As I work with Amazon EC2, I find that I need to configure machine images for specific tasks. In general, I’ve preferred to perform this configuration by running brief install scripts on the standard Amazon-owned images, rather than using more complex, pre-configured images. For me, the core issues are those of transparency and trust.
I had been using a variant of the ami-25b6534c image, which is an Amazon-supplied Fedora Core 4 image with MySQL, Apache, and PHP pre-installed. I needed to upgrade from MySQL 4.1 to 5.0, and found this cumbersome to do on FC4. Therefore, I decided to move to Fedora 8. Amazon didn’t provide a Fedora 8 image with the tools I needed already installed, so I took the ami-2b5fba42 image and ran the following script:
# Install the world's greatest text editor yum -y install emacs.i386 # Install and start MySQL yum -y install mysql-server.i386 mysql_install_db service mysqld start # Install Apache and mod_ssl yum -y install httpd.i386 yum -y install mod_ssl.i386 # Install PHP yum -y install php.i386 # Install various PHP extensions yum -y install php-gd.i386 yum -y install php-mcrypt.i386 yum -y install php-mbstring.i386 yum -y install php-mysql.i386 # Start Apache httpd -k start
I could have searched Amazon’s repository of machine images for something that would suit my purpose, but two factors prevented me from doing so.
First, I don’t really trust random people on the Internet. Even if blessed by Amazon, I’d be nervous about using a machine image without knowing exactly what went into it. (I make an exception for the base Amazon-owned AMIs because it’s very convenient to do so, and because I only have to trust a handful of images.)
Second, there are too many variables. Leaving aside questions of malice or incompetence, there are many ways to configure a server, and I don’t want to dig through a complex server’s existing configuration and figure out whether or not it does what I want it to do.
A Modest Proposal
I’d like Amazon (or anyone else!) to begin to make a library of AMI configuration *scripts* available, each of which would be designed to build a server of some specific capabilities from a known base image, and all of which would begin from a very small set of simple, trusted images.
Such a library would address both of my concerns with pre-packaged machine images. Since the base images would be trusted, and the scripts would be auditable, it would be possible to see whether or not anything undesirable had found its way into the image. It would also be possible to see exactly how the final server was configured, and to make such changes as were necessary.
At a minimum, it would be nice if such build scripts were available alongside the prepackaged machine images.