Cloud Amazon EC2. Custom AMI

(Versión en español)

In this article we will explain how to create and register your own custom AMI from your own dedicated server or virtual server external to the Amazon EC2 Cloud.

An AMI (Amazon Machine Image) is a preconfigured image of an operating system used to launch instances in Amazon EC2.

Suppose we have a dedicated or virtual server and want to try a new project in the Amazon EC2 cloud. Suppose also that we want to use a replica of our server to test this new application, since we have all the software we need installed.

Well, you must first install the api and ami tools. They are not in the Centos repositories, but you can download them from these links:

Amazon EC2 AMI Tools
Amazon EC2 API Tools

In Ubuntu you can install directly with the package manager:

:$ aptitude install ec2-ami-tools ec2-api-tools

Building the AMI para Amazon EC2.

First of all, we must get our Amazon account X509 certificate composed of a private key and certificate.

We can create this certificate from our own profile in the “Security Credentials” in the menu on the left, and it allows us to download the files for the corresponding private key and the certificate, both in PEM format.

As expected, if we build an AMI with a certificate and we lose the certificate, when we  generate a new certificate, our AWS account will be associated with the new certificate. Thus our AMI will not belong to our aws account any longer, although it is hosted in our own S3 account. So be carefull!

To create the custom image from our server to launch Amazon EC2 instances, run the following:

:$ ec2-bundle-vol -k pk-****************.pem -c cert- *******.pem -u ****-*****-**** -r x86_64 –no-inherit -d /mnt/ami/

-k is the path to the file containing to the key.
-c is the path to the file containing the certificate.
-r type of architecture, 64 bits in our case.
–no-inherit  to not  inherit metadata of an instance of Amazon EC2.
-u is the AWS account number, NOT the Access Key ID.

The above command will generate in the directory /mn/ami the image of our server divided into volumes:

root@localhost:~# ls -lsa /mnt/ami/
total 2165680
4 drwxr-xr-x 2 root root 4096 jun 13 15:57 .
4 drwxr-xr-x 4 root root 4096 jun 13 15:51 ..
1593432 -rw-r--r-- 1 root root 8589934592 jun 13 15:53 image
12 -rw-r--r-- 1 root root 9370 jun 13 15:57 image.manifest.xml
10240 -rw-r--r-- 1 root root 10485760 jun 13 15:56 image.part.00
10240 -rw-r--r-- 1 root root 10485760 jun 13 15:56 image.part.01
10240 -rw-r--r-- 1 root root 10485760 jun 13 15:56 image.part.02
10240 -rw-r--r-- 1 root root 10485760 jun 13 15:56 image.part.03

Upload AMI to Amazon S3.

With this command we upload the image to the bucket of our Amazon S3 account:

:$ ec2-upload-bundle -b bucketname -m /mnt/ami/imagen.manifest.xml -a ************* -s *****************

-b is the name of backet. If it does not exist, it is created.
-m is the path to the xml file generated when we built the image.
-a is the “acces key id” of our aws account.
-s is the “Secret Access Key” of our aws account.

<img class="alignnone size-full wp-image-233" title="acces_keys" src="" alt="" width="751" height="389" srcset="http://labs.conekia generic soft 751w,×155.png 300w,×258.png 500w» sizes=»(max-width: 751px) 100vw, 751px» />

Both the “Access key id” as the “Secret Access Key” can be found in the profile of our account in the “Security Credentials” from the menu on the left.

When image uploading is complete, we can  see in our Amazon S3 account the image divided into volumes along with the xml file.

Register the custom AMI.

Once uploaded our custom AMI, you can register it to launch instances based on it.

To register the image, just access the EC2 service from our account, and click the section “IMAGES – AMIs”. In the top center of the screen is the option “Register New AMI”. If you click it, a form will be displayed in wich we can indicate the URL of our AMI.

In our case,  it is bucketname/image.manifest.xml.

Once added we can launch instances with this image.

You can also register AMIs with this command from console:

:$ ec2-register ftbamijapon/image.manifest.xml -a x86_64 -K pk-*************.pem -C cert-***********.pem --region ap-northeast-1

-a 32 or 64-bit architecture (64 in our case).
-K is the path to the file containing the key.
-C is the path to the file containing the certificate.
–region in which region or area of Amazon we want to register our custom AMI on Amazon EC2.

Things to consider


It is very important to choose the same area on the Amazon S3 as in Amazon EC2. If they are in different areas the price of traffic sent to load our AMI at the time of launching an instance, will be more expensive than they are in the same area.

The same is true of two instances of Amazon EC2 that send data to each other, for example, a database server and web server.

KERNEL choice

Another thing to consider is the choice of kernel at AMI registration time. If the appropriate one was not selected, our Amazon EC2 instance will not start.

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *