Tech Blog: AMI Pipeline

Example AMI Replacement Pipeline

To demonstrate how to create an automated periodic AMI replacement pipeline, we have created an example implementation. The source code can be found in a private repository within the AirWalk organization on GitHub here.

The entire environment, including an example VPC and EC2 Auto Scaling Group is defined with Terraform.

The pipeline is triggered by a CloudWatch rule scheduled to run daily, which invokes a Lambda function named ami_pipeline_trigger. This Lambda considers an Auto Scaling Group and assesses whether the AMI specified in the associated Launch Configuration is older than n days. If so, it will trigger an SSM automation named ami-pipeline to build a new image.

The SSM automation contains number of steps:

  • start instance with specific AMI ID
  • provision software on the instance using an SSM run command
  • stop instance
  • create image from instance
  • terminate instance
  • invoke a second lambda function named ami_pipeline to handle the roll out of the newly created AMI

The ami_pipeline Lambda is responsible for updating the Launch Template with newly created AMI ID, then it will attempt roll out it across Auto Scaling Group by terminating one instance at a time, which will then be automatically relaunched by the Auto Scaling Group.

Tech Blog Series

Welcome to another AirWalk Tech Blog where we answer questions we are commonly asked by clients.

Everyone is more than aware now of what DevOps is – it’s a method by which software developers and IT operations teams work collaboratively to produce software and infrastructure services, automating processes and improving stability and cadence through faster feedback loops.

There is much focus on the people, culture, practices.

In this series of tech blogs we aim to just help solve small problems which will benefit newly formed DevOps teams.