pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / maintainers / scripts / ec2 / create-ebs-amis.py
at v192 7.7 kB view raw
1#! /usr/bin/env python 2 3import os 4import sys 5import time 6import argparse 7import nixops.util 8from nixops import deployment 9from boto.ec2.blockdevicemapping import BlockDeviceMapping, BlockDeviceType 10import boto.ec2 11from nixops.statefile import StateFile, get_default_state_file 12 13parser = argparse.ArgumentParser(description='Create an EBS-backed NixOS AMI') 14parser.add_argument('--region', dest='region', required=True, help='EC2 region to create the image in') 15parser.add_argument('--channel', dest='channel', default="14.12", help='Channel to use') 16parser.add_argument('--keep', dest='keep', action='store_true', help='Keep NixOps machine after use') 17parser.add_argument('--hvm', dest='hvm', action='store_true', help='Create HVM image') 18parser.add_argument('--key', dest='key_name', action='store_true', help='Keypair used for HVM instance creation', default="rob") 19args = parser.parse_args() 20 21instance_type = "m3.medium" if args.hvm else "m1.small" 22 23if args.hvm: 24 virtualization_type = "hvm" 25 root_block = "/dev/sda1" 26 image_type = 'hvm' 27else: 28 virtualization_type = "paravirtual" 29 root_block = "/dev/sda" 30 image_type = 'ebs' 31 32ebs_size = 20 33 34# Start a NixOS machine in the given region. 35f = open("ebs-creator-config.nix", "w") 36f.write('''{{ 37 resources.ec2KeyPairs.keypair.accessKeyId = "lb-nixos"; 38 resources.ec2KeyPairs.keypair.region = "{0}"; 39 40 machine = 41 {{ pkgs, ... }}: 42 {{ 43 deployment.ec2.accessKeyId = "lb-nixos"; 44 deployment.ec2.region = "{0}"; 45 deployment.ec2.blockDeviceMapping."/dev/xvdg".size = pkgs.lib.mkOverride 10 {1}; 46 }}; 47}} 48'''.format(args.region, ebs_size)) 49f.close() 50 51db = StateFile(get_default_state_file()) 52try: 53 depl = db.open_deployment("ebs-creator") 54except Exception: 55 depl = db.create_deployment() 56 depl.name = "ebs-creator" 57depl.logger.set_autoresponse("y") 58depl.nix_exprs = [os.path.abspath("./ebs-creator.nix"), os.path.abspath("./ebs-creator-config.nix")] 59if not args.keep: depl.destroy_resources() 60depl.deploy(allow_reboot=True) 61 62m = depl.machines['machine'] 63 64# Do the installation. 65device="/dev/xvdg" 66if args.hvm: 67 m.run_command('parted -s /dev/xvdg -- mklabel msdos') 68 m.run_command('parted -s /dev/xvdg -- mkpart primary ext2 1M -1s') 69 device="/dev/xvdg1" 70 71m.run_command("if mountpoint -q /mnt; then umount /mnt; fi") 72m.run_command("mkfs.ext4 -L nixos {0}".format(device)) 73m.run_command("mkdir -p /mnt") 74m.run_command("mount {0} /mnt".format(device)) 75m.run_command("touch /mnt/.ebs") 76m.run_command("mkdir -p /mnt/etc/nixos") 77 78m.run_command("nix-channel --add https://nixos.org/channels/nixos-{} nixos".format(args.channel)) 79m.run_command("nix-channel --update") 80 81version = m.run_command("nix-instantiate --eval-only -A lib.nixpkgsVersion '<nixpkgs>'", capture_stdout=True).split(' ')[0].replace('"','').strip() 82print >> sys.stderr, "NixOS version is {0}".format(version) 83if args.hvm: 84 m.upload_file("./amazon-base-config.nix", "/mnt/etc/nixos/amazon-base-config.nix") 85 m.upload_file("./amazon-hvm-config.nix", "/mnt/etc/nixos/configuration.nix") 86 m.upload_file("./amazon-hvm-install-config.nix", "/mnt/etc/nixos/amazon-hvm-install-config.nix") 87 m.run_command("NIXOS_CONFIG=/etc/nixos/amazon-hvm-install-config.nix nixos-install") 88else: 89 m.upload_file("./amazon-base-config.nix", "/mnt/etc/nixos/configuration.nix") 90 m.run_command("nixos-install") 91 92m.run_command("umount /mnt") 93 94if args.hvm: 95 ami_name = "nixos-{0}-x86_64-hvm".format(version) 96 description = "NixOS {0} (x86_64; EBS root; hvm)".format(version) 97else: 98 ami_name = "nixos-{0}-x86_64-ebs".format(version) 99 description = "NixOS {0} (x86_64; EBS root)".format(version) 100 101 102# Wait for the snapshot to finish. 103def check(): 104 status = snapshot.update() 105 print >> sys.stderr, "snapshot status is {0}".format(status) 106 return status == '100%' 107 108m.connect() 109volume = m._conn.get_all_volumes([], filters={'attachment.instance-id': m.resource_id, 'attachment.device': "/dev/sdg"})[0] 110 111# Create a snapshot. 112snapshot = volume.create_snapshot(description=description) 113print >> sys.stderr, "created snapshot {0}".format(snapshot.id) 114 115nixops.util.check_wait(check, max_tries=120) 116 117m._conn.create_tags([snapshot.id], {'Name': ami_name}) 118 119if not args.keep: depl.destroy_resources() 120 121# Register the image. 122aki = m._conn.get_all_images(filters={'manifest-location': 'ec2*pv-grub-hd0_1.03-x86_64*'})[0] 123print >> sys.stderr, "using kernel image {0} - {1}".format(aki.id, aki.location) 124 125block_map = BlockDeviceMapping() 126block_map[root_block] = BlockDeviceType(snapshot_id=snapshot.id, delete_on_termination=True, size=ebs_size, volume_type="gp2") 127block_map['/dev/sdb'] = BlockDeviceType(ephemeral_name="ephemeral0") 128block_map['/dev/sdc'] = BlockDeviceType(ephemeral_name="ephemeral1") 129block_map['/dev/sdd'] = BlockDeviceType(ephemeral_name="ephemeral2") 130block_map['/dev/sde'] = BlockDeviceType(ephemeral_name="ephemeral3") 131 132common_args = dict( 133 name=ami_name, 134 description=description, 135 architecture="x86_64", 136 root_device_name=root_block, 137 block_device_map=block_map, 138 virtualization_type=virtualization_type, 139 delete_root_volume_on_termination=True 140 ) 141if not args.hvm: 142 common_args['kernel_id']=aki.id 143 144ami_id = m._conn.register_image(**common_args) 145 146print >> sys.stderr, "registered AMI {0}".format(ami_id) 147 148print >> sys.stderr, "sleeping a bit..." 149time.sleep(30) 150 151print >> sys.stderr, "setting image name..." 152m._conn.create_tags([ami_id], {'Name': ami_name}) 153 154print >> sys.stderr, "making image public..." 155image = m._conn.get_all_images(image_ids=[ami_id])[0] 156image.set_launch_permissions(user_ids=[], group_names=["all"]) 157 158# Do a test deployment to make sure that the AMI works. 159f = open("ebs-test.nix", "w") 160f.write( 161 ''' 162 {{ 163 network.description = "NixOS EBS test"; 164 165 resources.ec2KeyPairs.keypair.accessKeyId = "lb-nixos"; 166 resources.ec2KeyPairs.keypair.region = "{0}"; 167 168 machine = {{ config, pkgs, resources, ... }}: {{ 169 deployment.targetEnv = "ec2"; 170 deployment.ec2.accessKeyId = "lb-nixos"; 171 deployment.ec2.region = "{0}"; 172 deployment.ec2.instanceType = "{2}"; 173 deployment.ec2.keyPair = resources.ec2KeyPairs.keypair.name; 174 deployment.ec2.securityGroups = [ "public-ssh" ]; 175 deployment.ec2.ami = "{1}"; 176 }}; 177 }} 178 '''.format(args.region, ami_id, instance_type)) 179f.close() 180 181test_depl = db.create_deployment() 182test_depl.auto_response = "y" 183test_depl.name = "ebs-creator-test" 184test_depl.nix_exprs = [os.path.abspath("./ebs-test.nix")] 185test_depl.deploy(create_only=True) 186test_depl.machines['machine'].run_command("nixos-version") 187 188# Log the AMI ID. 189f = open("ec2-amis.nix".format(args.region, image_type), "w") 190f.write("{\n") 191 192for dest in [ 'us-east-1', 'us-west-1', 'us-west-2', 'eu-west-1', 'eu-central-1', 'ap-southeast-1', 'ap-southeast-2', 'ap-northeast-1', 'sa-east-1']: 193 copy_image = None 194 if args.region != dest: 195 try: 196 print >> sys.stderr, "copying image from region {0} to {1}".format(args.region, dest) 197 conn = boto.ec2.connect_to_region(dest) 198 copy_image = conn.copy_image(args.region, ami_id, ami_name, description=None, client_token=None) 199 except : 200 print >> sys.stderr, "FAILED!" 201 202 # Log the AMI ID. 203 if copy_image != None: 204 f.write(' "{0}"."{1}".{2} = "{3}";\n'.format(args.channel,dest,"hvm" if args.hvm else "ebs",copy_image.image_id)) 205 else: 206 f.write(' "{0}"."{1}".{2} = "{3}";\n'.format(args.channel,args.region,"hvm" if args.hvm else "ebs",ami_id)) 207 208 209f.write("}\n") 210f.close() 211 212if not args.keep: 213 test_depl.logger.set_autoresponse("y") 214 test_depl.destroy_resources() 215 test_depl.delete() 216