How to create an Amazon Elastic Compute Cloud EC2 Machine Image (AMI)

(UPDATED: 05/31/2010)

This how to article will go over creating a Amazon Elastic Compute Cloud (EC2) Machine Image (AMI) from scratch. In this particular example we are creating a Centos 5.3 64bit AMI from beginning to end. For those that are interested in taking advantage of cloud computing, hopefully you find this blog article helpful. Note this blog also can be generalized for Centos 5, 5.1, 5.2 most versions of Redhat, and Fedora 64bit and 32bit.

First thing is first you are going to need to sign up for an Amazon Web Services account specifically S3 Storage and EC2 Elastic Compute Cloud here. You will need a credit card and some basic info, and will immediately get the following info:

AWS Account Number
S3 KEY "yourkeynumber"
S3 SECRET KEY "yoursecretkey"
EC2 PRIVATE KEY "pk-yourprivatekey.pem"
EC2 CERTIFICATE "cert-yourcertificate.pem"

You will need to work off of a server with the same distro you would like your image to be in my case that would be Centos 5 also note you will want to work on a server with enough disk space to create and image on.

Time to login become root and go to town:

Put your two .pem files the cert and pk in the directory ~/.ec2

[root@server]$ mkdir ~/.ec2

Create some directories to work from and put your working files in make sure its on your largest partition in my case its /opt.

[root@server]$ mkdir /opt/EC2AMIFILES
[root@server]$ mkdir /opt/EC2TOOLS
[root@server]$ mkdir /opt/EC2AMIIMAGE
[root@server]$ mkdir /opt/EC2YUM

Download and extract the Amazon AMI tools into the /opt/EC2TOOLS you should have subdirectories that look like /opt/EC2TOOLS/bin etc…

[root@server]$ cd /opt/EC2TOOLS
[root@server]$ wget http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.zip
[root@server]$ unzip ec2-ami-tools.zip
[root@server]$ cd ec2-ami-tools-1.3-31780
[root@server]$ mv * ../
[root@server]$ cd ../
[root@server]$ rmdir ec2-ami-tools-1.3-31780/

Setup your .bashrc file to have proper pathing to EC2 resources

[root@server]$ vi ~/.bashrc

export PATH=$PATH:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:/opt/EC2TOOLS/bin
export EC2_HOME=/opt/EC2TOOLS
export EC2_PRIVATE_KEY=~/.ec2/pk-yourprivatekey.pem
export EC2_CERT=~/.ec2/cert-yourcert.pem

Enable your .bashrc settings

[root@server]$ source ~/.bashrc

Create an empty file that is about 10GB where the OS files will be worked.

[root@server]$ dd if=/dev/zero of=/opt/EC2AMIIMAGE/ami-centos5.3-64bit-base.img bs=1M count=10240

Create an ext3 filesystem inside the image file.

[root@server]$ /sbin/mke2fs -F -j /opt/EC2AMIIMAGE/ami-centos5.3-64bit-base.img 

Mount the image file using the loop-back option, allowing you to treat the image file as if it was a standard disk drive.

[root@server]$ mkdir /mnt/ami-centos5.3-64bit-base

[root@server]$ mount -o loop /opt/EC2AMIIMAGE/ami-centos5.3-64bit-base.img /mnt/ami-centos5.3-64bit-base

Prepare the empty image filesystem with paths for system devices and configuration files.

[root@server]$ mkdir /mnt/ami-centos5.3-64bit-base/proc

[root@server]$ mkdir /mnt/ami-centos5.3-64bit-base/etc

[root@server]$ mkdir /mnt/ami-centos5.3-64bit-base/dev

[root@server]$ mkdir /mnt/ami-centos5.3-64bit-base/var

[root@server]$ mkdir /mnt/ami-centos5.3-64bit-base/var/cache

[root@server]$ mkdir /mnt/ami-centos5.3-64bit-base/var/log

[root@server]$ mkdir /mnt/ami-centos5.3-64bit-base/var/lock

[root@server]$ mkdir /mnt/ami-centos5.3-64bit-base/var/lock/rpm

[root@server]$ /sbin/MAKEDEV -d /mnt/ami-centos5.3-64bit-base/dev -x console

[root@server]$ /sbin/MAKEDEV -d /mnt/ami-centos5.3-64bit-base/dev -x null

[root@server]$ /sbin/MAKEDEV -d /mnt/ami-centos5.3-64bit-base/dev -x zero

Create the file fstab to store the filesystem configuration.

[root@server]$ vi /mnt/ami-centos5.3-64bit-base/etc/fstab

If you are using 64BIT use these fstab entries below

/dev/sda1       /      ext3   defaults  1  1
/dev/sdb        /mnt   ext3   defaults  0  0
none            /proc  proc   defaults  0  0
none            /sys   sysfs  defaults  0  0

If you are using 32BIT use these fstab entries below

/dev/sda1	/		ext3		defaults	1	1
none		/dev/pts	devpts	        gid=5,mode=620	0	0
none		/dev/shm	tmpfs	        defaults	0	0
none		/proc		proc		defaults	0	0
none		/sys		sysfs		defaults	0	0
/dev/sda2	/mnt		ext3		defaults	0	0
/dev/sda3	swap		swap		defaults	0	0

Mount the image’s proc device in advance to avoid problems with using yum.

[root@server]$ mount -t proc none /mnt/ami-centos5.3-64bit-base/proc

Create a YUM config file, note please adjust version and architecture according to which version you are using.
For Centos 5.3 64bit use the following:

[root@server]$ vi /opt/EC2YUM/yum-ami.conf

[main]
cachedir=/var/cache/yum
keepcache=1
debuglevel=2
logfile=/var/log/yum.log
pkgpolicy=newest
distroverpkg=redhat-release
tolerant=1
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
metadata_expire=1800

[base]
name=CentOS-5 - Base
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=x86_64&repo=os
#baseurl=http://mirror.centos.org/centos/5/os/x86_64/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#released updates 
[updates]
name=CentOS-5 - Updates
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=x86_64&repo=updates
#baseurl=http://mirror.centos.org/centos/5/updates/x86_64/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#packages used/produced in the build but not released
[addons]
name=CentOS-5 - Addons
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=x86_64&repo=addons
#baseurl=http://mirror.centos.org/centos/5/addons/x86_64/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#additional packages that may be useful
[extras]
name=CentOS-5 - Extras
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=x86_64&repo=extras
#baseurl=http://mirror.centos.org/centos/5/extras/x86_64/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-5 - Plus
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=x86_64&repo=centosplus
#baseurl=http://mirror.centos.org/centos/5/centosplus/x86_64/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#contrib - packages by Centos Users
[contrib]
name=CentOS-5 - Contrib
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=x86_64&repo=contrib
#baseurl=http://mirror.centos.org/centos/5/contrib/x86_64/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

If you are creating a 32bit Centos 5 create the following YUM config file instead:

[main]
cachedir=/var/cache/yum
keepcache=1
debuglevel=2
logfile=/var/log/yum.log
pkgpolicy=newest
distroverpkg=redhat-release
tolerant=1
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
metadata_expire=1800

[base]
name=CentOS-5 - Base
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=i386&repo=os
#baseurl=http://mirror.centos.org/centos/5/os/i386/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#released updates 
[updates]
name=CentOS-5 - Updates
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=i386&repo=updates
#baseurl=http://mirror.centos.org/centos/5/updates/i386/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#packages used/produced in the build but not released
[addons]
name=CentOS-5 - Addons
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=i386&repo=addons
#baseurl=http://mirror.centos.org/centos/5/addons/i386/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#additional packages that may be useful
[extras]
name=CentOS-5 - Extras
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=i386&repo=extras
#baseurl=http://mirror.centos.org/centos/5/extras/i386/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-5 - Plus
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=i386&repo=centosplus
#baseurl=http://mirror.centos.org/centos/5/centosplus/i386/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#contrib - packages by Centos Users
[contrib]
name=CentOS-5 - Contrib
mirrorlist=http://mirrorlist.centos.org/?release=5&arch=i386&repo=contrib
#baseurl=http://mirror.centos.org/centos/5/contrib/i386/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

Perform the operating system installation via yum, installing base OS.

[root@server opt]$ cd /opt/EC2YUM

[root@server EC2YUM]$ yum -c yum-ami.conf --installroot=/mnt/ami-centos5.3-64bit-base -y groupinstall Base

[root@server EC2YUM]$ cp yum-ami.conf /mnt/ami-centos5.3-64bit-base/etc/yum.conf

Install openssh dependencies to allow you to connect via SSH

[root@server EC2YUM]$ yum -c /opt/EC2YUM/yum-ami.conf --installroot=/mnt/ami-centos5.3-64bit-base install *openssh*
[root@server EC2YUM]$ /usr/sbin/chroot /mnt/ami-centos5.3-64bit-base /sbin/chkconfig sshd --add
[root@server EC2YUM]$ /usr/sbin/chroot /mnt/ami-centos5.3-64bit-base /sbin/chkconfig --level 12345 sshd on

Install precompiled modules supplied by Amazon, since the kernel modules installed by yum are not appropriate for the EC2 environment.

[root@server]$ wget http://3.84.23.23/wp-content/uploads/2009/05/kernel-modules-261633-xenu.tgz
[root@server]$ gunzip -c kernel-modules261633-xenu.tgz | tar -xvf -
[root@server]$ mv 2.6.16.33-xenU /mnt/ami-centos5.3-64bit-base/lib/modules
[root@server]$ /usr/sbin/chroot /mnt/ami-centos5.3-64bit-base /sbin/depmod -ae 2.6.16.33-xenU

If you are installing 32bit use the following download instead

[root@server]$ wget http://3.84.23.23/wp-content/uploads/2009/05/kernel-modules2616-xenu.tgz
[root@server]$ gunzip -c kernel-modules2616-xenu.tgz | tar -xvf -
[root@server]$ cd lib/modules
[root@server]$ mv 2.6.16-xenU /mnt/ami-centos5.3-32bit-base/lib/modules
[root@server]$ /usr/sbin/chroot /mnt/ami-centos5.3-32bit-base /sbin/depmod -ae 2.6.16-xenU

Delete Kudzu from startup since for some reason it messes up your network settings on first startup of the image.

[root@server]$ /usr/sbin/chroot /mnt/ami-centos5.3-64bit-base /sbin/chkconfig --del kudzu

Configure SSH to allow Root login only via key.

[root@server]$ vi /mnt/ami-centos5.3-64bit-base/etc/ssh/sshd_config

UseDNS no
PermitRootLogin without-password

Configure the images network settings

[root@server]$ cd /mnt/ami-centos5.3-64bit-base/etc/sysconfig/

[root@server sysconfig]$ vi network

NETWORKING=yes
HOSTNAME=localhost.localdomain

[root@server sysconfig]$ vi /mnt/ami-centos5.3-64bit-base/etc/sysconfig/network-scripts/ifcfg-eth0

ONBOOT=yes
DEVICE=eth0
BOOTPROTO=dhcp

This script grabs the public key credentials for your root login.

[root@server]$ vi /mnt/ami-centos5.3-64bit-base/etc/init.d/getssh

#!/bin/bash
# chkconfig: 2345 95 20
# description: getssh
# processname: getssh
#
export PATH=:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin
# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
[ -r /etc/sysconfig/network ] && . /etc/sysconfig/network

# Check that networking is up.
[ "${NETWORKING}" = "no" ] && exit 1

start() {
  if [ ! -d /root/.ssh ] ; then
          mkdir -p /root/.ssh
          chmod 700 /root/.ssh
  fi
  # Fetch public key using HTTP
/usr/bin/curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/my-key
  if [ $? -eq 0 ] ; then
          cat /tmp/my-key >> /root/.ssh/authorized_keys
          chmod 600 /root/.ssh/authorized_keys
          rm /tmp/my-key
  fi
  # or fetch public key using the file in the ephemeral store:
  if [ -e /mnt/openssh_id.pub ] ; then
          cat /mnt/openssh_id.pub >> /root/.ssh/authorized_keys
          chmod 600 /root/.ssh/authorized_keys
  fi
}

stop() {
  echo "Nothing to do here"
}

restart() {
  stop
  start
}

# See how we were called.
case "$1" in
  start)
    start
    ;;
  stop)
    stop
    ;;
  restart)
    restart
    ;;
  *)
    echo $"Usage: $0 {start|stop}"
    exit 1
esac

exit $?
###END OF SCRIPT

Give the getssh proper permissions

#Fixed typo 07/09
[root@server]$ /bin/chmod +x /mnt/ami-centos5.3-64bit-base/etc/init.d/getssh

Configure your init script to be launched in run level 3 and 4

[root@server]$ /usr/sbin/chroot /mnt/ami-centos5.3-64bit-base /sbin/chkconfig --level 34 getssh on

Yum install Ruby and CURL to the image

[root@server EC2YUM]$ cd /opt/EC2YUM/

[root@server EC2YUM]$ yum -c yum-ami.conf --installroot=/mnt/ami-centos5.3-64bit-base install ruby

[root@server EC2YUM]$ yum -c yum-ami.conf --installroot=/mnt/ami-centos5.3-64bit-base install curl

Install Java to the image, get Java file for your distro jre-6u12-linux-x64.bin and put it in the /mnt/ami-centos5.3-64bit-base

[root@server]$ cd /mnt/ami-centos5.3-64bit-base/

[root@server]$ /usr/sbin/chroot /mnt/ami-centos5.3-64bit-base ./jre-6u12-linux-x64.bin

Here is the part where you can install other software you wish or remove it simply by using the chroot command

[root@server]$ /usr/sbin/chroot /mnt/ami-centos5.3-64bit-base (put your commands here to do installs for the image)

Clean up after yourself lowering image size

[root@server ami-centos5.3-64bit-base]$ cd /opt/EC2YUM/

[root@server EC2YUM]$ yum -c yum-ami.conf --installroot=/mnt/ami-centos5.3-64bit-base clean all

[root@server EC2YUM]$ sync
[root@server EC2YUM]$ umount /mnt/ami-centos5.3-64bit-base/proc
[root@server EC2YUM]$ umount /mnt/ami-centos5.3-64bit-base

Bundle your image

[root@server]$ cd /opt/EC2TOOLS/bin/

[root@server bin]$ ./ec2-bundle-image --image /opt/EC2AMIIMAGE/ami-centos5.3-64bit-base.img --prefix ami-centos5.3-64bit-base --cert ~/.ec2/cert-yourcert.pem --privatekey ~/.ec2/pk-yourprivatekey.pem --user youramazonaccountnumber --destination /opt/EC2AMIFILES --arch x86_64

The next step is to ensure you have a target bucket for your EC2 instance with the correct ACL’s you may want to use the FireFox plugin S3 Fox to do this but their are great libraries out their for your desired language. I created a bucket called phils-amis

Give the ACL permission to the bucket you create for your AMI:
6aa5a366c34c1cbe25dc49211496e913e0351eb0e8c37aa3477e40942ec6b97c

Next you will upload your files to the bucket you just designated in my case phils-amis

[root@server]$ cd /opt/EC2TOOLS/bin/

[root@server bin]$ ./ec2-upload-bundle --manifest /opt/EC2AMIFILES/ami-centos5.3-64bit-base.manifest.xml --bucket phils-amis --access-key accesskeyhere --secret-key secretkeyhere --location (US, UK, us-west-1, ap-southeast-1)

[root@server bin]$ history -c

Now you are just about done all you need to do is register your AMI. I did this part from my Macbook Pro since I had my Amazon Web Services Tools there. You can get these from Amazon keep in mind these tools are different then the AMI tools you have been using. I put mine in /Users/phil/EC2 also I created a .ec2 directory with my cerificate and private key at /Users/phil/.ec2 Also know that you can use the AWS console from their site to register AMI’s add security groups and launch them as well.

My .bashrc file looks like this on my laptop

# .bashrc

# User specific aliases and functions

alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'

# Source global definitions
if [ -f /etc/bashrc ]; then
        . /etc/bashrc
fi

export PATH=$PATH:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:/Users/phil/EC2/bin
export EC2_HOME=/Users/phil/EC2

export EC2_PRIVATE_KEY=~/.ec2/pk-yourprivatekey.pem
export EC2_CERT=~/.ec2/cert-yourcertificate.pem

export JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Home/

You now can register our new AMI and get your AMI code

[phil@desktop]$ cd /Users/phil/EC2/bin
[phil@desktop]$ ./ec2-register phils-amis/ami-centos5.3-64bit-base.manifest.xml
IMAGE	ami-youramicode

You will want to create a keypair to launch your AMI

[phil@desktop]$ ./ec2-add-keypair phils-keypair-raw

KEYPAIR phil-keypair  1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f
-----BEGIN RSA PRIVATE KEY-----
MIIEoQIBAAKCAQBuLFg5ujHrtm1jnutSuoO8Xe56LlT+HM8v/xkaa39EstM3/aFxTHgElQiJLChp
HungXQ29VTc8rc1bW0lkdi23OH5eqkMHGhvEwqa0HWASUMll4o3o/IX+0f2UcPoKCOVUR+jx71Sg
5AU52EQfanIn3ZQ8lFW7Edp5a3q4DhjGlUKToHVbicL5E+g45zfB95wIyywWZfeW/UUF3LpGZyq/
ebIUlq1qTbHkLbCC2r7RTn8vpQWp47BGVYGtGSBMpTRP5hnbzzuqj3itkiLHjU39S2sJCJ0TrJx5
i8BygR4s3mHKBj8l+ePQxG1kGbF6R4yg6sECmXn17MRQVXODNHZbAgMBAAECggEAY1tsiUsIwDl5
91CXirkYGuVfLyLflXenxfI50mDFms/mumTqloHO7tr0oriHDR5K7wMcY/YY5YkcXNo7mvUVD1pM
ZNUJs7rw9gZRTrf7LylaJ58kOcyajw8TsC4e4LPbFaHwS1d6K8rXh64o6WgW4SrsB6ICmr1kGQI7
3wcfgt5ecIu4TZf0OE9IHjn+2eRlsrjBdeORi7KiUNC/pAG23I6MdDOFEQRcCSigCj+4/mciFUSA
SWS4dMbrpb9FNSIcf9dcLxVM7/6KxgJNfZc9XWzUw77Jg8x92Zd0fVhHOux5IZC+UvSKWB4dyfcI
tE8C3p9bbU9VGyY5vLCAiIb4qQKBgQDLiO24GXrIkswF32YtBBMuVgLGCwU9h9HlO9mKAc2m8Cm1
jUE5IpzRjTedc9I2qiIMUTwtgnw42auSCzbUeYMURPtDqyQ7p6AjMujp9EPemcSVOK9vXYL0Ptco
xW9MC0dtV6iPkCN7gOqiZXPRKaFbWADp16p8UAIvS/a5XXk5jwKBgQCKkpHi2EISh1uRkhxljyWC
iDCiK6JBRsMvpLbc0v5dKwP5alo1fmdR5PJaV2qvZSj5CYNpMAy1/EDNTY5OSIJU+0KFmQbyhsbm
rdLNLDL4+TcnT7c62/aH01ohYaf/VCbRhtLlBfqGoQc7+sAc8vmKkesnF7CqCEKDyF/dhrxYdQKB
gC0iZzzNAapayz1+JcVTwwEid6j9JqNXbBc+Z2YwMi+T0Fv/P/hwkX/ypeOXnIUcw0Ih/YtGBVAC
-----END RSA PRIVATE KEY-----

Now create the key basically cut and paste —–BEGIN RSA PRIVATE KEY—– to —–END RSA PRIVATE KEY—– including the two lines into a your keypair file.

[phil@desktop]$ vi phil-key-pair

-----BEGIN RSA PRIVATE KEY-----
MIIEoQIBAAKCAQBuLFg5ujHrtm1jnutSuoO8Xe56LlT+HM8v/xkaa39EstM3/aFxTHgElQiJLChp
HungXQ29VTc8rc1bW0lkdi23OH5eqkMHGhvEwqa0HWASUMll4o3o/IX+0f2UcPoKCOVUR+jx71Sg
5AU52EQfanIn3ZQ8lFW7Edp5a3q4DhjGlUKToHVbicL5E+g45zfB95wIyywWZfeW/UUF3LpGZyq/
ebIUlq1qTbHkLbCC2r7RTn8vpQWp47BGVYGtGSBMpTRP5hnbzzuqj3itkiLHjU39S2sJCJ0TrJx5
i8BygR4s3mHKBj8l+ePQxG1kGbF6R4yg6sECmXn17MRQVXODNHZbAgMBAAECggEAY1tsiUsIwDl5
91CXirkYGuVfLyLflXenxfI50mDFms/mumTqloHO7tr0oriHDR5K7wMcY/YY5YkcXNo7mvUVD1pM
ZNUJs7rw9gZRTrf7LylaJ58kOcyajw8TsC4e4LPbFaHwS1d6K8rXh64o6WgW4SrsB6ICmr1kGQI7
3wcfgt5ecIu4TZf0OE9IHjn+2eRlsrjBdeORi7KiUNC/pAG23I6MdDOFEQRcCSigCj+4/mciFUSA
SWS4dMbrpb9FNSIcf9dcLxVM7/6KxgJNfZc9XWzUw77Jg8x92Zd0fVhHOux5IZC+UvSKWB4dyfcI
tE8C3p9bbU9VGyY5vLCAiIb4qQKBgQDLiO24GXrIkswF32YtBBMuVgLGCwU9h9HlO9mKAc2m8Cm1
jUE5IpzRjTedc9I2qiIMUTwtgnw42auSCzbUeYMURPtDqyQ7p6AjMujp9EPemcSVOK9vXYL0Ptco
xW9MC0dtV6iPkCN7gOqiZXPRKaFbWADp16p8UAIvS/a5XXk5jwKBgQCKkpHi2EISh1uRkhxljyWC
iDCiK6JBRsMvpLbc0v5dKwP5alo1fmdR5PJaV2qvZSj5CYNpMAy1/EDNTY5OSIJU+0KFmQbyhsbm
rdLNLDL4+TcnT7c62/aH01ohYaf/VCbRhtLlBfqGoQc7+sAc8vmKkesnF7CqCEKDyF/dhrxYdQKB
gC0iZzzNAapayz1+JcVTwwEid6j9JqNXbBc+Z2YwMi+T0Fv/P/hwkX/ypeOXnIUcw0Ih/YtGBVAC
-----END RSA PRIVATE KEY-----

Time to start your AMI! Note that if you have a 64bit AMI it needs to be started as a large instance.

[phil@desktop]$ /Users/phil/EC2/bin/ec2-run-instances ami-youramiid --instance-type m1.large -k phil-key-pair --region (US, UK, us-west-1, ap-southeast-1)

Time to check the status

[phil@desktop]$ /Users/phil/EC2/bin/ec2-describe-instances

RESERVATION	r-0dc52965	027409037432	default
INSTANCE	i-yourinstance	ami-youramiid			pending	phil-key-pair	0		m1.large	2009-02-13T23:51:11+0000	us-east-1c

When it running it will look like this

[phil@desktop]$ /Users/phil/EC2/bin/ec2-describe-instances

RESERVATION	r-0dc57965	024439027432	default
INSTANCE	i-yourinstance	ami-youramiid	ec2-176-122-149-109.compute-1.amazonaws.com	domU-12-31-39-00-12-C1.compute-1.internal	running	phil-key-pair	0		m1.large	2009-02-13T23:51:11+0000	us-east-1c

Open the AWS Firewall ingress port 22

[phil@desktop]$ /Users/phil/EC2/bin/ec2-authorize default -p 22

Now you can ssh using your keypair as root!

[phil@desktop]$ ssh -i phil-key-pair root@ec2-176-122-149-109.compute-1.amazonaws.com

The authenticity of host 'ec2-176-122-149-109.compute-1.amazonaws.com (174.129.149.109)' can't be established.
RSA key fingerprint is cb:77:33:4f:a0:62:c0:a6:c8:40:99:09:25:4f:5d:ef.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ec2-174-129-149-109.compute-1.amazonaws.com,174.129.149.109' (RSA) to the list of known hosts.

[root@domU-11-33-39-00-12-C1 ~]$

To terminate the instance you can do the following use the describe instance command to find the i-id then do the below

[phil@desktop]$ /Users/phil/EC2/bin/ec2-terminate-instances i-yourinstance
INSTANCE	i-yourinstance	running	shutting-down

If you ever need to stop deregister and delete your AMI you can do the following

[phil@desktop]$ /Users/phil/EC2/bin/ec2-deregister ami-youramiid

[root@server bin]$ /Users/phil/EC2/bin/ec2-delete-bundle -b phils-amis -a yourkey -s yoursecretkey -m /opt/EC2/ami-centos5.3-64bit-base.manifest.xml

[phil@desktop]$ :>~/.bash_history

If you need to modify your image do the above two steps of deregistering and deleting your bundle in S3 as well as delete the files in /opt/EC2AMIFILES then you can remount the image to make your changes using the same commands you did before

[root@server]$ mount -o loop /opt/EC2AMIIMAGE/ami-centos5.3-64bit-base.img /mnt/ami-centos5.3-64bit-base

[root@server]$ mount -t proc none /mnt/ami-centos5.3-64bit-base/proc

After you remount the image you can modify your software and then re-bundle, re-upload, re-register your ami.

For help setting up your environment or things I may have left out please refer to the documentation at Amazon or write me a comment.

One last note make sure you turn your EC2 Instances off if your not using them they do cost money $

Happy AMI building!

Also a great resource for free Realtime AWS uptime data is Systems Watch