Apr
27th
Sun
27th
Public Ubuntu Hardy Amazon EC2 Image (AMI) Now Available
I have prepared a new Ubuntu Hardy Amazon AMI image(s). They are in my ubuntu-ami bucket. I'll start with a "small" ec2 instance image. The public AMI is "ami-4f7a9f26". It is meant to be started with AKI "aki-9b00e5f2" (which comes with fuse). The image is a bare-bones ubuntu hardy standard install. You can update it with the software you need. I will have 64-bit versions available early next week. The emphasis on my images is clean and tidy. I don't install a bunch of crud that you may or may not need. It's just the basics with a userdata-boot-hook (give the image a bash script at boot-time as userdata). Here is how I created the image:
# Bootstrap
mkdir /mnt/ubuntu
debootstrap --arch i386 hardy /mnt/ubuntu
# Start
cat /proc/mounts >/mnt/ubuntu/etc/mtab
mount -o rbind /proc /mnt/ubuntu/proc
mount -o rbind /dev /mnt/ubuntu/dev
mount -o rbind /sys /mnt/ubuntu/sys
cat /etc/resolv.conf >/mnt/ubuntu/etc/resolv.conf
chroot /mnt/ubuntu /bin/bash
# Hostname
echo '127.0.0.1 localhost' >/etc/hosts
# Tidy
rm -rf tmp && ln -sf var/tmp tmp
rm -rf opt && ln -sf usr/local opt
# Locale
localedef -i en_US -c -f UTF-8 en_US.UTF-8
echo 'LANG="en_US.UTF-8"' >/etc/default/locale
# Update
cat >/etc/apt/sources.list < <\EOF
deb http://us.archive.ubuntu.com/ubuntu hardy main restricted universe multiverse
deb-src http://us.archive.ubuntu.com/ubuntu hardy main restricted universe multiverse
deb http://us.archive.ubuntu.com/ubuntu hardy-updates main restricted universe multiverse
deb-src http://us.archive.ubuntu.com/ubuntu hardy-updates main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu hardy-security main restricted universe multiverse
deb-src http://security.ubuntu.com/ubuntu hardy-security main restricted universe multiverse
EOF
gpg --keyserver wwwkeys.pgp.net --recv-keys A70DAF536070D3A1
gpg --armor --export A70DAF536070D3A1 apt-key add -
cat >/etc/apt/sources.list.d/debian.list < <\EOF
deb http://http.us.debian.org/debian/ unstable main contrib non-free
deb-src http://http.us.debian.org/debian/ unstable main contrib non-free
deb http://http.us.debian.org/debian/ experimental main contrib non-free
deb-src http://http.us.debian.org/debian/ experimental main contrib non-free
EOF
cat >/etc/apt/apt.conf < <\EOF
APT::Default-Release "hardy";
EOF
apt-get update
apt-get install -y libc6-xen
rm -rf /lib/tls
apt-get upgrade -y
apt-get install -y ubuntu-standard
# Modules
wget -O - \
http://s3.amazonaws.com/ec2-downloads/ec2-modules-2.6.18-xenU-ec2-v1.0-i686.tgz \
tar --no-same-owner -xzC /
depmod -a
echo 'loop' >>/etc/modules
# Color
perl -p -i -e 's/xterm-color/xterm\*color/g' /etc/skel/.bashrc ~/.bashrc
apt-get install -y ncurses-term
# TTY
rm -f /etc/event.d/tty[2-6]
# Network
shadowconfig on
usermod -p \
`dd if=/dev/urandom count=50 2> /dev/null md5sum cut -d " " -f1-1` \
root
mkdir /etc/skel/.ssh
chmod 600 /etc/skel/.ssh
cp -r /etc/skel/.ssh /root
apt-get install -y ntp openssh-server
cat >/etc/ssh/sshd_config < <\EOF
Protocol 2
StrictModes yes
MaxStartups 10:30:60
Ciphers aes256-cbc,aes256-ctr
PasswordAuthentication no
ChallengeResponseAuthentication no
Subsystem sftp /usr/lib/openssh/sftp-server
UseDNS no
EOF
cat >/etc/network/interfaces < <\EOF
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
EOF
# Boot
cat >/etc/rc.local < <\EOF
#!/bin/sh -e
# Root SSH Public Key
mkdir -p /root/.ssh >/dev/null 2>&1
wget -q -O - http://169.254.169.254/2008-02-01/meta-data/public-keys/0/openssh-key \
>/root/.ssh/authorized_keys
chmod -R go-rwsx /root
# Userdata Shell Script
wget -q -O - http://169.254.169.254/2008-02-01/user-data sh
exit 0
EOF
# Fstab
cat >/etc/fstab < <\EOF
/dev/sda1 / ext3 user_xattr 0 1
/dev/sda2 /mnt ext3 user_xattr 0 2
/dev/sda3 swap swap sw 0 0
EOF
# EC2 tools
apt-get install -y symlinks unzip ruby libopenssl-ruby1.8 curl ca-certificates
cd /tmp
wget http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.zip
cd /usr/local
unzip /tmp/ec2-ami-tools.zip
ln -sf `find . -type d -name ec2-ami-tools*` ec2-ami-tools
chmod -R go-rwsx ec2*
rm -rf /tmp/ec2*
# Bundle
rm /bin/sh && ln -s /bin/bash /bin/sh ; # make bash the default for ec2
modprobe loop ; # bundle image needs this
cat >/usr/local/sbin/image < <\EOF
#!/bin/bash
export EC2_AMITOOL_HOME=/usr/local/ec2-ami-tools
PATH=$EC2_AMITOOL_HOME/bin:$PATH
BUNDLE=`date '+%y%m%d%H%M%S'`
ec2-bundle-vol -r i386 -u $AMAZON_USER_ID --fstab /etc/fstab \
-k $EC2_PRIVATE_KEY -c $EC2_CERT -b -d /mnt -s 10240 -e /root/.ssh -p $BUNDLE
ec2-upload-bundle -b $HOSTNAME -m /mnt/$BUNDLE.manifest.xml \
-a $AMAZON_ACCESS_KEY_ID -s $AMAZON_SECRET_ACCESS_KEY
rm -rf /mnt/$BUNDLE* /mnt/img-mnt
EOF
chmod 700 /usr/local/sbin/image
export HOSTNAME=ubuntu-ami
apt-get clean
apt-get autoclean
apt-get autoremove
symlinks -cdrsv /
rm -rf /var/tmp/* ~/.bash_history
image
# Register & make the ami public (on another machine)
ec2-register $HOSTNAME/XXXXXXXXXXXXX.manifest.xml
ec2-modify-image-attribute ami-XXXXXXX --launch-permission -a all
# Run
ec2-run-instances \
-K ~/.amazon/pk.pem -C ~/.amazon/cert.pem \
-k mykey --kernel aki-9b00e5f2 \
ami-XXXXXXXXXXX