Differences between revisions 64 and 65
Revision 64 as of 2014-04-11 06:36:14
Size: 8413
Comment: Add GovCloud AMI IDs
Revision 65 as of 2014-04-12 17:13:10
Size: 8499
Comment:
Deletions are marked like this. Additions are marked like this.
Line 4: Line 4:
 * [[#7.4|7.4]] (February 2014)  * [[#7.4|7.4]] (February 2014) - deprecated
Line 48: Line 48:

Note: 7.4 is scheduled for removal on 18/April/2014. Please use 7.4a.

Debian Wheezy (7.x) on AWS EC2

  • 7.4a (9 April 2014)

  • 7.4 (February 2014) - deprecated

You may wish to use the CloudFormation template and launch your instance with some smart UserData scripts. For some releases you are free to choose the AWS Marketplace AMI, or the AMI that exists in the Debian AMI Account (account number 379101102735). All AMIs shared from the Debian AWS Account and their corresponding EBS snapshots are marked as public so can be inspected by any other AWS user.

SSH username

In line with the security of most Linux distributions on Amazon Web Services, remote root SSH is disabled (as is password authentication). You will need to connect to instances from this AMI as the user admin using your SSH key, and then sudo -i to gain root access.

Please note that a Marketplace image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: Official AWS documentation


7.4a

This update to the EC2 AMIs fixes a few issues:

  • Includes updated libssl for the Heartbleed CVE-2014-0160
  • Fixes console output to hvc0
  • Speeds up boot time by only checking EC2 meta data server
  • For S3 backed (instance-store) AMIs, increase the root volume from 1 GB to 4 GB

Virtualisation

Para-virtualisation (PVM)

Hardware Virtualisation (HVM)

Root filesystem

EBS

Instance store

EBS

Architecture

i386

x86_64

x86_64

x86_64

US-East-1

ami-57c5d83e

ami-b7c8d5de

ami-89eef3e0

ami-cdc6dba4

US-West-1

ami-d4f6cf91

ami-62f6cf27

ami-e2ead3a7

ami-96f6cfd3

US-West-2

ami-089ef538

ami-709ff440

ami-4297fc72

ami-ea9ef5da

EU-West-1

ami-c79e65b0

ami-039f6474

ami-ab946fdc

ami-459c6732

AP-Southeast-1

ami-f61241a4

ami-3e12416c

ami-c2174490

ami-a61241f4

AP-Southeast-2

ami-6ba33b51

ami-1da33b27

ami-d5a53def

ami-a3a33b99

AP-Northeast-1

ami-a1f28ca0

ami-8bf58b8a

ami-23e19f22

ami-59f38d58

SA-East-1

ami-d14be9cc

ami-ad4be9b0

ami-cb48ead6

ami-fb4be9e6

US-Gov-West-1

ami-2d0e690e

ami-030e6920

CN-North-1

-

ami-e8b123d1

ami-eab123d3

The 7.4a release of Debian was built with bootstrap-vz (formerly called build-debian-cloud), and contains the CloudInit package installed from Debian backports.


7.4

Note: 7.4 is scheduled for removal on 18/April/2014. Please use 7.4a.

The full list of AMIs worldwide in the Debian AMI account are:

Virtualisation

Para-virtualisation (PVM)

Hardware Virtualisation (HVM)

Root filesystem

EBS

Instance store

EBS

Architecture

i386

x86_64

x86_64

x86_64

US-East-1

ami-1f675d76

ami-d3675dba

ami-655a600c

ami-9f675df6

US-West-1

ami-9ed0eddb

ami-6ed3ee2b

ami-46c7fa03

ami-76d3ee33

US-West-2

ami-72204242

ami-de2042ee

ami-68026058

ami-22214312

EU-West-1

ami-1af0016d

ami-9ef001e9

ami-80d322f7

ami-76f30201

AP-Southeast-1

ami-a2a3f5f0

ami-18a0f64a

ami-34aafc66

ami-06a0f654

AP-Southeast-2

ami-6b3ea051

ami-b33ea089

ami-3d3aa407

ami-a93ea093

AP-Northeast-1

ami-e5a3c9e4

ami-67a6cc66

ami-f780eaf6

ami-d7a6ccd6

SA-East-1

ami-6517b778

ami-9717b78a

ami-771bbb6a

ami-8f17b792

US-Gov-West-1

CN-North-1

-

ami-bcb32185

ami-beb32187

The 7.4 release of Debian was built with bootstrap-vz (formerly called build-debian-cloud), and contains the CloudInit package installed from Debian backports.


Upgrading from previous 6.x.y releases

As is standard with Debian, a simple apt-get update && apt-get dist-upgrade should bring all packages up to date. There is no need to reinstall, but any ?CloudFormation templates and ?AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases.

CloudFormation Template

CloudFormation is a templating system for defining AWS resources - see http://aws.amazon.com/cloudformation/

{
        "Parameters" : {
                "KeyName" : {
                        "Description" : "SSH Key Name",
                        "Type" : "String",
                        "Default" : "My-Key"
                },
                "MyInstanceSize": {
                        "Description": "Instance size (m1.small, etc.)",
                        "Type": "String",
                        "Default" : "t1.micro",
                        "AllowedValues": ["t1.micro", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "c1.xlarge", "cc1.4xlarge", "m3.xlarge", "m3.2xlarge"]
                },
                "MyInstanceName": {
                        "Description": "Instance name",
                        "Type": "String"
                },
                "InstanceBits": {
                        "Description": "32 or 64 bits",
                        "Type": "String",
                        "Default": "64",
                        "AllowedValues": [ "32", "64" ]
                },
                "RootVolType": {
                        "Description": "Root volume type (EBS or Instance)",
                        "Type": "String",
                        "Default": "EBS",
                        "AllowedValues": [ "EBS", "Instance" ]
                }
        },
        "Mappings" : {
            "Debian7.3-EBS-PVM" : { 
                "us-east-1" :      { "32" : "ami-33a68f5a", "64" : "ami-0da18864"},
                "us-west-1" :      { "32" : "ami-8ebd8dcb", "64" : "ami-96bd8dd3"},
                "us-west-2" :      { "32" : "ami-6a98fc5a", "64" : "ami-7298fc42"},
                "us-gov-west-1" :  { "32" : "ami-", "64" : "ami-"},
                "eu-west-1" :      { "32" : "ami-66836b11", "64" : "ami-8e826af9"},
                "ap-southeast-1" : { "32" : "ami-28efbb7a", "64" : "ami-20efbb72"},
                "ap-southeast-2" : { "32" : "ami-7774eb4d", "64" : "ami-7b74eb41"},
                "ap-northeast-1" : { "32" : "ami-53a0c252", "64" : "ami-17a0c216"},
                "sa-east-1" :      { "32" : "ami-8f4fee92", "64" : "ami-954fee88"}
            },
            "release" : {
                "stable" : { "wheezy" : "Debian7.3-EBS-PVM" }
            }
        },
        "Resources" : {
                "MyInstance" : {
                        "Type" : "AWS::EC2::Instance",
                        "Properties" : {
                                "SecurityGroups" : [ { "Ref" : "MySecurityGroup" } ],
                                "KeyName" : { "Ref": "KeyName" },
                                "Tags" : [{"Key": "Name", "Value": {"Ref" : "MyInstanceName"} } ],
                                "ImageId" : { "Fn::FindInMap" : [ "Debian7.3-EBS-PVM",  { "Ref" : "AWS::Region" }, { "Ref" : "InstanceBits" }  ]},
                                "InstanceType" : { "Ref" : "MyInstanceSize" },
                                "UserData" : { "Fn::Base64" : "" }
                        }
                },
                "MySecurityGroup" : {
                        "Type" : "AWS::EC2::SecurityGroup",
                        "Properties" : {
                                "GroupDescription" : "Permit inbound SSH",
                                "SecurityGroupIngress" : [ 
                                    {
                                        "IpProtocol" : "tcp",
                                        "FromPort" : "22",
                                        "ToPort" : "22",
                                        "CidrIp" : "0.0.0.0/0"
                                    }
                                ]
                        }
                }
        }
}

Suggested UserData scripts

As of the 7.3 release, the official Debian !AMIs now support cloud-init. This means you have much more flexability (and power) in what you cna put in your UserData to get your instance to configure. For example, a simple shell script that starts with #!/bin/sh will be executed as previously - so you can chose to enable auto update with the following UserData scripts:

   1 #!/bin/sh
   2 apt-get update && apt-get upgrade -y && apt-get install -y unattended-upgrades python-pip

The unattended-upgrades package is described on UnattendedUpgrades.

Some feature bugs may persist in Cloud-init in Debian 7.3 AMIs; no functionality has been lost, but it appears not all cloud-init directives can be used. Eg: packages, ssh-import-id, apt_update, apt-upgrade.


See also Cloud and Teams/Cloud.