#1613 Deletion of EOL AMIs
Closed: Fixed 2 years ago Opened 2 years ago by sayanchowdhury.

= phenomenon =
During the release of F24, it came to notice that there is no deletion policy for the released AMIs. The Cloud WG did decide on a policy for the pre-released and the nightly AMIs [https://fedorahosted.org/cloud/ticket/99]. But, we need to decide on what happens to the released AMIs after the release goes EOL.

= background analysis =
Keeping the AMIs costs a huge amount of money. But looking from user perspective it's possible that the people build their system on top of a particular AMIs. So deleting would cause problem for them.

= implementation recommendation =
Keeping the released AMIs is optimal but after a period of time keeping those AMIs will cost us a lot.

Final releases' initial images do not cost nearly as much as this ticket's summary suggests. What will make costs balloon are images with updates, such as two-week Atomic composes. Since we haven't shipped those regularly before this will have a non-trivial impact similar to those of pre-releases, but this time for stable versions of Fedora.

Removing an entire OS release from AWS is quite uncommon, so here is a straw man proposal: rotate updated images out after they are older than three months, and continue doing so after a release goes EOL until all that remain are its initial image and the last image with updates, which will remain indefinitely. That would control costs by keeping the number of images in play at once relatively fixed no matter where we are in the release cycle. It would also dovetail nicely with automatic removal of pre-release images.

What would be the purpose of keeping the initial image in AWS? It's going to be old, unsupported, and possibly full of security holes.

The initial image is a known quantity that is usable for the entire lifetime of the release like it is for every other edition. Images with updates pre-installed, while convenient, are a moving target for which EC2 does not provide a means of referring to the "latest" version. Updates must be applied at boot time regardless, but in the latter case one must additionally update templates periodically just to keep one's applications working.

It is all in how AMIs are used, I would say there is more benefit to having the original image than constantly updated images, though both would not be a problem if we had some way to limit the number of images we generate.
As for the storage costs, S3 storage was supposed to be free for official Fedora images, it is the entire reason that this account was created. I can probably dig up the original emails with Amazon on this if they are needed. I don't recall seeing a change in those terms sent to us.
Constant churn, and deleting old images will simply make things harder for users, and possibly steer them away from basing on Fedora. I would rather keep them around if we can, but I understand the balance of cost. If we can keep the original agreement so that storage cost is not an issue, the cost of keeping the old images is free.

lets bring this back when account issues are sorted

Are the account issues sorted out now?

Can we get an update on this, please?

I believe the account issues are all sorted now

@sgallagh changed the status to Closed

2 years ago

Login to comment on this ticket.