Re: Reading archives..
On Thu, Nov 8, 2012 at 7:28 AM, Anders Ingemann <anders@ingemann.de> wrote:
>> 3) Very happy to see cloud-init support being added to Debian
> Charles Plessy is working on that, but as I understand he is a bit out of
> his depth with python, so it might take some time to port it.
>
>> 4) Are we going to be adding the ec2 cli tools to the AMIs?
> This could be troublesome. With the speed of development at AWS the tools
> could quickly be outdated if we simply add them.
> Packaging them would require some major updates every time amazon adds new
> features.
> I really believe 4+5 should be left to the user-data script.
Understood, but I think this is worth further discussion.. some of the
tools are probably stable enough and useful enough to ec2 users to
consider at least packaging to make installation easier and cleaner.
(e.g. - ami and ec2 tools at least) By leaving it to the user-data
script, I do find installing python packages and other tools from
source or a tarball rather than using debian packages a bit
distasteful as standard recommended procedure? I can look into seeing
what's involved in packaging these up, and might even be willing to
help on the packaging front, bearing in mind building packages isn't
something I do often, or am that familiar with. (Need to figure out
what the time commitment would be before making any further
commitments here.) Please let me know if my assistance would be
helpful, or do your thoughts still remain the same?
>> 6) Now that EC2 supports overriding the default root EBS volume size,
> doing a conditional resize2fs upon boot is incredibly useful.
> That's a great idea! This can easily be achieved with an init.d script.
> It will need to be in two version, one for xfs and the other for ext* (but
> that's mostly for the bootstrapping script, the final image will simply have
> resize2fs for ext4)
Now while this is is something I have been wishing public AMI
maintainers did for awhile, I have to give Ubuntu's team credit for
being the first to actually do this. Also are you planning on
publishing XFS backed AMIs for EC2, or is this just an option for
those that want to build their own?
>> 7) So in addition to 32 bit EBS and 64 bit EBS we are going to want to
>> maintain a number of other permutations in each region.
> The script currently only supports EBS backed AMIs. It would take a little
> while to get them working with instance stores.
> What exactly is HVM? H=Hybrid?
Standard instances are Para-virtual Machine(s), and need to run with a
xen-paravirt enabled kernel. The Cluster Nodes use Hardware
Virtualization, so would need to use a standard type of kernel. I
don't know if there are any particular rules or guidance here, but I
can look into it, if you want.
>> 8) AWS services change during the life of a stable release, I believe
>> we are going to have to consider how to allow some EC2 specific
>> packages to get updated beyond just security patches.
> How do you propose we do this. A simple init script that downloads the
> packages on boot?
They just need to be updated in the repos. meaning we can't freeze
them to security-patches only. (Realize I am saying that these change
within a 3+ year window, and not necessarily frequently). This is
largely related to #4 and 5, so if we defer action there, this might
not be an issue.
>> 9) Not sure I understand the security issue that required the AMIs to
>> be pulled. Is there an explanation somewhere that I missed?
> Nothing serious, the images still contained the ssh private host keys,
> because I didn't shred them. It also looked like AWS credentials were
> written to disk, which turned out not to be the case.
Reply to: