We’ve published a few days ago a new Gentoo Linux Amazon Machine Image for the Europe region, consisting of a baseline 32-bit Gentoo server installation with the addition of a few packages and tools.
The AMI is publicly available as ami-e38fa497 with the manifest osoco-public-images-eu/gentoo_base_2010.1_x86_server.manifest.xml
Next you can find the AMI features for this first revision:
- The image contains a Gentoo Linux 2010.1 profile built from a recent stage3 (2010-03-06).
- A recent kernel for Amazon EC2: 184.108.40.206-2.fc8xen-ec2-v1.0.
- The entire system has been rebuilt for the Xen environment using:
CFLAGS="-O2 -march=i686 -pipe -mno-tls-direct-seg-refs"
- Root password is randomly generated on the first machine boot.
- Disabled password-based authentication in /etc/ssh/sshd_config
- Public key is fetched from 169.254.169.254 and copied to /root/.ssh/authorized_keys at boot time.
- The scripts passed as user-data will be run as root at boot time.
- /etc/motd giving credits to OSOCO and pointing to the image release notes.
- The following services have been installed and added to the default runlevel:
- dhcpcd 4.0.15
- openssh 5.2-p1-r3
- syslog-ng 3.0.4 (with logrotate 3.7.8)
- vixie-cron 4.1-r10
- iptables 220.127.116.11
- Additonally the following packages/applications have been installed:
- EC2 API tools (1.3-46266) and EC2 AMI tools (1.3-45758) installed and available in the PATH.
- IcedTea6 JDK (EC2 API and AMI tools both require a Java VM).
- sshguard 1.4 to protect against brute force attacks via SSH. It has been configured to monitor syslog-ng logs to detect attacks, and block the attackers through iptables firewall rules.
- runurl from alestic.com is installed and in the PATH. The runurl command is a simple tool that downloads a program (or script) from the specified URL and runs it. It is very useful for simplifying your user-data scripts on EC2.
Grateful thanks to Geert Bevin for his initial Gentoo image and to Tim Disynger for his building tutorial.