EC2 AMI Creation Tips
While we were still working on Buildix 2, people started asking about an AMI for Buildix on Amazons EC2. This didn’t seem to be such a big ask, but now that I’ve finally gotten around to working on this I’ve found it can be a bit fiddly! While there is a lot of good documentation in the various sections of the EC2 site, I still had a quite a few head scratching moments trying to create my own Ubuntu 7.04 Server image to load Buildix into.
The Buildix image is now available for public use as ami-e4ca2f8d.
Here’s a couple of tips to keep in mind when rolling your own:
Remeber it’s Xen
I had problems getting my first batch of uploads working on the network. They would boot without a problem, but the networking would not initialize (as I could see from the console output). Things got a lot easier when I started manipulating the image locally using my own Xen installation. By booting it up on my local Xen server I could see where the problems were and fix them with a lot less pain and suffering.
The other benefit you get from testing your image in Xen is that you can bundle the image directly (ec2-bundle-image) instead of having to scrape a running machine (ec2-bundle-vol).
There can’t be only one
As the name implies, EC2 is all about having a big cloud of images. Chances are there will be a lot of instances of each image running out there. This means that the image itself needs to pick up its identity on boot up. Amazon provide a nice RESTful API that can provide each instance with information about itself. The documentation for the meta-data that’s available is available at http://docs.amazonwebservices.com/AWSEC2/2007-08-29/DeveloperGuide/AESDG-chapter-instancedata.html. The stuff I needed the most was the public SSH key to allow to log in as root, and the hostname of the machine. Here’s what I added to /etc/rc.local to allow me to do this:
if [ ! -d /root/.ssh ] ; then mkdir -p /root/.ssh chmod 700 /root/.ssh fi # Fetch public key using HTTP curl http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/my-key if [ $? -eq 0 ] ; then cat /tmp/my-key >> /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys rm /tmp/my-key fi hostname `curl http://169.254.169.254/latest/meta-data/hostname`