-
Notifications
You must be signed in to change notification settings - Fork 21
/
packer.json.tmpl
277 lines (277 loc) · 10.2 KB
/
packer.json.tmpl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
{
"variables": {
"ami_groups": "",
"ami_regions": "us-west-2",
"ami_users": "",
"ansible_extra_vars": "",
"aws_access_key": "",
"aws_profile": "",
"aws_region": "us-west-2",
"aws_secret_key": "",
"aws_instance_type": "t3.small",
"build_name": "",
"build_name_extra": "",
"build_timestamp": "{{timestamp}}",
"distribution": "",
"distribution_version": "",
"encrypted": "false",
"existing_ansible_ssh_args": "{{env `ANSIBLE_SSH_ARGS`}}",
"extra_vars_file": "",
"gpu": "false",
"gpu_nvidia_version": "",
"gpu_types": "",
"iam_instance_profile": "",
"konvoy_image_builder_version": "0.0.1",
"kms_key_id": "",
"kubernetes_full_version": "",
"manifest_output": "manifest.json",
"python_path": "",
"remote_folder": "/tmp",
"security_group_id": "",
"ssh_bastion_host": "{{ user `ssh_bastion_host`}}",
"ssh_bastion_username": "{{ user `ssh_bastion_username`}}",
"ssh_bastion_password": "{{ user `ssh_bastion_password`}}",
"ssh_bastion_private_key_file": "{{ user `ssh_bastion_private_key_file` }}",
"skip_profile_validation": "false",
"snapshot_groups": "all",
"snapshot_users": "",
"subnet_id": "",
"vpc_id": "",
"volume_size": "20"
},
"builders": [
{
"name": "{{(user `distribution`) | lower}}-{{user `distribution_version`}}{{user `build_name_extra`}}",
"type": "amazon-ebs",
"instance_type": "{{user `aws_instance_type`}}",
((- if .SourceAMIDefined ))
"source_ami": "{{user `source_ami`}}",
((- else ))
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "{{user `ami_filter_name`}}",
"root-device-type": "ebs",
"architecture": "x86_64"
},
"owners": "{{user `ami_filter_owners`}}",
"most_recent": true
},
((- end ))
((- if .DryRun ))
"skip_create_ami": true,
((- end ))
"ami_name": "konvoy-ami-{{user `build_name`}}-{{user `kubernetes_full_version` | clean_resource_name}}-{{user `build_timestamp`}}",
"snapshot_tags": {
"ami_name": "konvoy-ami-{{user `build_name`}}-{{user `kubernetes_full_version` | clean_resource_name}}-{{user `build_timestamp`}}"
},
"ami_groups": "{{user `ami_groups`}}",
"ami_users": "{{user `ami_users`}}",
"ami_description": "Konvoy base for Kubernetes {{user `kubernetes_full_version`}} on {{user `distribution`}}-{{user `distribution_version`}}",
"snapshot_groups": "{{user `snapshot_groups`}}",
"snapshot_users": "{{user `snapshot_users`}}",
"encrypt_boot": "{{user `encrypted`}}",
"kms_key_id": "{{user `kms_key_id`}}",
"ami_product_codes": "",
"ami_regions": "{{user `ami_regions`}}",
"access_key": "{{user `aws_access_key`}}",
"profile": "{{ user `aws_profile`}}",
"region": "{{ user `aws_region` }}",
"secret_key": "{{user `aws_secret_key`}}",
"iam_instance_profile": "{{user `iam_instance_profile`}}",
"skip_profile_validation": "{{user `skip_profile_validation`}}",
"ssh_username": "{{user `ssh_username`}}",
"ssh_key_exchange_algorithms": [
"curve25519-sha256@libssh.org",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group14-sha1",
"diffie-hellman-group1-sha1"
],
"vpc_id": "{{ user `vpc_id` }}",
"ssh_bastion_host": "{{ user `ssh_bastion_host` }}",
"ssh_bastion_username": "{{ user `ssh_bastion_username` }}",
"ssh_bastion_password": "{{ user `ssh_bastion_password` }}",
"ssh_bastion_private_key_file": "{{ user `ssh_bastion_private_key_file` }}",
"subnet_id": "{{ user `subnet_id` }}",
"security_group_id": "{{ user `security_group_id` }}",
"tags": {
"build_date": "{{isotime}}",
"build_timestamp": "{{user `build_timestamp`}}",
"containerd_version": "{{user `containerd_version`}}",
"distribution": "{{user `distribution`}}",
"distribution_version": "{{user `distribution_version`}}",
"gpu": "{{user `gpu`}}",
"gpu_nvidia_version": "{{user `gpu_nvidia_version`}}",
"gpu_types": "{{user `gpu_types`}}",
"image_builder_version": "{{user `konvoy_image_builder_version`}}",
"kubernetes_cni_version": "{{user `kubernetes_cni_version`}}",
"kubernetes_version": "{{user `kubernetes_full_version` | clean_resource_name}}",
"source_ami": "{{.SourceAMI}}"
},
"launch_block_device_mappings": [
{
"device_name": "{{ user `root_device_name` }}",
"volume_size": "{{ user `volume_size` }}",
"volume_type": "gp3",
"delete_on_termination": true
}
]
}
],
"provisioners": [
{
"type": "shell",
"remote_folder":"{{user `remote_folder`}}",
"environment_vars": [
"HTTP_PROXY={{user `http_proxy`}}",
"http_proxy={{user `http_proxy`}}",
"HTTPS_PROXY={{user `https_proxy`}}",
"https_proxy={{user `https_proxy`}}",
"NO_PROXY={{user `no_proxy`}}",
"no_proxy={{user `no_proxy`}}",
"BUILD_NAME={{user `build_name`}}"
],
"inline": [
"if [ $BUILD_NAME != \"ubuntu-1804\" ]; then exit 0; fi",
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
"sudo apt-get -qq update && sudo DEBIAN_FRONTEND=noninteractive apt-get -qqy install python python-pip"
]
},
{
"type": "shell",
"remote_folder":"{{user `remote_folder`}}",
"environment_vars": [
"HTTP_PROXY={{user `http_proxy`}}",
"http_proxy={{user `http_proxy`}}",
"HTTPS_PROXY={{user `https_proxy`}}",
"https_proxy={{user `https_proxy`}}",
"NO_PROXY={{user `no_proxy`}}",
"no_proxy={{user `no_proxy`}}",
"BUILD_NAME={{user `build_name`}}"
],
"script": "./packer/files/no-update-flatcar.sh",
"execute_command": "BUILD_NAME={{user `build_name`}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi"
},
{
"type": "shell",
"remote_folder":"{{user `remote_folder`}}",
"environment_vars": [
"HTTP_PROXY={{user `http_proxy`}}",
"http_proxy={{user `http_proxy`}}",
"HTTPS_PROXY={{user `https_proxy`}}",
"https_proxy={{user `https_proxy`}}",
"NO_PROXY={{user `no_proxy`}}",
"no_proxy={{user `no_proxy`}}",
"BUILD_NAME={{user `build_name`}}"
],
"script": "./packer/files/no-update-flatcar.sh",
"execute_command": "BUILD_NAME={{ user `build_name`}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi"
},
{
"type": "shell",
"remote_folder":"{{user `remote_folder`}}",
"environment_vars": [
"BUILD_NAME={{ user `build_name`}}"
],
"script": "./packer/files/no-update-flatcar.sh",
"execute_command": "BUILD_NAME={{build_name}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi"
},
{
"type": "shell",
"remote_folder":"{{user `remote_folder`}}",
"environment_vars": [
"BUILD_NAME={{build_name}}"
],
"script": "./packer/files/no-update-flatcar.sh",
"execute_command": "BUILD_NAME={{build_name}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi"
},
{
"type": "shell",
"remote_folder":"{{user `remote_folder`}}",
"environment_vars": [
"BUILD_NAME={{build_name}}"
],
"script": "./packer/files/bootstrap-flatcar.sh",
"execute_command": "BUILD_NAME={{ user `build_name`}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi"
},
{
"type": "ansible",
"playbook_file": "./ansible/provision.yaml",
"user": "{{user `ssh_username`}}",
"ansible_env_vars": [
"ANSIBLE_SSH_ARGS='{{user `existing_ansible_ssh_args`}} -o IdentitiesOnly=yes -o HostkeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa'",
"ANSIBLE_REMOTE_TEMP='{{user `remote_folder` }}/.ansible/'"
],
"extra_arguments": [
"--extra-vars",
"{{ user `ansible_extra_vars` }}"
]
},
{
"type": "shell",
"remote_folder":"{{user `remote_folder`}}",
"inline": [
"mkdir -p {{user `remote_folder` }}/.goss-dir"
]
},
{
"type": "file",
"source": "/usr/local/bin/goss",
"destination": "{{user `remote_folder` }}/.goss-dir/goss",
"direction": "upload",
"max_retries": 10
},
{
"arch": "{{user `goss_arch`}}",
"format": "{{user `goss_format`}}",
"format_options": "{{user `goss_format_options`}}",
"goss_file": "{{user `goss_entry_file`}}",
"inspect": "{{user `goss_inspect_mode`}}",
"skip_install": true,
"download_path": "{{user `remote_folder` }}/.goss-dir/goss",
"type": "goss",
"tests": [
"{{user `goss_tests_dir`}}"
],
"url": "{{user `goss_url`}}",
"use_sudo": true,
"vars_file": "{{user `goss_vars_file`}}",
"vars_inline": {
"ARCH": "amd64",
"OS": "{{user `distribution` | lower}}",
"PROVIDER": "amazon"
},
"vars_env": {
"HTTP_PROXY": "{{user `http_proxy`}}",
"http_proxy": "{{user `http_proxy`}}",
"HTTPS_PROXY": "{{user `https_proxy`}}",
"https_proxy": "{{user `https_proxy`}}",
"NO_PROXY": "{{user `no_proxy`}}",
"no_proxy": "{{user `no_proxy`}}"
},
"version": "{{user `goss_version`}}"
},
{
"type": "shell",
"remote_folder":"{{user `remote_folder`}}",
"inline": [
"rm -r {{user `remote_folder` }}/.goss-dir"
]
}
],
"post-processors": [
{
"type": "manifest",
"output": "{{user `manifest_output`}}",
"custom_data": {
"containerd_version": "{{user `containerd_version`}}",
"kubernetes_cni_version": "{{user `kubernetes_cni_semver`}}",
"kubernetes_version": "{{user `kubernetes_full_version`}}",
"distribution": "{{user `distribution`}}",
"distribution_version": "{{user `distribution_version`}}"
}
}
]
}