1*58426589SColin Percival#!/bin/sh -e 2*58426589SColin Percival# 3*58426589SColin Percival# Copyright (c) 2015 Colin Percival 4*58426589SColin Percival# 5*58426589SColin Percival# SPDX-License-Identifier: BSD-2-Clause 6*58426589SColin Percival# 7*58426589SColin Percival# mkami.sh: Create an AMI from the currently running EC2 instance. 8*58426589SColin Percival# 9*58426589SColin Percival 10*58426589SColin Percivalexport PATH=$PATH:/usr/local/bin 11*58426589SColin Percival 12*58426589SColin PercivalNAME=$1 13*58426589SColin Percivalif [ -z "$NAME" ]; then 14*58426589SColin Percival echo "usage: mkami <AMI name> [<AMI description>]" 15*58426589SColin Percival exit 1 16*58426589SColin Percivalfi 17*58426589SColin PercivalDESC=$2 18*58426589SColin Percivalif ! [ -z "$DESC" ]; then 19*58426589SColin Percival DESCOPT="--description '$DESC'" 20*58426589SColin Percivalfi 21*58426589SColin Percival 22*58426589SColin Percival# Get the instance ID and region from the EC2 Instance Metadata Service: 23*58426589SColin Percival# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html 24*58426589SColin PercivalTMPFILE=`mktemp` 25*58426589SColin Percivalfetch -qo $TMPFILE http://169.254.169.254/latest/dynamic/instance-identity/document 26*58426589SColin PercivalINST=`awk -F \" '/"instanceId"/ { print $4 }' $TMPFILE` 27*58426589SColin PercivalREGION=`awk -F \" '/"region"/ { print $4 }' $TMPFILE` 28*58426589SColin Percivalrm $TMPFILE 29*58426589SColin PercivalCMD="aws --region $REGION ec2 create-image --instance-id $INST --output text --no-reboot --name '$NAME' $DESCOPT" 30*58426589SColin Percival 31*58426589SColin Percival# Unmount the new system image 32*58426589SColin Percivalif mount -p | grep -q '/mnt.*ufs'; then 33*58426589SColin Percival echo -n "Unmounting new system image..." 34*58426589SColin Percival sync 35*58426589SColin Percival umount /mnt 36*58426589SColin Percival sync 37*58426589SColin Percival sleep 5 38*58426589SColin Percival sync 39*58426589SColin Percival echo " done." 40*58426589SColin Percivalelif mount -p | grep -q '/mnt.*zfs'; then 41*58426589SColin Percival echo -n "Unmounting new system image..." 42*58426589SColin Percival sync 43*58426589SColin Percival zfs umount -a 44*58426589SColin Percival zfs umount zroot/ROOT/default 45*58426589SColin Percival sync 46*58426589SColin Percival sleep 5 47*58426589SColin Percival sync 48*58426589SColin Percival echo " done." 49*58426589SColin Percivalfi 50*58426589SColin Percival 51*58426589SColin Percivalif eval "$CMD" --dry-run 2>&1 | 52*58426589SColin Percival grep -qE 'UnauthorizedOperation|Unable to locate credentials'; then 53*58426589SColin Percival echo "This EC2 instance does not have permission to create AMIs." 54*58426589SColin Percival echo "Launch an AMI-builder instance with an appropriate IAM Role," 55*58426589SColin Percival echo "create an AMI from this instance via the AWS Console, or run" 56*58426589SColin Percival echo "the following command from a system with the necessary keys:" 57*58426589SColin Percival echo 58*58426589SColin Percival echo "$CMD" 59*58426589SColin Percival exit 60*58426589SColin Percivalfi 61*58426589SColin Percival 62*58426589SColin Percivalecho -n "Creating AMI..." 63*58426589SColin PercivalAMINAME=`eval "$CMD"` 64*58426589SColin Percivalecho " done." 65*58426589SColin Percivalecho "AMI created in $REGION: $AMINAME" 66