mirror of
https://github.com/trailofbits/algo.git
synced 2025-04-16 22:27:20 +02:00
Implemented architecture choice 'arm' or amd 'x86_64' for EC2 cloud (#14289)
New `arch` config.cfg parameter is used along with the image name parameter to find the most recent OS image to be used in hosted ec2 instance. This allows the user to choose arm based instance types which was causing algo failure during cloud formation.
This commit is contained in:
parent
571daf4464
commit
7f87f51a03
4 changed files with 14 additions and 2 deletions
|
@ -182,6 +182,7 @@ cloud_providers:
|
|||
size: t2.micro
|
||||
image:
|
||||
name: "ubuntu-focal-20.04"
|
||||
arch: x86_64
|
||||
owner: "099720109477"
|
||||
# Change instance_market_type from "on-demand" to "spot" to take advantage of
|
||||
# simplified spot launch options
|
||||
|
|
|
@ -12,6 +12,8 @@ The cheapest EC2 plan you can choose is the "Free Plan" a.k.a. the "AWS Free Tie
|
|||
|
||||
As of the time of this writing (July 2018), the Free Tier limits include "750 hours of Amazon EC2 Linux t2.micro instance usage" per month, 15 GB of bandwidth (outbound) per month, and 30 GB of cloud storage. Algo will not even use 1% of the storage limit, but you may have to monitor your bandwidth usage or keep an eye out for the email from Amazon when you are about to exceed the Free Tier limits.
|
||||
|
||||
Addtional configurations are documented in the [EC2 section of the deploy from ansible guide](https://github.com/trailofbits/algo/blob/master/docs/deploy-from-ansible.md#amazon-ec2)
|
||||
|
||||
### Create an AWS permissions policy
|
||||
|
||||
In the AWS console, find the policies menu: click Services > IAM > Policies. Click Create Policy.
|
||||
|
|
|
@ -110,8 +110,16 @@ Possible options can be gathered via cli `aws ec2 describe-regions`
|
|||
|
||||
Additional variables:
|
||||
|
||||
- [encrypted](https://aws.amazon.com/blogs/aws/new-encrypted-ebs-boot-volumes/) - Encrypted EBS boot volume. Boolean (Default: false)
|
||||
- [encrypted](https://aws.amazon.com/blogs/aws/new-encrypted-ebs-boot-volumes/) - Encrypted EBS boot volume. Boolean (Default: true)
|
||||
- [size](https://aws.amazon.com/ec2/instance-types/) - EC2 instance type. String (Default: t2.micro)
|
||||
- [image](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-images.html) - AMI `describe-images` search parameters to find the OS for the hosted image. Each OS and architecture has a unique AMI-ID. The OS owner, for example [Ubuntu](https://cloud-images.ubuntu.com/locator/ec2/), updates these images often. If parameters below result in multiple results, the most recent AMI-ID is chosen
|
||||
```
|
||||
# Example of equivalent cli comand
|
||||
aws ec2 describe-images --owners "099720109477" --filters "Name=architecture,Values=arm64" "Name=name,Values=ubuntu/images/hvm-ssd/ubuntu-focal-20.04*"
|
||||
```
|
||||
- [owners] - The operating system owner id. Default is [Canonical](https://help.ubuntu.com/community/EC2StartersGuide#Official_Ubuntu_Cloud_Guest_Amazon_Machine_Images_.28AMIs.29) (Default: 099720109477)
|
||||
- [arch] - The architecture (Default: x86_64, Optional: arm64)
|
||||
- [name] - The wildcard string to filter available ami names. Algo appends this name with the string "-\*64-server-\*", and prepends with "ubuntu/images/hvm-ssd/" (Default: ubuntu-focal-20.04)
|
||||
- [instance_market_type](https://aws.amazon.com/ec2/pricing/) - Two pricing models are supported: on-demand and spot. String (Default: on-demand)
|
||||
* If using spot instance types, one additional IAM permission along with the below minimum is required for deployment:
|
||||
```
|
||||
|
|
|
@ -12,7 +12,8 @@
|
|||
owners: "{{ cloud_providers.ec2.image.owner }}"
|
||||
region: "{{ algo_region }}"
|
||||
filters:
|
||||
name: "ubuntu/images/hvm-ssd/{{ cloud_providers.ec2.image.name }}-amd64-server-*"
|
||||
architecture: "{{ cloud_providers.ec2.image.arch }}"
|
||||
name: "ubuntu/images/hvm-ssd/{{ cloud_providers.ec2.image.name }}-*64-server-*"
|
||||
register: ami_search
|
||||
|
||||
- name: Set the ami id as a fact
|
||||
|
|
Loading…
Add table
Reference in a new issue