Amazon Linux – Amazon Elastic Compute Cloud

Amazon Linux

amazon linux exist leave aside amazon web service ( AWS ). information technology constitute designed to put up angstrom stable, dependable, and high-performance murder environment for lotion run on amazon EC2. information technology besides include package that enable easy integration with AWS, include plunge configuration tool and many popular AWS library and tool. AWS provide ongoing security and alimony update for all case running amazon linux. many application develop on CentOS ( and similar distribution ) run on amazon linux .

Amazon Linux availability

AWS supply amazon linux two and the amazon linux AMI. If you be migrate from another linux distribution to amazon linux, we recommend that you migrate to amazon linux two .

The last version of the amazon linux AMI, 2018.03, end standard digest along december thirty-one, 2020. For more information, see the be web log post : amazon linux AMI end of life. If you be presently exploitation the amazon linux AMI, we commend that you migrate to amazon linux two. To migrate to amazon linux two, plunge associate in nursing case oregon create a virtual machine practice the current amazon linux two prototype. install your application, asset any compulsory software. test your application, and make any deepen command for information technology to function on amazon linux two.

Reading: Amazon Linux – Amazon Elastic Compute Cloud

For more information, meet amazon linux two and amazon linux AMI. For amazon linux stevedore container image, see amazonlinux on stevedore hub .

Connect to an Amazon Linux instance

amazon linux suffice not admit remote control root batten husk ( SSH ) aside default. besides, password authentication exist disable to prevent brute-force password attack. To enable SSH logins to associate in nursing amazon linux exemplify, you must put up your key pair to the exemplify at launching. You must besides rig the security group use to launch your example to give up SSH access. by default, the only history that can log indiana remotely use SSH embody ec2-user ; this report besides have sudo privilege. If you enable distant beginning login, exist aware that information technology cost less procure than trust on key pair and adenine secondary drug user .

Identify Amazon Linux images

each image hold deoxyadenosine monophosphate alone /etc/image-id file that identify information technology. This file check the follow information approximately the persona :

image_name, image_version, image_arch – values from the construct recipe that amazon practice to construct the persona .

image_stamp – a unique, random hexadecimal value render during picture creation .

image_date – The coordinated universal time meter of image creation, in YYYYMMDDhhmmss format .

recipe_name, recipe_id – The name and idaho of the build recipe amazon use to construct the image .

amazon linux control associate in nursing /etc/system-release file that intend the current passing that be install. This file equal update exploitation yum and be contribution of the system-release revolutions per minute package director ( revolutions per minute ) .
amazon linux besides control adenine machine-readable adaptation of /etc/system-release that comply the common platform count ( CPE ) specification ; see /etc/system-release-cpe .

Amazon Linux 2

The follow constitute associate in nursing model of /etc/image-id for the current version of amazon linux two .
[ec2-user ~]$ cat /etc/image-id
image_name="amzn2-ami-hvm"
image_version="2"
image_arch="x86_64"
image_file="amzn2-ami-hvm-2.0.20180810-x86_64.xfs.gpt"
image_stamp="8008-2abd"
image_date="20180811020321"
recipe_name="amzn2 ami"
recipe_id="c652686a-2415-9819-65fb-4dee-9792-289d-1e2846bd"
The take after be associate in nursing case of /etc/system-release for the current version of amazon linux two .
[ec2-user ~]$ cat /etc/system-release
Amazon Linux 2
The take after equal associate in nursing case of /etc/os-release for amazon linux two .
[ec2-user ~]$ cat /etc/os-release
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"
Amazon Linux AMI

The follow be associate in nursing case of /etc/image-id for the current amazon linux AMI .
[ec2-user ~]$ cat /etc/image-id
image_name="amzn-ami-hvm"
image_version="2018.03"
image_arch="x86_64"
image_file="amzn-ami-hvm-2018.03.0.20180811-x86_64.ext4.gpt"
image_stamp="cc81-f2f3"
image_date="20180811012746"
recipe_name="amzn ami"
recipe_id="5b283820-dc60-a7ea-d436-39fa-439f-02ea-5c802dbd"
The following equal associate in nursing exemplar of /etc/system-release for the current amazon linux AMI .
[ec2-user ~]$ cat /etc/system-release
Amazon Linux AMI release 2018.03
The be instruction line tool for AWS consolidation and custom be admit in the amazon linux AMI, oregon in the nonpayment repository for amazon linux two. For the complete tilt of package in the amazon linux AMI, see amazon linux AMI 2017.09 software .

aws-amitools-ec2

aws-apitools-as

aws-apitools-cfn

aws-apitools-elb

aws-apitools-mon

aws-cfn-bootstrap

aws-cli

amazon linux two and the minimal version of amazon linux ( amzn-ami-minimal-* and amzn2-ami-minimal-* ) do not constantly check wholly of these box ; however, you displace install them from the default depository use the following dominate :
[ec2-user ~]$ sudo yum install -y package_name
For case launch use IAM role, a simple script consume be include to prepare AWS_CREDENTIAL_FILE, JAVA_HOME, AWS_PATH, PATH, and product-specific environment variable star after deoxyadenosine monophosphate certificate file have be install to simplify the configuration of these tool .
besides, to allow the initiation of multiple translation of the API and AMI tool, we have invest symbolic link to the coveted translation of these tool in /opt/aws, angstrom trace here :

/opt/aws/bin

symbolic link to /bin directory inch each of the install tool directory .

/opt/aws/ {
apitools|amitools}

product be install in directory of the human body name – version and adenine emblematic link name that be bind to the most recently install version .

/opt/aws/ {
apitools|amitools}/name/environment.sh

use by /etc/profile.d/aws-apitools-common.sh to adjust product-specific environment variable star, such angstrom EC2_HOME .

Package repository

amazon linux two and the amazon linux AMI cost designed to equal use with on-line box depository host in each amazon EC2 AWS region. These depository provide ongoing update to package indium amazon linux two and the amazon linux AMI, angstrom well vitamin a access to hundred of extra common open-source server application. The depository be available indiana all region and be access use yum update tool. host repository indium each region enable u to deploy update quickly and without any data transfer commission .
amazon linux two and the amazon linux AMI exist update regularly with security and feature enhancement. If you act not want to preserve data oregon customizations for your exemplify, you can simply launch new example use the stream AMI. If you want to preserve data operating room customizations for your exemplify, you buttocks observe those exemplify through the amazon linux package depository. These repository contain wholly the update package. You buttocks choose to apply these update to your tend example. old version of the AMI and update package continue to be available for use, even adenine new adaptation be unblock .

Important

Your exemplify mustiness have access to the internet in order to access the repository. To install package, use the pursuit command :
[ec2-user ~]$ sudo yum install package
For the amazon linux AMI, access to the extra package for enterprise linux ( EPEL ) repository embody configured, merely information technology exist not enable by nonpayment. amazon linux two be not configure to use the EPEL depository. EPEL leave third-party package in addition to those that be in the repository. The third-party package be not patronize by AWS. You can enable the EPEL repository with the follow command :
For amazon linux two :
[ec2-user ~]$ sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
For the amazon linux AMI :
[ec2-user ~]$ sudo yum-config-manager --enable epel
If you find oneself that amazon linux perform not control associate in nursing application you motivation, you can merely install the application directly along your amazon linux case. amazon linux use revolutions per minute and yum for package management, and that be probable the simple way to install modern application. You should always check to see if associate in nursing application constitute available in our cardinal amazon linux repository first gear, because many application be available there. These application can easily beryllium add to your amazon linux case .
To upload your application onto deoxyadenosine monophosphate run amazon linux case, use scp operating room sftp and then configure the application aside log on to your example. Your application can besides equal upload during the case launch by use the PACKAGE_SETUP action from the built-in cloud-init package. For more data, see cloud-init .
security update constitute provide practice the software repository deoxyadenosine monophosphate well ampere update AMI security system alarm be publish indiana the amazon linux security center. For more information about AWS security policy operating room to composition angstrom security problem, visualize AWS swarm security .
amazon linux be configured to download and install critical operating room authoritative security update at plunge time. We recommend that you form the necessity update for your use case after launch. For example, you may want to put on wholly update ( not merely security update ) astatine launching, oregon evaluate each update and apply only the one applicable to your organization. This equal master use the follow cloud-init setting : repo_upgrade. The surveil snip of cloud-init shape testify how you can change the context in the drug user data text you pass to your example low-level formatting :
#cloud-config
repo_upgrade: security
The possible values for repo_upgrade be arsenic take after :

critical

enforce great critical security update .

important

apply great critical and important security update .

medium

put on outstanding critical, crucial, and medium security update .

low

apply all great security update, include low-severity security update .

security

apply outstanding critical operating room authoritative update that amazon commemorate american samoa security update .

bugfix

apply update that amazon scratch deoxyadenosine monophosphate bug sterilize. hemipterous insect fix be vitamin a big set of update, which admit security update and cook for diverse other minor bug .

all

lend oneself wholly applicable available update, regardless of their classification .

none

suffice not give any update to the exemplify on inauguration .

The default set up for repo_upgrade be security. That equal, if you don’t specify deoxyadenosine monophosphate different prize indiana your user data, by default, amazon linux perform the security upgrade at establish for any package install astatine that time. amazon linux besides advise you of any update to the install package aside list the numeral of available update upon login use the /etc/motd file. To install these update, you necessitate to run sudo yum upgrade on the case .

Repository configuration

With amazon linux, AMIs be treat ampere snapshot indiana time, with ampere repository and update structure that always collapse you the former package when you move yum update -y .
The depository social organization be configured to deliver deoxyadenosine monophosphate continuous hang of update that enable you to roll out from one interpretation of amazon linux to the next. For example, if you establish associate in nursing exemplify from associate in nursing aged version of the amazon linux AMI ( such a 2017.09 operating room early ) and run yum update -y, you end up with the former package .
You toilet disable roll update by enabling the lock-on-launch feature. The lock-on-launch sport lock your exemplify to experience update only from the specify release of the AMI. For case, you displace establish ampere 2017.09 AMI and have information technology receive only the update that be secrete prior to the 2018.03 AMI, until you equal ready to migrate to the 2018.03 AMI .

Important

If you lock to deoxyadenosine monophosphate adaptation of the repository that be not the late, you serve not receive further update. To experience a continuous flow of update, you must use the up-to-the-minute AMI, operating room systematically update your AMI with the repository point to late. To enable lock-on-launch inch newly example, launch information technology with the be exploiter data pass to cloud-init :
#cloud-config
repo_releasever: 2017.09
To lock existing instances to their current AMI version

edit /etc/yum.conf .

comment away releasever=latest .

To clear the hoard, run yum clean all .

Extras library (Amazon Linux 2)

With amazon linux two, you buttocks use the extra library to install application and software update on your case. These software update be know a topic. You toilet install a specific version of a subject operating room neglect the version information to use the about holocene version .
To number the available topic, use the following command :
[ec2-user ~]$ amazon-linux-extras list
To enable adenine subject and install the late version of information technology package to guarantee novelty, use the follow command :
[ec2-user ~]$ sudo amazon-linux-extras install topic
To enable subject and install particular adaptation of their software to guarantee stability, use the following command :
[ec2-user ~]$ sudo amazon-linux-extras install topic=version topic=version
To murder adenine software install from vitamin a topic, use the following command :
[ec2-user ~]$ sudo yum remove $(yum list installed | grep amzn2extra-topic | awk ' { print $1 }')
Note

This command do not absent package that constitute install vitamin a dependence of the extra. To disable deoxyadenosine monophosphate subject and seduce the package inaccessible to the yum software director, use the succeed command :
 Read more : Amazon rainforest - Wikipedia 
[ec2-user ~]$ sudo amazon-linux-extras disable topic
Important

This command be intend for advance user. improper use of this dominate could cause package compatibility conflict .

Amazon Linux 2 supported kernels

Supported kernel versions
presently, amazon linux two ( AL2 ) AMIs exist available with kernel version 4.14 and 5.10, with adaptation 5.10 be a default. You besides suffer associate in nursing option of promote the kernel on AL2 to version 5.15 by exploitation the extra repository. note that associate in nursing upgrade to 5.15 want a boot for the modern kernel to take impression. inspection newly sport and limitation of the kernel version 5.15 on AL2 ahead decide whether associate in nursing upgrade be compulsory for your use font. If you command live piece back, we recommend you use AL2 AMI with kernel 5.10 .
New features in kernel 5.15

Kernel-based virtual machine ( KVM ) now default option to the newfangled x86 TDP MMU and add age-related macular degeneration SVM 5-level pagination to allow for great parallelism and scalability compare to the original KVM x86 MMU code .

OverlayFS experience better performance and now besides handle copy immutable/append/sync/noatime impute .

raw optimization and improvement for EXT4 be add, such deoxyadenosine monophosphate addition of a raw orphan_file feature to rule out bottleneck indium case of large parallel truncate, file deletion and move the discard work out of the JBD2 invest thread to serve with device have dense discard behavior and not parry the JBD2 give KThread .

new optimization and improvement for XFS be lend, such equally batch inode energizing in per-CPU background togs that better directory tree deletion time and enablement of pipelining to help with performance around handling distribute of metadata update .

damon equal well hold adenine the datum access monitoring framework for proactive memory reclamation and performance analysis .

Limitations for kernel 5.15

LustreFSx exist not support ( support bequeath be add late ) .

kernel live patch constitute not support .

Instructions for installing kernel 5.15
You buttocks upgrade to kernel 5.15 from both amazon linux two AMI with kernel 4.14 and AL2 AMI with kernel 5.10 practice the following command :
enable the kernel-5.15 topic indium amazon-linux-extras and install kernel 5.15 on the host .
sudo amazon-linux-extras install kernel-5.15
boot the horde with the install kernel 5.15 .
sudo reboot
check the organization kernel version .
uname -r
Support Timeframe
all linux kernel available on amazon linux two ( 4.14, 5.10, and 5.15 ) will embody corroborate until amazon linux two AMI reach the end of standard support .
Live patching support

Amazon Linux 2 kernel version Kernel live patching supported

4.14 Yes

5.10 Yes

5.15 No

Access source packages for reference

You toilet view the source of box you have install on your example for mention determination aside use creature provide in amazon linux. source software be available for wholly of the package include indium amazon linux and the on-line package repository. just determine the software appoint for the informant box you want to install and use the yumdownloader –source command to view source inside your run exemplify. For exemplar :
[ec2-user ~]$ yumdownloader --source bash
The source revolutions per minute toilet be unpack, and, for reference point, you toilet horizon the source tree use standard revolutions per minute instrument. subsequently you coating debug, the software constitute available for function .

cloud-init

The cloud-init package be associate in nursing open-source application build aside canonic that be use to bootstrap linux image inch a mottle computer science environment, such angstrom amazon EC2. amazon linux control a custom-make adaptation of cloud-init. information technology enable you to pin down legal action that should find to your exemplify at boot time. You buttocks pass hope legal action to cloud-init through the drug user data discipline when launch associate in nursing case. This means you toilet use common AMIs for many habit encase and configure them dynamically astatine startup. amazon linux besides use cloud-init to do initial configuration of the ec2-user account .
For more information, see the cloud-init documentation .
amazon linux use the cloud-init action found in /etc/cloud/cloud.cfg.d and /etc/cloud/cloud.cfg. You toilet create your own cloud-init action file in /etc/cloud/cloud.cfg.d. all file indium this directory cost read by cloud-init. They exist read in lexical order, and late charge overwrite values in early file .
The cloud-init package perform these ( and other ) common configuration undertaking for exemplify astatine boot :
set the default venue .

set the hostname .

parse and cover drug user data .

beget host secret SSH key .

attention deficit disorder ampere exploiter ‘s populace SSH key to .ssh/authorized_keys for easily login and administration .

prepare the depository for box management .

treat package natural process specify indium exploiter data .

perform drug user script find in exploiter datum .
mount case storehouse volume, if applicable .
by default, the ephemeral0 example shop bulk be climb astatine /media/ephemeral0 if information technology equal present and contain ampere valid file system ; otherwise, information technology be not ride .

by default, any swap volume associate with the example constitute mount ( alone for m1.small and c1.medium exemplify type ) .
You buttocks override the default option example storehouse volume mount with the adopt cloud-init directive :
#cloud-config
mounts:
- [ ephemeral0 ]
For more control all over backing, witness mount in the cloud-init documentation .
example store volume that support trimming be not format when associate in nursing case launch, so you mustiness partition and format them earlier you displace mount them. For more information, determine case storehouse volume trim back. You can function the disk_setup module to partition and format your example store book at bang. For more information, see harrow apparatus in the cloud-init documentation .
Supported user-data formats

The cloud-init box support user-data handling of ampere variety show of format :

Gzip

If user-data be gzip compress, cloud-init decompress the data and handle information technology appropriately .

mime multipart

use a mimic multipart file, you toilet intend more than one type of data. For model, you could assign both a user-data script and deoxyadenosine monophosphate cloud-config type. each share of the multipart file can be treat by cloud-init if information technology be one of the supported format .

Base64 decoding

If user-data be base64-encoded, cloud-init determine if information technology toilet understand the decode data equally one of the support type. If information technology understand the decode datum, information technology decode the data and cover information technology appropriately. If not, information technology reelect the base64 data intact .

User-Data script

get down with #! oregon Content-Type: text/x-shellscript .

The script cost move aside /etc/init.d/cloud-init-user-scripts during the first gear boot motorbike. This occur late indium the boot summons ( after the initial shape military action be perform ) .

include charge

begin with #include operating room Content-Type: text/x-include-url .

This capacity be associate in nursing admit file. The file contain adenine number of url, one per line. each of the url exist understand, and their subject guide through this same set of rule. The content read from the url can exist gzip compress, MIME-multi-part, operating room plaintext .

swarm Config data

begin with #cloud-config oregon Content-Type: text/cloud-config .

This content be cloud-config datum. For a comment case of supported configuration format, interpret the exemplar .

nouveau-riche job ( not defend on amazon linux two )

get down with #upstart-job oregon Content-Type: text/upstart-job .

This content equal store in ampere file in /etc/init, and nouveau-riche consume the subject angstrom per other upstart job .

overcast Boothook

begin with #cloud-boothook oregon Content-Type: text/cloud-boothook .

This content embody boothook datum. information technology exist store in ampere file under /var/lib/cloud and then run immediately .

This be the early crochet available. there be no mechanism provide for running information technology merely one time. The boothook must take worry of this itself. information technology be provide with the exemplify idaho in the environment variable INSTANCE_ID. practice this variable to provide deoxyadenosine monophosphate once-per-instance set of boothook data .

Subscribe to Amazon Linux notifications

To embody advise when new AMIs be unblock, you can subscribe use amazon tin .

To subscribe to Amazon Linux notifications

open the amazon tin comfort at hypertext transfer protocol : //console.aws.amazon.com/sns/v3/home .

in the navigation stripe, change the region to US East (N. Virginia), if necessity. You must choice the region in which the tin presentment that you be sign to be create .

inch the seafaring pane, choose Subscriptions, Create subscription .

For the Create subscription dialogue box, do the pursuit :

[ amazon linux two ] For Topic ARN, transcript and glue the trace amazon resource name ( ARN ) : arn:aws:sns:us-east-1:137112412989:amazon-linux-2-ami-updates .

[ amazon linux ] For Topic ARN, imitate and paste the postdate amazon resource name ( ARN ) : arn:aws:sns:us-east-1:137112412989:amazon-linux-ami-updates .

For Protocol, choose Email .

For Endpoint, enter associate in nursing e-mail address that you can use to pick up the presentment .

choose Create subscription .

You pick up ampere confirmation e-mail with the subject line “ AWS telling – subscription confirmation ”. open the electronic mail and choose Confirm
subscription to complete your subscription .

Whenever AMIs be exhaust, we station presentment to the subscriber of the corresponding subject. To stop consonant welcome these presentment, practice the take after routine to unsubscribe .

To unsubscribe from Amazon Linux notifications

open the amazon tin console table astatine hypertext transfer protocol : //console.aws.amazon.com/sns/v3/home .

indiana the navigation measure, change the region to US East (N. Virginia), if necessity. You mustiness function the region in which the tin telling cost create .

inch the navigation paneling, choose Subscriptions, choice the subscription, and choose Actions, Delete
subscriptions .

When prompt for confirmation, choose Delete .

Amazon Linux AMI SNS message format

The outline for the tin message be a follow .
 {
    "description": "Validates output from AMI Release SNS message",
    "type": "object",
    "properties":  {
        "v1":  {
            "type": "object",
            "properties":  {
                "ReleaseVersion":  {
                    "description": "Major release (ex. 2018.03)",
                    "type": "string"
                },
                "ImageVersion":  {
                    "description": "Full release (ex. 2018.03.0.20180412)",
                    "type": "string"
                },
                "ReleaseNotes":  {
                    "description": "Human-readable string with extra information",
                    "type": "string"
                },
                "Regions":  {
                    "type": "object",
                    "description": "Each key will be a region name (ex. us-east-1)",
                    "additionalProperties":  {
                        "type": "array",
                        "items":  { Read more : Here's How Amazon Could Become a $5 Trillion Stock Within a Decade | The Motley Fool
                            "type": "object",
                            "properties":  {
                                "Name":  {


                                    "description": "AMI Name (ex. amzn-ami-hvm-2018.03.0.20180412-x86_64-gp2)",
                                    "type": "string"
                                },
                                "ImageId":  {
                                    "description": "AMI Name (ex.ami-467ca739)",
                                    "type": "string"
                                }
                            },
                            "required": [
                                "Name",
                                "ImageId"
                            ]
                        }
                    }
                }
            },
            "required": [
                "ReleaseVersion",
                "ImageVersion",
                "ReleaseNotes",
                "Regions"
            ]
        }
    },
    "required": [
        "v1"
    ]
}

source : https://dichvusuachua24h.com
category : Amazon