Re: Debian images on Microsoft Azure cloud
Without any official hat, I agree with Md that the changes to the installed packages seem reasonable, as sparse as possible, and driven by technological necessity. I would like to see an official list of packages and checksums (ideally both SHA-512 and SHA 3-512 as compute & storage are cheap and using two families increases resilience significantly) & size of the base image and all files in the base install, sent to list and signed by a DD, though. Putting said base image and signed list into a place where DSA can safe-guard it long-term would be the cherry on top. This seems to be reasonable in terms of actual effort and could help establish a baseline for a published list of known-good system states. It's also a request which we could reasonably extend to everyone interested in publishing their images on the respective platforms, both retroactively and going forward. Richard
Re: Debian images on Microsoft Azure cloud
On 2015-11-11 12:53:26, Martin Zobel-Helas wrote: Hello, > I would suggest we open a seperate thread on the debian-cloud mailing > list for defining a list of official requirements for all vendors. As > long as we define the first version of that list i would suggest though > that those are nice to have for the Azure (and all other) images but > will not block us from releasing the images. I just created wiki page[1] where we could put those requirements. It's simple but should do the job. 1. https://wiki.debian.org/Cloud/Images_requirements -- |_|0|_| | |_|_|0| "Heghlu'Meh QaQ jajVam" | |0|0|0| kuLa - | gpg --keyserver pgp.mit.edu --recv-keys 0x58C338B3 3DF1 A4DF C732 4688 38BC F121 6869 30DD 58C3 38B3 signature.asc Description: PGP signature
Re: Debian images on Microsoft Azure cloud
On 2015-11-11 16:11:14, Anders Ingemann wrote: > > From what I know it's not possible to build and then upload to Marketplace > AWS > images. > > You got me thinking :-) > It *should* actually be possible to bootstrap EBS backed instances locally: > http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ > importing-your-volumes-into-amazon-ebs.html > You can upload EBS snapshots. AWS supports VMDK, VHD and RAW formats! Yes but then you have to add some additional bits which I'm not so sure is going to be so easy, but I may be wrong. I never actually got into this step. > I didn't know that until just now, hence my previous insistence on runniong > bootstrap-vz in a ec2 environment. > This is definitely something we could support in bootstrap-vz. I'm not sure if it's possible but would be great to have it. -- |_|0|_| | |_|_|0| "Heghlu'Meh QaQ jajVam" | |0|0|0| kuLa - | gpg --keyserver pgp.mit.edu --recv-keys 0x58C338B3 3DF1 A4DF C732 4688 38BC F121 6869 30DD 58C3 38B3 signature.asc Description: PGP signature
Re: Debian images on Microsoft Azure cloud
n 2015-11-11 14:53:36, Steve McIntyre wrote: Hi, > My only concern is that I'd be happier if the builds were created and > hosted on Debian project machines, like our existing official > buildsi. This would be ideal. > I've been discussing that with other people for other types of > build. How awkward/difficult would that be? From what I know it's not possible to build and then upload to Marketplace AWS images. There is a way of triggering build of this images on AWS hosts from Debian infrastructure with bootstrap-vz though. I know it's not "ideal" but right now I don't know about any other option. -- |_|0|_| | |_|_|0| "Heghlu'Meh QaQ jajVam" | |0|0|0| kuLa - | gpg --keyserver pgp.mit.edu --recv-keys 0x58C338B3 3DF1 A4DF C732 4688 38BC F121 6869 30DD 58C3 38B3 signature.asc Description: PGP signature
Re: Debian images on Microsoft Azure cloud
On Wed, Nov 11, 2015 at 12:53 PM, Martin Zobel-Helaswrote: > a "find / -exec sha3sum {} \; > logfile.log" should be easily doable. > I would suggest we open a seperate thread on the debian-cloud mailing > list for defining a list of official requirements for all vendors. There's already been some ideas floating around, but consolidating that makes sense. > As > long as we define the first version of that list i would suggest though > that those are nice to have for the Azure (and all other) images but > will not block us from releasing the images. Agreed. Good faith effort on all sides, etc. Richard
Re: Debian images on Microsoft Azure cloud
On Wed, Nov 11, 2015 at 5:02 PM Marcin Kuliszwrote: > n 2015-11-11 14:53:36, Steve McIntyre wrote: > > Hi, > > > My only concern is that I'd be happier if the builds were created and > > hosted on Debian project machines, like our existing official > > buildsi. > > This would be ideal. > > > I've been discussing that with other people for other types of > > build. How awkward/difficult would that be? > > From what I know it's not possible to build and then upload to Marketplace > AWS > images. > > There is a way of triggering build of this images on AWS hosts from Debian > infrastructure with bootstrap-vz though. > > I know it's not "ideal" but right now I don't know about any other option. > -- > > |_|0|_| | > |_|_|0| "Heghlu'Meh QaQ jajVam" | > |0|0|0| kuLa - | > > gpg --keyserver pgp.mit.edu --recv-keys 0x58C338B3 > 3DF1 A4DF C732 4688 38BC F121 6869 30DD 58C3 38B3 > > From what I know it's not possible to build and then upload to Marketplace AWS images. You got me thinking :-) It *should* actually be possible to bootstrap EBS backed instances locally: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/importing-your-volumes-into-amazon-ebs.html You can upload EBS snapshots. AWS supports VMDK, VHD and RAW formats! I didn't know that until just now, hence my previous insistence on runniong bootstrap-vz in a ec2 environment. This is definitely something we could support in bootstrap-vz. p.s.: Explicitly CC'ed Tiago and James to get their attention and input on this, though maybe it should be in another thread -- Anders Ingemann
Re: Debian images on Microsoft Azure cloud
On Wed, Nov 11, 2015 at 9:53 AM, Steve McIntyrewrote: > On Tue, Nov 10, 2015 at 07:34:04PM +, Martin Zobel-Helas wrote: >>Hi all, > > Hey Martin, > >>as announced during DebConf15 and in <55d03d49.1030...@debian.org> and
Cloud Image Guidelines
Hi I would like to remind the existence of https://wiki.debian.org/Teams/DPL/OfficialImages from 2013, which is a summup from a discussion from this list IIRC. Emmanuel
Re: Debian images on Microsoft Azure cloud
❦ 11 novembre 2015 17:49 GMT, Marcin Kulisz: >> I would suggest we open a seperate thread on the debian-cloud mailing >> list for defining a list of official requirements for all vendors. As >> long as we define the first version of that list i would suggest though >> that those are nice to have for the Azure (and all other) images but >> will not block us from releasing the images. > > I just created wiki page[1] where we could put those requirements. It's > simple but should do the job. > > 1. https://wiki.debian.org/Cloud/Images_requirements Currently, both the Openstack images and the image built for Azure are using extlinux instead of Grub. I think this is mostly due to a personal preference from Zigo. extlinux works fine but this is a deviation of what a user would expect of a regular Debian installation. Should cloud images be allowed to change the bootloader? -- Don't patch bad code - rewrite it. - The Elements of Programming Style (Kernighan & Plauger) signature.asc Description: PGP signature