Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 4 subscribers
  • Views 14511 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Looking for a suitable BYOL image on AWS for single instance, hvm

BenLiesfeld

I am looking for an AWS image that supports hvm (the "new" virtualization environment of AWS). I found this one in the community marketplace, but the software configuration seems buggy: ami-7b9baf0c.

The description string of the AMI is: axg9300_aws-asg-9.316-20151002.5_64_ebs_byol-3c5bc9ef-2b23-4a8c-b6ac-3fc4e08f8dec-ami-53307136.2

Seems to be a recent image (Oct 2nd 2015).

The software version is 9.316000 and cannot be updated. I also noted that this image does not support the "newer" t2.* AWS instance types.

Which AMI can any of you recommend which fulfills my requirements:

  • hvm virtualization
  • part of the official upgrade path
  • supporting t2.small, t2.medium, t2.large.

TIA!



This thread was automatically locked due to age.
Parents
  • 0
    Hi,

    thanks for your input. The choice of instance type obviously depends on your use case. In may of our use cases small machines are plenty. What is more, we draw from a pool of reserved instances and are not free to choose any instance type.
    The thing is, Sophos officially offers HVM images on AWS. However, the guy who created these AMIs used a strange version of UTM9: 9.316000. This version does not exist in the official update path and therefore up2date refuses to perform any updates. It appears to me to be a very small fix...
  • 0 in reply to BenLiesfeld
    Hi, Ben, and welcome to the UTM Community!

    It looks like there's an Up2Date from 9.316-4: ftp.astaro.com/.../u2d-sys-9.316004-317005.tgz.gpg

    Cheers - Bob
  • 0 in reply to BAlfson
    Hi Bob,

    thanks for your comment. It appears, however, that the version of UTM in that AWS appliance is exactly 9.316000. It does not appear in the regular update path and does not accept any updates. I tried it manually, also with support from Sophos.
    However, the Sophos team for the regular hardware appliances and the team responsible for AWS appliances seem to be two very different things. Not sure if there is any communication.

    I opened an official request through my Sophos partner, but have not heard back since early January. I assume AWS is not a priority for Sophos. Which makes me turn to other products (although I started liking UTM9 a lot).

    Regards,
    Ben
  • 0 in reply to BenLiesfeld

    Not a problem.  Still, I would try version at the command line to see if the documentation isn't just incorrect.  If, indeed, the system says it's not on 9.316-4, start with the version change trick and then get the 315-to-316 Up2Date and install it:

    First, check the Up2Date interval:

    cc get up2date system_download_interval

    (Returns: 7 = Manual, 0 = Every 15 mins, etc.; Note this!)

    Next, set the interval to "Manual:"

    cc set up2date system_download_interval 7

    Now, check that there's nothing else queued up ready to install:

    cd /var/up2date/sys
    ls

    The directory should be empty, so delete (rm) anything in /var/up2date/sys and then proceed with the following block of commands:

    echo ' 9.315002'>/etc/version
    wget href=http://ftp.astaro.com/UTM/v9/up2date/u2d-sys-9.315002-316004.tgz.gpg
    /sbin/auisys.plx --showdesc

    Then install the UP2Date to 9.316-4 in WebAdmin.  After the UP2Dates are completed, change 'Firmware download interval' back on the 'Configuration' tab.  Any luck with that?

    Cheers - Bob

Reply
  • 0 in reply to BenLiesfeld

    Not a problem.  Still, I would try version at the command line to see if the documentation isn't just incorrect.  If, indeed, the system says it's not on 9.316-4, start with the version change trick and then get the 315-to-316 Up2Date and install it:

    First, check the Up2Date interval:

    cc get up2date system_download_interval

    (Returns: 7 = Manual, 0 = Every 15 mins, etc.; Note this!)

    Next, set the interval to "Manual:"

    cc set up2date system_download_interval 7

    Now, check that there's nothing else queued up ready to install:

    cd /var/up2date/sys
    ls

    The directory should be empty, so delete (rm) anything in /var/up2date/sys and then proceed with the following block of commands:

    echo ' 9.315002'>/etc/version
    wget href=http://ftp.astaro.com/UTM/v9/up2date/u2d-sys-9.315002-316004.tgz.gpg
    /sbin/auisys.plx --showdesc

    Then install the UP2Date to 9.316-4 in WebAdmin.  After the UP2Dates are completed, change 'Firmware download interval' back on the 'Configuration' tab.  Any luck with that?

    Cheers - Bob

Children
No Data