UPDATED 11:15 EST / SEPTEMBER 25 2014

Amazon forced to reboot its EC2 instances to fix Xen bug

small__4352509763Amazon Web Services is set to begin a messy but necessary reboot of its Elastic Compute Cloud (EC2) instances in order to fix a bug that was found within the Xen virtualization platform.

The reboots, which will affect instances all over the world, should be completed by the end of this month. Amazon refused to say why it needed to upgrade the instances, but it’s widely believed that a security issue affecting underlying hosts is responsible.

Amazon emailed its EC2 customers today to warn them of the reboot, saying it was “required host maintenance”.

According to an email the cloud giant fired off at customers: “One or more of your Amazon EC2 instances are scheduled to be rebooted for required host maintenance. The maintenance will occur sometime during the window provided for each instance. Each instance will experience a clean reboot and will be unavailable while the updates are applied to the underlying host.”

Amazon added that each reboot will only take a “few minutes”, after which instances would return to normal operation, retaining all data and configurations. “We will need to do this maintenance update in the window provided,” it added. “You will not be able to stop/start or re-launch instances in order to avoid this maintenance update.”

Although Amazon doesn’t want to let on why the reboots are so necessary, ITNews cites an unnamed source who claims it’s necessary because of an “unspecified vulnerability” found within the open-source Xen-108 platform.

Unlike previous updates, reboots made before the patch blitz would not guarantee connection to a patched host.

Unsurprisingly, some AWS users have complained on the AWS user forum that they’ve been given too short notice to monitor services that may be affected during the maintenance event. However, others have praised AWS for forcing a reboot at the expense of some downtime rather than allowing instances to continue running insecurely.

RightScale, a company which manages AWS workloads, wrote a blog post recommending EC2 users monitor ‘events’ within their AWS console to find the most reliable updates. “For instances where a short reboot is safe and acceptable, you don’t need to do anything: They will simply reboot during maintenance and stay on the same host with the same ephemeral disks and the same IP address,” wrote RightScale co-founder Thorsten von Eicken.

However, Von Eicken said it gets a bit messier for those running databases on EC2. “For databases, if you have set up the recommended master-slave configuration across AZs, you have the option to reboot the impacted AZ ahead of the maintenance window in an attempt to get an instance that is already patched.”

Amazon says that instance types T1, T2, M2, R3 and HS1 are not affected and will not be rebooted. As for the rest of its instances, these will start rebooting on September 26 at 2:00 UTC/GMT, before ending on September 30, at 23:59 UTC/GMT.

photo credit: Orin Zebest via photopin cc

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.