Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Run the box through an apt-get update && apt-get upgrade on build? #29

Open
konklone opened this issue Jan 9, 2015 · 3 comments
Open

Run the box through an apt-get update && apt-get upgrade on build? #29

konklone opened this issue Jan 9, 2015 · 3 comments

Comments

@konklone
Copy link
Contributor

konklone commented Jan 9, 2015

Downsides: the resulting AMI ends up in a non-deterministic state from build to build.

Upsides: the resulting AMI always has up to date packages, including security-relevant ones like openssl.

Thoughts?
@jzonthemtn
Copy link

Is it bad practice to execute these commands in the user-data of an instance using the resulting AMI?

@ozzyjohnson
Copy link
Member

@jzonthemtn - I wouldn't say it's bad practice, just be sure you're aware of the impacts.

The big ones being:

  • Resulting instances will non-deterministic as each instance will be running the latest packages at the time it was launched.
  • Addition of a remote dependency for launch.
  • Additional time to launch.

All three work against the benefits of 'baking' an AMI in the first place.

@jzonthemtn
Copy link

Thanks, @ozzyjohnson!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@konklone @ozzyjohnson @jzonthemtn