Top Nav

Networking Broken On EC2 Instance Created From Snapshot

Situations have been observed where the network interface will fail to start on an AWS EC2 instance created from a snapshot of another instance. Since AWS EC2 lacks a facility to access the console, it’s not possible to login and fix this condition. One way to solve the problem is to:

  1. Stop the new instance.
  2. Detach root volume and attach to alternate server.
  3. From the alternate server, mount the root volume and edit the network config.
  4. Unmount the root volume.
  5. Make a snapshot of the root volume.
  6. Make an AMI image from the snapshot.
  7. Create a new EC2 instance from the AMI.

This will work but it takes significant effort and you have to have an available alternate server to mount and fix the root volume.

An alternate approach is to use the “User data” feature when creating the EC2 instance to inject a script that fixes the network config. For example let’s assume that we have a CentOS based AMI image named “host1-backup” which we wish to use create a new EC2 instance. The network config in the image has the MAC address explicitly specified in “/etc/sysconfig/network-scripts/ifcfg-ens5”. When the AMI boots, the specified MAC address does not match the interface and the new instance fails to start networking. This can be resolved as follows:

a. Launch a new EC2 using the “host1-backup” AMI from the AWS console. On “Step 3: Configure instance details”, in the “Advanced details” section enter the following:

b. When the instance starts the user data script will run and remove the HWADDR line from the interface control file.

c. Reboot the instance to allow the modified network config to activate.

There are other cases where this approach might be useful. for example a broken iptables / firewall config could be disabled from user data script.

Note that the “user data” script runs late in the boot process so it can not be used to fix problem like a missing volume from /etc/fstab or a corrupt boot loader.