Template name
ACS-ECS-RepairImage - Repairs an image
Template description
Repairs an image offline based on the image check results. For more information about image check, visit https://www.alibabacloud.com/help/en/ecs/user-guide/overview-18. During the repair process, an Elastic Compute Service (ECS) instance is created based on an Alibaba Cloud Linux image. A snapshot is created for the image to be repaired. A disk is created from the snapshot and attached to the ECS instance. The data disk is repaired offline, and then a new image is created using the repaired data disk. If the image to be repaired is a public image such as Ubuntu 22.04 64-bit, the image generated using the repaired data disk is a custom image such as ubuntu_64-bit.
Template type
Automated
Owner
Alibaba Cloud
Input parameters
Parameter | Description | Type | Required | Default value | Limit |
zoneId | vSwitch Zone | String | Yes | ||
repairImageId | The ID of the image to be repaired. | String | Yes | ||
baseImageId | Base image | String | Yes | ||
instanceType | The instance type of the ECS instance. | String | Yes | ||
securityGroupId | The security group ID. | String | Yes | ||
vSwitchId | vSwitch | String | Yes | ||
regionId | The region ID. | String | No | {{ ACS::RegionId }} | |
systemDiskCategory | The category of the system disk. | String | No | cloud_essd | |
repairItems | The items to be repaired. | List | No | ['assist', 'cloudinit', 'virtio', 'nvme', 'fstab', 'grub', 'dhcp', 'growpart'] |
Output parameters
Parameter | Description | Type |
imageId | String |
Permission policy that is required to execute the template
{
"Version": "1",
"Statement": [
{
"Action": [
"ecs:CreateImage",
"ecs:CreateSnapshot",
"ecs:DeleteInstance",
"ecs:DeleteSnapshot",
"ecs:DescribeDisks",
"ecs:DescribeImages",
"ecs:DescribeInstances",
"ecs:DescribeInvocationResults",
"ecs:DescribeInvocations",
"ecs:DescribeSnapshots",
"ecs:InvokeCommand",
"ecs:RebootInstance",
"ecs:RunCommand",
"ecs:RunInstances"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
Details
For more information, see ACS-ECS-RepairImage.yml at GitHub.
Template content
FormatVersion: OOS-2019-06-01
Description:
zh-cn: This template repairs an image offline based on image check results. For more information about image checks, see https://www.alibabacloud.com/help/zh/ecs/user-guide/overview-18. The repair process first creates a repair instance from an Alibaba Cloud Linux image. It then creates a disk from a snapshot of your image and attaches the disk to the repair instance. After the data disk is repaired offline, a new image is created from the repaired data disk. Limitation: If the source image is a public image, such as Ubuntu 22.04 64-bit, the repaired image is a custom image, such as ubuntu_64-bit.
en: This template repairs an image offline based on image check results. For more information about image checks, see https://www.alibabacloud.com/help/en/ecs/user-guide/overview-18. The repair process creates a repair instance from an Alibaba Cloud Linux image. It then creates a disk from a snapshot of your image and attaches it to the repair instance. After the data disk is repaired offline, a new image is created from the repaired data disk.
name-en: ACS-ECS-RepairImage
name-zh-cn: Repair Image
categories:
- image_manage
Parameters:
regionId:
Type: String
Label:
en: Region ID
zh-cn: Region ID
AssociationProperty: RegionId
Default: '{{ ACS::RegionId }}'
zoneId:
Type: String
Label:
en: vSwitch Zone
zh-cn: vSwitch Zone
AssociationProperty: ALIYUN::ECS::ZoneId
AssociationPropertyMetadata:
RegionId: regionId
repairImageId:
Type: String
Label:
en: ID of Image to Repair
zh-cn: ID of Image to Repair
AssociationProperty: ALIYUN::ECS::Image::ImageId
AssociationPropertyMetadata:
RegionId: regionId
SupportedImageOwnerAlias:
- self
OSType: linux
baseImageId:
Type: String
Label:
en: Base Image
zh-cn: Base Image
Description:
en: '<font color=''red''>The base image is used to create the repair instance. Select a base image that has the same architecture as the target image. For example, if the custom image to repair is an x86_64 image, select an aliyun_3_x64 image.</font>'
zh-cn: <font color='red'>The base image is used to create the repair instance. Select a base image that has the same architecture as the target image. For example, if the custom image to repair is an x86_64 image, select an aliyun_3_x64 image.</font>
AllowedValues:
- aliyun_3_x64_20G_alibase_20250629.vhd
- aliyun_3_arm64_20G_alibase_20250629.vhd
instanceType:
Label:
en: Instance Type
zh-cn: Instance Type
Type: String
AssociationProperty: ALIYUN::ECS::Instance::InstanceType
AssociationPropertyMetadata:
RegionId: regionId
ZoneId: zoneId
securityGroupId:
Label:
en: Security Group ID
zh-cn: Security Group ID
Type: String
AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
AssociationPropertyMetadata:
RegionId: regionId
vSwitchId:
Label:
en: vSwitch ID
zh-cn: vSwitch ID
Type: String
AssociationProperty: ALIYUN::VPC::VSwitch::VSwitchId
AssociationPropertyMetadata:
RegionId: regionId
ZoneId: zoneId
Filters:
- SecurityGroupId: securityGroupId
systemDiskCategory:
Label:
en: System Disk Category
zh-cn: System Disk Category
Type: String
AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory
AssociationPropertyMetadata:
RegionId: regionId
InstanceType: instanceType
Default: cloud_essd
repairItems:
Label:
en: Items to Repair
zh-cn: Items to Repair
Type: List
AllowedValues:
- all
- assist
- aegis
- growpart
- virtio
- selinux
- dhcp
- grub
- fstab
- nvme
- cloudinit
Default:
- assist
- cloudinit
- virtio
- nvme
- fstab
- grub
- dhcp
- growpart
Tasks:
- Name: checkImage
Action: ACS::CheckFor
Description:
en: Checks if the image can be repaired.
zh-cn: Checks if the image can be repaired.
Properties:
Service: ECS
API: DescribeImages
PropertySelector: Images.Image[0].DetectionOptions.Items.Item[]? | select(.Name == "SystemImage") | .Value
DesiredValues: []
Parameters:
RegionId: '{{ regionId }}'
ImageId: '{{ repairImageId }}'
NotDesiredValues:
- Invalid
Outputs:
architecture:
Type: String
ValueSelector: Images.Image[0].Architecture
snapshotId:
Type: String
ValueSelector: Images.Image[0].DiskDeviceMappings.DiskDeviceMapping[0].SnapshotId
imageName:
Type: String
ValueSelector: Images.Image[0].ImageName
osType:
Type: String
ValueSelector: Images.Image[0].OSType
platform:
Type: String
ValueSelector: Images.Image[0].Platform
bootMode:
Type: String
ValueSelector: Images.Image[0].BootMode
- Name: checkImageArchitecture
Action: ACS::Choice
Description:
en: Checks if the image architecture is x86_64 or arm64.
zh-cn: Checks if the image architecture is x86_64 or arm64.
Properties:
DefaultTask: ACS::END
Choices:
- When:
Fn::Or:
- Fn::Equals:
- x86_64
- '{{checkImage.architecture}}'
- Fn::Equals:
- arm64
- '{{checkImage.architecture}}'
NextTask: runInstances
- Name: runInstances
Action: ACS::ExecuteAPI
Description:
en: Creates an ECS instance.
zh-cn: Creates an ECS instance.
Properties:
Service: ECS
API: RunInstances
Parameters:
RegionId: '{{ regionId }}'
Amount: 1
ImageId: '{{ baseImageId }}'
InstanceType: '{{ instanceType }}'
InstanceName: image_repair_please_no_delete
SecurityGroupId: '{{ securityGroupId }}'
VSwitchId: '{{ vSwitchId }}'
InternetMaxBandwidthIn: 200
InternetMaxBandwidthOut: 0
SystemDiskCategory: '{{ systemDiskCategory }}'
DataDisk:
- SnapshotId: '{{ checkImage.snapshotId }}'
DiskName: image_repair_{{ checkImage.snapshotId }}
Category: '{{ systemDiskCategory }}'
InstanceChargeType: PostPaid
Outputs:
instanceId:
Type: String
ValueSelector: InstanceIdSets.InstanceIdSet[0]
- Name: untilInstanceReady
Action: ACS::WaitFor
Description:
en: Waits for the instance to enter the Running state.
zh-cn: Waits for the instance to enter the Running state.
Properties:
Service: ECS
API: DescribeInstances
PropertySelector: Instances.Instance[0].Status
DesiredValues:
- Running
NotDesiredValues: []
StopRetryValues: []
Parameters:
RegionId: '{{ regionId }}'
InstanceIds:
- '{{ runInstances.instanceId }}'
Retries: 10
DelayType: Exponential
Delay: 2
BackOff: 2
- Name: checkForCreatedDiskReady
Action: ACS::CheckFor
Description:
en: Checks if the disk is in the In_use state.
zh-cn: Checks if the disk is in the In_use state.
OnError: stopInstances
Properties:
Service: ECS
API: DescribeDisks
Parameters:
RegionId: '{{ regionId }}'
InstanceId: '{{ runInstances.instanceId }}'
DesiredValues:
- In_use
PropertySelector: Disks.Disk[0].Status
Outputs:
diskSN:
Type: String
ValueSelector: Disks.Disk[0].SerialNumber
diskId:
Type: String
ValueSelector: Disks.Disk[0].DiskId
- Name: runCommandOpenselinux
Action: ACS::ECS::RunCommand
Description:
en: Runs a command on the instance.
zh-cn: Runs a command on the instance.
OnError: stopInstances
Properties:
regionId: '{{ regionId }}'
commandContent: sed -i s/^SELINUX=.*/SELINUX=permissive/g /etc/selinux/config
commandType: RunShellScript
instanceId: '{{ runInstances.instanceId }}'
Outputs:
invocationOutput:
Type: String
ValueSelector: invocationOutput
- Name: rebootInstance
Action: ACS::ECS::RebootInstance
Description:
en: Reboots the instance.
zh-cn: Reboots the instance.
OnError: stopInstances
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ runInstances.instanceId }}'
- Name: runCommand
Action: ACS::ECS::InvokeCommand
Description:
en: Runs a command on the instance.
zh-cn: Runs a command on the instance.
OnError: stopInstances
Properties:
regionId: '{{ regionId }}'
commandId: ACS-ECS-ImageRepair-for-linux.sh
parameters:
Fn::Join:
- ''
- - '{"repairitems":'
- '"'
- Fn::Join:
- ' '
- '{{repairItems}}'
- '"'
- ',"disk_serial":"'
- '{{checkForCreatedDiskReady.diskSN}}'
- '"}'
instanceId: '{{ runInstances.instanceId }}'
Outputs:
invocationOutput:
Type: String
ValueSelector: invocationOutput
- Name: waitDiskFlush
Action: ACS::Sleep
Description:
en: Waits for I/O operations to be written to the disk.
zh-cn: Waits for I/O operations to be written to the disk.
Properties:
Duration: 1M
- Name: createSnapshot
Action: ACS::ECS::CreateSnapshot
Description:
en: Creates a snapshot for the disk.
zh-cn: Creates a snapshot for the disk.
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
snapshotName: image_repair_{{ checkForCreatedDiskReady.diskId }}
diskId: '{{ checkForCreatedDiskReady.diskId }}'
retentionDays: 1
Outputs:
snapshotId:
Type: String
ValueSelector: snapshotId
- Name: createImage
Action: ACS::ExecuteAPI
Description:
en: Creates an image from the snapshot.
zh-cn: Creates an image from the snapshot.
OnError: deleteSnapshot
OnSuccess: deleteInstance
Properties:
Service: ECS
API: CreateImage
Parameters:
RegionId: '{{ regionId }}'
SnapshotId: '{{ createSnapshot.snapshotId }}'
ImageName:
Fn::Join:
- _
- - repaired
- '{{ checkImage.imageName }}'
- Fn::FormatUTCTime:
- '{{ACS::CurrentUTCTime}}'
- '%Y%m%d%H%M%S'
DetectionStrategy: Standard
Platform:
Fn::Select:
- '{{ checkImage.platform }}'
- Aliyun: Aliyun
Anolis: Anolis
CentOS: CentOS
Ubuntu: Ubuntu
SUSE: SUSE
Debian: Debian
OpenSUSE: OpenSUSE
Red Hat: RedHat
Kylin: Kylin
UOS: UOS
Fedora: Fedora
CentOS Stream: CentOS Stream
AlmaLinux: AlmaLinux
Rocky Linux: Rocky Linux
Customized Linux: Customized Linux
Others Linux: Others Linux
BootMode: '{{ checkImage.bootMode }}'
Architecture: '{{ checkImage.architecture }}'
Outputs:
imageId:
Type: String
ValueSelector: ImageId
- Name: deleteSnapshot
Action: ACS::ExecuteAPI
Description:
en: Releases the snapshot.
zh-cn: Releases the snapshot.
OnError: deleteInstance
Properties:
Service: ECS
API: DeleteSnapshot
Parameters:
RegionId: '{{ regionId }}'
SnapshotId: '{{ createSnapshot.snapshotId }}'
Force: true
- Name: stopInstances
Action: ACS::Sleep
Description:
en: Waits for the instance protection to expire.
zh-cn: Waits for the instance protection to expire.
Properties:
Duration: 1M
- Name: deleteInstance
Action: ACS::ExecuteAPI
Description:
en: Releases the ECS instance.
zh-cn: Releases the ECS instance.
Properties:
Service: ECS
API: DeleteInstance
Parameters:
RegionId: '{{ regionId }}'
InstanceId: '{{ runInstances.instanceId }}'
Force: true
Outputs:
imageId:
Type: String
Value: '{{ createImage.imageId }}'
Metadata:
ALIYUN::OOS::Interface:
ParameterGroups:
- Parameters:
- regionId
- repairImageId
- baseImageId
Label:
default:
zh-cn: Select Image
en: Select Image
- Parameters:
- zoneId
- instanceType
- securityGroupId
- vSwitchId
- systemDiskCategory
Label:
default:
zh-cn: Instance Configurations
en: Instance Configurations
- Parameters:
- repairItems
Label:
default:
zh-cn: Run Command
en: Run Command