Xen security bug, you say? Amazon readies GLORIOUS GLOBAL CLOUD REBOOT
While we wait until Oct 1 for hypervisor fix
Amazon will tomorrow begin a bloody global reboot of its Elastic Compute Cloud (EC2) compute instances after it found a security bug within the Xen virtualisation platform.
The rolling minutes-long reboots would be completed by 30 September. Amazon did not name the reason for the upgrade, widely thought to be a security issue affecting underlying hosts.
Tech site ITNews cited an unnamed source who said the reboot was due to an unspecified vulnerability in the open-source Xen-108 platform. Later, Xen and Amazon confirmed a fix for a non-disclosed security flaw is due to be released on October 1.
Reboots made prior to the patch blitz would not guarantee connection to a patched host unlike previous maintenance updates.
Thorsten von Eicken, founder of Rightscale which manages AWS work loads, said EC2 users should monitor their 'events' page within the AWS console for the most reliable updates.
"For instances where a short reboot is safe and acceptable, you don’t need to do anything: They will simply reboot during maintenance and stay on the same host with the same ephemeral disks and the same IP address," von Eicken said.
"For databases, if you have set up the recommended master-slave configuration across AZs, you have the option to reboot the impacted AZ ahead of the maintenance window in an attempt to get an instance that is already patched."
Instance types including T1, T2, M2, R3, and HS1 were not affected. The reboots will occur during September 26 at 2:00 UTC/GMT (September 25, at 7:00 PM PDT) and ending on September 30, at 23:59 UTC/GMT (September 30, at 4:59 PM PDT). ®
Sponsored: Becoming a Pragmatic Security Leader