Create an Amazon Machine Image (AMI) from a FreePBX Virtual Machine (VM)

yasithab

Yasitha Bogamuwa

Posted on June 14, 2022

Create an Amazon Machine Image (AMI) from a FreePBX Virtual Machine (VM)

Creating an Amazon Machine Image (AMI) from a FreePBX Virtual Machine (VM) is a quick and easy way to create a ready-to-use virtual machine that, once configured, can be used to run your own PBX. This guide will show you how to create an AMI from a VM running the FreePBX open source software.

Prerequisites

  • Make sure to install and configure AWS Command Line Interface in your host computer. You can find the instructions here.
  • Please use an IAM user with administrator privileges.
  • This has been tested on VMware Workstation 15 Professional edition.

Instructions

1. Download the latest FreePBX Distro from here and install it on VMware Workstation.

2. SSH into the instance and install the following packages.

yum install -y cloud-init cloud-utils-growpart
Enter fullscreen mode Exit fullscreen mode

3. Modify the /etc/cloud/cloud.cfg file as follows.

system_info:
  default_user:
    name: asterisk
    lock_passwd: true
    gecos: Asterisk User
    groups: [wheel, adm, systemd-journal]
    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
    shell: /bin/bash
  distro: rhel
  paths:
    cloud_dir: /var/lib/cloud
    templates_dir: /etc/cloud/templates
  ssh_svcname: sshd
Enter fullscreen mode Exit fullscreen mode

4. Change the /etc/ssh/sshd_config file as follows.

PasswordAuthentication no
PermitRootLogin no
UseDNS no
Enter fullscreen mode Exit fullscreen mode

5. Shutdown the VM and export it as an OVA file.

6. Create an S3 bucket and upload the exported OVA file either using AWS CLI or an S3 Client. I used Cyberduck S3 Client and it is freely available [here (https://cyberduck.io/download/).

7. You'll need to create the following policy documents. Make sure to change S3 bucket and OVA file name based on your configurations. In this example, S3 Bucket name and OVA file name will be ami-storage and FreePBX.ova, respectively.

  7.A. Create trust-policy.json. This will be used to create the vmimport IAM role.

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Principal": { "Service": "vmie.amazonaws.com" },
         "Action": "sts:AssumeRole",
         "Condition": {
            "StringEquals":{
               "sts:Externalid": "vmimport"
            }
         }
      }
   ]
}
Enter fullscreen mode Exit fullscreen mode
# Create vmimport IAM role
aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
Enter fullscreen mode Exit fullscreen mode

  7.B. Create role-policy.json. This will be used to assign necessary IAM policies to the vmimport role.

{ 
   "Version": "2012-10-17", 
   "Statement": [ 
      { 
         "Effect": "Allow", 
         "Action": [ 
            "s3:ListBucket", 
            "s3:GetBucketLocation" 
         ], 
         "Resource": [ 
            "arn:aws:s3:::ami-storage" 
         ] 
      }, 
      { 
         "Effect": "Allow", 
         "Action": [ 
            "s3:GetObject" 
         ], 
         "Resource": [ 
            "arn:aws:s3:::ami-storage/*" 
         ] 
      }, 
      { 
         "Effect": "Allow", 
         "Action":[ 
            "ec2:ModifySnapshotAttribute", 
            "ec2:CopySnapshot", 
            "ec2:RegisterImage", 
            "ec2:Describe*" 
         ], 
         "Resource": "*" 
      } 
   ] 
}
Enter fullscreen mode Exit fullscreen mode
# Create and assign necessary IAM policies to the vmimport role
aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json
Enter fullscreen mode Exit fullscreen mode

  7.C. Create containers.json. This will be used to generate an AMI from the uploaded OVA.

[ 
  { 
    "Description": "FreePBX", 
    "Format": "ova", 
    "UserBucket": { 
        "S3Bucket": "ami-storage", 
        "S3Key": "FreePBX.ova" 
    } 
  }
]
Enter fullscreen mode Exit fullscreen mode
# Generate an AMI from the uploaded OVA
aws ec2 import-image --description "FreePBX" --license-type BYOL --disk-containers file://containers.json
Enter fullscreen mode Exit fullscreen mode

  7.D. The previous task can range in estimated completion from 15 to 60 minutes. You can check its progress with the following command by replacing the ImportTaskId shown in the above command.

aws ec2 describe-import-image-tasks --import-task-ids import-ami-0b900a870c359a58f
Enter fullscreen mode Exit fullscreen mode

  7.E. The task will remain active with "StatusMessage": "pending" until it reaches completion. The "Progress" attribute will indicate the percentage of work made up to that point. Once the state switches to "completed" and the previous command gives additional information about the conversion of the image to AMI format, you will be provided with a new AMI available in the same region where you creted the S3 bucket. It can be used to provision a FreePBX EC2 instance.

If you liked the post, then you may purchase my first cup of coffee ever, thanks in advance :)

Buy Me A Coffee

References

1. Importing a VM as an Image Using VM Import/Export
2. How to create a Sentilo AWS EC2 instance from an OVA file
3. FreePBX Tango Scenes by Crisy Meschieri

💖 💪 🙅 🚩
yasithab
Yasitha Bogamuwa

Posted on June 14, 2022

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related