AWS AMI Builder

Construire des Amazon Machine Images (AMIs) en utilisant le builder amazon-ebs de Packer.

Référence : Amazon EBS Builder

Note : La construction d'AMIs entraîne des coûts AWS (instances EC2, stockage EBS, transfert de données). Les builds prennent généralement 10 à 30 minutes selon la complexité du provisioning.

Basic AMI Template

packer {
  required_plugins {
    amazon = {
      source  = "github.com/hashicorp/amazon"
      version = "~> 1.3"
    }
  }
}

variable "region" {
  type    = string
  default = "us-west-2"
}

locals {
  timestamp = regex_replace(timestamp(), "[- TZ:]", "")
}

source "amazon-ebs" "ubuntu" {
  region        = var.region
  instance_type = "t3.micro"

  source_ami_filter {
    filters = {
      name                = "ubuntu/images/*ubuntu-jammy-22.04-amd64-server-*"
      root-device-type    = "ebs"
      virtualization-type = "hvm"
    }
    most_recent = true
    owners      = ["099720109477"] # Canonical
  }

  ssh_username = "ubuntu"
  ami_name     = "my-app-${local.timestamp}"

  tags = {
    Name      = "my-app"
    BuildDate = local.timestamp
  }
}

build {
  sources = ["source.amazon-ebs.ubuntu"]

  provisioner "shell" {
    inline = [
      "sudo apt-get update",
      "sudo apt-get upgrade -y",
    ]
  }
}

Common Source AMI Filters

Ubuntu 22.04 LTS

source_ami_filter {
  filters = {
    name                = "ubuntu/images/*ubuntu-jammy-22.04-amd64-server-*"
    root-device-type    = "ebs"
    virtualization-type = "hvm"
  }
  most_recent = true
  owners      = ["099720109477"] # Canonical
}

Amazon Linux 2023

source_ami_filter {
  filters = {
    name                = "al2023-ami-*-x86_64"
    root-device-type    = "ebs"
    virtualization-type = "hvm"
  }
  most_recent = true
  owners      = ["amazon"]
}

Multi-Region AMI

source "amazon-ebs" "ubuntu" {
  region        = "us-west-2"
  instance_type = "t3.micro"

  source_ami_filter {
    filters = {
      name = "ubuntu/images/*ubuntu-jammy-22.04-amd64-server-*"
    }
    most_recent = true
    owners      = ["099720109477"]
  }

  ssh_username = "ubuntu"
  ami_name     = "my-app-${local.timestamp}"

  # Copy to additional regions
  ami_regions = ["us-east-1", "us-east-2", "eu-west-1"]
}

Authentication

Packer utilise la résolution des credentials AWS :

1. Variables d'environnement : AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
2. Fichier de credentials AWS : ~/.aws/credentials
3. Profil d'instance IAM (lors de l'exécution sur EC2)

export AWS_ACCESS_KEY_ID="your-access-key"
export AWS_SECRET_ACCESS_KEY="your-secret-key"
export AWS_REGION="us-west-2"

packer build .

Build Commands

# Initialize plugins
packer init .

# Validate template
packer validate .

# Build AMI
packer build .

# Build with variables
packer build -var "region=us-east-1" .

Common Issues

SSH Timeout

• Vérifiez que le groupe de sécurité autorise SSH (port 22)
• Confirmer que le subnet dispose d'un accès internet

AMI Already Exists

• Les noms d'AMI doivent être uniques
• Utilisez un timestamp dans le nom : my-app-${local.timestamp}

Volume Size Too Small

• Vérifiez la taille du volume de l'AMI source
• Définissez launch_block_device_mappings.volume_size en conséquence

References

• Amazon EBS Builder
• AWS AMI Documentation