Merge branch 'existing-vpc' of https://github.com/aws-samples/sample-e2b-on-aws into existing-vpc

linnjia-aws · linnjia-aws · commit 6ff49069d4c8 · 2026-02-26T10:52:12.000+08:00
diff --git a/infra-iac/packer/main.pkr.hcl b/infra-iac/packer/main.pkr.hcl
@@ -26,18 +26,44 @@ source "amazon-ebs" "orch" {
     owners = ["amazon"] // 或实际拥有此 AMI 的 AWS 账户 ID
     most_recent = true
   }
-  
+
   ssh_username = "ubuntu"
-  
+
   # Enable nested virtualization
   ami_virtualization_type = "hvm"
-  
-  # Use EBS for the root volume
+
+  # Force IMDSv2
+  metadata_options {
+    http_endpoint               = "enabled"
+    http_tokens                 = "required"
+    http_put_response_hop_limit = 1
+  }
+
+  # Tags for the temporary instance and AMI
+  tags = {
+    team        = "GenAI"
+    service     = "GenAI"
+    owner       = "GenAI"
+    cost_center = "GenAI"
+    component   = "GenAI"
+  }
+
+  # Tags for the temporary instance only
+  run_tags = {
+    team        = "GenAI"
+    service     = "GenAI"
+    owner       = "GenAI"
+    cost_center = "GenAI"
+    component   = "GenAI"
+  }
+
+  # Use EBS for the root volume with encryption
   launch_block_device_mappings {
     device_name           = "/dev/sda1"
     volume_size           = 10
     volume_type           = "gp3"
     delete_on_termination = true
+    encrypted             = true
   }
 }
 
diff --git a/infra-iac/terraform/main.tf b/infra-iac/terraform/main.tf
@@ -43,7 +43,6 @@ locals {
   common_tags = {
     Environment = var.environment
     Project     = "E2B"
-    Owner       = "AWS"
     ManagedBy   = "Terraform"
   }
   
@@ -416,6 +415,13 @@ resource "aws_launch_template" "server" {
     name = aws_iam_instance_profile.ec2_instance_profile.name
   }
 
+  metadata_options {
+    http_endpoint               = "enabled"
+    http_tokens                 = "required"
+    http_put_response_hop_limit = 1
+    instance_metadata_tags      = "enabled"
+  }
+
   block_device_mappings {
     device_name = "/dev/sda1"
 
@@ -451,7 +457,12 @@ resource "aws_launch_template" "server" {
       local.common_tags,
       {
         Name        = "server-cluster",
-        ec2-e2b-key = "ec2-e2b-value"
+        ec2-e2b-key = "ec2-e2b-value",
+        team        = "GENAI",
+        service     = "GENAI",
+        owner       = "GENAI",
+        cost_center = "GENAI",
+        component   = "GENAI"
       }
     )
   }
@@ -547,7 +558,7 @@ resource "aws_launch_template" "client" {
 
   metadata_options {
     http_endpoint               = "enabled"
-    http_tokens                 = "optional"
+    http_tokens                 = "required"
     http_put_response_hop_limit = 1
     instance_metadata_tags      = "enabled"
   }
@@ -602,7 +613,12 @@ resource "aws_launch_template" "client" {
       local.common_tags,
       {
         Name        = "client-cluster",
-        ec2-e2b-key = "ec2-e2b-value"
+        ec2-e2b-key = "ec2-e2b-value",
+        team        = "GENAI",
+        service     = "GENAI",
+        owner       = "GENAI",
+        cost_center = "GENAI",
+        component   = "GENAI"
       }
     )
   }
@@ -982,6 +998,13 @@ resource "aws_launch_template" "api" {
     name = aws_iam_instance_profile.ec2_instance_profile.name
   }
 
+  metadata_options {
+    http_endpoint               = "enabled"
+    http_tokens                 = "required"
+    http_put_response_hop_limit = 1
+    instance_metadata_tags      = "enabled"
+  }
+
   block_device_mappings {
     device_name = "/dev/sda1"
 
@@ -1021,7 +1044,12 @@ resource "aws_launch_template" "api" {
       local.common_tags,
       {
         Name        = "api-cluster",
-        ec2-e2b-key = "ec2-e2b-value"
+        ec2-e2b-key = "ec2-e2b-value",
+        team        = "GENAI",
+        service     = "GENAI",
+        owner       = "GENAI",
+        cost_center = "GENAI",
+        component   = "GENAI"
       }
     )
   }
@@ -1130,6 +1158,13 @@ resource "aws_launch_template" "build" {
     name = aws_iam_instance_profile.ec2_instance_profile.name
   }
 
+  metadata_options {
+    http_endpoint               = "enabled"
+    http_tokens                 = "required"
+    http_put_response_hop_limit = 1
+    instance_metadata_tags      = "enabled"
+  }
+
   block_device_mappings {
     device_name = "/dev/sda1"
 
@@ -1169,7 +1204,12 @@ resource "aws_launch_template" "build" {
       local.common_tags,
       {
         Name        = "build-cluster",
-        ec2-e2b-key = "ec2-e2b-value"
+        ec2-e2b-key = "ec2-e2b-value",
+        team        = "GENAI",
+        service     = "GENAI",
+        owner       = "GENAI",
+        cost_center = "GENAI",
+        component   = "GENAI"
       }
     )
   }
diff --git a/packages/create_template.sh b/packages/create_template.sh
@@ -223,11 +223,19 @@ while true; do
 
     if [ "$STATUS" != "building" ]; then
         echo "Build is no longer in 'building' state. Final status: $STATUS"
-        echo "Done!"
         break
     fi
 
     sleep 10
 done
 
-echo "Building completed successfully!"
+# Check final build status
+if [ "$STATUS" = "error" ] || [ "$STATUS" = "failed" ]; then
+    echo "Building failed with status: $STATUS"
+    exit 1
+elif [ "$STATUS" = "ready" ] || [ "$STATUS" = "success" ]; then
+    echo "Building completed successfully!"
+else
+    echo "Building finished with unknown status: $STATUS"
+    exit 1
+fi
diff --git a/packages/upload.sh b/packages/upload.sh
@@ -66,7 +66,7 @@ if [ "$ARCHITECTURE" = "arm64" ]; then
     rm -rf release-${latest_version}-aarch64
 else
     # Download kernel
-	curl -L https://s3.amazonaws.com/spec.ccfc.min/firecracker-ci/$CI_VERSION/x86_64/vmlinux-$KERNEL_VERSION -o ${TEMP_DIR}/kernels/${KERNEL_FOLDER}/vmlinux.bin
+    curl -L https://storage.googleapis.com/e2b-prod-public-builds/kernels/vmlinux-6.1.102/vmlinux.bin -o ${TEMP_DIR}/kernels/${KERNEL_FOLDER}/vmlinux.bin
 	# Download firecracker
 	curl -L ${fc_url}/download/${FC_VERSION}/firecracker-${FC_VERSION}-x86_64.tgz | tar -xz
     mv release-${FC_VERSION}-x86_64/firecracker-${FC_VERSION}-x86_64 \

Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,6 @@ locals {`
`43`	`43`	`common_tags = {`
`44`	`44`	`Environment = var.environment`
`45`	`45`	`Project = "E2B"`
`46`		`- Owner = "AWS"`
`47`	`46`	`ManagedBy = "Terraform"`
`48`	`47`	`}`
`49`	`48`
`@@ -416,6 +415,13 @@ resource "aws_launch_template" "server" {`
`416`	`415`	`name = aws_iam_instance_profile.ec2_instance_profile.name`
`417`	`416`	`}`
`418`	`417`
	`418`	`+ metadata_options {`
	`419`	`+ http_endpoint = "enabled"`
	`420`	`+ http_tokens = "required"`
	`421`	`+ http_put_response_hop_limit = 1`
	`422`	`+ instance_metadata_tags = "enabled"`
	`423`	`+ }`
	`424`	`+`
`419`	`425`	`block_device_mappings {`
`420`	`426`	`device_name = "/dev/sda1"`
`421`	`427`
`@@ -451,7 +457,12 @@ resource "aws_launch_template" "server" {`
`451`	`457`	`local.common_tags,`
`452`	`458`	`{`
`453`	`459`	`Name = "server-cluster",`
`454`		`- ec2-e2b-key = "ec2-e2b-value"`
	`460`	`+ ec2-e2b-key = "ec2-e2b-value",`
	`461`	`+ team = "GENAI",`
	`462`	`+ service = "GENAI",`
	`463`	`+ owner = "GENAI",`
	`464`	`+ cost_center = "GENAI",`
	`465`	`+ component = "GENAI"`
`455`	`466`	`}`
`456`	`467`	`)`
`457`	`468`	`}`
`@@ -547,7 +558,7 @@ resource "aws_launch_template" "client" {`
`547`	`558`
`548`	`559`	`metadata_options {`
`549`	`560`	`http_endpoint = "enabled"`
`550`		`- http_tokens = "optional"`
	`561`	`+ http_tokens = "required"`
`551`	`562`	`http_put_response_hop_limit = 1`
`552`	`563`	`instance_metadata_tags = "enabled"`
`553`	`564`	`}`
`@@ -602,7 +613,12 @@ resource "aws_launch_template" "client" {`
`602`	`613`	`local.common_tags,`
`603`	`614`	`{`
`604`	`615`	`Name = "client-cluster",`
`605`		`- ec2-e2b-key = "ec2-e2b-value"`
	`616`	`+ ec2-e2b-key = "ec2-e2b-value",`
	`617`	`+ team = "GENAI",`
	`618`	`+ service = "GENAI",`
	`619`	`+ owner = "GENAI",`
	`620`	`+ cost_center = "GENAI",`
	`621`	`+ component = "GENAI"`
`606`	`622`	`}`
`607`	`623`	`)`
`608`	`624`	`}`
`@@ -982,6 +998,13 @@ resource "aws_launch_template" "api" {`
`982`	`998`	`name = aws_iam_instance_profile.ec2_instance_profile.name`
`983`	`999`	`}`
`984`	`1000`
	`1001`	`+ metadata_options {`
	`1002`	`+ http_endpoint = "enabled"`
	`1003`	`+ http_tokens = "required"`
	`1004`	`+ http_put_response_hop_limit = 1`
	`1005`	`+ instance_metadata_tags = "enabled"`
	`1006`	`+ }`
	`1007`	`+`
`985`	`1008`	`block_device_mappings {`
`986`	`1009`	`device_name = "/dev/sda1"`
`987`	`1010`
`@@ -1021,7 +1044,12 @@ resource "aws_launch_template" "api" {`
`1021`	`1044`	`local.common_tags,`
`1022`	`1045`	`{`
`1023`	`1046`	`Name = "api-cluster",`
`1024`		`- ec2-e2b-key = "ec2-e2b-value"`
	`1047`	`+ ec2-e2b-key = "ec2-e2b-value",`
	`1048`	`+ team = "GENAI",`
	`1049`	`+ service = "GENAI",`
	`1050`	`+ owner = "GENAI",`
	`1051`	`+ cost_center = "GENAI",`
	`1052`	`+ component = "GENAI"`
`1025`	`1053`	`}`
`1026`	`1054`	`)`
`1027`	`1055`	`}`
`@@ -1130,6 +1158,13 @@ resource "aws_launch_template" "build" {`
`1130`	`1158`	`name = aws_iam_instance_profile.ec2_instance_profile.name`
`1131`	`1159`	`}`
`1132`	`1160`
	`1161`	`+ metadata_options {`
	`1162`	`+ http_endpoint = "enabled"`
	`1163`	`+ http_tokens = "required"`
	`1164`	`+ http_put_response_hop_limit = 1`
	`1165`	`+ instance_metadata_tags = "enabled"`
	`1166`	`+ }`
	`1167`	`+`
`1133`	`1168`	`block_device_mappings {`
`1134`	`1169`	`device_name = "/dev/sda1"`
`1135`	`1170`
`@@ -1169,7 +1204,12 @@ resource "aws_launch_template" "build" {`
`1169`	`1204`	`local.common_tags,`
`1170`	`1205`	`{`
`1171`	`1206`	`Name = "build-cluster",`
`1172`		`- ec2-e2b-key = "ec2-e2b-value"`
	`1207`	`+ ec2-e2b-key = "ec2-e2b-value",`
	`1208`	`+ team = "GENAI",`
	`1209`	`+ service = "GENAI",`
	`1210`	`+ owner = "GENAI",`
	`1211`	`+ cost_center = "GENAI",`
	`1212`	`+ component = "GENAI"`
`1173`	`1213`	`}`
`1174`	`1214`	`)`
`1175`	`1215`	`}`