Containers-roadmap: [ECS] [request]: Make the ECS Optimized Linux AMIs builder public
Tell us about your request
AWS recommends the ECS-Optimized Linux/Linux 2 AMIs to everybody on ECS, however, the AMI build isn't public; we only know the versions of ecs-agent, docker, and ecs-init.
Which service(s) is this request for?
ECS
Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
I migrated from the ECS-Optimized Linux to the ECS-Optimized Linux 2 AMI and wasn't expected the lack of an extra volume (xvdcz). We use bigger EBS volumes for more IOPS and ended up with a bunch of unused volumes in production. That information is in the documentation but I missed it. I still don't know what has changed in regards to the OS configuration and how that could affect my custom user-data script.
The documentation doesn't talk in detail about the changes between the Linux vs. Linux 2 AMIs. It'd be a lot better if I had access to the AMI builder to understand every piece of its configuration.
The EKS AMI seems to be public: https://github.com/awslabs/amazon-eks-ami
Are you currently working around this issue?
I am going to increase the size of the root volume (xvda) in the Launch Configuration/Launch Specification the same way I did for the extra volume on the Linux AMI (xvdcz).
This issue is related to https://github.com/aws/containers-roadmap/issues/134 (if the AMI builder was public, that user could build an identical image with a smaller volume).
hltbra
All 10 comments
Making the build process and CI public too would be great. EKS lacks this too.
willejs
on 4 Mar 2019
+1 on this.
Alternative, may I suggest to provide this feature as part of the new EC2 Image Builder recipes/component?
For my personal use case is that due to security compliance requirement and control, it is required to manage instance's patch. Also, I need to manage some additional thing like the system monitoring agents or any other requirement that is needed in our use case.
The ECS optimized AMI does not come with SSM agent so it cannot be used right out of the box directly with EC2 Image Builder.
It would be great if the build script is made public so I can also manage/customize it base on my own requirement and security controls. (also downsize the root volume like https://github.com/aws/containers-roadmap/issues/134 or install SSM agent like https://github.com/aws/containers-roadmap/issues/426)
jk2l
on 7 Jan 2020
+1
Totally agree with @jk2l, It would be amazing to have an ECS optimized AMI with the SSM agent!
bogomips
on 13 Jan 2020
+1
miltzi
on 9 Mar 2020
+1
GiladE
on 10 Mar 2020
+1
lordplagus02
on 10 Mar 2020
+1
stream-toma
on 30 Mar 2020
+1
BrandonTeixeiraStream
on 30 Mar 2020
+1
leorseligmann
on 30 Mar 2020
+1 !! this would GREATLY simplify my life
thirstycat
on 14 Aug 2020
Related issues
yinshiua
路
3Comments
tabern
路
3Comments
adlemich
路
3Comments
mineiro
路
3Comments
aliabas7
路
3Comments
Most helpful comment
+1 on this.
Alternative, may I suggest to provide this feature as part of the new EC2 Image Builder recipes/component?
For my personal use case is that due to security compliance requirement and control, it is required to manage instance's patch. Also, I need to manage some additional thing like the system monitoring agents or any other requirement that is needed in our use case.
The ECS optimized AMI does not come with SSM agent so it cannot be used right out of the box directly with EC2 Image Builder.
It would be great if the build script is made public so I can also manage/customize it base on my own requirement and security controls. (also downsize the root volume like https://github.com/aws/containers-roadmap/issues/134 or install SSM agent like https://github.com/aws/containers-roadmap/issues/426)