forked from OctopusDeploy/amazon-eks-custom-amis
-
Notifications
You must be signed in to change notification settings - Fork 0
/
amazon-eks-node-ubuntu2004.json
155 lines (155 loc) · 5.09 KB
/
amazon-eks-node-ubuntu2004.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
{
"variables": {
"aws_region": "",
"ami_description": "EKS Kubernetes Worker AMI on Ubuntu 20.04 (k8s: {{user `eks_version`}})",
"eks_version": "",
"eks_build_date": "",
"cni_plugin_version": "v0.8.6",
"binary_bucket_name": "amazon-eks",
"binary_bucket_region": "us-west-2",
"hardening_flag": "false",
"root_volume_size": "10",
"data_volume_size": "50",
"vpc_id": "",
"subnet_id": "",
"http_proxy": "",
"https_proxy": "",
"no_proxy": "",
"source_ami_owner": "474278901534",
"source_ami_ssh_user": "ubuntu",
"source_ami_arch": "x86_64",
"source_ami_name": "SecOpsUbuntu20.04-*",
"target_ami_name": "eks-node-{{user `eks_version`}}-{{ timestamp }}"
},
"builders": [
{
"type": "amazon-ebs",
"region": "{{user `aws_region`}}",
"source_ami_filter": {
"filters": {
"name": "{{user `source_ami_name`}}",
"virtualization-type": "hvm"
},
"owners": ["{{user `source_ami_owner`}}"],
"most_recent": true
},
"instance_type": "m5.xlarge",
"associate_public_ip_address": true,
"ssh_username": "{{user `source_ami_ssh_user`}}",
"ssh_pty": true,
"subnet_id": "{{user `subnet_id`}}",
"launch_block_device_mappings": [
{
"device_name": "/dev/sda1",
"volume_size": "{{user `root_volume_size`}}",
"volume_type": "gp2",
"delete_on_termination": true
},
{
"device_name": "/dev/sdb",
"volume_size": "{{user `data_volume_size`}}",
"volume_type": "gp2",
"delete_on_termination": true
}
],
"ami_block_device_mappings": [
{
"device_name": "/dev/sdb",
"volume_size": "{{user `data_volume_size`}}",
"volume_type": "gp2",
"delete_on_termination": true
}
],
"tags": {
"Name": "{{user `target_ami_name`}}",
"BuildDate": "{{ isotime }}"
},
"ami_name": "{{user `target_ami_name`}}",
"ami_description": "{{user `ami_description` }}",
"ami_virtualization_type": "hvm",
"run_tags": {
"Name": "packer-{{user `target_ami_name`}}"
}
}
],
"provisioners": [
{
"type": "shell",
"inline": [
"mkdir -p /etc/packer/files",
"chown -R {{user `source_ami_ssh_user`}}:{{user `source_ami_ssh_user`}} /etc/packer/files"
],
"execute_command": "echo 'packer' | {{.Vars}} sudo -S -E bash -eux '{{.Path}}'"
},
{
"type": "file",
"source": "./files/",
"destination": "/tmp"
},
{
"type": "shell",
"inline": ["cp -a /tmp/. /etc/packer/files"],
"execute_command": "echo 'packer' | {{.Vars}} sudo -S -E bash -eux '{{.Path}}'"
},
{
"type": "shell",
"scripts": ["./scripts/ubuntu2004/boilerplate.sh"],
"environment_vars": [
"HTTP_PROXY={{user `http_proxy`}}",
"HTTPS_PROXY={{user `https_proxy`}}",
"NO_PROXY={{user `no_proxy`}}",
"KUBERNETES_VERSION={{user `eks_version`}}",
"KUBERNETES_BUILD_DATE={{user `eks_build_date`}}",
"BINARY_BUCKET_NAME={{user `binary_bucket_name`}}",
"BINARY_BUCKET_REGION={{user `binary_bucket_region`}}",
"CNI_PLUGIN_VERSION={{user `cni_plugin_version`}}",
"HARDENING_FLAG={{user `hardening_flag`}}"
],
"execute_command": "echo 'packer' | {{.Vars}} sudo -S -E bash -eux '{{.Path}}'",
"expect_disconnect": true,
"pause_after": "30s"
},
{
"type": "shell",
"scripts": [
"./scripts/shared/docker.sh",
"./scripts/shared/eks.sh",
"./scripts/shared/cis-docker.sh",
"./scripts/shared/cis-eks.sh"
],
"environment_vars": [
"HTTP_PROXY={{user `http_proxy`}}",
"HTTPS_PROXY={{user `https_proxy`}}",
"NO_PROXY={{user `no_proxy`}}",
"KUBERNETES_VERSION={{user `eks_version`}}",
"KUBERNETES_BUILD_DATE={{user `eks_build_date`}}",
"BINARY_BUCKET_NAME={{user `binary_bucket_name`}}",
"BINARY_BUCKET_REGION={{user `binary_bucket_region`}}",
"CNI_PLUGIN_VERSION={{user `cni_plugin_version`}}",
"HARDENING_FLAG={{user `hardening_flag`}}"
],
"execute_command": "echo 'packer' | {{.Vars}} sudo -S -E bash -eux '{{.Path}}'",
"expect_disconnect": true,
"pause_after": "30s"
},
{
"type": "shell",
"scripts": [
"./scripts/ubuntu2004/hardening.sh",
"./scripts/ubuntu2004/cleanup.sh"
],
"environment_vars": [
"HTTP_PROXY={{user `http_proxy`}}",
"HTTPS_PROXY={{user `https_proxy`}}",
"NO_PROXY={{user `no_proxy`}}",
"KUBERNETES_VERSION={{user `eks_version`}}",
"KUBERNETES_BUILD_DATE={{user `eks_build_date`}}",
"BINARY_BUCKET_NAME={{user `binary_bucket_name`}}",
"BINARY_BUCKET_REGION={{user `binary_bucket_region`}}",
"CNI_PLUGIN_VERSION={{user `cni_plugin_version`}}",
"HARDENING_FLAG={{user `hardening_flag`}}"
],
"execute_command": "echo 'packer' | {{.Vars}} sudo -S -E bash -eux '{{.Path}}'"
}
]
}