[AWS] EC2 – AMIs

AMIs (Amazon Machine Images) are containers that are used to build instances (OS + SW packages + settings).

Features

  • Snapshots of EBS volumes are created automatically and used to create an AMI.
  • AMI stores a snapshot of EBS volumes, permissions, and a block device mapping.
  • AMIs need to have appropriate launch permissions (private, a specific account, or public).
  • AMIs can be copied to other AWS regions.
  • AMI is used with Auto Scaling to launch new servers on demand.
  • AMIs are only available in the region they are created.
  • You can select the AMI based on: Region, OS, Architecture (32, 64, Arm), Launch Permissions, Root Storage Types (EBS or Instance store volume).
  • EBS is from the snapshot, and an Instance store volume is from the template.

Types of AMIs

  • Community AMIs (free)
  • AWS Market AMIs (pay to use + additional licensed software)
  • My AMIs

EC2 Image Builder

EC2 Image builder allows you to create AMIs and container images simply through a graphical interface.

  • validates and tests images.
    • Security compliance, AWS-provided tests, or custom tests
  • Use case:
    • You can automate image update processes such as software updates.
    • Image Builder creates a new image, runs validation tests, and makes it available in AWS regions of your choice.
  • can be run on schedule.
  • A free service. You need to pay only for the underlying resources.
  • can publish AMIs to multiple regions and multiple accounts
    • Use AWS RAM (Resource Access Manager) to share images, recipies, and components across accounts or through AWS Organization

Image Pipeline

  • Image Recipe:
    • Image builder uses a recipe for each image.
    • An image can be AMI (Amazon Machine Image) or Docker Image.
  • A pipeline defines the configuration and end-to-end process.
    • Base OS (Source Image) -> Software (Build Components) -> Tests -> Distribution

How to use Image Builder

  1. Create an IAM Role
    • Add permissions for EC2 Image Builder
  2. Create an Image Pipeline
    • Define a recipe – configuration settings
      • Image (Output) Type: AMI or Docker Image
      • Base Image
      • Add Components
  3. Execute the Pipeline
    • Image Builder launches a temporary build and tests the instance.
  4. The image can be seen in the EC2 console AMIs section.

Role

Use Cases of Image Builder

Tracking Latest AMI ID

  1. A new AMI is created by Image Builder
  2. Send a notification to the SNS Topic
  3. A Lambda function is invoked
    • A new AMI Image is stored in the SSM Parameter Store.
  4. A new AMI id can be referenced to users or in the CloudFormation templates.

Auto Scaling Launch Template

  • On EC2 Image Builder, you can create a new version of your EC2 Auto Scaling launch template that references your latest Amazon Machine Images (AMIs).
  • Using Image Builder pipeline (in the distribution phase), you can easily create these new launch template versions with the latest AMI to be used across all your AWS regions.
    • You can specify an Amazon EC2 launch template in your distribution settings, using launchTemplateConfigurations.
  • Configure the Auto Scaling groups to use the newest version of the launch template.
Unknown's avatar

Published by Pyongwon Lee

IT (Cloud, Web) Development, Philosophy, Economics.

Leave a Comment