See https://github.com/coreos/bugs/issues/2618 for a recent discussion on this and some of the pitfalls.
Ignition also runs only once, on first boot. If you boot, run Ignition, then create an AMI from the result, Ignition won't run on first boot of the new AMI. If you're looking to just apply a common set of operations across a lot of machines, you can use Ignition's config appending and append a config does the common operations to all of your other configs and just use the normal AMIs. - Andrew On Sun, Oct 20, 2019 at 10:25 AM Parag Gupta <[email protected]> wrote: > > i am hardening coreOS ami . As per cis i am changing permission of some files > . i am also changing text of some files . > After all these changes , i will be creating a final ami . > so should i do this with ignition script on boot time or should we do this > using shell script after boot . > > what is best way to do this and why ? > > -- > You received this message because you are subscribed to the Google Groups > "CoreOS Dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/coreos-dev/9d97169b-88e6-4c43-9955-b5d139649276%40googlegroups.com. -- You received this message because you are subscribed to the Google Groups "CoreOS Dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/coreos-dev/CAK%3DWzwfgO4R57EJCwkH%2BE_6MVfAbE%3D%3DARoXoN1MH4aO29Z_HZw%40mail.gmail.com.
