01
First, run create-vpc command (OSX/Linux/UNIX) to create the new Virtual Private Cloud (VPC) where the ElastiCache cluster will be re-created. The following command example creates a shared tenancy VPC with the CIDR block 10.0.0.0/16:
aws ec2 create-vpc
--region us-east-1
--cidr-block 10.0.0.0/16
02
The command output should return the new VPC metadata (including the VPC ID):
{
"Vpc": {
"VpcId": "vpc-ca27e381",
"InstanceTenancy": "default",
"State": "pending",
"DhcpOptionsId": "dopt-e5d918f5",
"CidrBlock": "10.0.0.0/16",
"IsDefault": false
}
}
03
Run create-internet-gateway command (OSX/Linux/UNIX) to create an AWS Internet Gateway for use with the newly created VPC (required):
aws ec2 create-internet-gateway
--region us-east-1
04
The command output should return the Internet Gateway metadata (including its ID):
{
"InternetGateway": {
"Tags": [],
"InternetGatewayId": "igw-506a0b24",
"Attachments": []
}
}
05
Run attach-internet-gateway command (OSX/Linux/UNIX) to attach the new Internet Gateway to your VPC created at step no. 3 (the command does not produce an output):
aws ec2 attach-internet-gateway
--region us-east-1
--internet-gateway-id igw-506a0b24
--vpc-id vpc-ca27e381
06
Now run create-subnet command (OSX/Linux/UNIX) to set up a subnet for the existing VPC. The cache cluster will be launched within this subnet (required):
aws ec2 create-subnet
--region us-east-1
--vpc-id vpc-ca27e381
--cidr-block 10.0.1.0/24
07
The command output should return the subnet metadata (including the subnet ID):
{
"Subnet": {
"VpcId": "vpc-ca27e381",
"CidrBlock": "10.0.1.0/24",
"State": "pending",
"AvailabilityZone": "us-east-1a",
"SubnetId": "subnet-da296f89",
"AvailableIpAddressCount": 251
}
}
08
Run create-route-table command (OSX/Linux/UNIX) to create a route table for your new VPC (required):
aws ec2 create-route-table
--region us-east-1
--vpc-id vpc-ca27e381
09
The command output should return the VPC route table metadata (including its ID - highlighted):
{
"RouteTable": {
"Associations": [],
"RouteTableId": "rtb-50611442",
"VpcId": "vpc-ca27e381",
"PropagatingVgws": [],
"Tags": [],
"Routes": [
{
"GatewayId": "local",
"DestinationCidrBlock": "10.0.0.0/16",
"State": "active",
"Origin": "CreateRouteTable"
}
]
}
}
10
Run associate-route-table command (OSX/Linux/UNIX) to associate the VPC subnet created at step no. 6 with the new route table (required):
aws ec2 associate-route-table
--region us-east-1
--route-table-id rtb-50611442
--subnet-id subnet-da296f89
11
The command output should return the VPC route table association ID:
{
"AssociationId": "rtbassoc-a3f461e1"
}
12
Run create-route command (OSX/Linux/UNIX) to add a new route within the VPC route table installed earlier (required):
aws ec2 create-route
--region us-east-1
--route-table-id rtb-50611442
--destination-cidr-block 0.0.0.0/0
--gateway-id igw-506a0b24
13
The command output should return the status of request (true for success, an error message if the request fails):
14
Now that your VPC is ready, you need to create the necessary security group for the new cluster. To set up the VPC security group, perform the following:
-
Run create-security-group command (OSX/Linux/UNIX) to create a security group within the VPC created at step no. 1. The following command example creates a security group called ElastiCacheSecurityGroup inside the VPC identified with the ID vpc-ca27e381, within the US East AWS region:
aws ec2 create-security-group
--region us-east-1
--group-name ElastiCacheSecurityGroup
--description "Redis Cache Cluster Security Group"
--vpc-id vpc-ca27e381
-
The command output should return the new security group ID:
{
"GroupId": "sg-f29492e0"
}
-
Run authorize-security-group-ingress command (OSX/Linux/UNIX) to add one or more inbound rules to the security group created at the previous step (no command output is returned):
aws ec2 authorize-security-group-ingress
--region us-east-1
--group-id sg-f29492e0
--protocol tcp
--port 6379
--cidr 53.165.46.104/32
15
Now gather the configuration details from the existing EC2-Classic ElastiCache cluster, details required for the next step (i.e. cache cluster relaunch). Run describe-cache-clusters command (OSX/Linux/UNIX) using the ID of the cluster that you want to re-create (see Audit section part II to identify the right resource) to describe the selected cluster configuration details:
aws elasticache describe-cache-clusters
--region us-east-1
--cache-cluster-id webcachecluster1
16
The command output should return the EC2-Classic cache cluster configuration metadata:
{
"CacheClusters": [
{
"Engine": "redis",
"CacheClusterId": "webcachecluster1",
"NumCacheNodes": 2,
"CacheClusterCreateTime": "2013-01-30T09:25:26.712Z",
"AutoMinorVersionUpgrade": true,
"CacheClusterStatus": "available",
"PreferredAvailabilityZone": "us-east-1a",
...
"CachePort": 6379,
"CacheSubnetGroupName": "",
"EngineVersion": "2.6.13",
"PendingModifiedValues": {},
"PreferredMaintenanceWindow": "sat:03:00-sat:04:00",
"CacheNodeType": "cache.m3.medium"
}
]
}
17
Re-create your EC2-Classic cache cluster within the AWS VPC deployed at step no. 1 with create-cache-cluster command (OSX/Linux/UNIX), using the existing ElastiCache cluster configuration attributes returned at the previous step:
aws elasticache create-cache-cluster
--region us-east-1
--cache-cluster-id vpccachecluster
--az-mode single-az
--preferred-availability-zone "us-east-1a"
--num-cache-nodes 2
--cache-node-type cache.m3.medium
--engine redis
--engine-version "2.6.13"
--security-group-ids "sg-f29492e0"
--port 6379
--auto-minor-version-upgrade
18
The command output should return the newly created EC2-VPC cache cluster metadata:
{
"CacheCluster": {
"Engine": "redis",
"CacheParameterGroup": {
"CacheNodeIdsToReboot": [],
"CacheParameterGroupName": "default.redis2.6",
"ParameterApplyStatus": "in-sync"
},
"CacheClusterId": "vpccachecluster",
"CacheSecurityGroups": [],
"NumCacheNodes": 2,
"AutoMinorVersionUpgrade": true,
"CacheClusterStatus": "creating",
"PreferredAvailabilityZone": "us-east-1a",
...
"SecurityGroups": [
{
"Status": "active",
"SecurityGroupId": "sg-f29492e0"
}
],
"CacheSubnetGroupName": "default",
"EngineVersion": "2.6.13",
"PendingModifiedValues": {},
"PreferredMaintenanceWindow": "tue:03:30-tue:04:30",
"CacheNodeType": "cache.m3.medium"
}
}
19
Once the EC2-Classic cluster endpoint have been replaced with the EC2-VPC one (e.g. webcachecluster1.rybucx.ng.0002.use1.cache.amazonaws.com), it is safe to shut down and delete the old cache cluster to stop incurring charges for the resource. To remove the EC2-Classic ElastiCache cluster from your AWS account, run delete-cache-cluster command (OSX/Linux/UNIX):
aws elasticache delete-cache-cluster
--region us-east-1
--cache-cluster-id webcachecluster1
--final-snapshot-identifier webcachecluster1-final-snapshot
20
The command output should return the old cache cluster metadata (including the resource current status, i.e. "deleting"):
{
"CacheClusters": [
{
"Engine": "redis",
"CacheClusterId": "webcachecluster1",
"NumCacheNodes": 2,
"CacheClusterCreateTime": "2013-01-30T09:25:26.712Z",
"AutoMinorVersionUpgrade": true,
"CacheClusterStatus": "deleting",
...
"CachePort": 6379,
"CacheSubnetGroupName": "",
"EngineVersion": "2.6.13",
"PendingModifiedValues": {},
"PreferredMaintenanceWindow": "sat:03:00-sat:04:00",
"CacheNodeType": "cache.m3.medium"
}
]
}