Why can’t resize ec2 instance to c5?

The following previous generation instance types support PV AMIs: C1, C3, HS1, M1, M3, M2, and T1. Current generation instance types do not support PV AMIs.

Reference: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/virtualization_types.html

Failed to connect to ssh after recovering an ec2 snapshot

Solution 1
1. Use verbose mode to see the error

ssh -v xxx.xxx.xxx.xxx

2. Delete the corresponding row in ~/.ssh/known_hosts

Reference: https://stackoverflow.com/questions/18551556/permission-denied-publickey-when-ssh-access-to-amazon-ec2-instance

Solution 2
1. Detach the volume
2. Create a temporary ec2 instance and attach the volume into it
3. Login to the temporary ec2 instance
4. Check the device code

lsblk

5. Mount the volume (/dev/xvdg)

mkdir mount_point
mount /dev/xvdg1 mount_point

6. Change the ssh config.
7. Attach the volume back to the original ec2 instance
8. Delete the temporary ec2 instance
9. Delete the corresponding row in ~/.ssh/known_hosts and try again

Reference:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html#TroubleshootingInstancesConnectingMindTerm

Setting Up a New Amazon EC2 Server (2018-06-08)

Create Amazon EC2 Instance
1. Login to AWS Management Console
2. Select Amazon EC2
3. Click “Instances” from the left menu
4. Click “launch Instance”

Create Elastic IPs
1. Login to AWS Management Console
2. Click “Elastic IPs” from the left menu
3. Click “Allocate New Address”
4. Select “EC2” and click “Yes, Allocate”

Assign Elastic IP to an Instance
1. Right click an IP and select “Associate”
2. Select an instance and click “Yes, Associate”

First Time Connect
1. Download PuttyGen
2. Click “Load” and select the .pem file
3. Click “Save private key”
4. Open putty
5. From the left menu, select Connection > SSH > Auth
6. Click “Browse” and select the ppk file created in step 3
7. Connect to your instance with the username “ec2-user”

Change Password

sudo passwd root

Create user

adduser myhelper
passwd myhelper

Add user to sudoers

visudo
myhelper  ALL=(ALL)       ALL

Configure sshd

vim /etc/ssh/sshd_config
PasswordAuthentication yes
AllowUsers myhelper
/etc/init.d/sshd restart

Change timezone

ln -sf /usr/share/zoneinfo/Hongkong /etc/localtime
(or use tzselect)

Install Apache, MySQL, PHP, FTP

yum install httpd24 mod24_ssl mysql57-server php71 php71-mysqlnd php71-common php71-gd php71-mbstring php71-mcrypt php71-devel php71-xml vsftpd

chkconfig httpd on
chkconfig mysqld on
chkconfig vsftpd on

Create virtual host directory

mkdir -p /var/www/vhosts/myhelper.com/subdomains
mkdir -p /var/www/vhosts/myhelper.com/htdocs
mkdir -p /var/www/vhosts/myhelper.com/logs
chown -R myhelper.myhelper /var/www/vhosts/myhelper.com

Configure PHP

vim /etc/php.ini
max_input_vars = 50000

Configure Apache

vim /etc/httpd/conf/httpd.conf
KeepAlive off
Include /etc/httpd/conf/extra/httpd-vhosts.conf
<IfModule prefork.c>
StartServers            30
MinSpareServers         30
MaxSpareServers         45
ServerLimit             4000
MaxRequestWorkers       4000
MaxConnectionsPerChild  4000
</IfModule>

vim /etc/php.ini
upload_max_filesize = 5M
post_max_size = 8M
memory_limit = 256M

mkdir /etc/httpd/conf/extra
vim /etc/httpd/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
  DocumentRoot "/var/www/vhosts/my-helper/htdocs"
   ServerName my-helper.com
    ServerAlias www.my-helper.com
   <Directory "/var/www/vhosts/my-helper/htdocs">
      Options Indexes FollowSymLinks
      AllowOverride All
       Order allow,deny
        Allow from all
  </Directory>
  ErrorLog "/var/www/vhosts/my-helper/logs/error.log"
   #CustomLog "/var/www/vhosts/my-helper/logs/access.log" common
</VirtualHost>

/etc/init.d/httpd restart

Configure Vsftpd

vim /etc/vsftpd/vsftpd.conf
userlist_deny=NO
user_config_dir=/etc/vsftpd/userconfig
chroot_local_user=YES
port_enable=YES
pasv_enable=YES
pasv_min_port=21024
pasv_max_port=21048
pasv_address={your public ip address}
vim /etc/vsftpd/user_list
myhelper

mkdir /etc/vsftpd/userconfig
vim /etc/vsftpd/userconfig/myhelper
local_root=/var/www/vhosts/my-helper

/etc/init.d/vsftpd restart

Update sysctl.conf

vim /etc/sysctl.conf
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_tw_recycle=0
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_max_syn_backlog=8192

sysctl -p

Update Security Group
1. Login to AWS Management Console
2. Click “Security Groups” from the left menu
3. Select your security group
4. Add TCP port 20-21, 80, 21024-21048

Amazon AMI – Upgrade PHP from 5.4 to 5.6

cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.20170226

yum remove httpd* php* mod_ssl

yum install httpd24 mod24_ssl php56 php56-mysqlnd php56-common php56-gd php56-mbstring php56-mcrypt php56-devel php56-xml

vim /etc/httpd/conf/httpd.conf

<IfModule prefork.c>
StartServers            30
MinSpareServers         30
MaxSpareServers         45
ServerLimit             4000
MaxRequestWorkers       4000
MaxConnectionsPerChild  4000
</IfModule>

KeepAlive off
Include /etc/httpd/conf/extra/httpd-vhosts.conf

vim /etc/php.ini

max_input_vars = 50000

/etc/init.d/httpd restart

chkconfig httpd on

Setting Up a New Amazon EC2 Server (2017-02-25)

Create Amazon EC2 Instance
1. Login to AWS Management Console
2. Select Amazon EC2
3. Click “Instances” from the left menu
4. Click “launch Instance”

Create Elastic IPs
1. Login to AWS Management Console
2. Click “Elastic IPs” from the left menu
3. Click “Allocate New Address”
4. Select “EC2” and click “Yes, Allocate”

Assign Elastic IP to an Instance
1. Right click an IP and select “Associate”
2. Select an instance and click “Yes, Associate”

First Time Connect
1. Download PuttyGen
2. Click “Load” and select the .pem file
3. Click “Save private key”
4. Open putty
5. From the left menu, select Connection > SSH > Auth
6. Click “Browse” and select the ppk file created in step 3
7. Connect to your instance with the username “ec2-user”

Change Password

sudo passwd root

Create user

adduser myhelper
passwd myhelper

Add user to sudoers

visudo
myhelper  ALL=(ALL)       ALL

Configure sshd

vim /etc/ssh/sshd_config
PasswordAuthentication yes
AllowUsers myhelper
/etc/init.d/sshd restart

Change timezone

ln -sf /usr/share/zoneinfo/Hongkong /etc/localtime
(or use tzselect)

Install Apache, MySQL, PHP, FTP

yum install httpd24 mod24_ssl mysql-server php56 php56-mysqlnd php56-common php56-gd php56-mbstring php56-mcrypt php56-devel php56-xml vsftpd

chkconfig httpd on
chkconfig mysqld on
chkconfig vsftpd on

Create virtual host directory

mkdir -p /var/www/vhosts/myhelper.com/subdomains
mkdir -p /var/www/vhosts/myhelper.com/htdocs
mkdir -p /var/www/vhosts/myhelper.com/logs
chown -R myhelper.myhelper /var/www/vhosts/myhelper.com

Configure PHP

vim /etc/php.ini
max_input_vars = 50000

Configure Apache

vim /etc/httpd/conf/httpd.conf
KeepAlive off
Include /etc/httpd/conf/extra/httpd-vhosts.conf
<IfModule prefork.c>
StartServers            30
MinSpareServers         30
MaxSpareServers         45
ServerLimit             4000
MaxRequestWorkers       4000
MaxConnectionsPerChild  4000
</IfModule>

vim /etc/php.ini
upload_max_filesize = 5M
post_max_size = 8M
memory_limit = 256M

mkdir /etc/httpd/conf/extra
vim /etc/httpd/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
  DocumentRoot "/var/www/vhosts/my-helper/htdocs"
   ServerName my-helper.com
    ServerAlias www.my-helper.com
   <Directory "/var/www/vhosts/my-helper/htdocs">
      Options Indexes FollowSymLinks
      AllowOverride All
       Order allow,deny
        Allow from all
  </Directory>
  ErrorLog "/var/www/vhosts/my-helper/logs/error.log"
   #CustomLog "/var/www/vhosts/my-helper/logs/access.log" common
</VirtualHost>

/etc/init.d/httpd restart

Configure Vsftpd

vim /etc/vsftpd/vsftpd.conf
userlist_deny=NO
user_config_dir=/etc/vsftpd/userconfig
chroot_local_user=YES
allow_writeable_chroot=YES
port_enable=YES
pasv_enable=YES
pasv_min_port=21024
pasv_max_port=21048
pasv_address={your public ip address}
vim /etc/vsftpd/user_list
myhelper

mkdir /etc/vsftpd/userconfig
vim /etc/vsftpd/userconfig/myhelper
local_root=/var/www/vhosts/my-helper

/etc/init.d/vsftpd restart

Update sysctl.conf

vim /etc/sysctl.conf
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_tw_recycle=0
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_max_syn_backlog=8192

sysctl -p

Update Security Group
1. Login to AWS Management Console
2. Click “Security Groups” from the left menu
3. Select your security group
4. Add TCP port 20-21, 80, 21024-21048

Encrypt EBS (Elastic Block Storage)

1. Shutdown the instance.
2. Create a snapshot of the volume.
3. Right click the snapshot and select “Copy”. Tick “Encrypt this snapshot”.
4. Right click the new snapshot and select “Create Volume”.
5. Check the root device path (e.g. /dev/xvda) of the instance.
6. Detach the old volume.
7. Attach the new volume and enter the root device path.