Tuesday, April 29, 2025

An Elastic Network Interface (ENI) in AWS ... basically a Virtual Network Card

 

Concept:

An Elastic Network Interface (ENI) in AWS is basically a virtual network card.
It represents a network connection for an EC2 instance, with its own:

  • Private IP address (primary and secondary)
  • Public IP address (if applicable)
  • MAC address (Media Access Control)
  • Security Groups
  • Subnet
  • Description and tags

Key points about ENIs:

  • twtech can attach or detach an ENI to/from EC2 instances on the fly (in the same Availability Zone).
  • ENIs are super useful for high availability, failover, or moving network interfaces between instances.
  • A primary ENI is created by default when twtech launches an EC2.
  • twtech can create additional ENIs manually and attach multiple ENIs to a single EC2 (depending on instance type limits).
  • Trunk interfaces can be used with ENIs for high-scale networking setups (like with containers).

Common use cases:

  • Network appliances (e.g., firewalls, load balancers)
  • Failover scenarios (move ENI to standby instance)
  • Separation of traffic (different ENIs for front-end and back-end traffic)
  • Multi-homed instances (connect to different subnets/VPCs via routing tricks)

Insights:

• it is the Logical component in a VPC that represents a virtual network card.

• The ENI can have the following attributes.

• It has one Primary private IPv4 and one or more secondary IPv4.

• it has one Elastic IP (IPv4) per private IPv4.

• it has one Public IPv4 and One or more security groups.

• it has a MAC (Media Access Control) address.

•  twtech may create ENI independently and attach them on the fly (move them) on EC2 instances for failover. (Failover is when a system automatically switches to a backup or standby system when the main system fails or goes down)

• It is bound to a specific availability zone (AZ).

Project:

Go to aws ec2 services

For this project twtech is Launching  two instances: twtech-db-servers




Select one of the instance to configure the network interface:


Edit nwtework settings:

Select a security group or create one: 


Verify summary and configure the number of instances preferred on launch: 

Verify on ec2 console that the instances are created:

Verify that the instances are created  with ENI ( elastic network interfaces) attached


Insights:

Each interface contains:

One Public IPv4 address, one Private IPv4 address and one Private IPv4 DNS

Each instance has a distinct network interface.

The network interfaces are attached to instances because they are created with the instance.

However, they can be managed with the following actions.


How twtech creates a new Elastic Network Interface (ENI)and attach to an existing instance:

Assign a name to the ENI: twtech-db-server1-ENI

 Very import:

Select the subnet that corresponds to instance AZ  that the instance would be attached later to.

Also select the interface type:

Auto assign Private IPv4 address:

Attach a security group to the ENI:

Add a tag and Create network interface:

Status is still available. ENI still needs to be attached to an instance to get it to use:

From:


Choose an instance to attach the ENI to:

To:

Now the status of the ENI has change to:  IN-USE:Verify that the ENI has also added Primary Private IPv4 address to the instance:




The ENI can be detached from one instance and attached to another instance.

How twtech detaches ENI from one instance and attach it to another instance:



NB: sometime, the Force detached.

Status of ENI changes back to:  Available:

Now, twtech can attach the detached ENI to another instance in the same AZ.


Successfully, twtech has detached ENI from one instance and attached it to another instance in the same AZ.

Status goes back to:  in-sue


twtech-insights:

What would happen if the instances are terminated.

The ENI that were created with the instances would be automatically detached, and deleted.

However, the ENI that was create and attached to instance would stay:  available.

NB:  it may take a couple of minutes to be fully detached and delete

From:


To:

Addendum:

 https://aws.amazon.com/blogs/aws/new-elastic-network-interfaces-in-the-virtual-private-cloud/

at No comments:

EC2 Hibernate : Pause Instances & Resume it later.

 

EC2 Hibernate is a feature in AWS EC2 that lets twtech to pause its instances and resume it later — just like putting a laptop to sleep instead of shutting it down.

twtech quick idea:

  • When twtech hibernates an EC2 instance, AWS saves the contents of the RAM (memory) to twtech instance’s root EBS volume.
  • When twtech start the instance again, it loads the RAM contents back — so all twtech processes, in-memory data, and open sessions are exactly as they were.
  • It's faster than a full reboot and twtech doesn't lose any in-progress data.

Key things about Hibernate:

  • It only works on instances with EBS root volumes (not instance store).
  • RAM limit: up to 150 GB.
  • twtech need to enable hibernation at instance launch…so twtech can’t just turn it on later.
  • NB: twtech is charged for the EBS storage and any other attached resources while the instance is hibernated, but not for compute time (since the instance isn’t running).

Common use cases:

  • Spot instances where you want fast recovery.
  • Long-running applications that you want to pause and resume.
  • Development environments you don't want to restart from scratch every time.

twtech-Insights:

•  It Supports Instance Families like: C3, C4, C5, I3, M3, M4, R3, R4, T2, T3...

•  The Instance RAM Size should be less than 150 GB.

 •  The Instance Size is not supported for bare metal instances.

•  It works for these AMI:  Amazon Linux 2, Linux AMI, Ubuntu, RHEL, CentOS & Window.

•   The Root Volume should be EBS, encrypted, not instance store, and large.

•  It is available for On-Demand, Reserved and Spot Instances.

•  Worth noting, instances can NOT be hibernated more than 60 days. 

Project:

(Hands-on)

How twtech launches instances with Hibernating feature enabled:

step-by-step:



twtech Selected OS for this project: Redhat


Configure the advance feature of the EBS volume:

Configure to encrypt the EBS volume with aws key

Go to instance advance detailts and navigate to: Stop-Hibernate behavior.



Next:

Connect to instance (ssh) and run the uptime command to see how long the instance has been runnig: uptime

The uptime command in Linux (and Unix-like systems) shows how long the system has been running, along with other basic information like the number of users and the system load averages.

When you type:

#  bash

uptime

output:

#  bash

15:24:36 up 12 days,  3:22,  3 users,  load average: 0.12, 0.08, 0.05

Here's what each part means:

  • 15:24:36 → Current system time.
  • up 12 days, 3:22 → The system has been running for 12 days and 3 hours 22 minutes.
  • 3 users → There are 3 users currently logged in.
  • load average: 0.12, 0.08, 0.05 → The system load averages for the last 1, 5, and 15 minutes.

How twtech hibernates the instance eventually.

Select the instance, then go to instance state, and Hibernate instance

Confirm hibernation:


Insights:

The stopped instance has data stored on the ebs volume.


twtech may restart the instance at any time and its data will synchronize from the ebs volume to the Ram.


Wait until instance status is fully initialized : it may take a couple of minutes for data to synchronize from EBS to the RAM.

from

To:

twtech successufly hibernate its webs server for 5 minutes before restarting it again.


at No comments:
Subscribe to: Posts (Atom)

Kubernetes Clusters | Upstream Vs Downstream.

  The terms "upstream" and "downstream" in the context of Kubernetes clusters often refer to the direction of code fl...