Tuesday, March 6, 2018

Upgrading Kernel Version on Aws Ec2 instance

There are multiple requirements for upgrading the Kernel version on the Ec2 instance on the AWS instances. You will definitely want to upgrade for the bug fixes and the stability which comes with the updated version.

In our case we have to install the Antivirus required for the audit purpose but the issue arise when we were using the older version of the Kernel which was not supported by the Antivirus. This was particularly essential since antivirus provides you with active defense against unknown threats which are not included in the free antivirus. So we were required to update the kernel version.

We were running the 3.13.0-105-lowlatency version of the kernel however the following version was supported by the Antivirus. We were required to upgrade the kernel to 3.13.0-142-generic for the antivirus to work.

Upgrading the kernel version on the Aws ec2 instances can be little tricky because if you don't do it properly it would certainly cause the startup failures. We already faced issues with one of our instance when we initially tried to upgrade the kernel version through apt directly after the restart the status checks for the instance reachability got failed and this in-turned added the complexity during the upgrade. I am going to discuss in a separate post , how you can recover an instance in case you have corrupted the kernel upgrade and Ec2 instance fails to start due to Ec2 instance health check failures. 

Its good to take the snapshot of the volumes separately for such scenarios in case your instance fails to start you can create new volume out of the snapshot, replace the old volumes with new and you should be able to start the instance without any issues. This is particularly the best saviour you have in case something goes wrong during the kernel upgrade. 

Once the snapshot is completed you just need to install the package bikeshed. ∫Bikeshed comes with additional binaries which are not shipped with the Linux distros by default.

 # apt-get install bikeshed  

Once you have installed the bikeshed you will get a command purge-old-kernels. This automatically reduces all the complexity as purges all the old version of the kernels and install the latest stable release of the kernel all by itself. However as an extra precaution it allows you to keep one more additional older kernel version other than the latest so that in case due to some problem if kernel with latest version fails due to some issue it can fail back to the older kernel version.

However in our case it didn't caused when we were having multiple kernel versions on different machines. But its always good to take precautions before making any changes. Just run the following command and accept yes when it prompts that its going to remove all the older version of the kernels.

 # purge-old-kernels  

Once its finished it would have already installed the latest version of the kernel for your distribution. you can check this as follows

 # dpkg -l | grep linux-image  

It would show all the installed version of the kernels. Next you just need to reboot the ec2 instance for the Aws dashboard. After which you can log back in the instance and check the kernel version as follows

 # uname -sr  



Post a Comment