If you’re planning on running Oracle VM with Amazon EC2, there are some important limitations you should know about.
As part of my work getting the Oracle Linux Unbreakable Enterprise Kernel 2 working (yeah that’s a mouthful), I tried using the Oracle-supplied Oracle Linux 6 AMI images that are listed as community AMIs by Amazon:
[marc@shakybox2 ~]$ ec2-describe-images -a --filter "name=*Oracle Linux 6*" IMAGE ami-87a076ee 936851542197/Oracle Linux 6.1 x86_64 - OVM 936851542197 available public x86_64 machine aki-4e7d9527ebs paravirtual <b>ovm</b> BLOCKDEVICEMAPPING /dev/sda snap-ea95e18e 20
The “OVM” part here is interesting. Amazon EC2 is typically set up on their own version of Xen, but this image uses a different, though similarly Xen-based, hypervisor: Oracle VM. This appears to be a result of the Oracle-Amazon partnership so touted by Larry Ellison in his OpenWorld 2010 keynote.
The AMI itself launched as expected (once I had set the instance type to large; it would seem we need the 7.5G of RAM the large instance provides!) But after the initial install, I was completely unable to use any kernel other than the 2.6.32-100.34.1.el6uek.x86_64 kernel originally supplied.
Every time the instance would be listed as running but unreachable with the console log showing a variation of
"main" "root=/dev/sda1" "ro" "4" vbd 2049 is hd0 ******************* BLKFRONT for device/vbd/2049 ********** backend at /local/domain/0/backend/vbd/313/2049 Failed to read /local/domain/0/backend/vbd/313/2049/feature-barrier. Failed to read /local/domain/0/backend/vbd/313/2049/feature-flush-cache. 41943040 sectors of 512 bytes
Since it’s impossible to specify a –kernel alternate kernel option with Oracle VM hosts, I can’t explicitly attach a different kernel. And the ec2-register command used to create AMI images does not have the option to create an image with the Oracle VM hypervisor at all. This Amazon FAQ document gives a clue:
Q: Can customers import Oracle Virtual Machine templates into AmazonEC2?
Oracle will distribute templates of Oracle Applications that have been produced by Oracle and approved by AWS. Customers will be able to customize these environments and save them as derivative images which also run on the Oracle Virtual Machine.
So it’s possible to customize pre-made templates, but the ability to create new templates is conspicuously not mentioned. And indeed, it’s possible to create a derivative image using ec2-create-image that still has an OVM hypervisor, but there’s no mechanism to use a custom kernel with this command.
So the take-away here seems to be:
- It’s possible to create Oracle VM-based Amazon EC2 instances, but only from Oracle-created AMIs.
- There’s no mechanism to use kernels other than those bundled with the image, so there’s no prospect of applying security updates unless Oracle releases a new AMI.
- Fortunately, I was able to get the Oracle Linux UEK2 kernel working with Amazon’s ordinary Xen hypervisor, though there’s no pre-built AMI for it. I made a separate blog post about this.
For you readers: Have any of you managed to get a successful Oracle VM-based Amazon EC2 instance working? How do you deal with the issue of kernel updates?
Interested in working with Marc? Schedule a tech call.