In general, I'd say you should avoid running things that leave user specific data on the node. That is, for example the jclouds predefined statements that jclouds provides (admin access, install private keys, etc). You can also run a script to wipe all that data before creating the image. There are several tools out there for this purpose.
Regarding the "failed" AMIs, how are you creating them? Are you using the jclouds ComputeService's ImageExtension? El 19/08/2014 09:42, "David Bosschaert" <[email protected]> escribió: > After digging a bit deeper I'm finding that I can't get jclouds to > launch any of my custom-made AMIs at all (hand-made ones nor > jclouds-made ones). It can launch pre-created ones fine (e.g. Amazon > Linux AMI 2014.03.2-HVM) but when I try to launch any of my custom > made ones it just hangs. I can see that the instances are created, but > they're not finished, i.e. the names and tags aren't set... > > Anything obvious that I could be forgetting/doing wrong? > > Thanks, > > David > > On 18 August 2014 22:18, David Bosschaert <[email protected]> > wrote: > > Hi all, > > > > I'm creating a node in EC2 using JClouds that I later want to save as > > an AMI, so that I can later create compute nodes from it. I was > > wondering what the recommended configuration options are for such a > > scenario, esp in relation to security settings. I'd like to use this > > AMI for different accounts, just like many of the general-purpose AMIs > > can be used. > > > > I currently have the following: > > TemplateBuilder templateBuilder = compute.templateBuilder(); > > templateBuilder > > .hardwareId(InstanceType.M3_MEDIUM) > > .imageId("eu-west-1/ami-892fe1fe") // standard amazon linux > > .options(TemplateOptions.Builder > > .inboundPorts(22, 80, 8080)); // depends on application > > > > I then install some stuff on it (using "yum -y update" and "yum -y > > install xyz"). > > > > I noticed that I should not use AdminAccess.standard() as my runscript > > (which I think is typically done for compute nodes), as that causes > > [1]. Any other things that I should look out for when creating an > > image, that is to be an AMI later? > > > > Many thanks, David > > > > [1] AuthorizationException on node eu-west-1/i-e4d0b2a4: > > org.jclouds.rest.AuthorizationException: (... stuff ...) error > > acquiring {hostAndPort=54.73.70.170:22, loginUser=root, ssh=null, > > connectTimeout=60000, sessionTimeout=60000} (out of retries - max 7): > > Exhausted available authentication methods > > at org.jclouds.sshj.SshjSshClient.propagate(SshjSshClient.java:385) > > Caused by: net.schmizz.sshj.userauth.UserAuthException: publickey auth > failed >
