Chapter 10. Creating RHEL for Edge AMI images

You can create a RHEL for Edge edge-ami customized image by using RHEL image builder. The RHEL for Edge edge-ami has Ignition support to inject the user configuration into the images at an early stage of the boot process. Then, you can upload the image to AWS cloud and launch an EC2 instance in AWS. You can use the AMI image type on AMD or Intel 64-bit architectures.

10.1. Creating a blueprint for Edge AMI images

Create a blueprint for the edge-ami image and customize it with the customizations.ignition section. With that, you can create your image and when booting the image, inject the user configuration.

Prerequisites

  • You have created an Ignition configuration file. For example:

    {
       "ignition":{
          "version":"3.3.0"
       },
       "passwd":{
          "users":[
             {
                "groups":[
                   "wheel"
                ],
                "name":"core",
                "passwordHash":"$6$jfuNnO9t1Bv7N"
             }
          ]
       }
    }

    For more details, see Creating an Ignition configuration file.

Procedure

  1. Create a blueprint in the Tom’s Obvious, Minimal Language (TOML) format, with the following content:

    name = "ami-edge-image"
    description = "Blueprint for Edge AMI image"
    version = "0.0.1"
    packages = ["cloud-init"]
    modules = []
    groups = []
    distro = ""
    
    [[customizations.user]]
    name = "admin"
    password = "admin"
    groups = ["wheel"]
    
    [customizations.ignition.firstboot]
    url = http://<IP_address>:8080/config.ig

    Where:

    • The name is the name and description is the description for your blueprint.
    • The version is the version number according to the Semantic Versioning scheme.
    • The modules and packages describe the package name and matching version glob to be installed into the image. For example, the package name = "open-vm-tools". Notice that currently there are no differences between packages and modules.
    • The groups are packages groups to be installed into the image. For example groups = "wheel". If you do not know the modules and groups, leave them empty.
    • The customizations.user creates a username and password to log in to the VM.
    • The customizations.ignition.firstboot contains the URL where the Ignition configuration file is being served.

      Note

      By default, the open-vm-tools package is not included in the edge-vsphere image. If you need this package, you must include it in the blueprint customization.

  2. Import the blueprint to the image builder server:

    # composer-cli blueprints push <blueprint-name>.toml
  3. List the existing blueprints to check whether the created blueprint is successfully pushed and exists:

    # composer-cli blueprints show <blueprint-name>
  4. Check whether the components and versions listed in the blueprint and their dependencies are valid:

    # composer-cli blueprints depsolve <blueprint-name>

Next steps

  • Use the blueprint you created to build your edge-ami image.

10.2. Creating a RHEL for Edge AMI image

Create a RHEL for Edge edge-ami image in the RHEL image builder command-line interface.

Prerequisites

Procedure

  1. Start the compose of a edge-ami image:

    # composer-cli compose start start-ostree <blueprint-name> edge-ami --<url>

    The --<url> is the URL of your repo, for example: http://10.88.0.1:8080/repo.

    A confirmation that the composer process has been added to the queue appears. It also shows a Universally Unique Identifier (UUID) number for the image created. Use the UUID number to track your build. Also, keep the UUID number handy for further tasks.

  2. Check the image compose status:

    # composer-cli compose status

    The output displays the status in the following format:

    $ <UUID> RUNNING date <blueprint-name>  <blueprint-version> edge-ami
  3. After the compose process finishes, download the resulting image file:

    # composer-cli compose image <UUID>

Next steps

  • Upload the edge-ami image to AWS

10.3. Uploading a RHEL Edge AMI image to AWS

Upload the edge-ami image to Amazon AWS Cloud service provider by using the CLI.

Prerequisites

  • You have an Access Key ID configured in the AWS IAM account manager. You have a writable S3 bucket prepared. You have created the required roles for your AWS bucket. You have the aws-cli tool installed .

Procedure

  1. Configure the aws-cli tool:

    $ aws configure
    1. Configure your profile. Run the command and enter your Access key ID credential, Secret access key, Default region name, and default output name:

      $ aws configure --profile
  2. List the existing buckets:

    $ aws s3 ls
  3. Upload your image to S3:

    $ aws s3 cp <path_to_image/image> s3://<your_bucket_name>
  4. List the image in the S3 bucket:

    $ aws s3 ls s3://<your_bucket_name>
  5. Create a container-simple.json file. Replace the "URL" content with the S3 bucket. For example: s3://rhel-edge-ami-us-west-2/2ba3c125-cc58-4cc0-861a-4cc78e892df6-image.raw.

    {
      "Description": "RHEL for Edge image",
      "Format": "edge-ami",
      "Url": "s3://rhel-edge-ami-us-west-2/UUID-image.raw"
    }
  6. Import the edge.ami image to the S3 bucket as an EC2 snapshot.

    Note

    The EC2 image must be in the same region that you have created the S3 bucket.

    $ aws ec2 import-snapshot --description "RHEL edge" \
    --disk-container file://container-simple.json --region us-west-2

    The following .json: is an example of the command output:

    {
      "Description": "RHEL for Edge image",
      "Format": "edge-ami",
      "Url": "s3://rhel-edge-ami-us-west-2/UUID-image.raw"
    }
  7. Take note of "ImportTaskId" value from the json. Use it to check the import status. In this example, the "ImportTaskId" is import-snap-0f3055c4b7a454c85.
  8. Check the import status of the snapshot, by using the "ImportTaskId" value from the output json file from the previous step:

    $ aws ec2 describe-import-snapshot-tasks \
    --import-task-ids import-snap-0f3055c4b7a454c85
    {
        "ImportSnapshotTasks": [
            {
                "Description": "RHEL edge",
                "ImportTaskId": "import-snap-0f3055c4b7a454c85",
                "SnapshotTaskDetail": {
                    "Description": "RHEL edge",
                    "DiskImageSize": 10737418240.0,
                    "Format": "RAW",
                    "SnapshotId": "snap-001b267e752039eab",
                    "Status": "completed",
                    "Url": "s3://rhel-edge-ami-us-west-2/2ba3c125-cc58-4cc0-861a-4cc78e892df6-image.raw",
                    "UserBucket": {
                        "S3Bucket": "rhel-edge-ami-us-west-2",
                        "S3Key": "2ba3c125-cc58-4cc0-861a-4cc78e892df6-image.raw"
                    }
                },
                "Tags": []
            }
        ]
    }

    Run this command until the "Status" is marked as "completed". After that, you can access EC2 to create the AMI image from the snapshot, and launch it.

Verification

To confirm that the image upload was successful:

  1. Access EC2 in the menu and select the correct region in the AWS console. The image must have the available status, to indicate that it was successfully uploaded.
  2. On the dashboard, select your image and click Launch.

    When launching the new instance, you must select UEFI as the boot mode, and choose at least 4GB of RAM for the EC2 image.

  3. You can log in into the edge-ami on AWS by using the username and password you created with the Ignition configuration.