-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Preprovisioned Condor Image
Showing
8 changed files
with
247 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
.DS_Store | ||
.idea | ||
*.log | ||
tmp/ | ||
packer-builder-* | ||
*.env |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
default: all | ||
|
||
all: fmt validate build | ||
|
||
build: | ||
packer build . | ||
|
||
fmt: | ||
packer fmt . | ||
|
||
validate: | ||
packer validate . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,19 @@ | ||
# packer-vultr-condor | ||
Pre-provisioned image for use with the Condor Terraform Module. | ||
Pre-provisioned image for use with the [Condor](https://registry.terraform.io/modules/vultr/condor/vultr/latest) Terraform Module. Using a pre-provisioned image provides additional stability when you may wish to test OS level changes prior to cluster updates. Note: This will result in a slightly longer deployment time due to needing to transfer and restore the snapshot. | ||
|
||
## Usage | ||
1. Clone this repository | ||
2. Configure your Vultr API Key | ||
|
||
``` sh | ||
$ export VULTR_API_KEY="<api-key-here>" | ||
``` | ||
3. Change any other default variable values by your [preferred method](https://www.packer.io/guides/hcl/variables#assigning-variables), if necessary. | ||
4. Build the snapshot | ||
```sh | ||
$ make build | ||
``` | ||
5. Provide the snapshot description for the resulting image to the [custom_snapshot_description](https://registry.terraform.io/modules/vultr/condor/vultr/latest?tab=inputs) input in the [Condor](https://registry.terraform.io/modules/vultr/condor/vultr/latest) terraform module, and deploy. | ||
```sh | ||
$ terraform apply | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
[Unit] | ||
Description=condor-boot | ||
After=systemd-networkd-wait-online.service | ||
Before=sshd.service | ||
|
||
[Service] | ||
Type=oneshot | ||
RemainAfterExit=yes | ||
ExecStart=/usr/local/bin/condor-boot.sh | ||
|
||
[Install] | ||
WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
#!/usr/bin/env bash | ||
|
||
set -euxo pipefail | ||
|
||
METADATA=$(curl --silent 169.254.169.254/v1.json) | ||
MD_PUBLIC_KEYS=$(echo $METADATA | jq '."public-keys"') | ||
|
||
ssh_keys(){ | ||
if [[ $(echo $MD_PUBLIC_KEYS | jq '.|length') -gt 0 ]]; then | ||
echo $MD_PUBLIC_KEYS | jq -r '.' >> /root/.ssh/authorized_keys | ||
else | ||
echo "No SSH Public keys to add." | ||
fi | ||
} | ||
|
||
main(){ | ||
ssh_keys | ||
} | ||
|
||
main |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
source "vultr" "debian_10" { | ||
api_key = var.vultr_api_key | ||
os_id = var.os_id | ||
plan_id = var.machine_type | ||
region_id = var.region_id | ||
snapshot_description = "${var.description}-${var.condor_image_version}" | ||
ssh_username = "root" | ||
ssh_clear_authorized_keys = var.ssh_clear_authorized_keys | ||
state_timeout = var.state_timeout | ||
} | ||
|
||
build { | ||
sources = ["source.vultr.debian_10"] | ||
|
||
provisioner "file" { | ||
source = "files/condor-boot.service" | ||
destination = "/etc/systemd/system/condor-boot.service" | ||
} | ||
|
||
provisioner "file" { | ||
source = "files/condor-boot.sh" | ||
destination = "/usr/local/bin/condor-boot.sh" | ||
} | ||
|
||
provisioner "shell" { | ||
script = "scripts/condor-provision.sh" | ||
environment_vars = [ | ||
"CONTAINERD_RELEASE=${var.containerd_release}", | ||
"K8_VERSION=${var.k8_version}" | ||
] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
#!/usr/bin/env bash | ||
set -euxo posix | ||
|
||
apt -y update | ||
apt -y install jq gnupg2 | ||
|
||
INSTANCE_METADATA=$(curl --silent http://169.254.169.254/v1.json) | ||
PUBLIC_MAC=$(echo $INSTANCE_METADATA | jq -r '.interfaces[] | select(.["network-type"]=="public") | .mac') | ||
|
||
system_config(){ | ||
cat <<-EOF > /etc/modules-load.d/containerd.conf | ||
overlay | ||
br_netfilter | ||
EOF | ||
|
||
cat <<-EOF > /etc/sysctl.d/99-kubernetes-cri.conf | ||
net.bridge.bridge-nf-call-iptables = 1 | ||
net.ipv4.ip_forward = 1 | ||
net.bridge.bridge-nf-call-ip6tables = 1 | ||
EOF | ||
|
||
modprobe overlay | ||
modprobe br_netfilter | ||
sysctl --system | ||
} | ||
|
||
network_config(){ | ||
cat <<-EOF > /etc/systemd/network/public.network | ||
[Match] | ||
Name=ens3 | ||
[Network] | ||
DHCP=yes | ||
EOF | ||
|
||
systemctl enable systemd-networkd systemd-resolved | ||
systemctl disable networking | ||
} | ||
|
||
install_containerd(){ | ||
apt -y update | ||
apt -y install apt-transport-https ca-certificates curl software-properties-common | ||
|
||
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key --keyring /etc/apt/trusted.gpg.d/docker.gpg add - | ||
|
||
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | ||
|
||
apt -y update | ||
apt -y install containerd.io=$CONTAINERD_RELEASE | ||
} | ||
|
||
install_k8(){ | ||
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - | ||
|
||
cat <<-EOF > /etc/apt/sources.list.d/kubernetes.list | ||
deb https://apt.kubernetes.io/ kubernetes-xenial main | ||
EOF | ||
|
||
apt -y update | ||
apt -y install kubelet=$K8_VERSION kubeadm=$K8_VERSION kubectl=$K8_VERSION | ||
apt-mark hold kubelet kubeadm kubectl | ||
|
||
cat <<-EOF > /etc/default/kubelet | ||
KUBELET_EXTRA_ARGS="--cloud-provider=external" | ||
EOF | ||
} | ||
|
||
zerodisk(){ | ||
dd if=/dev/zero of=/EMPTY bs=1M | true | ||
rm -f /EMPTY | ||
sync | ||
} | ||
|
||
condor_boot_service(){ | ||
systemctl enable condor-boot.service | ||
} | ||
|
||
main(){ | ||
system_config | ||
network_config | ||
install_containerd | ||
install_k8 | ||
condor_boot_service | ||
zerodisk | ||
} | ||
|
||
main |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
variable "vultr_api_key" { | ||
type = string | ||
default = env("VULTR_API_KEY") | ||
sensitive = true | ||
} | ||
|
||
variable "os_id" { | ||
type = number | ||
default = 352 | ||
description = "Vultr OS ID for base image." | ||
} | ||
|
||
variable "machine_type" { | ||
type = string | ||
default = "vc2-1c-1gb" | ||
description = "Vultr Machine type to build the snapshot on." | ||
} | ||
|
||
variable "region_id" { | ||
type = string | ||
default = "ewr" | ||
description = "Vultr region id to deploy build server." | ||
} | ||
|
||
variable "hostname" { | ||
type = string | ||
default = "condor" | ||
} | ||
|
||
variable "description" { | ||
type = string | ||
default = "condor" | ||
} | ||
|
||
variable "containerd_release" { | ||
description = "Version of Containerd runtime package to install via APT to use on cluster instances. Format should be in APT package version string format: x.y.z-00" | ||
type = string | ||
default = "1.4.3-1" | ||
} | ||
|
||
variable "k8_version" { | ||
description = "Version of Kubernetes packages to install via APT. Format should be in APT package version string format: x.y.z-00" | ||
type = string | ||
default = "1.20.2-00" | ||
} | ||
|
||
variable "condor_image_version" { | ||
type = string | ||
default = "v1.0.0-1" | ||
} | ||
|
||
variable "state_timeout" { | ||
type = string | ||
default = "10m" | ||
} | ||
|
||
variable "ssh_clear_authorized_keys" { | ||
type = bool | ||
default = true | ||
} |