Troubleshooting DB issues for Amazon RDS Custom
The shared responsibility model of RDS Custom provides OS shell–level access and database administrator access. RDS Custom runs resources in your account, unlike Amazon RDS, which runs resources in a system account. With greater access comes greater responsibility. In the following sections, you can learn how to troubleshoot issues with Amazon RDS Custom DB instances.
Topics
- Viewing RDS Custom events
- Subscribing to event notifications
- Troubleshooting custom engine version creation for RDS Custom for Oracle
- Troubleshooting CEV errors for RDS Custom for SQL Server
- RDS Custom support perimeter and unsupported configurations
- Fixing unsupported configurations
- How Amazon RDS Custom replaces an impaired host
- Troubleshooting upgrades for RDS Custom for Oracle
- Troubleshooting replica promotion for RDS Custom for Oracle
Viewing RDS Custom events
The procedure for viewing events is the same for RDS Custom and Amazon RDS DB instances. For more information, see Viewing Amazon RDS events.
To view RDS Custom event notification using the AWS CLI, use the describe-events command. RDS Custom introduces several new
events. The event categories are the same as for Amazon RDS. For the list of events, see Amazon RDS event categories and event messages.
The following example retrieves details for the events that have occurred for the specified RDS Custom DB instance.
aws rds describe-events \ --source-identifier my-custom-instance \ --source-type db-instance
Subscribing to event notifications
The procedure for subscribing to events is the same for RDS Custom and Amazon RDS DB instances. For more information, see Subscribing to Amazon RDS event notification.
To subscribe to RDS Custom event notification using the CLI, use the create-event-subscription command. Include the
following required parameters:
-
--subscription-name -
--sns-topic-arn
The following example creates a subscription for backup and recovery events for an RDS Custom DB instance in the current AWS
account. Notifications are sent to an Amazon Simple Notification Service (Amazon SNS) topic, specified by --sns-topic-arn.
aws rds create-event-subscription \ --subscription-name my-instance-events \ --source-type db-instance \ --event-categories '["backup","recovery"]' \ --sns-topic-arn arn:aws:sns:us-east-1:123456789012:interesting-events
Troubleshooting custom engine version creation for RDS Custom for Oracle
When CEV creation fails, RDS Custom issues RDS-EVENT-0198 with the message Creation failed for custom engine
version , and includes details about the failure. For
example, the event prints missing files.major-engine-version.cev_name
CEV creation might fail because of the following issues:
-
The Amazon S3 bucket containing your installation files isn't in the same AWS Region as your CEV.
-
When you request CEV creation in an AWS Region for the first time, RDS Custom creates an S3 bucket for storing RDS Custom resources (such as CEV artifacts, AWS CloudTrail logs, and transaction logs).
CEV creation fails if RDS Custom can't create the S3 bucket. Either the caller doesn't have S3 permissions as described in Step 4: Grant required permissions to your IAM user or role, or the number of S3 buckets has reached the limit.
-
The caller doesn't have permissions to get files from your S3 bucket that contains the installation media files. These permissions are described in Step 7: Add necessary IAM permissions.
-
Your IAM policy has an
aws:SourceIpcondition. Make sure to follow the recommendations in AWS Denies access to AWS based on the source IP in the AWS Identity and Access Management User Guide. Also make sure that the caller has the S3 permissions described in Step 4: Grant required permissions to your IAM user or role. -
Installation media files listed in the CEV manifest aren't in your S3 bucket.
-
The SHA-256 checksums of the installation files are unknown to RDS Custom.
Confirm that the SHA-256 checksums of the provided files match the SHA-256 checksum on the Oracle website. If the checksums match, contact AWS Support
and provide the failed CEV name, file name, and checksum. -
The OPatch version is incompatible with your patch files. You might get the following message:
OPatch is lower than minimum required version. Check that the version meets the requirements for all patches, and try again. To apply an Oracle patch, you must use a compatible version of the OPatch utility. You can find the required version of the Opatch utility in the readme file for the patch. Download the most recent OPatch utility from My Oracle Support, and try creating your CEV again. -
The patches specified in the CEV manifest are in the wrong order.
You can view RDS events either on the RDS console (in the navigation pane, choose Events) or by using the
describe-events AWS CLI command. The default duration is 60 minutes. If no events are returned, specify a longer
duration, as shown in the following example.
aws rds describe-events --duration 360
Currently, the MediaImport service that imports files from Amazon S3 to create CEVs isn't integrated with AWS CloudTrail. Therefore,
if you turn on data logging for Amazon RDS in CloudTrail, calls to the MediaImport service such as the
CreateCustomDbEngineVersion event aren't logged.
However, you might see calls from the API gateway that accesses your Amazon S3 bucket. These calls come from the MediaImport
service for the CreateCustomDbEngineVersion event.
Troubleshooting CEV errors for RDS Custom for SQL Server
When you try to create a CEV, it might fail. In this case, RDS Custom issues the
RDS-EVENT-0198 event message. For more information on viewing RDS events,
see Amazon RDS event categories and event messages.
Use the following information to help you address possible causes.
| Message | Troubleshooting suggestions |
|---|---|
|
Run Sysprep on the EC2 instance that you created from the AMI. For more information about prepping an AMI using Sysprep, see Create a standardized Amazon Machine Image (AMI) using Sysprep. |
|
Verify that your account and profile used for creation has the required permissions on |
|
Ensure the AMI exists in the same customer account. |
|
The name of the AMI is incorrect. Ensure the correct AMI ID is provided. |
|
Choose a supported AMI that has Windows Server with SQL Server Enterprise, Standard, or Web edition. Choose an AMI with one of the following usage operation codes from the EC2 Marketplace:
|
|
Classic RDS Custom for SQL Server engine versions aren't supported. For example, version 15.00.4073.23.v1. Use a supported version number. |
|
The CEV must be in an |
|
The target CEV is not valid. Check the requirements for a valid upgrade path. For more information, see (link needed here) |
|
Follow the required CEV naming convention. For more information, see Requirements. |
|
An unsupported DB engine version was provided. Use a supported DB engine version. |
|
Use an AMI built on the x86_64 architecture. |
|
Create the EC2 instance from the AMI that you have permission for. Run Sysprep on the EC2 instance to create and save a base image. |
|
Use an AMI built with the Windows platform. |
|
Create the AMI with the EBS device type. |
|
Choose a supported AMI that has Windows Server with SQL Server Enterprise, Standard, or Web edition. Choose an AMI with one of the following usage operation codes from the EC2 Marketplace:
|
|
Ensure the AMI is in a state of |
|
Use a supported Windows OS. |
|
Use an AMI with a minimum OS build version of 14393. |
|
Use an AMI with a minimum OS major version of 10.0 or higher. |
RDS Custom support perimeter and unsupported configurations
RDS Custom provides monitoring capability called the support perimeter. The support perimeter ensures that your RDS Custom instance uses a supported AWS infrastructure, operating system, and database.
The support perimeter checks that the requirements listed in Fixing unsupported configurations are met. If any of these
requirements aren't met, RDS Custom considers the DB instance to be outside of the support
perimeter. RDS Custom then changes the DB instance status to
unsupported-configuration, and sends event notifications. After you fix
the configuration problems, RDS Custom changes the DB instance status to
available.
What happens in the unsupported-configuration
state
While the DB instance is in the unsupported-configuration state, the
following is the case:
-
You can't modify the DB instance.
-
You can't take DB snapshots.
-
Automated backups aren't created.
-
RDS Custom automation doesn't replace the underlying Amazon EC2 instance if it becomes impaired.
However, the following RDS Custom automation continues to run:
-
The RDS Custom agent monitors the DB instance and sends notifications to the support perimeter of further changes.
-
The support perimeter continues to run and captures change events for the DB instance. This has two purposes:
-
When you fix the configuration that caused the DB instance to be in the
unsupported-configurationstate, the support perimeter can return the DB instance to theavailablestate. -
If you make other unsupported configurations, the support perimeter notifies you about them so that you can correct them.
-
-
Redo logs are still archived and uploaded to Amazon S3 to facilitate point-in-time recovery (PITR). However, be aware of the following:
-
PITR can take a long time to completely restore to a new DB instance. This is because you can't take either automated or manual snapshots while the DB instance is in the
unsupported-configurationstate.PITR has to replay more redo logs starting from the most recent snapshot taken before the instance entered the
unsupported-configurationstate. -
In some cases, the DB instance is in the
unsupported-configurationstate because of changes you made that impacted redo log upload functionality. In these cases, PITR can't restore the DB instance to the latest restorable time.
-
Fixing unsupported configurations
It's your responsibility to fix configuration issues that put your RDS Custom DB instance into the unsupported-configuration state.
If the issue is with the AWS infrastructure, you can use the console or the AWS CLI to fix it. If the issue is with the operating system or the database
configuration, you can log in to the host to fix it.
In the following table, you can find descriptions of the notifications that the support perimeter sends and how to fix them. These notifications and the support perimeter are subject to change.
| Notification | Description | Action |
|---|---|---|
|
Database health:
|
The support perimeter monitors the DB instance state. It also monitors how many restarts occurred during the previous hour and day. You're notified when the instance is in a state where it still exists, but you can't interact with it. |
Log in to the host and examine the database state.
Restart the DB instance if necessary to get it running again. Sometimes it's necessary to reboot the host. After the restart, the RDS Custom agent detects that the DB instance is no longer in an unresponsive state. It then notifies the support perimeter to reevaluate the DB instance state. |
|
Database archive lag target (RDS Custom for Oracle only):
|
The support perimeter monitors the |
Log in to the host, connect to the DB instance, and change the For example, use the following SQL command.
The DB instance becomes available within 30 minutes. |
|
Database log mode (RDS Custom for Oracle only):
|
The DB instance log mode must be set to ARCHIVELOG. |
Log in to the host and shut down the DB instance. You can use the following SQL command.
The RDS Custom agent restarts the DB instance and sets the log mode to The DB instance becomes available within 30 minutes. |
|
RDS Custom agent status (RDS Custom for Oracle):
|
The RDS Custom agent must always be running. The agent publishes the The support perimeter also monitors the RDS Custom agent process state on the host every 30 minutes. On RDS Custom for Oracle, the DB instance goes outside the support perimeter if the RDS Custom agent stops. |
Log in to the host and make sure that the RDS Custom agent is running. You can use the following commands to find the agent's status.
When the RDS Custom agent is running again, the |
|
RDS Custom agent status (RDS Custom for SQL Server):
|
The RDS Custom agent must always be running. The support perimeter monitors the RDS Custom agent process state on the host every 1 minute. On RDS Custom for SQL Server, a stopped agent is recovered by the monitoring service. The DB instance goes outside the support perimeter if the RDS Custom agent is uninstalled. |
Log in to the host and make sure that the RDS Custom agent is running. You can use the following commands to find the agent's status.
If the status isn't
|
|
AWS Systems Manager agent (SSM agent) status (RDS Custom for Oracle):
|
The SSM agent must always be running. The RDS Custom agent is responsible for making sure that the Systems Manager agent is running. If the SSM agent was down and restarted, the RDS Custom agent publishes a metric to CloudWatch. The RDS Custom agent has an alarm on the metric set to trigger when there has been a restart in each of the previous three minutes. The support perimeter also monitors the SSM agent process state on the host every 30 minutes. |
For more information, see Troubleshooting SSM Agent. When the SSM agent is running again, the alarm switches to the |
|
SSM agent status (RDS Custom for SQL Server):
|
The SSM agent must always be running. The RDS Custom agent is responsible for making sure that the Systems Manager agent is running. The support perimeter monitors the SSM agent process state on the host every 1 minute. |
For more information, see Troubleshooting SSM Agent. |
|
|
The support perimeter monitors that certain OS users are allowed to run certain commands on the box.
It monitors When the
|
If the overwrite is unsuccessful, you can log in to the host and investigate why recent changes to the
You can use the following command.
After the support perimeter determines that the |
|
Amazon Elastic Block Store (Amazon EBS) volumes: RDS Custom for Oracle:
RDS Custom for SQL Server:
|
RDS Custom creates two types of EBS volume, besides the root volume created from the Amazon Machine Image (AMI), and associates them with the EC2 instance. The binary volume is where the database software binaries are located. The data volumes are where database files are located. The storage configurations that you set when creating the DB instance are used to configure the data volumes. The support perimeter monitors the following:
|
If you detached any initial EBS volumes, contact AWS Support. If you modified the storage type, Provisioned IOPS, or storage throughput of an EBS volume, revert the modification to the original value. If you modified the storage size of an EBS volume, contact AWS Support. (RDS Custom for Oracle only) If you attached any additional EBS volumes, do either of the following:
|
|
EBS-optimized instances (RDS Custom for Oracle only):
|
Amazon EC2 instances should be EBS optimized. If the |
To turn on the
|
|
Amazon EC2 instance state:
|
The support perimeter monitors EC2 instance state-change notifications. The EC2 instance must always be running. |
If the EC2 instance is stopped, start it and remount the binary and data volumes. On RDS Custom for Oracle, if the EC2 instance is terminated, delete the RDS Custom DB instance. On RDS Custom for SQL Server, if the EC2 instance is terminated, RDS Custom performs an automated recovery to provision a new EC2 instance. |
|
Amazon EC2 instance attributes: RDS Custom for Oracle:
RDS Custom for SQL Server:
|
The support perimeter monitors the instance type of the EC2 instance where the RDS Custom DB instance is running. The EC2 instance type must stay the same as when you set it up during RDS Custom DB instance creation. |
Change the EC2 instance type back to the original type using the EC2 console or CLI. To change the instance type because of scaling requirements, do a PITR and specify the new instance type and class. However, doing this results in a new RDS Custom DB instance with a new host and Domain Name System (DNS) name. |
|
Oracle Data Guard role (RDS Custom for Oracle only):
|
The support perimeter monitors the current database role every 15 seconds and sends a CloudWatch notification if the database role has changed. The Oracle Data Guard |
Restore the Oracle Data Guard database role to a supported value. After the support perimeter determines that the database role is supported, the RDS Custom for Oracle DB instance becomes available within 15 seconds. |
|
Shared memory connections (RDS Custom for SQL Server only):
|
The RDS Custom agent on the EC2 host connects to SQL Server using the shared memory protocol. If this protocol is turned off ( |
To bring the RDS Custom for SQL Server DB instance back within the support perimeter, turn on the shared memory
protocol on the Protocol page of the Shared Memory Properties
window by setting Restart SQL Server after enabling the protocol. |
|
Database file locations (RDS Custom for SQL Server only):
|
All SQL Server database files are stored on the D: drive by default, in the
If you create or alter the database file location to be anywhere other than the D: drive, then RDS Custom places the DB instance outside the support perimeter. We strongly recommend that you don't save any database files on the C: drive. You can lose data on the C: drive during certain operations, such as hardware failure. Storage on the C: drive doesn't offer the same durability as on the D: drive, which is an EBS volume. Also, if database files can't be found, RDS Custom places the DB instance outside the support perimeter. |
Store all RDS Custom for SQL Server database files on the D: drive. |
How Amazon RDS Custom replaces an impaired host
If the Amazon EC2 host becomes impaired, RDS Custom attempts to reboot it. If this effort fails, RDS Custom uses the same stop and start feature included in Amazon EC2.
Stopping and starting the host
RDS Custom automatically takes the following steps, with no user intervention required:
-
Stops the Amazon EC2 host.
The EC2 instance performs a normal shutdown and stops running. Any Amazon EBS volumes remain attached to the instance, and their data persists. Any data stored in the instance store volumes (not supported on RDS Custom) or RAM of the host computer is gone.
For more information, see Stop and start your instance in the Amazon EC2 User Guide for Linux Instances.
-
Starts the Amazon EC2 host.
The EC2 instance migrates to a new underlying host hardware. In some cases, the RDS Custom DB instance remains on the original host.
Effects of host replacement
In RDS Custom, you have full control over the root device volume and Amazon EBS storage volumes. The root volume can contain important data and configurations that you don't want to lose.
RDS Custom for Oracle retains all database and customer data after the operation, including root volume data. No user intervention is required. On RDS Custom for SQL Server, database data is retained, but any data on the C: drive, including operating system and customer data, is lost.
After the replacement process, the Amazon EC2 host has a new public IP address. The host retains the following:
-
Instance ID
-
Private IP addresses
-
Elastic IP addresses
-
Instance metadata
-
Data storage volume data
-
Root volume data (on RDS Custom for Oracle)
Best practices for Amazon EC2 hosts
The Amazon EC2 host replacement feature covers the majority of Amazon EC2 impairment scenarios. We recommend that you adhere to the following best practices:
-
Before you change your configuration or the operating system, back up your data. If the root volume or operating system becomes corrupt, host replacement can't repair it. Your only options are restoring from a DB snapshot or point-in-time recovery.
-
Don't manually stop or terminate the physical Amazon EC2 host. Both actions result in the instance being put outside the RDS Custom support perimeter.
-
(RDS Custom for SQL Server) If you attach additional volumes to the Amazon EC2 host, configure them to remount upon restart. If the host is impaired, RDS Custom might stop and start the host automatically.
Troubleshooting upgrades for RDS Custom for Oracle
Your upgrade of an RDS Custom for Oracle instance might fail. Following, you can find techniques that you can use during upgrades of RDS Custom DB for Oracle DB instances:
-
Examine the upgrade output log files in the
/tmpdirectory on your DB instance. The names of the logs depend on your DB engine version. For example, you might see logs that contain the stringscatupgrdorcatup. -
Examine the
alert.logfile located in the/rdsdbdata/log/tracedirectory. -
Run the following
grepcommand in therootdirectory to track the upgrade OS process. This command shows where the log files are being written and determine the state of the upgrade process.ps -aux | grep upgThe following shows sample output.
root 18884 0.0 0.0 235428 8172 ? S< 17:03 0:00 /usr/bin/sudo -u rdsdb /rdsdbbin/scripts/oracle-control ORCL op_apply_upgrade_sh RDS-UPGRADE/2.upgrade.sh rdsdb 18886 0.0 0.0 153968 12164 ? S< 17:03 0:00 /usr/bin/perl -T -w /rdsdbbin/scripts/oracle-control ORCL op_apply_upgrade_sh RDS-UPGRADE/2.upgrade.sh rdsdb 18887 0.0 0.0 113196 3032 ? S< 17:03 0:00 /bin/sh /rdsdbbin/oracle/rdbms/admin/RDS-UPGRADE/2.upgrade.sh rdsdb 18900 0.0 0.0 113196 1812 ? S< 17:03 0:00 /bin/sh /rdsdbbin/oracle/rdbms/admin/RDS-UPGRADE/2.upgrade.sh rdsdb 18901 0.1 0.0 167652 20620 ? S< 17:03 0:07 /rdsdbbin/oracle/perl/bin/perl catctl.pl -n 4 -d /rdsdbbin/oracle/rdbms/admin -l /tmp catupgrd.sql root 29944 0.0 0.0 112724 2316 pts/0 S+ 18:43 0:00 grep --color=auto upg -
Run the following SQL query to verify the current state of the components to find the database version and the options installed on the DB instance.
SET LINESIZE 180 COLUMN COMP_ID FORMAT A15 COLUMN COMP_NAME FORMAT A40 TRUNC COLUMN STATUS FORMAT A15 TRUNC SELECT COMP_ID, COMP_NAME, VERSION, STATUS FROM DBA_REGISTRY ORDER BY 1;The output resembles the following.
COMP_NAME STATUS PROCEDURE ---------------------------------------- -------------------- -------------------------------------------------- Oracle Database Catalog Views VALID DBMS_REGISTRY_SYS.VALIDATE_CATALOG Oracle Database Packages and Types VALID DBMS_REGISTRY_SYS.VALIDATE_CATPROC Oracle Text VALID VALIDATE_CONTEXT Oracle XML Database VALID DBMS_REGXDB.VALIDATEXDB 4 rows selected. -
Run the following SQL query to check for invalid objects that might interfere with the upgrade process.
SET PAGES 1000 LINES 2000 COL OBJECT FOR A40 SELECT SUBSTR(OWNER,1,12) OWNER, SUBSTR(OBJECT_NAME,1,30) OBJECT, SUBSTR(OBJECT_TYPE,1,30) TYPE, STATUS, CREATED FROM DBA_OBJECTS WHERE STATUS <>'VALID' AND OWNER IN ('SYS','SYSTEM','RDSADMIN','XDB');
Troubleshooting replica promotion for RDS Custom for Oracle
You can promote managed Oracle replicas in RDS Custom for Oracle using the console, promote-read-replica AWS CLI command, or
PromoteReadReplica API. If you delete your primary DB instance, and all replicas are healthy, RDS Custom for Oracle promotes your managed
replicas to standalone instances automatically. If a replica has paused automation or is outside the support perimeter, you must fix the
replica before RDS Custom can promote it automatically. For more information, see Replica promotion limitations for
RDS Custom for Oracle.
The replica promotion workflow might become stuck in the following situation:
-
The primary DB instance is in the state
STORAGE_FULL. -
The primary DB can't archive all of its online redo logs.
-
A gap exists between the archived redo log files on your Oracle replica and the primary database.
To respond to the stuck workflow, complete the following steps:
-
Synchronize the redo log gap on your Oracle replica DB instance.
-
Force the promotion of your read replica to the latest applied redo log. Run the following commands in SQL*Plus:
ALTER DATABASE ACTIVATE STANDBY DATABASE; SHUTDOWN IMMEDIATE STARTUP -
Contact AWS Support and request it to move your DB instance to available status.
