Page MenuHomeVyOS Platform
Create Task
Maniphest T408

Improve the AMI build scripts
Closed, ResolvedPublic
Actions

Description

Now that the official AMI was set to a non-zero price as a means to support VyOS development, we need to make sure the AMI build scripts are as straightforward to use as possible. Not only it will save the maintainers some time, user's choice to not support VyOS development this way should be respected as well: the scripts should not be made harder to use than it's necessary.

There are multiple issues:

  • The README is not always correct, not always complete, and is full of irrelevant details

AWS users are usually well familiar with awscli and ansible is now an immensely popular tool.
What people really need from the README is how to use this particular playbook.

  • SSH to the instance asks to type yes.

This makes it harder to run the scripts unattended, and is of little value since a freshly created host is quite unlikely to be a target of a MitM attack, and if all your SSH traffic is subject to a MitM attack, then you are already deep in trouble.

  • Scripts rely on specific setting of awscli output format setting.

This is plain sloppy since awscli provides an easy way to specify it for every command call.

  • Playbooks require a GPG signature associated with the image, and expect it to be in the same dir as the image on the server.

This limits the usefulness to release images only.

  • There are quite a few ansible warnings.

In particular, there are now modules for touch in mount while our playbooks still run touch and mount commands.

  • Playbooks are not capable of building 1.2.0 images.

Some package names and file locations need adjustments.

  • Apparently there are a few non-functional files, e.g. for nightly builds.
  • The playbooks are hardcoded to use aging Ubuntu Precise for the "host" instance

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close

Event Timeline

dmbaturin created this task.Oct 2 2017, 8:15 PM
dmbaturin updated the task description. (Show Details)
dmbaturin changed the visibility from "Subscribers" to "Public (No Login Required)".
dmbaturin added projects: VyOS 1.2 Crux, VyOS 1.1.x (1.1.8).
dmbaturin updated the task description. (Show Details)Oct 2 2017, 8:23 PM
dmbaturin updated the task description. (Show Details)Oct 2 2017, 8:25 PM
dmbaturin added a comment.Oct 2 2017, 8:59 PM

Fixed 1, 2, and 3.

syncer added a project: build-ami.Oct 3 2017, 10:47 AM
syncer edited projects, added VyOS 1.1.x; removed VyOS 1.1.x (1.1.8).Oct 11 2017, 10:06 PM
syncer moved this task from Need Triage to In Progress on the VyOS 1.1.x board.
syncer moved this task from Need Triage to In Progress on the VyOS 1.2 Crux board.
syncer updated the task description. (Show Details)
syncer added a project: AWS Support.Oct 11 2017, 10:08 PM
jbeisser added a subscriber: jbeisser.Oct 26 2017, 6:47 PM
chrismccracken added a subscriber: chrismccracken.Nov 15 2017, 5:39 PM
pasik added a subscriber: pasik.Dec 26 2017, 10:40 PM
syncer removed a project: VyOS 1.1.x.Feb 27 2018, 3:02 PM
syncer added projects: Active contributors, Community.
dmbaturin updated the task description. (Show Details)May 11 2018, 12:33 AM
dmbaturin closed this task as Resolved.May 11 2018, 1:10 AM
syncer moved this task from In Progress to Finished on the VyOS 1.2 Crux board.Oct 15 2018, 5:26 AM
syncer removed a project: VyOS 1.2 Crux.Oct 15 2018, 11:51 PM