From e03b814003a3e0e5b1feb485f8350fb97457156d Mon Sep 17 00:00:00 2001 From: Michele Cereda Date: Sun, 16 Mar 2025 12:04:56 +0100 Subject: [PATCH] refactor(aws): improve image builder notes --- knowledge base/cloud computing/aws/README.md | 13 +-- knowledge base/cloud computing/aws/ebs.md | 3 + knowledge base/cloud computing/aws/ec2.md | 49 +------- .../cloud computing/aws/image builder.md | 107 ++++++++++++++++++ snippets/aws/ec2.fish | 4 + snippets/aws/other commands.fish | 2 + 6 files changed, 125 insertions(+), 53 deletions(-) create mode 100644 knowledge base/cloud computing/aws/image builder.md diff --git a/knowledge base/cloud computing/aws/README.md b/knowledge base/cloud computing/aws/README.md index fab90e5..5161679 100644 --- a/knowledge base/cloud computing/aws/README.md +++ b/knowledge base/cloud computing/aws/README.md @@ -11,7 +11,6 @@ 1. [Global Accelerator](#global-accelerator) 1. [GuardDuty](#guardduty) 1. [EventBridge](#eventbridge) - 1. [ImageBuilder](#imagebuilder) 1. [Inspector](#inspector) 1. [KMS](#kms) 1. [Security Hub](#security-hub) @@ -99,7 +98,7 @@ One can can rapidly remapping addresses to other instances in one's account and | [EventBridge] | FIXME | | [GuardDuty] | Threat detection | | [IAM] | Access control | -| [ImageBuilder] | Build custom AMIs | +| [Image Builder] | Build custom AMIs | | [Inspector] | FIXME | | [KMS] | Key management | | [OpenSearch] | ELK, logging | @@ -305,10 +304,6 @@ _Threat IP List_ is a blacklist of **public IPs and CIDRs** that will be used by TODO -### ImageBuilder - -Also refer [Image baking in AWS using Packer and Image builder]. - ### Inspector TODO @@ -602,7 +597,6 @@ machine if not. - [Exporting DB snapshot data to Amazon S3] - [I'm trying to export a snapshot from Amazon RDS MySQL to Amazon S3, but I'm receiving an error. Why is this happening?] - [Rotating AWS KMS keys] -- [Image baking in AWS using Packer and Image builder] - [Using AWS KMS via the CLI with a Symmetric Key] - [AWS Public IP Address Ranges Now Available in JSON Form] - [Savings Plans user guide] @@ -621,6 +615,7 @@ machine if not. - [What is AWS Global Accelerator?] - [How AWS Global Accelerator works] - [Using Amazon CloudWatch with AWS Global Accelerator] +- [What is AWS CloudWatch? Guide for beginners] @@ -294,7 +256,6 @@ TODO [describe-images]: https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-images.html [describeimages]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html [device names for volumes on amazon ec2 instances]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html -[ec2 image builder]: https://docs.aws.amazon.com/imagebuilder/latest/userguide/what-is-image-builder.html [how can i send memory and disk metrics from my ec2 instances to cloudwatch?]: https://repost.aws/knowledge-center/cloudwatch-memory-metrics-ec2 [how to clone instance ec2]: https://repost.aws/questions/QUOrWudF3vRL2Vqtrv0M9lfQ/how-to-clone-instance-ec2 [iam roles for amazon ec2]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html diff --git a/knowledge base/cloud computing/aws/image builder.md b/knowledge base/cloud computing/aws/image builder.md new file mode 100644 index 0000000..6ecb215 --- /dev/null +++ b/knowledge base/cloud computing/aws/image builder.md @@ -0,0 +1,107 @@ +# Image Builder + +AWS service automating the creation, management, and deployment of customized AMIs or Docker images. + +1. [TL;DR](#tldr) +1. [Further readings](#further-readings) + 1. [Sources](#sources) + +## TL;DR + +Images created by Image Builder in one's account are owned by that account. + +Leverages AWS' Task Orchestrator and Executor component management application.
+For AMIs, it: + +1. Creates EC2 instances for building and validation. +1. Creates a snapshots of the result. +1. Terminates the EC2 instances used for building. +1. Uses that snapshot to create new EC2 instances for testing. + +For containers, it: + +1. Creates EC2 instances for building and validation. +1. Builds container images. +1. Runs containers from the images for testing. +1. Terminates the EC2 instances used for building. + +
+ Glossary + +| Term | Summary | +| ---------------------------- | ----------------------------------------------------------------------------------------------- | +| Component | YAML-based document defining the steps to take to build, validate or test images | +| Recipe | Document defining the base image and the components to apply to it to produce the desired image | +| Infrastructure Configuration | The EC2 infrastructure to use to build and test the desired image | +| Distribution Configuration | How the outputted images are made available to specified AWS Regions | +| Pipeline | Automation framework for creating and maintaining custom images | + +
+ +
+ Supported operating systems + +Refer [Supported operating systems] for the updated table. + +| Operating system/distribution | Supported versions | +| ---------------------------------- | ---------------------------------------------- | +| Amazon Linux | 2, 2023 | +| CentOS | 7, 8 | +| CentOS Stream | 8 | +| Mac OS X | 12.x (Monterey), 13.x (Ventura), 14.x (Sonoma) | +| Red Hat Enterprise Linux (RHEL) | 7, 8, 9 | +| SUSE Linux Enterprise Server (SLE) | 12, 15 | +| Ubuntu | 18.04 LTS, 20.04 LTS, 22.04 LTS, 24.04 LTS | +| Windows Server | 2012 R2, 2016, 2019, 2022 | + +
+ +Image Builder costs **nothing** to create custom AMI or container images per se.
+However, standard pricing applies for the other services that are used by or in the process, like EC2 instances, EBS +volumes, and ECR storage. + +Components can be specified **at most once** in an image recipe. + +Steps: + +
+ AMI creation + +1. \[optional] Create new _components_ as needed. +1. \[optional] Create a new image _recipe_. +1. \[optional] Create a new _infrastructure configuration_. +1. \[optional] Create a new _distribution configuration_. +1. Create a new _pipeline_. + +
+
+ Container image creation + +TODO + +
+ +## Further readings + +- [Image baking in AWS using Packer and Image builder] + +### Sources + +- [What is Image Builder?] +- [Building a Reusable Image Pipeline with AWS Image Builder] + + + + + + + +[supported operating systems]: https://docs.aws.amazon.com/imagebuilder/latest/userguide/what-is-image-builder.html#image-builder-os +[what is image builder?]: https://docs.aws.amazon.com/imagebuilder/latest/userguide/what-is-image-builder.html + + +[building a reusable image pipeline with aws image builder]: https://dev.to/aws-builders/building-a-reusable-image-pipeline-with-aws-image-builder-17eh +[image baking in aws using packer and image builder]: https://dev.to/santhoshnimmala/image-baking-in-aws-using-packer-and-image-builder-1ed3 diff --git a/snippets/aws/ec2.fish b/snippets/aws/ec2.fish index 93e2d69..d621415 100644 --- a/snippets/aws/ec2.fish +++ b/snippets/aws/ec2.fish @@ -125,3 +125,7 @@ aws ec2 stop-instances --instance-ids 'i-0123456789abcdef0' # Terminate instances aws ec2 terminate-instances --instance-ids 'i-0123456789abcdef0' + +# Delete launch template versions +aws ec2 delete-launch-template-versions --launch-template-id 'lt-0123456789abcdef0' --versions '1' --dry-run +aws ec2 delete-launch-template-versions --launch-template-name 'GitLab Runners' --versions (seq 1 10) --dry-run diff --git a/snippets/aws/other commands.fish b/snippets/aws/other commands.fish index bb27c22..5fed7e3 100644 --- a/snippets/aws/other commands.fish +++ b/snippets/aws/other commands.fish @@ -44,6 +44,7 @@ aws chatbot describe-slack-channel-configurations --query 'SlackChannelConfigura ### aws cloudfront get-distribution --id 'E123456ABCDEFG' +aws cloudfront get-cache-policy --id '01234567-89ab-cdef-0123-456789abcdef' ### @@ -419,6 +420,7 @@ aws s3api list-objects-v2 --bucket 'backup' aws s3api list-objects-v2 --bucket 'backup' --query "Contents[?LastModified>='2022-01-05T08:05:37+00:00'].Key" aws s3api list-buckets --output 'text' --query 'Buckets[].Name' | xargs -pn '1' aws s3api list-multipart-uploads --bucket +aws --profile 'someProfile' s3api head-bucket --bucket 'someBucket' ###