Skip to content

Latest commit

 

History

History
46 lines (29 loc) · 2.63 KB

README_CustomPartitioning.md

File metadata and controls

46 lines (29 loc) · 2.63 KB
Raw

Disk Customization

As of this document's author-date (2020-01-29), the AMIgen7 scripts now support the optional creation of AMIs with customized storage-layouts and filesystem sizes.

Usage

The default behavior for AMIgen7 remains creating AMIs with the following storage-layout:

Root EBS of 20GiB size partitioned as:

  • 1st partition: 512MiB primary partition mounted at /boot
  • 2nd partition: 19.5GiB primary partition placed under the control of LVM2:
    • 4GiB filesystem on rootVol LVM volume mounted at /
    • 2GiB filesystem on swapVol LVM volume mounted as swap
    • 1GiB filesystem on homeVol LVM volume mounted at /home
    • 2GiB filesystem on varVol LVM volume mounted at /var
    • 2GiB filesystem on logVol LVM volume mounted at /var/log
    • ≅8.5GiB filesystem on auditVol LVM volume mounted at /var/log/audit

This ensures that any downstream projects that rely on – or even merely "expect" – the prior layout will continue to function without modification

To change the storage layout1, it will be necessary to:

  1. Select an appropriately-sized EBS volume to build onto

  2. Invoke the DiskSetup.sh utility with the -p flag with an argument-string that looks similar to:

    /:rootVol:8,swap:swapVol:4,/opt:optVol:20,/var:varVol:8,/var/log/audit:auditVol:100%FREE

    The string is a comma-delimited list of colon-delimited tuples where:

    • First Value: path to mount the filesystem to
    • Second Value: name to assign to the LVM2 volume hosting the filesystem
    • Third Value: size (in GiB) of the LVM2 volume and associated filesystem to create

    Any valid group of tuples that fit within the size of the EBS selected in the firt step should work. To avoid wasting disk space, it is recommended that one tuple substitutes the value FREE or 100%FREE for the numerical value2,3.

  3. Invoke the MkChrootTree.sh utility with third argument-string identical to the one passed to the DiskSetup.sh utility

  4. Invoke the remaining utilities as normal for the relevant deployment-context

Notes:

1: If one wishes to main compliant with the STIGs' partitioning-specitication, it will be necessary to ensure that the customized-layout also includes all the filesystems enumerated in the default behavior section.

3: If specifying a partition/volume-size using the FREE or 100%FREE method, doing so must be done in the final tuple of the partition-string.

3: To date, this has only been tested with the /var/log/audit/auditVol filesystem/volume