Day: January 5, 2019

AWS EC2 Instances

Raghavendra Seshumurthy

EC2 Instances:

  1. On-demand instances
  2. Reserved instances
  3. Spot instances
  4. Dedicated hosts
  5. Scheduled instances

On-demand instances:

  • These instances are chanrged per hour basis.
  • When instances are not running, there are no charges.
  • Even if instance is stopped, bill counts for EBS volumes attached to the instance.
  • Use this instance type when we need instances for short duration (1 day, 1week, one month.

Reserved Instances:

  • We can reserve instances either one or three years.
  • The advantage of reserved instance is we can save up to 70% of the cost when compared with ondemand instances
  • Once reserved purchase is done, there is no option to terminate the contract, only option is to sell it over AWS marketplace
  • Reserved instance payment options: All upfront, Partial upfront and no upfront.
  • AWS billing automatically applies discovered rates when you launch an instance that matches your purchanges RI.
  • EC2 Reserved instance has three types.
  •  1. Standard
  •  2. Convertible
  •  3. Scheduled.aws-ec2
  • RI’s can be shared across multiple accounts with in consolidated billing.

Spot Instances:

  • Amazon EC2 spot instances allow you to bid on spare Amazon EC2 computing capacity for up to 90% off the on-demand price
  • Spot instances are excess EC2 capacity that AWS tries to sell on an market exchange basis.
  • Customer defines highest willing to pay for instance. If capacity is constrained and others are willing to pay more, your instance might get terminated or stopped.
  • For “one time request”, instance is terminated and ephermal data is lost.
  • For “reqeust and maintain”, instance can be configured to terminate, hybernate or stop until price point can be met again.

Dedicated Hosts:

  • A dedicated host is a phsyical EC2 server dedicated to your use.
  • Dedicated hosts can help you reduce costs by allowing you to use your existing server-boud software license, including windows server, SQL server, SUSE linux etc.

Scheduled instances:

  • We can buy instances based on your schedule.
  • Example: if you need servers on daily, weekly, monthly basis and in dedicated hours for example: 4 to 5 hours per day, then you can go for scheduled instances.

 

 

 

 

Checkpoint-Memoryleak-Issues-due to VMalloc

Raghavendra Seshumurthy

Issue: Unable to push policy to Checkpoint firewalls

Cause: memory leak issue

Symptom: 

Firewallname> kernel: allocation failed: out of vmalloc space – use vmalloc=<size> to increase size

<Firewallname> kernel: printk: 29 messages suppressed.

<Firewallname> kernel: allocation failed: out of vmalloc space – use vmalloc=<size> to increase size

<Firewallname> kernel: [fw_0];FW-1: h_getvals: fw_kmalloc (92962728) failed

<Firewallname> kernel: [fw_0];FW-1: h_getvals: fw_kmalloc (93068568) failed

Resolution:

  1. Login to standby firewall
  2. Take a backup of /boot/grub/grub.conf
  3. Modify the vmalloc value from 256M to 512M or 768M for normal mode

Using VI editor

  1. Save the file using Esc+Shift+:
  2. Reboot the standby firewall
  3. Once standby firewall is up, verify the cluster status using

Cphaprob stat

  1. If cluster status is in active and standby
  2. Failover the traffic to rebooted device using below command

Clustexl_admin down

  1. Perform same procedure from 1 to 7.
  2. Failover the traffic back to original active device