Amazon AWS Problems restoring from image in AWS

What type of image you restoring from and how was the image created ? Did you check to see if CSF Firewall is running ? As CSF Firewall is responsible for whitelisting ports for access - provided of course your AWS EC2 firewall has appropriate ports open too.

 

Shame AWS EC2 doesn't have out of band console/kvm access.

Has AWS image restore ever worked for Centmin Mod servers ? Or is this the first time it hasn't worked ?

I see you tried instance console access, what about troubleshooting docs ? As I stated before, Centmin Mod hasn't really been tested on AWS EC2 nor has it on Google Cloud, so probably a few gotchas somewhere.

• Troubleshooting an unreachable instance - Amazon Elastic Compute Cloud
• Troubleshooting connecting to your instance - Amazon Elastic Compute Cloud
• General prerequisites for connecting to your instance - Amazon Elastic Compute Cloud
• https://aws.amazon.com/premiumsupport/knowledge-center/ec2-linux-ssh-troubleshooting/
• https://aws.amazon.com/premiumsupport/knowledge-center/ec2-ssh-errors-automation-workflow/

Also in your SSH client try enabling verbose/debug logging to see what happens when you try to connect.

 

Should work out of the box on most network setups unless it's a NAT based private IP only VPS with no public IP address. CSF Firewall configuration for NIC/network is done at CSF Firewall install time

from /etc/csf/csf.conf config file

Code (Text):

grep -C5 -i eth /etc/csf/csf.conf 

###############################################################################
# SECTION:General Settings
###############################################################################
# By default, csf will auto-configure iptables to filter all traffic except on
# the loopback device. If you only want iptables rules applied to a specific
# NIC, then list it here (e.g. eth1, or eth+)
ETH_DEVICE = ""
# By adding a device to this option, ip6tables can be configured only on the
# specified device. Otherwise, ETH_DEVICE and then the default setting will be
# used
ETH6_DEVICE = ""
# If you don't want iptables rules applied to specific NICs, then list them in
# a comma separated list (e.g "eth1,eth2")
ETH_DEVICE_SKIP = ""

generally you don't need to configure these

 

Unfortunately, as I said AWS EC2 hasn't been tested by me.

Maybe first figure out if you have outbound network connectivity on image restore by setting up the Centmin Mod installed image to send you an email via postfix from within the AWS EC2 CentOS image on server reboot.

If the test confirms that you do have outbound network connectivity on image restore, then you can write a script to collect system info, network, iptables, csf firewall status and save to a text file on reboot and send all that info to you via postfix with the saved text file as a mail attachment.

 

A few common ones would be services installed/enable that fail to start on image restore and/or block csf firewall from starting up. Or if you tried to install Centmin Mod 123.09beta01 on EC2 with a sudo user it may not have properly installed all Centmin Mod software as it has limited sudo support as it expects a full root user not sudo user. So may need to install on Amazon EC2 which use sudo like

Code (Text):

sudo yum -y update; sudo curl -O https://centminmod.com/betainstaller73.sh && sudo chmod 0700 betainstaller73.sh && sudo bash betainstaller73.sh

and still no guarantees as I do not test on Amazon EC2 or Google Cloud.

Does Centmin Mod installed on Amazon EC2 survive a server reboot and network connectivity ? What about a shutdown and then start up ?

 

Cheers on grammar issue

is the network interface's name the same name on restored image as with original vps server name ?

 

Not sure why, but did some EC2 tests for AWS Backup and Restore for Centmin Mod 123.09beta01 and it seems the issue might be unique to CentOS 7.8 AMI images and Amazon EC2 instances where the restored image needs cloud-init installed and the restored image needs it's network adapter's hardware MAC address reset.

So you need to do this BEFORE making an AWS Backup initiated EC2 instance backup of Centmin Mod 123.09beta01 installed servers so as to remove the reference to original image's network adapter's hardware MAC address so that restored AWS Backup images re-setup the new EC2 instance which has a different hardware MAC address

Code (Text):

sudo -n sed -i '/HWADDR/d' /etc/sysconfig/network-scripts/ifcfg-eth* /etc/sysconfig/network-scripts/ifcfg-eth0*
sudo sed -i '/UUID/d' /etc/sysconfig/network-scripts/ifcfg-eth* /etc/sysconfig/network-scripts/ifcfg-eth0*
sudo rm -f /etc/udev/rules.d/70-persistent-net.rules
sudo yum -y install cloud-init --disableplugin=versionlock,priorities --disableexcludes=main
sudo yes | pip uninstall urllib3
sudo yes | pip install --upgrade urllib3
sudo systemctl disable cloud-{init-local,init,config,final}.service
sudo systemctl enable cloud-{init-local,init,config,final}.service

The clue is in EC instance settings system log where network service fails to start up so that's why it doesn't respond as network hasn't started.

Code (Text):

[�[1;31mFAILED�[0m] Failed to start LSB: Bring up/down networking.
See 'systemctl status network.service' for details.
[�[32m  OK  �[0m] Reached target Network.

on working AWS Backup restored EC2 instance image, the system log shows network service and cloud-init services started

Code (Text):

[   14.054816] cloud-init[585]: Cloud-init v. 18.5 running 'init-local' at Mon, 24 Aug 2020 16:57:19 +0000. Up 14.02 seconds.
        Starting Hostname Service...
[�[32m  OK  �[0m] Started Hostname Service.
[�[32m  OK  �[0m] Started Initial cloud-init job (pre-networking).
[�[32m  OK  �[0m] Reached target Network (Pre).
        Starting LSB: Bring up/down networking...
[�[32m  OK  �[0m] Started LSB: Bring up/down networking.
        Starting Initial cloud-init job (metadata service crawler)...
[�[32m  OK  �[0m] Reached target Network.

If you like Ways To Support Centmin Mod

 

could be related to python urlib3 hence the extra commands

should be for the original Centmin Mod installed image but you can test it to see.