RightScaleのAMI(ami-21f38c73)上で、CentOS 5.5のAMI(Coreのみインストール)をスクラッチから作成・登録するスクリプトを書いてみた。
#!/bin/bash AMI_IMG=centos-5.5-x86_84-core.img MNT_DIR=fs-centos-5.5-x86_84-core AMI_NAME=centos-5.5-x86_84-core EC2_CERT=~/.aws/cert-XXXXXXXXXX.pem EC2_PRIVATE_KEY=~/.aws/pk-XXXXXXXXXX.pem ACCOUNT_NUM=XXXXXXXXXX S3_BUCKET_NAME=XXXXXXXXXX/AMI/CentOS/5.5/x86_64/Core S3_REGION=ap-southeast-1 #S3_REGION=us-west-1 ACCESS_KEY_ID=XXXXXXXXXX SECRET_ACCESS_KEY=XXXXXXXXXX cd /mnt dd if=/dev/zero of=${AMI_IMG} count=1024 bs=1M mke2fs -F -j ${AMI_IMG} mkdir ${MNT_DIR} mount -o loop ${AMI_IMG} ${MNT_DIR} mkdir ${MNT_DIR}/dev mkdir ${MNT_DIR}/etc for i in console null zero do /sbin/MAKEDEV -d /mnt/${MNT_DIR}/dev -x $i done cat > ${MNT_DIR}/etc/fstab << EOS /dev/sda1 / ext3 defaults 1 1 /dev/sda2 /mnt ext3 defaults 0 0 /dev/sda3 swap swap defaults 0 0 none /dev/pts devpts gid=5,mode=620 0 0 none /dev/shm tmpfs defaults 0 0 none /proc proc defaults 0 0 none /sys sysfs defaults 0 0 EOS mkdir ${MNT_DIR}/proc mount -t proc none ${MNT_DIR}/proc YUMCNF=./yum.conf cp /etc/yum.conf ${YUMCNF} cat /etc/yum.repos.d/CentOS-Base.repo >> ${YUMCNF} sed -i 's/$releasever/5.5/g' ${YUMCNF} yum -c ${YUMCNF} --installroot=/mnt/${MNT_DIR} -y groupinstall Core yum -c ${YUMCNF} --installroot=/mnt/${MNT_DIR} -y install curl cat > ${MNT_DIR}/etc/sysconfig/network-scripts/ifcfg-eth0 << EOS DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes TYPE=Ethernet USERCTL=yes PEERDNS=yes IPV6INIT=no EOS cat > ${MNT_DIR}/etc/sysconfig/network << EOS NETWORKING=yes EOS cat > ${MNT_DIR}/etc/hosts << EOS 127.0.0.1 localhost.localdomain localhost EOS cat > ${MNT_DIR}/usr/local/sbin/get-credentials.sh << 'EOS' #!/bin/bash # Retreive the credentials from relevant sources. # Fetch any credentials presented at launch time and add them to # root's public keys PUB_KEY_URI=http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key PUB_KEY_FROM_HTTP=/tmp/openssh_id.pub PUB_KEY_FROM_EPHEMERAL=/mnt/openssh_id.pub ROOT_AUTHORIZED_KEYS=/root/.ssh/authorized_keys # We need somewhere to put the keys. if [ ! -d /root/.ssh ] ; then mkdir -p /root/.ssh chmod 700 /root/.ssh fi # Fetch credentials... # First try http curl --retry 3 --retry-delay 0 --silent --fail -o $PUB_KEY_FROM_HTTP $PUB_KEY_URI if [ $? -eq 0 -a -e $PUB_KEY_FROM_HTTP ] ; then if ! grep -q -f $PUB_KEY_FROM_HTTP $ROOT_AUTHORIZED_KEYS then cat $PUB_KEY_FROM_HTTP >> $ROOT_AUTHORIZED_KEYS echo "New key added to authrozied keys file from parameters"|logger -t "ec2" fi chmod 600 $ROOT_AUTHORIZED_KEYS rm -f $PUB_KEY_FROM_HTTP elif [ -e $PUB_KEY_FROM_EPHEMERAL ] ; then # Try back to ephemeral store if http failed. # NOTE: This usage is deprecated and will be removed in the future if ! grep -q -f $PUB_KEY_FROM_EPHEMERAL $ROOT_AUTHORIZED_KEYS then cat $PUB_KEY_FROM_EPHEMERAL >> $ROOT_AUTHORIZED_KEYS echo "New key added to authrozied keys file from ephemeral store"|logger -t "ec2" fi chmod 600 $ROOT_AUTHORIZED_KEYS chmod 600 $PUB_KEY_FROM_EPHEMERAL fi if [ -e /mnt/openssh_id.pub ] ; then if ! grep -q -f /mnt/openssh_id.pub /root/.ssh/authorized_keys then cat /mnt/openssh_id.pub >> /root/.ssh/authorized_keys echo "New key added to authrozied keys file from ephemeral store"|logger -t "ec2" fi chmod 600 /root/.ssh/authorized_keys fi EOS chmod a+x ${MNT_DIR}/usr/local/sbin/get-credentials.sh echo '/usr/local/sbin/get-credentials.sh' >> ${MNT_DIR}/etc/rc.local echo 'depmod -a #del' >> ${MNT_DIR}/etc/rc.local echo 'modprobe loop #del' >> ${MNT_DIR}/etc/rc.local echo "sed -i 's|^.*#del\$||' /etc/rc.local" >> ${MNT_DIR}/etc/rc.local MODULE=http://s3.amazonaws.com/ec2-downloads/ec2-modules-2.6.16.33-xenU-x86_64.tgz curl -s ${MODULE} | tar xzC ${MNT_DIR} yum -c ${YUMCNF} --installroot=/mnt/${MNT_DIR} -y clean all umount ${MNT_DIR}/proc/ umount ${MNT_DIR} rmdir ${MNT_DIR} wget "http://www.amazon.com/gp/redirect.html/ref=aws_rc_ec2tools?location=http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip&token=A80325AA4DAB186C80828ED5138633E3F49160D9" wget http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.zip mv *.zip /opt/ cd /opt unzip ec2-api-tools.zip unzip ec2-ami-tools.zip export EC2_HOME=/opt/ec2-api-tools-1.3-53907 export EC2_AMITOOL_HOME=/opt/ec2-ami-tools-1.3-56066 export PATH=$EC2_HOME/bin:$EC2_AMITOOL_HOME/bin:$PATH cd /mnt ec2-bundle-image -i ${AMI_IMG} -c ${EC2_CERT} -k ${EC2_PRIVATE_KEY} -u ${ACCOUNT_NUM} -r x86_64 ec2-upload-bundle -b ${S3_BUCKET_NAME} -m /tmp/${AMI_IMG}.manifest.xml -a ${ACCESS_KEY_ID} -s ${SECRET_ACCESS_KEY} ec2-register --region ${S3_REGION} -C ${EC2_CERT} -K ${EC2_PRIVATE_KEY} -n ${AMI_NAME} ${S3_BUCKET_NAME}/${AMI_IMG}.manifest.xml