diff options
author | Jake Buchholz <tomalok@gmail.com> | 2018-07-31 17:55:39 -0700 |
---|---|---|
committer | Mike Crute <mike@crute.us> | 2018-08-28 09:20:48 -0700 |
commit | cb95f7fd1eed7be5acbd386a95b0ba17823c6624 (patch) | |
tree | 63d5315edd9e00216ce2fcda6477cdb8d668c4ca | |
parent | 836d9a3e7ef0b664f2b33fc65bb5315b901dfe2e (diff) | |
download | alpine-ec2-ami-cb95f7fd1eed7be5acbd386a95b0ba17823c6624.tar.bz2 alpine-ec2-ami-cb95f7fd1eed7be5acbd386a95b0ba17823c6624.tar.xz alpine-ec2-ami-cb95f7fd1eed7be5acbd386a95b0ba17823c6624.zip |
Improve Configurability
* move config variables from alpine-ami.yaml to variables.json-*
+ variables.json-default - ready-for-action original default config
+ variables.json-example - original defaults with comments
* clean up tabs vs. spaces in make_ami.sh
* make_ami.sh handles custom kernel flavor, extra repos, and extra packages
* tweak README with regards to aws-ena-driver caveat
-rw-r--r-- | README.md | 7 | ||||
-rw-r--r-- | alpine-ami.yaml | 93 | ||||
-rwxr-xr-x | make_ami.sh | 89 | ||||
-rw-r--r-- | variables.json-default | 22 | ||||
-rw-r--r-- | variables.json-example | 72 |
5 files changed, 178 insertions, 105 deletions
@@ -50,9 +50,10 @@ its development and thus there are some sharp edges. | |||
50 | hardware so it seems unlikely that they will be supported going forward. Thus | 50 | hardware so it seems unlikely that they will be supported going forward. Thus |
51 | this project does not support them. | 51 | this project does not support them. |
52 | 52 | ||
53 | - The aws-ena-driver-vanilla package is still in edge/testing. When it is | 53 | - The aws-ena-driver-vanilla package is still in edge/testing, and requires the |
54 | available in a release, the edge/testing repository can be removed from | 54 | matching linux-vanilla package from edge/main. When ENA is available in an |
55 | /etc/apk/repositories. | 55 | alpine version release, edge/testing and edge/main should no longer be |
56 | necessary. | ||
56 | 57 | ||
57 | - [cloud-init](https://cloudinit.readthedocs.io/en/latest/) is not currently | 58 | - [cloud-init](https://cloudinit.readthedocs.io/en/latest/) is not currently |
58 | supported on Alpine Linux. Instead this image uses | 59 | supported on Alpine Linux. Instead this image uses |
diff --git a/alpine-ami.yaml b/alpine-ami.yaml index af97e49..bc39b89 100644 --- a/alpine-ami.yaml +++ b/alpine-ami.yaml | |||
@@ -1,84 +1,59 @@ | |||
1 | variables: | 1 | variables: |
2 | security_group: "" | ||
3 | subnet: "" | ||
4 | public_ip: "false" | ||
5 | 2 | ||
6 | # Treat this similar to a ABUILD pkgrel variable and increment with every | 3 | # NOTE: Additional configuration is set via the `variables.json` file. |
7 | # release. Packer will notice an exiting AMI at build start and fail unless | 4 | # To use default values, simply `cp variables.json-default variables.json`. |
8 | # it is rmoved. To prevent a period of time where no Alpine AMI exists, | 5 | # See `variables.json-example` for full configuration variable descriptions. |
9 | # create a new variant. Old AMIs should be pruned at some point. | ||
10 | ami_release: "0" | ||
11 | 6 | ||
12 | # Overriding this requires validating that the installation script still | 7 | # NOTE: Changing alpine_release requires modifying `make_ami.sh` -- don't |
13 | # works as expected. It probably does but stuff changes between major | 8 | # override this in `variables.json`! |
14 | # version. | ||
15 | alpine_release: "3.8" | 9 | alpine_release: "3.8" |
16 | 10 | ||
17 | # Don't override this without a good reason and if you do just make sure it | ||
18 | # gets passed all the way through to the make_ami script | ||
19 | volume_name: "/dev/xvdf" | ||
20 | 11 | ||
21 | builders: | 12 | builders: |
22 | - type: "amazon-ebssurrogate" | 13 | - type: "amazon-ebssurrogate" |
23 | 14 | ||
24 | # Image is built inside a custom VPC so let Packer use the existing | 15 | ### Builder Instance Details |
25 | # resources | ||
26 | security_group_id: "{{user `security_group`}}" | ||
27 | subnet_id: "{{user `subnet`}}" | ||
28 | 16 | ||
29 | # Input Instance Setting | 17 | vpc_id: "{{user `vpc`}}" |
30 | instance_type: "t2.nano" | 18 | subnet_id: "{{user `subnet`}}" |
19 | security_group_id: "{{user `security_group`}}" | ||
20 | instance_type: "{{user `build_instance_type`}}" | ||
21 | associate_public_ip_address: "{{user `public_ip`}}" | ||
31 | launch_block_device_mappings: | 22 | launch_block_device_mappings: |
32 | - volume_type: "gp2" | 23 | - volume_type: "gp2" |
33 | device_name: "{{user `volume_name`}}" | 24 | device_name: "{{user `volume_name`}}" |
34 | delete_on_termination: true | 25 | delete_on_termination: "true" |
35 | volume_size: 1 | 26 | volume_size: "{{user `volume_size`}}" |
36 | associate_public_ip_address: "{{user `public_ip`}}" | ||
37 | |||
38 | # Output AMI Settings | ||
39 | ena_support: true | ||
40 | ami_name: "Alpine-{{user `alpine_release`}}-r{{user `ami_release`}}-EC2" | ||
41 | ami_description: "Alpine Linux {{user `alpine_release`}}-r{{user `ami_release`}} Release with EC2 Optimizations" | ||
42 | ami_groups: | ||
43 | - "all" | ||
44 | ami_virtualization_type: "hvm" | ||
45 | ami_regions: | ||
46 | - us-east-1 | ||
47 | - us-east-2 | ||
48 | - us-west-1 | ||
49 | - us-west-2 | ||
50 | - ca-central-1 | ||
51 | - eu-central-1 | ||
52 | - eu-west-1 | ||
53 | - eu-west-2 | ||
54 | - eu-west-3 | ||
55 | - ap-northeast-1 | ||
56 | - ap-northeast-2 | ||
57 | # - ap-northeast-3 | ||
58 | - ap-southeast-1 | ||
59 | - ap-southeast-2 | ||
60 | - ap-south-1 | ||
61 | - sa-east-1 | ||
62 | ami_root_device: | ||
63 | source_device_name: "{{user `volume_name`}}" | ||
64 | device_name: "/dev/xvda" | ||
65 | delete_on_termination: true | ||
66 | volume_size: 1 | ||
67 | volume_type: "gp2" | ||
68 | |||
69 | # Use the most recent Amazon Linux AMI as our base | ||
70 | ssh_username: "ec2-user" | 27 | ssh_username: "ec2-user" |
71 | source_ami_filter: | 28 | source_ami_filter: |
29 | # use the latest Amazon Linux AMI | ||
72 | filters: | 30 | filters: |
73 | virtualization-type: "hvm" | 31 | virtualization-type: "hvm" |
74 | root-device-type: "ebs" | 32 | root-device-type: "ebs" |
75 | architecture: "x86_64" | 33 | architecture: "x86_64" |
76 | name: "amzn-ami-hvm-*-x86_64-gp2" | 34 | name: "amzn-ami-hvm-*-x86_64-gp2" |
77 | owners: | 35 | owners: |
78 | - "137112412989" | 36 | - "137112412989" |
79 | most_recent: true | 37 | most_recent: "true" |
38 | |||
39 | ### Built AMI Details | ||
40 | |||
41 | ami_name: "{{user `ami_name_prefix`}}{{user `alpine_release`}}-r{{user `ami_release`}}{{user `ami_name_suffix`}}" | ||
42 | ami_description: "{{user `ami_desc_prefix`}}{{user `alpine_release`}}-r{{user `ami_release`}}{{user `ami_desc_suffix`}}" | ||
43 | ami_virtualization_type: "hvm" | ||
44 | ami_root_device: | ||
45 | source_device_name: "{{user `volume_name`}}" | ||
46 | device_name: "/dev/xvda" | ||
47 | delete_on_termination: "true" | ||
48 | volume_size: "{{user `volume_size`}}" | ||
49 | volume_type: "gp2" | ||
50 | ena_support: "{{user `ena_enable`}}" | ||
51 | sriov_support: "{{user `sriov_enable`}}" | ||
52 | ami_groups: "{{user `ami_access`}}" | ||
53 | ami_regions: "{{user `deploy_regions`}}" | ||
54 | |||
80 | 55 | ||
81 | provisioners: | 56 | provisioners: |
82 | - type: "shell" | 57 | - type: "shell" |
83 | script: "make_ami.sh" | 58 | script: "make_ami.sh" |
84 | execute_command: "sudo sh -c '{{ .Vars }} {{ .Path }} {{user `volume_name`}}'" | 59 | execute_command: 'sudo sh -c "{{ .Vars }} {{ .Path }} {{user `volume_name`}} {{user `kernel_flavor`}} ''{{user `add_repos`}}'' ''{{user `add_pkgs`}}''"' |
diff --git a/make_ami.sh b/make_ami.sh index c85c160..1e5a0b3 100755 --- a/make_ami.sh +++ b/make_ami.sh | |||
@@ -1,9 +1,9 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # vim:set ts=4: | 2 | # vim: set ts=4 noet: |
3 | 3 | ||
4 | set -eu | 4 | set -eu |
5 | 5 | ||
6 | : ${ALPINE_RELEASE:="3.8"} # not tested against edge | 6 | : ${ALPINE_RELEASE:="3.8"} # not tested against edge |
7 | : ${APK_TOOLS_URI:="https://github.com/alpinelinux/apk-tools/releases/download/v2.10.0/apk-tools-2.10.0-x86_64-linux.tar.gz"} | 7 | : ${APK_TOOLS_URI:="https://github.com/alpinelinux/apk-tools/releases/download/v2.10.0/apk-tools-2.10.0-x86_64-linux.tar.gz"} |
8 | : ${APK_TOOLS_SHA256:="77f2d256fcd5d6fdafadf43bb6a9c85c3da7bb471ee842dcd729175235cb9fed"} | 8 | : ${APK_TOOLS_SHA256:="77f2d256fcd5d6fdafadf43bb6a9c85c3da7bb471ee842dcd729175235cb9fed"} |
9 | : ${ALPINE_KEYS:="http://dl-cdn.alpinelinux.org/alpine/v3.8/main/x86_64/alpine-keys-2.1-r1.apk"} | 9 | : ${ALPINE_KEYS:="http://dl-cdn.alpinelinux.org/alpine/v3.8/main/x86_64/alpine-keys-2.1-r1.apk"} |
@@ -19,9 +19,9 @@ einfo() { | |||
19 | } | 19 | } |
20 | 20 | ||
21 | rc_add() { | 21 | rc_add() { |
22 | local target="$1"; shift # target directory | 22 | local target="$1"; shift # target directory |
23 | local runlevel="$1"; shift # runlevel name | 23 | local runlevel="$1"; shift # runlevel name |
24 | local services="$*" # names of services | 24 | local services="$*" # names of services |
25 | 25 | ||
26 | local svc; for svc in $services; do | 26 | local svc; for svc in $services; do |
27 | mkdir -p "$target"/etc/runlevels/$runlevel | 27 | mkdir -p "$target"/etc/runlevels/$runlevel |
@@ -31,9 +31,9 @@ rc_add() { | |||
31 | } | 31 | } |
32 | 32 | ||
33 | wgets() ( | 33 | wgets() ( |
34 | local url="$1" # url to fetch | 34 | local url="$1" # url to fetch |
35 | local sha256="$2" # expected SHA256 sum of output | 35 | local sha256="$2" # expected SHA256 sum of output |
36 | local dest="$3" # output path and filename | 36 | local dest="$3" # output path and filename |
37 | 37 | ||
38 | wget -T 10 -q -O "$dest" "$url" | 38 | wget -T 10 -q -O "$dest" "$url" |
39 | echo "$sha256 $dest" | sha256sum -c > /dev/null | 39 | echo "$sha256 $dest" | sha256sum -c > /dev/null |
@@ -41,7 +41,7 @@ wgets() ( | |||
41 | 41 | ||
42 | 42 | ||
43 | validate_block_device() { | 43 | validate_block_device() { |
44 | local dev="$1" # target directory | 44 | local dev="$1" # target directory |
45 | 45 | ||
46 | lsblk -P --fs "$dev" >/dev/null 2>&1 || \ | 46 | lsblk -P --fs "$dev" >/dev/null 2>&1 || \ |
47 | die "'$dev' is not a valid block device" | 47 | die "'$dev' is not a valid block device" |
@@ -62,8 +62,8 @@ fetch_apk_tools() { | |||
62 | } | 62 | } |
63 | 63 | ||
64 | make_filesystem() { | 64 | make_filesystem() { |
65 | local device="$1" # target device path | 65 | local device="$1" # target device path |
66 | local target="$2" # mount target | 66 | local target="$2" # mount target |
67 | 67 | ||
68 | mkfs.ext4 "$device" | 68 | mkfs.ext4 "$device" |
69 | e2label "$device" / | 69 | e2label "$device" / |
@@ -71,15 +71,15 @@ make_filesystem() { | |||
71 | } | 71 | } |
72 | 72 | ||
73 | setup_repositories() { | 73 | setup_repositories() { |
74 | local target="$1" # target directory | 74 | local target="$1" # target directory |
75 | local add_repos="$2" # extra repo lines, comma separated | ||
75 | 76 | ||
76 | # NOTE: we only need @testing for aws-ena-driver-vanilla, this can be removed if/when released | ||
77 | mkdir -p "$target"/etc/apk/keys | 77 | mkdir -p "$target"/etc/apk/keys |
78 | cat > "$target"/etc/apk/repositories <<-EOF | 78 | cat > "$target"/etc/apk/repositories <<-EOF |
79 | http://dl-cdn.alpinelinux.org/alpine/v$ALPINE_RELEASE/main | 79 | http://dl-cdn.alpinelinux.org/alpine/v$ALPINE_RELEASE/main |
80 | http://dl-cdn.alpinelinux.org/alpine/v$ALPINE_RELEASE/community | 80 | http://dl-cdn.alpinelinux.org/alpine/v$ALPINE_RELEASE/community |
81 | @testing http://dl-cdn.alpinelinux.org/alpine/edge/testing | ||
82 | EOF | 81 | EOF |
82 | echo "$add_repos" | tr , "\012" >> "$target"/etc/apk/repositories | ||
83 | } | 83 | } |
84 | 84 | ||
85 | fetch_keys() { | 85 | fetch_keys() { |
@@ -99,45 +99,44 @@ setup_chroot() { | |||
99 | mount --bind /sys "$target"/sys | 99 | mount --bind /sys "$target"/sys |
100 | 100 | ||
101 | # Don't want to ship this but it's needed for bootstrap. Will be removed in | 101 | # Don't want to ship this but it's needed for bootstrap. Will be removed in |
102 | # the cleanup stage. | 102 | # the cleanup stage. |
103 | install -Dm644 /etc/resolv.conf "$target"/etc/resolv.conf | 103 | install -Dm644 /etc/resolv.conf "$target"/etc/resolv.conf |
104 | } | 104 | } |
105 | 105 | ||
106 | install_core_packages() { | 106 | install_core_packages() { |
107 | local target="$1" | 107 | local target="$1" # target directory |
108 | local flavor="$2" # kernel flavor | ||
109 | local add_pkgs="$3" # extra packages, space separated | ||
108 | 110 | ||
109 | # Most from: https://git.alpinelinux.org/cgit/alpine-iso/tree/alpine-virt.packages | 111 | # Most from: https://git.alpinelinux.org/cgit/alpine-iso/tree/alpine-virt.packages |
110 | # | 112 | # |
111 | # acct - installed by some configurations, so added here | 113 | # linux-$flavor - linux kernel flavor to install |
112 | # aws-ena-driver-vanilla - required for ENA enabled instances (still in edge/testing) | ||
113 | # e2fsprogs - required by init scripts to maintain ext4 volumes | 114 | # e2fsprogs - required by init scripts to maintain ext4 volumes |
114 | # linux-vanilla - can't use virt because it's missing NVME support | ||
115 | # mkinitfs - required to build custom initfs | 115 | # mkinitfs - required to build custom initfs |
116 | # sudo - to allow alpine user to become root, disallow root SSH logins | 116 | # sudo - to allow alpine user to become root, disallow root SSH logins |
117 | # tiny-ec2-bootstrap - to bootstrap system from EC2 metadata | 117 | # tiny-ec2-bootstrap - to bootstrap system from EC2 metadata |
118 | chroot "$target" apk --no-cache add \ | 118 | chroot "$target" apk --no-cache add \ |
119 | acct \ | 119 | linux-"$flavor" \ |
120 | alpine-mirrors \ | 120 | alpine-mirrors \ |
121 | aws-ena-driver-vanilla@testing \ | ||
122 | chrony \ | 121 | chrony \ |
123 | e2fsprogs \ | 122 | e2fsprogs \ |
124 | linux-vanilla \ | ||
125 | mkinitfs \ | 123 | mkinitfs \ |
126 | openssh \ | 124 | openssh \ |
127 | sudo \ | 125 | sudo \ |
128 | tiny-ec2-bootstrap \ | 126 | tiny-ec2-bootstrap \ |
129 | tzdata | 127 | tzdata \ |
128 | $add_pkgs | ||
130 | 129 | ||
131 | chroot "$target" apk --no-cache add --no-scripts syslinux | 130 | chroot "$target" apk --no-cache add --no-scripts syslinux |
132 | 131 | ||
133 | # Disable starting getty for physical ttys because they're all inaccessible | 132 | # Disable starting getty for physical ttys because they're all inaccessible |
134 | # anyhow. With this configuration boot messages will still display in the | 133 | # anyhow. With this configuration boot messages will still display in the |
135 | # EC2 console. | 134 | # EC2 console. |
136 | sed -Ei '/^tty\d/s/^/#/' /etc/inittab | 135 | sed -Ei '/^tty\d/s/^/#/' /etc/inittab |
137 | 136 | ||
138 | # Make it a little more obvious who is logged in by adding username to the | 137 | # Make it a little more obvious who is logged in by adding username to the |
139 | # prompt | 138 | # prompt |
140 | sed -i "s/^export PS1='/&\\\\u@/" /etc/profile | 139 | sed -i "s/^export PS1='/&\\\\u@/" /etc/profile |
141 | } | 140 | } |
142 | 141 | ||
143 | create_initfs() { | 142 | create_initfs() { |
@@ -165,10 +164,10 @@ setup_extlinux() { | |||
165 | # Enable ext4 because the root device is formatted ext4 | 164 | # Enable ext4 because the root device is formatted ext4 |
166 | # | 165 | # |
167 | # Shorten timeout because EC2 has no way to interact with instance console | 166 | # Shorten timeout because EC2 has no way to interact with instance console |
168 | # | 167 | # |
169 | # ttyS0 is the target for EC2s "Get System Log" feature whereas tty0 is the | 168 | # ttyS0 is the target for EC2s "Get System Log" feature whereas tty0 is the |
170 | # target for EC2s "Get Instance Screenshot" feature. Enabling the serial | 169 | # target for EC2s "Get Instance Screenshot" feature. Enabling the serial |
171 | # port early in extlinux gives the most complete output in the system log. | 170 | # port early in extlinux gives the most complete output in the system log. |
172 | sed -Ei -e "s|^[# ]*(root)=.*|\1=LABEL=/|" \ | 171 | sed -Ei -e "s|^[# ]*(root)=.*|\1=LABEL=/|" \ |
173 | -e "s|^[# ]*(default_kernel_opts)=.*|\1=\"console=ttyS0 console=tty0\"|" \ | 172 | -e "s|^[# ]*(default_kernel_opts)=.*|\1=\"console=ttyS0 console=tty0\"|" \ |
174 | -e "s|^[# ]*(serial_port)=.*|\1=ttyS0|" \ | 173 | -e "s|^[# ]*(serial_port)=.*|\1=ttyS0|" \ |
@@ -189,8 +188,8 @@ setup_fstab() { | |||
189 | local target="$1" | 188 | local target="$1" |
190 | 189 | ||
191 | cat > "$target"/etc/fstab <<-EOF | 190 | cat > "$target"/etc/fstab <<-EOF |
192 | # <fs> <mountpoint> <type> <opts> <dump/pass> | 191 | # <fs> <mountpoint> <type> <opts> <dump/pass> |
193 | LABEL=/ / ext4 defaults,noatime 1 1 | 192 | LABEL=/ / ext4 defaults,noatime 1 1 |
194 | EOF | 193 | EOF |
195 | } | 194 | } |
196 | 195 | ||
@@ -244,14 +243,14 @@ configure_ntp() { | |||
244 | # in EC2. | 243 | # in EC2. |
245 | # | 244 | # |
246 | # See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/set-time.html | 245 | # See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/set-time.html |
247 | sed -i 's/^server .*/server 169.254.169.123/' "$target"/etc/chrony/chrony.conf | 246 | sed -i 's/^server .*/server 169.254.169.123/' "$target"/etc/chrony/chrony.conf |
248 | } | 247 | } |
249 | 248 | ||
250 | cleanup() { | 249 | cleanup() { |
251 | local target="$1" | 250 | local target="$1" |
252 | 251 | ||
253 | # Sweep cruft out of the image that doesn't need to ship or will be | 252 | # Sweep cruft out of the image that doesn't need to ship or will be |
254 | # re-generated when the image boots | 253 | # re-generated when the image boots |
255 | rm -f \ | 254 | rm -f \ |
256 | "$target"/var/cache/apk/* \ | 255 | "$target"/var/cache/apk/* \ |
257 | "$target"/etc/resolv.conf \ | 256 | "$target"/etc/resolv.conf \ |
@@ -263,26 +262,30 @@ cleanup() { | |||
263 | "$target"/proc \ | 262 | "$target"/proc \ |
264 | "$target"/sys | 263 | "$target"/sys |
265 | 264 | ||
266 | umount "$target" | 265 | umount "$target" |
267 | } | 266 | } |
268 | 267 | ||
269 | main() { | 268 | main() { |
270 | [ "$#" -ne 1 ] && { echo "usage: $0 <block-device>"; exit 1; } | 269 | [ "$#" -ne 4 ] && { echo "usage: $0 <block-device> <kernel-flavor> '<repo>[,<repo>]' '<pkg>[ <pkg>]'"; exit 1; } |
271 | 270 | ||
272 | device="$1" | 271 | device="$1" |
272 | flavor="$2" | ||
273 | add_repos="$3" | ||
274 | add_pkgs="$4" | ||
275 | |||
273 | target="/mnt/target" | 276 | target="/mnt/target" |
274 | 277 | ||
275 | validate_block_device "$device" | 278 | validate_block_device "$device" |
276 | 279 | ||
277 | [ -d "$target" ] || mkdir "$target" | 280 | [ -d "$target" ] || mkdir "$target" |
278 | 281 | ||
279 | einfo "Fetching static APK tools" | 282 | einfo "Fetching static APK tools" |
280 | apk="$(fetch_apk_tools)" | 283 | apk="$(fetch_apk_tools)" |
281 | 284 | ||
282 | einfo "Creating root filesystem" | 285 | einfo "Creating root filesystem" |
283 | make_filesystem "$device" "$target" | 286 | make_filesystem "$device" "$target" |
284 | 287 | ||
285 | setup_repositories "$target" | 288 | setup_repositories "$target" "$add_repos" |
286 | 289 | ||
287 | einfo "Fetching Alpine signing keys" | 290 | einfo "Fetching Alpine signing keys" |
288 | fetch_keys "$target" | 291 | fetch_keys "$target" |
@@ -293,7 +296,7 @@ main() { | |||
293 | setup_chroot "$target" | 296 | setup_chroot "$target" |
294 | 297 | ||
295 | einfo "Installing core packages" | 298 | einfo "Installing core packages" |
296 | install_core_packages "$target" | 299 | install_core_packages "$target" "$flavor" "$add_pkgs" |
297 | 300 | ||
298 | einfo "Configuring and enabling boot loader" | 301 | einfo "Configuring and enabling boot loader" |
299 | create_initfs "$target" | 302 | create_initfs "$target" |
diff --git a/variables.json-default b/variables.json-default new file mode 100644 index 0000000..a1f3ce0 --- /dev/null +++ b/variables.json-default | |||
@@ -0,0 +1,22 @@ | |||
1 | { | ||
2 | "ami_release": "1", | ||
3 | "ami_name_prefix": "Alpine-", | ||
4 | "ami_name_suffix": "-EC2", | ||
5 | "ami_desc_prefix": "Alpine Linux ", | ||
6 | "ami_desc_suffix": " Release with EC2 Optimizations", | ||
7 | "kernel_flavor": "vanilla@edge-main", | ||
8 | "add_repos": "@edge-main http://dl-cdn.alpinelinux.org/alpine/edge/main,@edge-testing http://dl-cdn.alpinelinux.org/alpine/edge/testing", | ||
9 | "add_pkgs": "acct aws-ena-driver-vanilla@edge-testing", | ||
10 | "ena_enable": "true", | ||
11 | "sriov_enable": "false", | ||
12 | "volume_size": "1", | ||
13 | "ami_access": "all", | ||
14 | "deploy_regions": "us-east-1,us-east-2,us-west-1,us-west-2,ca-central-1,eu-central-1,eu-west-1,eu-west-2,eu-west-3,ap-northeast-1,ap-northeast-2,ap-southeast-1,ap-southeast-2,ap-south-1,sa-east-1", | ||
15 | |||
16 | "vpc": "", | ||
17 | "subnet": "", | ||
18 | "security_group": "", | ||
19 | "public_ip": "false", | ||
20 | "build_instance_type": "t2.nano", | ||
21 | "volume_name": "/dev/xvdf" | ||
22 | } | ||
diff --git a/variables.json-example b/variables.json-example new file mode 100644 index 0000000..4660c1d --- /dev/null +++ b/variables.json-example | |||
@@ -0,0 +1,72 @@ | |||
1 | # NOTE: This is file not valid JSON. | ||
2 | { | ||
3 | ### Build Options ### | ||
4 | |||
5 | # Treat similar to a ABUILD pkgrel variable and increment with every release. | ||
6 | "ami_release": "1", | ||
7 | |||
8 | # AMI name prefix and suffix | ||
9 | "ami_name_prefix": "Alpine-", | ||
10 | "ami_name_suffix": "-EC2", | ||
11 | |||
12 | # AMI description prefix and suffix | ||
13 | "ami_desc_prefix": "Alpine Linux ", | ||
14 | "ami_desc_suffix": " Release with EC2 Optimizations", | ||
15 | |||
16 | # Kernel "flavor" to install. 'virt' is a slim choice, but doesn't currently | ||
17 | # include NVME support and there is no matching 'aws-ena-driver' package. | ||
18 | # 'vanilla' installs a lot of unneeded stuff (for an AMI), but does support | ||
19 | # NVME; however, there is no matching ENA driver in the main repo. In order | ||
20 | # to support NVME and ENA, we need to use 'vanilla@edge-main', which matches | ||
21 | # the 'aws-ena-driver@edge-testing' package. | ||
22 | "kernel_flavor": "vanilla@edge-main", | ||
23 | |||
24 | # Comma separated list of lines to add to /etc/apk/repositories. We need | ||
25 | # edge/main and edge/testing for simultaneous NVME and ENA support. | ||
26 | "add_repos": "@edge-main http://dl-cdn.alpinelinux.org/alpine/edge/main,@edge-testing http://dl-cdn.alpinelinux.org/alpine/edge/testing", | ||
27 | |||
28 | # Space separated list of additional packages to add to the AMI. | ||
29 | # acct - system accounting utilities (sa, etc.) | ||
30 | # aws-ena-driver-vanilla - Enhanced Network Adapter kernel module | ||
31 | "add_pkgs": "acct aws-ena-driver-vanilla@edge-testing", | ||
32 | |||
33 | # Enable ENA/SRIOV support on the AMI. | ||
34 | "ena_enable": "true", | ||
35 | "sriov_enable": "false", | ||
36 | |||
37 | # Size of the AMI image (in GiB). | ||
38 | "volume_size": "1", | ||
39 | |||
40 | # Comma separated list of groups that should have access to the AMI. However, | ||
41 | # only two values are currently supported: 'all' for public, '' for private. | ||
42 | "ami_access": "all", | ||
43 | |||
44 | # Comma separated list of regions to where the AMI should be copied. | ||
45 | # NOTE: ap-northeast-3 skipped, as it is available by subscription-only. | ||
46 | "deploy_regions": "us-east-1,us-east-2,us-west-1,us-west-2,ca-central-1,eu-central-1,eu-west-1,eu-west-2,eu-west-3,ap-northeast-1,ap-northeast-2,ap-southeast-1,ap-southeast-2,ap-south-1,sa-east-1", | ||
47 | |||
48 | |||
49 | ### Builder-Instance Options ### | ||
50 | |||
51 | # VPC in which the builder instance is to be launched; you must also provide | ||
52 | # a subnet. | ||
53 | "vpc": "", | ||
54 | |||
55 | # Subnet in which the builder instance is to be launched. | ||
56 | "subnet": "", | ||
57 | |||
58 | # Security group to apply to the builder instance. | ||
59 | "security_group": "", | ||
60 | |||
61 | # Assign a public IP to the builder instance. Set to 'true' for if you need | ||
62 | # to initiate the build from somewhere that wouldn't normally be able to | ||
63 | # access the builder instance's private network. | ||
64 | "public_ip": "false", | ||
65 | |||
66 | # Instance type to use for building. | ||
67 | "build_instance_type": "t2.nano", | ||
68 | |||
69 | # Don't override this without a good reason, and if you do just make sure it | ||
70 | # gets passed all the way through to the make_ami script. | ||
71 | "volume_name": "/dev/xvdf" | ||
72 | } | ||