Building AMI for AWS EC2

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Building AMI for AWS EC2

Simon McFarlane-2
Hi all,

Now that the Xen guest stuff is getting some love, I think it would be
fun to toy around with OpenBSD on EC2 (particularly because of EBS --
other VPS providers like the old standby ARP Networks don't allow you to
attach copious amounts of storage to a low-spec system).

There are a couple public AMIs available, but I'm curious as to how they
are built. It'd be pretty cool to be able to build a given snapshot into
an AMI, rather than be dependent on whomever is creating the public ones.

If the builder of the public AMIs is reading this, I'd love to hear what
your process is.

Thanks,
Simon

Reply | Threaded
Open this post in threaded view
|

Re: Building AMI for AWS EC2

Jonathon Sisson
On Wed, Jan 20, 2016 at 02:51:21PM -0800, Simon McFarlane wrote:

> Hi all,
>
> Now that the Xen guest stuff is getting some love, I think it would be fun
> to toy around with OpenBSD on EC2 (particularly because of EBS -- other VPS
> providers like the old standby ARP Networks don't allow you to attach
> copious amounts of storage to a low-spec system).
>
> There are a couple public AMIs available, but I'm curious as to how they are
> built. It'd be pretty cool to be able to build a given snapshot into an AMI,
> rather than be dependent on whomever is creating the public ones.
>
> If the builder of the public AMIs is reading this, I'd love to hear what
> your process is.
>
> Thanks,
> Simon
>
I have a relatively simple process involving the use of vmimport.

Basically, build out the VM how you want (I used VirtualBox, but YMMV),
then ran something like ec2-import-volume to bring the VHD into AWS.
Once that was complete, I booted up an Amazon Linux instance, stopped it,
detached the root volume, attached the OpenBSD volume as /dev/xvda, then
booted up into OpenBSD.  Afterwards, create an AMI of your work.

Also note that OpenBSD won't recognize EBS volumes attached as anything
other than xvd*.  I haven't bothered looking into why.

-Jonathon

Reply | Threaded
Open this post in threaded view
|

Re: Building AMI for AWS EC2

Antoine Jacoutot-7
In reply to this post by Simon McFarlane-2
> There are a couple public AMIs available, but I'm curious as to how they are
> built. It'd be pretty cool to be able to build a given snapshot into an AMI,
> rather than be dependent on whomever is creating the public ones.
>
> If the builder of the public AMIs is reading this, I'd love to hear what
> your process is.

You can play with this if you're brave:
https://github.com/ajacoutot/aws-openbsd

It's kind of ugly but should do the job. Once vmm is in GENERIC, I'll script something around it instead.

--
Antoine

Reply | Threaded
Open this post in threaded view
|

Re: Building AMI for AWS EC2

Reyk Floeter-2
On Thu, Jan 21, 2016 at 07:36:01AM +0100, Antoine Jacoutot wrote:
> > There are a couple public AMIs available, but I'm curious as to how they are
> > built. It'd be pretty cool to be able to build a given snapshot into an AMI,
> > rather than be dependent on whomever is creating the public ones.
> >
> > If the builder of the public AMIs is reading this, I'd love to hear what
> > your process is.
>

I started putting out some experimental AMIs on EC2, I usually copy
them to the following zones: eu-central-1, eu-west-1, us-west-2 and
ap-northeast-1.  So the public images are probably from me - they
aren't official and I didn't publish the ami IDs, so there is no way
to verify it yet.

These images are not meant to replace your own images - but they can
help to test, play and to get started.

> You can play with this if you're brave:
> https://github.com/ajacoutot/aws-openbsd
>
> It's kind of ugly but should do the job. Once vmm is in GENERIC, I'll script something around it instead.
>

I'm using Antoine's aws-openbsd/create-ami.sh script to upload my
images with -i.  But I manually create them in vmm because I prefer
images that have been created with the standard installer (see below).

That's my process of creating the images:

- I boot bsd.rd with install59.fs in vmm and install the latest
OpenBSD/amd64 snapshot in a 1G disk image.

- For the images, I use all the default installer options, auto-layout
etc.  These images are for experimenting with OpenBSD on EC2, so there
is no need for any manual "cloud tweaks" (and, after all, I wouldn't
expect custom changes in an image that calls itself openbsd).

- I install a custom -current kernel that has xen/xnf enabled and
sometimes extra things that helps mikeb@'s development (debug
messages, upcoming fixes etc.).  Now that it is enabled by default, I
could just switch to snapshot kernel as well, but we're still trying
to figure out why it doesn't work on the biggest machines (such as
m4.10xlarge with 40CPU and 160GB RAM - xnf cannot transmit there).

- I mount the image, add ec2-init.sh and configure /etc/hostname.xnf0.

- I upload the new image with create-ami.sh -i openbsd-amd64-YYYYmmDDHHMM

- I mark it as public and copy it to a few regions (with aws ec2 copy-image).

Amazon gave me a generous amount of EC2 credits for development and/or
evaluation (thanks!) and I hope that they will last a while as
constantly uploading new images already exceeded my free tier limits.
But my company is also willing to support this and to continue
providing irregular snapshot images.

Reyk

Reply | Threaded
Open this post in threaded view
|

Re: Building AMI for AWS EC2

Reyk Floeter-2
In reply to this post by Jonathon Sisson
On Wed, Jan 20, 2016 at 08:56:25PM -0800, Jonathon Sisson wrote:

> On Wed, Jan 20, 2016 at 02:51:21PM -0800, Simon McFarlane wrote:
> > Hi all,
> >
> > Now that the Xen guest stuff is getting some love, I think it would be fun
> > to toy around with OpenBSD on EC2 (particularly because of EBS -- other VPS
> > providers like the old standby ARP Networks don't allow you to attach
> > copious amounts of storage to a low-spec system).
> >
> > There are a couple public AMIs available, but I'm curious as to how they are
> > built. It'd be pretty cool to be able to build a given snapshot into an AMI,
> > rather than be dependent on whomever is creating the public ones.
> >
> > If the builder of the public AMIs is reading this, I'd love to hear what
> > your process is.
> >
> > Thanks,
> > Simon
> >
> I have a relatively simple process involving the use of vmimport.
>
> Basically, build out the VM how you want (I used VirtualBox, but YMMV),
> then ran something like ec2-import-volume to bring the VHD into AWS.
> Once that was complete, I booted up an Amazon Linux instance, stopped it,
> detached the root volume, attached the OpenBSD volume as /dev/xvda, then
> booted up into OpenBSD.  Afterwards, create an AMI of your work.
>
> Also note that OpenBSD won't recognize EBS volumes attached as anything
> other than xvd*.  I haven't bothered looking into why.
>

We don't have a Xen driver for the blkfront disks yet, and we only
support the emulated IDE controller.  Nobody has started working on it
yet.  The Xen HVPVM layer and the netfront (xnf) driver were necessary
to bootstrap OpenBSD in EC2, the blkfront driver is optional but
needed to mount additional volumes.

Reyk

Reply | Threaded
Open this post in threaded view
|

Re: Building AMI for AWS EC2

Jonathon Sisson
On Thu, Jan 21, 2016 at 09:30:57AM +0100, Reyk Floeter wrote:

> On Wed, Jan 20, 2016 at 08:56:25PM -0800, Jonathon Sisson wrote:
> > On Wed, Jan 20, 2016 at 02:51:21PM -0800, Simon McFarlane wrote:
> > > Hi all,
> > >
> > > Now that the Xen guest stuff is getting some love, I think it would be fun
> > > to toy around with OpenBSD on EC2 (particularly because of EBS -- other VPS
> > > providers like the old standby ARP Networks don't allow you to attach
> > > copious amounts of storage to a low-spec system).
> > >
> > > There are a couple public AMIs available, but I'm curious as to how they are
> > > built. It'd be pretty cool to be able to build a given snapshot into an AMI,
> > > rather than be dependent on whomever is creating the public ones.
> > >
> > > If the builder of the public AMIs is reading this, I'd love to hear what
> > > your process is.
> > >
> > > Thanks,
> > > Simon
> > >
> > I have a relatively simple process involving the use of vmimport.
> >
> > Basically, build out the VM how you want (I used VirtualBox, but YMMV),
> > then ran something like ec2-import-volume to bring the VHD into AWS.
> > Once that was complete, I booted up an Amazon Linux instance, stopped it,
> > detached the root volume, attached the OpenBSD volume as /dev/xvda, then
> > booted up into OpenBSD.  Afterwards, create an AMI of your work.
> >
> > Also note that OpenBSD won't recognize EBS volumes attached as anything
> > other than xvd*.  I haven't bothered looking into why.
> >
>
> We don't have a Xen driver for the blkfront disks yet, and we only
> support the emulated IDE controller.  Nobody has started working on it
> yet.  The Xen HVPVM layer and the netfront (xnf) driver were necessary
> to bootstrap OpenBSD in EC2, the blkfront driver is optional but
> needed to mount additional volumes.
>
> Reyk
>
Ahh, understood.  It wasn't necessarily an issue, as I've been able to
mount any EBS volume I want as xvd* devices, so certainly not a concern,
it was just behavior I noticed =)

Thanks for the explanation!