Differences between revisions 74 and 75
Revision 74 as of 2014-09-25 17:06:06
Size: 9425
Comment:
Revision 75 as of 2014-09-26 07:43:42
Size: 9498
Comment: Add us-gov-west-1 AMIs for 7.6.aws.1
Deletions are marked like this. Additions are marked like this.
Line 36: Line 36:
|| cn-north-1 || || ami-de55c7e7 || || || cn-north-1 || || ami-de55c7e7 || || ||
|| us-gov-west-1 || ami-dfd8bffc || ami-cfd8bfec || || ami-d3d8bff0 ||

Debian Wheezy (7.x) on AWS EC2

  • 7.6.aws.1 (26 September 2014)

  • 7.6 (20 July 2014)

  • 7.5 (27 April 2014) Deprecated - scheduled for removal 31st October 2014

You may wish to use the CloudFormation template and launch your instance with some smart UserData scripts. For some releases you are free to choose the AWS Marketplace AMI, or the AMI that exists in the Debian AMI Account (account number 379101102735). All AMIs shared from the Debian AWS Account and their corresponding EBS snapshots are marked as public so can be inspected by any other AWS user.

SSH username

In line with the security of most Linux distributions on Amazon Web Services, remote root SSH is disabled (as is password authentication). You will need to connect to instances from this AMI as the user admin using your SSH key, and then sudo -i to gain root access.

Please note that a Marketplace image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: Official AWS documentation


7.6.aws.1

Following the release of CVE-2014-7169 (Bash exploit) and the release of an updated Debian package of Bash, we have re-rolled the 7.6 release of Debian with new AMIs:

Virtualisation

Para-virtualisation (PVM)

Hardware Virtualisation (HVM)

Root filesystem

EBS

Instance store

EBS

Architecture

i386

x86_64

x86_64

x86_64

us-east-1

ami-ce40f5a6

ami-f241f49a

ami-0c249164

ap-northeast-1

ami-c5123bc4

ami-b1123bb0

ami-c9e3cac8

eu-west-1

ami-f2f05185

ami-46f05131

ami-94fe5fe3

ap-southeast-1

ami-f86d4aaa

ami-cc6d4a9e

ami-90684fc2

ap-southeast-2

ami-27fb981d

ami-31fb980b

ami-7dfe9d47

us-west-2

ami-ad90d39d

ami-5f90d36f

ami-259dde15

us-west-1

ami-8dd1d9c8

ami-f9d1d9bc

ami-55d7df10

sa-east-1

ami-e70aa0fa

ami-e90aa0f4

ami-0508a218

cn-north-1

ami-de55c7e7

us-gov-west-1

ami-dfd8bffc

ami-cfd8bfec

ami-d3d8bff0


7.6

Virtualisation

Para-virtualisation (PVM)

Hardware Virtualisation (HVM)

Root filesystem

EBS

Instance store

EBS

Architecture

i386

x86_64

x86_64

x86_64

US-East-1

ami-90a66af8

ami-c4ab67ac

ami-f4ad649c

ami-0632fd6e

US-West-1

ami-e5191aa0

ami-db191a9e

ami-89dd0cfe

ami-9f191ada

US-West-2

ami-f3c5bcc3

ami-f1c5bcc1

ami-476c1477

ami-c5c5bcf5

EU-West-1

ami-c130e6b6

ami-d130e6a6

ami-89dd0cfe

ami-4d31e73a

AP-Southeast-1

ami-20c09972

ami-3ec0996c

ami-e80a52ba

ami-86c099d4

AP-Southeast-2

ami-33f79009

ami-3df79007

ami-f9c9aec3

ami-99f790a3

AP-Northeast-1

ami-bddf8cbc

ami-bbdf8cba

ami-99b8ea98

ami-09dd8e08

SA-East-1

ami-51e64f4c

ami-57e64f4a

ami-f7d079ea

ami-75e64f68

US-Gov-West-1

ami-5db9de7e

ami-5fb9de7c

ami-a9b9de8a

CN-North-1

-

ami-c6a634ff

-

ami-d2a634eb

The 7.6 release of Debian was built with bootstrap-vz (formerly called build-debian-cloud), and contains the CloudInit package installed from Debian backports.


7.5

These images are deprecated and will be removed 31st October 2014. Please use the latest point release.

Virtualisation

Para-virtualisation (PVM)

Hardware Virtualisation (HVM)

Root filesystem

EBS

Instance store

EBS

Architecture

i386

x86_64

x86_64

x86_64

US-East-1

ami-90886cf8

ami-2c886c44

ami-848a6eec

ami-86896dee

US-West-1

ami-6895ad2d

ami-5c95ad19

ami-d495ad91

ami-0e95ad4b

US-West-2

ami-a0760290

ami-40760270

ami-ee7703de

ami-10770320

EU-West-1

ami-510fcb26

ami-630fcb14

ami-a70fcbd0

ami-210fcb56

AP-Southeast-1

ami-24fba876

ami-22fba870

ami-7cfaa92e

ami-dcfba88e

AP-Southeast-2

ami-24fba876

ami-edc75cd7

ami-0bc65d31

ami-33c65d09

AP-Northeast-1

ami-c7296cc6

ami-91296c90

ami-b53570b4

ami-112b6e10

SA-East-1

ami-ffb815e2

ami-c3b815de

ami-efb815f2

ami-f5b815e8

US-Gov-West-1

CN-North-1

-

ami-c6b123ff

ami-38b62401

The 7.5 release of Debian was built with bootstrap-vz (formerly called build-debian-cloud), and contains the CloudInit package installed from Debian backports.


Upgrading from previous 6.x.y releases

As is standard with Debian, a simple apt-get update && apt-get dist-upgrade should bring all packages up to date. There is no need to reinstall, but any ?CloudFormation templates and ?AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases.

CloudFormation Template

CloudFormation is a templating system for defining AWS resources - see http://aws.amazon.com/cloudformation/

{
        "Parameters" : {
                "KeyName" : {
                        "Description" : "SSH Key Name",
                        "Type" : "String",
                        "Default" : "My-Key"
                },
                "MyInstanceSize": {
                        "Description": "Instance size (m1.small, etc.)",
                        "Type": "String",
                        "Default" : "t1.micro",
                        "AllowedValues": ["t1.micro", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "c1.xlarge", "cc1.4xlarge", "m3.xlarge", "m3.2xlarge"]
                },
                "MyInstanceName": {
                        "Description": "Instance name",
                        "Type": "String"
                },
                "InstanceBits": {
                        "Description": "32 or 64 bits",
                        "Type": "String",
                        "Default": "64",
                        "AllowedValues": [ "32", "64" ]
                },
                "RootVolType": {
                        "Description": "Root volume type (EBS or Instance)",
                        "Type": "String",
                        "Default": "EBS",
                        "AllowedValues": [ "EBS", "Instance" ]
                }
        },
        "Mappings" : {
            "Debian7.3-EBS-PVM" : { 
                "us-east-1" :      { "32" : "ami-33a68f5a", "64" : "ami-0da18864"},
                "us-west-1" :      { "32" : "ami-8ebd8dcb", "64" : "ami-96bd8dd3"},
                "us-west-2" :      { "32" : "ami-6a98fc5a", "64" : "ami-7298fc42"},
                "us-gov-west-1" :  { "32" : "ami-", "64" : "ami-"},
                "eu-west-1" :      { "32" : "ami-66836b11", "64" : "ami-8e826af9"},
                "ap-southeast-1" : { "32" : "ami-28efbb7a", "64" : "ami-20efbb72"},
                "ap-southeast-2" : { "32" : "ami-7774eb4d", "64" : "ami-7b74eb41"},
                "ap-northeast-1" : { "32" : "ami-53a0c252", "64" : "ami-17a0c216"},
                "sa-east-1" :      { "32" : "ami-8f4fee92", "64" : "ami-954fee88"}
            },
            "release" : {
                "stable" : { "wheezy" : "Debian7.3-EBS-PVM" }
            }
        },
        "Resources" : {
                "MyInstance" : {
                        "Type" : "AWS::EC2::Instance",
                        "Properties" : {
                                "SecurityGroups" : [ { "Ref" : "MySecurityGroup" } ],
                                "KeyName" : { "Ref": "KeyName" },
                                "Tags" : [{"Key": "Name", "Value": {"Ref" : "MyInstanceName"} } ],
                                "ImageId" : { "Fn::FindInMap" : [ "Debian7.3-EBS-PVM",  { "Ref" : "AWS::Region" }, { "Ref" : "InstanceBits" }  ]},
                                "InstanceType" : { "Ref" : "MyInstanceSize" },
                                "UserData" : { "Fn::Base64" : "" }
                        }
                },
                "MySecurityGroup" : {
                        "Type" : "AWS::EC2::SecurityGroup",
                        "Properties" : {
                                "GroupDescription" : "Permit inbound SSH",
                                "SecurityGroupIngress" : [ 
                                    {
                                        "IpProtocol" : "tcp",
                                        "FromPort" : "22",
                                        "ToPort" : "22",
                                        "CidrIp" : "0.0.0.0/0"
                                    }
                                ]
                        }
                }
        }
}

Suggested UserData scripts

As of the 7.3 release, the official Debian !AMIs now support cloud-init. This means you have much more flexability (and power) in what you cna put in your UserData to get your instance to configure. For example, a simple shell script that starts with #!/bin/sh will be executed as previously - so you can chose to enable auto update with the following UserData scripts:

   1 #!/bin/sh
   2 apt-get update && apt-get upgrade -y && apt-get install -y unattended-upgrades python-pip

The unattended-upgrades package is described on UnattendedUpgrades.

Some feature bugs may persist in Cloud-init in Debian 7.3 AMIs; no functionality has been lost, but it appears not all cloud-init directives can be used. Eg: packages, ssh-import-id, apt_update, apt-upgrade.


See also Cloud and Teams/Cloud.