AWS 'vol-xxxxxxx' with Marketplace codes may not be attached as as secondary device issue

I want to start this by saying that this method is immoral, in that is circumvents AWS Marketplace thereby robbing the dev of potential money, but at the same time, I feel it's necessary to ensuring data safety.

I recently had a crash on one of my AWS Marketplace Image created machines (CSF managed to block the gateway IP address!@!). I was aghast to find that I couldn't simply attach the volume to another machine and edit the .conf files.

After (LUCKILY) having the machine boot on its own (temp ban), I rectified the firewall situation and got thinking just how bad this could go down the track.

The answer was to shutdown original instance, create a snapshot from volume, then an image from that snapshot. Be sure to select the same kernel ID as the running machine to be safe. Create a volume that was the exact same size, format it in the same filesystem (ext4 in my case), shutdown all services then simply DD'd the contents of the root drive to the second drive. Test that new volume will boot as SDA1 on newly created instance. If so, shutdown and terminate old instance(MAKE NOTE OF INTERNAL AND EXTERNAL IP'S BEFORE HAND), Boot new instance with correct local IP's, attach external IPs to internal IP's and cross your fingers.

The second drive no longer identifies with marketplace codes and is therefore still mountable to other instances.

DISCLAIMER: I'm more than happy to pay the dev for usage of the original AMI, but until AWS give us a recovery console (they can limit it however they want) for simple tasks such as fsck and vi/NANO then i'm not going to play by their rules on this one.


Eric Hammond's from Quora, which can be summarised as "I doubt it".

No, it should not be possible to attach a root disk from an AWS Marketplace AMI to another instance.

If you find a way to do this, Amazon would likely consider it a security hole in protecting AWS Marketplace vendor software.

Looks like you're experiencing vendor lock-in.

I'm sorry, but I suspect there's sod all you can do about it. Start again from an open AMI, build out with Chef scripts, optionally integrate those with AWS OpsWorks to give you some kind of deployment mechanism.


No... and yes.

I spent several hours on this problem today and documented what I learned. The gist of it is that you can't exactly attach the volume to another device, but you can contact Amazon's support group, take a snapshot, share it with them, and they can give you a new snapshot that you can use to create a volume & recover your data.

Tags:

Ssh

Amazon Web Services

Related

Windows folder permissions, Administrators and UAC, what's the "right" way to deal with this? How can I create a swap partition on Amazon EC2 with ephemeral storage? Openvpn server not forwarding ping traffic from tun0 to eth0 for rest of the hosts in the subnet How to relay mail via Google account using Postfix runit - unable to open supervise/ok: file does not exist Sniff UNIX domain socket Connect to RDP & execute command from CLI Understanding RedHat's recommended tuned profiles How to use Salt Stack with minions all behind NAT (not publicly accessible, default salt ports not open)? What is the impact of disabling a printer's checkbox for "SNMP Status Enabled" with or without a print server inline? How to parse OpenFlow packets using tcpdump capture file programmatically What happens, if the server runs out of ports?

Recent Posts