pyrox.dev / nixpkgs
lol
fork atom

Create AMIs with Enhanced Networking

Fixes #15956.

Eelco Dolstra 02db7d98 d9724bcd

+52 -28
unified split
+52 -28
nixos/maintainers/scripts/ec2/create-amis.sh
··· 51 echo "doing $name in $region..." 52 53 if [ -n "$prevAmi" ]; then 54 - ami=$(ec2-copy-image \ 55 --region "$region" \ 56 - --source-region "$prevRegion" --source-ami-id "$prevAmi" \ 57 - --name "$name" --description "$description" | cut -f 2) 58 else 59 60 if [ $store = s3 ]; then ··· 85 ec2-upload-bundle \ 86 -m $imageDir/$type.raw.manifest.xml \ 87 -b "$bucket/$bucketDir" \ 88 - -a "$EC2_ACCESS_KEY" -s "$EC2_SECRET_KEY" \ 89 --location EU 90 touch $imageDir/uploaded 91 fi 92 93 - extraFlags="$bucket/$bucketDir/$type.raw.manifest.xml" 94 95 else 96 ··· 115 if [ -z "$snapId" -a -z "$volId" -a -z "$taskId" ]; then 116 echo "importing $vhdFile..." 117 taskId=$(ec2-import-volume $vhdFile --no-upload -f vhd \ 118 - -o "$EC2_ACCESS_KEY" -w "$EC2_SECRET_KEY" \ 119 --region "$region" -z "${region}a" \ 120 --bucket "$bucket" --prefix "$bucketDir/" \ 121 | tee /dev/stderr \ ··· 125 126 if [ -z "$snapId" -a -z "$volId" ]; then 127 ec2-resume-import $vhdFile -t "$taskId" --region "$region" \ 128 - -o "$EC2_ACCESS_KEY" -w "$EC2_SECRET_KEY" 129 fi 130 131 # Wait for the volume creation to finish. 132 if [ -z "$snapId" -a -z "$volId" ]; then 133 echo "waiting for import to finish..." 134 while true; do 135 - volId=$(ec2-describe-conversion-tasks "$taskId" --region "$region" | sed 's/.*VolumeId.*\(vol-[0-9a-f]\+\).*/\1/ ; t ; d') 136 - if [ -n "$volId" ]; then break; fi 137 sleep 10 138 done 139 ··· 143 # Delete the import task. 144 if [ -n "$volId" -a -n "$taskId" ]; then 145 echo "removing import task..." 146 - ec2-delete-disk-image -t "$taskId" --region "$region" -o "$EC2_ACCESS_KEY" -w "$EC2_SECRET_KEY" || true 147 rm -f $stateDir/$region.$type.task-id 148 fi 149 150 # Create a snapshot. 151 if [ -z "$snapId" ]; then 152 echo "creating snapshot..." 153 - snapId=$(ec2-create-snapshot "$volId" --region "$region" | cut -f 2) 154 echo -n "$snapId" > $stateDir/$region.$type.snap-id 155 - ec2-create-tags "$snapId" -t "Name=$description" --region "$region" 156 fi 157 158 # Wait for the snapshot to finish. 159 echo "waiting for snapshot to finish..." 160 while true; do 161 - status=$(ec2-describe-snapshots "$snapId" --region "$region" | head -n1 | cut -f 4) 162 if [ "$status" = completed ]; then break; fi 163 sleep 10 164 done ··· 166 # Delete the volume. 167 if [ -n "$volId" ]; then 168 echo "deleting volume..." 169 - ec2-delete-volume "$volId" --region "$region" || true 170 rm -f $stateDir/$region.$type.vol-id 171 fi 172 173 - extraFlags="-b /dev/sda1=$snapId:$vhdFileLogicalGigaBytes:true:gp2" 174 175 if [ $type = pv ]; then 176 - extraFlags+=" --root-device-name=/dev/sda1" 177 fi 178 179 - extraFlags+=" -b /dev/sdb=ephemeral0 -b /dev/sdc=ephemeral1 -b /dev/sdd=ephemeral2 -b /dev/sde=ephemeral3" 180 fi 181 182 # Register the AMI. 183 if [ $type = pv ]; then 184 - kernel=$(ec2-describe-images -o amazon --filter "manifest-location=*pv-grub-hd0_1.04-$arch*" --region "$region" | cut -f 2) 185 - [ -n "$kernel" ] 186 echo "using PV-GRUB kernel $kernel" 187 extraFlags+=" --virtualization-type paravirtual --kernel $kernel" 188 else 189 extraFlags+=" --virtualization-type hvm" 190 fi 191 192 - ami=$(ec2-register \ 193 - -n "$name" \ 194 - -d "$description" \ 195 --region "$region" \ 196 --architecture "$arch" \ 197 - $extraFlags | cut -f 2) 198 fi 199 200 echo -n "$ami" > $amiFile ··· 204 ami=$(cat $amiFile) 205 fi 206 207 if [ -z "$NO_WAIT" -o -z "$prevAmi" ]; then 208 - echo "waiting for AMI..." 209 while true; do 210 - status=$(ec2-describe-images "$ami" --region "$region" | head -n1 | cut -f 5) 211 if [ "$status" = available ]; then break; fi 212 sleep 10 213 done 214 215 - ec2-modify-image-attribute \ 216 - --region "$region" "$ami" -l -a all 217 fi 218 219 - echo "region = $region, type = $type, store = $store, ami = $ami" 220 if [ -z "$prevAmi" ]; then 221 prevAmi="$ami" 222 prevRegion="$region"
··· 51 echo "doing $name in $region..." 52 53 if [ -n "$prevAmi" ]; then 54 + ami=$(aws ec2 copy-image \ 55 --region "$region" \ 56 + --source-region "$prevRegion" --source-image-id "$prevAmi" \ 57 + --name "$name" --description "$description" | json -q .ImageId) 58 + if [ "$ami" = null ]; then break; fi 59 else 60 61 if [ $store = s3 ]; then ··· 86 ec2-upload-bundle \ 87 -m $imageDir/$type.raw.manifest.xml \ 88 -b "$bucket/$bucketDir" \ 89 + -a "$AWS_ACCESS_KEY_ID" -s "$AWS_SECRET_ACCESS_KEY" \ 90 --location EU 91 touch $imageDir/uploaded 92 fi 93 94 + extraFlags="--image-location $bucket/$bucketDir/$type.raw.manifest.xml" 95 96 else 97 ··· 116 if [ -z "$snapId" -a -z "$volId" -a -z "$taskId" ]; then 117 echo "importing $vhdFile..." 118 taskId=$(ec2-import-volume $vhdFile --no-upload -f vhd \ 119 + -O "$AWS_ACCESS_KEY_ID" -W "$AWS_SECRET_ACCESS_KEY" \ 120 + -o "$AWS_ACCESS_KEY_ID" -w "$AWS_SECRET_ACCESS_KEY" \ 121 --region "$region" -z "${region}a" \ 122 --bucket "$bucket" --prefix "$bucketDir/" \ 123 | tee /dev/stderr \ ··· 127 128 if [ -z "$snapId" -a -z "$volId" ]; then 129 ec2-resume-import $vhdFile -t "$taskId" --region "$region" \ 130 + -O "$AWS_ACCESS_KEY_ID" -W "$AWS_SECRET_ACCESS_KEY" \ 131 + -o "$AWS_ACCESS_KEY_ID" -w "$AWS_SECRET_ACCESS_KEY" 132 fi 133 134 # Wait for the volume creation to finish. 135 if [ -z "$snapId" -a -z "$volId" ]; then 136 echo "waiting for import to finish..." 137 while true; do 138 + volId=$(aws ec2 describe-conversion-tasks --conversion-task-ids "$taskId" --region "$region" | jq -r .ConversionTasks[0].ImportVolume.Volume.Id) 139 + if [ "$volId" != null ]; then break; fi 140 sleep 10 141 done 142 ··· 146 # Delete the import task. 147 if [ -n "$volId" -a -n "$taskId" ]; then 148 echo "removing import task..." 149 + ec2-delete-disk-image -t "$taskId" --region "$region" \ 150 + -O "$AWS_ACCESS_KEY_ID" -W "$AWS_SECRET_ACCESS_KEY" \ 151 + -o "$AWS_ACCESS_KEY_ID" -w "$AWS_SECRET_ACCESS_KEY" || true 152 rm -f $stateDir/$region.$type.task-id 153 fi 154 155 # Create a snapshot. 156 if [ -z "$snapId" ]; then 157 echo "creating snapshot..." 158 + snapId=$(aws ec2 create-snapshot --volume-id "$volId" --region "$region" --description "$description" | jq -r .SnapshotId) 159 + if [ "$snapId" = null ]; then exit 1; fi 160 echo -n "$snapId" > $stateDir/$region.$type.snap-id 161 fi 162 163 # Wait for the snapshot to finish. 164 echo "waiting for snapshot to finish..." 165 while true; do 166 + status=$(aws ec2 describe-snapshots --snapshot-ids "$snapId" --region "$region" | jq -r .Snapshots[0].State) 167 if [ "$status" = completed ]; then break; fi 168 sleep 10 169 done ··· 171 # Delete the volume. 172 if [ -n "$volId" ]; then 173 echo "deleting volume..." 174 + aws ec2 delete-volume --volume-id "$volId" --region "$region" || true 175 rm -f $stateDir/$region.$type.vol-id 176 fi 177 178 + blockDeviceMappings="DeviceName=/dev/sda1,Ebs={SnapshotId=$snapId,VolumeSize=$vhdFileLogicalGigaBytes,DeleteOnTermination=true,VolumeType=gp2}" 179 + extraFlags="" 180 181 if [ $type = pv ]; then 182 + extraFlags+=" --root-device-name /dev/sda1" 183 + else 184 + extraFlags+=" --root-device-name /dev/sda1" 185 + extraFlags+=" --sriov-net-support simple" 186 + extraFlags+=" --ena-support" 187 fi 188 189 + blockDeviceMappings+=" DeviceName=/dev/sdb,VirtualName=ephemeral0" 190 + blockDeviceMappings+=" DeviceName=/dev/sdc,VirtualName=ephemeral1" 191 + blockDeviceMappings+=" DeviceName=/dev/sdd,VirtualName=ephemeral2" 192 + blockDeviceMappings+=" DeviceName=/dev/sde,VirtualName=ephemeral3" 193 + fi 194 + 195 + if [ $type = hvm ]; then 196 + extraFlags+=" --sriov-net-support simple" 197 + extraFlags+=" --ena-support" 198 fi 199 200 # Register the AMI. 201 if [ $type = pv ]; then 202 + kernel=$(aws ec2 describe-images --owner amazon --filters "Name=name,Values=pv-grub-hd0_1.04-$arch.gz" | jq -r .Images[0].ImageId) 203 + if [ "$kernel" = null ]; then break; fi 204 echo "using PV-GRUB kernel $kernel" 205 extraFlags+=" --virtualization-type paravirtual --kernel $kernel" 206 else 207 extraFlags+=" --virtualization-type hvm" 208 fi 209 210 + ami=$(aws ec2 register-image \ 211 + --name "$name" \ 212 + --description "$description" \ 213 --region "$region" \ 214 --architecture "$arch" \ 215 + --block-device-mappings $blockDeviceMappings \ 216 + $extraFlags | jq -r .ImageId) 217 + if [ "$ami" = null ]; then break; fi 218 fi 219 220 echo -n "$ami" > $amiFile ··· 224 ami=$(cat $amiFile) 225 fi 226 227 + echo "region = $region, type = $type, store = $store, ami = $ami" 228 + 229 if [ -z "$NO_WAIT" -o -z "$prevAmi" ]; then 230 + echo -n "waiting for AMI..." 231 while true; do 232 + status=$(aws ec2 describe-images --image-ids "$ami" --region "$region" | jq -r .Images[0].State) 233 if [ "$status" = available ]; then break; fi 234 sleep 10 235 + echo -n '.' 236 done 237 + echo 238 239 + # Make the image public. 240 + aws ec2 modify-image-attribute \ 241 + --image-id "$ami" --region "$region" --launch-permission 'Add={Group=all}' 242 fi 243 244 if [ -z "$prevAmi" ]; then 245 prevAmi="$ami" 246 prevRegion="$region"