From owner-freebsd-cloud@freebsd.org Wed Dec 27 18:59:06 2017 Return-Path: Delivered-To: freebsd-cloud@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DA9EFEA6DF4 for ; Wed, 27 Dec 2017 18:59:06 +0000 (UTC) (envelope-from 01000160995789e1-9e02b44d-8c1b-4451-9650-f5388705c9eb-000000@amazonses.com) Received: from a8-176.smtp-out.amazonses.com (a8-176.smtp-out.amazonses.com [54.240.8.176]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A141071605 for ; Wed, 27 Dec 2017 18:59:05 +0000 (UTC) (envelope-from 01000160995789e1-9e02b44d-8c1b-4451-9650-f5388705c9eb-000000@amazonses.com) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ae7m2yrxjw65l2cqdpjxuucyrvy564tn; d=tarsnap.com; t=1514401139; h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; bh=Ep2dAvgZacZSMCeSrO95DYgj0iBldBIJTTmOzVk+FIY=; b=v/FGFn7WKdS/cVVbmXAZZDTUgZvTTSI8DVRcWY9g9lBEA3jz1cyV2kKlofnbFMUA HvQqL+j5T9TmaDAHVQ5NQ1/gehXIQt1sbRSXNwDZ4Q4bo7B8o8/vFmVJ6gJqXJT8shQ SYnhRen5t1QXNDzSJpo2nX0bMf0k22jnpaCntCsM= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=224i4yxa5dv7c2xz3womw6peuasteono; d=amazonses.com; t=1514401139; h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding:Feedback-ID; bh=Ep2dAvgZacZSMCeSrO95DYgj0iBldBIJTTmOzVk+FIY=; b=Ry8nEOCjd4sSJWFEW3+aYhI2Nfi8VeT2Sb4iaCPM5vD/9VDRsase7nQuoZPCfVYu iloHTUyR+ol5ehsfF/AMt/+xU3yuSTopDji+Hjn/a5bTs/mRl9sIFMqgbCceDbNDrK8 2Tyo5UClVUj84MfhFfYegPTr6X9KdqhYzTPJEtjI= Subject: Re: AMI building AMI To: Rafal Lukawiecki , freebsd-cloud@freebsd.org References: <085D225B-2E99-4540-B693-223087B14A27@rafal.net> From: Colin Percival Message-ID: <01000160995789e1-9e02b44d-8c1b-4451-9650-f5388705c9eb-000000@email.amazonses.com> Date: Wed, 27 Dec 2017 18:58:59 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: <085D225B-2E99-4540-B693-223087B14A27@rafal.net> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-SES-Outgoing: 2017.12.27-54.240.8.176 Feedback-ID: 1.us-east-1.Lv9FVjaNvvR5llaqfLoOVbo2VxOELl7cjN0AOyXnPlk=:AmazonSES X-BeenThere: freebsd-cloud@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "FreeBSD on cloud platforms \(EC2, GCE, Azure, etc.\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Dec 2017 18:59:07 -0000 On 12/27/17 07:53, Rafal Lukawiecki wrote: > Is there a list of AWS AMI ids (and regions) containing Colin’s AMI builder > AMI? The 2015 article > http://www.daemonology.net/blog/2015-11-21-FreeBSD-AMI-builder-AMI.html > > mentions one in us-east-1 ami-28682f42. Are there more? Or a documented > procedure on using RE tools to achieve the same? The blog post explains how to build an AMI Builder AMI by launching a release AMI with the right user-data. > I am particularly interested in recompiling 11.1 release kernel, adding a > good few packages (to speed up instance launch time) and creating an AMI > out of that. Of course, I can take the lazy route of building a normal AWS > AMI, which will not be as “clean and unused” as the one suggested in > Colin’s article. But if there is a current way to do the cleaner thing, I > would like to know, please. I can build an 11.1 AMI Builder AMI tomorrow if you'd like. Using this will be better than trying to clean a "live" instance, since even if you delete all the files you don't want to include, they'll still be lingering in the free disk space. If this includes AWS keys, this could have very bad results. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid