Differences between revisions 34 and 35
Revision 34 as of 2014-02-16 09:28:03
Size: 9601
Editor: JamesBromberger
Comment: Add 6.0.9 images
Revision 35 as of 2014-02-16 14:41:40
Size: 9816
Editor: JamesBromberger
Comment:
Deletions are marked like this. Additions are marked like this.
Line 36: Line 36:
Using the aws-cli, you may find this useful: '''aws --region us-east-1 ec2 describe-images --owners 379101102735 --filters "Name=tag:Name,Values=*6.0.9*" --query "Images[*].[Architecture,ImageId]" --output text'''

Debian Squeeze (6.0.x) on AWS EC2

You may wish to use the CloudFormation template and launch your instance with some smart UserData scripts. For some releases you are free to choose the AWS Marketplace AMI, or the AMI that exists in the Debian AMI Account (account number 379101102735).

SSH username

In line with the security of most Linux distributions on Amazon Web Services, remote root SSH is disabled (as is password authentication). You will need to connect to instances from this AMI as the user admin, and then sudo -i to gain root access.

Please note that a Marketplace image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: Official AWS documentation

6.0.9

Images were created on 16/Feb/2014 by James Bromberger using bootstrap-vz.

Region

32-bit PVM

64-bit PVM

US-East-1

ami-574f483e

ami-0740476e

US-West-1

ami-7c586439

ami-72586437

US-West-2

ami-fe264bce

ami-fc264bcc

US-Gov-West-1

EU-West-1

ami-ccdd2dbb

ami-d8dd2daf

AP-Northeast-1

ami-cdec99cc

ami-cbec99ca

AP-Southeast-1

ami-eaecbab8

ami-e4ecbab6

AP-Southeast-2

ami-15d24b2f

ami-17d24b2d

SA-East-1

ami-8bc46796

ami-89c46794

Using the aws-cli, you may find this useful: aws --region us-east-1 ec2 describe-images --owners 379101102735 --filters "Name=tag:Name,Values=*6.0.9*" --query "Images[*].[Architecture,?ImageId]" --output text

6.0.7

Debian Developer-created master images

Images were created on 24/Feb/2013 by James Bromberger using ec2debian-build-ami tagged accordingly. The original (non-AWS-Marketplace) AMIs were generated in account 379101102735, and the images were identifiable in the AWS US-East-1 Region as:

  • ami-2ae17343: 379101102735/debian-squeeze-i386-20130224
  • ami-7ce17315: 379101102735/debian-squeeze-amd64-20130224

These images were generated in each Region (except GovCloud) with the following script: 

   1 #!/bin/sh
   2 apt-get update; apt-get install -y git; cd ~root; git clone https://github.com/andsens/ec2debian-build-ami.git; cd ~root/ec2debian-build-ami; export PATH=$PATH:/usr/local/bin/;  export EC2_ACCESS_KEY='XXXXXXXXXXX'; export EC2_SECRET_KEY='XXXXXXXXXXX'; ./ec2debian-build-ami --volume-size 8 --plugin plugins/admin-user --description 'Debian 6.0.7 (Squeeze)' --plugin plugins/publish-ami --plugin plugins/publish-snapshot --codename squeeze; ./ec2debian-build-ami --volume-size 8 --plugin plugins/admin-user --description 'Debian 6.0.7 (Sequeze)' --arch i386 --plugin plugins/publish-ami --plugin plugins/publish-snapshot --codename squeeze; shutdown -h now

The full list of AMIs worldwide in the Debian AMI account are:

N Virginia/US-East-1:

  • ami-7ce17315: 379101102735/debian-squeeze-amd64-20130224
  • ami-2ae17343: 379101102735/debian-squeeze-i386-20130224

Oregon/US-West-2:

  • ami-cecf5afe: 379101102735/debian-squeeze-i386-20130224
  • ami-decf5aee: 379101102735/debian-squeeze-amd64-20130224

N California/US-West-1:

  • ami-a41f3de1: 379101102735/debian-squeeze-amd64-20130224
  • ami-b81f3dfd: 379101102735/debian-squeeze-i386-20130224

Ireland/EU-West-1:

  • ami-582e262c: 379101102735/debian-squeeze-i386-20130224
  • ami-722e2606: 379101102735/debian-squeeze-amd64-20130224

Singapore/AP-Southeast-1:

  • ami-ec9ed3be: 379101102735/debian-squeeze-i386-20130224
  • ami-f89ed3aa: 379101102735/debian-squeeze-amd64-20130224

Tokyo/AP-Northeast-1:

  • ami-13e76112: 379101102735/debian-squeeze-amd64-20130224
  • ami-1fe7611e: 379101102735/debian-squeeze-i386-20130224

Sydney/AP-Southeast-2:

  • ami-8cfd6cb6: 379101102735/debian-squeeze-i386-20130224
  • ami-94fd6cae: 379101102735/debian-squeeze-amd64-20130224

Sao Paulo/SA-East-1:

  • ami-d1fe25cc: 379101102735/debian-squeeze-i386-20130224
  • ami-d9fe25c4: 379101102735/debian-squeeze-amd64-20130224

All AMIs and their corresponding EBS snapshots are marked as public so can be inspected by any other AWS user.

AWS Marketplace Image Distribution

These images (above) were copied to the AWS Marketplace Account and then replicated to all AWS Marketplace-supported Regions, and became identifiable by the following list of AMI IDs:

Region

32-bit PVM

64-bit PVM

US-East-1

ami-2c28ba45

ami-3428ba5d

US-West-1

ami-3afddf7f

ami-c2fddf87

US-West-2

ami-f2ee7bc2

ami-f4ee7bc4

US-Gov-West-1

EU-West-1

ami-caeee6be

ami-b2eee6c6

AP-Northeast-1

ami-3fb3353e

ami-47b33546

AP-Southeast-1

ami-9aaae7c8

ami-9eaae7cc

AP-Southeast-2

ami-c69302fc

ami-3c920306

SA-East-1

ami-a5ef34b8

ami-a3ef34be

Upgrading from previous 6.0.x releases

As is standard with Debian, a simple apt-get update && apt-get upgrade should bring all packages up to date. There is no need to reinstall, but any CloudFormation templates and AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases.

The image performs the following tasks:

  • UserData that is a shell script is executed (you may wish to apply pending updates and install other software, etc)

  • The root ext4 filesystem is resized on boot (you can grow larger than the default on instance launch)
  • The root account is disabled; please SSH to the instance as the user 'admin'.

The image by default makes no contact to any external servers (no updates applied, no outbound requests, no data leakage).

It is planned to provide a machine-readable version of the above list of images. For the sake of the brainstorm, a JSON version is temporarly placed at Cloud/AmazonEC2Image/Squeeze/JSON. However, the structure is very likely to change, see 694035 for details. Here is a naive example on how to query the list. euca-describe-images $(curl --silent http://wiki.debian.org/Cloud/AmazonEC2Image/Squeeze/JSON?action=raw | jsonpipe | awk '/Debian606.ap-northeast-1.64/ {print $2}' | sed 's/"//g')

CloudFormation Template

CloudFormation is a templating system for defining AWS resources - see http://aws.amazon.com/cloudformation/ 

{
        "Parameters" : {
                "KeyName" : {
                        "Description" : "SSH Key Name",
                        "Type" : "String",
                        "Default" : "My-Key"
                },
                "MyInstanceSize": {
                        "Description": "Instance size",
                        "Type": "String",
                        "Default" : "t1.micro"
                },
                "MyInstanceName": {
                        "Description": "Instance name",
                        "Type": "String"
                }
        },
        "Mappings" : {
            "Debian607-marketplace" : {
                "us-east-1" :      { "32" : "ami-2c28ba45", "64" : "ami-3428ba5d"},
                "us-west-1" :      { "32" : "ami-3afddf7f", "64" : "ami-c2fddf87"},
                "us-west-2" :      { "32" : "ami-f2ee7bc2", "64" : "ami-f4ee7bc4"},
                "us-gov-west-1" :  { "32" : "", "64" : ""},
                "eu-west-1" :      { "32" : "ami-caeee6be", "64" : "ami-b2eee6c6"},
                "ap-southeast-1" : { "32" : "ami-9aaae7c8", "64" : "ami-9eaae7cc"},
                "ap-southeast-2" : { "32" : "ami-c69302fc", "64" : "ami-3c920306"},
                "ap-northeast-1" : { "32" : "ami-3fb3353e", "64" : "ami-47b33546"},
                "sa-east-1" :      { "32" : "ami-a5ef34b8", "64" : "ami-a3ef34be"},
            },
            "release" : {
                "stable" : { "squeeze" : "Debian607-marketplace" }
            }
        },
        "Resources" : {
                "MyInstance" : {
                        "Type" : "AWS::EC2::Instance",
                        "Properties" : {
                                "SecurityGroups" : [ { "Ref" : "MySecurityGroup" } ],
                                "KeyName" : { "Ref": "KeyName" },
                                "Tags" : [{"Key": "Name", "Value": {"Ref" : "MyInstanceName"} } ],
                                "ImageId" : { "Fn::FindInMap" : [ "Debian607-marketplace",  { "Ref" : "AWS::Region" }, "64"  ]},
                                "InstanceType" : { "Ref" : "MyInstanceSize" },
                                "UserData" : { "Fn::Base64" : "" }
                        }
                },
                "MySecurityGroup" : {
                        "Type" : "AWS::EC2::SecurityGroup",
                        "Properties" : {
                                "GroupDescription" : "Permit inbound SSH",
                                "SecurityGroupIngress" : [ 
                                    {
                                        "IpProtocol" : "tcp",
                                        "FromPort" : "22",
                                        "ToPort" : "22",
                                        "CidrIp" : "0.0.0.0/0"
                                    }
                                ]
                        }
                }
        }
}

Suggested UserData scripts

The image by default takes no actions upon boot, and does not auto-update. However, as the Debian image does honour executing UserData meta-data that looks like a script (started with #!/bin/sh), you may optionally chose to take some action. This action can be passed as a script in the AWS Console UserData input, or in the above CloudFormation template to an instance (see the UserData section in the example above).

You can chose to enable auto update with the following UserData scripts: 

   1 #!/bin/sh
   2 apt-get update && apt-get upgrade -y && apt-get install -y unattended-upgrades

See also Cloud and Teams/Cloud.