 21 Create a Virtual Private Cloud (VPC)....................................................................................... 23 Create a Security Group ....................................................................................................... 23 Getting Started............................................................................................................................ 25 Step 1: Launch an Instance................................................................................................... 26 Step 2: Connect to Your Instance............................................................................................ 27 Option 1: Connect Using Your Browser............................................................................ 28 Option 2: Connect from Windows Using PuTTY................................................................. 29 Option 3: Connect from Mac or Linux Using an SSH Client.................................................. 30 Step 3: Add a Volume........................................................................................................... 30 Step 4: Clean Up................................................................................................................. 33 Best Practices............................................................................................................................. 35 Tutorial: Installing a LAMP Web Server............................................................................................ 37 Tutorial: Hosting a WordPress Blog................................................................................................. 43 Amazon Machine Images.............................................................................................................. 51 Using an AMI...................................................................................................................... 51 Creating Your Own AMI......................................................................................................... 52 Buying, Sharing, and Selling AMIs.......................................................................................... 52 Deregistering Your AMI ......................................................................................................... 52 Amazon Linux ..................................................................................................................... 52 AMI Types .......................................................................................................................... 53 Launch Permissions..................................................................................................... 53 Storage for the Root Device........................................................................................... 53 Virtualization Types .............................................................................................................. 56 Finding a Suitable AMI.......................................................................................................... 57 Finding an AMI Using the Amazon EC2 Console............................................................... 57 Finding an AMI Using the Command Line........................................................................ 57 Shared AMIs....................................................................................................................... 58 Finding Shared AMIs.................................................................................................... 58 Making an AMI Public................................................................................................... 61 Sharing an AMI with Specific AWS Accounts.................................................................... 62 Using Bookmarks ........................................................................................................ 64 API Version 2014-06-15 iii Amazon Elastic Compute Cloud User Guide Guidelines for Shared Linux AMIs................................................................................... 64 Paid AMIs........................................................................................................................... 68 Selling Your AMI .......................................................................................................... 69 Finding a Paid AMI....................................................................................................... 69 Purchase a Paid AMI.................................................................................................... 70 Getting the Product Code for Your Instance...................................................................... 71 Using Paid Support...................................................................................................... 71 Bills for Paid and Supported AMIs................................................................................... 71 Managing Your AWS Marketplace Subscriptions................................................................ 72 Creating an Amazon EBS-Backed Linux AMI............................................................................ 72 Overview of the Creation Process for Amazon EBS-Backed AMIs........................................ 73 Creating the AMI from an Instance.................................................................................. 73 Creating an AMI from a Snapshot................................................................................... 75 Creating an Instance Store-Backed Linux AMI.......................................................................... 75 Overview of the Creation Process for Instance Store-Backed AMIs....................................... 76 Prerequisites .............................................................................................................. 76 Creating an AMI from an Instance Store-Backed Linux Instance........................................... 77 Converting your Instance Store-Backed AMI to an Amazon EBS-Backed AMI......................... 81 Copying an AMI................................................................................................................... 84 AMI Copy ................................................................................................................... 84 Copying an Amazon EC2 AMI........................................................................................ 85 Stopping a Pending AMI Copy Operation......................................................................... 86 Deregistering Your AMI ......................................................................................................... 86 Cleaning Up Your Amazon EBS-Backed AMI.................................................................... 86 Cleaning Up Your Instance Store-Backed AMI................................................................... 87 Amazon Linux ..................................................................................................................... 88 Finding the Amazon Linux AMI....................................................................................... 88 Launching and Connecting to an Amazon Linux Instance.................................................... 89 Identifying Amazon Linux AMI Images............................................................................. 89 Included AWS Command Line Tools................................................................................ 90 cloud-init .............................................................................................................. 90 Repository Configuration............................................................................................... 92 Adding Packages......................................................................................................... 92 Accessing Source Packages for Reference ...................................................................... 93 Developing Applications................................................................................................ 93 Instance Store Access.................................................................................................. 93 Product Life Cycle........................................................................................................ 93 Security Updates ......................................................................................................... 94 Support...................................................................................................................... 94 PV-GRUB........................................................................................................................... 95 Limitations of PV-GRUB................................................................................................ 95 Configuring GRUB ....................................................................................................... 96 Amazon PV-GRUB Kernel Image IDs.............................................................................. 96 Updating PV-GRUB...................................................................................................... 99 Instances.................................................................................................................................. 101 Instance Types .................................................................................................................. 101 Available Instance Types ............................................................................................. 102 Hardware Specifications.............................................................................................. 103 T2 Instances ............................................................................................................. 103 I2 Instances .............................................................................................................. 106 HI1 Instances............................................................................................................ 108 HS1 Instances........................................................................................................... 110 R3 Instances............................................................................................................. 111 GPU Instances .......................................................................................................... 113 T1 Micro Instances..................................................................................................... 115 EBS-Optimized Instances............................................................................................ 122 Placement Groups ..................................................................................................... 123 Resizing Instances ..................................................................................................... 126 API Version 2014-06-15 iv Amazon Elastic Compute Cloud User Guide Spot Instances .................................................................................................................. 129 Quick Look: Getting Started with Spot Instances Video..................................................... 129 Checklist for Getting Started with Spot Instances............................................................. 129 Getting Started with Spot Instances .............................................................................. 130 Fundamentals of Spot Instances................................................................................... 142 Walkthroughs: Using Spot Instances with AWS Services................................................... 157 Advanced Tasks......................................................................................................... 176 Reserved Instances............................................................................................................ 181 Reserved Instance Overview........................................................................................ 181 Getting Started with Reserved Instances........................................................................ 182 Reserved Instance Fundamentals................................................................................. 187 Buying Reserved Instances ......................................................................................... 199 Obtaining Information About Your Reserved Instances...................................................... 209 Modifying Your Reserved Instances............................................................................... 214 Selling in the Reserved Instance Marketplace................................................................. 224 Requirements Checklist for Reserved Instances.............................................................. 250 Instance Metadata and User Data......................................................................................... 252 Retrieving Instance Metadata....................................................................................... 253 Retrieving User Data .................................................................................................. 255 Retrieving Dynamic Data............................................................................................. 256 Example: AMI Launch Index Value................................................................................ 256 Instance Metadata Categories...................................................................................... 259 Importing and Exporting Instances........................................................................................ 263 Prerequisites............................................................................................................. 264 Importing a VM into Amazon EC2................................................................................. 266 Exporting Amazon EC2 Instances................................................................................. 276 Troubleshooting ......................................................................................................... 277 Instance Lifecycle ...................................................................................................................... 282 Instance Launch ................................................................................................................ 282 Instance Stop and Start (Amazon EBS-backed instances only).................................................. 283 Instance Reboot ................................................................................................................ 283 Instance Retirement ........................................................................................................... 283 Instance Termination .......................................................................................................... 284 Differences Between Reboot, Stop, and Terminate................................................................... 284 Launch............................................................................................................................. 285 Launching an Instance................................................................................................ 286 Launching an Instance from a Backup........................................................................... 292 Launching an AWS Marketplace Instance....................................................................... 292 Connect ........................................................................................................................... 295 Connect Using SSH ................................................................................................... 295 Connect Using PuTTY ................................................................................................ 299 Connect Using MindTerm ............................................................................................ 304 Connect Using RDP ................................................................................................... 305 Stop and Start................................................................................................................... 307 Overview .................................................................................................................. 308 Stopping and Starting Your Instances ............................................................................ 309 Modifying a Stopped Instance ...................................................................................... 310 Troubleshooting ......................................................................................................... 310 Reboot............................................................................................................................. 310 Retire............................................................................................................................... 311 Identifying Instances Scheduled for Retirement............................................................... 311 Working with Instances Scheduled for Retirement............................................................ 312 Terminate ......................................................................................................................... 313 Instance Termination .................................................................................................. 314 Terminating an Instance.............................................................................................. 314 Enabling Termination Protection.................................................................................... 315 Changing the Shutdown Behavior................................................................................. 316 Preserving Amazon EBS Volumes on Instance Termination............................................... 316 API Version 2014-06-15 v Amazon Elastic Compute Cloud User Guide Troubleshooting ......................................................................................................... 319 Configure Instances ................................................................................................................... 320 Common Configuration Scenarios......................................................................................... 320 Managing Software ............................................................................................................ 321 Updating Instance Software......................................................................................... 321 Adding Repositories ................................................................................................... 325 Finding Software Packages.......................................................................................... 326 Installing Software Packages........................................................................................ 327 Preparing to Compile Software..................................................................................... 328 Managing Users ................................................................................................................ 329 Set the Time for an Instance................................................................................................ 330 Changing the Time Zone............................................................................................. 331 Configuring Network Time Protocol (NTP)...................................................................... 332 Changing the Hostname...................................................................................................... 334 Changing the System Hostname................................................................................... 334 Changing the Shell Prompt Without Affecting the Hostname.............................................. 335 Using Dynamic DNS........................................................................................................... 336 Launching Instances with User Data...................................................................................... 338 User Data and Shell Scripts......................................................................................... 339 User Data and cloud-init Directives.......................................................................... 340 Monitoring ................................................................................................................................ 342 Automated and Manual Monitoring........................................................................................ 343 Automated Monitoring Tools......................................................................................... 343 Manual Monitoring Tools.............................................................................................. 344 Best Practices for Monitoring................................................................................................ 345 Monitoring the Status of Your Instances.................................................................................. 345 Monitoring Instances with Status Checks ....................................................................... 345 Monitoring Events for Your Instances............................................................................. 350 Monitoring Your Instances with CloudWatch............................................................................ 353 Enabling or Disabling Detailed Monitoring on an Amazon EC2 Instance............................... 354 View Amazon EC2 Metrics .......................................................................................... 357 Get Statistics for Metrics ............................................................................................. 363 Graphing Metrics ....................................................................................................... 380 Create a CloudWatch Alarm......................................................................................... 384 Create Alarms That Stop or Terminate an Instance........................................................... 391 Monitoring Scripts for Amazon EC2 Instances......................................................................... 406 Amazon CloudWatch Monitoring Scripts for Linux............................................................ 406 Amazon CloudWatch Monitoring Scripts for Windows....................................................... 412 Network and Security ................................................................................................................. 422 Key Pairs.......................................................................................................................... 423 Creating Your Key Pair Using Amazon EC2..................................................................... 423 Importing Your Own Key Pair to Amazon EC2.................................................................. 425 Retrieving the Public Key for Your Key Pair...................................................................... 426 Verifying Your Key Pair's Fingerprint .............................................................................. 427 Deleting Your Key Pair................................................................................................. 428 Connecting to Your Instance if You Lose Your Private Key.................................................. 428 Security Groups................................................................................................................. 431 Security Groups for EC2-Classic................................................................................... 431 Security Groups for EC2-VPC...................................................................................... 431 Security Group Rules ................................................................................................. 432 Default Security Groups .............................................................................................. 433 Custom Security Groups ............................................................................................. 433 Creating a Security Group........................................................................................... 434 Describing Your Security Groups................................................................................... 435 Adding Rules to a Security Group................................................................................. 435 Deleting Rules from a Security Group............................................................................ 436 Deleting a Security Group............................................................................................ 437 API and Command Overview....................................................................................... 437 API Version 2014-06-15 vi Amazon Elastic Compute Cloud User Guide Controlling Access ............................................................................................................. 438 Network Access to Your Instance.................................................................................. 438 Amazon EC2 Permission Attributes............................................................................... 439 IAM and Amazon EC2 ................................................................................................ 439 IAM Policies .............................................................................................................. 440 IAM Roles................................................................................................................. 469 Network Access......................................................................................................... 475 Amazon VPC .................................................................................................................... 477 Benefits of Using a VPC.............................................................................................. 477 Differences Between EC2-Classic and EC2-VPC............................................................. 491 Amazon VPC Documentation....................................................................................... 479 Supported Platforms................................................................................................... 480 Migrating from EC2-Classic to a VPC............................................................................ 482 Instance IP Addressing ....................................................................................................... 489 Private Addresses and Internal DNS Hostnames............................................................. 489 Public IP Addresses and External DNS Hostnames......................................................... 490 Differences Between EC2-Classic and EC2-VPC............................................................. 491 Determining Your Public, Private, and Elastic IP Addresses............................................... 491 Assigning a Public IP Address...................................................................................... 492 Multiple Private IP Addresses....................................................................................... 493 Elastic IP Addresses........................................................................................................... 498 Elastic IP Addresses in EC2-Classic.............................................................................. 498 Elastic IP Addresses in a VPC...................................................................................... 499 Differences Between EC2-Classic and EC2-VPC............................................................. 499 Allocating an Elastic IP Address ................................................................................... 500 Describing Your Elastic IP Addresses............................................................................. 500 Associating an Elastic IP Address with a Running Instance............................................... 501 Associating an Elastic IP Address with a Different Running Instance................................... 501 Releasing an Elastic IP Address................................................................................... 502 Using Reverse DNS for Email Applications..................................................................... 502 Elastic IP Address Limit .............................................................................................. 502 Elastic Network Interfaces ................................................................................................... 503 Private IP Addresses Per ENI Per Instance Type.............................................................. 504 Creating a Management Network.................................................................................. 505 Use Network and Security Appliances in Your VPC.......................................................... 506 Creating Dual-homed Instances with Workloads/Roles on Distinct Subnets.......................... 506 Create a Low Budget High Availability Solution................................................................ 506 Best Practices for Configuring Network Interfaces............................................................ 507 Configuring Your Network Interface Using ec2-net-utils..................................................... 507 Creating a Network Interface........................................................................................ 508 Deleting a Network Interface........................................................................................ 509 Viewing Details about a Network Interface...................................................................... 509 Attaching a Network Interface When Launching an Instance.............................................. 510 Attaching a Network Interface to a Stopped or Running Instance........................................ 511 Detaching a Network Interface from an Instance.............................................................. 511 Changing the Security Group of a Network Interface........................................................ 512 Changing the Source/Destination Checking of a Network Interface..................................... 512 Associating an Elastic IP Address with a Network Interface............................................... 513 Disassociating an Elastic IP Address from a Network Interface........................................... 513 Changing Termination Behavior for a Network Interface.................................................... 514 Adding or Editing a Description for a Network Interface..................................................... 515 Adding or Editing Tags for a Network Interface................................................................ 515 Enhanced Networking......................................................................................................... 516 Requirements............................................................................................................ 516 Using Amazon Linux................................................................................................... 516 Using Linux Distributions Other Than Amazon Linux......................................................... 517 Testing Whether Enhanced Networking Is Enabled........................................................... 519 Storage .................................................................................................................................... 521 API Version 2014-06-15 vii Amazon Elastic Compute Cloud User Guide Amazon EBS .................................................................................................................... 523 Features of Amazon EBS............................................................................................ 523 EBS Volumes ............................................................................................................ 524 EBS Snapshots ......................................................................................................... 563 EBS Encryption ......................................................................................................... 569 EBS Performance ...................................................................................................... 571 API and Command Overview....................................................................................... 587 Instance Store................................................................................................................... 589 Instance Storage Concepts ......................................................................................... 589 Instance Stores Available on Instance Types................................................................... 590 Instance Store Swap Volumes...................................................................................... 592 Instance Store Device Names...................................................................................... 594 Instance Store Usage Scenarios .................................................................................. 594 Adding Instance Store Volumes to an AMI...................................................................... 597 Optimizing Disk Performance ....................................................................................... 598 Amazon S3....................................................................................................................... 598 Amazon S3 and Amazon EC2...................................................................................... 599 Block Device Mapping ........................................................................................................ 600 Block Device Mapping Concepts................................................................................... 601 AMI Block Device Mapping.......................................................................................... 604 Instance Block Device Mapping.................................................................................... 606 Using Public Data Sets ....................................................................................................... 611 Public Data Set Concepts............................................................................................ 611 Finding Public Data Sets............................................................................................. 611 Creating a Public Data Set Volume from a Snapshot........................................................ 612 Attaching and Mounting the Public Data Set Volume......................................................... 613 Resources and Tags................................................................................................................... 614 Resource Locations............................................................................................................ 614 Listing and Filtering Your Resources...................................................................................... 615 Listing Resources Using the Console ............................................................................ 616 Filtering Resources Using the Console.......................................................................... 616 Listing and Filtering Using the CLI and API..................................................................... 617 Tagging Your Resources...................................................................................................... 618 Tag Basics................................................................................................................ 618 Tag Restrictions......................................................................................................... 619 Tagging Your Resources for Billing ................................................................................ 620 Working with Tags in the Console.................................................................................. 620 API and CLI Overview................................................................................................. 625 Service Limits.................................................................................................................... 626 Viewing Your Current Limits ......................................................................................... 626 Requesting a Limit Increase......................................................................................... 627 Usage Reports .................................................................................................................. 627 Available Reports....................................................................................................... 627 Getting Set Up for Usage Reports................................................................................. 627 Granting IAM Users Access to the Amazon EC2 Usage Reports........................................ 629 Instance Usage ......................................................................................................... 629 Reserved Instance Utilization....................................................................................... 633 Troubleshooting ......................................................................................................................... 639 Launching Your Instance ..................................................................................................... 639 Getting the Reason for Instance Termination................................................................... 640 Connecting to Your Instance................................................................................................. 640 Error connecting to your instance: Connection timed out................................................... 641 Error: User key not recognized by server........................................................................ 642 Error: Host key not found, Permission denied (publickey), or Authentication failed, permission denied ..................................................................................................................... 643 Error: Unprotected Private Key File ............................................................................... 644 Error: Server refused our key or No supported authentication methods available................... 644 Error using MindTerm on Safari Browser........................................................................ 645 API Version 2014-06-15 viii Amazon Elastic Compute Cloud User Guide Error Using Mac OS X RDP Client................................................................................ 645 Stopping Your Instance........................................................................................................ 645 Terminating Your Instance.................................................................................................... 646 Delayed Instance Termination....................................................................................... 646 Automatically Launch or Terminate Instances.................................................................. 647 Failed Status Checks.......................................................................................................... 647 Initial Steps You Can Take............................................................................................ 647 Troubleshooting Instance Status Checks for Linux-Based Instances.................................... 648 Out of memory: kill process.......................................................................................... 649 ERROR: mmu_update failed (Memory management update failed)..................................... 649 I/O error (Block device failure)...................................................................................... 650 IO ERROR: neither local nor remote disk (Broken distributed block device).......................... 651 request_module: runaway loop modprobe (Looping legacy kernel modprobe on older Linux versions) .................................................................................................................. 652 "FATAL: kernel too old" and "fsck: No such file or directory while trying to open /dev" (Kernel and AMI mismatch) ................................................................................................... 653 "FATAL: Could not load /lib/modules" or "BusyBox" (Missing kernel modules)........................ 654 ERROR Invalid kernel (EC2 incompatible kernel)............................................................. 655 request_module: runaway loop modprobe (Looping legacy kernel modprobe on older Linux versions) .................................................................................................................. 656 fsck: No such file or directory while trying to open... (File system not found).......................... 657 General error mounting filesystems (Failed mount)........................................................... 659 VFS: Unable to mount root fs on unknown-block (Root filesystem mismatch)........................ 661 Error: Unable to determine major/minor number of root device... (Root file system/device mis- match) .................................................................................................................... 662 XENBUS: Device with no driver..................................................................................... 663 ... days without being checked, check forced (File system check required)............................ 664 fsck died with exit status... (Missing device)..................................................................... 665 GRUB prompt (grubdom>)........................................................................................... 666 Bringing up interface eth0: Device eth0 has different MAC address than expected, ignoring. (Hard-coded MAC address) ........................................................................................ 668 Unable to load SELinux Policy. Machine is in enforcing mode. Halting now. (SELinux miscon- figuration) ................................................................................................................. 669 XENBUS:Timeout connecting to devices (Xenbus timeout)............................................... 669 Instance Capacity .............................................................................................................. 670 Error: InsufficientInstanceCapacity ................................................................................ 670 Error: InstanceLimitExceeded....................................................................................... 670 General ............................................................................................................................ 671 Instance Reboot ........................................................................................................ 671 Instance Console Output............................................................................................. 671 Instance Recovery When its Host Computer Fails............................................................ 672 Making API Requests ................................................................................................................. 673 Required Knowledge .......................................................................................................... 673 Available APIs for Amazon EC2............................................................................................ 673 Query Requests ................................................................................................................ 674 Structure of a GET Request......................................................................................... 675 Endpoints ................................................................................................................. 676 Query Parameters...................................................................................................... 676 Query API Authentication ............................................................................................ 676 Query Response Structures......................................................................................... 677 Troubleshooting API Request Errors...................................................................................... 678 Query API Request Rate............................................................................................. 678 Eventual Consistency ................................................................................................. 679 Unauthorized Operation .............................................................................................. 679 Ensuring Idempotency ........................................................................................................ 680 Idempotency Support ................................................................................................. 681 Example Idempotent Command.................................................................................... 682 Example Idempotent Query ......................................................................................... 682 API Version 2014-06-15 ix Amazon Elastic Compute Cloud User Guide SOAP Requests ................................................................................................................ 682 Logging API Calls .............................................................................................................. 683 Amazon EC2 Information in CloudTrail........................................................................... 683 Understanding Amazon EC2 Log File Entries.................................................................. 683 Document History ...................................................................................................................... 686 API Version 2014-06-15 x