[ec2] [ubuntu-cloud] RFC: server-lucid-ec2-config: user-data configuration file

Eric Hammond esh at ubuntu.com
Tue Jan 5 11:11:50 GMT 2010


Mathias Gug wrote:
> I'm not sure I fully understand the point of using a snapshot of Ubuntu mirrors
> if you're using a stable release. Stable releases don't change (that's why
> they're *stable*).

We get prompted to update our stable Hardy 8.04 LTS production servers
with package updates more than once a week on average.  Here are some of
the Hardy packages which have had updates released in the last half of
2009, some of them more than once:

  apache2 bind9 cron curl dnsutils file openssl openvpn php5 python2.5
  ruby1.8 samba samba-common smbclient smbfs subversion sudo wget
  apache2.2-common apache2-mpm-prefork apache2-prefork-dev apache2-utils
  bind9-host dhcp3-client dhcp3-common irb1.8 libapache2-mod-php5
  libapache2-svn libapr1 libapr1-dev libaprutil1 libaprutil1-dev
  libbind9-30 libc6 libc6-dev libc6-xen libcurl3 libcurl3-gnutls
  libcurl4-openssl-dev libdns35 libglib2.0-0 libgnutls13 libhal1
  libhal-storage1 libisc35 libisccc30 libisccfg30 liblwres30 libmagic1
  libneon27 libnewt0.52 libopenexr2ldbl libopenssl-ruby1.8
  libparted1.7-1 libpq5 libpq-dev libreadline-ruby1.8 libruby1.8
  libssl0.9.8 libssl-dev libsvn1 libtiff4 linux-libc-dev lsb-base
  lsb-release parted php5-common php5-mysql python2.5-minimal
  python-subversion rdoc1.8 tzdata whiptail

We choose when to update our running systems, often after testing in
development and QA environments.  However, if systems are being fired up
automatically by Amazon's Auto Scaling or Spot Instances and those
instances upgrade themselves on boot, then package upgrades are forced
on you whether or not you have tested, unless you choose to use a
date-fixed apt mirror like RightScale offers.

With this approach you can test package updates, and upgrade new
instances to the later date based on your approval process.

The other option is to always build new AMIs, but a couple years of
doing that and you'll look for an easier maintenance path.

I'll admit and preach that I have had almost no problems accepting every
software package upgrade from Ubuntu over a period of years, but I'm
building web startups and am willing to move faster and accept greater
risk than established companies with more formalized development and
release procedures.

>> Proposal:
>>
>>   ec2init automatically runs apt-get update on first boot, UNLESS:
>>
>>   1. a user-data script is provided by the user (starting with #!), OR
>>   2. the advanced user-data configuration format is provided by the user
>>      AND that configuration specifies that apt-get update should not be
>>      run.
> 
> This seems like a good proposal to me.

Cool.

I saw you mentioned this discussion to zul in IRC.  Should I make sure
he gets a copy of it or can you point him to it?

--
Eric Hammond



More information about the Ubuntu-ec2 mailing list