背景

EC2のAuto Recovery機能は、対象のEC2に制限が有り、エフェメラルディスクが付いていると利用できません。
http://docs.aws.amazon.com/ja_jp/AWSEC2/latest/UserGuide/ec2-instance-recover.html
http://aws.typepad.com/aws_japan/2015/03/ec2-auto-recovery-new-region.html

例えエフェメラルディスクを付けずにlaunchしたEC2であっても、AWSコンソールから起動せずAWS CLIからlaunchしたものも、ブロックデバイスマッピングのすべてのインスタンスストアボリュームに対して”NoDevice”を指定していないと、Auto Recovery機能が使えないという現象があります。
具体的にはrun-instancesのパラメータ”–block-device-mappings”でxvdca~xvdczのすべてに対して”NoDevice”を指定しないとダメということになります。

aws ec2 run-instances --image-id ami-xxxx --instance-type m4.large --block-device-mappings '[{"DeviceName": "xvdca", "NoDevice": ""}, {"DeviceName": "xvdcb", "NoDevice": ""}, {"DeviceName": "xvdcc", "NoDevice": ""}, {"DeviceName": "xvdcd", "NoDevice": ""}, {"DeviceName": "xvdce", "NoDevice": ""}, {"DeviceName": "xvdcf", "NoDevice": ""}, {"DeviceName": "xvdcg", "NoDevice": ""}, {"DeviceName": "xvdch", "NoDevice": ""}, {"DeviceName": "xvdci", "NoDevice": ""}, {"DeviceName": "xvdcj", "NoDevice": ""}, {"DeviceName": "xvdck", "NoDevice": ""}, {"DeviceName": "xvdcl", "NoDevice": ""}, {"DeviceName": "xvdcm", "NoDevice": ""}, {"DeviceName": "xvdcn", "NoDevice": ""}, {"DeviceName": "xvdco", "NoDevice": ""}, {"DeviceName": "xvdcp", "NoDevice": ""}, {"DeviceName": "xvdcq", "NoDevice": ""}, {"DeviceName": "xvdcr", "NoDevice": ""}, {"DeviceName": "xvdcs", "NoDevice": ""}, {"DeviceName": "xvdct", "NoDevice": ""}, {"DeviceName": "xvdcu", "NoDevice": ""}, {"DeviceName": "xvdcv", "NoDevice": ""}, {"DeviceName": "xvdcw", "NoDevice": ""}, {"DeviceName": "xvdcx", "NoDevice": ""}, {"DeviceName": "xvdcy", "NoDevice": ""}, {"DeviceName": "xvdcz", "NoDevice": ""} ]'

terraformでエフェメラルディスクを付けずにlaunchしたEC2もやはり同じ理由でAuto Recovery機能が利用できず、更に残念な事に”NoDevice”がterraformでは設定出来ずAWS CLIのような回避方法もありませんでした。

そんななか、先日December 13, 2016のv0.8.0へのバージョンアップ時に、No Deviceに対応出来るようになったとの事で、試してみました。
https://github.com/hashicorp/terraform/issues/8455

成功したサンプル

赤文字部分がNo Deviceの記載箇所になります。

(かなり長くなってしまいますが・・・)

resource “aws_instance” “hoge-ec2” {
ami = “ami-xxx”
instance_type = “t2.medium”
key_name = “hoge-key”
subnet_id = “${aws_subnet.subnet-a.id}”
security_groups = [“${aws_security_group.hoge-ec2.id}”, “${aws_security_group.hogehoge.id}”]
private_ip = “10.0.0.10”
disable_api_termination = true
tags {
Name = “hoge-ec2”
}
iam_instance_profile = “role-hoge”
root_block_device {
volume_type = “gp2”
volume_size = 50
}
ebs_block_device {
device_name = “xvdd”
volume_type = “gp2”
volume_size = 50
delete_on_termination = false
encrypted = true
}

ephemeral_block_device {
device_name = “xvdca”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcb”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcc”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcd”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdce”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcf”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcg”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdch”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdci”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcj”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdck”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcl”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcm”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcn”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdco”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcp”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcq”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcr”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcs”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdct”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcu”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcv”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcw”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcx”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcy”
no_device = “true”
}
ephemeral_block_device {
device_name = “xvdcz”
no_device = “true”
}

}

以上です。

元記事はこちら

terraform v0.8.0でAuto Recovery機能が利用出来るEC2をlaunch出来ました(インスタンスストアボリュームに対して “NoDevice” を指定出来るようになりました)