Create CentOS 5.5 EC2 AMI through a Loopback File

Create a CentOS 5.5 EC2 AMI

Login

  • Login as root to
    • Any CentOS machine OR
    • An EC2 CentOS instance from one of the public AMI like ami-2342a94a (32 bit) or ami-4d42a924 (64 bit)

Initialize and Mount a Loopback File used as a CentOS OS Image

  • Create a working directory. For example,
    mkdir /mnt/image
    cd /mnt/image
    
  • Create a 1G file
    dd if=/dev/zero of=my-image.fs bs=1M count=1024
    
  • Create an ext3 file system on the new file
    mke2fs -F -j my-image.fs
    
  • Mount the new file system
    mkdir /mnt/ec2-fs
    mount -o loop /mnt/image/my-image.fs /mnt/ec2-fs
    

Install the CentOS on the Loopback file

  • Create the minimum device
    mkdir /mnt/ec2-fs/dev
    /sbin/MAKEDEV -d /mnt/ec2-fs/dev/ -x console
    /sbin/MAKEDEV -d /mnt/ec2-fs/dev/ -x null
    /sbin/MAKEDEV -d /mnt/ec2-fs/dev/ -x zero
    
  • Create device mapping fstab
    mkdir /mnt/ec2-fs/etc
    vi /mnt/ec2-fs/etc/fstab
    

    For 32 BIT OS, use

    /dev/sda1  /         ext3    defaults        1 1
    none       /dev/pts  devpts  gid=5,mode=620  0 0
    none       /dev/shm  tmpfs   defaults        0 0
    none       /proc     proc    defaults        0 0
    none       /sys      sysfs   defaults        0 0
    /dev/sda2  /mnt      ext3    defaults        0 0
    /dev/sda3  swap      swap    defaults        0 0
    

    For 64 BIT OS, use

    /dev/sda1       /      ext3   defaults  1  1
    /dev/sdb        /mnt   ext3   defaults  0  0
    none            /proc  proc   defaults  0  0
    none            /sys   sysfs  defaults  0  0
    
  • Mount Proc file system
    mkdir /mnt/ec2-fs/proc
    mount -t proc none /mnt/ec2-fs/proc
    
  • Create YUM configuration file (For CentOS 5.5 32 bit)
    vi /mnt/image/yum-xen.conf
    
    [main]
    cachedir=/var/cache/yum
    debuglevel=2
    logfile=/var/log/yum.log
    exclude=*-debuginfo
    gpgcheck=0
    obsoletes=1
    pkgpolicy=newest
    distroverpkg=redhat-release
    tolerant=1
    exactarch=1
    reposdir=/dev/null
    metadata_expire=1800
    [base]
    name=CentOS-5.5 - Base
    baseurl=http://mirror.centos.org/centos/5.5/os/i386/
    gpgcheck=1
    gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
    priority=1
    protect=1
    #released updates
    [update]
    name=CentOS-5.5 - Updates
    baseurl=http://mirror.centos.org/centos/5.5/updates/i386/
    gpgcheck=1
    gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
    priority=1
    protect=1
    #packages used/produced in the build but not released
    [addons]
    name=CentOS-5.5 - Addons
    baseurl=http://mirror.centos.org/centos/5.5/addons/i386/
    gpgcheck=1
    gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
    priority=1
    [extras]
    name=CentOS 5.5 Extras $releasever - $basearch
    baseurl=http://mirror.centos.org/centos/5.5/extras/i386/
    enabled=1
    
  • Install the OS
    yum -c /mnt/image/yum-xen.conf --installroot=/mnt/ec2-fs -y groupinstall Core
    
  • Install curl
    yum -c /mnt/image/yum-xen.conf --installroot=/mnt/ec2-fs install curl
    

Configure the CentOS Image

  • Create and edit /mnt/ec2-fs/etc/sysconfig/network-scripts/ifcfg-eth0
    DEVICE=eth0
    BOOTPROTO=dhcp
    ONBOOT=yes
    TYPE=Ethernet
    USERCTL=yes
    PEERDNS=yes
    IPV6INIT=no
    
  • Create and edit /mnt/ec2-fs/etc/sysconfig/network
    NETWORKING=yes
    
  • Create and edit resolv.conf
    search compute-1.internal
    nameserver 172.16.0.23
    
  • Configure /mnt/ec2-fs/etc/ssh, run
    echo "UseDNS  no" >> /mnt/ec2-fs/etc/ssh/sshd_config
    echo "PermitRootLogin without-password" >> /mnt/ec2-fs/etc/ssh/sshd_config
    
  • Comment out /mnt/ec2-fs/etc/inittab the following in
    #2:2345:respawn:/sbin/mingetty tty2
    #3:2345:respawn:/sbin/mingetty tty3
    #4:2345:respawn:/sbin/mingetty tty4
    #5:2345:respawn:/sbin/mingetty tty5
    #6:2345:respawn:/sbin/mingetty tty6
    
  • Create and edit /mnt/ec2-fs/etc/ld.so.conf.d/libc6-xen.conf
    hwcap 0 nosegneg
    
  • Add Custom Kernel module
    cd /mnt/ec2-fs/lib/modules
    mkdir 2.6.16-ec2
    cd 2.6.16-ec2
    wget http://s3.amazonaws.com/ec2-downloads/modules-2.6.16-ec2.tgz
    gunzip modules-2.6.16-ec2.tgz
    tar -xvf modules-2.6.16-ec2.tar
    rm modules-2.6.16-ec2.tar
    
    chroot /mnt/ec2-fs /bin/sh
    /sbin/depmod -ae 2.6.16-ec2
    exit
    

SSH Configuration

  • Retrieve the SSH key when an EC2 Instance Launch /mnt/ec2-fs/usr/local/sbin/get-sshkey.sh
    #!/bin/sh
    if [ ! -d /root/.ssh ] ;
    then mkdir -p /root/.ssh
    chmod 700 /root/.ssh
    fi
    # Fetch public key using HTTP
    /usr/bin/curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/my-key
    if [ $? -eq 0 ] ;
    then
    cat /tmp/my-key >> /root/.ssh/authorized_keys
    chmod 600 /root/.ssh/authorized_keys
    rm -f /tmp/my-key
    fi
    
    chmod u+x /mnt/ec2-fs/usr/local/sbin/get-sshkey.sh
    echo "/usr/local/sbin/get-sshkey.sh" >> /mnt/ec2-fs/etc/rc.local
    
  • Configure system start up level for SSH Service
    chroot /mnt/ec2-fs /bin/sh
    chkconfig --level 345 sshd on
    exit
    

Cleanup

  • Cleanup the installation
    yum -c /mnt/image/yum-xen.conf --installroot=/mnt/ec2-fs clean all
    
  • Unmount the file systems
    cd /mnt
    umount /mnt/ec2-fs/proc
    umount -d /mnt/ec2-fs
    

Undo mistake

mount -o loop /mnt/image/my-image.fs /mnt/ec2-fs
mount -t proc none /mnt/ec2-fs/proc

... make any changes ...

cd /mnt
umount /mnt/ec2-fs/proc
umount -d /mnt/ec2-fs

Create the EC2 CentOS 5.5 AMI

We assume the AMI tools are installed according to the previous instructions

  • Bundle the EC2 AMI CentOS 5.5 Image
    ec2-bundle-image -i /mnt/image/my-image.fs -c ~/.ec2/cert-aws.pem \
    -k ~/.ec2/pk-aws.pem -u 1111-2222-333
    

    Replace with your proper key/certicate and AWS account number

  • Upload the AMI image to S3
    ec2-upload-bundle -b your_own_company_name.my-image -m /tmp/my-image.fs.manifest.xml \
    -a access-key-id -s secret-access-key
    

    Replace with the proper id/secret-key & company name

  • Register the EC2 AMI
    ec2-register your_own_company_name.my-image/my-image.fs.manifest.xml -n centos_image