Xen bug prompts AWS cloud server reboot
Mystery vulnerability sees one-in-ten servers patched up and restarted
Amazon has confirmed that around 10 per cent of its cloud servers will have to be rebooted in order to patch systems against a mystery bug.
According to a blog post, a vulnerability has been found in the Xen hypervisor, which means instances that use this hypervisor will need patching. AWS evangelist Jeff Barr said Citrix would issue a security advisory for the Xen Hypervisor as well as issue a patch.
Engineers have begun the patching process and the firm hopes this will be completed by 1 October.
"While most software updates are applied without a reboot, certain limited types of updates require a restart," he said. "Instances requiring a reboot will be staggered so that no two regions or availability zones are impacted at the same time and they will restart with all saved data and all automated configuration intact.”
Barr added that most customers should experience no significant issues with the reboots. “We understand that for a small subset of customers the reboot will be more inconvenient; we wouldn’t inconvenience our customers if it wasn't important and time-critical to apply this update."
The cloud service provider has also detailed steps customers need to take to reboot instances, a process AWS claims will only take a few minutes.
Thorsten Von Eicken, founder of cloud management firm RightScale, said in a blog that users would face a few challenges with the massive patching and rebooting exercise.
Cloud Pro Newsletter
Stay up to date with the latest news and analysis from the world of cloud computing with our twice-weekly newsletter
"If you relaunch an instance before the maintenance, you are not guaranteed to get an already-patched host," he said.
"Normally, whenever our Ops team receives a maintenance notice regarding a specific set of instances, we relaunch them as soon as possible at our convenience so that by the time the maintenance windows arrives, our instances are already on hosts that have had the maintenance done. This time, due to the scale of the patching, there is not enough patched capacity available to guarantee this."
Von Eicken said users should keep tabs on their events pages within the AWS console for a schedule of impacted instances.
"For instances where a short reboot is safe and acceptable, you don’t need to do anything: They will simply reboot during maintenance and stay on the same host with the same ephemeral disks and the same IP address," added von Eicken.
AWS has denied the patching is in anyway connected to the recently discovered, Unix-based Bash bug.
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.