-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 21/11/2012 5:15 PM, Stefano Zacchiroli wrote: > On Wed, Nov 21, 2012 at 07:43:51PM +1100, Chris Fordham wrote: >> Please make this information public e.g. on the wiki so users can >> understand the agreement between a FOSS and commercial entity. > > FWIW, everything has been mentioned publicly on this list already. But > sure enough there's a need to advertise the information more clearly on > official places, such as the Debian website (hence my mention of work in > progress on that front in my previous mail...). >
Hello all, Sorry for my delay in catching up - its rather hectic at work on various fronts -- none the least of which was, amongst all this work of generating images, testing, fixing generation issues, and repeating, we had a rather intense week with a new Region launch in Australia last week - some of you may have seen a very timely patch to the ec2debian-build-ami and a set of Images in that region very quickly afterwards! I'm still wading through some threads, so I apologise if I am missing some pieces. But I wanted to ping out some of the questions I've seen raised. Most of this is already answered on the wiki. The images themselves were generated by Debian Developers (me), in an AWS account for Debian Developers (I will add login accounts for any DD - contact me), with the charges for that account being absorbed by Amazon. The script used to generate these images is under a DSFG compliant license. The script now uses the Eucalyptus tools, which is also DFSG compliant. The final images I generated were made 'public' to all AWS customers. A separate team - the Amazon Marketplace team, then duplicated this final image into their AWS account, and redistributed this to all AWS Regions world-wide. They have done the same for numerous Open Source operating system projects recently. In addition, I will push a copy of the snapshot public for anyone to inspect. As someone pointed out, a dd of a block device may expose deleted data - that was the security issue that we had with the first generated image (now destroyed, along with the key that was used); see commits under https://github.com/andsens/ec2debian-build-ami/commits/master that talk about 'shred'. The issue of finding images: I am working on further improvements to this; please see the current listing as a phase 1. The Quick Start that Stefano raised - that is my hope, it may take some time, as I have to talk with a load of people. All the while, more testing on the images for those able to, feedback welcome (even if its minor we can start to think about it for the net point release, or Wheezy). You're quite correct that searching for "Debian" finds a number of AMIs - as many people have built images in AWS on top of Debian, and they are pleased enough to include the Debian name in their creations. This does make it a little noisy, something I am aware of, and I am looking to see what may be done to improve upon this further by working with the various teams at AWS. One last point that may not yet have been noticed is the CloudFormation template as a way of launching these AMIs easily in AWS. CloudFormation templates are a way you can start an entire environment quickly across a set of resources, none the least of which is an EC2 instance from a given AMI, in a given Region. To that end, I have generated a CF template here: http://wiki.debian.org/Cloud/AmazonEC2Image/Squeeze#CFTemplate (however, this is an editible wiki, so please confirm your AMI IDs match those on the AWS Marketplace to be sure; see the end of this email, and verify my GPG signature). For those that asked about the agreement with the AWS marketplace team, a copy of which is here: http://wiki.debian.org/Cloud/AmazonEC2Image/Marketplace/Terms%20and%20Conditions Having read all of these pages, let me reiterate: * Debian has not paid any money for this * Debian is not collecting any money for this * Amazon is incurring all charges * Publishing AMIs here is enabling potential new users to discover Debian, and giving a (potentially) trusted image * All work to generate this is done with Free Software * All work within the account to generate has been done by Debian Developer, in concert with Anders Ingemann as maintainer the ec2debian-build-ami scripts. * The ec2debian-build-ami script is now being packaged, and hopefully someone here can sponsor its upload (well done Marcin) * The cloud-init package is currently needing help; contact Charles PLessy * This image requires you to SSH as 'admin',and "sudo -i" to root. I'm just sayin', cause people are missing it. * The image will require apt-get update before you can install anything * I endeavour to create new point releases with any other DD who wants to help, and with Anders invaluable assistance we'll support generating Wheezy images RSN (someone say 'freeze'?) * DD Yasuhiro Araki in Tokyo, also working at AWS, is looking to generate HSM images in addition to the Para-virtualisation (PVM) ones we have just made; contributions welcome. Lastly, thanks everyone for gathering on this list, and for the input we've had. Its been pretty quick, but its great that we've managed to get there. As always, thanks to Anders, Charles, and Stefano, and various others within AWS who have assisted. Sincerely, James (Yes, another night and I haven't managed to dump the final snapshots to the bucket, just too much going on, and wanted to get this out to people) PS: CloudFormation template follows for Debian 6.0.6 AMIs generated on 19/Nov/2012 (note Sydney/ap-southeast-2 is missing as AWS Marketplace is not available there yet). { "Parameters" : { "KeyName" : { "Description" : "SSH Key Name", "Type" : "String", "Default" : "My-Key" }, "MyInstanceSize": { "Description": "Instance size", "Type": "String", "Default" : "t1.micro" }, "MyInstanceName": { "Description": "Instance name", "Type": "String" } }, "Mappings" : { "Debian606" : { "us-east-1" : { "32" : "ami-a121a6c8", "64" : "ami-4d20a724"}, "us-west-1" : { "32" : "ami-e4da52d4", "64" : "ami-ecda52dc"}, "us-west-2" : { "32" : "ami-2c735269", "64" : "ami-36735273"}, "us-gov-west-1" : { "32" : "", "64" : ""}, "eu-west-1" : { "32" : "ami-75cdcf01", "64" : "ami-7fcdcf0b"}, "ap-southeast-1" : { "32" : "ami-947d3ec6", "64" : "ami-867d3ed4"}, "ap-southeast-2" : { "32" : "", "64" : ""}, "ap-northeast-1" : { "32" : "ami-a650e9a7", "64" : "ami-be50e9bf"}, "sa-east-1" : { "32" : "ami-0689511b", "64" : "ami-0289511f"}, }, "release" : { "stable" : { "squeeze" : "Debian606" } } }, "Resources" : { "MyInstance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "SecurityGroups" : [ { "Ref" : "MySecurityGroup" } ], "KeyName" : { "Ref": "KeyName" }, "Tags" : [{"Key": "Name", "Value": {"Ref" : "MyInstanceName"} } ], "ImageId" : { "Fn::FindInMap" : [ "Debian606", { "Ref" : "AWS::Region" }, "64" ]}, "InstanceType" : { "Ref" : "MyInstanceSize" }, "UserData" : { "Fn::Base64" : "" } } }, "MySecurityGroup" : { "Type" : "AWS::EC2::SecurityGroup", "Properties" : { "GroupDescription" : "Permit inbound SSH", "SecurityGroupIngress" : [ { "IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0" } ] } } } - -- /Mobile:/ +61 422 166 708, /Email:/ james_AT_rcpt.to PLUG President 2012: http://www.plug.org.au <http//www.plug.org.au> -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) iQIcBAEBAgAGBQJQrO5pAAoJEK7IKHSdhcU8Q4UP/RiYrNByIZe6bFoa7YgcmkYl whizJJmWprrHOhsdzmp2gQG8rqnBsj6bDfrEPKNz1MlmysItJSU9r71oAT88xA6D ZdjDc7119//yehT7YsLTmiK2r5qMOPsJARwmkGvo+dQQKf+vEvjKHYpciDlg4B2y G2fUkjIVWGQINLsOIeTkex39w512O5BvsGDkAJz7Cm6Q+NmEqH7nILcXyYgWoy4D 1sXznaqKiGgf8JHITIvtG7JeHPUYmxSR4I8hDRgRwnZ1e2UJ/HHWwMqQlkD1XJWd 2aKeuH7UZxFV+nbfa1767lLrerwPwCwwTCcRDwtSmQE4wrsHm6fcaerE4wV3pGiO 3E6cUpyI+M65/4JnDLq/GCUIQqLBb6d25BOw9OFeh9BQX5mpuv/TAxqt6PvW+pjw um1f47H4D/+mMivfCKpAz+LaIBnobf3EevPZix7BkNJk728odZgGcf0iUwDSlUfB ksOg1o9SCImcVl3wZi0KN1SzajQ2wdhyU7zWuYC2Y4+DxZRhod36pJM+/YtGtCxG s7SLBS8N3/tzR8ipwnib8oU+hcth3MdpnxwLsWgzo/dSiFuqFuKsGYkljds3/DsE dQ3NakPBzDKyI53iiCHRy39f9qIRWFqNDZ2agaxvvFtN6ONV9Tt56VcMwxyhvvPk /iZnz61LWstX/Vp4PvZd =1r9+ -----END PGP SIGNATURE-----
