-
Notifications
You must be signed in to change notification settings - Fork 14
Getting started
Using Buri itself is a fairly simple process:
- Checklist before you begin
- Create SSH key .PEM file
- Create bundle S3 bucket
- Create IAM role
- Create builder node
- Create local configuration
- Create foundation and base AMIs
- Create role AMIs
- Buri currently requires an account at Amazon AWS. In the future it will be possible to work with AWS-compatible Eucalyptus clouds.
- You will need your your AWS account details for some configurations
- Individual role configurations may require additional information or aspects to be configured. Please see the relevant page for the specific role you will be building.
You may use an existing key pair if you have one, and skip these steps.
- In the AWS EC2 console left-side menu, under "Network & Security", click "Key Pairs"
- Click "Create Key Pair", and give it a name.
- Save, backup, and protect the resulting .PEM file offered for download
- This is the ONLY time it will be offered for download, it cannot be recovered.
- Anyone who has this key, will be able to log into your instances. Keep it secure
If you do not already have an S3 bucket/folder to hold images for instance root volumes, and you wish to use these (recommended for production), perform the following steps:
- Open the AWS S3 console
- Click "Create Bucket", provide a name, and ensure you select the correct region in wish you will be generating images.
- Optional: Create a folder within your bucket for images to be placed.
-
In the AWS IAM console left-side menu, click "Roles"
-
Click "Create New Role"
-
Give it a name. ("Buri" or "Aminator" is suggested)
-
On the "Select Role Type" screen, click "Select" next to "Amazon EC2"
-
Click "Custom Policy", then "Select"
-
Under "Policy Name", give it the same name as in 3rd point of this section.
-
Under "Policy Document", paste in the file policies/aminator.sample from the Buri distribution
-
Edit the following text in what was pasted, to reflect the S3 bucket you have created for holding AMI bundles
"Resource": [ "arn:aws:s3:::aminator-images/*", "arn:aws:s3:::aminator-images" ]
Note: you must give access to the whole bucket, no folders, as this confuses ec2-upload-bundle.
-
Click "Continue" and then "Create Role" to complete creating the IAM role needed by Buri.
-
Boot an official Ubuntu LTS AMI (12.04 or 14.04) in EC2
- You boot the version you wish to base AMIs upon.
- Instance type can be a t1.micro if only building EBS root AMIs, need m1.small or something with sufficient instance storage if building instance storage AMIs.
- Ensure the IAM role create above is applied to the instance
-
SSH to the launched instance
ssh ubuntu@<hostname>
-
Install git
sudo apt-get update sudo apt-get install git-core
-
Checkout Buri from github:
git clone https://github.com/viafoura/buri.git cd buri
-
Complete initial setup with provided script (installs ansible, ec2 api/ami and other tools):
./setup_initial.sh
-
Copy the defaults file to the local folder for editing:
cp playbooks/vars/site.defaults.yml playbooks/local/site.yml
-
Edit the new site.yml file
-
Remove this line:
site_defaults: True
-
Modify/uncomment and tailor the values per your needs
- ami_build_* values influence what types if AMIs are generated
- ami_bundle_* values configure where to place instance storage AMI bundles
- other values will be described in the role configuration section
-
Generate bundle signing keys
./create-bundle-keys.sh
-
Create a new foundation AMI set. This is like a local copy of a fresh install of the OS, with only updates applied. Very little should be different than the official Ubuntu AMIs. You need this local copy as it is not possible to mount the EBS snapshots for the official images:
./create-foundation.sh
-
Create a new base AMI set, using as input, the PVM AMI ID from foundation step. This is your local base install, with various additions you wish to see globally applied.
./resnap.sh <foundation-pvm-ami-ID> base
-
Create a role-based AMI set, using as input, the PVM AMI ID from base step
./resnap.sh <base-pvm-ami-ID> <role name>