From 02db7d98210d47664f444dafcb8cee7d9c9a6cfa Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 12 Jul 2016 16:40:36 +0200 Subject: Create AMIs with Enhanced Networking Fixes #15956. --- nixos/maintainers/scripts/ec2/create-amis.sh | 80 ++++++++++++++++++---------- 1 file changed, 52 insertions(+), 28 deletions(-) (limited to 'nixos/maintainers') diff --git a/nixos/maintainers/scripts/ec2/create-amis.sh b/nixos/maintainers/scripts/ec2/create-amis.sh index 192f608e138f..9246871222e4 100755 --- a/nixos/maintainers/scripts/ec2/create-amis.sh +++ b/nixos/maintainers/scripts/ec2/create-amis.sh @@ -51,10 +51,11 @@ for type in hvm pv; do echo "doing $name in $region..." if [ -n "$prevAmi" ]; then - ami=$(ec2-copy-image \ + ami=$(aws ec2 copy-image \ --region "$region" \ - --source-region "$prevRegion" --source-ami-id "$prevAmi" \ - --name "$name" --description "$description" | cut -f 2) + --source-region "$prevRegion" --source-image-id "$prevAmi" \ + --name "$name" --description "$description" | json -q .ImageId) + if [ "$ami" = null ]; then break; fi else if [ $store = s3 ]; then @@ -85,12 +86,12 @@ for type in hvm pv; do ec2-upload-bundle \ -m $imageDir/$type.raw.manifest.xml \ -b "$bucket/$bucketDir" \ - -a "$EC2_ACCESS_KEY" -s "$EC2_SECRET_KEY" \ + -a "$AWS_ACCESS_KEY_ID" -s "$AWS_SECRET_ACCESS_KEY" \ --location EU touch $imageDir/uploaded fi - extraFlags="$bucket/$bucketDir/$type.raw.manifest.xml" + extraFlags="--image-location $bucket/$bucketDir/$type.raw.manifest.xml" else @@ -115,7 +116,8 @@ for type in hvm pv; do if [ -z "$snapId" -a -z "$volId" -a -z "$taskId" ]; then echo "importing $vhdFile..." taskId=$(ec2-import-volume $vhdFile --no-upload -f vhd \ - -o "$EC2_ACCESS_KEY" -w "$EC2_SECRET_KEY" \ + -O "$AWS_ACCESS_KEY_ID" -W "$AWS_SECRET_ACCESS_KEY" \ + -o "$AWS_ACCESS_KEY_ID" -w "$AWS_SECRET_ACCESS_KEY" \ --region "$region" -z "${region}a" \ --bucket "$bucket" --prefix "$bucketDir/" \ | tee /dev/stderr \ @@ -125,15 +127,16 @@ for type in hvm pv; do if [ -z "$snapId" -a -z "$volId" ]; then ec2-resume-import $vhdFile -t "$taskId" --region "$region" \ - -o "$EC2_ACCESS_KEY" -w "$EC2_SECRET_KEY" + -O "$AWS_ACCESS_KEY_ID" -W "$AWS_SECRET_ACCESS_KEY" \ + -o "$AWS_ACCESS_KEY_ID" -w "$AWS_SECRET_ACCESS_KEY" fi # Wait for the volume creation to finish. if [ -z "$snapId" -a -z "$volId" ]; then echo "waiting for import to finish..." while true; do - volId=$(ec2-describe-conversion-tasks "$taskId" --region "$region" | sed 's/.*VolumeId.*\(vol-[0-9a-f]\+\).*/\1/ ; t ; d') - if [ -n "$volId" ]; then break; fi + volId=$(aws ec2 describe-conversion-tasks --conversion-task-ids "$taskId" --region "$region" | jq -r .ConversionTasks[0].ImportVolume.Volume.Id) + if [ "$volId" != null ]; then break; fi sleep 10 done @@ -143,22 +146,24 @@ for type in hvm pv; do # Delete the import task. if [ -n "$volId" -a -n "$taskId" ]; then echo "removing import task..." - ec2-delete-disk-image -t "$taskId" --region "$region" -o "$EC2_ACCESS_KEY" -w "$EC2_SECRET_KEY" || true + ec2-delete-disk-image -t "$taskId" --region "$region" \ + -O "$AWS_ACCESS_KEY_ID" -W "$AWS_SECRET_ACCESS_KEY" \ + -o "$AWS_ACCESS_KEY_ID" -w "$AWS_SECRET_ACCESS_KEY" || true rm -f $stateDir/$region.$type.task-id fi # Create a snapshot. if [ -z "$snapId" ]; then echo "creating snapshot..." - snapId=$(ec2-create-snapshot "$volId" --region "$region" | cut -f 2) + snapId=$(aws ec2 create-snapshot --volume-id "$volId" --region "$region" --description "$description" | jq -r .SnapshotId) + if [ "$snapId" = null ]; then exit 1; fi echo -n "$snapId" > $stateDir/$region.$type.snap-id - ec2-create-tags "$snapId" -t "Name=$description" --region "$region" fi # Wait for the snapshot to finish. echo "waiting for snapshot to finish..." while true; do - status=$(ec2-describe-snapshots "$snapId" --region "$region" | head -n1 | cut -f 4) + status=$(aws ec2 describe-snapshots --snapshot-ids "$snapId" --region "$region" | jq -r .Snapshots[0].State) if [ "$status" = completed ]; then break; fi sleep 10 done @@ -166,35 +171,50 @@ for type in hvm pv; do # Delete the volume. if [ -n "$volId" ]; then echo "deleting volume..." - ec2-delete-volume "$volId" --region "$region" || true + aws ec2 delete-volume --volume-id "$volId" --region "$region" || true rm -f $stateDir/$region.$type.vol-id fi - extraFlags="-b /dev/sda1=$snapId:$vhdFileLogicalGigaBytes:true:gp2" + blockDeviceMappings="DeviceName=/dev/sda1,Ebs={SnapshotId=$snapId,VolumeSize=$vhdFileLogicalGigaBytes,DeleteOnTermination=true,VolumeType=gp2}" + extraFlags="" if [ $type = pv ]; then - extraFlags+=" --root-device-name=/dev/sda1" + extraFlags+=" --root-device-name /dev/sda1" + else + extraFlags+=" --root-device-name /dev/sda1" + extraFlags+=" --sriov-net-support simple" + extraFlags+=" --ena-support" fi - extraFlags+=" -b /dev/sdb=ephemeral0 -b /dev/sdc=ephemeral1 -b /dev/sdd=ephemeral2 -b /dev/sde=ephemeral3" + blockDeviceMappings+=" DeviceName=/dev/sdb,VirtualName=ephemeral0" + blockDeviceMappings+=" DeviceName=/dev/sdc,VirtualName=ephemeral1" + blockDeviceMappings+=" DeviceName=/dev/sdd,VirtualName=ephemeral2" + blockDeviceMappings+=" DeviceName=/dev/sde,VirtualName=ephemeral3" + fi + + if [ $type = hvm ]; then + extraFlags+=" --sriov-net-support simple" + extraFlags+=" --ena-support" fi # Register the AMI. if [ $type = pv ]; then - kernel=$(ec2-describe-images -o amazon --filter "manifest-location=*pv-grub-hd0_1.04-$arch*" --region "$region" | cut -f 2) - [ -n "$kernel" ] + kernel=$(aws ec2 describe-images --owner amazon --filters "Name=name,Values=pv-grub-hd0_1.04-$arch.gz" | jq -r .Images[0].ImageId) + if [ "$kernel" = null ]; then break; fi echo "using PV-GRUB kernel $kernel" extraFlags+=" --virtualization-type paravirtual --kernel $kernel" else extraFlags+=" --virtualization-type hvm" fi - ami=$(ec2-register \ - -n "$name" \ - -d "$description" \ + ami=$(aws ec2 register-image \ + --name "$name" \ + --description "$description" \ --region "$region" \ --architecture "$arch" \ - $extraFlags | cut -f 2) + --block-device-mappings $blockDeviceMappings \ + $extraFlags | jq -r .ImageId) + if [ "$ami" = null ]; then break; fi fi echo -n "$ami" > $amiFile @@ -204,19 +224,23 @@ for type in hvm pv; do ami=$(cat $amiFile) fi + echo "region = $region, type = $type, store = $store, ami = $ami" + if [ -z "$NO_WAIT" -o -z "$prevAmi" ]; then - echo "waiting for AMI..." + echo -n "waiting for AMI..." while true; do - status=$(ec2-describe-images "$ami" --region "$region" | head -n1 | cut -f 5) + status=$(aws ec2 describe-images --image-ids "$ami" --region "$region" | jq -r .Images[0].State) if [ "$status" = available ]; then break; fi sleep 10 + echo -n '.' done + echo - ec2-modify-image-attribute \ - --region "$region" "$ami" -l -a all + # Make the image public. + aws ec2 modify-image-attribute \ + --image-id "$ami" --region "$region" --launch-permission 'Add={Group=all}' fi - echo "region = $region, type = $type, store = $store, ami = $ami" if [ -z "$prevAmi" ]; then prevAmi="$ami" prevRegion="$region" -- cgit 1.4.1