How can a custom Red Hat Enterprise Linux image be launched on Amazon Web Services EC2 instance?

Learning path | 3 resources | Published on January 15, 2025

Create and deploy a custom Red Hat Enterprise Linux (RHEL) image on AWS EC2 instance using the Red Hat Image Builder. This LE guides you through creating a RHEL image for AWS, exploring optional customizations like security profiles, repositories, and partitioning, and addressing potential connectivity issues. By the end of the exercise, you will have a scalable RHEL AMI tailored to their needs, offering a robust starting point for application development on AWS.

Create RHEL image for AWS EC2

  1. Overview: How can a custom Red Hat Enterprise Linux image be launched on Amazon Web Services EC2 instance?
  2. Prerequisites and step-by-step guide Page
  3. Additional resources Page

Page

Prerequisites and step-by-step guide

January 8, 2025
Nikhil Mungale
Related topics:
Hybrid Cloud
Related products:
Red Hat Enterprise Linux
How can a custom Red Hat Enterprise Linux image be launched on Amazon Web Services EC2 instance?

Prerequisites

  • You should have an AWS account. We would need a 12-digit AWS account ID while creating the AMI image of Red Hat Enterprise Linux.

Step-by-step guide

  1. Log in to the RHEL image creation wizard. This wizard will provide a step-by-step process for creating an AWS EC2-compatible RHEL image. Log in with your existing account or register as a new user and proceed.

  2. As shown in Figure 1 below, select the Amazon Web Services option as we will create an AWS AMI image for EC2 deployment. Click the "Next" button at the bottom of the page. There are multiple options for cloud-enabled RHEL images, however, for this exercise, we will create the AWS AMI image.

    Select the target environment in RHEL image creation wizard.
    Figure 1: Select AWS option.

  3. Before proceeding with AWS option on image builder. Get your 12-digit AWS account id from AWS console. Login to your AWS console and copy "Account ID" as mentioned in below screenshot - 

    Copying Account ID from AWS console.
    Figure 2: Copying Account ID from AWS console.

  4. On the next page, provide your 12-digit AWS account ID, which you can copy from your AWS console login.

    Info alert: Note : Use the "Manually enter an account ID" option as shown in Figure 2 below. This way the process of image creation becomes faster. Click the "Next" button at the bottom of the page.

    Selecting AWS account in RHEL image creation wizard.
    Figure 3: Provide AWS account ID.

  5. For step 3 (on the left side), see "Optional Steps" section. These steps provide customization options such as registering RHEL with updates, adding security profiles, customized partitioning, customer repositories etc to the RHEL image. In the first step, you will get a system-generated activation key to register with Red Hat to enhance security and track spending. 

    Registering system with Red Hat.
    Figure 4: Activation key generated.

  6. In the next step, choose the OpenSCAP profile for your registered RHEL system as shown in Figure 5 below. OpenSCAP enables you to automatically monitor the adherence of your registered RHEL systems to a selected regulatory compliance profile. You can keep "None" if not required. 

    Selecting the OpenSCAP profile in RHEL image creation wizard.
    Figure 5: OpenSCAP profile selection.

  7. Next would be the partitioning option, keep it "Automatic" as shown in Figure 6 below. Create partitions for your image by defining mount points and minimum sizes. Image builder creates partitions with a logical volume (LVM) device type. Click the "Next" button at the bottom of the page. 

    Selecting partition option in RHEL image creation wizard.
    Figure 6: File system configuration.

  8. Next, you will see the "Repository snapshot" option. Select the "Use latest content" option to get the most recent repository when building the RHEL image as shown in Figure 7 below. The option "Use a snapshot" will let you choose a specific date. Image builder will reflect the state of repositories on the specific date selected. You can pickup any past date snapshop of RHEL as well. 

    Selecting repository snapshot option in RHEL image creation wizard.
    Figure 7: Repository snapshot option.

  9. The next option is "Custom repositories". You can choose custom repositories that you want to add packages from. If you don’t need, then you can click the "Next" button at the bottom to proceed without custom repositories. 

    Configuring custom repositories.
    Figure 8: Custom repositories option.

  10. In the next option, you will see the option to add a package option. Skip this option and click the "Next" button at the bottom of the page. 

    Configuring additional packages in RHEL image creation wizard.
    Figure 9: Additional packages option.

  11. Next, you will see "First boot script configuration". This option can create a specific RHEL boot script for executing certain commands. You can add your own script for a boot specific operation. For this exercise, you can skip this option and click "Next" at the bottom of the page. 

    Configure boot script in RHEL image creation wizard.
    Figure 10: Boot script configuration.

  12. As we reach the final step of image creation, provide a name for the image under "Blueprint description" as shown in Figure 11 below. 

    Enter Blueprint name in RHEL image creation wizard.
    Figure 11: Blueprint description.

  13. Before creating the RHEL image for AWS, you can see all the configurations in the final step "Review" as shown in Figure 11 below. You can change any configuration, by returning to that step directly and making edits. Once all the configurations are as per your requirements, click the "Create Blueprint" option and the image creation will begin.

    Review configuration options before creating the image blueprint.
    Figure 12: Create a blueprint option and review all previous steps.

  14. Once you click on the "Create blueprint" you will be redirected to the dashboard. You will see two options there. The "Blueprint" is your golden image or base image. This blueprint will be available forever. You can add/remove/modify this blueprint based on your requirements. The "image" is a version of a blueprint that you can create for a specific requirement. The image will expire in two weeks. For this exercise, let's build an image specifically for AWS deployment. 

    Dashboard showing newly created blueprint.
    Figure 13: Options for blueprint creation and image build.

  15. Click on the "Build images". You can now see the AWS-specific image creation is in progress as shown in Figure 14 below. It will take some time to create an AWS AMI image. 

    Build image progress in dashboard.
    Figure 14: Image creation in progress.

  16. Once the image is created, you can see the Status as "Ready" and the "Launch" button enabled under the "Instance" column as shown in Figure 15 below.

    Info alert: Note : It will take around 20mins to get the image ready to launch.

    Build image ready to launch in dashboard.
    Figure 15: AWS AMI image ready to deploy on AWS.

  17. Once you click the "Launch" button, you will see a pop-up window for launching the AWS console and the AWS region based on location. Click on "Launch with AWS console" and then you will be redirected to the AWS console.

    Launching AWS Console from dashboard.
    Figure 16: AWS login link.

  18. Once you click "Launch with AWS console", you will see the AWS console login screen as shown in Figure 17 below. Enter your AWS console credentials to login and set up the EC2 instance. 

    Login to the AWS console.
    Figure 17: AWS login page.
    Configuring EC2 instance in the AWS console.
    Figure 18: EC2 instance configuration window.

  19. In the AWS instance configuration, you can choose the EC2 parameters. Generally, by default, you will get a micro instance. If you want to test your instance, this is sufficient to test the RHEL 9 image on EC2. Keep default settings unless you are an expert in Amazon Web Services.

    Info alert: Note: To connect from your laptop, configure key-pair during instance setup.

    Configuring key pair for EC2 instance.
    Figure 19: Create a new key pair for EC2 instance.
    Generating a new key pair for EC2 instance.
    Figure 20: Give the key pair a name and select the .pem option.

  20. Once key-pair is added, we need to allow access to EC2 instance via your local laptop over SSH. To achieve this, go to the "Network Settings" section of the Launch instance page that is currently open. For "Allow SSH traffic from" poing, select "My IP" configuration. This will allow you to connect to EC2 from your local network.

    Configuring "my ip" to allow access to EC2
    Figure 21. Configuring "my ip" to allow access to EC2.

  21. Once you click "Launch Instance", you will see the instance ready to connect with. Then go to the instance dashboard and you can see "Running". At the same time, the .pem file will get downloaded locally. This .pem file is required when you connect to an instance from a local SSH client. 

    EC2 console showing status of running instance.
    Figure 22: AWS dashboard showing EC2 instance running.

  22. Now let's connect to the instance. Select the instance checkbox and see the "Connect" option enabled on the dashboard. 

    Using the “Connect” option to connect to the EC2 instance from local computer.
    Figure 23: Connect with AWS EC2 instance from local computer.

  23. Once you click "Connect to instance", you will see various options to connect to your RHEL 9 instance. Choose the appropriate options and follow the instructions on the screen to connect.

    EC2 connection options in AWS console.
    Figure 24: Options to connect EC2 instance.

  24. In this exercise, we connected to the RHEL instance using a local SSH client. For this switch to the "SSH client" tab. To execute the SSH command, go to the folder where the .pem file is downloaded and follow the instructions in the "SSH client" tab.

    Info alert: Note: Replace "root" with "ec2-user" in SSH command.

    Connecting to the EC2 instance using SSH from the terminal.
    Figure 25: Connection to RHEL instance via SSH Client.

    Info alert: Note: If the connection fails, refer to the "Workaround.. "section.

Workaround if you face issues while connecting to the RHEL image

  1. You may face a connection issue while connecting to the RHEL instance. If the error shows "Failed to connect", follow the below steps to rectify and then try again from step 22 onwards.

    1. Select the "Security" tab on the EC2 instance dashboard.

      Configuring security groups in EC2 console.
      Figure 26: Security configurations on the EC2 instance dashboard.

    2. Open "Inbound rules" configurations. Click "launch-wizard" under Security groups.

      Configuring inbound rules for SSH access to the EC2 instance.
      Figure 27: Inbound rules.

    3. Click "Edit inbound rules"

      Adding new rule to allow SSH access to the EC2 instance.
      Figure 28: Edit inbound rules to add new rule.

    4. Click "Add rule". In the configuration window, select configurations as mentioned in the screen grab below. Source = My IP. Default IP subnet range will be shown. Keep it as is. Then click on "Save rules" 

      Selecting “Add rule” to add a new rule to the security group.
      Figure 29: Add new rule.
      Allowing SSH connections from public IP of local computer to the EC2 instance.
      Figure 30: Select a specific type, and source and save the rule.

    5. Once the rule is saved, return to the instance dashboard. You can see the new Inbound rules. 

      List of rules displaying the newly added rule in the security group.
      Figure 31: New inbound rule visible on EC2 instance dashboard.
    6. Connect to the RHEL instance from your terminal as per step 22 above.

How to access the custom RHEL AMI using AWS AMI ID in the AWS Console?

Images created using Red Hat Image Builder are published as community AMIs and shared with the specified AWS account and region during blueprint creation. These images can be used to launch instances by referencing the AMI ID, either directly through the AWS Management Console or as part of your existing CI/CD pipelines.

In the next section, we will demonstrate how to create an EC2 instance using the AWS Management Console.

  1. Navigate to the Red Hat Image Builder console.
  2. Find the image you want to use and confirm its "Ready" status.
  3. Open the details section for the selected image.

  4. Look for the AMI ID in the details section. 

    Red Hat Console displaying the AWS AMI ID of the new image.
    Figure 32: Listing the AWS AMI ID in the Red Hat Image Builder.
  5. Log in to the AWS Management Console and go to the EC2 dashboard.
  6. Choose "Launch instance" to start creating a new EC2 instance.

  7. In the "Application and OS Images" section, select "Browse more AMIs" to proceed, as shown below. 

    AWS Console with option to browse community AMIs.
    Figure 33: Selecting the new AMI from AWS image catalog.
  8. Enter the AMI ID in the search box.

  9. After the search completes, the corresponding AMI will appear in the search results, as illustrated below.

    Info alert: Note: If the image does not appear in the search results, switch to the "Community AMIs" tab. Ensure that you are using the same AWS account and region specified during the blueprint creation process.

  10. Click "Select" to choose the AMI, then proceed with the EC2 launch wizard to complete the process of creating a new instance. 

    Searching AWS image catalog using AMI ID in the AWS Console.
    Figure 34: Finding the newly built image in the AWS image catalog using AMI ID.

Summary

To summarise our learning now, you learned how to create the RHEL image using Red Hat image builder and launch on the AWS EC2 instance. You can customize your RHEL image according to your requirements and can have multiple images based on the original RHEL blueprint. This gives you a starting point for setting up the RHEL and developing applications on that EC2 instance.

You can scale the instance as and when your workload increases.

Previous resource
Overview: How can a custom Red Hat Enterprise Linux image be launched on Amazon Web Services EC2 instance?
Next resource
Additional resources