[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian images on Amazon Web Services

Hi all,

I've had a security issue identified so I have pulled the images from public access right now while we fix this up.

  James


Sent from a tiny keyboard on my phone. Please call 0422166708 if unclear.

Anders Ingemann <anders@ingemann.de> wrote:
Hello guys,

James plan is starting to take form pretty quickly, I like it!
About the included packages: I have made a plugin for that purpose and I could really use some input as to what this list should look like. You can add your suggestions on the github ticket I made for that purpose (https://github.com/andsens/ec2debian-build-ami/issues/19).

I could get a wheezy bootstrapper up and running myself, but I think it would be much quicker if somebody who knew what changes were made to the base installation helped.
The script still needs some refactoring to allow for different distributions and tasks, but it's not that much work.

One way to inspect the AMI is of course to log in to a new instance. I would however suggest that looking at the task list of the bootstrapper provides a more organised overview (https://github.com/andsens/ec2debian-build-ami/tree/master/tasks).
I had to work around a few bugs in debootstrap to make the image a proper "vanilla" installation (eg. ssh host keys are copied from the host) and I am not sure I caught them all. These bugs can of course only be seen in the final image and not in the code of the bootstrapping script.

p.s.: Isn't the mailing list supposed to set the reply-to header to debian-cloud@lists.debian.org? I just now realised that I replied to the previous posters directly instead of the mailing list.


Anders


On 7 November 2012 15:06, James Bromberger <james@rcpt.to> wrote:
On 7/11/2012 9:26 PM, Simon Hönscheid wrote:
Is there a possibility to test the image if i'm not a DD?

Hi Simon.

Absolutely. The images created have been marked as public, so you can find them right now in the AMI catalogue in each Region:

US-East (N. Virginia):
ami-200fb549: 379101102735/debian-squeeze-amd64-20121107
ami-d40fb5bd: 379101102735/debian-squeeze-i386-20121107

 
US West (Oregon):
ami-3a7bf20a: 379101102735/debian-squeeze-i386-20121107
ami-de78f1ee: 379101102735/debian-squeeze-amd64-20121107
 
US West (N. California):
ami-c8fddb8d: 379101102735/debian-squeeze-amd64-20121107
ami-d6fddb93: 379101102735/debian-squeeze-i386-20121107
 
EU (Ireland):
ami-11909365: 379101102735/debian-squeeze-i386-20121107
ami-21909355: 379101102735/debian-squeeze-amd64-20121107
 
AP (Singapore):
ami-4e3b781c: 379101102735/debian-squeeze-i386-20121107
ami-4a3b7818: 379101102735/debian-squeeze-amd64-20121107
 
AP (Tokyo):
ami-460bb547: 379101102735/debian-squeeze-amd64-20121107
ami-520bb553: 379101102735/debian-squeeze-i386-20121107
 
South America (Sao Paulo):
ami-567ea74b: 379101102735/debian-squeeze-i386-20121107
ami-587ea745: 379101102735/debian-squeeze-amd64-20121107


You can spin these up in any AWS account (check out http://aws.amazon.com/free).



I've been using the ec2debian-build-ami that Anders Ingemann has put on git hub (https://github.com/andsens/ec2debian-build-ami).
Have you tried to build a Wheezy-AMI? I tried many times, but failed. If help is needed i would like to contribute.

I have not done a Wheezy AMI in here just yet, as I would like to stick to the Stable release right now and get that 'published' as Official first.

Since any AMI we publish as Official will be used by many people in their CloudFormation, AutoScale, Amazon Beanstalk configurations, we'll be committing to keeping these images available in our account for quite some time; in order to maintain consistency and good (trustworthy) maintenance I think we should concentrate on stability of these (base) images -- but that's just my opinion.

I feel we may want to commit to:
* Produce new AMIs for each point release of stable (eg, we're on 6.0.6 now)
* Keep existing point releases of current stable (eg, 6.0.[0-5], but starting from this point in time)
* Keep the initial and final point releases of old-stable, over time (eg: 5.0.0 and 5.0.10, some time after new stable has come out - ie, purge intermediate releases 5.0.[1-9])
* Remove old-old-stable (eg everything else that's older)

With 2 editions (32, 64 bit), that could be 18 AMIs per region if we had every previous release, times 7 regions =  126 AMIs.

While we do want to test Wheezy AMIs, we should probably not encourage that for end user access; indeed, this is something that Anders and I were discussing (off list) in the last few hours.

  James


--
Mobile: +61 422 166 708, Email: james_AT_rcpt.to
PLUG President 2012: http://www.plug.org.au

Reply to: