|
Size: 9008
Comment: Remove original 7.8 release AMIs
|
Size: 9014
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 5: | Line 5: |
You may wish to use the [[#CFTemplate|CloudFormation template]] and launch your instance with some smart [[#UserDataExamples|UserData scripts]]. For some releases you are free to choose the AWS Marketplace AMI, or the AMI that exists in the Debian AMI Account (account number 379101102735). All AMIs shared from the Debian AWS Account and their corresponding EBS snapshots are marked as public so can be inspected by any other AWS user. {{{#!wiki note '''SSH username''' In line with the security of most Linux distributions on ''Amazon Web Services'', remote ''root'' SSH is disabled (as is password authentication). You will need to connect to instances from this AMI as the user '''admin''' using your SSH key, and then '''sudo -i''' to gain root access. }}} Please note that a Marketplace image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: [[http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ApiReference-query-AttachVolume.html|Official AWS documentation]] |
|
| Line 20: | Line 6: |
| == 7.8.aws.1 == | == 7.8.aws.1 (28 January 2015) == |
| Line 42: | Line 28: |
You may wish to use a [[#CFTemplate|CloudFormation template]] and add a [[#UserDataExamples|UserData script]]. For some releases are duplicated into ''Amazon Marketplace'' but the same images are shared directly as "Community Shared AMIs" (account number 379101102735, but with different AMI IDs to the Marketplace). All AMIs shared from the Debian AWS Account and their corresponding EBS snapshots are marked as public so can be inspected by any AWS user. {{{#!wiki note '''SSH username''' Remote ''root'' SSH is disabled in all images, as is password authentication). You will need to connect to instances from these AMIs as the user '''admin''' using your SSH key, and then '''sudo -i''' to gain root access. }}} Please note that an ''Amazon Marketplace'' image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: [[http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ApiReference-query-AttachVolume.html|Official AWS documentation]] |
|
| Line 43: | Line 42: |
| As is standard with Debian, a simple '''apt-get update && apt-get dist-upgrade''' should bring all packages up to date. There is no need to reinstall, but any CloudFormation templates and AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases. | As is standard with Debian, a simple '''apt-get update && apt-get dist-upgrade''' should bring all packages up to date. There is no need to reinstall, but any !CloudFormation templates and !AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases. |
| Line 53: | Line 52: |
| "Description": "Debian AMI list, generated 2014-10-27 14:31:41.085276 by James Bromberger, jeb@debian.org", | "Description": "Debian AMI list, generated 2015-02-05 13:35:31.317011 by James Bromberger, jeb@debian.org", |
| Line 57: | Line 56: |
| "Wheezy77basei386paravirtualebs": "ami-970b3a96", "Wheezy77basex8664hvmebs": "ami-97f1c096", "Wheezy77basex8664paravirtualebs": "ami-0f0f3e0e", "Wheezy77basex8664paravirtualinstancestore": "ami-21f6c720" |
"Wheezy78basei386paravirtualebs": "ami-58b7a659", "Wheezy78basex8664hvmebs": "ami-48b9a849", "Wheezy78basex8664paravirtualebs": "ami-00b6a701", "Wheezy78basex8664paravirtualinstancestore": "ami-52a3b253" |
| Line 63: | Line 62: |
| "Wheezy77basei386paravirtualebs": "ami-4e20011c", "Wheezy77basex8664hvmebs": "ami-d822038a", "Wheezy77basex8664paravirtualebs": "ami-70220322", "Wheezy77basex8664paravirtualinstancestore": "ami-24240576" |
"Wheezy78basei386paravirtualebs": "ami-c56d4597", "Wheezy78basex8664hvmebs": "ami-bd6d45ef", "Wheezy78basex8664paravirtualebs": "ami-8d6d45df", "Wheezy78basex8664paravirtualinstancestore": "ami-956149c7" |
| Line 69: | Line 68: |
| "Wheezy77basei386paravirtualebs": "ami-0185e83b", "Wheezy77basex8664hvmebs": "ami-ed87ead7", "Wheezy77basex8664paravirtualebs": "ami-bd87ea87", "Wheezy77basex8664paravirtualinstancestore": "ami-e386ebd9" |
"Wheezy78basei386paravirtualebs": "ami-6de68c57", "Wheezy78basex8664hvmebs": "ami-d3e68ce9", "Wheezy78basex8664paravirtualebs": "ami-efe68cd5", "Wheezy78basex8664paravirtualinstancestore": "ami-15e58f2f" |
| Line 75: | Line 74: |
| "Wheezy77basei386paravirtualebs": "ami-c664cbb1", "Wheezy77basex8664hvmebs": "ami-e261ce95", "Wheezy77basex8664paravirtualebs": "ami-9c62cdeb", "Wheezy77basex8664paravirtualinstancestore": "ami-187fd06f" |
"Wheezy78basei386paravirtualebs": "ami-5d46c02a", "Wheezy78basex8664hvmebs": "ami-a345c3d4", "Wheezy78basex8664paravirtualebs": "ami-cb47c1bc", "Wheezy78basex8664paravirtualinstancestore": "ami-8153d5f6" |
| Line 81: | Line 80: |
| "Wheezy77basei386paravirtualebs": "ami-3f7dc922", "Wheezy77basex8664hvmebs": "ami-fd7dc9e0", "Wheezy77basex8664paravirtualebs": "ami-a97dc9b4", "Wheezy77basex8664paravirtualinstancestore": "ami-417eca5c" |
"Wheezy78basei386paravirtualebs": "ami-dd0cbec0", "Wheezy78basex8664hvmebs": "ami-b90dbfa4", "Wheezy78basex8664paravirtualebs": "ami-750dbf68", "Wheezy78basex8664paravirtualinstancestore": "ami-4ffb4652" |
| Line 87: | Line 86: |
| "Wheezy77basei386paravirtualebs": "ami-0258e26a", "Wheezy77basex8664hvmebs": "ami-a458e2cc", "Wheezy77basex8664paravirtualebs": "ami-2058e248", "Wheezy77basex8664paravirtualinstancestore": "ami-bc4af0d4" |
"Wheezy78basei386paravirtualebs": "ami-e895e580", "Wheezy78basex8664hvmebs": "ami-f295e59a", "Wheezy78basex8664paravirtualebs": "ami-3695e55e", "Wheezy78basex8664paravirtualinstancestore": "ami-363a495e" |
| Line 93: | Line 92: |
| "Wheezy77basei386paravirtualebs": "ami-c53d2880", "Wheezy77basex8664hvmebs": "ami-6f3f2a2a", "Wheezy77basex8664paravirtualebs": "ami-893c29cc", "Wheezy77basex8664paravirtualinstancestore": "ami-4b3e2b0e" |
"Wheezy78basei386paravirtualebs": "ami-f9fbe4bc", "Wheezy78basex8664hvmebs": "ami-c7fae582", "Wheezy78basex8664paravirtualebs": "ami-7ffae53a", "Wheezy78basex8664paravirtualinstancestore": "ami-d7f5ea92" |
| Line 99: | Line 98: |
| "Wheezy77basei386paravirtualebs": "ami-677e3157", "Wheezy77basex8664hvmebs": "ami-af7b349f", "Wheezy77basex8664paravirtualebs": "ami-df7c33ef", "Wheezy77basex8664paravirtualinstancestore": "ami-ff7a35cf" |
"Wheezy78basei386paravirtualebs": "ami-9f623eaf", "Wheezy78basex8664hvmebs": "ami-3d9cc00d", "Wheezy78basex8664paravirtualebs": "ami-01633f31", "Wheezy78basex8664paravirtualinstancestore": "ami-2995c919" |
| Line 119: | Line 118: |
| "Wheezy77basei386paravirtualebs", "Wheezy77basex8664hvmebs", "Wheezy77basex8664paravirtualebs", "Wheezy77basex8664paravirtualinstancestore" |
"Wheezy78basex8664hvmebs", "Wheezy78basex8664paravirtualinstancestore", "Wheezy78basex8664paravirtualebs", "Wheezy78basei386paravirtualebs" |
| Line 177: | Line 176: |
| As of the 7.3 release, the official Debian !AMIs now support cloud-init. This means you have much more flexibility (and power) in what you can put in your !UserData to get your instance to configure. For example, a simple shell script that starts with {{{#!/bin/sh}}} will be executed as previously - so you can chose to enable auto update with the following !UserData scripts: | Debian !AMIs use cloud-init. This gives you a choice when crafting your !UserData to configure your instance. Simple shell scripts continue to be supported by starting with {{{#!/bin/sh}}}, such as: |
| Line 184: | Line 183: |
| However [[http://cloudinit.readthedocs.org/en/latest/topics/examples.html|other formats]] for !UserData are also supported, such as: {{{ cloud-config: packages: - pwgen package_upgrade: true ssh_keys: rsa_public: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEAoPRhIfLvedSDKw7XdewmZ3h8eIXJD7TRHtVExampleOne rsa_public: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEAoPRhIfLvedSDKw7XdewmZ3h8eIXJD7TRHtVExampleTwo }}} |
|
| Line 185: | Line 196: |
Some feature bugs may persist in Cloud-init in Debian 7.3 AMIs; no functionality has been lost, but it appears not all cloud-init directives can be used. Eg: packages, ssh-import-id, apt_update, apt-upgrade. |
Debian Wheezy (7.x) on AWS EC2
7.8.aws.1 (28 January 2015)
7.8.aws.1 (28 January 2015)
This release addresses CVE 2015-0235 also known as the "ghost" issue with libc6; it contains the updated libc6 in the base image.
Region |
hvm x86_64 ebs |
paravirtual i386 ebs |
paravirtual x86_64 ebs |
paravirtual x86_64 instance-store |
ap-northeast-1 |
ami-b25d44b3 |
ami-c05e47c1 |
ami-e05c45e1 |
ami-745c4575 |
ap-southeast-1 |
ami-aeb49ffc |
ami-c08ba092 |
ami-008ba052 |
ami-6a8ba038 |
ap-southeast-2 |
ami-6b770351 |
ami-f17703cb |
ami-b777038d |
ami-4f770375 |
eu-central-1 |
ami-98043785 |
ami-c80437d5 |
ami-b60437ab |
ami-8a043797 |
eu-west-1 |
ami-61e56916 |
ami-1be06c6c |
ami-e7e66a90 |
ami-c9e569be |
sa-east-1 |
ami-3d8b3720 |
ami-6b8b3776 |
ami-558b3748 |
ami-2f8b3732 |
us-east-1 |
ami-e0efab88 |
ami-e6eeaa8e |
ami-baeda9d2 |
ami-74efab1c |
us-west-1 |
ami-b4869ff1 |
ami-a8b9a0ed |
ami-c0b9a085 |
ami-70b9a035 |
us-west-2 |
ami-431a4273 |
ami-051b4335 |
ami-f91a42c9 |
ami-a31a4293 |
us-gov-west-1 |
ami-d13455f2 |
ami-d53455f6 |
ami-d73455f4 |
- |
cn-north-1 |
ami-48029071 |
- |
ami-5c029065 |
- |
A GPG signed email of this list is in the Debian-Cloud mailing list archive for your security.
You may wish to use a CloudFormation template and add a UserData script. For some releases are duplicated into Amazon Marketplace but the same images are shared directly as "Community Shared AMIs" (account number 379101102735, but with different AMI IDs to the Marketplace). All AMIs shared from the Debian AWS Account and their corresponding EBS snapshots are marked as public so can be inspected by any AWS user.
SSH username
Remote root SSH is disabled in all images, as is password authentication). You will need to connect to instances from these AMIs as the user admin using your SSH key, and then sudo -i to gain root access.
Please note that an Amazon Marketplace image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: Official AWS documentation
Upgrading from previous 6.x.y releases
As is standard with Debian, a simple apt-get update && apt-get dist-upgrade should bring all packages up to date. There is no need to reinstall, but any CloudFormation templates and AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases.
CloudFormation Template
CloudFormation is a templating system for defining AWS resources - see http://aws.amazon.com/cloudformation/
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Debian AMI list, generated 2015-02-05 13:35:31.317011 by James Bromberger, jeb@debian.org",
"Mappings": {
"AMImap": {
"ap-northeast-1": {
"Wheezy78basei386paravirtualebs": "ami-58b7a659",
"Wheezy78basex8664hvmebs": "ami-48b9a849",
"Wheezy78basex8664paravirtualebs": "ami-00b6a701",
"Wheezy78basex8664paravirtualinstancestore": "ami-52a3b253"
},
"ap-southeast-1": {
"Wheezy78basei386paravirtualebs": "ami-c56d4597",
"Wheezy78basex8664hvmebs": "ami-bd6d45ef",
"Wheezy78basex8664paravirtualebs": "ami-8d6d45df",
"Wheezy78basex8664paravirtualinstancestore": "ami-956149c7"
},
"ap-southeast-2": {
"Wheezy78basei386paravirtualebs": "ami-6de68c57",
"Wheezy78basex8664hvmebs": "ami-d3e68ce9",
"Wheezy78basex8664paravirtualebs": "ami-efe68cd5",
"Wheezy78basex8664paravirtualinstancestore": "ami-15e58f2f"
},
"eu-west-1": {
"Wheezy78basei386paravirtualebs": "ami-5d46c02a",
"Wheezy78basex8664hvmebs": "ami-a345c3d4",
"Wheezy78basex8664paravirtualebs": "ami-cb47c1bc",
"Wheezy78basex8664paravirtualinstancestore": "ami-8153d5f6"
},
"sa-east-1": {
"Wheezy78basei386paravirtualebs": "ami-dd0cbec0",
"Wheezy78basex8664hvmebs": "ami-b90dbfa4",
"Wheezy78basex8664paravirtualebs": "ami-750dbf68",
"Wheezy78basex8664paravirtualinstancestore": "ami-4ffb4652"
},
"us-east-1": {
"Wheezy78basei386paravirtualebs": "ami-e895e580",
"Wheezy78basex8664hvmebs": "ami-f295e59a",
"Wheezy78basex8664paravirtualebs": "ami-3695e55e",
"Wheezy78basex8664paravirtualinstancestore": "ami-363a495e"
},
"us-west-1": {
"Wheezy78basei386paravirtualebs": "ami-f9fbe4bc",
"Wheezy78basex8664hvmebs": "ami-c7fae582",
"Wheezy78basex8664paravirtualebs": "ami-7ffae53a",
"Wheezy78basex8664paravirtualinstancestore": "ami-d7f5ea92"
},
"us-west-2": {
"Wheezy78basei386paravirtualebs": "ami-9f623eaf",
"Wheezy78basex8664hvmebs": "ami-3d9cc00d",
"Wheezy78basex8664paravirtualebs": "ami-01633f31",
"Wheezy78basex8664paravirtualinstancestore": "ami-2995c919"
}
}
},
"Parameters": {
"InstanceType": {
"AllowedPattern": "[a-z]+[0-9].[a-z0-9]+",
"Default": "m3.medium",
"Description": "Type of EC2 Instance",
"Type": "String"
},
"KeyName": {
"Description": "SSH Key Name",
"Type": "String"
},
"Release": {
"AllowedValues": [
"Wheezy78basex8664hvmebs",
"Wheezy78basex8664paravirtualinstancestore",
"Wheezy78basex8664paravirtualebs",
"Wheezy78basei386paravirtualebs"
],
"Default": "Wheezy75basex8664paravirtualebs",
"Description": "Release, arch and root filesystem type",
"Type": "String"
}
},
"Resources": {
"MyInstance": {
"Properties": {
"ImageId": {
"Fn::FindInMap": [
"AMImap",
{
"Ref": "AWS::Region"
},
{
"Ref": "Release"
}
]
},
"InstanceType": {
"Ref": "InstanceType"
},
"KeyName": {
"Ref": "KeyName"
},
"SecurityGroups": [
{
"Ref": "MySecurityGroup"
}
]
},
"Type": "AWS::EC2::Instance"
},
"MySecurityGroup": {
"Properties": {
"GroupDescription": "Permit inbound SSH",
"SecurityGroupIngress": [
{
"CidrIp": "0.0.0.0/0",
"FromPort": "22",
"IpProtocol": "tcp",
"ToPort": "22"
}
]
},
"Type": "AWS::EC2::SecurityGroup"
}
}
}
Suggested UserData scripts
Debian !AMIs use cloud-init. This gives you a choice when crafting your UserData to configure your instance. Simple shell scripts continue to be supported by starting with #!/bin/sh, such as:
However other formats for UserData are also supported, such as:
cloud-config: packages: - pwgen package_upgrade: true ssh_keys: rsa_public: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEAoPRhIfLvedSDKw7XdewmZ3h8eIXJD7TRHtVExampleOne rsa_public: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEAoPRhIfLvedSDKw7XdewmZ3h8eIXJD7TRHtVExampleTwo
The unattended-upgrades package is described on UnattendedUpgrades.
See also Cloud and Teams/Cloud.