|
Size: 10172
Comment: Cloud-init update in 7.3 AMIs
|
Size: 9840
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| = Debian Wheezy (7.x) on AWS = | = Debian Wheezy (7.x) on AWS EC2 = |
| Line 3: | Line 3: |
List of point releases published to the AWS EC2 and Marketplace: |
|
| Line 8: | Line 6: |
| * [[#7.0.0|7.0.0]] (May 2013) | |
| Line 49: | Line 46: |
| The full list of AMIs worldwide in the Debian AMI account are (draft and experimental with cloud-init, not publushed to AWS Marketplace): | ''' Deprecated: please do not use ''' The full list of AMIs worldwide in the Debian AMI account are (draft and experimental with cloud-init, not published to AWS Marketplace): |
| Line 63: | Line 62: |
The 7.2 release of Debian was built with the Python version of build-debian-cloud, and contains the [[https://help.ubuntu.com/community/CloudInit|CloudInit]] package installed from backports. |
|
| Line 98: | Line 95: |
---- == 7.1 == <<Anchor(7.1)>> The original 7.1 AMIs have been deprecated; please use the latest point release. |
|
| Line 153: | Line 139: |
| "Debian7.1a-EBS-PVM" : { "us-east-1" : { "32" : "ami-f494e99d", "64" : "ami-9e95e8f7"}, "us-west-1" : { "32" : "ami-b083aaf5", "64" : "ami-9283aad7"}, "us-west-2" : { "32" : "ami-a5831095", "64" : "ami-4d83107d"}, "us-gov-west-1" : { "32" : "ami-0992f62a", "64" : "ami-0f92f62c"}, "eu-west-1" : { "32" : "ami-c35f43b7", "64" : "ami-035f4377"}, "ap-southeast-1" : { "32" : "ami-7a773e28", "64" : "ami-46773e14"}, "ap-southeast-2" : { "32" : "ami-7705964d", "64" : "ami-7b059641"}, "ap-northeast-1" : { "32" : "ami-dfde4ade", "64" : "ami-b3de4ab2"}, "sa-east-1" : { "32" : "ami-5e288d43", "64" : "ami-26288d3b"} |
"Debian7.3-EBS-PVM" : { "us-east-1" : { "32" : "ami-33a68f5a", "64" : "ami-0da18864"}, "us-west-1" : { "32" : "ami-8ebd8dcb", "64" : "ami-96bd8dd3"}, "us-west-2" : { "32" : "ami-6a98fc5a", "64" : "ami-7298fc42"}, "us-gov-west-1" : { "32" : "ami-", "64" : "ami-"}, "eu-west-1" : { "32" : "ami-66836b11", "64" : "ami-8e826af9"}, "ap-southeast-1" : { "32" : "ami-28efbb7a", "64" : "ami-20efbb72"}, "ap-southeast-2" : { "32" : "ami-7774eb4d", "64" : "ami-7b74eb41"}, "ap-northeast-1" : { "32" : "ami-53a0c252", "64" : "ami-17a0c216"}, "sa-east-1" : { "32" : "ami-8f4fee92", "64" : "ami-954fee88"} |
| Line 165: | Line 151: |
| "stable" : { "wheezy" : "Debian7.1a-EBS-PVM" } | "stable" : { "wheezy" : "Debian7.3-EBS-PVM" } |
| Line 175: | Line 161: |
| "ImageId" : { "Fn::FindInMap" : [ "Debian7.1a-EBS-PVM", { "Ref" : "AWS::Region" }, { "Ref" : "InstanceBits" } ]}, | "ImageId" : { "Fn::FindInMap" : [ "Debian7.3-EBS-PVM", { "Ref" : "AWS::Region" }, { "Ref" : "InstanceBits" } ]}, |
| Line 200: | Line 186: |
| The image by default takes no actions upon boot, and does not auto-update. However, as the Debian image does honour executing !UserData meta-data that looks like a script (started with #!/bin/sh), you may optionally chose to take some action. This action can be passed as a script in the AWS Console !UserData input, or in the above !CloudFormation template to an instance (see the !UserData section in the example above). Note this is not ''cloud-init''. You can chose to enable auto update with the following !UserData scripts: |
As of the 7.3 release, the official Debian !AMIs now support cloud-init. This means you have much more flexability (and power) in what you cna put in your !UserData to get your instance to configure. For example, a simple shell script that starts with {{{#!/bin/sh}}} will be executed as previously - so you can chose to enable auto update with the following !UserData scripts: |
| Line 206: | Line 190: |
| apt-get update && apt-get upgrade -y && apt-get install -y unattended-upgrades | apt-get update && apt-get upgrade -y && apt-get install -y unattended-upgrades python-pip |
| Line 208: | Line 192: |
Some feature bugs may persist in Cloud-init in Debian 7.3 AMIs; no functionality has been lost, but it appears not all cloud-init directives can be used. Eg: packages, ssh-import-id, apt_update, apt-upgrade. |
Debian Wheezy (7.x) on AWS EC2
You may wish to use the CloudFormation template and launch your instance with some smart UserData scripts. For some releases you are free to choose the AWS Marketplace AMI, or the AMI that exists in the Debian AMI Account (account number 379101102735). All AMIs shared from the Debian AWS Account and their corresponding EBS snapshots are marked as public so can be inspected by any other AWS user.
SSH username
In line with the security of most Linux distributions on Amazon Web Services, remote root SSH is disabled (as is password authentication). You will need to connect to instances from this AMI as the user admin using your SSH key, and then sudo -i to gain root access.
Please note that a Marketplace image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: Official AWS documentation
7.3
The full list of AMIs worldwide in the Debian AMI account are (draft and experimental as at 19 December 2013):
Virtualisation |
Para-virtualisation (PVM) |
|||
Root filesystem |
EBS |
Instance store |
||
Bits |
32 bit |
64 bit |
32 bit |
64 bit |
US-East-1 |
ami-33a68f5a |
ami-0da18864 |
|
|
US-West-1 |
ami-8ebd8dcb |
ami-96bd8dd3 |
|
|
US-West-2 |
ami-6a98fc5a |
ami-7298fc42 |
|
|
EU-West-1 |
ami-66836b11 |
ami-8e826af9 |
|
|
AP-Southeast-1 |
ami-28efbb7a |
ami-20efbb72 |
|
|
AP-Southeast-2 |
ami-7774eb4d |
ami-7b74eb41 |
|
|
AP-Northeast-1 |
ami-53a0c252 |
ami-17a0c216 |
|
|
SA-East-1 |
ami-8f4fee92 |
ami-954fee88 |
|
|
US-Gov-West-1 |
|
|
|
|
The 7.3 release of Debian was built with the Python version of build-debian-cloud, and contains the CloudInit package installed from backports. Note that you can list these AMIs from the AWS CLI utility using a command of;
1 aws --profile your-profile --region us-east-1 ec2 describe-images --owners 379101102735 --filters Name=tag-key,Values=Name,Name=tag-value,Values=*7.3* --query "Images[*].{AMIID:ImageId,Description:Description}" --output text
7.2
Deprecated: please do not use
The full list of AMIs worldwide in the Debian AMI account are (draft and experimental with cloud-init, not published to AWS Marketplace):
Virtualisation |
Para-virtualisation (PVM) |
|||
Root filesystem |
EBS |
Instance store |
||
Bits |
32 bit |
64 bit |
32 bit |
64 bit |
US-East-1 |
ami-c72379ae |
ami-db2278b2 |
|
|
US-West-1 |
ami-f4d6e0b1 |
ami-02d6e047 |
|
|
US-West-2 |
ami-f2d14ac2 |
ami-4ad14a7a |
|
|
EU-West-1 |
ami-b56785c2 |
ami-f3678584 |
|
|
AP-Southeast-1 |
ami-d8b7e28a |
ami-08b7e25a |
|
|
AP-Southeast-2 |
ami-7761fd4d |
ami-2161fd1b |
|
|
AP-Northeast-1 |
ami-ef7f1bee |
ami-537f1b52 |
|
|
SA-East-1 |
ami-b950f6a4 |
ami-8750f69a |
|
|
US-Gov-West-1 |
|
|
|
|
7.1a
This update fixes an initialisation issue with Ecliptic Curve cryptography specific to the Wheezy 7.0 and 7.1 AMIs. It is recommended that you update your existing templates and launch configuration (for ?AutoScale) to the new AMIs. This does not affect older Squeeze (6.x) AMIs as ECC was not available in that release. To fix this issue on existing (currently launched and running) instances, please re-inistalise the relevant host key:
1 rm /etc/ssh/ssh_host_ecdsa_key && ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -t ecdsa -C 'host' -N ''
The full list of AMIs worldwide in the Debian AMI account are:
Virtualisation |
Para-virtualisation (PVM) |
|||
Root filesystem |
EBS |
Instance store |
||
Bits |
32 bit |
64 bit |
32 bit |
64 bit |
US-East-1 |
ami-f494e99d |
ami-9e95e8f7 |
|
|
US-West-1 |
ami-b083aaf5 |
ami-9283aad7 |
|
|
US-West-2 |
ami-a5831095 |
ami-4d83107d |
|
|
EU-West-1 |
ami-c35f43b7 |
ami-035f4377 |
|
|
AP-Southeast-1 |
ami-7a773e28 |
ami-46773e14 |
|
|
AP-Southeast-2 |
ami-7705964d |
ami-7b059641 |
|
|
AP-Northeast-1 |
ami-dfde4ade |
ami-b3de4ab2 |
|
|
SA-East-1 |
ami-5e288d43 |
ami-26288d3b |
|
|
US-Gov-West-1 |
ami-0992f62a |
ami-0f92f62c |
|
|
These images were generated with the following script:
1 #!/bin/sh
2 apt-get update; apt-get install -y git curl; cd ~root; git clone https://github.com/andsens/build-debian-cloud.git; logger "Cloned"; cd ~root/build-debian-cloud; curl https://github.com/andsens/build-debian-cloud/pull/79.patch | git am; export EC2_ACCESS_KEY='XXXX'; export EC2_SECRET_KEY='XXXX'; ./build-debian-cloud ec2 --volume-size 8 --filesystem ext4 --plugin plugins/admin-user --description 'Debian 7.1 (Wheezy) Base' --plugin plugins/publish-ami --plugin plugins/publish-snapshot --codename wheezy; logger "Starting i386 build"; ./build-debian-cloud ec2 --volume-size 8 --filesystem ext4 --plugin plugins/admin-user --description 'Debian 7.1 (Wheezy) Base' --arch i386 --plugin plugins/publish-ami --plugin plugins/publish-snapshot --codename wheezy; shutdown -h now
Upgrading from previous 6.x.y releases
As is standard with Debian, a simple apt-get update && apt-get upgrade should bring all packages up to date. There is no need to reinstall, but any ?CloudFormation templates and ?AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases.
CloudFormation Template
CloudFormation is a templating system for defining AWS resources - see http://aws.amazon.com/cloudformation/
{
"Parameters" : {
"KeyName" : {
"Description" : "SSH Key Name",
"Type" : "String",
"Default" : "My-Key"
},
"MyInstanceSize": {
"Description": "Instance size (m1.small, etc.)",
"Type": "String",
"Default" : "t1.micro",
"AllowedValues": ["t1.micro", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "c1.xlarge", "cc1.4xlarge", "m3.xlarge", "m3.2xlarge"]
},
"MyInstanceName": {
"Description": "Instance name",
"Type": "String"
},
"InstanceBits": {
"Description": "32 or 64 bits",
"Type": "String",
"Default": "64",
"AllowedValues": [ "32", "64" ]
},
"RootVolType": {
"Description": "Root volume type (EBS or Instance)",
"Type": "String",
"Default": "EBS",
"AllowedValues": [ "EBS", "Instance" ]
}
},
"Mappings" : {
"Debian7.3-EBS-PVM" : {
"us-east-1" : { "32" : "ami-33a68f5a", "64" : "ami-0da18864"},
"us-west-1" : { "32" : "ami-8ebd8dcb", "64" : "ami-96bd8dd3"},
"us-west-2" : { "32" : "ami-6a98fc5a", "64" : "ami-7298fc42"},
"us-gov-west-1" : { "32" : "ami-", "64" : "ami-"},
"eu-west-1" : { "32" : "ami-66836b11", "64" : "ami-8e826af9"},
"ap-southeast-1" : { "32" : "ami-28efbb7a", "64" : "ami-20efbb72"},
"ap-southeast-2" : { "32" : "ami-7774eb4d", "64" : "ami-7b74eb41"},
"ap-northeast-1" : { "32" : "ami-53a0c252", "64" : "ami-17a0c216"},
"sa-east-1" : { "32" : "ami-8f4fee92", "64" : "ami-954fee88"}
},
"release" : {
"stable" : { "wheezy" : "Debian7.3-EBS-PVM" }
}
},
"Resources" : {
"MyInstance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"SecurityGroups" : [ { "Ref" : "MySecurityGroup" } ],
"KeyName" : { "Ref": "KeyName" },
"Tags" : [{"Key": "Name", "Value": {"Ref" : "MyInstanceName"} } ],
"ImageId" : { "Fn::FindInMap" : [ "Debian7.3-EBS-PVM", { "Ref" : "AWS::Region" }, { "Ref" : "InstanceBits" } ]},
"InstanceType" : { "Ref" : "MyInstanceSize" },
"UserData" : { "Fn::Base64" : "" }
}
},
"MySecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Permit inbound SSH",
"SecurityGroupIngress" : [
{
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" : "0.0.0.0/0"
}
]
}
}
}
}
Suggested UserData scripts
As of the 7.3 release, the official Debian !AMIs now support cloud-init. This means you have much more flexability (and power) in what you cna put in your UserData to get your instance to configure. For example, a simple shell script that starts with #!/bin/sh will be executed as previously - so you can chose to enable auto update with the following UserData scripts:
Some feature bugs may persist in Cloud-init in Debian 7.3 AMIs; no functionality has been lost, but it appears not all cloud-init directives can be used. Eg: packages, ssh-import-id, apt_update, apt-upgrade.
See also Cloud and Teams/Cloud.