Moving AWS EC2 to a new Region

Contains tips for configurators working with Aware IM
Post Reply
customaware
Posts: 2391
Joined: Mon Jul 02, 2012 12:24 am
Location: Ulaanbaatar, Mongolia

Moving AWS EC2 to a new Region

Post by customaware »

After discussion at the conference about EU data laws I decided it might be prudent to move my Saas app which was running
on AWS (Oregon) to Frankfurt. I understand that this would satisfy everybody so long as the US or elsewhere do not mandate that their
citizens data must also be kept in country.

Ok....This is not a detailed step by step but a just a bit of a precise on the experience.

I was advised and read that you needed to do the following...

Shutdown your Origin Instance
Make a AMI from it
Make a Snapshot of the AMI
Move the Snapshot to Destination Region (in my case Frankfurt)
Then do it backwards at Frankfurt

Ok... Followed the steps and stumbled..
Made AMI - 25-30 mins for 100gb
Made Snapshot - 25-30 mins
Moved Snapshot - 25-30 mins
Created Image from Snapshot 25-30 mins
Remember.... I was explicitly following others instructions (2 sets saying the same thing)

Now the problem. You can launch a new Instance from the new AMI.
But, some how, Amazon interpreted my new AMI as a Linux AMI rather than Windows and forced a higher charge tier than at the Origin.

Back to the drawing board... more reading.... Google is a wonderful, wonderful thing...

Anyway..... Scrub all of that. What you will find is that a lot of the info you read it old and out of date. AWS introduce newer functionality all the time and the docs that
pop up when searching for answer generally pre-date the changes... even if you filter... like last year or month.

As it turns out.....You no longer need to take a Snapshot.
You can move an AMI directly to a different Region. That worked.
Once it it there you can Launch a new EC2 Instance from the transferred AMI and Amazon recognises is as being the same Tier and platform as the Origin.
Ok...

Next...

Security Groups:
Apparently there is a way to migrate them across and also export and import them but I am a lazy reader and dont have too many so just opened two tabs and reinstated them manually.

Elastic IP:
You cannot just transfer an Elastic IP between regions. You can between zones in a Region but not between regions.
Spin up a new Elastic IP in the new region and Associate it with your new EC2 Instance.

Next.... Fire up the new Instance and see if we can log into it... Damn!
You need new Keys for the new Region and the Windows Admin password in the transferred instance does not work. This was a bit of a drama.
In short.... You need to...

Spin up a new temporary Windows Instance in the new Region.
Stop you new transferred Instance and detach the Volume.
Now attach that Volume to your new temporary Instance (because you created that here the new region keys work and you can log into it)
Log into Windows on the Temp Instance and use the disk management utility to make the attached Volume (this will make two as the new Temp instance will already
be created with one) available to Windows... making it a visible drive.
Then you need to edit \Program Files\Amazon\Ec2ConfigService\Settings\config.xml.
Find <Plugin><Name>EC2SetPassword</Name><State>Disabled</State>
and change the Disabled to Enabled
Here is the docs...
http://docs.aws.amazon.com/AWSEC2/lates ... words.html
Save that.
In Disk Management utility in Windows.. disconnect the Volumes from the Temp Instance.
Detach the Volume from the Temp Instance and re-Attach to your new transferred Instance.

Fire it back up and then you can apply your new region key pair to get the Admin password.....
Phew!

Next...

RDS:
Amazon cannot legally transfer your RDS into an EU Region apparently. So you need to do it yourself (if you are not using RDS and you have your DB actually on your EC2
instance the you are all good... it will already be on your new instance)

You need to DUMP your DB on your old RDS Instance. Do that first actually before you even make your Origin Instance AMI.
Spin up a new RDS instance in your new region of the same DB type as your Origin RDS.
Set the Security Group for RDS and include it in the EC2 Security Groups
Once you can RDP into your new EC2 Instance then you can transfer your dumped BASDB and BASDBTEST dumps to your new instance and import them into MySQL.
You now have a new Endpoint for your MySQL database which you need so as to point AwareIM to it as well as MySQL WorkBench assuming you use that.

Domains:
Disassociate any Domains that are associated with you old EIP and Re-Associate them to the new EIP in the new region... This happens surprisingly quickly.

Ok... I think you are nearly done (I am sure I have forgotten something...) So... fire up Aware...

Damn! No Product ID

I have no idea why this did not show up the db was a pure dump and reload...

Anyway... you will need to contact AwareSoft for this and they will expertly (and expediently!) provide you with a little process to recover the new Product ID and provide you with
a new Product Key..... I would recommend that you maintain access to your old EC2 instance so that AwareSoft can have you decommission the the old Aware installation at before
commissioning the new one.... That whole process is 20mins with an exchange of emails.

Anyway.... I am now Sprechen Sie Deutsch! and very happy.

The process was tedious and somewhat frustrating when you haven't really a clue what you are doing but I thoroughly enjoyed the learning experience and it gives you an uncanny sense of power when you can essentially pick up a whole server from the USA and dump it in Europe and have the whole thing back up complete with Domain working just in a few hours. Spooky Cool!

Need a beer after that!

Enjoy.
Cheers,
Mark
_________________
AwareIM 6.0, 8.7, 8.8, 9.0 , MariaDB, Windows 10, Ubuntu Linux. Theme: Default, Browser: Arc
Upcloud, Obsidian....
Image
Jaymer
Posts: 2430
Joined: Tue Jan 13, 2015 10:58 am
Location: Tampa, FL
Contact:

Re: Moving AWS EC2 to a new Region

Post by Jaymer »

Mark I just did this... having NOT read your post on the topic.
Searching and figuring it out for myself... with similar exp. in some areas as you.

After copying my first AMI to new region, when I started it up I could not connect. From the EC2 dashboard, when I asked for the password, it said "Wait 4 minutes after starting.... OR This will use the same id/password as the original AMI"

Well, I tried that original ID and it wouldn't work. Instead of messing with detaching Volumes and editing the file (which I found a HOWTO with explicit instructions), I just went back to my original Instance and logged in via RD. There's a program EC2ConfigService Settings where you can tell it to generate a Random PW if requested. Normally its off.
So I made new AMI, transferred it, Launched it and asked for the PW via dashboard and used the .perm file and Voila.

My 1st instance was on the free T2.micro and I found I was hitting the 1Gig memory limit. It took 10 seconds to F5 refresh the browser to login and test changes. And a large Update process was crashing I think as Mem was pegged 100%.
New region used a T2.small with the 2Gig Ram and HOLY COW its speedy. I think because you had used Oregon before, thats where mine was created so I changed to East-Ohio and all thats super fast now.

fyi
jaymer...
Click Here to see a collection of my tips & hacks on this forum. Or search for "JaymerTip" in the search bar at the top.

Jaymer
Aware Programming & Consulting - Tampa FL
Post Reply