How-To
Creating Time-Based AMI Copies on AWS
For years, Amazon has made it possible to copy Amazon Machine Images (AMIs), either within a region or across regions. These AMI copy operations are often a key step in disaster recovery operations. Even so, there is one thing that has always been missing.
When it comes to disaster recovery planning, one of the first things that organizations often do is to determine a Recovery Point Objective (RPO) and a Recovery Time Objective (RTO). The RPO loosely translates into the backup frequency or how much data could potentially be lost in a disaster because it has not yet been backed up. The RTO refers to how long it will take to complete the disaster recovery operation.
Historically, AWS has made it difficult to estimate the RTO when the recovery process involves copying AMIs. That's because the time required to complete the copy process was largely unpredictable. Recently however, Amazon has introduced a time-based copy feature that allows you to tie the AMI copy duration to your RTO, thereby making it easier to ensure that recovery operations complete within the allotted time.
To get started, open the EC2 console and click on the AMIs tab. You should see your AMIs listed here, but if not then double check to make sure that you are in the correct region. You can also check your filter settings to make sure that the appropriate filter is being applied.
Once you have located the AMI that you want to copy, select the AMI and then choose the Copy AMI option from the Actions menu. At this point, you will be taken to the Copy AMI screen, shown in Figure 1.
[Click on image for larger view.] Figure 1: This Is the Screen Used to Configure the AMI Copy Process.
As you can see in the figure, copying an AMI involves entering an AMI coy name and description and choosing a destination region. There is also a checkbox that you can select if you want to copy the tags that are currently associated with your AMI. Another checkbox allows you to encrypt EBS snapshots of the AMI copy.
So far, the options that I have discussed are the same as what you would use for any other AMI copy operation. However, if you look back at the previous figure, you will notice that there is a checkbox that you can select to enable a time-based copy. When you select this option, you will have the opportunity to enter a completion duration. This is the amount of time within which the copy process needs to complete.
The completion duration should be entered as a number and the adjacent dropdown let's you tell AWS whether the number that you have entered should be interpreted as minutes or hours.
The quickest completion duration that you can enter is 15 minutes, and the longest duration that you can specify is 48 hours. You can enter any amount of time in between, so long as you enter numbers in 15-minute increments. As an example, you can't specify a 40 minute copy duration, but you could specify 30 minutes or 45 minutes.
The most important thing to keep in mind about the copy duration is that you can't just select an AMI, specify a copy duration, and assume that AWS will be able to accomplish what you have asked for. There are limits to the amount of data that can be copied within a given amount of time. As such, it may be unrealistic to expect AWS to copy a huge AMI in 15 minutes. Fortunately, Amazon provides a Copy Duration Calculator. You can access this calculator by clicking the Launch Copy Duration Calculator button, shown in Figure 2.
[Click on image for larger view.] Figure 2: Click the Launch Copy Duration Calculator Button.
The calculator, which you can see in Figure 3, asks you to select your region, the throughput limit, and the evaluation period. If you aren't sure what to use for a throughput value, use 2000 MiB/s since that is the slowest throughput that the calculator will allow. It's worth noting that in order for the calculator to provide you with results, you will need to have copied some data within the evaluation period that you have specified. Otherwise, you will see a message like the one in the figure, telling you that no data is available for the selected date range.
[Click on image for larger view.] Figure 3: You Can Use this Calculator to Test The Data Transfer Capabilities.
Once you have populated the various fields, the calculator will tell you the minimum achievable completion duration for data transfers. You can then use that number to determine the completion duration that you should assign to your AMI copy operation.
About the Author
Brien Posey is a 22-time Microsoft MVP with decades of IT experience. As a freelance writer, Posey has written thousands of articles and contributed to several dozen books on a wide variety of IT topics. Prior to going freelance, Posey was a CIO for a national chain of hospitals and health care facilities. He has also served as a network administrator for some of the country's largest insurance companies and for the Department of Defense at Fort Knox. In addition to his continued work in IT, Posey has spent the last several years actively training as a commercial scientist-astronaut candidate in preparation to fly on a mission to study polar mesospheric clouds from space. You can follow his spaceflight training on his Web site.