I have prepared a new Ubuntu Hardy Amazon AMI image(s). They are in my ubuntu-ami bucket. I’ll start with a “small” ec2 instance image. The public AMI is “ami-4f7a9f26″. It is meant to be started with AKI “aki-9b00e5f2″ (which comes with fuse). The image is a bare-bones ubuntu hardy standard install. You can update it with the software you need. I will have 64-bit versions available early next week. The emphasis on my images is clean and tidy. I don’t install a bunch of crud that you may or may not need. It’s just the basics with a userdata-boot-hook (give the image a bash script at boot-time as userdata).
Here is how I created the image:
# Bootstrap mkdir /mnt/ubuntu debootstrap --arch i386 hardy /mnt/ubuntu # Start cat /proc/mounts >/mnt/ubuntu/etc/mtab mount -o rbind /proc /mnt/ubuntu/proc mount -o rbind /dev /mnt/ubuntu/dev mount -o rbind /sys /mnt/ubuntu/sys cat /etc/resolv.conf >/mnt/ubuntu/etc/resolv.conf chroot /mnt/ubuntu /bin/bash # Hostname echo '127.0.0.1 localhost' >/etc/hosts # Tidy rm -rf tmp && ln -sf var/tmp tmp rm -rf opt && ln -sf usr/local opt # Locale localedef -i en_US -c -f UTF-8 en_US.UTF-8 echo 'LANG="en_US.UTF-8"' >/etc/default/locale # Update cat >/etc/apt/sources.list < <\EOF deb http://us.archive.ubuntu.com/ubuntu hardy main restricted universe multiverse deb-src http://us.archive.ubuntu.com/ubuntu hardy main restricted universe multiverse deb http://us.archive.ubuntu.com/ubuntu hardy-updates main restricted universe multiverse deb-src http://us.archive.ubuntu.com/ubuntu hardy-updates main restricted universe multiverse deb http://security.ubuntu.com/ubuntu hardy-security main restricted universe multiverse deb-src http://security.ubuntu.com/ubuntu hardy-security main restricted universe multiverse EOF gpg --keyserver wwwkeys.pgp.net --recv-keys A70DAF536070D3A1 gpg --armor --export A70DAF536070D3A1 | apt-key add - cat >/etc/apt/sources.list.d/debian.list < <\EOF deb http://http.us.debian.org/debian/ unstable main contrib non-free deb-src http://http.us.debian.org/debian/ unstable main contrib non-free deb http://http.us.debian.org/debian/ experimental main contrib non-free deb-src http://http.us.debian.org/debian/ experimental main contrib non-free EOF cat >/etc/apt/apt.conf < <\EOF APT::Default-Release "hardy"; EOF apt-get update apt-get install -y libc6-xen rm -rf /lib/tls apt-get upgrade -y apt-get install -y ubuntu-standard # Modules wget -O - \ http://s3.amazonaws.com/ec2-downloads/ec2-modules-2.6.18-xenU-ec2-v1.0-i686.tgz | \ tar --no-same-owner -xzC / depmod -a echo 'loop' >>/etc/modules # Color perl -p -i -e ’s/xterm-color/xterm\*color/g’ /etc/skel/.bashrc ~/.bashrc apt-get install -y ncurses-term # TTY rm -f /etc/event.d/tty[2-6] # Network shadowconfig on usermod -p \ `dd if=/dev/urandom count=50 2> /dev/null | md5sum | cut -d ” ” -f1-1` \ root mkdir /etc/skel/.ssh chmod 600 /etc/skel/.ssh cp -r /etc/skel/.ssh /root apt-get install -y ntp openssh-server cat >/etc/ssh/sshd_config < <\EOF Protocol 2 StrictModes yes MaxStartups 10:30:60 Ciphers aes256-cbc,aes256-ctr PasswordAuthentication no ChallengeResponseAuthentication no Subsystem sftp /usr/lib/openssh/sftp-server UseDNS no EOF cat >/etc/network/interfaces < <\EOF auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp EOF # Boot cat >/etc/rc.local < <\EOF #!/bin/sh -e # Root SSH Public Key mkdir -p /root/.ssh >/dev/null 2>&1 wget -q -O - http://169.254.169.254/2008-02-01/meta-data/public-keys/0/openssh-key \ >/root/.ssh/authorized_keys chmod -R go-rwsx /root # Userdata Shell Script wget -q -O - http://169.254.169.254/2008-02-01/user-data | sh exit 0 EOF # Fstab cat >/etc/fstab < <\EOF /dev/sda1 / ext3 user_xattr 0 1 /dev/sda2 /mnt ext3 user_xattr 0 2 /dev/sda3 swap swap sw 0 0 EOF # EC2 tools apt-get install -y symlinks unzip ruby libopenssl-ruby1.8 curl ca-certificates cd /tmp wget http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.zip cd /usr/local unzip /tmp/ec2-ami-tools.zip ln -sf `find . -type d -name ec2-ami-tools*` ec2-ami-tools chmod -R go-rwsx ec2* rm -rf /tmp/ec2* # Bundle rm /bin/sh && ln -s /bin/bash /bin/sh ; # make bash the default for ec2 modprobe loop ; # bundle image needs this cat >/usr/local/sbin/image < <\EOF #!/bin/bash export EC2_AMITOOL_HOME=/usr/local/ec2-ami-tools PATH=$EC2_AMITOOL_HOME/bin:$PATH BUNDLE=`date '+%y%m%d%H%M%S'` ec2-bundle-vol -r i386 -u $AMAZON_USER_ID --fstab /etc/fstab \ -k $EC2_PRIVATE_KEY -c $EC2_CERT -b -d /mnt -s 10240 -e /root/.ssh -p $BUNDLE ec2-upload-bundle -b $HOSTNAME -m /mnt/$BUNDLE.manifest.xml \ -a $AMAZON_ACCESS_KEY_ID -s $AMAZON_SECRET_ACCESS_KEY rm -rf /mnt/$BUNDLE* /mnt/img-mnt EOF chmod 700 /usr/local/sbin/image export HOSTNAME=ubuntu-ami apt-get clean apt-get autoclean apt-get autoremove symlinks -cdrsv / rm -rf /var/tmp/* ~/.bash_history image # Register & make the ami public (on another machine) ec2-register $HOSTNAME/XXXXXXXXXXXXX.manifest.xml ec2-modify-image-attribute ami-XXXXXXX --launch-permission -a all # Run ec2-run-instances \ -K ~/.amazon/pk.pem -C ~/.amazon/cert.pem \ -k mykey --kernel aki-9b00e5f2 \ ami-XXXXXXXXXXX
Posted on April 27th, 2008 by dysinger
Filed under: @work
Leave a Reply