Red Hat SummitChapter 12. Creating RHEL for Edge AMI images
You can create a RHEL for Edge edge-ami customized image by using RHEL image builder. The RHEL for Edge edge-ami has Ignition support to inject the user configuration into the images at an early stage of the boot process. Then, you can upload the image to AWS cloud and launch an EC2 instance in AWS. You can use the AMI image type on AMD or Intel 64-bit architectures.
12.1. Creating a blueprint for Edge AMI images
Create a blueprint for the edge-ami image and customize it with the customizations.ignition section. With that, you can create your image and when booting the image, inject the user configuration.
Prerequisites
You have created an Ignition configuration file. For example:
{ "ignition":{ "version":"3.3.0" }, "passwd":{ "users":[ { "groups":[ "wheel" ], "name":"core", "passwordHash":"$6$jfuNnO9t1Bv7N" } ] } }For more details, see Creating an Ignition configuration file.
Procedure
Create a blueprint in the Tom’s Obvious, Minimal Language (TOML) format, with the following content:
name = "ami-edge-image" description = "Blueprint for Edge AMI image" version = "0.0.1" packages = ["cloud-init"] modules = [] groups = [] distro = "" [[customizations.user]] name = "admin" password = "admin" groups = ["wheel"] [customizations.ignition.firstboot] url = http://<IP_address>:8080/config.igWhere:
-
The
nameis the name anddescriptionis the description for your blueprint. -
The
versionis the version number according to the Semantic Versioning scheme. -
The
modulesandpackagesdescribe the package name and matching version glob to be installed into the image. For example, the packagename = "open-vm-tools". Notice that currently there are no differences between packages and modules. -
The
groupsare packages groups to be installed into the image. For examplegroups = "wheel". If you do not know the modules and groups, leave them empty. -
The
customizations.usercreates a username and password to log in to the VM. The
customizations.ignition.firstbootcontains the URL where the Ignition configuration file is being served.NoteBy default, the
open-vm-toolspackage is not included in theedge-vsphereimage. If you need this package, you must include it in the blueprint customization.
-
The
Import the blueprint to the image builder server:
# composer-cli blueprints push <blueprint-name>.tomlList the existing blueprints to check whether the created blueprint is successfully pushed and exists:
# composer-cli blueprints show <blueprint-name>Check whether the components and versions listed in the blueprint and their dependencies are valid:
# composer-cli blueprints depsolve <blueprint-name>
12.2. Creating a RHEL for Edge AMI image
Create a RHEL for Edge edge-ami image in the RHEL image builder command-line interface.
Prerequisites
-
You created a blueprint for the
edge-amiimage. -
You served an OSTree repository of the commit to embed it in the image. For example,
http://10.0.2.2:8080/repo. For more details, see Setting up a web server to install RHEL for Edge image.
Procedure
Start the compose of a
edge-amiimage:# composer-cli compose start-ostree <blueprint-name> edge-ami --ref rhel/9/x86_64/edge --url <ostree repo url>The
<ostree repo url>is the URL of your repo, for example:http://10.88.0.1:8080/{<blueprint-name>}/repo.A confirmation that the composer process has been added to the queue appears. It also shows a Universally Unique Identifier (UUID) number for the image created. Use the UUID number to track your build. Also, keep the UUID number handy for further tasks.
Check the image compose status:
# composer-cli compose statusThe output displays the status in the following format:
$ <UUID> RUNNING date <blueprint-name> <blueprint-version> edge-amiAfter the compose process finishes, download the resulting image file:
# composer-cli compose image <UUID>
12.3. Uploading a RHEL Edge AMI image to AWS
Upload the edge-ami image to Amazon AWS Cloud service provider by using the CLI.
Prerequisites
-
You have an
Access Key IDconfigured in the AWS IAM account manager. - You have a writable S3 bucket prepared.
- You have created the required roles for your AWS bucket.
-
You have the
aws-clitool installed .
Procedure
Configure the
aws-clitool:$ aws configureConfigure your profile. Run the command and enter your Access key ID credential, Secret access key, Default region name, and default output name:
$ aws configure --profile
List the existing buckets:
$ aws s3 lsUpload your image to S3:
$ aws s3 cp <path_to_image/image> s3://<your_bucket_name>List the image in the S3 bucket:
$ aws s3 ls s3://<your_bucket_name>Create a
container-simple.jsonfile. Replace the "URL" content with the S3 bucket. For example:s3://rhel-edge-ami-us-west-2/2ba3c125-cc58-4cc0-861a-4cc78e892df6-image.raw.{ "Description": "RHEL for Edge image", "Format": "edge-ami", "Url": "s3://rhel-edge-ami-us-west-2/UUID-image.raw" }Import the
edge.amiimage to the S3 bucket as an EC2 snapshot.NoteThe EC2 image must be in the same region that you have created the S3 bucket.
$ aws ec2 import-snapshot --description "RHEL edge" \ --disk-container file://container-simple.json --region us-west-2The following .
jsonis an example of the command output:{ "Description": "RHEL for Edge image", "Format": "edge-ami", "Url": "s3://rhel-edge-ami-us-west-2/UUID-image.raw" }-
Take note of "ImportTaskId" value from the
.jsonfile. Use it to check the import status. In this example, the "ImportTaskId" isimport-snap-0f3055c4b7a454c85. Check the import status of the snapshot, by using the "ImportTaskId" value from the output
.jsonfile from the previous step:$ aws ec2 describe-import-snapshot-tasks \ --import-task-ids import-snap-0f3055c4b7a454c85 { "ImportSnapshotTasks": [ { "Description": "RHEL edge", "ImportTaskId": "import-snap-0f3055c4b7a454c85", "SnapshotTaskDetail": { "Description": "RHEL edge", "DiskImageSize": 10737418240.0, "Format": "RAW", "SnapshotId": "snap-001b267e752039eab", "Status": "completed", "Url": "s3://rhel-edge-ami-us-west-2/2ba3c125-cc58-4cc0-861a-4cc78e892df6-image.raw", "UserBucket": { "S3Bucket": "rhel-edge-ami-us-west-2", "S3Key": "2ba3c125-cc58-4cc0-861a-4cc78e892df6-image.raw" } }, "Tags": [] } ] }Run this command until the "Status" is marked as "completed".
Register the
edge.amiimage to be able to launch an instance from the image.$ aws ec2 register-image \ --name ami-edge-name-ami-x86" \ --architecture <architecture> \ --tag-specifications 'ResourceType=image,Tags=\\\{Key=Name,Value={{ blueprint_name }}-ami-x86}' \ --root-device-name /dev/sda1 \ --block-device-mappings DeviceName=/dev/sda1,Ebs={SnapshotId={{ snapshot_id }}} DeviceName=/dev/sdh,Ebs={VolumeSize=10} \ --boot-mode uefi-preferred --query="ImageId" --output=text \ --region="{{ aws_region }}" iIf you do not specify an architecture, it defaults to the
i386architecture.
After registering the image, you can access EC2 to create the AMI image from the snapshot, and launch it.
Verification
To confirm that the image upload was successful:
- Access EC2 in the menu and select the correct region in the AWS console. The image must have the available status, to indicate that it was successfully uploaded.
On the dashboard, select your image and click Launch.
When launching the new instance, you must select UEFI as the boot mode, and choose at least 4GB of RAM for the EC2 image.
-
You can log in into the
edge-amion AWS by using the username and password you created with the Ignition configuration.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}