Amazon aws, aws, ec2

Diagnosing EC2 Instances with EC2Rescue

Today I want to explain EC2Rescue tool which can be used for diagnosing EC2 instances. EC2Rescue is a simple tool available both for Linux and Windows and may help us to diagnose and troubleshoot OS and application related issues.

For this post, I’ll prefer to use EC2Rescue for Linux and will start by the Installation.

Steps for installing EC2REscue

  • Download the tool using “wget https://s3.amazonaws.com/ec2rescuelinux/ec2rl.tgz”
  • Unpack the tool using “tar -xvf ec2rl.tgz”
  • Go to the folder and run the tool “./ec2rl”

EC2Rescue has many modules that can be run easily. To list the modules just run “./ec2rl list”

 

Modules have three classes, gather, diagnose and collect. Also domains refer to the module area, some of them regarding to performance and some of them related to network and so on. Notice that some of the modules have “*” and also “+” symbols with the name. If there is “*” symbol, it means the module requires root permission to be run and for “+”, it requires –perfimpact=true and this module can impact the performance of the server.

For demonstration, let’s use the “sshpermissions” that verifies SSH filesystem permissions for our server.

First let’s get help about this module. As you may see, it runs filesystem permissions checks against all AuthorizedKeysFile in /home directory and requires root permissions

 

Now, let’s run and see the output. Again, we can see that the output logs are saved and diagnostic rules show that some users don’t have authorized_keys under their home folder.

 

We can see check the output log to see the details

EC2Rescue tool also has an upload feature and we can upload the results either to a AWS support URL or to a S3 bucket.

Finally, I should add that EC2Rescue tool also has a backup feature which allows us to create an AMI of the server or backup volume/volumes attached to the server.

Before running backup feature, you need to configure aws credentials for aws cli (You may need an IAM user with correct permission to create an AMI). I had already configure it and now I can use the backup feature for creating an AMI.

If I check the EC2 console, I can see the AMI is being created (Notice that the AMI name begins with EC2RL- I suppose the AMI process uses “no-reboot” option, couldn’t find information in the documentation). You can also develop your own modules and if you want to learn more, you can check this link. If you have any questions or comments, please feel free to write and don’t forget to share this post please.

 

 

Onur SALK

AWS Cloud & DevOps Consultant, AWS Certified Solutions Architect, AWS Community Hero

More Posts - Website

Follow Me:
TwitterFacebookLinkedIn

One thought on “Diagnosing EC2 Instances with EC2Rescue

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.