If a Linux VM is running in Amazon Web Services (AWS), you need to set up a new device that will become the boot partition.
Create and add another device from EBS to the existing instance. For example, say the current Linux is installed on device /dev/sda1 and the GRUB stage1 is also installed on /dev/sda1. This is a typical Linux installation. Find out the space required by the /boot subtree:
# du -sh /boot
In general, the space provided should be twice the space used by /boot plus 100MB. So if /boot uses 200MB, the space should be (200MB * 2) + 100 MB = 500MB.
Run the script aws-prepare-boot.sh that is installed as part of the HyTrust client agent package. For example, if you add a new device named /dev/xvdf, you would enter:
# /opt/hcs/bin/aws-prepare-boot.sh /dev/xvdf
Power OFF the AWS instance.
Reattach both devices but with names exchanged. So the new volume should be added as /dev/sda1 and the original volume should be added as /dev/sdf. This changes the boot device for the VM instance.
| Tip: | Note the use of /dev/sda1 and not /dev/sda, as the EC2 console typically uses this name for the OS boot disk. |
What to Do Next
Verify the configuration as described in Verifying the Current VM Configuration and then encrypt the boot device as described in Encrypting Linux Root and Swap Drives.