build-ubuntu-ami 0.1.0 → 1.0.1

data/README.md

@@ -26,3 +26,11 @@ It works as follows:
 Booting and logging in to a system offers many opportunities to leak secret credentials (even if you [delete them](http://alestic.com/2009/09/ec2-public-ebs-danger)). Creating an AMI from a pristine image rather than a running root volume obviates the need to remove leaked credentials.
 
 This script does not need a private key & cert for credentials. It uses the AWS Access Key ID and Secret Access Key.
+
+## Troubleshooting
+
+If you're running into an issue where you need to run CLI commands, its helpful to ssh to the instance and enter into the chroot environment. Do the following:
+
+   $ cd /mnt/$IMAGE_NAME
+   $ sudo chroot . /bin/bash
+

data/bin/build-ubuntu-ami

@@ -16,6 +16,7 @@ OptionParser.new do |opts|
   opts.on('-c', '--codename=CODENAME', "Ubuntu release codename (#{options[:codename]})") { |o| options[:codename] = o }
   opts.on('-k', '--key_name=KEY_NAME', "EC2 key name for scratch AMI (#{options[:key_name]})") { |o| options[:key_name] = o }
   opts.on('-g', '--group=GROUP', "EC2 security group for scratch AMI (#{options[:group]})") { |o| options[:group] = o }
+  opts.on('-a', '--arch=ARCH', "Processor architecture for scratch AMI (#{options[:arch]})") { |o| options[:arch] = o }
 
   opts.on('-h', '--help', 'Show this message') { puts opts; exit }
 end.parse!

data/data/user_data.sh.erb

@@ -13,16 +13,21 @@ mkdir -p $imagedir
 mount -o loop $image $imagedir
 
 # Allow network access from chroot environment
+# cp fails because the symlink reference doesn't exist. Create a backup for now.
+if [ -e $imagedir/etc/resolve.conf ]; then mv $imagedir/etc/resolv.conf $imagedir/etc/resolv.conf.bak; fi
 cp /etc/resolv.conf $imagedir/etc/
 
 # Upgrade and install packages on the target file system
 chroot $imagedir mount -t proc none /proc
-#sudo chroot $imagedir mount -t devpts none /dev/pts
+
+# prevent daemons from starting during apt-get 
 cat <<EOF | tee $imagedir/usr/sbin/policy-rc.d > /dev/null
 #!/bin/sh
 exit 101
 EOF
+
 chmod 755 $imagedir/usr/sbin/policy-rc.d
+
 chroot $imagedir apt-get update
 chroot $imagedir apt-get dist-upgrade -y
 
@@ -35,13 +40,25 @@ chmod +x $imagedir/tmp/custom_user_script
 chroot $imagedir /tmp/custom_user_script
 # END CUSTOM USER SCRIPT
 
+# Put resolv.conf symlink back in place
+rm -rf  $imagedir/etc/resolve.conf
+if [ -e $imagedir/etc/resolve.conf.bak ]; then mv $imagedir/etc/resolv.conf.bak $imagedir/etc/resolv.conf; fi
+
 # Clean up chroot environment
 chroot $imagedir umount /proc
-#chroot $imagedir umount /dev/pts
+
+# Clean up policy-rc.d
 rm -f $imagedir/usr/sbin/policy-rc.d
 
 # Wait for EBS volume to be attached
 dev=<%= ebs_device %>
+
+# Device names changed in precise/sid. lsb_release modules arent loaded so use debian_version.
+codename=$(cat /etc/debian_version)
+if [ "$codename" == "wheezy/sid" ]; then
+    dev="/dev/xvdi"
+fi
+
 while [ ! -e $dev ]; do sleep 1; done
 
 # Format and mount the EBS volume
@@ -53,6 +70,7 @@ mount $dev $ebsimagedir
 # Copy file system from temporary rootdir to EBS volume
 tar -cSf - -C $imagedir . | sudo tar xvf - -C $ebsimagedir
 
+# Unmount 
 umount $imagedir
 umount $ebsimagedir
 

data/lib/build_ubuntu_ami.rb

@@ -15,7 +15,7 @@ class BuildUbuntuAmi
       :flavor   => 'm1.small',
       :brand    => 'My',
       :size     => 20,
-      :codename => 'lucid',
+      :codename => 'precise',
       :key_name => 'default',
       :group    => 'default',
       :arch     => 'amd64',
@@ -61,7 +61,6 @@ class BuildUbuntuAmi
     else
       arch
     end
-
   end
 
   def description
@@ -132,14 +131,13 @@ class BuildUbuntuAmi
     server.destroy
   end
 
-
   def build!
     launch_server!
     launch_volume!
 
     puts "waiting for user_data to complete and server to shut down..."
     puts "Follow along by running:"
-    puts "  ssh -l #{server.username} #{server.dns_name} 'tail -f /var/log/user.log'"
+    puts "  ssh -l #{server.username} #{server.dns_name} 'tail -f /var/log/user-data.log'"
     server.wait_for { state == 'stopped' }
 
     puts "Detaching volume"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: build-ubuntu-ami
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 1.0.1
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-06-09 00:00:00.000000000 Z
+date: 2013-01-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fog
@@ -60,7 +60,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 1.3.5
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 1.8.24
 signing_key: 
 specification_version: 3
 summary: Securely create a customized Ubuntu Amazon Machine Image.