Maximizing Efficiency with EC2 Image Builder for Your Container Image Pipeline

By Omshree Butani / May 05,2023

In recent years, containerization has become a popular approach for deploying software applications. Containers allow developers to package their applications along with their dependencies into a single portable package, which can be easily deployed across different environments. However, creating and managing container images can be a complex and time-consuming process.

This is where EC2 Image Builder comes in - a managed service provided by AWS that helps to automate the creation, management, and deployment of container images. With EC2 Image Builder, you can easily create and maintain secure, up-to-date container images that can be used across multiple environments.

In this blog post, we will explore how to create a container image pipeline using the EC2 Image Builder. We'll take a step-by-step approach, starting from setting up our environment to creating, testing, and deploying container images using EC2 Image Builder. We'll also cover some best practices for creating container images and show how EC2 Image Builder can help you adhere to those best practices.

Table of Contents

How EC2 Image Builder works?

  • With Image Builder, customers can easily automate their image management processes using an intuitive wizard available on the AWS console.
  • This service enables them to generate a streamlined pipeline to create Linux and Windows Server images that comply with standards, both for AWS and on-premises use.
  • Additionally, Image Builder ensures that the images are kept up to date by automatically generating new ones when software updates become available.
  • After testing the newly created images, they are automatically distributed to the specified AWS regions.
  • In summary, Image Builder provides a convenient and efficient way to manage images and keep them current.

AWS Services Used

  • EC2 Image Builder
  • Amazon ECR
  • Amazon EC2
  • Identity and Access Management (IAM)
  • Cloud Watch

EC2 Image Builder

Amazon EC2 Image Builder is a fully managed AWS service that simplifies the creation, customization, and distribution of Amazon Machine Images (AMIs) for EC2 instances. It allows you to automate the image building process by providing a graphical interface or API-driven approach to create, maintain, and distribute custom images that meet your specific configuration requirements.

Amazon ECR

Amazon Elastic Container Registry (ECR) is a fully managed Docker container registry that makes it easy to store, manage, and deploy Docker container images. ECR integrates with other AWS services like Amazon ECS, Amazon EKS, and AWS Fargate, and offers features such as image scanning, lifecycle policies, and integration with AWS Identity and Access Management (IAM) for secure access control.

Amazon EC2

EC2 instances used for EC2 Image Builder are virtual servers that can be launched and managed on-demand. These instances provide the computing power and resources necessary for EC2 Image Builder to build, test, and deploy images. When building images, EC2 Image Builder launches and manages temporary instances, known as build instances, to perform the image building tasks.

Identity and Access Management (IAM)

AWS Identity and Access Management (IAM) is used with EC2 Image Builder to provide secure access control and manage permissions for users and services that interact with EC2 Image Builder. Additionally, IAM enables integration with other AWS services, such as Amazon S3, which is commonly used to store and manage EC2 Image Builder artifacts.

Cloud Watch

Additionally, IAM enables integration with other AWS services, such as Amazon S3, which is commonly used to store and manage EC2 Image Builder artifacts. With CloudWatch, users can monitor the health of their EC2 Image Builder resources, such as build instances and pipelines, and troubleshoot issues by analyzing logs and metrics.

Create & Configure Amazon ECR

  • Sign into the AWS Management Console and open the Amazon ECR console and click on Create Repository.
  • In the Visibility settings select Private and write the repository name.
  • Enable Scan on Push to have each image automatically scanned after being pushed to a repository

Create & Configure image pipeline

Step 1: Specify pipeline details

  • Open the EC2 Image Builder console and click on Create image pipeline
  • Enter the Pipeline name and select enable enhanced metadata> collection
  • In schedule options keep Schedule builder as select Run pipeline at the scheduled time if there are dependency updates

Step 2: Choose recipe

  • Select Create new recipe in the configuration options and select Docker image as image type
  • In the General section, enter name and version as 1.0.0 for the configuration
  • Select managed images and Amazon Linux as Image Operating System
  • Select Quick Start as image origin and choose an image name as per your choice. Use the latest available OS version as Auto-versioning option
  • Let's select two build components
  • Dockerfile template will be created by default from your above configurations
  • Select Target repository which you created earlier

Step 3: Define infrastructure configuration

  • Keep the infrastructure configuration as default.

Step 4: Define distribution settings

  • Keep the distribution settings as default.
  • Click on Create Pipeline

Pipeline Output

  • As you have scheduled your pipeline to be executed at a particular time you need to manually Run Pipeline
  • Here is the log from CloudWatch

EC2 Image Builder pricing

Using EC2 Image Builder to build unique AMI or container images is free. Other services employed in the process, however, are included in the standard pricing. Depending on your configuration, the use of the following AWS services may result in costs when you create, build, store, and distribute your custom AMI or container images.

  • Storing logs on Amazon S3
  • Storing Amazon EBS Snapshots for your AMIs
  • Storing container images in Amazon ECR
  • Pushing and pulling container images into and out of Amazon ECR
  • Launching an EC2 instance
  • Validating images with Amazon Inspector
  • If Systems Manager Advanced Tier is turned on, and Amazon EC2 instances run with on-premises activation, you might be charged for resources through Systems Manager

Resource Clean up

It is time for you to clean up your own resources that you have created as part of this article by following the below instructions.

Delete Pipeline

  • Go to EC2 Image Builder console and choose Image Pipelines from the navigation pane.
  • Select the pipeline that you have created and on the Actions menu, choose Delete.
  • To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.

Delete Container Recipe

  • Choose Container Recipe from the navigation pane and select the container recipe you created.
  • At the top of the Container recipes panel, on the Actions menu, choose Delete recipe.
  • To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.

Delete Container Recipe

  • Choose Container Recipe from the navigation pane and select the container recipe you created.
  • At the top of the Container recipes panel, on the Actions menu, choose Delete recipe.
  • To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.

Delete Infrastructure Configuration

  • Choose Infrastructure Configuration from the navigation pane and select the infrastructure configuration you created.
  • At the top of the Infrastructure Configuration panel, on the Actions menu, choose Delete recipe.
  • To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.

Delete Distribution Settings

  • Choose Distribution Settings from the navigation pane and select the distribution settings you created.
  • At the top of the Distribution Settings panel, on the Actions menu, choose Delete recipe.
  • To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.

Delete Image

  • Choose Images from the navigation pane and select the version of the image you want to delete.
  • At the top of the Image build versions panel, choose Delete version.
  • To confirm the deletion, input "Delete" in the designated field, and then select the option to delete.

FAQs

What is an Image Builder recipe?

An EC2 Image Builder recipe is a file that captures the configuration and steps needed to build a specific Amazon Machine Image (AMI). Recipes can be saved, shared, and version-controlled outside of the Image Builder UI, allowing for repeatable builds and collaboration. This enables users to maintain version-controlled recipes with their own version control software, making it easy to share and track changes.

Which operating systems does the Image Builder support?

An EC2 Image Builder recipe is a file that captures the configuration and steps needed to build a specific Amazon Machine Image (AMI). Recipes can be saved, shared, and version-controlled outside of the Image Builder UI, allowing for repeatable builds and collaboration. This enables users to maintain version-controlled recipes with their own version control software, making it easy to share and track changes.

  • Amazon Linux 2 and 2023
  • Windows Server 2012R2, 2016, 2019, 2004, 20H2, and 2022
  • Ubuntu 18.04 LTS, 20.04 LTS, and 22.04 LTS
  • Red Hat Enterprise Linux (RHEL) 7 and 8
  • Cent OS 7 and 8
  • SUSE Linux Enterprise Server (SLES) 12 and 15

How can I integrate my existing CI/CD pipeline with Image Builder to produce my images?

EC2 Image Builder can be integrated with AWS CI/CD services like CodeBuild and CodePipeline, enabling the creation of a complete end-to-end CI/CD pipeline that handles AMI building, testing, and deployment.

Main Logo
Rocket