How to create a custom EC2 image (AMI) using AWS EC2 Image Builder?

How to create a custom EC2 image (AMI) using AWS EC2 Image Builder?

How to create a custom EC2 image (AMI) using AWS EC2 Image Builder?

Hello Everyone

Welcome to CloudAffaire and this is Debjeet.

Today we will discuss how to create a custom EC2 image using AWS EC2 Image Builder with example.

What is AWS EC2 image builder?

EC2 Image Builder is a fully managed AWS service that makes it easier to automate the creation, management, and deployment of customized, secure, and up-to-date server images that are pre-installed and pre-configured with software and settings to meet specific IT standards. The images you build are created in your account and you can configure them for operating system patches on an ongoing basis.

Along with a final image, Image Builder creates an image recipe, which is a combination of the source image and components for building and testing. You can use the image recipe with existing source code version control systems and continuous integration/continuous deployment pipelines for repeatable automation.

What is an image pipeline?

Image Builder image pipelines provide an automation framework for creating and maintaining custom AMIs and container images.

Pipelines deliver the following functionality:

  • Assemble the base image, components for building and testing, infrastructure configuration, and distribution settings.
  • Facilitate scheduling for automated maintenance processes using the Schedule builder in the console wizard, or entering cron expressions for recurring updates to your images.
  • Enable change detection for the base image and components, to automatically skip scheduled builds when there are no changes.
  • Enable rule-based automation through Amazon EventBridge.

What is an image recipe?

An EC2 Image Builder recipe defines the base image to use as your starting point to create a new image, along with the set of components that you add to customize your image and verify that everything is working as expected. Automatic version choices are provided for each component. A maximum of 20 components, which include build and test, can be applied to a recipe.

After you create an image recipe, or a container recipe, you cannot modify or replace the recipe. To update components after a recipe is created, you must create a new recipe or recipe version. You can, however, always apply tags to your recipe.

What is a component?

A component defines the sequence of steps required to either customize an instance prior to image creation (a build component), or to test an instance that was launched from the created image (a test component).

A component is created from a declarative, plain-text YAML or JSON document that describes the runtime configuration for building and validating, or testing an instance that is produced by your pipeline. Components run on the instance using a component management application. The component management application parses the documents and runs the desired steps.

After they are created, one or more components are grouped together using an image recipe or container recipe to define the plan for building and testing a virtual machine or container image. You can use public components that are owned and managed by AWS, or you can create your own.

You define the component in an YAML or JSON file called component document that describes configuration for a customization you can apply to your image. The document is used to create a build or test component.

What is a distribution setting?

Once you build, validate and test an image using AWS Image builder pipeline, you need to tell AWS where to store the image using a distribution setting. You can share the final image to a different region within the same AWS account or to another AWS account.

What is infrastructure configuration?

Infrastructure configurations allow you to specify the infrastructure within which to build and test your EC2 Image Builder image.

Infrastructure settings include:

  • Instance types for your build and test infrastructure. We recommend specifying more than one instance type because this allows Image Builder to launch an instance from a pool with sufficient capacity. This can reduce your transient build failures.
  • An instance profile that provides your build and test instances with the permissions that are required to perform customization activities. For example, if you have a component that retrieves resources from Amazon S3, the instance profile requires permissions to access those files. The instance profile also requires a minimal set of permissions for EC2 Image Builder to successfully communicate with the instance. For more information, see Prerequisites.
  • The VPC, subnet, and security groups for your pipeline’s build and test instances.
  • The Amazon S3 location where Image Builder stores application logs from your build and testing. If you configure logging, the instance profile specified in your infrastructure configuration must have s3:PutObject permissions for the target bucket (arn:aws:s3:::BucketName/*).
  • An Amazon EC2 key pair that allows you to log on to your instance to troubleshoot if your build fails and you set terminateInstanceOnFailure to false.
  • An SNS topic to which Image Builder sends event notifications.

How to create a custom EC2 image (AMI) using AWS EC2 Image Builder

Prerequisites:

AWS CLI installed and configured.

Step 1: Create a new directory for this demo.

Step 2: Create a component configuration file.

Step 3: Create a new IAM instance profile.

Step 4: Create an S3 bucket with a proper bucket policy.

Step 5: Create a new custom component.

AWS Image Builder

Step 6: Create a new Image recipe.

AWS Image Builder

Step 7: Create a new infrastructure configuration.

AWS Image Builder

Step 8: Create a new distribution configuration.

AWS Image Builder

Step 9: Create a new image pipeline.

AWS Image Builder

Step 10: Start the image pipeline manually to build, validate and test your custom EC2 image (AMI).

We have successfully created a custom image (AMI) using the AWS Image builder service.

AWS Image Builder

AWS Image Builder

If you are getting any errors during the image build or test phase, you can check the CloudWatch logs or S3 bucket logs to troubleshoot the issue with the AWS Image builder.

CloudWatch Logs:

AWS Image Builder

S3 Logs:

AWS Image Builder

Step 11: Clean up.

Hope you have enjoyed this article. To get more details in AWS Image Builder, please refer the below documentation.

https://docs.aws.amazon.com/imagebuilder/index.html

Leave a Reply

Close Menu