I've been playing around with the EC2 service at Amazon and figured I would document a little about how you create your own FC6 AMI. The Amazon documentation goes over everything you need to know about creating your own FC4 AMI and if you don't want to roll your own you can use one of the public AMIs. Amazon just started letting people publish their own AMIs on their site so you should expect to see more as time goes by.
The first step of course is to have an EC2 enabled account. If you haven't already signed up for one there are more beta openings available (as of 01/10/07) so you may still be able to get one. You will also need to be signed up for S3. Once you do that it is helpful to read the getting started guide and try out a few of the public AMIs. Doing so will get you to get your keys set up for S3, EC2, and SSH. In the following I assume you have read and followed the getting started guide and have set up all the keys you will need for S3, EC2, and SSH.
Creating your FC6 image
Here are the steps you need to create your FC6 image. Two notes before getting started: 1) I am using an FC6 box to run the following commands on so your luck may vary with older system and 2) Some of these can be done as a non-root user but you might as well be root for all of them.
If you are in a hurry you may download all of the following steps in a single script that will generate the custom bootable AMI.
1) Create the image file and initialize the filesystem on it (note that I'm only making giving myself 1G of space for this install, if you think you will need more room you should create a larger file by changing the seek value):
dd if=/dev/zero of=fc6-i386.img bs=1M count=1 seek=1024 /sbin/mke2fs -F -j fc6-i386.img
2) Mount the file with a loopback device:
mount -o loop fc6-i386.img /mnt
3) Create base directories and device files:
mkdir /mnt/dev mkdir /mnt/proc mkdir /mnt/etc for i in console null zero ; do /sbin/MAKEDEV -d /mnt/dev -x $i ; done
4) Create the initial fstab file:
cat <<EOL > /mnt/etc/fstab /dev/sda1 / ext3 defaults 1 1 none /dev/pts devpts gid=5,mode=620 0 0 none /dev/shm tmpfs defaults 0 0 none /proc proc defaults 0 0 none /sys sysfs defaults 0 0 /dev/sda2 /mnt ext3 defaults 1 2 /dev/sda3 swap swap defaults 0 0 EOL
5) Mount the proc under the new root filesystem so yum will work correctly:
mount -t proc none /mnt/proc
6) Create your a yum configuration file:
cat <<EOL > /tmp/yumec2.conf [main] cachedir=/var/cache/yum debuglevel=2 logfile=/var/log/yum.log exclude=*-debuginfo gpgcheck=0 obsoletes=1 reposdir=/dev/null [base] name=Fedora Core 6 - i386 - Base mirrorlist=http://fedora.redhat.com/download/mirrors/fedora-core-6 enabled=1 [updates-released] name=Fedora Core 6 - i386 - Released Updates mirrorlist=http://fedora.redhat.com/download/mirrors/updates-released-fc6 enabled=1 EOL
7) Run yum to install the base group of packages to your root filesystem (this may take some time but you should see it progress, I have had all kinds of trouble with yum in the past so if it hangs you may want to kill it and try again):
yum -c /tmp/yumec2.conf --installroot=/mnt -y groupinstall Base
8) Clean the yum cache:
yum -c /tmp/yumec2.conf --installroot=/mnt -y clean packages
9) Move the TLS directory out of the way:
mv /mnt/lib/tls /mnt/lib/tls-disabled
10) Modify the boot script to download your SSH key and stick it in root's directory:
cat <<EOL >> /mnt/etc/rc.local if [ ! -d /root/.ssh ] ; then mkdir -p /root/.ssh chmod 700 /root/.ssh fi # Fetch public key using HTTP curl http://169.254.169.254/1.0//meta-data/public-keys/0/openssl > /tmp/my-key if [ $? -eq 0 ] ; then cat /tmp/my-key >> /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys rm /tmp/my-key fi # or fetch public key using the file in the ephemeral store: if [ -e /mnt/openssh_id.pub ] ; then cat /mnt/openssh_id.pub >> /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys fi EOL
11) Set sshd to allow remote root connections and now hang on DNS problems:
cat <<EOL >> /mnt/etc/ssh/sshd_config UseDNS no PermitRootLogin without-password EOL
12) Create the networking scripts:
cat <<EOL > /mnt/etc/sysconfig/network NETWORKING=yes HOSTNAME=localhost.localdomain EOL cat <<EOL > /mnt/etc/sysconfig/network-scripts/ifcfg-eth0 ONBOOT=yes DEVICE=eth0 BOOTPROTO=dhcp EOL
13) Sync and umount your root filesystem:
sync umount /mnt/proc umount /mnt
You have now created your very own bootable AMI. If you want to fiddle with it from this point you may continue to use the yum command as in the above examples or you can also remount the filesystem and chroot to it using a command like this:
chroot /mnt /bin/sh
One thing to remember if you use chroot like this is that everything is local now. You will want to mount the proc filesystem and probably add entries to /etc/resolve.conf so any hostnames you try to resolve will work.
The next step is to get the AMI to S3 so that it can be booted.
Bundling and Uploading your AMI
Everything you need to know about bundling and uploading your custom AMI is in the developer documentation under "Working With AMIs" then "Bundling an AMI".
One key to remember here is that you need to start your instance with the -k option to allow the key to be copied into place. If you don't do that or specify the incorrect key name you will end up with an instance you can't log into.