Nitro-based Instance Volumes

AWS introduced Nitro-based instances which are modular. They are meant for high performance, high availability, and high security systems. Nitro building blocks provide direct access to high-speed local storage over a PCI interface and transparently encrypts all data using dedicated hardware. It also provides hardware-level isolation between storage devices and EC2 instances so that bare metal instances can benefit from local NVMe storage. The following are Nitro-based instances: A1, C5, C5d, C5n, I3en, M5, M5a, M5ad, M5d, p3dn.24xlarge, R5, R5a, R5ad, R5d, T3, T3a, and z1d. Bare metal: c5.metal, c5n.metal, i3.metal, i3en.metal, m5.metal, m5d.metal, r5.metal, r5d.metal, u-6tb1.metal, u-9tb1.metal, u-12tb1.metal, and z1d.metal.

Although Nitro-based instances looks like regular volumes (/dev/xvda) from the AWS Console, inside the operating system, they look (/dev/nvme6n1) completely different.

In AWS Console, the storage devices will look like this.

/dev/sda1
/dev/xvdb
/dev/xvdc
/dev/xvdd
/dev/xvde
/dev/xvdh
/dev/xvdf
/dev/xvdi
/dev/xvdg
/dev/xvdj

In the operating system, invoking df -h, results in this.

/dev/nvme0n1p2   30G  7.0G   24G  24% /
/dev/nvme4n1     50G   20G   31G  40% /vol1
/dev/nvme1n1     10G  753M  9.3G   8% /vol2
/dev/nvme8n1    500G   67G  433G  14% /backups
/dev/nvme2n1    400G   12G  388G   3% /vol3
/dev/nvme6n1    150G  150G  755M 100% /vol4
/dev/nvme7n1     10G   33M   10G   1% /vol5
/dev/nvme5n1     10G  553M  9.5G   6% /vol6
/dev/nvme9n1    100G   91G   10G  91% /vol7

The big question is, how can you tell which volume is associated with which. You’ll need nvme program to map out the volumes. Install nvme-cli first.

yum install nvme-cli

Then run the command below.

# run nvme
sudo nvme id-ctrl -v /dev/nvme6n1 | grep xv
# the result
0000: 2f 64 65 76 2f 73 64 6a 20 20 20 20 20 20 20 20 "/dev/xvdf..."

Install GCP SDK

Here’s how to install Google Cloud Platform SDK on the following.

Centos, Fedora and Redhat

# Setup Repo
sudo tee -a /etc/yum.repos.d/google-cloud-sdk.repo << EOF
[google-cloud-sdk]
name=Google Cloud SDK
baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
# Install
yum install google-cloud-sdk

For Debian, Ubuntu, Mint

# Create an environment variable for the correct distribution
export CLOUD_SDK_REPO="cloud-sdk-$(lsb_release -c -s)"
# Add the Cloud SDK distribution URI as a package source
echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" \
  | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
# Import the Google Cloud Platform public key
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg \
  | sudo apt-key add -
# Update the package list and install the Cloud SDK
sudo apt-get update && sudo apt-get install google-cloud-sdk

Install AWS CLI on Ubuntu 16.04

I ran into an issue with AWS CLI on Ubuntu 16.04. I was getting this error, “AWSHTTPSConnection’ object has no attribute ‘ssl_context” every time I try to do a simple “aws s3 ls” command. So, here’s the fix.

Assuming you installed “awscli” using apt. Go ahead and uninstall it.

apt remove awscli

Install awscli using pip instead.

apt install python-pip
pip install awscli
aws --version

If this is a fresh install, you may have to run “aws configure.”

TrendMicro Security Agent

How to start/stop/restart/status TrendMicro Security agent.

/etc/init.d/ds_agent start
/etc/init.d/ds_agent stop
/etc/init.d/ds_agent restart
/etc/init.d/ds_agent status
/etc/init.d/ds_agent reset

Check if installed.

rpm -qa | grep 'ds_agent'

Install with verbose and hash.

rpm -ivh package-name

Uninstall with verbose.

rpm -ev package-name

Amazon Linux Docker Install

Here’s the installation of Docker for the original Amazon Linux.

# To install docker
sudo yum install docker
sudo service docker start
# Validate it's working
docker --version
docker run hello-world
docker ps -a
docker image ls