Linux | Cloud | DevOps | Scripting

Breaking

EBS


Practicals Covered:
Practical #1: Attach a new Disk in Windows Instance ('win-srv2008').
Practical #2: Create a new volume named 'linux-2nd-volume' and attach this to a Linux instance 'lin-srv1'.
Practical #3: Secondary disk named '/dev/xvdf' is mounted at '/app1' directory. Migrate this disk into another Linux instance named 'lin-srv2' with data.
Practical #4: Increase the 'root' volume size of 'lin-srv1' instance, from 8 GB to 12 GB live, with no downtime.
Practical #5: Increase the size of the secondary disk in Linux.
Practical #6: Recover key using EBS in Linux Instance in AWS.
Practical #7: Resetting the Windows Administrator Password having Private Key.
Practical #8: Resetting the Windows Administrator Password Using EC2Config.
Practical #9: Resetting the Windows Administrator Password Using EC2Launch.
Practical #10: Take a snapshot of 'win-orig' Windows instance.
Practical #11: Create a custom AMI.
Practical #12: Create a custom image from Linux instance snapshot and launch another instance with this custom AMI named 'lin-custom'.


Practical #1: Attach a new Disk in Windows Instance ('win-srv2008').

Step 1. CREATE A WINDOWS INSTANCE:
AWS > Services > EC2 > Launch Instance > [*] Free tier only > Select Windows AMI (Microsoft Windows Server 2008 R2 Base) > Next: Configure Instance Details > Number of instances: 1 > Subnet:  Select any AZ (us-east-2a) > Auto assign public IP: Enable > Next: Add Storage > Next: Add tags > click to add a Name tag > name: win-srv2008 > Next: Configure Security Group > [*] Select an existing security group > Select port 3389 enabled Security Group > Review and Launch > Launch > Choose an existing key pair: select key pair > Acknowledge > Launch Instances > View Instances.

Step2. DECRYPT PASSWORD BY PRIVATE KEY
AWS > Services > EC2 > Select Instance > Actions > Get Windows Password > Key Pair Path > Browse > Provide pem file of private key > Decrypt Password > Copy that password into notepad.

Step 3. LAUNCH THE INSTANCE:
AWS > Services > EC2 > Select Instance > Copy Public IP > type 'mstsc' in run > Paste copied public IP > Connect > Username: Administrator > Password: paste password from notepad > Connect.

Step 4. CHECK ALL THE DISKS IN THIS WINDOWS INSTANCE:
Click on Start button > Right Click on My Computer > Manage > Expand Storage > Disk Management > we can see that there is only one disk named 'disk 0' with 'NTFS' filesystem.

Step 5. CREATE ONE MORE DISK/VOLUME:
AWS > Services > EC2 > in Elastic Block Store > Click on Volumes > Create Volume > Volume Type: GP2 > Size: 10 GB > Availability Zone: us-east-2a > click to add a Name tag: 'win-disk2' > Create Volume > Close.

In the Dashboard of 'Volumes', we can see the status of this volume, which is Available and representing with a blue ball.

Step 6. ATTACH THIS DISK TO WINDOWS INSTANCE:
AWS > Services > EC2 > in Elastic Block Store > Click on Volumes > Select volume 'win-disk2' > Actions > Attach Volume > Instance: Select 'win-srv2008' instance > Attach.

Step 7. VERIFY IN RDP, THAT DISK IS CONNECTED TO INSTANCE OR NOT:
Go back to RDP > here in Disk Management, we can see that a 10 GB not-initialized disk, named 'Disk 1' is attached.

Step 8. INITIALIZE THE DISK:
Right click on the Disk 1 > Initialize Disk > MBR > OK

Now the disk is online

Step 9. ALLOCATE THE DISK:
Right click on the Disk 1 > New Simple Volume > Next > Use Full Disk (if want) > Next > Assign Drive Letter > Next > File System: NTFS or FAT anyone > Next > Finish.

Step 10. Verify the Disk in My Computer:
'Windows + E' OR 'Click on Start' > 'My Computer'





Practical #2: Create a new volume named 'linux-2nd-volume' and attach this to a Linux instance 'lin-srv1'.

Step 1. CREATE A LINUX INSTANCE:
AWS > Services > EC2 > Launch Instance > [*] Free tier only > Select Linux AMI > Next: Configure Instance Details > Number of instances: 1 > Subnet:  Select any AZ (us-east-2a) > Auto assign public IP: Enable > Next: Add Storage (slect any one 'GP2', 'PIOPS' and 'Standard Magnetic' Disk) > Next: Add tags > click to add a Name tag > name: Lin-srv1 > Next: Configure Security Group > [*] Select an existing security group > Select port 22 enabled Security Group > Review and Launch > Launch > Choose an existing key pair: select key pair > Acknowledge > Launch Instances > View Instances.

Step 2. LAUNCH THE INSTANCE:
AWS > Services > EC2 > Select Instance > Copy Public IP > Open PuTTY > Session: Public IP: paste public IP > Expand SSH > Click on Auth > Browse > provide private key > Open > Login as: ec2-user.

Note: Access of Linux instances from PuTTY disabled after some time. So, for the practical purpose, we can use 'top' command to make an active connection. But do not do this thing in production, because, because of this, there will be extra usage of resources.

Check how many disks are connected to this instance:

$ lsblk
NAME    MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvda    202:0    0   8G  0 disk
└─xvda1 202:1    0   8G  0 part /

It shows only one disk is connected to the instance, named 'xvda', which is the primary disk.

Step 3. CREATE A SECONDARY VOLUME:
AWS > Services > EC2 > expand Elastic Block Store > Volumes > Create Volume > Volume Type: General Purpose SSD (GP2) > Size: 10 GB > Availability Zone: us-east-2a > Click to add a Name tag: linux-2nd-volume > Create Volume > Close.

In the Dashboard of 'Volumes' we can see the status of this volume, which is available and representing with a blue ball.

Step 4. ATTACH THIS VOLUME 'linux-2nd-volume' TO THE INSTANCE 'lin-srv1'
AWS > Services > EC2 > expand Elastic Block Store > Volumes > Select Volume > Actions > Attach Volume > Instance: Select Instance on which we want to attach this volume (in our case it is lin-srv1) > Attach.

Now, in the Dashboard of 'Volumes' we can see the status of this volume, which is 'in use' and representing with a green ball. In Attachment Information we can see that this volume is attached to lin-srv1 instance.

Step 5. ACCESS THIS VOLUME FROM LINUX INSTANCE:
èGo to the PuTTY terminal and verify whether we got another disk of 10 GB or not. For this list block devices:

$ lsblk
NAME    MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvda    202:0    0   8G  0 disk
└─xvda1 202:1    0   8G  0 part /
xvdf    202:80   0  10G  0 disk

Now, we can see that there is another disk named 'xvdf', having size 10 GB.

è Check if there is any file system applied on that disk or not:

$ lsblk -f
NAME    FSTYPE LABEL UUID                                 MOUNTPOINT
xvda
└─xvda1 xfs    /     8a9e0fcb-f415-4a3f-931d-919fadf8e22c /
xvdf

It shows that neither there is any file system attached to the secondary disk nor there is any mount point.

è Create ext4 file system. But for this, we need to be root:
$ sudo su -

# mkfs.ext4  /dev/xvdf

è Verify that the file system is created:
# lsblk  -f
NAME    FSTYPE LABEL UUID                                 MOUNTPOINT
xvda
└─xvda1 xfs    /     8a9e0fcb-f415-4a3f-931d-919fadf8e22c /
xvdf    ext4         949ecc17-6f6e-4138-90d3-0f5a9a10bd0d

It shows that we have ext4 file system on our xvdf disk.

è Mount this disk on an empty directory. For this, we can create a new empty directory or we can directly mount on /mnt.

# mkdir /app1
# mount  /dev/xvdf  /app1

It is mounted but this is a temporary mounting. As we reboot the system, the mounting will be gone. For permanent mounting, we need to make an entry in '/etc/fstab' file.

# vi /etc/fstab
/dev/xvdf            /app1            ext4            defaults            0   0
:wq

# mount -a

Now, secondary disk 'xvdf' is permanently mounted on /app1 directory.

è Verify that secondary disk 'xvdf' is mounted or not:
# mount               OR
# lsblk                   OR
# lsblk -f               OR
# df -h                                                                   //much used in industry

Step 6: CREATE SOME FILES AND FOLDERS INSIDE SECONDARY DISK:
# cd /app1
# mkdir /dir{1..5}                                              //this will create 5 empty directories
# touch file{1..5}.txt                                        //this will create 5 files





Practical #3: Secondary disk named '/dev/xvdf' is mounted at '/app1' directory. Migrate this disk into another Linux instance named 'lin-srv2' with data.

Step 1. Create a new Linux instance named 'lin-srv2' in same AZ.

Step 2. Login to this instance with ec2-user and switch to root user.

Step 3. If uncomfortable to use two putty sessions, then change hostname of this instance PuTTY session:
# hostname linux-second-instance          //provide hostname
# bash                                   //run this command otherwise hostname will not be shown on the screen

Step 4. Check how many disks are attached to the old instance:
Go to the Original instance 'lin-srv1'

# lsblk
NAME    MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvda    202:0    0   8G  0 disk
└─xvda1 202:1    0   8G  0 part /

Step 5. UNMOUNT THE VOLUME FROM OS AND DETACH IT FROM AWS IN 'lin-srv1' INSTANCE.
è Check what is mounted where:
# df –h
/dev/xvdf       9.8G   37M  9.2G   1%   /app1

It shows that /dev/xvdf is mounted on /app1

è If we migrate disk without unmounts, then OS files might be corrupt. Unmount the disk:
# umount  /dev/xvdf

NOTE: Getting error that 'The target is busy'. There are two commands by which we can see who is using /app1:
1) lsof /app1 OR
2) fuser -cu /app1

Now, unmount forcefully:
# fuser -km /app1

è Verify this
# df -h       OR
# lsblk -f

è Detach the disk from AWS:
AWS > Services > EC2 > Volumes > Select the Volume we want to detach. In this case we will select 'linux-2nd-volume' > Actions > Detach the Volume (If stuck then use Forcefully Detach Volume) > Yes Detach > Now again this is in Available status.

Step 6. ATTACH THE VOLUME FROM AWS AND MOUNT IT ON OS IN 'lin-srv1' INSTANCE.
è Attach the disk to second instance named 'lin-srv2'
AWS > Services > EC2 > Volumes > Select the volume we want to attach. In this case we will select 'linux-2nd-volume' > Actions > Attach Volume > Instance: select instance 'lin-srv2' > Attach.

èVerify volume is attached as disk or not:
# lsblk  -f
NAME    FSTYPE LABEL UUID                                 MOUNTPOINT
xvda
└─xvda1 xfs    /     8a9e0fcb-f415-4a3f-931d-919fadf8e22c /
xvdf    ext4         949ecc17-6f6e-4138-90d3-0f5a9a10bd0d

Showing that disk xvdf is attached having ext4 file system. But there is no Mount Point. So, we just need to mount this.

è Create an empty directory named 'app-bkp1' for mounting OR we can use /mnt also
# mkdir /app-bkp1

è Session Specific Mounting (temporary) /dev/xvdf to second instance 'lin-srv2':
# mount  /dev/xvdf  /app-bkp1

è Persistent Mounting (permanent) /dev/xvdf to second instance 'lin-srv2':
# vi  /etc/fstab
/dev/xvdf            /app-bkp1            ext4            defaults            0   0
:wq

# mount -a

èVerify data is migrated in '/app-bkp1' directory or not:
# cd /app-bkp1
# ls




Practical #4: Increase the 'root' volume size of 'lin-srv1' instance, from 8 GB to 12 GB live, with no downtime.

Step 1. VERIFY THE SIZE OF '/' VOLUME:
$ df -h
/dev/xvda1      8.0G  1.2G  6.9G  15% /

Showing /dev/xvda1 has 8 GB size.

Step 2. GROW THE DISK FROM AWS:
AWS > Services > EC2 > Volumes > Select 'lin-srv1' > Actions > Modify Volume > Size: 12 > Modify > Yes > Close.

On Volume Dashboard we can see that size is increased from 8 GB to 12 GB. Now, if as there is no other partition then, we directly grow the partition.

è On instance run command:
# lsblk

It shows disk is now 12 GB but the partition is still 8 GB.

NAME    MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvda    202:0    0  12G  0 disk
└─xvda1 202:1    0   8G  0 part /

Step 3. INCREASE THE SIZE OF THE PARTITION (Generally, in industry, we do not increase size of the partition. We create LVM. But here we get liberty, so we can do that)

è Know the partition name:
# df -h

Shows partition name is '/dev/xvda1'

è Increase the size of the Partition:
# growpart  /dev/xvda  1                //there is difference between 'xvda' and '1'

è Verify:
# lsblk
NAME    MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvda    202:0    0  12G  0 disk
└─xvda1 202:1    0  12G  0 part /

è But df-h command shows:
# df-h
/dev/xvda1      8.0G  1.2G  6.9G  15% /

Means Filesystem is yet to be increased.

Step 4. INCREASE THE SIZE OF THE FILESYSTEM:

NOTE:
* If ext4, then
# resize2fs /dev/xvdf 12G

OR

* If xfs, then
# xfs growfs 

è So, first verify the filesystem type by using the command:
# df  -hT
/dev/xvda1     xfs       8.0G  1.2G  6.9G  15% /

è Increase the File System:
# xfs_growfs  /dev/xvda1




Practical #5: Increase the size of the secondary disk in Linux.

Step 1. MODIFY THE VOLUME:
AWS > Services > EC2 > Volumes > select the volume: 'linux-2nd-volume' > Actions > Modify Volume > Size: 20 GB > Modify > Yes > Close.
On Volume Dashboard we can see that size is increased from 10 GB to 20 GB.

Step 2. NOW GO TO OS IN PuTTY AND CHECK THE SIZE OF THE DISK:
# lsblk
xvdf    202:80   0  20G  0 disk /app-bkp1

As we can see here that size is 20 GB, but still, we have to increase the file system, otherwise, this will not reflect on 'df -h'.

Step 3. IF THERE IS NO PARTITION, WE CAN DIRECTLY INCREASE THE FILESYSTEM:
è So, first verify the filesystem type by using the command:
# df  -hT
/dev/xvdf      ext4      9.8G   37M  9.2G   1% /app-bkp1
# resize2fs  /dev/xvdf

NOTE: Do not provide size, let it grow completely, but if we want we can provide size:
# resize2fs  /dev/xvdf  5G                       //this will grow for 5G

è Verify:
/dev/xvdf      ext4       20G   44M   19G   1% /app-bkp1
Now it's completely increased.





Practical #6: Recover key using EBS in the Linux Instance in AWS.

Steps need to follow:

  1. Launch an instance named 'lin-orig'
  2. Put some files in this instance
  3. Copy az name and the path of 'lin-orig' instance
  4. Stop 'lin-orig' instance
  5. Delete private key, which we used to install the instance
  6. Detach 'lin-orig' volume from instance
  7. Create another instance, by another ami, in same az named 'lin-tmp'
  8. Attach 'lin-orig' instance's volume as a secondary volume
  9. Login in to 'lin-tmp' instance and mount the secondary volume
  10. Copy 'lin-tmp' instance's authorized_keys to 'lin-orig' instance
  11. Update key name in last
  12. Verify or provide the permission and ownership for lin-orig's authorize_files file
  13. Unmount /mnt folder and detach original instance's volume from temporary instance 'lin-tmp'
  14. Attach original instance's volume to the original instance 'lin-orig' and convert the key
  15. Start the original instance 'lin-orig' and run it in putty and verify working directories and files.

Step 1. LAUNCH AN INSTANCE NAMED 'lin-orig'
AWS > Services > EC2 > Launch Instance > [*] Free tier only > Select Linux AMI > Next: Configure Instance Details > Number of instances: 1 > Subnet:  Select any AZ (us-east-2a) > Auto assign public IP: Enable > Next: Add Storage > Next: Add tags > click to add a Name tag > name: lin-orig > Next: Configure Security Group > [*] Select an existing security group > Select port 22 enabled Security Group > Review and Launch > Launch > Choose an existing key pair: select any key-pair which we have > Acknowledge > Launch Instances > View Instances.

Step 2. PUT SOME FILES IN THIS INSTANCE
Use PuTTY and login in to 'lin-tmp' instance using username 'ec2-user' and use commands:

$ pwd                                                    //verify present working directory
/home/ec2-user

$ mkdir dir{1..5}                                //this will create 5 directories at the same location

$ touch dir1/file{1..10}                   //this will create 10 files into the dir1 directory

Step 3. COPY AZ NAME AND THE PATH OF 'lin-orig' INSTANCE
AWS > Services > EC2 > Select Instance > Description


Copy both of these things in notepad.

Step 4. STOP 'lin-orig' INSTANCE
AWS > Services > EC2 > Select Instance > Actions > Instance State > Stop.

Step 5. DELETE PRIVATE KEY, WHICH WE USED TO INSTALL THE INSTANCE
This practical is a practice in which we have lost our key, so fir better understanding, we need to lost our key intentionally. So, for this delete both private keys from laptop '.pem' and '.ppk'. But before deleting copy that key's name in notepad.

Step 6. DETACH 'lin-orig' VOLUME FROM INSTANCE
AWS > Services > EC2 > expand Elastic Block Store > Volumes > Select Volume which is related to 'lin-orig' instance > Actions > Detach Volume > Yes Detach (Volume will detach when instance will be stop).

STEP 7. CREATE ANOTHER INSTANCE, BY ANOTHER AMI, IN SAME AZ NAMED 'lin-tmp'
AWS > Services > EC2 > Launch Instance > [*] Free tier only > Select AMI which is different from our 'lin-orig' instance > Next: Configure Instance Details > Number of instances: 1 > Subnet:  Select only 'us-east-2a' AZ > Auto assign public IP: Enable > Next: Add Storage > Next: Add tags > click to add a Name tag > name: 'lin-tmp' > Next: Configure Security Group > [*] Select an existing security group > Select port 22 enabled Security Group > Review and Launch > Launch > Choose an existing key pair: select key pair OR create a new key for this instance: like we are creating a new key-pair named 'testing-key' (do not forget to convert that key in .ppk format to access the instance) > Acknowledge > Launch Instances > View Instances.

è We used different AMI from our 'lin-orig' instance because if we use same image, then in both instances' UUID (Universal Unique ID) will match and it will not let us mount the volume.

Step 8. ATTACH 'lin-orig' INSTANCE'S VOLUME AS A SECONDARY VOLUME
AWS > Services > EC2 > Volumes > Select Volume which is related to 'lin-orig' instance (showing as available in status) > Actions > Attach Volume > Instance: Select 'lin-tmp' volume > Right now device name does not matter because it is a secondary volume for 'lin-tmp' instance > Attach.
In a couple of moments this will be 'in-use' state from 'Available' state.

Step 9. LOGIN IN TO 'lin-tmp' INSTANCE AND MOUNT THE SECONDARY VOLUME
Use PuTTY and login in to 'lin-tmp' instance using username 'ec2-user'. Use commands:

è List all Block Devices in this instance:
$ lsblk
NAME    MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
xvda    202:0    0   8G  0 disk
└─xvda1 202:1    0   8G  0 part /
xvdf    202:80   0   8G  0 disk
└─xvdf1 202:81   0   8G  0 part

è Mount this instance to /mnt:
Switch to root user, because mounting can be done by root user only.

$ sudo su -
Temporary Mounting:
# /dev/xvdf1  /mnt

Permanent Mounting:
# vi /etc/fstab
/dev/xvdf1      /mnt    ext4    defaults        0 0
:wq

# mount /dev/xvdf1

# df –h                                                                  //to verify

Step 10. COPY 'lin-tmp' INSTANCE'S authorized_keys TO 'lin-orig' INSTANCE

è Copy 'lin-orig' instance's keyname:
# cat /mnt/home/ec2-user/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCgn9Bg0DySbkwGGBkZCl+j/Il43GrbAhqPB2ZYVNr+cJ4DNTpXaQ/aA/ucgu5Kbr5EStoYilLk7MbIkxZ3CT/OPZbdF0xElPCONChyabvbfT8j2zRLDY7IMskDIv779QnCNx0vdQ62BE/jePPQDkbFTiMKcu5z2KCRCZsHnKk3OtHBNVGAaZwrBInaUA0hSiqx5tdmKpxNg+oLssU0sXkpiueDamc1QDrIWMOE5F8qXJEiJT8jOrq1mkvXVBpajO5cQa27zQhQMMyfdUPyIrv+jaLGpiDsxll5uKkXySY66hKb5PXpucq4PBvzadTZA9iVvGvL5e9kAclAVFbyvdsx webshack-security-key


As we can see, in my case, I used existing key named 'webshack-security-key'. Copy your key name in notepad.

è Move 'lin-orig' instance's authorized keys to /tmp
# mv /mnt/home/ec2-user/.ssh/authorized_keys  /tmp

è Copy 'lin-tmp' instance's authorized keys to 'lin-orig' instance
# cp /home/ec2-user/.ssh/authorized_keys  /mnt/home/ec2-user/.ssh/

Step 11. UPDATE KEY NAME IN LAST
# vi /mnt/home/ec2-user/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCCJK5ryAm3IBR9P2paXMPV8Gnrhr4ChjiIN/Pxs6UENgpClZYE5ydOdibpadTdZmJK4zlMncXl6PWgjsnzJH2+GzdhYz0v0qQkPvSRu8MKiu+D8NhuW4dcNbLCL0UUgoR82XbjontuVlKJz2L2G7r/JG16BNdfq85wCMC4lQk7mA8Nz+R7hYcRnhiddr4JPT9yRe17TZspLUaoy9IEO6dvwW/EAfKVBYfvSlcbWe+BVdFM/DShlICm2eFVrzTRyNvJWycD/MQyY3wUgF7Ppk4OGQp3tdExzQUU7LBTshNDebasMa+EHfqDpGuph4lr3Zg42GAjgoLtpYnK2358g0N9 testing-key


è Update the name from 'testing key' to 'webshack-security-key' and save the file:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCCJK5ryAm3IBR9P2paXMPV8Gnrhr4ChjiIN/Pxs6UENgpClZYE5ydOdibpadTdZmJK4zlMncXl6PWgjsnzJH2+GzdhYz0v0qQkPvSRu8MKiu+D8NhuW4dcNbLCL0UUgoR82XbjontuVlKJz2L2G7r/JG16BNdfq85wCMC4lQk7mA8Nz+R7hYcRnhiddr4JPT9yRe17TZspLUaoy9IEO6dvwW/EAfKVBYfvSlcbWe+BVdFM/DShlICm2eFVrzTRyNvJWycD/MQyY3wUgF7Ppk4OGQp3tdExzQUU7LBTshNDebasMa+EHfqDpGuph4lr3Zg42GAjgoLtpYnK2358g0N9 webshack-security-key

Step 12. VERIFY OR PROVIDE THE PERMISSION AND OWNERSHIP FOR lin-orig's authorize_files FILE
# chmod 600  /mnt/home/ec2-user/.ssh/authorized_keys
# chown ec2-user:ec2-user /mnt/home/ec2-user/.ssh/authorized_keys

Step 13. UNMOUNT /mnt FOLDER AND DETACH ORIGINAL INSTANCE'S VOLUME FROM TEMPORARY INSTANCE 'lin-tmp'
è For Temporary un-mounting:
# umount /mnt

è For permanent un-mounting:
  1. Delete the entry from /etc/fastab file and save the file and also use the command
  2. # umount /mnt

è Detach original instance's volume from temporary instance 'lin-tmp': 
AWS > Services > EC2 > Volumes > Select lin-orig volume > Actions > Detach volume > Yes Detach.

Step 14. ATTACH ORIGINAL INSTANCE'S VOLUME TO ORIGINAL INSTANCE 'lin-orig' AND CONVERT THE KEY
AWS > Services > EC2 > Volumes > Select lin-orig volume > Actions > Attach Volume > Select 'lin-orig' instance AND provide root device path which we copied in notepad > Attach.

è Convert the key:
As lin-orig instance knows only webshack-security-key, we are going to save private key named 'webshack-security-key.ppk' from 'testing-key.pem':

PuTTYgen > Load > Select 'testing-key.pem' > Save Private Key > Name it as: webshack-security-key.ppk > Save.

Step 15. START ORIGINAL INSTANCE 'lin-orig'. RUN IT IN PuTTY AND VERIFY WORKING DIRECTORIES AND FILES
AWS > Services > EC2 > Instances > Select lin-orig instance > Actions > Instance State > Start > Yes Start.

Paste Public IP from EC2 dashboard to PuTTY and use webshack-security-key.ppk to run the instance. Now use user 'ec2-user' to login.

ACCESS SUCCESSFUL…

Now verify all the directories and files which we created at /home/ec2-user location.



Practical #7: Resetting the Windows Administrator Password Using Private Key

Select Windows instance > Connect > Get Password > Browse > Provide private key with '.pem' format > Decrypt Password.

Enjoy!



Practical #8: Resetting the Windows Administrator Password Using EC2Config

We have Windows-2012 server as named 'original' but accidently we lost its password and private key both. Now how to access the instance?

Steps need to follow:
  1. Launch an Original instance
  2. Decrypt password and put some files in it
  3. Verify ec2-config service is running or not
  4. Stop original instance
  5. Create an image with original instance
  6. Create a new key pair with the same name
  7. Launch the 2nd-original instance using 'original' instance's image by new key pair which has the same name
  8. Detach root volume from the 2nd-original instance
  9. Launch temporary instance with another AMI
  10. Create a new key pair for this instance
  11. Attach the volume to the temporary instance as a secondary volume
  12. Modify configuration file
  13. Detach the secondary volume from 'temporary' instance
  14. Re-attach the volume to the 2nd-original instance
  15. Decrypt the password and start the instance using private key of new key-pair (2nd-original)

Step 1. LAUNCH AN INSTANCE NAMED 'original'

AWS > Services > EC2 > Launch Instance > [*] Free tier only > Select Windows Server 2012 AMI > Next: Configure Instance Details > Number of instances: 1 > Subnet:  Select any AZ (us-east-2a) > Auto assign public IP: Enable > Next: Add Storage > Next: Add tags > click to add a Name tag > name: original > Next: Configure Security Group > [*] Select an existing security group > Select port number 3389 enabled Security Group > Review and Launch > Launch > Create a new key pair: original-key > Download Key Pair > Acknowledge > Launch Instances > View Instances.

Step 2. DECRYPT THE PASSWORD AND PUT SOME FILES IN THIS INSTANCE

è Decrypt password using Private Key

è Copy this password into a notepad

è Open RDP (using 'mstsc' in run) > Connect > Username: Administrator Password: paste from notepad > Login. 

(I created a folder named 'webshack' and put some files in this. So that after recover we may sure that we get each and everything on exactly as we left.)

Now, delete the password from notepad and private key 'original-key.pem', where you saved it.

Step 3. VERIFY THAT THE 'EC2Config' SERVICE IS RUNNING OR NOT

AWS > Services > EC2 > Instances > Select instance > Actions > Instance Settings > Get System Log > Locate the 'EC2 Agent' entry:


If we are able to see the entry, means EC2Config service is running and if the system log output is empty, or if the EC2Config service is not running, troubleshoot the instance using the Instance Console Screenshot service.

Step 4: Stop 'original' instance

è Stop 'original' instance:

AWS > Services > EC2 > Instances > Select instance named 'original' > Actions > Instance State > Stop.

Step 5: Create an image by 'original' instance

AWS > EC2 > Services > EC2 > Instances > Select instance 'original' > Actions > Image > Create Image > Image Name: original-instance-image && Image Description: This image is for recovering the password of 'original' instance > Create Image > Close.

Step 6: Create a new key-pair with the same name

è Before creating first delete public key of 'original-key'
AWS > Services > EC2 > Select Key Pair named 'original-key' > Delete > Yes

è Create a new key-pair with the same name
AWS > Services > EC2 > Create Key Pair > Key Pair Name: original-key (provide same name by which we created the instance) > Create.

Step 7: Launch the 2nd-original instance using 'original' instance's image by new keypair which has same name

è Select the windows instance we want to recover password > Note the instance type, VPC, subnet, security group in a notepad.

è Launch the instance, when the image status changes to available:
AWS > EC2 > Services > EC2 > expand Images > AMIs > Select the image 'original-instance-image' > Launch > Select same instance type, VPC, Subnet (AZ) and Security Group, as we used in 'original' instance > Name: 2nd-original instance > Launch > Key Pair: original-key > Acknowledge > Launch Instance > View Instances.

IMPORTANT:

We cannot decrypt the password of this instance because this instance is launched from a custom AMI. Its password has been provided and we cannot again decrypt again by using private key. If we do so, we will get an error:


Step 8: Detach root volume from 2nd-original instance

è Copy ID of EBS volume of original instance to the notepad:
Select '2nd-original' instance > Description > Root device > copy its ID (/dev/sda1)

è Detach Volume
AWS > EC2 > Services > EC2 > Volumes > Select 2nd-original's volume > Actions > Detach Volume > Yes Detach.

Wait, until it converts in available state.

Step 9: Launch 'temporary' instance with another AMI

AWS > Services > EC2 > Launch Instance > [*] Free tier only > Select Windows Server 2008 AMI, as we selected Windows Server 2012 for 'original' instance > Next: Configure Instance Details > Number of instances: 1 > Subnet:  Select any AZ (us-east-2a) > Auto assign public IP: Enable > Next: Add Storage > Next: Add tags > click to add a Name tag > name: temporary > Next: Configure Security Group > [*] Select an existing security group > Select port number 3389 enabled Security Group > Review and Launch > Launch > Create a new key pair: original-key > Download Key Pair > Acknowledge > Launch Instances > View Instances.

Step 10: Create a new key pair for this instance

AWS > Services > EC2 > Create Key Pair > Key Pair Name: temporary-key > Create.

Step 11: Attach the volume to the 'temporary' instance as a secondary volume

AWS > Services > EC2 > Volumes > Select '2nd-original' volume which we detached from '2nd-original' instance > Actions > Attach Volume > Instance: 'temporary' instance > We are attaching it as a secondary volume, so Device name doesn’t matter > Attach.

Step 12: Modify the configuration file

First Decrypt password by using private key named 'temporary-key' and copy the password to a notepad, then login in to 'temporary' instance and modify the configuration file:

Run > mstsc > paste public IP from Instance Dashboard > Connect > Provide Username and Password > Connect.

Right Click on My Computer > Manage > expand Storage > Disk Management > Here, we can see that we got another disk named 'disk 1' > If this is Offline, then right Click on Disk > Click Online > Now, if disk already got a letter (as I got 'D') then just navigate to My computer or just provide a letter to this drive…

…My Computer > D drive > Open 'config.xml' file in notepad from location (\Program Files\Amazon\Ec2ConfigService\Settings\config.xml) > (If we found file without extension, then to know the extensions do "File explorer > press Alt > Tools > Folder options > View > Untick [ ] Hide extensions for known file types > OK") > At the top of the file, find the plugin with the name 'Ec2SetPassword', as shown in the screenshot. Change the state from Disabled to Enabled and save the file.


Step 13: Now, again detach the secondary volume from 'temporary' instance:

è Make Disk offline by using the Disk Management utility:
Right Click on My Computer > Manage > expand Storage > Disk Management > Here we can see our new disk named 'disk 1' > Right Click on Disk > Click Offline > Close this Remote Desktop Connection.

è Detach the volume:
AWS > Services > EC2 > Volumes > Select Volume 'win-srv-2012-orig' > Actions > Detach Volume > Yes Detach.

Now, volume '2nd-original' is again in available state.

Step 14: Re-attach the volume to the 2nd-original instance:

AWS > Services > EC2 > Volumes > Select Volume '2nd-original' > Actions > Attach Volume > attach it to '2nd-original' instance > Device: paste root device name from notepad which is '/dev/sda1' > Attach.

Step 15: Decrypt the password and start the instance using private key of new key-pair (2nd-original)

è Start the original instance:
AWS > Services > EC2 > Instances > Select '2nd-original' instance > Actions > Instance State > Start > Yes Start.

è Retrieve your new Windows administrator password using the private key for the new key pair named 'original-key':

AWS > Services > EC2 > Instances > Select 'win-srv-2008-orig' instance > Actions > Get Windows Password > Browse: select 'original-key.pem' key > Decrypt Password.

CONGRATULATIONS!
We got the password. Now login and verify the files and folders we created are on same place or not.



Practical #9: Resetting the Windows Administrator Password Using 'EC2Launch'

If we lost password of windows 2016 or above, then we need to use EC2-Launch service to recover the password.

STEPS NEED TO FOLLOW:
  1. Launch a windows instance
  2. Decrypt password, login instance and put some files in it and stop the instance
  3. Verify ec2-launch service is running or not
  4. Create an image with the original instance
  5. Remove the public key from AWS
  6. Launch an instance using this image
  7. Detach root volume
  8. Create a temporary instance
  9. Attach the volume to the temporary instance and login
  10. Verify the volume is attached in disk management
  11. Download the ec2rescue for windows server zip file, extract the contents, and run ec2rescue.exe
  12. Detach the volume from and attach to the original instance
  13. Decrypt password of the original instance

Step 1: LAUNCH A WINDOWS INSTANCE:

Use any AMI like Windows 2016 and above. In this practical I am using 'Microsoft Windows Server 2016 Base' AMI.

AWS > Services > EC2 > Instances > Launch instance > [*] Free tier only > select AMI 'Microsoft Windows Server 2016 Base' > t2.micro > Next > Number of instances: 1 > Network: default VPC > Subnet: us-east-2a > Auto-assign Public IP: Enable > Next: Storage > Next Tags > Click to add a name tag: Windows-2016-Server > Next > Create a new SG or use any existing SG but port number 3389 must be open for RDP > Review and launch > Launch > Create a new key-pair or select an existing one > View instances.

Step 2: DECRYPT PASSWORD, LOGIN INSTANCE AND PUT SOME FILES IN IT AND STOP THE INSTANCE:

è Decrypt Password:

AWS > Services > EC2 > Instances > Select instance > Actions > Get Windows Password > Browse: provide private key > Decrypt Password > Copy password in notepad > Close.

è Login to instance:

AWS > Services > EC2 > Instances > Select instance > Copy Public IP > Run > type 'mstsc' > Computer: provide public IP of the instance > Connect > Username: Administrator > Password: copy from notepad, where you copied > Ok > Verification: Yes.

è Create some files and folders in this instance.

è Stop the instance:

AWS > Services > EC2 > Instances > Select instance > Actions > Instance state > Stop > Yes, stop.

Step 3: VERIFY EC2-LAUNCH SERVICE IS RUNNING OR NOT:

AWS > Services > EC2 > Instances > Select instance > Actions > Actions Settings > Get System Log.


Here, search for Launch: EC2 Launch v1.3.2001360. If EC2 Launch and version is mentioned, then it means EC2 Launch is running in this instance and we can recover the password for this instance.

Step 4: CREATE AN IMAGE WITH ORIGINAL INSTANCE:

AWS > Services > EC2 > Instances > Select instance > Actions > Image > Create Image > Image Name: win-2016-custom-ami > Image Description: Image created to recover instance password > Create Image > Close.

è Verify Image:

AWS > Services > EC2 > AMIs.
Here we can see our Image, which is in 'Pending' state, but soon this will be converted to 'available' state.

Step 5: REMOVE PUBLIC KEY FROM AWS:

AWS > Services > EC2 > Key Pairs > Select the key by which you created Windows 2016 instance; but copy key name in notepad > Delete > Yes.

Step 6: LAUNCH AN INSTANCE USING THIS IMAGE:

AWS > Services > EC2 > Instances > Launch instance > My AMIs (here, we can see out created image) > Select image 'win-2016-custom-ami' > Next > Next > Number of instances: 1 > Network: Default VPC > Subnet: us-east-2a > Next > Next > Click to add a Name tag: 'Windows-2016-Server2' > Next > Create a new SG or use any existing SG but port number 3389 must be open for RDP > Review and launch > Launch > Create a new key-pair (with same name from which you created Windows 2016 original instance and also copied in notepad) > Download key-pair > Launch Instances > View Instances.

As this instance is launched from custom AMI, so, we cannot retrieve the password from here. We need to take the root volume of this instance in a temporary instance and from there we will do troubleshooting.

Step 7: DETACH ROOT VOLUME:

Now, we will detach root volume from this instance named 'Windows-2016-Server2' and attach to a temporary instance:

è First, we will stop the instance:

AWS > Services > EC2 > Instances > Select Instance: Windows-2016-Server2 > Actions > Instance state > Stop.

è Now, we detach the root volume:

AWS > Services > EC2 > Instances > Select Instance: Windows-2016-Server2 > Description > Navigate to 'Root device: /dev/sda1' > Click on /dev/sda1 > Click on EBS ID > this will navigate us to the root volume of this instance > Actions > Detach volume > Yes, Detach.

Within a couple of moments the state of this volume will convert from 'in use' to 'available'.

Step 8: CREATE A TEMPORARY INSTANCE:

Now, we will create a temporary instance with different AMI and different key-pair. So that we could troubleshoot over there.

AWS > Services > EC2 > Instances > Launch instance > [*] Free tier only > select AMI ' Microsoft Windows Server 2012 R2 Base' (you can choose another AMI also) > t2.micro > Next > Number of instances: 1 > Network: default VPC > Subnet: us-east-2a > Auto-assign Public IP: Enable > Next: Storage > Next Tags > Click to add a name tag: win-temp-inst > Next > Create a new SG or use any existing SG but port number 3389 must be open for RDP > Review and launch > Launch > Create a new key-pair or select an existing one (but that should not be same as you used in original Windows 2016 instance) > View instances.

Step 9: ATTACH THE VOLUME TO THE TEMPORARY INSTANCE AND LOGIN:

è We will attach the root volume of 'Windows-2016-Server2' instance to temporary instance named 'win-temp-inst' as a secondary volume:

AWS > Services > EC2 > Volumes > Select root volume of 'Windows-2016-Server2' instance (which is now in available state) > Actions > Attach Volume > Instance > Select 'win-temp-inst' > NO NEED TO CHANGE DEVICE NAME > Attach.

è Decrypt password of temporary instance named 'win-temp-inst':

AWS > Services > EC2 > Instances > Select 'win-temp-inst' > Actions > Get Windows Password > Browse > provide private key > Decrypt Password > Copy provided password to notepad > Close.

è Login to the instance:

Run > mstsc > paste public IP of temporary instance from EC2 Dashboard > Connect > Username: Administrator > Password: paste from notepad where you copied > Verification: Yes.

Note: Step number 10 and 11, WE WILL TROUBLESHOOT IN TEMPORARY INSTANCE.

Step 10: VERIFY THE VOLUME IS ATTACHED IN DISK MANAGEMENT:

Run > type 'diskmgmt.msc' and press enter.

Here, we can see that one more disk named 'Disk 1' is attached to this instance, which is in offline state.

Step 11: DOWNLOAD THE EC2Rescue for Windows Server ZIP FILE, EXTRACT THE CONTENTS, AND RUN EC2rescue.exe:

è Download EC2 Rescue and run EC2Rescue.exe:


Run > paste above link > Save.

è Extract and run EC2rescue.exe:

Open Downloads > EC2Rescue_latest.zip > Right Click > Extract All > Extract > Run EC2rescue.exe > License: I Agree > Welcome to EC2Rescue: Next > Select Offline instances > Select Offline disk (probably named 'Disk 1') > Next > Verify: Yes > Volume successfully loaded: hit OK > Diagnose and Rescue > Verify 'Reset Administrator Password' is listed, click on Next > [*] Reset Administrator Password (tick this line) > Next > (this will show 'Reset Administrator Password, From Disabled, To Enabled') > Rescue > OK > Next > Finish > OK.

Now close this session.

Step 12: DETACH VOLUME FROM AND ATTACH TO ORIGINAL INSTANCE:

AWS > Services > EC2 > Volumes > Select 'Windows-2016-Server2' volume > (In Description we can verify that this volume is attached to temporary instance named 'win-temp-inst') > Actions > Detach Volume > Yes, Detach > (let it be in available state) > again go to 'Actions' > Attach volume > Instance: Windows-2016-Server2 (Give original instance) > Device: /dev/sda1 (ALWAYS CHANGE DEVICE NAME, AS WE ARE NOW ATTACHING AS A PRIMARY VOLUME OR ROOT VOLUME) > Attach >

Step 13: DECRYPT PASSWORD OF ORIGINAL INSTANCE:

è First start the instance:

AWS > Services > EC2 > Instances > Select original instance named 'Windows-2016-Server2' > Actions > Get Windows Password > provide private key > Decrypt Password > Copy this password to notepad.

è Now login to the instance with this password and very files and folders:

Copy public IP from EC2 dashboard > Run > type 'mstsc' > Computer: provide public IP of the instance > Connect > Username: Administrator > Password: copy from notepad, where you copied > Ok > Verification: Yes.


See all files are here…ENJOY!!



Practical #10: Take a snapshot of 'win-orig' Windows instance.

Steps need to follow:
  1. Launch a Windows instance named 'win-orig'
  2. Decrypt the password and login to this windows instance
  3. Create a Folder named 'First Folder'
  4. Take a snapshot named 'win-orig-snap1'
  5. Create another Folder named 'Second Folder'
  6. Take a snapshot named 'win-orig-snap2'
  7. Create one more folder named 'Third Folder' (on your own)
  8. Roll back to 'win-orig-snap1'
  9. Run the instance and verify data
Step 1. LAUNCH A WINDOWS INSTANCE NAMED 'win-orig': (on your own)

Step 2. DECRYPT THE PASSWORD AND LOGIN TO THIS WINDOWS INSTANCE (on your own)

Step 3. CREATE A FOLDER NAMEDS 'First Folder' (on your own)

Step 4. TAKE A SNAPSHOT NAMED 'win-orig-snap1'

There are two methods to take snapshots:
  1. Navigate and select the volume and then create snapshot OR
  2. Navigate to snapshot and click on 'create snapshot'
Method #1:
AWS > Services > EC2 > Navigate to Elastic Block Store: Volumes > Select Volume 'win-orig' > Actions > Create Snapshot > Description: to preserve original state of 'win-origin' > Name: win-orig-snap1 > Create Snapshot > Close.

Method #2:
AWS > Services > EC2 > Navigate to Elastic Block Store: Snapshots > Create Snapshot > Volume: Select 'win-orig' volume > Create Snapshot > Close.

This snapshot has data till 'First Folder' only.

Step 5. CREATE ANOTHER FOLDER NAMED 'Second Folder' (on your own)

Step 6. TAKE A SNAPSHOT NAMED 'win-orig-snap2':

This time it is an incremental backup

AWS > Services > EC2 > Navigate to Elastic Block Store: Volumes > Select Volume 'win-orig' > Actions > Create Snapshot > Description: to preserve original state of 'win-origin' > Name: win-orig-snap2 > Create Snapshot > Close.

This snapshot has data (First Folder and Second Folder) both.

Step7. Create one more folder named 'Third Folder' (on your own)

At this time as we created this folder, suppose the system got crashed. Now we need to roll back to either 'win-orig-snap1' or 'win-orig-snap2'. In our practical we will roll back directly to snapshot named 'win-orig-snap1', which will roll back to the 'First Folder'.

Step 8. ROLL BACK TO 'win-orig-snap1'

è Stop 'win-orig' instance:

AWS > Services > EC2 > Select 'win-orig' instance > Actions > Instance state > Stop.

When instance is stopping, we need to take the path of the EBS device. (Root device: /dev/sda1)

INFORMATION:
IDE Disk (PATA): /dev/hda
SATA/SCSI/SAS/USB: /dev/sda
XEN: /dev/xvda
another hypervisor: ~/dev/vda

è Create volume from snapshot:

AWS > Services > EC2 > Snapshots > Select Snapshot > Actions > Create Volume > AZ: Select same AZ 'us-east-2' > Name: volume_from_snap1 > Create Volume > Close.

è Detach root volume from original instance 'win-orig':

AWS > Services > EC2 > Volumes > Select Volume 'win-orig' > Actions > Detach Volume.

è Attach 'volume_from_snap1' volume to 'win-orig' instance:

AWS > Services > EC2 > Volumes > Select Volume 'volume_from_snap1' > Actions > Attach Volume > Instance: Select 'win-orig' instance > Device: here provide device name, which we copied at the time of stopping the instance > Attach.

Green ball indicator shows that this volume is now in use.

Step 9.  RUN THE INSTANCE AND VERIFY DATA:

AWS > Services > EC2 > Instances > Select Instance 'win-orig' > Actions > Instance State > Start > Yes, Start.

Open RDP > provide public IP > Username: administrator > Password: paste from notepad > Connect.

We can see, we have only one folder named 'First Folder'.



Practical #11: Create a custom AMI.

This custom AMI will help us to launch an instance in any AZ. At the time, when we create an AMI, it also creates a snapshot, which we can verify by clicking on snapshots under EC2 service.

AWS > Services > EC2 > Instances > Select Instance > Actions > Image > Create image > Image name: my-win-golden-image > Description: to be used globally > It is advisable to take a reboot, because after reboot, application will be in consistent state. But if we wish we can skip this > Create Image > Close.

As AMI creation procedure completed, we can see one more snapshot is available in list:

AWS > Services > EC2 > Snapshots >…

è VERIFY:

AWS > Services > EC2 > expand Images > AMIs >…

Here, we can see our image is about to be available. But similarly we can see that Visibility of our AMI is Private.

Means this AMI will be visible to us only. But is we want it to be visible to others, we can make it public:

AWS > Services > EC2 > expand Images > AMIs > Select AMI > Actions > Modify image permissions: [*] Public OR we can make it visible it to a couple of AWS accounts, by providing Account Numbers.
As this is a custom AMI, then we must use older decrypted password to login to the instance created by this AMI.

Q. How to copy custom AMI from one region to another region?
A. We are copying our custom AMI named 'my-win-golden-image' from Ohio region to N. Virginia:
AWS > Services > EC2 > AMIs > Select AMI > Actions > Copy AMI > Destination region: US East (N. Virginia) > Name: already selected > Copy AMI.



Practical #12: Create a custom image from Linux instance snapshot and launch another instance with this custom AMI named 'lin-custom'.

Steps need to follow:
  1. Login to the Linux instance and create some directories and files
  2. Create a snapshot named 'snap1' from this instance.
  3. Create an image from this snapshot.
  4. Launch Linux instance named 'lin-custom'
  5. Verify in this instance we have the same directories and files or not
Step 1. LOGIN TO THE LINUX INSTANCE AND CREATE SOME DIRECTORIES AND FILES

è Login to the instance using Public IP and Private Key from laptop > username: ec2-user

è Create directories and files:

# pwd                                                                   //to know the present working directory
/home/ec2-user

# mkdir dir{1..2}                                                //to create 2 directories

# touch file{1..2}.txt                                        //to create 2 files

# ls -l                                                                      //list all the directories and files

Step 2. CREATE A SNAPSHOT NAMED 'SNAP1' FROM THIS INSTANCE:

AWS > Services > EC2 > Volumes > select volume > Actions > Create Snapshot > Description: lnux tested server want to move to another AZ > Name: lnux_tested_server > Create snapshot > Close.

Step 3. CREATE AN IMAGE FROM THIS SNAPSHOT:

AWS > Services > EC2 > Snapshots > Select Snapshot > Actions > Create image > Name: linux-golden_image > Description: linux golden copy > Apart from this do change only whatever you want to change > Create > Close.

VERIFY:

AWS > Services > EC2 > AMIs.

It's snapshot will also be available in the snapshots section.

Step 4. Launch Linux instance named 'lin-custom'

AWS > Services > EC2 > AMIs > Select AMI 'linux-golden-image' >…

OR

AWS > Services > EC2 > Instances > Launch instance > My AMIs > here we can see our image: Select this >…

…Launch > Next: Configuration instance details > Select AZ: Subnet: us-east-2a > Add: Storage > Add: Tags > Name: lin-custom > Next: Configure security group > Select an existing security group: select one, which open port number 22 > Review and launch > Launch > Create a new key-pair or select any existing key-pair > Launch Instances > View Instances.

Step 5. VERIFY IN THIS INSTANCE WE HAVE SAME DIRECTORIES AND FILES OR NOT

AWS > Services > EC2 > Instances > Select instance named 'lin-custom' > Provide public IP and private key to putty > username: ec2-user…

$ pwd                                                    //verify location
/home/ec2-user

$ ls -l
drwxrwxr-x 2 ec2-user ec2-user 6 May 10 17:36 dir1
drwxrwxr-x 2 ec2-user ec2-user 6 May 10 17:36 dir2
-rw-rw-r-- 1 ec2-user ec2-user 0 May 10 17:36 file1.txt
-rw-rw-r-- 1 ec2-user ec2-user 0 May 10 17:36 file2.txt

We can see, we got all of the files and directories.





No comments:

Post a Comment

Pages