This project enables running an Amazon Linux AMI on a local VirtualBox virtual machine via Vagrant.
Preserve all the benefits of using the Amazon Linux AMI in production while minimizing differences between EC2 and local development environments.
Examples:
./export.py --ami-name amzn-ami-hvm-2014.09.2.x86_64-gp2 [--vpc-name name] [--yum-proxy url]
./export.py --ami-name amzn-ami-hvm-2015.03.1.x86_64-gp2 [--vpc-name name] [--yum-proxy url]
./export.py --ami-name amzn-ami-hvm-2015.09.1.x86_64-gp2 [--vpc-name name] [--yum-proxy url]
./export.py --ami-name amzn-ami-hvm-2016.03.3.x86_64-gp2 [--vpc-name name] [--yum-proxy url]
These examples export vagrant box files named AMI_NAME-DATETIME.box
and AMI_NAME-DATETIME-guest.box
.
The export.py
script will:
launch builder instance attach source image volume export-vmdk.sh (device -> vmdk) chroot - remove aws dependencies chroot - add vagrant user create vmdk download vmdk package-vagrant-box.sh (vmdk -> box) create virtualbox vm package vagrant box install-guest-additions.sh (box -> guest box) install guest additions apply security updates package vagrant box
The software has been tested using:
- VirtualBox 5.1.8
- Vagrant 1.8.6
- Python 2.7
- boto3 1.2.3
- paramiko 1.16.0
- scp 0.10.2
Example on MacOS X host using brew:
brew tap caskroom/cask
brew install brew-cask
brew cask install virtualbox
brew cask install vagrant
pip install -r requirements.txt
AWS account should have default VPC or explicit VPC. Requires AWS credentials with permissions to:
{
"Statement": [{
"Effect": "Allow",
"Action" : [
"ec2:DescribeImages",
"ec2:CreateKeypair",
"ec2:DeleteKeypair",
"ec2:CreateSecurityGroup",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:DeleteSecurityGroup",
"ec2:CreateVolume",
"ec2:AttachVolume",
"ec2:DetachVolume",
"ec2:DeleteVolume",
"ec2:RunInstances",
"ec2:DescribeInstances",
"ec2:ModifyInstanceAttribute"
"ec2:TerminateInstances",
"ec2:CreateTags",
],
"Resource" : "*"
}]
}
The repository urls are only accessible from within the AWS environment. To access these repositories locally there are several options:
- Use VPN connection to EC2, such as OpenVPN Access Server with Viscosity client, and route S3 prefixes over the VPN. See aws ec2 describe-prefix-lists.
- Launch HTTP proxy in EC2 with security group restricted to your IP addresses, and configure image
--yum-proxy
.