Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Symptoms

By default SoftNAS do not ship an encrypted AMI, but we support the encrypted AMIs our customers create based on our AMIs

Purpose

You want to create an AMI with an Encrypted EBS root volume which can be used to deploy multiple SoftNAS instances in your AWS cloud environment without having the need to do it manually on each new deployment

Resolution

Please follow the AWS instructions below:

  1. Launch a SoftNAS AMI from the Community or Market Place as you normally would would
  2. Next, ssh into the instance and delete this file --> /etc/udev/rules.d/70-persistent-net.rules
  3. Next, Shutdown the instance Image RemovedinstanceImage Added
  4. Detach current root volumeImage Removed
    Image Added
  5. Create a snapshot of the detached root volumeImage Removed
    Image Added
  6. Create a new volume from the snapshot with "Encryption" enabled. NOTE: be sure to select the same AZ your instance in on and check the Encryption button! then select the default master key ((default) aws/ebs)Image RemovedImage Removed
    Image Added
    Image Added
  7. Attach the newly created root Volume with EBS encryption to the instance as /dev/sda1Image RemovedImage Removed

    Image Added
  8. Create AMI image of the instance (named something like Encrypted SoftNAS AMI)
    Image RemovedImage RemovedImage Added
  9. After creating the new AMI is done, create a new instance with the "Encrypted SoftNAS AMI"
    Image RemovedImage Added
  10. Now any instances created with this AMI will have the root volume encrypted.


...