Debian images for Google Compute Engine
(Please preserve the CC on this thread.)
Greetings cloud team,
As some of you know, I currently work at Google. Google is interested in adding
official Debian images to our Google Compute Engine cloud service. For those
who haven’t heard of Google Compute Engine, it allows you to run a GNU/Linux
virtual machine in Google’s cloud. It’s currently available to customers who
sign up for Gold support plans, with plans to be fully available as soon as
we’re ready. We would like Debian to upload images directly for general
availability, in line with the images provided for Amazon EC2 and Windows
Azure. We will then publicize the images to Google Compute Engine users.
Google Compute Engine home page, including documentation:
https://developers.google.com/compute/
To build the images, we’ve been working with Anders Ingemann to leverage his
great work on ec2debian-build-ami, adding support for Google Compute Engine.
Our code maintains the Apache License 2.0 which Anders used. As part of
generalizing the code, Anders renamed the program to build-debian-cloud, though
not yet the Github repository name. Our goal is for our changes to be merged
into Anders’ primary codebase.
Our temporary ec2debian-build-ami fork:
https://github.com/google/ec2debian-build-ami/
Both squeeze and wheezy images work, and some debian-cloud members have already
done successful preliminary tests. The code pulls in three Google-specific debs
and two Google-specific tarballs during the build, all of which are also
released under the Apache License 2.0. All the code is either Bash/shell,
Python, or Upstart configuration files which aren’t used by default on Debian.
Google welcomes Debian’s feedback and patches.
We want to work with Debian to “kick the tires” and polish what rough edges
remain. There are a few known issues, and you may well find more.
You may notice that all Google Compute Engine images are booted using an
injected Linux 3.3.8 kernel using a configuration to reduce security
vulnerabilities. Most notably, that configuration disables modules and access
to /dev/mem. We are working to add support for booting from arbitrary kernels,
as we know it’s an important freedom. In the meantime, /proc/config.gz will
show the enabled options. Kernel source code is available here:
https://developers.google.com/compute/docs/kernels#source
One intentional difference from the Amazon EC2 images is that, instead of
sshing in via a default “admin” account, we install a cron job in /etc/cron.d
to manage accounts in line with the Google Compute Engine documentation. See
here for how ssh works:
https://developers.google.com/compute/docs/hello_world#ssh
Gaining access: We’ve created two projects for Debian’s use for Google Compute
Engine. Billing for Compute and Storage has been waived on these projects.
The first project, ‘debian-cloud’ is intended for pushing new images for
customers. The second project ‘debian-cloud-experiments’ is intended for
Debian volunteers to experiment with the project. It has a small quota and
must be shared. We can work with Debian to maintain who can use these
projects, or we can push management off to trusted parties in Debian. Google
Compute Engine is working toward toward general availability, so over time it
will become easier for anyone to get involved.
If you have any questions, concerns, or general feedback, please don’t hesitate
to contact the Google Compute team (gc-team@google.com) or David McWherter
(cache@google.com) or me (jimmy@debian.org or jkaplowitz@google.com) directly
about this effort.
We’re looking forward to collaborating with you!
- Jimmy Kaplowitz
jimmy@debian.org / jkaplowitz@google.com
Reply to: