In recent years, containerization has become a popular approach for deploying software applications. Containers allow developers to package their applications along with their dependencies into a single portable package, which can be easily deployed across different environments. However, creating and managing container images can be a complex and time-consuming process.
This is where EC2 Image Builder comes in - a managed service provided by AWS that helps to automate the creation, management, and deployment of container images. With EC2 Image Builder, you can easily create and maintain secure, up-to-date container images that can be used across multiple environments.
In this blog post, we will explore how to create a container image pipeline using the EC2 Image Builder. We'll take a step-by-step approach, starting from setting up our environment to creating, testing, and deploying container images using EC2 Image Builder. We'll also cover some best practices for creating container images and show how EC2 Image Builder can help you adhere to those best practices.
TABLE OF CONTENTS:
- How EC2 Image Builder works?
- AWS Services Used
- Create & Configure Amazon ECR
- Create & Configure Image Pipeline
- Pipeline Output
- EC2 Image Builder pricing
- Resource CleanUp
- FAQs
How EC2 Image Builder works?
With Image Builder, customers can easily automate their image management processes using an intuitive wizard available on the AWS console.
This service enables them to generate a streamlined pipeline to create Linux and Windows Server images that comply with standards, both for AWS and on-premises use.
Additionally, Image Builder ensures that the images are kept up to date by automatically generating new ones when software updates become available.
After testing the newly created images, they are automatically distributed to the specified AWS regions.
In summary, Image Builder provides a convenient and efficient way to manage images and keep them current.
AWS Services Used
- EC2 Image Builder
- Amazon ECR
- Amazon EC2
- Identity and Access Management (IAM)
- Cloud Watch
EC2 Image Builder
Amazon EC2 Image Builder is a fully managed AWS service that simplifies the creation, customization, and distribution of Amazon Machine Images (AMIs) for EC2 instances. It allows you to automate the image building process by providing a graphical interface or API-driven approach to create, maintain, and distribute custom images that meet your specific configuration requirements.
Amazon ECR
Amazon Elastic Container Registry (ECR) is a fully managed Docker container registry that makes it easy to store, manage, and deploy Docker container images. ECR integrates with other AWS services like Amazon ECS, Amazon EKS, and AWS Fargate, and offers features such as image scanning, lifecycle policies, and integration with AWS Identity and Access Management (IAM) for secure access control.
Amazon EC2
EC2 instances used for EC2 Image Builder are virtual servers that can be launched and managed on-demand. These instances provide the computing power and resources necessary for EC2 Image Builder to build, test, and deploy images. When building images, EC2 Image Builder launches and manages temporary instances, known as build instances, to perform the image building tasks.
Identity and Access Management (IAM)
AWS Identity and Access Management (IAM) is used with EC2 Image Builder to provide secure access control and manage permissions for users and services that interact with EC2 Image Builder. Additionally, IAM enables integration with other AWS services, such as Amazon S3, which is commonly used to store and manage EC2 Image Builder artifacts.
Cloud Watch
Additionally, IAM enables integration with other AWS services, such as Amazon S3, which is commonly used to store and manage EC2 Image Builder artifacts. With CloudWatch, users can monitor the health of their EC2 Image Builder resources, such as build instances and pipelines, and troubleshoot issues by analyzing logs and metrics.
Create & Configure Amazon ECR
Sign into the AWS Management Console and open the Amazon ECR console and click on Create Repository.
In the Visibility settings select Private and write the repository name.
Enable Scan on Push to have each image automatically scanned after being pushed to a repository
Create & Configure image pipeline
Step 1: Specify pipeline details
Open the EC2 Image Builder console and click on Create image pipeline
Enter the Pipeline name and select enable enhanced metadata collection
In schedule options keep Schedule builder as select Run pipeline at the scheduled time if there are dependency updates
Step 2: Choose recipe
Select Create new recipe in the configuration options and select Docker image as image type
In the General section, enter name and version as 1.0.0 for the configuration
Select managed images and Amazon Linux as Image Operating System
Select Quick Start as image origin and choose an image name as per your choice. Use the latest available OS version as Auto-versioning option
Let's select two build components
Dockerfile template will be created by default from your above configurations
Select Target repository which you created earlier
Step 3: Define infrastructure configuration
Keep the infrastructure configuration as default.
Step 4: Define distribution settings
Keep the distribution settings as default.
Click on Create Pipeline
Pipeline Output
As you have scheduled your pipeline to be executed at a particular time you need to manually Run Pipeline
Here is the log from CloudWatch
EC2 Image Builder pricing
Using EC2 Image Builder to build unique AMI or container images is free. Other services employed in the process, however, are included in the standard pricing. Depending on your configuration, the use of the following AWS services may result in costs when you create, build, store, and distribute your custom AMI or container images.
- Storing logs on Amazon S3
- Storing Amazon EBS Snapshots for your AMIs
- Storing container images in Amazon ECR
- Pushing and pulling container images into and out of Amazon ECR
- Launching an EC2 instance
- Validating images with Amazon Inspector
- If Systems Manager Advanced Tier is turned on, and Amazon EC2 instances run with on-premises activation, you might be charged for resources through Systems Manager
Resource Clean up
It is time for you to clean up your own resources that you have created as part of this article by following the below instructions.
Delete Pipeline
Go to EC2 Image Builder console and choose Image Pipelines from the navigation pane.
Select the pipeline that you have created and on the Actions menu, choose Delete.
To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.
Delete Container Recipe
Choose Container Recipe from the navigation pane and select the container recipe you created.
At the top of the Container recipes panel, on the Actions menu, choose Delete recipe.
To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.
Delete Infrastructure Configuration
Choose Infrastructure Configuration from the navigation pane and select the infrastructure configuration you created.
At the top of the Infrastructure Configuration panel, on the Actions menu, choose Delete recipe.
To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.
Delete Distribution Settings
Choose Distribution Settings from the navigation pane and select the distribution settings you created.
At the top of the Distribution Settings panel, on the Actions menu, choose Delete recipe.
To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.
Delete Image
Choose Images from the navigation pane and select the version of the image you want to delete.
At the top of the Image build versions panel, choose Delete version.
To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.
FAQs
What is an Image Builder recipe?
An EC2 Image Builder recipe is a file that captures the configuration and steps needed to build a specific Amazon Machine Image (AMI). Recipes can be saved, shared, and version-controlled outside of the Image Builder UI, allowing for repeatable builds and collaboration. This enables users to maintain version-controlled recipes with their own version control software, making it easy to share and track changes.
Which operating systems does the Image Builder support?
- Amazon Linux 2 and 2023
- Windows Server 2012R2, 2016, 2019, 2004, 20H2, and 2022
- Ubuntu 18.04 LTS, 20.04 LTS, and 22.04 LTS
- Red Hat Enterprise Linux (RHEL) 7 and 8
- Cent OS 7 and 8
- SUSE Linux Enterprise Server (SLES) 12 and 15
How can I integrate my existing CI/CD pipeline with Image Builder to produce my images?
EC2 Image Builder can be integrated with AWS CI/CD services like CodeBuild and CodePipeline, enabling the creation of a complete end-to-end CI/CD pipeline that handles AMI building, testing, and deployment.
Top comments (1)
That's indeed a detailed blog, @omshree
Keep writing more to share with #awscommunity đź‘Źđź‘Ź