Last active
June 29, 2019 00:38
-
-
Save lantrix/aed1cea61a96182b6ee9823ed1936a60 to your computer and use it in GitHub Desktop.
EC2 Ubuntu 18.04 LTS Ephemeral disk format and swapfile
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=Ephemeral disk and swap setup script | |
| [Service] | |
| ExecStart=/usr/local/sbin/mount-instance-store.sh | |
| [Install] | |
| WantedBy=multi-user.target |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # /dev/nvme1n1 is ephemeral SSD | |
| yes | mkfs.ext4 -E nodiscard -m0 /dev/nvme1n1 | |
| [ -d /ssd ] && echo "/ssd mount point exists" || mkdir /ssd | |
| mount -o discard /dev/nvme1n1 /ssd | |
| chown ubuntu:ubuntu /ssd | |
| [ -f /swapfile ] && swapoff /swapfile && rm /swapfile || echo "/swapfile not found - skipping removal" | |
| # Create a new swap file of the desired size. | |
| dd if=/dev/zero of=/ssd/swapfile bs=1M count=8192 | |
| # Assign it read/write permissions for root only (not strictly needed, but it tightens security) | |
| chmod 600 /ssd/swapfile | |
| # Format the file as swap: | |
| mkswap /ssd/swapfile | |
| # Want to activate swap for the current session: | |
| swapon /ssd/swapfile |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo apt-get update | |
| sudo apt-get upgrade | |
| sudo apt-get install -y fail2ban | |
| sudo systemctl enable fail2ban | |
| sudo systemctl start fail2ban | |
| sudo cp mount-instance-store.sh /usr/local/sbin/mount-instance-store.sh | |
| sudo chmod +x /usr/local/sbin/mount-instance-store.sh | |
| sudo cp ephemeraldisk.service /etc/systemd/system/ephemeraldisk.service | |
| sudo systemctl enable ephemeraldisk |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment