オリジナルのAMIをPackerでさくっと作成

説明

今回のAMIには以下を組み込んだものを作成します。

• CloudWatch CustomMetrics
• AWS CodeDeploy Agent
• Amazon EC2 Simple Systems Manager

今回は、「Amazon Linux AMI 2015.09.2 (HVM), SSD Volume Type」ami-59bdb937を指定する。ついでにtimezone変更とロケール変更もしちゃいましょう。

以下の指定はそれぞれの環境に合わせること

• region
• availability_zone
• ami_name
• security_group_id
• ssh_keypair_name
• subnet_id
• vpc_id
• ssh_private_key_file
• ami_description

packer_create_golden_image.json

{
  "variables": {
    "aws_access_key": "",
    "aws_secret_key": ""
  },
  "builders": [{
    "type": "amazon-ebs",
    "access_key": "{{user `aws_access_key`}}",
    "secret_key": "{{user `aws_secret_key`}}",
    "region": "ap-northeast-1",
    "availability_zone": "ap-northeast-1c",
    "source_ami": "ami-59bdb937",
    "instance_type": "t2.micro",
    "ssh_username": "ec2-user",
    "ami_name": "packer-image-{{timestamp}}",
    "associate_public_ip_address": true,
    "security_group_id": "sg-xxxx",
    "ssh_keypair_name": "awskey",
    "ssh_private_ip": false,
    "subnet_id": "subnet-xxxx",
    "vpc_id": "vpc-xxxx",
    "ssh_private_key_file": "/Users/hogehoge/.ssh/awskey.pem",
    "ssh_timeout": "10m",
    "ami_description": "packer-image-{{timestamp}}",
    "ssh_pty" : "true",
    "tags": {
      "Name": "packer-golden-ami"
    }
  }],
  "provisioners": [{
     "type": "shell",
     "execute_command": "{{ .Vars }} sudo -E sh '{{ .Path }}'",
     "scripts": [
       "script/script.sh"
     ]
  }]
}

script/script.sh

#!/bin/bash
yum -y update
yum -y groupinstall 'Development tools'

# cloudwatch custom metrics
wget http://aws-cloudwatch.s3.amazonaws.com/downloads/CloudWatchMonitoringScripts-1.2.1.zip -P /opt/aws
cd /opt/aws/
unzip CloudWatchMonitoringScripts-1.2.1.zip
rm -f CloudWatchMonitoringScripts-1.2.1.zip
(crontab -l; echo "*/5 * * * * /opt/aws/aws-scripts-mon/mon-put-instance-data.pl --mem-util --mem-used --mem-avail --disk-space-util --disk-path=/ --from-cron") | crontab -

# service start
service crond restart

# install codedeploy-agent
aws s3 cp s3://aws-codedeploy-ap-northeast-1/latest/install . --region ap-northeast-1
chmod +x ./install
./install auto

# amazon-ssm-agent install
mkdir /tmp/ssm
curl https://amazon-ssm-ap-northeast-1.s3.amazonaws.com/latest/linux_amd64/amazon-ssm-agent.rpm -o /tmp/ssm/amazon-ssm-agent.rpm
yum install -y /tmp/ssm/amazon-ssm-agent.rpm

# for JST setting
cp /usr/share/zoneinfo/Japan /etc/localtime
echo "LANG=ja_JP.UTF-8" > /etc/sysconfig/i18n
sed -i -e "s/ZONE=.*$/ZONE=\"Asia\/Tokyo\"/" /etc/sysconfig/clock
sed -i -e "s/UTC=.*$/UTC=false/" /etc/sysconfig/clock
echo 'ARC=false' >> /etc/sysconfig/clock

確認

packer validate -var 'aws_access_key=xxxx' -var 'aws_secret_key=xxxx' packer_create_golden_image.json

Template validated successfully.が出たらOKです。

実行

packer  build -var 'aws_access_key=xxxx' -var 'aws_secret_key=xxxx' packer_create_golden_image.json

（長いので省略）
==> Builds finished. The artifacts of successful builds are:
--> amazon-ebs: AMIs were created:

ap-northeast-1: ami-xxxxxx

このような出力がされたらAMIが正常に作られています。