I'm creating an EC2 instance and loading it up with some "on start" scripts as well as installing desired software. This becomes the base image to be used when spinning up new instances.
Once created, I create an AMI. At this point, there is no need to keep the EC2 image used to create the AMI.
So, the sequence is:
Create EC2
Install packages
Configure packages
Create AMI
Destroy EC2
How do I tell Terraform to then delete the EC2 in the final step?
Have you taken a look at Hashicorp's Packer tool? It specializes in building AMIs for use in Terraform and could save you a few manual steps here.
In the meantime though, you can issue a terraform destroy -target aws_instance.<NAME> (substitute your Terraformed EC2 instance's name) command to destroy your instance.
Related
I have the following doubts about using custom AMI with AWS EB.
Now I have:
a default platform, Python 3.6 + Amazon Linux 1.10.0, and in EB configurations > Instances > AMI I get an ID that I think is the default AMI provided by AWS to launch the platform (and if it is like that than it should get modified at every platform update).
some platform configurations done with .ebextensions files
my Flask app that I deploy from CLI (eb deploy)
So, in order to avoid the .ebextensions configurations time, I'd like to use a custom AMI that includes (1) + (2) and continue to deploy my Flask app like before.
So to build the AMI:
can I stop an EC2 instance of my running env and make an AMI from that one from EC2 console? If I do so, then the AMI would contain even my .ebextensions files and my app, is it a problem?
if the AMI shouldn't include .ebextensions files, then the only way to custom the platform before doing the AMI is to SSH?
after having built the AMI I put its ID in EB console > configurations > instances and then EB takes care of everything, like updating the AMI id in EC2 > autoscaling > launch options?
to do a platofrm update I have first to manually rebuild the AMI starting from the new platform and then update the AMI ID in EB configurations? So it's not possible to update the platform from EB console like I was used to do before and then to save the new AMI?
when I deploy my app it then shouldn't contain .ebextensions files?
if I create the AMI with my app included, then EB autoscaling would even save the time of deploying the app? (Of course in this case to deploy I would have to create a new AMI first).
Thanks for help.
can I stop an EC2 instance of my running env and make an AMI from that one from EC2 console? If I do so, then the AMI would contain even my .ebextensions files and my app, is it a problem?
You don't have to stop it. You can make AMI from running instance. Also your instance its in ASG, so stopping it is not a good idea.
if the AMI shouldn't include .ebextensions files, then the only way to custom the platform before doing the AMI is to SSH?
It shoudn't matter if you have pre-existing app on the ami. New deployment will install your app anyway.
after having built the AMI I put its ID in EB console > configurations > instances and then EB takes care of everything, like updating the AMI id in EC2 > autoscaling > launch options?
Yes,
to do a platofrm update I have first to manually rebuild the AMI starting from the new platform and then update the AMI ID in EB configurations? So it's not possible to update the platform from EB console like I was used to do before and then to save the new AMI?
Probably, have to repeat the process.
when I deploy my app it then shouldn't contain .ebextensions files?
It depends what they do. If they install software which is already on the custom ami, you can remove it.
if I create the AMI with my app included, then EB autoscaling would even save the time of deploying the app? (Of course in this case to deploy I would have to create a new AMI first).
The purpose of the custom ami is to save time on installing and configuring custom software that is normally not on the AWS amis. Its not to replace or elimiate the need of deploying your APP. You still need to do it, but can skip installing custom packages.
You can create a custom AMI from a running EC2 instance from the console, and from the CLI. Any AMI you create is a faithful copy of the instance, so if the instance has ebextensions, then the AMI will do also.
I think I understand that you want to create an AMI from instances being managed by ElasticBeanstalk? If that is so, then there are certain files that need to exist on the ElasticBeanstalk EC2 instance so that ElasticBeanstalk and Cloudformation can manage the environment. The .ebextensions are scripts are used to configure the environment, at least in my experience there are maintained in your repo. If your AMI has .ebextensions then they are most likely needed.
I don't think it is typical to use a custom AMI under ElasticBeanstalk: the whole point is to let AWS manage that layer for you. I would recommend that if you really need a custom AMI, you look at doing what you want to do directly in EC2 and forgo ElasticBeanstalk. ElasticBeanstalk is really only an abstracted 'friendly' interface to EC2 and other services (eg autoscaling and load balancer are actually EC2). Maybe even consider putting your application into a docker?
You can create Custom AMI of EC2 instance which is running for Elastic beanstalk. IF you are going with custom AMI then no need to use .ebextension files because either AMI should include all the changes which has already done when you deployed application along with ebextension file or do the necessary changes in server before creating AMI. But it is good to use default AMI which AWS provides while creation of Elastic Beanstalk and use .ebextension files to do required tasks during deployment.
In AWS cloud formation, i use the cloud former tool. I can use that tool to create a cloud formation template from existing resources. And then use the template to create a stack. I tested with that tool. It can work, (as in it can create instances with same memory size, with same volume size, same VPC settings, and auto start the instances). But there is no files in the volume.
Do i have to create a snapshot of the existing volume, create a new volume from the snapshot, attach it to the newly created instance, and copy the files manually ?
Or is there any better way ?
Do i have to create a snapshot of the existing volume, create a new volume from the snapshot, attach it to the newly created instance, and copy the files manually ?
Cloudformation is provisioning resources, but is not responsible for provisioning the contents of those resources - that you have to do yourself.
You can leverage the EC2 Userdata to manually pull files from S3 or other repos as the instance boots.
Or is there any better way ?
If you want to share data between applications, EFS is always an option. In your case, though, using Userdata might be effective.
If you wish to launch new EC2 instances with software automatically loaded, there are basically two choices:
Use a pre-configured AMI, or
Use a startup script to load the software
Pre-configured AMI
An Amazon Machine Image (AMI) is a copy of a disk. When a new EC2 instance is launched, an AMI is selected and the boot disk (and optionally other disks) are automatically pre-loaded with the contents of the AMI.
A common practice is to boot an EC2 instance and configure it as desired. Then, create an AMI. Thereafter, when a new EC2 instance is required for the application, launch it using the pre-built AMI.
There are also tools available to automate the building of an AMI, such as Netflix Aminator and Packer.
Benefits: New machine boots quickly, fully-configured.
Issues: Need to create a new AMI whenever you update your software.
Use a startup script to load the software
When an Amazon EC2 instance is launched from a standard Amazon-provided AMI (eg Amazon Linux, Microsoft Windows), software on the AMI automatically looks at the User Data passed to an EC2 instance. If the User Data contains a startup script, the script will be executed -- but only the first time that an instance is launched. This is an excellent way to install software on the instance.
You are responsible for writing the script. The script should install whatever tools, software and data you want on the instance.
Benefits: Updating your software? Just launch a new instance and the script will install the latest version of your software (assuming you have written the script to always point to the latest version).
Issues: It takes longer to launch the new instance, since the software is being installed.
I am not able to find a find documents showing how can I copy a Windows instance to an Amazon S3 bucket.
Can any one help me with step by step approach to do this and suggest some of the links?
You can not copy AMIs to s3. You can either create a snapshot of your volumes or create another image (AMI).
I assume you're trying to create a backup of your AMIs. So, there are some alternatives for doing that.
Create a new AMI from an existing running image. Reference: Creating an Amazon EBS-Backed Windows AMI
Creating a Windows AMI from a Running Instance
You can create an AMI using the AWS Management Console or the command line. The following diagram summarizes the process for creating an Amazon EBS-backed AMI from a running EC2 instance. Start with an existing AMI, launch an instance, customize it, create a new AMI from it, and finally launch an instance of your new AMI. The steps in the following diagram match the steps in the procedure below. If you already have a running Amazon EBS-backed instance, you can go directly to step 4.
You can create images using the AWS CLI command create-image
Create Snapshots of your volumes, these snapshots will be stored behind the scenes in s3. Reference: Creating an Amazon EBS Snapshot
You can create EBS snapshots using the AWS CLI command create-snapshot
+ Resources
Copying an Amazon EBS Snapshot
Copying an AMI
If I create a custom AMI for an EBS backed EC2 instance after installing numerous applications and making lot of config changes to the EC2 instance like IP Tables, httpd.conf file etc...
Will the custom AMI image capture all those config changes and/or installed applications so that I can use it to launch exact functioning copy of the Custom AMI originating EC2 Instance?
Anything done after launching an EC2 instance will be independent of what the original AMI had. There isn't a relationship among the instances which use the same AMI as well; except that they all were materialised from a single AMI - the individual / independent changes in the Instances ( AMI ) would be in silos.
Coming back to your point; after making numerous changes; you would need to create an image AMI out of the running instance where the changes have been made. Going forward you can use the AMI to create new instances. Already created instances wouldn't reflect any new changes.
This is where the tools like Ansible, Chef, Puppet come into picture.
I have an instance in AWS that I set up my entire environment (I'll call it my ready instance) on and is running perfectly. I then created a load balancer (ELB) with an autoscaling policy.
When I created a load balancer with an autoscaling policy (min of 2 instances), 2 instances sprung up. The instances were empty, however. For the launch configuration, I specified my ready instance AMI. Isn't this supposed to tell the autoscaling policy which instance to clone? In this case, shouldn't my ready instance be cloned into them and they should have the same content?
Instances are not created based on a clone of a running instance, but rather just the disk image stored in the AMI. It might be a case where you need to create a new AMI from your running instance and use that AMI as the basis for your autoscaling group.
once upon a time even I was this phase of my life.Basically it will just the boot the AMI which you have specified in your as configuration. If your AMI has got old code, then it will boot and serve your client from the out-dated code. Do solve this you can automate the code management process, all you have to do is boot the new ami with a user-data script which will perfom certain actions during the boot. Using user-data script you can automate this process. Autoscaling configuration also have a provision to accept the user-script data.