forked from SUSE-Enceladus/ec2imgutils
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathec2deprecateimg.1
221 lines (218 loc) · 7.31 KB
/
ec2deprecateimg.1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
.\" Process this file with
.\" groff -man -Tascii ec2deprecateimg.1
.\"
.TH ec2deprecateimg 1
.SH NAME
ec2deprecateimg \- Deprecate images in EC2 by adding tags
.SH SYNOPSIS
.B ec2deprecateimg [option]
.SH DESCRIPTION
.B ec2deprecateimg
Deprecate images in EC2 by adding tags to an image. The EC2 platform does
not support a formal deprecation mechanism. The mechanism implemented by this
tool is a convention. Unfortunately the tags are not sticky, i.e. not visible
to others if the image is shared.
Images are tagged with:
- Deprecated on -> today's date in YYYYMMDD format
- Removal date -> today's date plus the deprecation period specified
- Replacement image -> The AMI ID and name of the replacement image
The image set as the replacement is removed from the list of potential images
to be deprecated before any matching takes place. Therefore, the deprecation
search criteria specified with
.I --image-name-frag
or
.I --image-name-match
cannot match the replacement image.
.SH OPTIONS
.IP "-a --account ACCOUNT_NAME"
Specifies the account to use to connect to EC2. The account is specified
in the config file
.IR ~/.ec2utils.conf.
The account is specified as a section with [account-ACCOUNT_NAME] delimiter.
The options of the sections are:
.IR access_key_id
.IR secret_access_key
.I ssh_key_name
and
.IR ssh_private_key .
This allows the program to connect to EC2.
If the access_key_id and/or secret_access_key are not found in
.IR ~/.ec2utils.conf,
the search will use the ACCOUNT_NAME to look for a matching section
[profile ACCOUNT_NAME] in
.IR ~/.aws/config
or [ACCOUNT_NAME] in
.IR ~/.aws/credentials.
.IP "--access-id AWS_ACCESS_KEY"
Specifies the AWS access key and overrides the value given for the
.I account
with the
.I access_key_id
in the configuration file.
.IP "-d --deprecation-period NUMBER_OF_MONTHS"
Specifies the number of months this image will be considered deprecated. After
the deprecation period expires the image may be removed. The deprecation time
is added to the date on which the program is executed and forms the value for
the
.I Removal date
tag in the format
.I YYYYMMDD.
The default deprecation period is 6 months.
.IP "--force"
Specify that any images that have already been tagged as deprecated should be
tagged again with the new deprecation information. This overwrites the
previous information and the old data is lost.
.IP "-n --dry-run"
The program will not perform any action. It will provide information on
.I stdout
about the actions it would perform.
.IP "-f --file CONFIG_FILE"
Specifies the configuration file to use. The default is
.IR ~/.ec2utils.conf .
.IP "--image-id AMI_ID"
Specify the AMI ID of the image to be marked as deprecated. This option is
mutually exclusive with the
.IR --image-name ,
.IR --image-name-frag ,
and
.IR --image-name-match .
.IP "--image-name IMAGE_NAME"
Specify the name of the image to be deprecated. The program will look for
an exact match of the name. This option is mutually exclusive with
.IR --image-id ,
.IR --image-name-frag ,
and
.IR --image-name-match .
.IP "--image-name-frag IMAGE_NAME_FRAGMENT"
Specify a section of an image name for the image(s) to be deprecated. Every
image that matches the name fragment will be marked as deprecated. This
option is mutually exclusive with
.IR --image-id ,
.IR --image-name-name ,
and
.IR --image-name-match .
.IP "--image-name-match REGEX"
Specify a regular expression to match an image name. Every image matching the
regular expression will be deprecated. This option is mutually
exclusive with
.IR --image-id ,
.IR --image-name-name ,
and
.IR --image-name-frag .
.IP "--image-virt-type hvm|para"
Specify the virtualization type of the image to be deprecated. This option
works in addition to
.IR --image-id ,
.IR --image-name ,
.IR --image-name-frag ,
.IR --image-name-match .
Every specified condition must be satisfied in order to deprecate the image.
.IP "--public-only"
Consider only images that are public as a replacement or for deprecation
purposes.
.IP "--replacement-id AMI_ID"
Specify the AMI ID of the image considered to be the replacement for the
image(s) that are being deprecated. The option is mutually exclusive
with
.IR --replacement-name ,
.IR --replacement-name-frag ,
and
.IR --replacement-name-match .
The AMI ID and the dynamically determined image name are used in
combination to form the value for the
.I Replacement image
tag in the form
.I AMI_ID -- IMAGE_NAME.
One of
.IR --replacement-id ,
.IR --replacement-name ,
.IR --replacement-name-frag ,
or
.IR --replacement-name-match ,
must be specified.
.IP "--replacement-name IMAGE_NAME"
Specify the name of the image considered to be the replacement for the
image(s) that are being deprecated. The option is mutually exclusive
with the
.I --replacement-id
option. The image name and the dynamically determined AMI ID are used in
combination to form the value for the
.I Replacement image
tag in the form
.I AMI_ID -- IMAGE_NAME.
One of
.IR --replacement-id ,
.IR --replacement-name ,
.IR --replacement-name-frag ,
or
.IR --replacement-name-match ,
must be specified.
.IP "--replacement-name-frag IMAGE_NAME_FRAGMENT"
Specify a section of an image name to be considered for the replacement
image. This option is mutually exclusive with
.IR --replacement-id ,
.IR --replacement-name ,
and
.IR --replacement-name-match .
The dynamically determined AMI ID and the dynamically determined
image name are used in combination to form the value for the
.I Replacement image
tag in the form
.I AMI_ID -- IMAGE_NAME.
One of
.IR --replacement-id ,
.IR --replacement-name ,
.IR --replacement-name-frag ,
or
.IR --replacement-name-match ,
must be specified.
.IP "--replacement-name-match REGEX"
Specify a regular expression to match an image name to be considered for
the replacement image. This option is mutually exclusive with
.IR --replacement-id ,
.IR --replacement-name ,
and
.IR --replacement-name-frag .
The dynamically determined AMI ID and the dynamically determined image name
are used in combination to form the value for the
.I Replacement image
tag in the form
.I AMI_ID -- IMAGE_NAME.
One of
.IR --replacement-id ,
.IR --replacement-name ,
.IR --replacement-name-frag ,
or
.IR --replacement-name-match ,
must be specified.
.IP "-r --regions EC2_REGIONS"
A comma separated list of Amazon EC2 regions, or a single region. If no
region argument is specified all EC2 connected regions will be processed.
EC2 disconnected regions have different API keys and thus the specified
.I account
would not work with the disconnected regions. If a disconnected region is to
be processed specify the region explicitly on the command line, and only the
region of interest along with the matching
.IR account .
.IP "-s --secret-key AWS_SECRET_KEY"
Specifies the AWS secret access key and overrides the value given for the
.I account
with the
.I secret_access_key
in the configuration file.
.IP "--verbose"
Print extra output about the operations performed to STDOUT.
.IP "--version"
Print the version of he program
.SH EXAMPLE
ec2deprecateimg --account example --image-name-match v15 --image-virt-type hvm --replacement-name exampleimage_v16
Will mark all images in all connected regions that have the
.I HVM
virtualization type and match the
.I v15
regular expression as deprecated. The replacement image will be set to the
AMI ID found in the region being processed that matches the
.I exampleimage_v16
name exactly.
.SH AUTHOR
Robert Schweikert ([email protected])