Amazon readies major cloud server reboot

Customers should check to see if their AWS cloud instances are affected; Xen hypervisor security bug could be to blame

cloud computing and wireless communications 139562453
Getty Images

Amazon Web Services will be updating a substantial number of its cloud servers, and customers are recommended to re-launch their instances in the coming days, according to AWS consultants.

Amazon has not said why the reboot is happening, but AWS watchers believe it is to patch a security issue. The company will be updating many of its servers between Thursday, Sept. 25 at 10 PM ET and Tuesday Sept. 30 at 7:59 PM ET, according to Amazon partner and cloud consultancy RightScale.

More from Network World: Amazon: Reboot is not related to 'Shellshock' +

On Wednesday evening AWS sent out a notice to at least a portion of its customers notifying them of “required host maintenance,” according to an email an AWS user sent to Network World. The notice to customers does not explain why the reboot is necessary, but speculation is swirling that it is to patch a security bug in the Xen hypervisor.

Customers should be notified via email if their instances are impacted, or their AWS Console will notify them of virtual machine instances that will be updated, RigthtScale officials say. According to a blog post alerting customers of the reboot, RigthScale says the patches will impact all of Amazon’s regions and Availability Zones, and will affect many of the company’s virtual machine instances types. Instance types not impacted are the T1, T2, M2, R3 and HS1 instances, which would leave the C3, M3, G2 and I2 subject to patching. Amazon has not said that all instances of those affected instance types will be impacted though.

AWS will reboot of the servers, so this does not require customer action, but RightScale recommends that users reboot their servers as well, both in an effort to get the application on one of the patched instances, and to ensure that applications run smoothly through a reboot.

Reboots and updates of cloud services are not unprecedented, but one of this scale is unusual. AWS issues many behind-the-scenes updates and patches to its cloud regularly. Every so often the company requires an instance reboot or a system-wide reboot, as AWS mentions here. This appears to be one of the larger reboots of its service that requires customer action since 2011.

RightScale says that the best resource for customers is the AWS Console, which is the main landing page for users to monitor their AWS usage. The console will alert users whether their instances have been updated yet or not. RightScale says that AWS will be rolling out the patch across various regions and availability zones (AZs) individually. Customers who have their application spread across multiple AZs and regions are less prone to having issues.

+ Also on NetworkWorld: Mapping the cloud: Where does the public cloud really live? +

RightScale encourages users to update their VMs as soon as possible, but they say that if customers update their VMs before the patch is completed by AWS for that zone then there is no guarantee they will be on an updated and patched machine. Customers should recheck the Console until they see that their instances are patched. 

RightScale founder and CTO Thorsten Von Eicken says it seems clear AWS is patching a critical security update. "As usual, AWS is totally tight-lipped about the underlying cause. It seems obvious that the company is patching a security vulnerability, but it will not disclose which one until October 1 — that is, after they have patched all hosts."

An AWS official responded to a commenter in the company’s Forum page apologizing for the impact and short notice, but saying that its actions involve “very timely security and operational patches.”

AWS has instructions here on how to reboot instances. In the EC2 console there is a tab named “Instances” -- from there, navigate to “actions” and click “reboot.” AWS says when an instance is rebooted, it remains on the same physical host and keeps its public DNS name, private IP address, and any data on its instance store volumes. It does not start a new billing cycle.

Copyright © 2014 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022