PACKER - Poc 2022 ================= .. contents:: Table of Contents :depth: 3 :local: .. image:: data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAATYAAACjCAMAAAA3vsLfAAAA+VBMVEUAAAD///8CqO8VFRUNDQ0SEhIICAjt7e0FBQUCr/kBLD4ABggPDw9ISEgfHx/W1tbd3d0CoOO6urrKysqpqan29vazs7PAwMBllqHr6+utra1hlaKTk5NdXV2fn59qampYkKKJiYlUVFR3d3c7XGUNFBYoPEFdipQbKSw0NDRjY2PX19eCgoI4ODg6XGUqRk9OjaRGbHZRfYlTh5cfMzlBcoMYIyUwUFoqKioBdqgBjMgBYYoBSWhNgZMiQU0vWmtNcno7ZnVbhItJanApSVU9V1wBOFAAGyYBPFYBVXkBf7QBltUAIC4BcaA/epE1Y3YiMTNxmZxXdXbTOUk6AAAKNElEQVR4nO1diVYaSRStVmRRWZR932TRgCAIGCe4RTMzcYYk8/8fM/Vqaaq7iwKMCS7vniNeql5VNfe87le3MDOEIBAIBAKBQCAQCAQCgUAgEAgEAoFAIBAIBAKBQCAQCAQCgUAgEAgEAoFAIBAIBAKBQCAQCAQCgVgbkW1C/BG/0nIchFdfhEDHZi7q5SMZI6RsnSgt0SS8Vq3ji6xlWdUNXdcLRyBKyAnItsPe0vSKZxkJk7R10j3p0sTb6AW+TATihNSsWoEmVoEKZVkknqRZ1q1b23GWdkXaFieJZCyRSCYt63jTF/wyELAAJzt+qhmxEjTd4lahblVt2bJZUreKJSt+nLCKxCpt+oJ/MT5+WSksECvXS1YxkjuMWSRqZQtwk0asji0bTccLi4YQkqA/VNi3jcvQ1z9XCINnW9GqxZOdKFVlO2dF4gGqE5PNYgFO2XK/+LI3jcutrdDH5WHJD1ASqGyFAH2s5eLwbKM60Zv0omoFPgTKKYvmYSTBZEun33xlpbJthbb+WBZW6BDSTXQjh6l6iRQOD+ukUyDbiVo4ESHl1GEiTKrpVJiUEyBbIl34HZe+SYBsVLiDv59txoT1bFO9RHx53KWvX0NbXLjHv55p3lLsmSZ6mdgNsWrw14EU7vKfTV/Sa8BuSFSDv7ekcF/3nnOB4zfpG0A2UQ3+EMKFQktrw4roxqhVeJMOf1dIdfCJvvloJ5w+mLsEhkC8s3zyMES+ZdmgGlCn8M+leKPfxCmyUSQvlk3+DmSDakBrg+SfdMFO2azkssnfhWxULFu2rS1dMMiWjAGSTLdlLuC9yLZnyxbS7XxBthSndYudEZnx/mTbutQEg2yHgn+gnG9pL2rFYk09Kd8OF2tdIHrZwsVi19X06g7mFsp2oAlWZYNTyiz9lZWlVTjQnVRSNKiyQbQFYtVjvDfNmqNw1Ek62cBv+KTPip+VTakSH6C5qxYMW7YaEDh9O5yHg4iQsvXACsXlpeFnZYsrlbVDVBmjimwBUXerSjR8CxGVb37Xx30uPFm2OP/k9VK91j0OF4RQRSZIp3hSL1XnsrFe+MIL7t9kOXLBGopz2bJ+zWovGU+VLSJ0ksjxp1nJkTpCth1ZdS+EWjxXS1K2rPoV4uvA2rLFEgB+bypfsVT5bQjqzY+MhGwsGBx90RYV5E1x2ZL1X/sJfwnWlk2F0tVZKNsOE4vV2TJjAFAyzWV7lV84/IxsNWjrltJxithC2XiOsvdlx3AhW+q3fM5nxpNlC+TYQVpBadLLxrYkPKXesWzxcI1CbvOPraWy8TIRhvdMtoBE7j3JduhoYclWLdfLKUNJgGHsb0XKrgfiu5UtJVuqXLaEVIhByFaTNYER9ZD8zcj2GFpLthx/RvG0SwobUGZdvvl2Ny1+E/gtdy1wn78Z2cgn8R3WGjdpqVOKiWdbhJeLaDQG+9uwKhfsjVlYLJfIpWOwOX5DsomvYkL/aoK9skXUkgBCzL16VpGNnc7VxV0qQd6WbFS4ywPtlwlJeUvOURIaxJPiHCOtyDI/OGJp5nduQWq8+dC7zsuHVrZFKCUSObcVKkcDgSj89UcuwZ9a3VI8FotFUzTwOEcHbEMjY+yZV03HAoFYnM9DB3kmfB348hhaWTaEAlkEULY1YX8fj7Kth39DKNtT8Cf8rRbKtj52H0Mo21Pwaaux6Ut4ncBsQyAQCAQCgUAgEAgEAoFAIBAIBAKBQCAQCAQCgUAgEAgEAoFAIBAIBAKBQCA2Aj/8V858Kmm0eoQctcxkCGQoyOlQN88qhA+f6sjTJjSt1b8i5HqmI+tNSAj7N+fbxEU+Z8akkT+jJN/g5GxOxp4WSipnunnYS3NxF/zcVmD4rY4YRi0gV+ZR3/p05v41J+P+N0mu112L6ucT3EHu7gjpZXqC5CkZDARpDdwtNvHOA6RXWdjFyHQKMU0dMYzSk3vIH0PMbCZiHOTKMGrfbvHLFkLY/78sSLxknPlMEynTEIRm1DjvIC1JKkCOONFN6FvcJdeqnNIcGzY0xDBqwVq3ffNaPNn2NGSNtXbki5f0Mk2RWpJM8mYyHOjmOV/cZZMJyzGYp3LOyT0jI+MozVr95aPuIWY20pGV1zJm/k3LT5PtiJO2JCy1blpB0s7LLgfxznM2pMGQP4a1RrSqsJiRDLZb1rlJyYje323IH8PtZseMZm6y7wnWkKXPPkikB5lsXjLJn4sWSViLqySIZNN0OchwJJLNS1YvCSLZJn3zKDtm5iErlgRTpQ2S75kHSCSikiNB8guJc55519Dd5VjrvDLhOeYlK+8OIJHO+xNOTGuxmBnREG+wdwOy/FoeMt9pIt3oSdvVcpQXLY55yFB2Dd1dTnJUafMcO/WQVTdVLJGu+21ODMEQE+yPdOSp+zYnGchkA3JuIHmbTNSbVLYMhu4uzVoyxwaerFvlUptqsp33743Bdsxs5ibr7Nv2JXE/TP0skWhqBSXxLyOQWs7htMU/pDvfU7XLS3wshubYniSiZbxSSdgb0g3vaX9MfP1byB/tKPlwb8gYH+x8gTS8o+aVQO7bfCuX3CZk1F0LyIRnVFPmmNLiJnw4vX+bedkls860FuyOIYaTqUKWb0BoVYBg2C83+4IYRl1BzGwqNrz2znc2W7KWX74EJWEtQU8X81uZm8XkzE3AeMHwRou5tLHLnBnWuqWpxeyaQoSBM4xia3ldGuSPaa2+iLHJt/7yUWvsisBmNaXfWpmwJ47eihnWYjGVno4sudSeTLZe5UoQyB99MLsBpzNdsl3JUU/ZtzlIA2zWZ+q3bDJe3GKbM2blXeZMtBjWGkO2MN/mIJA/xpIgYnjwUCGmtWSyMZvlIKuUhOWE2Szu8s2kZbcMdC6tJz2Zaa2K2Cb3pDnrSQdmsvIyxj4SuJdEMeWeUdKT3febkogtsD7b1jLK9Ocms88TyURaPkn2hTnL+KRL8wnfL4lhrbOhn3t6hfg4WTTKz4PdLm2PE8Nao35Q2CzbeE1Fy5pWfgGBRHqQGbUKabJR4K70RwKGtWxP5iTgtxZUUr05m46Moxix/ZaXrGnl9aTtMfdt6bcECbqIMkrtsq2YYS0Z05bmrF2RLk0/SjkSABVPXS36DRwjyjbZTX6qJNjk4cd3mVEOMvA4MGi5k6O8XZKY1srbvk0kGycj7aimNtk4aS8cJclEejKb2C7NUxKedC5vm/s7p8tXie3J7FEDT5c3xkvmvm3odmkaK7/YnNlEb+69JwFOonh6QtMm+KSvM8iP/1Zz+Ue0ZT5KOjAvMVyGfUgQHKoEXJo3OCg9mY6IswHD5xLmDLydSLY97rfaDit/92P1e9NJmj+k37JJRks+O0bNPZmbmNaSOeYlrpuUebKJx5xNJLkXLs2wFsSMpirp3yuPOPihmQBps1ZJsAk84vwytWzik/ljE+eoo5bscpIz41oQsw8xLJjlDyWNoXsU7xqKrkXkdvFafhEzhawbjjm5ngrCY/4HKZbjRZyY4b8AAAAASUVORK5CYII= :alt: Packer logo Build Automated Machine Images ------------------------------ Create identical machine images for multiple platforms from a single source configuration. **Packer** est un outil open source permettant de créer des images de machine identiques pour plusieurs plates-formes à partir d'une configuration source unique. Packer est léger, fonctionne sur tous les principaux systèmes d'exploitation et est très performant, créant des images machine pour plusieurs plates-formes en parallèle. Packer ne remplace pas la gestion de configuration comme Chef ou Puppet. En fait, lors de la création d'images, Packer peut utiliser des outils tels que Chef ou Puppet pour installer un logiciel sur l'image. Why Packer? ----------- Source: https://www.packer.io/ Rapid Infrastructure Deployment ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Use Terraform to launch completely provisioned and configured machine instances with Packer images in seconds. Multi-provider Portability ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Identical images allow you to run dev, staging, and production environments across platforms. Improved Stability ~~~~~~~~~~~~~~~~~~ By provisioning instances from stable images installed and configured by Packer, you can ensure buggy software does not get deployed. Increased Dev / Production Parity ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Keep dev, staging, and production environments as similar as possible by generating images for multiple platforms at the same time. Reliable Continuous Delivery ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Generate new machine images for multiple platforms, launch and test, and verify the infrastructure changes work; then, use Terraform to put your images in production. Appliance Demo Creation ~~~~~~~~~~~~~~~~~~~~~~~ Create software appliances and disposable product demos quickly, even with software that changes continuously. Extending Packer with Plugins ----------------------------- Extend Packer’s functionality without modifying Packer core. Plugins are capable of adding these components: - **Builders** - **Provisioners** - **Post-processors** - **Data sources** Documentation des plugins: https://www.packer.io/docs/plugins Install Packer -------------- Source: https://www.packer.io/downloads Installing Packer on Linux ~~~~~~~~~~~~~~~~~~~~~~~~~~ **Ubuntu/Debian** .. code-block:: bash curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add - sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" sudo apt-get update && sudo apt-get install packer **CentOS/RHEL** .. code-block:: bash sudo yum install -y yum-utils sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo sudo yum -y install packer **Fedora** .. code-block:: bash sudo dnf install -y dnf-plugins-core sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/fedora/hashicorp.repo sudo dnf -y install packer **Amazon Linux** .. code-block:: bash sudo yum install -y yum-utils sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo sudo yum -y install packer **Homebrew** .. code-block:: bash brew tap hashicorp/tap brew install hashicorp/tap/packer View Tutorials at HashiCorp Learn: https://learn.hashicorp.com/packer Verifying the Installation ~~~~~~~~~~~~~~~~~~~~~~~~~~ After installing Packer, verify the installation worked by opening a new command prompt or console, and checking that packer is available: .. code-block:: bash $ packer Usage: packer [--version] [--help] [] Available commands are: build build image(s) from template console creates a console for testing variable interpolation fix fixes templates from old versions of packer fmt Rewrites HCL2 config files to canonical format hcl2_upgrade transform a JSON template into an HCL2 configuration init Install missing plugins or upgrade plugins inspect see components of a template validate check that a template is valid version Prints the Packer version Or use the **version** option: .. code-block:: bash $ packer --version Packer v1.7.10 If you get an error that **packer** could not be found, then your **PATH** environment variable was not set up properly. Please go back and ensure that your **PATH** variable contains the directory which has Packer installed. Otherwise, Packer is installed and you're ready to go! Troubleshooting ~~~~~~~~~~~~~~~ On some distributions, there may be another tool named **packer** installed by default. The following error indicates that there is a name conflict. .. code-block:: bash $ packer /usr/share/cracklib/pw_dict.pwd: Permission denied /usr/share/cracklib/pw_dict: Permission denied To fix this, create a symlink to **packer** that uses a different name like **packer.io**, or invoke the **packer** binary you want using its absolute path, e.g. /usr/local/packer. Test on HyperV -------------- Le fichier de configuration ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Ici j'ai fait des tests de prise en main de packer sur Windows10 avec comme hyperviseur HyperV (hébergé sur la même machine). Packer fonctionne avec des fichiers JSON ou Pkr HCL. Ici nous avons la nomenclature Pkr .HCL. Ce fichier permet d'indiquer à packer la spécification de la VM, les options de build et d'output. Ici nous installons un centos7 .. code-block:: json { "variable": "disk_size", "type": "string", "default": "25000" } { "variable": "memory", "type": "string", "default": "1024" } { "variable": "cpus", "type": "string", "default": "1" } { "variable": "output_directory", "type": "string", "default": "F:/HyperV-VM/packer/" } { "variable": "ssh_password", "type": "string", "default": "", "sensitive": true } { "variable": "switch_name", "type": "string", "default": "CommutExt" } { "variable": "vlan_id", "type": "string", "default": "" } { "variable": "vm_name", "type": "string", "default": "centos7" } La première partie concerne la définition de variable, que nous pouvons définir dans le même fichier ou appeler dans un fichier. La seconde partie, appelée **source**, est une définition en avance de phase du **provisioner** (HyperV, VirtualBox, AWS...) qui sera ensuite appelé dans la partie **build**. La troisième partie, **build**, appelle la **source** et les provisioner **shell, file, ansible...** qui permettent de peaufiner les installations. **IMPORTANT** Les drivers/guest de virtualisation sont indispensables au bon fonctionnement de packer. Par exemple, sous HyperV, nous avons besoin que la VM embarque les drivers HyperV pour que Packer puisse récupérer son IP. .. code-block:: bash yum install -y hyperv-daemons hypervkvpd systemctl enable hypervkvpd systemctl start hypervkvpd La partie Kickstart ~~~~~~~~~~~~~~~~~~~ The Red Hat Kickstart installation method is used by Fedora, Red Hat Enterprise Linux, and related Linux distributions to automatically perform unattended operating system installation and configuration. Voici le kickstart que j'ai utilisé pour mes tests: .. code-block:: bash cat /var/www/html/ks1.cfg # platform=x86, AMD64, or Intel EM64T # version=DEVEL # Install OS instead of upgrade install xconfig --startxonboot lang fr_FR.UTF-8 keyboard fr rootpw admin cdrom firewall --disabled selinux --permissive auth --useshadow --passalgo=sha512 text firstboot --disable selinux --disabled eula --agreed services --enabled="chronyd" services --enabled="sshd" services --enabled="NetworkManager" ignoredisk --only-use=sda network --hostname centos7 --onboot yes --device eth0 --noipv6 --activate --bootproto dhcp --nameserver 8.8.8.8 --nameserver 1.1.1.1 reboot timezone Europe/Paris --ntpservers=3.centos.pool.ntp.org,0.centos.pool.ntp.org,2.centos.pool.ntp.org,1.centos.pool.ntp.org bootloader --location=mbr --boot-drive=sda zerombr clearpart --all --initlabel part /boot/efi --fstype="vfat" --size=200 part /boot --fstype="ext4" --size=1024 part swap --fstype="swap" --size=16384 part / --fstype="ext4" --grow --size=1 repo --name=base --baseurl=http://mirror.centos.org/centos/7/os/$basearch/ repo --name=epel-release --baseurl=http://anorien.csc.warwick.ac.uk/mirrors/epel/7/$basearch/ repo --name=elrepo-kernel --baseurl=http://elrepo.org/linux/kernel/el7/$basearch/ repo --name=elrepo-release --baseurl=http://elrepo.org/linux/elrepo/el7/$basearch/ repo --name=elrepo-extras --baseurl=http://elrepo.org/linux/extras/el7/$basearch/ %packages hyperv-daemons hypervkvpd @base @compat-libraries @core chrony mc curl wget yum-priorities yum-versionlock yum-utils yum-cron openssh-server openssh-clients openssh tree vim net-tools %end %post systemctl enable sshd systemctl set-default multi-user.target systemctl disable initial-setup-text systemctl disable initial-setup-graphical sed -i 's/__all__ = \["EULAspoke"\]/__all__ = \["LicenseScreen"\]/' /usr/lib/python2.7/site-packages/initial_setup/tui/spokes/eula.py echo "nameserver 8.8.8.8" >> /etc/resolv.conf cp -pr /boot/efi/EFI/centos/* /boot/efi/EFI/BOOT/ systemctl enable hypervkvpd systemctl start hypervkvpd echo -e '%wheel ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers %end user --name=packer --plaintext --password packer --groups=packer,wheel sshkey --username=packer "ssh-rsa ***** corentinKey" **Meta** -------------- Auteur : Cbillet Date : 05/11/2024