| 14 Sep 2024 |
 Arian | Bottlerocket actually uses EBS direct API which I experimented adding too | 08:31:10 |
 commiterate | they've also decided against dogfooding certain public services and start prioritizing internal ones again because some internal requirements aren't externalizable | 08:31:12 |
| Arian | But turns out to be slower because GitHub actions heavily throttles it for some reason | 08:31:28 |
| commiterate | that shift started happening I think 1.5-2 years ago | 08:31:33 |
| Arian | Like. Uploads taking 2 days... | 08:32:01 |
| Arian | Instead of 1 minute | 08:32:05 |
| Arian | Still haven't figured out what is happening there | 08:32:19 |
| Arian | But I expect some whitelist at GitHub side that only allows high bandwidth traffic to S3 and EC2 | 08:32:45 |
| Arian | Worked fine on self-hosted EC2 runners | 08:32:58 |
| 16 Sep 2024 |
|  silentlurker joined the room. | 19:57:05 |
| 19 Sep 2024 |
| commiterate | Image Builder PM said distribution-only pipelines are possible today. You just abuse image workflows which can be empty and avoid EC2 instance launch unlike image recipes (the pipeline requires either a workflow or recipe).
They aren't currently considering VM import from S3 or EBS via CloudFormation and need more customer requests to consider it. Trying to see if I can change that stance.
| 18:18:39 |
| 20 Sep 2024 |
| commiterate | * Image Builder PM said distribution-only pipelines are possible today. You just abuse image workflows which can be empty and avoid EC2 instance launch unlike image recipes (the pipeline requires either a workflow or recipe). Also seems to only use SSM Agent and no AWSTOE if you do need to run build or test commands.
They aren't currently considering VM import from S3 or EBS via CloudFormation and need more customer requests to consider it. Trying to see if I can change that stance.
| 04:56:27 |
| Arian | Interesting. I tried to wiggle myself through the docs and couldn't figure out how last time | 08:04:11 |
| Arian | Would that mean id have to create a workflow for each image that I upload? | 08:05:04 |
| Arian | Ugh AWS docs are so terribly inscrutable sometimes | 08:08:36 |
| Arian | The problem is. I'd be importing an image with https://docs.aws.amazon.com/imagebuilder/latest/userguide/vm-import-export.html
Then when you create a pipeline you must select a base image
| 08:24:59 |
| Arian | Given the base image changes every week. Does that mean I need to create a pipeline every week? | 08:25:15 |
| Arian | Oh no wait the import image thing seems to do what we want? Only problem is it insists on an VmImportTaskId which we don't have.
We have a SnapshotTaskId as were using ImportSnapshot and not ImportImage
| 08:38:49 |
| Arian | ImportImage not working was for some obscure reason of AWS assuming a certain file structure and else bailing out. | 08:39:14 |
| Arian | And NixOS obviously doesn't adhere to it.. | 08:39:28 |
| Arian | Like they just need to make a very small change to the API. No need for cloudformation. Why are they making things so complicated | 08:40:25 |
| Arian | They either need to have ImportImage not bail out on NixOS images. Or support ImportSnapshot | 08:40:46 |
| Arian | Oh I have another hack:
Pass an AMI to update-image-recipe (and change the version) then throw away the original AMi
| 08:51:26 |
| Arian | Then the image builder pipeline can do all the Lifecycle stuff | 08:51:36 |
| Arian | Hmm | 08:51:51 |
| Arian | Nah still kind of hacky | 08:52:22 |
| Arian | If ImportImage would work then we'd only need to import images and set up a Lifecycle policy and nothing else | 08:54:20 |
| Arian | It'd be ideal | 08:54:23 |
| Arian | Redacted or Malformed Event | 09:44:03 |
| Arian | So maybe this is something we can ask? "Hey why is ImportImage failing on NixOS images and can you fix it?". Then I think everything slots nicely into AWS Image Builder | 09:45:04 |
