Differences between revisions 31 and 32
Revision 31 as of 2013-07-05 04:38:45
Size: 12152
Comment:
Revision 32 as of 2013-07-05 23:04:45
Size: 12201
Comment: Update 7.1a AMIs in all regions (incl GovCloud).
Deletions are marked like this. Additions are marked like this.
Line 53: Line 53:
|| US-Gov-West-1 || || || || || || US-Gov-West-1 || ami-0992f62a || ami-0f92f62c || || ||
Line 158: Line 158:
                "us-gov-west-1" : { "32" : "", "64" : ""},                 "us-gov-west-1" : { "32" : "ami-0992f62a", "64" : "ami-0f92f62c"},

Debian Wheezy (7.x) on AWS

List of point releases published to the AWS Marketplace:

You may wish to use the CloudFormation template and launch your instance with some smart UserData scripts. For some releases you are free to choose the AWS Marketplace AMI, or the AMI that exists in the Debian AMI Account (account number 379101102735). All AMIs shared fromt he Debian AWS Account and their corresponding EBS snapshots are marked as public so can be inspected by any other AWS user.

SSH username

In line with the security of most Linux distributions on Amazon Web Services, remote root SSH is disabled (as is password authentication). You will need to connect to instances from this AMI as the user admin using your SSH key, and then sudo -i to gain root access.

Please note that a Marketplace image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: Official AWS documentation


7.1a

This update fixes an initalisation issue with Ecliptic Curve cryptograph specific to the Wheezy 7.0 and 7.1 AMIs. It is recommended that you update your existing templates and launch configuration (for ?AutoScale) to the new AMIs. This does not affect older Squeeze (6.x) AMIs as ECC was not available in that release. To fix this issue on existing (currently launched and running) instances, please re-inistalise the relevent host key:

   1 rm /etc/ssh/ssh_host_ecdsa_key
   2 ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -t ecdsa -C 'host' -N ''

These images were generated with the following script:

   1 #!/bin/sh
   2 apt-get update; apt-get install -y git curl; cd ~root; git clone https://github.com/andsens/build-debian-cloud.git; logger "Cloned"; cd ~root/build-debian-cloud; curl https://github.com/andsens/build-debian-cloud/pull/79.patch | git am; export EC2_ACCESS_KEY='XXXX'; export EC2_SECRET_KEY='XXXX'; ./build-debian-cloud ec2 --volume-size 8 --filesystem ext4 --plugin plugins/admin-user --description 'Debian 7.1 (Wheezy) Base' --plugin plugins/publish-ami --plugin plugins/publish-snapshot --codename wheezy; logger "Starting i386 build"; ./build-debian-cloud ec2 --volume-size 8 --filesystem ext4 --plugin plugins/admin-user --description 'Debian 7.1 (Wheezy) Base' --arch i386 --plugin plugins/publish-ami --plugin plugins/publish-snapshot --codename wheezy; shutdown -h now

The full list of AMIs worldwide in the Debian AMI account are:

Virtualisation

Para-virtualisation (PVM)

Root filesystem

EBS

Instance store

Bits

32 bit

64 bit

32 bit

64 bit

US-East-1

ami-f494e99d

ami-9e95e8f7

US-West-1

ami-b083aaf5

ami-9283aad7

US-West-2

ami-a5831095

ami-4d83107d

EU-West-1

ami-c35f43b7

ami-035f4377

AP-Southeast-1

ami-7a773e28

ami-46773e14

AP-Southeast-2

ami-7705964d

ami-7b059641

AP-Northeast-1

ami-dfde4ade

ami-b3de4ab2

SA-East-1

ami-5e288d43

ami-26288d3b

US-Gov-West-1

ami-0992f62a

ami-0f92f62c


7.1

These images were generated with the following script:

   1 #!/bin/sh
   2 apt-get update; apt-get install -y git; cd ~root; git clone https://github.com/andsens/build-debian-cloud.git; logger "Cloned"; cd ~root/build-debian-cloud; export PATH=$PATH:/usr/local/bin/; export EC2_ACCESS_KEY='XXXX'; export EC2_SECRET_KEY='XXXX'; ./build-debian-cloud ec2 --volume-size 8 --filesystem ext4 --plugin plugins/admin-user --description 'Debian 7.1 (Wheezy) Base' --plugin plugins/publish-ami --plugin plugins/publish-snapshot --codename wheezy; logger "Starting i386 build"; ./build-debian-cloud ec2 --volume-size 8 --filesystem ext4 --plugin plugins/admin-user --description 'Debian 7.1 (Wheezy) Base' --arch i386 --plugin plugins/publish-ami --plugin plugins/publish-snapshot --codename wheezy; shutdown -h now

The full list of AMIs worldwide in the Debian AMI account are:

Virtualisation

Para-virtualisation (PVM)

Root filesystem

EBS

Instance store

Bits

32 bit

64 bit

32 bit

64 bit

US-East-1

ami-ab2a5bc2

ami-812958e8

US-West-1

ami-37496072

ami-1b49605e

US-West-2

ami-61b42451

ami-0bb4243b

EU-West-1

ami-457c6e31

ami-857f6df1

AP-Southeast-1

ami-d2fdb380

ami-befcb2ec

AP-Southeast-2

ami-a3af3c99

ami-abaf3c91

AP-Northeast-1

ami-f1d852f0

ami-9dd8529c

SA-East-1

ami-f49e3be9

ami-d69e3bcb

US-Gov-West-1

ami-7996f25a

ami-7b96f258


7.0.0

These images were generated with the following script:

   1 #!/bin/sh
   2 apt-get update; apt-get install -y git; cd ~root; git clone https://github.com/andsens/build-debian-cloud.git; logger "Cloned" ; cd ~root/debian-build-cloud; export PATH=$PATH:/usr/local/bin/; export EC2_ACCESS_KEY='XXXX'; export EC2_SECRET_KEY='XXXX'; logger "Starting AMD64 build. Path = $PATH"; ./build-debian-cloud ec2 --volume-size 8 --filesystem ext4 --plugin plugins/admin-user --description 'Debian 7 (Wheezy)' --plugin plugins/publish-ami --plugin plugins/publish-snapshot --codename wheezy; logger "Starting i386 build"; ./build-debian-cloud ec2 --volume-size 8 --filesystem ext4 --plugin plugins/admin-user --description 'Debian 7 (Wheezy)' --arch i386 --plugin plugins/publish-ami --plugin plugins/publish-snapshot --codename wheezy; shutdown -h now

The full list of AMIs worldwide in the Debian AMI account are:

Virtualisation

Para-virtualisation (PVM)

Root filesystem

EBS

Instance store

Bits

32 bit

64 bit

32 bit

64 bit

US-East-1

ami-e17c1088

ami-1d620e74

US-West-1

ami-8d1d32c8

ami-d51d3290

US-West-2

ami-09b12739

ami-1fb1272f

EU-West-1

ami-7d011709

ami-c90016bd

AP-Southeast-1

ami-26a4eb74

ami-3ca4eb6e

AP-Southeast-2

ami-3f7eee05

ami-c17dedfb

AP-Northeast-1

ami-1be06f1a

ami-dbe16eda

SA-East-1

ami-9426fc89

ami-f221fbef

US-Gov-West-1

ami-3f8aee1c

ami-398aee1a

AWS Marketplace Image Distribution

These images (above) were copied to the AWS Marketplace Account and then replicated to all AWS Marketplace-supported Regions, and became identifiable by the following list of AMI IDs:

Upgrading from previous 6.x.y releases

As is standard with Debian, a simple apt-get update && apt-get upgrade should bring all packages up to date. There is no need to reinstall, but any ?CloudFormation templates and ?AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases.

CloudFormation Template

CloudFormation is a templating system for defining AWS resources - see http://aws.amazon.com/cloudformation/

{
        "Parameters" : {
                "KeyName" : {
                        "Description" : "SSH Key Name",
                        "Type" : "String",
                        "Default" : "My-Key"
                },
                "MyInstanceSize": {
                        "Description": "Instance size (m1.small, etc.)",
                        "Type": "String",
                        "Default" : "t1.micro",
                        "AllowedValues": ["t1.micro", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "c1.xlarge", "cc1.4xlarge", "m3.xlarge", "m3.2xlarge"]
                },
                "MyInstanceName": {
                        "Description": "Instance name",
                        "Type": "String"
                },
                "InstanceBits": {
                        "Description": "32 or 64 bits",
                        "Type": "String",
                        "Default": "64",
                        "AllowedValues": [ "32", "64" ]
                },
                "RootVolType": {
                        "Description": "Root volume type (EBS or Instance)",
                        "Type": "String",
                        "Default": "EBS",
                        "AllowedValues": [ "EBS", "Instance" ]
                }
        },
        "Mappings" : {
            "Debian7.1a-EBS-PVM" : { 
                "us-east-1" :      { "32" : "ami-f494e99d", "64" : "ami-9e95e8f7"},
                "us-west-1" :      { "32" : "ami-b083aaf5", "64" : "ami-9283aad7"},
                "us-west-2" :      { "32" : "ami-a5831095", "64" : "ami-4d83107d"},
                "us-gov-west-1" :  { "32" : "ami-0992f62a", "64" : "ami-0f92f62c"},
                "eu-west-1" :      { "32" : "ami-c35f43b7", "64" : "ami-035f4377"},
                "ap-southeast-1" : { "32" : "ami-7a773e28", "64" : "ami-46773e14"},
                "ap-southeast-2" : { "32" : "ami-7705964d", "64" : "ami-7b059641"},
                "ap-northeast-1" : { "32" : "ami-dfde4ade", "64" : "ami-b3de4ab2"},
                "sa-east-1" :      { "32" : "ami-5e288d43", "64" : "ami-26288d3b"},
            },
            "Debian7.1-EBS-PVM" : { 
                "us-east-1" :      { "32" : "ami-ab2a5bc2", "64" : "ami-812958e8"},
                "us-west-1" :      { "32" : "ami-37496072", "64" : "ami-1b49605e"},
                "us-west-2" :      { "32" : "ami-61b42451", "64" : "ami-0bb4243b"},
                "us-gov-west-1" :  { "32" : "ami-7996f25a", "64" : "ami-7b96f258"},
                "eu-west-1" :      { "32" : "ami-457c6e31", "64" : "ami-857f6df1"},
                "ap-southeast-1" : { "32" : "ami-d2fdb380", "64" : "ami-befcb2ec"},
                "ap-southeast-2" : { "32" : "ami-a3af3c99", "64" : "ami-abaf3c91"},
                "ap-northeast-1" : { "32" : "ami-f1d852f0", "64" : "ami-9dd8529c"},
                "sa-east-1" :      { "32" : "ami-f49e3be9", "64" : "ami-d69e3bcb"},
            },
            "release" : {
                "stable" : { "wheezy" : "Debian7.1a-EBS-PVM" }
            }
        },
        "Resources" : {
                "MyInstance" : {
                        "Type" : "AWS::EC2::Instance",
                        "Properties" : {
                                "SecurityGroups" : [ { "Ref" : "MySecurityGroup" } ],
                                "KeyName" : { "Ref": "KeyName" },
                                "Tags" : [{"Key": "Name", "Value": {"Ref" : "MyInstanceName"} } ],
                                "ImageId" : { "Fn::FindInMap" : [ "Debian7.1a-EBS-PVM",  { "Ref" : "AWS::Region" }, { "Ref" : "InstanceBits" }  ]},
                                "InstanceType" : { "Ref" : "MyInstanceSize" },
                                "UserData" : { "Fn::Base64" : "" }
                        }
                },
                "MySecurityGroup" : {
                        "Type" : "AWS::EC2::SecurityGroup",
                        "Properties" : {
                                "GroupDescription" : "Permit inbound SSH",
                                "SecurityGroupIngress" : [ 
                                    {
                                        "IpProtocol" : "tcp",
                                        "FromPort" : "22",
                                        "ToPort" : "22",
                                        "CidrIp" : "0.0.0.0/0"
                                    }
                                ]
                        }
                }
        }
}

Suggested UserData scripts

The image by default takes no actions upon boot, and does not auto-update. However, as the Debian image does honour executing UserData meta-data that looks like a script (started with #!/bin/sh), you may optionally chose to take some action. This action can be passed as a script in the AWS Console UserData input, or in the above CloudFormation template to an instance (see the UserData section in the example above). Note this is not cloud-init.

You can chose to enable auto update with the following UserData scripts:

   1 #!/bin/sh
   2 apt-get update && apt-get upgrade -y && apt-get install -y unattended-upgrades


See also Cloud and Teams/Cloud.