Method to LMV a RHEL EC2 image

Latest response

I obtained a specialized RH image provided by Amazon's EC2 instances. The OS came without LVMed OS volumes, and it did not have the LMV+dependencies pkgs installed either.

There has been an old post closely related to the matter found. The post did not conclusively display a proven workaround or resolution to the subject. (Reference: https://access.redhat.com/discussions/1285693).

I have been able to update the image with the LVM+dependencies pkgs, create the {1,2} partitions for boot and LVM use, respectively, and, copied the contents to the newly created LVMed volumes (preserving all timestamps/permissions, etc.).

On the AWS side, the new EBS volume that was used to create the LVM objects was modified to be the /dev/sda1 (boot) for the EC2 instance.

The instance fails to boot with no message visible on the AWS console's 'Get System Log' (server's console).

Has this problem been resolved via 'some procedure' out there?

Thank in advance.

Responses

I solved the problem back in 2015 for my tenants. It's actually a fairly simple solution. We've open-published AMIs in us-east-1, us-east-2, us-west-1, us-west-2 and us-gov-west-1 regions. Just search the community AMIs for spel-minimal-rhel. There's LVM'ed AMIs for both RHEL6 an RHEL7.

If the partitioning isn't as you'd desire, you can fork the source code used for generating the AMIs (also works for creating Azure and VMware templates and Vagrant boxes) and tailor as you see fit:

If the partitioning is satisfactory but you need it in different regions, just use the (AWS console/CLI's) AMI-copy option to dupe it into your desired region(s).

Hello Thomas. Good stuff, well documented.

My AWS account is highly locked down, do not have the ability to connect to the Availability Zones repos. How can I load (copy) the OS+ancillary pkgs onto the new disk?

Oof. That's a tough one. There's not a ton of options - and many will be unavailable depending how fascist your lock-down is. I'd need to know what permissions you do have, as that would dictate what my possible responses are. To start, I'd probably ask: - Do you have the ability to create new S3 buckets - Do you have the ability to create IAM and/or bucket-policies - Do you have a secondary account that isn't quite so locked down (e.g., we have Dev, Test and Prod accounts with Dev being the least locked down and Prod being the province of CM-nazis) - Do you have the ability to set up EFS shares - Do you have the ability to set up SecurityGroups - Without giving away your security model, do you otherwise have the ability to copy data into your AWS account (say over a VPN, DirectConnect, etc.)