As you know, in the Amazon cloud, virtual instances are launched based on images (the so-called ). Amazon provides a large number of them, you can also use public images prepared by third parties, for which the cloud provider, of course, does not bear any responsibility. But sometimes you need an image of a clean system with the right parameters, which is not in the list of images. Then the only way out is to make your own AMI.
The official documentation describes creating an "instance store-backed AMI". The disadvantage of this approach is that the finished image will also need to be converted into an βEBS-backed AMIβ
How to create your own EBS-backed AMI in the Amazon cloud without intermediate steps will be discussed in this article.
Action plan:
- Prepare environment
- Install a clean system, make the necessary settings
- Take a snapshot of the disk
- Register AMI
Preparing the Environment
For our purposes, any instance of any shape is suitable, even t1.micro. You can start it via CLI:
aws ec2 run-instances --image-id ami-1624987f --max-count 1 --min-count 1 --key-name mel --instance-type t1.micro
Let's create ebs-volume, where we will install our system later:
aws ec2 create-volume --availability-zone us-east-1a --size 10
This command will make a 10 Gb disk for us. Important: the disk must be in the same zone as the instance (us-east-1a in our case).
Next, the disk needs to be attached to the instance:
aws ec2 attach-volume --instance-id i-2bc0925b --volume-id vol-08ab3079 --device /dev/xvdf
Now log in to the instance via ssh, format the disk and mount it to the directory:
mkfs.ext3 /dev/xvdf
mkdir /mnt/centos-image
mount /dev/xvdf /mnt/centos-image
cd !$
Installing clean Centos 5.9
Before installing the system, you need to create a directory tree, mount proc and sysfs, create a minimum set of devices:
mkdir centos-image/{boot,tmp,dev,sys,proc,etc,var}
mount -t proc none /mnt/centos-image/proc/
mount -t sysfs none /mnt/centos-image/sys/
for i in console null zero ; do /sbin/MAKEDEV -d /mnt/centos-image/dev -x $i ; done
We will install the system using yum and the following configuration file:
yum-centos.conf
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
exclude=*-debuginfo
gpgcheck=0
obsoletes=1
reposdir=/dev/null
[base]
name=CentOS-5.9 - Base
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=os
#baseurl=http://mirror.centos.org/centos/5.9/os/x86_64/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
[updates]
name=CentOS-5.9 - Updates
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=updates
#baseurl=http://mirror.centos.org/centos/5.9/updates/x86_64/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
[extras]
name=CentOS-5.9 - Extras
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=extras
#baseurl=http://mirror.centos.org/centos/5.9/extras/x86_64/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-5
[centosplus]
name=CentOS-5.9 - Plus
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=centosplus
#baseurl=http://mirror.centos.org/centos/5.9/centosplus/x86_64/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-5
[contrib]
name=CentOS-5.9 - Contrib
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=contrib
#baseurl=http://mirror.centos.org/centos/5.9/contrib/x86_64/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-5
yum -c ~/yum-centos.conf --installroot=/mnt/centos-image/ -y groupinstall Base
Once the installation process is complete, you can install any required packages in the same way:
yum -c ~/yum-centos.conf --installroot=/mnt/centos-image/ install $packet_name
Let's edit fstab:
vi /mnt/centos-image
/dev/xvda1 / ext3 defaults 0 0
none /dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
On CentOS 5.9, you still need to install a xen-enabled kernel:
yum -c ~/yum-centos.conf --installroot=/mnt/centos-image/ -y install kernel-xen
Install Grub:
chroot /mnt/centos-image/ grub-install /dev/xvdf
and generate a new initrd:
chroot /mnt/centos-image/
cd boot/
mkinitrd --omit-scsi-modules --with=xennet --with=xenblk --fstab=/etc/fstab --preload=xenblk initrd-2.6.18-348.1.1.el5xen.img 2.6.18-348.1.1.el5xen
It is very important to specify all these parameters and a new fstab, otherwise the system will not boot.
Next, you need to create a menu.lst file for grub:
default=0
timeout=5
hiddenmenu
title CentOS_5.9_(x86_64)
root (hd0)
kernel /boot/vmlinuz-2.6.18-348.1.1.el5xen ro root=/dev/xvda1
initrd /boot/initrd-2.6.18-348.1.1.el5xen.img
Set up network and sshd:
vi etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=yes
DEVICE=eth0
BOOTPROTO=dhcp
TYPE=Ethernet
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
vi etc/sysconfig/network
NETWORKING=yes
chroot /mnt/centos5img/ chkconfig --level 2345 network on
vi /mnt/centos5img/etc/ssh/sshd_config
...
UseDNS no
PermitRootLogin without-password
Thus, we will get a working network and the ability to log in to the instance using keys. But, the key itself needs to be somehow thrown onto the instance. This can be done using a script that will take the key and save it on the instance:
vi /mnt/centos5img/etc/init.d/ec2-get-ssh
ec2-get-ssh#! / Bin / bash
# chkconfig: 2345 95 20
# processname: ec2-get-ssh
# description: Capture AWS public key credentials for EC2 user
#Source function library
./etc/rc.d/init.d/functions
# Source network configuration
[ -r /etc/sysconfig/network ] &&. /etc/sysconfig/network
# Replace the following environment variables for your system
export PATH=:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin
# Check that networking is configured
if [ "${NETWORKING}" = "no" ]; then
echo "Networking is not configured."
exit 1
fi
start () {
if[! -d /root/.ssh ]; then
mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi
# Retrieve public key from metadata server using HTTP
curl -f > /tmp/my-public-key
if[$? -eq 0 ]; then
echo "EC2: Retrieve public key from metadata server using HTTP."
cat /tmp/my-public-key >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
rm /tmp/my-public-key
fi
}
stop() {
echo "Nothing to do here"
}
restart() {
stop
start
}
# See how we were called.
case "$ 1" in
start)
start
;;
Stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
exit$?
Let's make it executable and add it to autoload:
chmod +x /mnt/centos-image/etc/init.d/ec2-get-ssh
/usr/sbin/chroot /mnt/centos-image/ /sbin/chkconfig --level 34 ec2-get-ssh on
It is also desirable to disable Selinux, or configure it correctly. Otherwise, for example, the key may not be saved on the instance.
At this point, you can stop setting up the system. We already have pure CentOS ready to run in the cloud. It remains only to unmount the ebs-disk with our system and register ami.
umount /mnt/centos-image/proc/
umount /mnt/centos-image/sys/
umount /mnt/centos-image/
AMI Registration
To get ami from an ebs disk, you must first take a snapshot of the disk:
aws ec2 create-snapshot --volume-id vol-0b4bd07a --description centos-snap
And the easiest way to register ami is through the AWS Management Console. To do this, you just need to go to the βSnapshotsβ section in the EC2 service, select the one you need (in our case, it is centos-snap), right-click on it and select βCreate Image from Snapshotβ
Then, in the window that opens, you need to select approximately the following options:
Which Kernel ID to choose, you can find out like this:
aws ec2 describe-images --owner amazon --region us-east-1 --output text | grep "/pv-grub-hd0.*-x86_64" | awk '{print $7}' | grep aki
aki-88aa75e1
aki-b4aa75dd
That's all. Now you can launch instances.
In this way, you can make an image, most likely with any Linux distribution. At least definitely Debian- (using debootstrap to install a clean system) and Rhel-family.
Source: habr.com