* sh doesn't allow nesting of prefix strip
* also update some minor test profile bits
* new AMI revisions (fixed nvme)
* edge AMI release should remain a timestamp
* switch build name from 'current-x86_64' to 'v#_#-x86_64' to avoid any confusion when new versions roll out
* resolvie-alpine.py.in - only warn about disabled regions once, instead of for each profile build
* make-amis - tweak script output
* new set of AMIs for edge, 3.10.0, and 3.9.4
* Makefile - improve/fix check for required make vars
* resolve-profile.py.in
+ build a list of all regions & probe to see which ones are enabled (unknown if special subscription regions like ap-northeast-3 would show up in this list)
+ expand 'ami_regions' 'ALL' meta key to all enabled regions, 'ALL' key's value is preserved (that is, a value of None or False will disable all regions)
+ warn/remove regions in profile config that are found to be disabled.
+ improve checks for [None, False] values
* .gitignore - don't ignore whole dirs and then opt-in specific files
* Makefile
- fail if required vars aren't set
- SCRIPTS --> ALL_SCRIPTS
* profiles/README.md
- variables.yaml --> vars.json
- drop 'not possible to add/modify/remove arbitrary files' comment
* make-amis
- use -eq for integer comparison
- make shellcheck happier with printf's
- remove old bad-idea TODO
* Build Profiles (completion of PR #49)
+ auto-updates version profile when new release detected
+ updates releases/<profile>.yaml after successful builds
* Prune AMIs (in AWS and in releases/<profile>.yaml
+ 'revision' - keep latest revision per release
+ 'release' - keep latest release per version
+ 'version' - remove end-of-life versions
* releases/README.md updater script
* README overhaul
+ Pre-built AMIs --> releases/README.md
+ profiles/README.md for profile configuration details
+ main README.md overhauled to go over how to build and manage custom AMIs
* EBS may prepend '/dev/' in front of the EBS alias, adjust the sanity sed to account for this.
* Attempt to get a sane EBS alias up to 50x, sleep 1/10s in between (max duration ~5 secs).
* Log when we add/fail-to-add/remove EBS alias symlinks.
Release a revised set of Alpine Linux AMIs, including...
* improved nvme-ebs-links mdev script (issue #40)
* start haveged at boot runlevel (issue #39)
* Release Alpine Linux 3.9.0 AMIs
* Update README.md and release.yaml with a fresh batch of 3.9.0 AMIs
* Append GitHub project link to AMI description
* really minor caveat fix
* Match meanings of 'version' and 'release' to how Alpine uses them
* Use optional 'revision' to denote any same-release AMI rebuild
* Include CPU 'arch' in naming/description (may also offer 'aarch64' AMIs someday)
* Upgrade build instance to use Amazon Linux 2 AMIs
* Use env vars to pass details to 'make_ami.sh' instead of via CLI parameters
* make_ami.sh
+ minimum version/release shouldn't be overrideable
+ update APK tools & Alpine keys
+ check build's release vs. installed /etc/alpine-release
* Allow additional services on the AMI's runlevels
I'm using this with my AMIs to add haveged to the boot runlevel to boost the amount of initial entropy on smaller instance types, so sshd can start in under 6s instead of over 2m.
add_svcs:
boot:
- haveged
* fix race condition with nvme-ebs /dev linking
* copy nvme stuff to build target in one operation
* add eu-north-1 region
* Latest Amazon Linux enables 64bid when creating ext4 partitions, which is incompatible with syslinux/extlinux bootloader. Explicitly disable 64bit support, as it's highly unlikely we'll need a boot volume >16 TiB.
* update-extlinux.conf - switch kernel default to 'virt', as 'hardened' no longer exists.
* standardize on 'linux-virt' kernel
+ no longer need 'kernel_flavor' variable
+ always install 'aws-ena-driver' package
+ always enable ena_support
* switch to 'variables.yaml' for config
+ update build/convert script to stringify certain keys that may contain arrays
+ copy from 'variables.yaml-default' if it doesn't exist
* drop 'vpc' variable, using 'subnet' derives the proper VPC to use
* fix chrony.conf (all pool.ntp.org references are changed to 169.254.169.123)
* update README.md caveats
* README.md
+ update list of modern instance types
+ add caveat regarding linux-vanilla vs. linux-virt
* alpine-ami.yaml
+ build instance type is always t3.nano
+ block device where we build is always /dev/xvdf
+ add optional AMI encryption
+ always enable AMI SR-IOV flag (vanilla & virt both have the necessary driver)
+ no need to pass volume_name to make_ami.sh
* make_ami.sh
+ replace hard tabs with 4 spaces
+ always set up edge repositories
+ no need to add mkinitfs package, it's a dependency of linux-*
+ fix update of /etc/inittab
+ fix configuration of NTP
+ declare local vars in main()
+ device is always /dev/xvdf
* variables.json-default/example
+ improve comment for kernel_flavor
+ default add_repos is now empty
+ remove acct & e2fsprogs-extra from add_pkgs
+ add optional AMI encryption
+ remove sriov_enable, build_instance_type, and volume_name vars
* move config variables from alpine-ami.yaml to variables.json-*
+ variables.json-default - ready-for-action original default config
+ variables.json-example - original defaults with comments
* clean up tabs vs. spaces in make_ami.sh
* make_ami.sh handles custom kernel flavor, extra repos, and extra packages
* tweak README with regards to aws-ena-driver caveat
* add public_ip variable, setting to 'true' allows packer to build from outside AWS
* use smallest instance_type (t2.nano) and volume_size (1 GiB)
* eu-west-3 region is live; ap-northeast-3 requires subscription
* no longer need setup_staging_repos function...
+ tiny-ec2-bootstrap is available in main since v3.8
+ aws-ena-driver-vanilla is only available in edge/testing
* switched to linux-vanilla since linux-hardened is no longer available and linux-virt does not have NVME available
+ TODO? make kernel choice selectable (significant memory/disk savings linux-virt can be used)