Create an Amazon Machine Image (AMI) from a FreePBX Virtual Machine (VM)
Yasitha Bogamuwa
Posted on June 14, 2022
Creating an Amazon Machine Image (AMI) from a FreePBX Virtual Machine (VM) is a quick and easy way to create a ready-to-use virtual machine that, once configured, can be used to run your own PBX. This guide will show you how to create an AMI from a VM running the FreePBX open source software.
Prerequisites
- Make sure to install and configure AWS Command Line Interface in your host computer. You can find the instructions here.
- Please use an IAM user with administrator privileges.
- This has been tested on VMware Workstation 15 Professional edition.
Instructions
1. Download the latest FreePBX Distro from here and install it on VMware Workstation.
2. SSH into the instance and install the following packages.
yum install -y cloud-init cloud-utils-growpart
3. Modify the /etc/cloud/cloud.cfg
file as follows.
system_info:
default_user:
name: asterisk
lock_passwd: true
gecos: Asterisk User
groups: [wheel, adm, systemd-journal]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/bash
distro: rhel
paths:
cloud_dir: /var/lib/cloud
templates_dir: /etc/cloud/templates
ssh_svcname: sshd
4. Change the /etc/ssh/sshd_config file as follows.
PasswordAuthentication no
PermitRootLogin no
UseDNS no
5. Shutdown the VM and export it as an OVA file.
6. Create an S3 bucket and upload the exported OVA file either using AWS CLI or an S3 Client. I used Cyberduck S3 Client and it is freely available [here (https://cyberduck.io/download/).
7. You'll need to create the following policy documents. Make sure to change S3 bucket and OVA file name based on your configurations. In this example, S3 Bucket name and OVA file name will be ami-storage and FreePBX.ova, respectively.
7.A. Create trust-policy.json. This will be used to create the vmimport IAM role.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": { "Service": "vmie.amazonaws.com" },
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals":{
"sts:Externalid": "vmimport"
}
}
}
]
}
# Create vmimport IAM role
aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
7.B. Create role-policy.json. This will be used to assign necessary IAM policies to the vmimport role.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::ami-storage"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::ami-storage/*"
]
},
{
"Effect": "Allow",
"Action":[
"ec2:ModifySnapshotAttribute",
"ec2:CopySnapshot",
"ec2:RegisterImage",
"ec2:Describe*"
],
"Resource": "*"
}
]
}
# Create and assign necessary IAM policies to the vmimport role
aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json
7.C. Create containers.json. This will be used to generate an AMI from the uploaded OVA.
[
{
"Description": "FreePBX",
"Format": "ova",
"UserBucket": {
"S3Bucket": "ami-storage",
"S3Key": "FreePBX.ova"
}
}
]
# Generate an AMI from the uploaded OVA
aws ec2 import-image --description "FreePBX" --license-type BYOL --disk-containers file://containers.json
7.D. The previous task can range in estimated completion from 15 to 60 minutes. You can check its progress with the following command by replacing the ImportTaskId shown in the above command.
aws ec2 describe-import-image-tasks --import-task-ids import-ami-0b900a870c359a58f
7.E. The task will remain active with "StatusMessage": "pending"
until it reaches completion. The "Progress"
attribute will indicate the percentage of work made up to that point. Once the state switches to "completed"
and the previous command gives additional information about the conversion of the image to AMI format, you will be provided with a new AMI available in the same region where you creted the S3 bucket. It can be used to provision a FreePBX EC2 instance.
If you liked the post, then you may purchase my first cup of coffee ever, thanks in advance :)
References
1. Importing a VM as an Image Using VM Import/Export
2. How to create a Sentilo AWS EC2 instance from an OVA file
3. FreePBX Tango Scenes by Crisy Meschieri
Posted on June 14, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.