Comment 5 for bug 431255

Revision history for this message
Eric Hammond (esh) wrote :

Based on IRC discussion, it may not have been clear that I consider this a reasonably important bug to fix for Karmic even though it means splitting ec2-init into two init scripts. There are existing architectures using Ubuntu on EC2 which break when attempted to be run on Canonical's latest Karmic image.

Here are a couple use cases to help demonstrate why sshd should be running before user-data is run and why not doing so breaks the code:

1) User does not want to put private keys in the non-private user-data, so user-data script waits until they show up on the file system. External process starts the instance, waits for ssh, then scp's the keys in to the instance at which point the user-data automatically continues running.

2) One of my production setups has the user-data script wait until an EBS volume is mounted, but the external process which attaches the volume first has to do some stuff on the instance through ssh. This deadlocks and both processes are waiting for each other.

Yes, it might be possible for people to restructure these applications to not use user-data or to pass information in some other way, but since there seems to be a consensus that user-data should be run after ssh is started, then I suggest it is important to do it the right way from the beginning in the Canonical images. I'd like there to be as little barrier to migration as possible. And I'd like for my existing code to work so I can continue testing them on the Canonical images :)