Building an AMI (Amazon Machine Image) from scratch can be a pretty challenging task, especially when you don’t have a base AMI to work from. We’ve been testing CentOS 7 on VirtualBox, Rackspace, and on physical machines, but realized that Amazon does not have published CentOS 7 AMIs yet. So we proceeded to build our own AMIs from scratch. It has taken many weeks of trial and error, diving into the Linux boot process, digging through documentation, fixing bugs in tools, porting over legacy grub. We’ve documented all of the steps below - hopefully you will find it helpful in creating your own AMIs.

Okay, let's do this thing!

Okay, let’s do this thing!

There are 4 different AMI types that we needed to build:

  • Paravirtual (PV) instance store
  • Paravirtual (PV) EBS-backed
  • HVM instance store
  • HVM EBS-backed

They must be built in a specific order:

  1. Paravirtual (PV) instance store
  2. or 3. HVM EBS-backed, Paravirtual (PV) EBS-backed
  3. HVM instance store (HVM EBS-backed required)

We will start with the Paravirtual instance store AMI, which is a prerequisite for all of the other types. We will cover the other 3 types in a future blog post.

1. Install base CentOS 7 (7.0.1406) on a bare metal machine. We will use the default XFS filesystem here to install CentOS 7.

2. Install prerequisite software on the bare metal machine:

1
yum install e2fsprogs xfsprogs ruby unzip wget bzip2 rsync microcode_ctl -y

3. Upgrade the bare metal machine: yum upgrade -y NOTE: Make sure to run the exact same kernel version on the local bare metal machine as the kernel you will be installing on the image file.

4. Run grub2-mkconfig -o /boot/grub2/grub.cfg to update the grub2 running on the bare metal machine.

5. On bare metal machine - remove packages that will interfere with dracut

1
2
yum remove plymouth plymouth-core-libs plymouth-scripts -y
yum remove libiscsi iscsi-initiator-utils-iscsiuio iscsi-initiator-utils -y

6. On bare metal machine - change system to boot from LABEL instead of UUID. This is required for the dracut step further down the list. Reboot the bare metal machine and boot CentOS 7 off of a usb stick in rescue mode or a LiveGnome iso image to label the root XFS partition and change /etc/fstab to use LABEL instead of UUID. Below example assumes /dev/sda3 is your root partition on the bare metal server (verify this with fdisk -l or parted -l once booted off the usb stick. If there is a /boot partition, run xfs_admin on that and change that to a LABEL as well.

1
2
3
4
5
xfs_admin -L "centos7_root" /dev/sda3
mkdir /mnt/a
mount -t xfs /dev/sda3 /mnt/a
vi /mnt/a/etc/fstab
(change UUID= line for / partition to be:  LABEL=centos7_root)

8. Edit the grub2 config manually, since it’s very difficult to remove UUID from the grub.cfg otherwise.

1
vi /mnt/a/boot/grub2/grub.cfg

change –fs-uuid to –label and change the uuid to centos7_root

change root=UUID= to root=LABEL=centos7_root

1
umount /mnt/a

9. Reboot bare metal machine and verify it boots properly.

10. Remove old/original kernel version: yum remove kernel-3.10.0-123.el7.x86_64

11. Generate and download EC2 certificates from your AWS account. Copy it to the bare metal machine, and copy it into /tmp/NOBAKE

1
2
mkdir -p /tmp/NOBAKE
chmod 700 /tmp/NOBAKE

Copy ec2-cert.pem && ec2-pk.pem into /tmp/NOBAKE

12. Install required AWS cli tools.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
mkdir -p /opt/ec2/tools
cd /opt/ec2/tools
wget http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip
wget http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.zip
unzip ec2-ami-tools.zip
unzip ec2-api-tools.zip
mkdir bin etc lib
cd bin
for i in ../ec2-ami-tools-*/bin/*; do ln -s $i; done
for i in ../ec2-api-tools-*/bin/*; do ln -s $i; done
cd ../lib
for i in ../ec2-ami-tools-*/lib/*; do ln -s $i; done
for i in ../ec2-api-tools-*/lib/*; do ln -s $i; done
cd ../etc
for i in ../ec2-ami-tools-*/etc/*; do ln -s $i; done
easy_install pip
pip install boto
pip install awscli

13. Create .bashrc.aws with AWS credentials (NOTE: DO NOT BAKE THIS INTO THE IMAGE!!!) vi /tmp/NOBAKE/.bashrc.aws

1
2
3
4
5
6
7
8
9
10
export JAVA_HOME=/usr
export PATH=$PATH:/opt/ec2/tools/bin
export EC2_HOME=/opt/ec2/tools
export EC2_PRIVATE_KEY_DEPRECATED=/tmp/NOBAKE/ec2-pk.pem
export EC2_CERT_DEPRECATED=/tmp/NOBAKE/ec2-cert.pem
export EC2_URL=https://ec2.amazonaws.com
export AWS_ACCOUNT_NUMBER=111111111111
export AWS_ACCESS_KEY=AAAAAAAAAAAAAAAAAAAA
export AWS_SECRET_KEY=11111111111aaaaaaaaaaaaaaaaaaaaaaaaaaaaa
export AWS_AMI_BUCKET=be-amis/CentOS

14. Create .awsconfig file with AWS credentials (NOTE: DO NOT BAKE THIS INTO THE IMAGE!!!) vi /tmp/NOBAKE/.awsconfig

1
2
3
4
[default]
region = us-east-1
aws_access_key_id = AAAAAAAAAAAAAAAAAAAA
aws_secret_access_key = 11111111111aaaaaaaaaaaaaaaaaaaaaaaaaaaaa
1
2
mkdir /root/.aws
ln -s /tmp/NOBAKE/.awsconfig /root/.aws/config

15. Source in the credentials . /tmp/NOBAKE/.bashrc.aws

16. Create a directory where you will be creating the source images and mounting the destination image. mkdir /opt/ec2/images /mnt/ec2-image

17. Create a blank image file - this will create a 10GB image file (max image size for S3 instance store)

1
dd if=/dev/zero of=/opt/ec2/images/centos-7.0-1406-x86_64-base.img bs=1M count=10240

18. Create a filesystem on this image file (XFS) - note that it is a partitionless image.

1
mkfs.xfs /opt/ec2/images/centos-7.0-1406-x86_64-base.img

19. Label the filesystem on the image file.

1
2
xfs_admin -L "centos7_root" /opt/ec2/images/centos-7.0-1406-x86_64-base.img
xfs_admin -l /opt/ec2/images/centos-7.0-1406-x86_64-base.img

xfs_admin -l should return label = "centos7_root"

20. Mount the image.

1
mount -o loop /opt/ec2/images/centos-7.0-1406-x86_64-base.img /mnt/ec2-image

21. Create required directories on the image.

1
2
mkdir -p /mnt/ec2-image/{dev,etc,proc,run,sys}
mkdir -p /mnt/ec2-image/var/{cache,log,lock,lib/rpm}

22. Look at and note the node numbers on the local baremetal server.

1
ls -la /dev/{console,null,zero,urandom}
1
2
3
4
crw-------. 1 root root 5, 1 Jul 22 15:42 /dev/console
crw-rw-rw-. 1 root root 1, 3 Jul 22 15:42 /dev/null
crw-rw-rw-. 1 root root 1, 9 Jul 22 15:42 /dev/urandom
crw-rw-rw-. 1 root root 1, 5 Jul 22 15:42 /dev/zero

23. Create the device files on the mounted image file.

1
2
3
4
mknod -m 600 /mnt/ec2-image/dev/console c 5 1
mknod -m 666 /mnt/ec2-image/dev/null c 1 3
mknod -m 666 /mnt/ec2-image/dev/urandom c 1 9
mknod -m 666 /mnt/ec2-image/dev/zero c 1 5

24. Verify the device files:

1
ls -la /mnt/ec2-image/dev
1
2
3
4
5
6
7
total 0
drwxr-xr-x. 2 root root   56 Jul 22 16:04 .
drwxr-xr-x. 8 root root   67 Jul 22 15:52 ..
crw-------. 1 root root 5, 1 Jul 22 16:03 console
crw-rw-rw-. 1 root root 1, 3 Jul 22 16:03 null
crw-rw-rw-. 1 root root 1, 9 Jul 22 16:03 urandom
crw-rw-rw-. 1 root root 1, 5 Jul 22 16:04 zero

25. Bind mount device, pts, shm, proc, sys onto the image mount.

1
2
3
4
5
mount -o bind /dev /mnt/ec2-image/dev
mount -o bind /dev/pts /mnt/ec2-image/dev/pts
mount -o bind /dev/shm /mnt/ec2-image/dev/shm
mount -o bind /proc /mnt/ec2-image/proc
mount -o bind /sys /mnt/ec2-image/sys

26. Create a yum config file, required for the next yum install command. Note that some variables in this yum conf file have to be replaced.

1
2
3
4
mkdir /opt/ec2/yum
cat /etc/yum.repos.d/CentOS-* > /opt/ec2/yum/yum-centos7.conf
sed -i 's,$releasever,7,g' /opt/ec2/yum/yum-centos7.conf
sed -i 's,$basearch,x86_64,g' /opt/ec2/yum/yum-centos7.conf

27. Install Base OS onto the image file.

1
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image groupinstall Base -y

28. See if there are any warnings/errors and we will fix them later:

1
2
3
dracut-install: ERROR: installing 'vi'
dracut-install: ERROR: installing '/etc/virc'
/usr/lib/dracut/dracut-install -D /var/tmp/initramfs.iEVf6l -a vi /etc/virc ps grep cat rm

29. Install additional packages and fix broken base packages

1
2
3
4
5
6
7
8
9
10
11
12
13
14
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install openssh openssh-server openssh-clients -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install dhclient -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install freetype gettext gettext-libs os-prober -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install e2fsprogs xfsprogs libss -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install yum-plugin-fastestmirror -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install selinux-policy selinux-policy-targeted -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install vim-minimal -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install bzip2 -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install sudo -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install microcode_ctl -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install tuned python-pyudev -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install ntp -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image remove plymouth plymouth-scripts plymouth-core-libs -y
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image remove avahi avahi-libs avahi-autoipd -y

30. Install cloud-init from the EPEL repo. You may want to customize this further.

1
2
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image install http://dl.fedoraproject.org/pub/epel/beta/7/x86_64/epel-release-7-0.2.noarch.rpm -y
yum -c /opt/ec2/yum/yum-centos7.conf --enablerepo=epel --installroot=/mnt/ec2-image install cloud-init -y

31. Install .bashrc/.bash_profile for root user

1
2
cp -p /root/.bashrc /mnt/ec2-image/root/
cp -p /root/.bash_profile /mnt/ec2-image/root/

32. Setup networking for image and disable selinux. NOTE: we will use the old standard eth0 eth1 kernel naming to make configuring network interfaces easier in a VM environment.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
rm -f /mnt/ec2-image/etc/hostname
echo '# /etc/sysconfig/network' > /mnt/ec2-image/etc/sysconfig/network
ln -s /dev/null /mnt/ec2-image/etc/udev/rules.d/80-net-name-slot.rules
rm -f /mnt/ec2-image/etc/sysconfig/network-scripts/ifcfg-e*
echo 'DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
PEERDNS=yes
IPV6INIT=no
NM_CONTROLLED=no' > /mnt/ec2-image/etc/sysconfig/network-scripts/ifcfg-eth0
/usr/sbin/chroot /mnt/ec2-image /sbin/chkconfig --level 2345 network on
touch /mnt/ec2-image/.autorelabel
sed -i 's,^SELINUX=.*,SELINUX=disabled,' /mnt/ec2-image/etc/selinux/config

Verify that /mnt/ec2-image/etc/sysconfig/selinux is a symlink to ../selinux/config

33. Setup fstab for image. NOTE that we are turning off atime and barrier to improve performance. You may want to leave this in depending on your needs.

1
2
3
4
5
6
7
   echo '#
   # /etc/fstab
   #
   # Accessible filesystems, by reference, are maintained under /dev/disk
   # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
   #
   LABEL=centos7_root /                       xfs     defaults,noatime,nodiratime,nobarrier  1 1' > /mnt/ec2-image/etc/fstab

34. Setup PV-GRUB config file. Verify /mnt/ec2-image/boot/grub directory is there and empty first. Change the kernel and initrd lines to match the installed kernel version on the image. COPY the grub.conf to menu.lst, as a symlink will cause problems later (when creating HVM instance store image w/ ec2-bundle-vol). NOTE that an actual GRUB or GRUB2 installation are NOT needed for PV images, as PV-GRUB replaces the regular grub. However, grub IS required for HVM images. Use (hd0) if it is a partitionless image.

1
2
3
4
5
6
7
8
9
rm -rf /mnt/ec2-image/boot/grub
mkdir /mnt/ec2-image/boot/grub
echo default=0
timeout=1
title CentOS Linux 7
root (hd0)
kernel /boot/vmlinuz-3.10.0-123.6.3.el7.x86_64 ro root=LABEL=centos7_root plymouth.enable=0 console=hvc0 loglvl=all sync_console console_to_ring earlyprintk=xen nomodeset net.ifnames=0 biosdevname=0 LANG=en_US.UTF-8
initrd /boot/initramfs-3.10.0-123.6.3.el7.x86_64.img > /mnt/ec2-image/boot/grub/grub.conf
cp -p /mnt/ec2-image/boot/grub/grub.conf /mnt/ec2-image/boot/grub/menu.lst

35. Configure dracut on the bare metal machine. We MUST add the xen drivers as they are not going to be installed by default. Also, initramfs will not have the proper root= line unless the local system is also using LABEL= to mount the root partition.

1
2
3
4
5
6
echo 'persistent_policy="by-label"
logfile=/var/log/dracut.log
fileloglvl=6
add_drivers+="xen:vbd xen:vif"
hostonly="no"
kernel_cmdline="root=LABEL=centos7_root rootfstype=xfs rootfallback=/dev/sda rootfallback=/dev/xvda rootfallback=/dev/sda1 rootfallback=/dev/xvda1 rootfallback=/dev/sde rootfallback=/dev/xvde rootfallback=/dev/sde1 rootfallback=/dev/xvde1 net.ifnames=0 biosdevname=0"' > /etc/dracut.conf

36. Unmount everything to prepare for reboot:

1
2
3
4
5
6
7
umount /mnt/ec2-image/sys
umount /mnt/ec2-image/proc
umount /mnt/ec2-image/dev/shm
umount /mnt/ec2-image/dev/pts
umount /mnt/ec2-image/dev
umount /mnt/ec2-image
sync;sync;sync;sync;sync

37. Reboot the bare metal machine, and then immediately login and create new initramfs image with proper modules and label.

1
2
3
4
mv /etc/hostname /tmp
dracut --force
dracut --print-cmdline
mv /tmp/hostname /etc

dracut --print-cmdline should output something similar to: root=LABEL=centos7_root rootflags=rw,relatime,seclabel,attr2,inode64,noquota rootfstype=xfs. NOTE: If dracut does NOT generate a root=LABEL= line, unmount everything in /mnt/ec2-image (including bind mounts), reboot the bare metal machine and try to rerun dracut. Dracut does not appear to generate the correct initramfs image unless it is ran immediately after a fresh reboot.

38. Run lsinitrd to verify the contents of the initramfs image. Verify etc/hostname is not baked in. Verify xen modules are there.

39. Mount the image and bind mounts again:

1
2
3
4
5
6
mount -o loop /opt/ec2/images/centos-7.0-1406-x86_64-base.img /mnt/ec2-image
mount -o bind /dev /mnt/ec2-image/dev
mount -o bind /dev/pts /mnt/ec2-image/dev/pts
mount -o bind /dev/shm /mnt/ec2-image/dev/shm
mount -o bind /proc /mnt/ec2-image/proc
mount -o bind /sys /mnt/ec2-image/sys

40. Copy the newly generated initramfs file to the image.

1
\cp -fp /boot/initramfs-3.10.0-123.6.3.el7.x86_64.img /mnt/ec2-image/boot/initramfs-3.10.0-123.6.3.el7.x86_64.img

41. Configure systemd for the image file. You can skip the rc.local portion if you do not need it.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 sed -i 's,.*NAutoVTs=.*,NAutoVTs=0,' /mnt/ec2-image/etc/systemd/logind.conf
 rm -f /mnt/ec2-image/etc/systemd/system/default.target
 ln -s /usr/lib/systemd/system/multi-user.target /mnt/ec2-image/etc/systemd/system/default.target
 ln -s /dev/null /mnt/ec2-image/etc/systemd/system/tmp.mount
 chmod 755 /mnt/ec2-image/etc/rc.d/rc.local
 echo '#  This file is part of systemd.
 #
 #  systemd is free software; you can redistribute it and/or modify it
 #  under the terms of the GNU Lesser General Public License as published by
 #  the Free Software Foundation; either version 2.1 of the License, or
 #  (at your option) any later version.
 # This unit gets pulled automatically into multi-user.target by
 # systemd-rc-local-generator if /etc/rc.d/rc.local is executable.
 [Unit]
 Description=/etc/rc.d/rc.local Compatibility
 ConditionFileIsExecutable=/etc/rc.d/rc.local
 After=syslog.target network.target auditd.service
 # After=syslog.target NetworkManager.service network.target auditd.service
 [Service]
 Type=forking
 ExecStart=/etc/rc.d/rc.local start
 TimeoutSec=0
 StandardOutput=syslog
 RemainAfterExit=yes
 SysVStartPriority=99
 ' > /mnt/ec2-image/etc/systemd/system/rc-local.service
 rm -f /mnt/ec2-image/etc/systemd/system/sysinit.target.wants/dmraid-activation.service
 rm -f /mnt/ec2-image/etc/systemd/system/sysinit.target.wants/lvm2-monitor.service
 rmdir /mnt/ec2-image/etc/systemd/system/sysinit.target.wants
 rm -f /mnt/ec2-image/etc/systemd/system/multi-user.target.wants/libstoragemgmt.service
 rm -f /mnt/ec2-image/etc/systemd/system/multi-user.target.wants/mdmonitor.service
 rm -f /mnt/ec2-image/etc/systemd/system/multi-user.target.wants/smartd.service
 rm -f /mnt/ec2-image/etc/systemd/system/sockets.target.wants/dm-event.socket
 rm -f /mnt/ec2-image/etc/systemd/system/sockets.target.wants/lvm2-lvmetad.socket
 rm -f /mnt/ec2-image/etc/systemd/system/multi-user.target.wants/kdump.service
 sed -i 's,/var,/run,' /etc/rc.d/rc.local

42. Additional config for the image file, modify to fit your needs. We are disabling root ssh login, password authentication, and X11 Forwarding here.

1
2
3
sed -i 's,#PermitRootLogin.*,PermitRootLogin no,' /mnt/ec2-image/etc/ssh/sshd_config
sed -i 's,^PasswordAuthentication.*,PasswordAuthentication no,' /mnt/ec2-image/etc/ssh/sshd_config
sed -i 's,^X11Forwarding.*,X11Forwarding no,' /mnt/ec2-image/etc/ssh/sshd_config

43. Disable or reconfigure firewalld / iptables to suit your needs. For this example, we will disable firewalld and iptables/ip6tables.

1
2
3
rm -f /mnt/ec2-image/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service
rm -f /mnt/ec2-image/etc/systemd/system/basic.target.wants/firewalld.service
if [[ -f /mnt/ec2-image/etc/sysconfig/iptables ]]; then sed -i '/.*REJECT.*/d' /mnt/ec2-image/etc/sysconfig/iptables; fi

44. Clean image to prepare for image bundling:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
yum -c /opt/ec2/yum/yum-centos7.conf --installroot=/mnt/ec2-image clean all
rm -f /mnt/ec2-image/root/.bash_history
rm -rf /mnt/ec2-image/root/.cache
rm -rf /mnt/ec2-image/root/.config
rm -rf /mnt/ec2-image/var/cache/yum
rm -rf /mnt/ec2-image/var/lib/yum
for i in /mnt/ec2-image/var/log/{btmp,lastlog,maillog,messages,secure,spooler,tallylog,wtmp}; do :> $i ; done
rm -f /mnt/ec2-image/var/log/*/*
rm -f /mnt/ec2-image/etc/passwd-
rm -f /mnt/ec2-image/etc/shadow-
rm -f /mnt/ec2-image/etc/group-
rm -f /mnt/ec2-image/etc/gshadow-
if [[ -f /mnt/ec2-image/etc/resolv.conf ]]; then sed -i '/^search/d' /mnt/ec2-image/etc/resolv.conf; fi
if [[ -f /mnt/ec2-image/etc/resolv.conf ]]; then sed -i '/^nameserver/d' /mnt/ec2-image/etc/resolv.conf; fi

45. Verify proper hosts file (required for some IPv4-only applications to function properly):

1
2
echo '127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost6 localhost6.localdomain6' > /mnt/ec2-image/etc/hosts

46. Unmount everything to prepare for image upload:

1
2
3
4
5
6
7
umount /mnt/ec2-image/sys
umount /mnt/ec2-image/proc
umount /mnt/ec2-image/dev/shm
umount /mnt/ec2-image/dev/pts
umount /mnt/ec2-image/dev
umount /mnt/ec2-image
sync;sync;sync;sync;sync

47. Find latest pv-grub AKI (Amazon Kernel Image) from AWS: ec2-describe-images -a -F image-type=kernel -F manifest-location=*pv-grub* | grep x86_64. Note that hd0 will boot from (hd0) and hd00 will boot from hd(0,0) - PV usually uses hd0 and EBS usually hd00 but this may change. We must pick the right AKI depending on the way the image is partitioned.

1
2
IMAGE   aki-499ccb20    amazon/pv-grub-hd00_1.04-x86_64.gz      amazon  available       public          x86_64  kernel                          instance-store  paravirtual     xen
IMAGE   aki-919dcaf8    amazon/pv-grub-hd0_1.04-x86_64.gz       amazon  available       public          x86_64  kernel                          instance-store  paravirtual     xen

48. Make a script to make bundling/uploading the AMI a bit easier: vi /tmp/NOBAKE/ec2_pv_s3.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
 #!/bin/bash
 if [[ "$1" = "" ]]
 then
   echo "USAGE: $0 version_number"
   echo "i.e. $0 v1.0"
   exit 1
 fi
 _VERNUM=$1
 rm -rf /opt/ec2/images-s3/${_VERNUM}
 mkdir -p /opt/ec2/images-s3/${_VERNUM}
 ec2-bundle-image --cert $EC2_CERT_DEPRECATED --privatekey $EC2_PRIVATE_KEY_DEPRECATED --image /opt/ec2/images/centos-7.0-1406-x86_64-base.img --prefix centos-7.0-1406-x86_64-base-${_VERNUM} --user $AWS_ACCOUNT_NUMBER --destination /opt/ec2/images-s3/${_VERNUM} --arch x86_64 --kernel aki-919dcaf8
 ec2-upload-bundle --manifest /opt/ec2/images-s3/${_VERNUM}/centos-7.0-1406-x86_64-base-${_VERNUM}.manifest.xml --bucket $AWS_AMI_BUCKET --access-key $AWS_ACCESS_KEY --secret-key $AWS_SECRET_KEY --retry
 ec2-register $AWS_AMI_BUCKET/centos-7.0-1406-x86_64-base-${_VERNUM}.manifest.xml --name "CentOS 7.0 1406 (x86_64) PV instance store ${_VERNUM}" --description "CentOS 7.0 1406 (x86_64) PV Custom Base AMI instance store ${_VERNUM}" --architecture x86_64 --kernel aki-919dcaf8

49. Run script to bundle, upload, and register the new PV instance store image:

1
2
chmod 700 /tmp/NOBAKE/ec2_pv_s3.sh
/tmp/NOBAKE/ec2_pv_s3.sh v1.0

Note the AMI id and spin up a new m3.medium instance to test it out. Also, we will use this new instance to create a new PV EBS-backed image.

It's a UNIX system. I know this.

Phew! That was a lot of steps! If you’ve followed all of the steps above, you should hopefully have a working PV instance store AMI. In the next blog post, we will cover the remaining instance types.