EC2 - Alestic.com

Final release of Ubuntu 7.04 Feisty AMI for Amazon EC2 2008-10-20 (Feisty is now obsolete)

By Eric Hammond Oct 20, 2008 EC2 Ubuntu

A new and final update has been released today for the Ubuntu 7.04 Feisty AMI on

Since Ubuntu 7.04 has reached its end-of-life (see forwarded attachment) there will be no further updates to the Ubuntu 7.04 Feisty base install AMI.

Anybody who might have been using the Feisty AMI series should have moved on by now to either the Ubuntu 7.10 Gutsy or 8.04 Hardy AMIs.

Please note: Ubuntu 7.10 Gutsy will reach its end-of-life in 6 months during which time everybody using that release should be upgrading to 8.04 Hardy.

Ubuntu 8.04 Hardy is LTS. The LTS versions of Ubuntu receive long- term support: 3 years for desktop versions and 5 years for server versions.

New releases of Ubuntu AMIs for Amazon EC2 2008-09-24 (emergency fix for /etc/fstab and /mnt)

By Eric Hammond Sep 24, 2008 EC2 Ubuntu

New updates have been released for all of the Ubuntu and Debian AMIs listed on:

The primary enhancement in this release is an emergency correction for a defect in the previous AMIs, to wit: The /etc/fstab file was missing and /mnt was not mounted as ephemeral storage.

Thanks to Garrett Smith and Ken Lim for identifying and reporting this problem. I had apparently missed the notice that the latest ec2- bundle-vol from Amazon requires –generate-fstab if you want to have an /etc/fstab when creating an AMI from scratch :-\

The defective AMIs are hereby deprecated and may eventually be withdrawn.

New releases of Ubuntu AMIs for Amazon EC2 2008-09-22

By Eric Hammond Aug 22, 2008 EC2 Ubuntu

New updates have been released for all* of the Ubuntu and Debian AMIs listed on:

The primary enhancements in this release are:

A defect has been corrected in a boot script so that the ssh host keys are only re-generated on the first boot of an instance. They were being re-generated on reboot, but nobody seemed to notice.
There have been enough bugs reported in Amazon’s old 2.6.16 kernel that I have upgraded the Ubuntu 6.06 Dapper AMI to Amazon’s 2.6.21 kernel. This means that all of the Ubuntu and Debian AMIs now run Amazon’s 2.6.21 kernel by default (though you can select another at runtime). Please let me know if you run this and experience problems.
Since we have at least one company using the Hardy 64-bit desktop AMI, I’ve updated it and added it to the list on https://alestic.com
Hans Omli found a way to add libc6-xen on Hardy and Intrepid without causing problems (by removing libc6-i686). These releases now include libc6-xen which according to some may give a performance boost in some types of applications.
I have been working with the good folks at RightScale to build Ubuntu AMIs which integrate with the RightScale service (server templates, startup scripts, runtime scripts, automatic EBS volume attachments, one button rebundling, and more). I’ve been using it a bit and think that the basic functionality is stable enough to release an early version now listed on https://alestic.com Please let me know if you experience problems. There is still some work to be done including in the performance monitoring integration.

If you haven’t been following the ec2ubuntu group, some progress has been made recently on getting the ec2ubuntu-build-ami script to run better on Ubuntu and on non-EC2 systems. Thanks to the community members who have contributed to this including yourabi and Terry Jones.

I don’t have the resources right now to test all two dozen public AMIs. Please take care when trying out AMIs which have just been built and please report any problems you run into.

If you are interested in helping to build an automated QA framework, please drop me a line.

Notes:

Please note that the Ubuntu 6.10 Edgy release is marked as obsolete and is no longer being maintained or updated. This release has passed its end of life and attempts to build new AMIs fail because debootstrap can no longer find a repository for Ubuntu Edgy.

New releases of Ubuntu AMIs for Amazon EC2 2008-08-04

By Eric Hammond Aug 10, 2008 EC2 Ubuntu

New updates have been released for all of the Ubuntu and Debian AMIs listed on:

The primary enhancements in this release are:

Build using latest debootstrap v1.0.10
Output new ssh host key fingerprints to console log for security.
Use newly built kernel modules where fuse supports NFS export.
All Ubuntu packages upgraded to latest versions

How to get the ssh host key fingerprint from the console output and compare it when using ssh to connect to the instance is described in the “Connecting to your instance” section of the EC2 Getting Started Guide:

This is not necessary, but does add a bit of extra security if you are worried about folks intercepting and modifying your ssh connections to EC2 instances.

The NFS support in fuse should let you share an S3-based fuse file system (like PersistentFS) with other hosts over NFS.

Enjoy

Compiling 2.6.21 Kernel Modules from Source for Amazon EC2

By Eric Hammond May 21, 2008 EC2 Ubuntu

Though it is not possible to compile and run your own kernels on Amazon EC2, it is possible to compile and run your own kernel modules and bundle them with your EC2 images. The trick is that the kernel modules need to be compiled with exactly the same kernel source and compiler versions as were used to build the original kernel.

The steps below were used to build the updated 2.6.21 kernel modules for the Ubuntu and Debian AMIs listed at https://alestic.com

By Eric Hammond May 17, 2008 EC2 Ubuntu

New updates have been released for all of the Ubuntu AMIs listed on:

Though this release is only 3 days after the previous one it is surprisingly not to fix bugs, but rather to add one of the most demanded features: startup hooks.

Thanks to code submitted by Kim Scheibel and Jorge Oliveira (with a little mangling from me) it is now easy to type a single command (or push a button in Elasticfox) and have an Ubuntu instance start up and immediately install, configure, and run software without any additional manual intervention.

Simply pass a script (starting with #!) as the instance user-data and it will be run automatically on the first boot. If you want it to be run on every boot, see the comments at the top of this file:

For example, to start a Hardy LAMP server, you could create a script named “install-lamp-server” with the contents:

#!/bin/bash
export DEBIAN_PRIORITY=critical
apt-get update
apt-get upgrade -y
apt-get install -y lamp-server^
echo "Please remember to set the MySQL root password!"

Then using the latest Ubuntu 8.04 Hardy base install AMIID (from https://alestic.com) run a command like:

ec2-run-instances \
  --user-data-file install-lamp-server \
  --key IDENTITY \
  AMIID

A couple minutes later, you should be able to connect to the server’s external hostname with a web browser. To see the progress of your user-data script on the instance:

tail -f /var/log/syslog

Output from the user-data script is also available in the EC2 instance console output for convenient remote debugging.

You can write the user-data script in any language that happens to be on the base AMI (bash, perl, python, ruby, awk, …) as long as the program file starts with: #!

Note that there is a size limit on user-data in EC2, but the user-data script may download additional files from S3 or other locations, so this shouldn’t be too constraining.

Now let the competition begin for coolest and most useful instance user-data scripts!

Enjoy

New releases of Ubuntu AMIs for Amazon EC2 2008-05-14

By Eric Hammond May 14, 2008 EC2 Ubuntu

New updates have been released for all of the Ubuntu AMIs listed on:

The focus of this update includes enhanced security for ssh host keys, cleaning up the boot process and making it a bit faster, and upgrading desktop AMI software. Specific changes to the AMIs include:

All Ubuntu packages upgraded to the latest versions as of 2008-04-14.
Create new ssh host keys on first boot.
Don’t try to set the hwclock under Xen and save 4 seconds on boot.
Don’t try to run apparmor as we don’t have the kernel module installed yet.
Silence grep warnings about missing authorized_keys file on boot.
Create /tmp earlier in the boot process to avoid warnings.
Desktop AMIs upgraded to NX Server 3.2.0 (Free Edition).

Additional changes available in the build script include:

Support for building 64-bit desktop AMIs.
Add –retry to ec2-upload-bundle.
AMIs built by the script will not claim they were built by Eric Hammond in /etc/motd :)

Thanks to Thomas Shealy and Hans Omli for many of the above ideas and patches.

The most likely change to cause problems is the generation of new ssh host keys on the first boot. Yesterday’s Debian/Ubuntu ssh key security alert is not directly related, but it did prompt me to reconsider the risk with the current practice of having a single ssh host key for an AMI.

Most public AMIs on EC2 use a fixed ssh host key which means that the entire world can look at it and know what the secret host key is for every instance you start. This spoils the secret and allows man-in- the-middle attacks with no warnings when you ssh to your instance.

Generating a new ssh host key on the first boot solves this problem, but it adds additional complexity in the following case: If you assign a hostname to different instances at different times (dynamic DNS or round robin) then you are more likely to get warnings from ssh about the host key changing when connecting to that hostname.

If you rebundle one of these AMIs, the ssh host key will be shared among new instances of that AMI unless you do the following before bundling:

ln -s ../init.d/ec2-ssh-host-key-gen /etc/rcS.d/S50ec2-ssh-host-key-gen

Bonus for reading this far: I occasionally hang out on IRC channel ##ec2 so swing by and chat sometime.

New releases of Ubuntu AMIs for Amazon EC2 2008-04-30

By Eric Hammond Apr 30, 2008 EC2 Ubuntu

New updates have been released for the Ubuntu 8.04 Hardy AMIs (base install, desktop, and 64-bit base install) and the Ubuntu 7.10 Gutsy AMIs (base install, desktop, and 64-bit base install). I have combined and moved some of the documentation to this central page:

These are the first Hardy AMIs built using the ec2ubuntu-build-ami script. (The previous releases were built by following the official upgrade path from Gutsy as it took me a while to track down a bug with thread-local storage in Hardy on EC2.)

The ec2ubuntu-build-ami script has also been enhanced to support command line options. I felt that the environment variable approach was starting to get unwieldy, though the script should be backwards compatible for the foreseeable future.

The build script also includes a couple patches from Vincent Desjardins to support user-specified AMI sizes and also to support running external scripts during the AMI build process. This allows for further customization without having to modify the build script itself and is one of the more frequently requested features. Thanks!

If either of these options don’t work for you, you can blame my later modifications which I didn’t test extensively.

Read the comments at the top of the script for usage instructions and let me know if things need to be made clearer with some external documentation:

Enjoy

Ubuntu 8.04 Hardy Heron released

By Eric Hammond Apr 25, 2008 EC2 Ubuntu

As you have probably heard by now, Ubuntu 8.04 Hardy Heron has been officially released:

If you’d like to take it for a spin on EC2, brand new base install AMIs are available for small and large/xlarge instances as well as a desktop version using NX Free Edition.

The public AMI docs are in queue to be published and updated, but you can get the Hardy AMI IDs from the table at the top of this page:

I also posted a notice on the EC2 forum, so there may be some discussion there:

Enjoy

Ubuntu Desktop Images for EC2

By Eric Hammond Apr 6, 2008 EC2 Ubuntu

The “desktop” images listed on https://alestic.com allow you to run a full Ubuntu desktop on an Amazon EC2 instance and access the desktop using NoMachine’s NX client from any Linux, Mac, or Windows computer.

WARNING! If you don’t absolutely need a desktop, please use one of the “server” AMIs instead. The desktop AMIs are many times larger and take many times longer to start up. The server AMIs are sleek, lean, and ready for service.

Alestic.com - A Personal AWS Blog by Eric Hammond

A Personal AWS Blog

by Eric Hammond