Skip to content

Commit

Permalink
Merge pull request #1 from Oogy/dev
Browse files Browse the repository at this point in the history
Preprovisioned Condor Image
ddymko authored Mar 23, 2021

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
2 parents 5ee53bc + 1e6e101 commit e6f49bd
Showing 8 changed files with 247 additions and 1 deletion.
6 changes: 6 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
.DS_Store
.idea
*.log
tmp/
packer-builder-*
*.env
12 changes: 12 additions & 0 deletions GNUmakefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
default: all

all: fmt validate build

build:
packer build .

fmt:
packer fmt .

validate:
packer validate .
19 changes: 18 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,2 +1,19 @@
# packer-vultr-condor
Pre-provisioned image for use with the Condor Terraform Module.
Pre-provisioned image for use with the [Condor](https://registry.terraform.io/modules/vultr/condor/vultr/latest) Terraform Module. Using a pre-provisioned image provides additional stability when you may wish to test OS level changes prior to cluster updates. Note: This will result in a slightly longer deployment time due to needing to transfer and restore the snapshot.

## Usage
1. Clone this repository
2. Configure your Vultr API Key

``` sh
$ export VULTR_API_KEY="<api-key-here>"
```
3. Change any other default variable values by your [preferred method](https://www.packer.io/guides/hcl/variables#assigning-variables), if necessary.
4. Build the snapshot
```sh
$ make build
```
5. Provide the snapshot description for the resulting image to the [custom_snapshot_description](https://registry.terraform.io/modules/vultr/condor/vultr/latest?tab=inputs) input in the [Condor](https://registry.terraform.io/modules/vultr/condor/vultr/latest) terraform module, and deploy.
```sh
$ terraform apply
```
12 changes: 12 additions & 0 deletions files/condor-boot.service
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
[Unit]
Description=condor-boot
After=systemd-networkd-wait-online.service
Before=sshd.service

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/local/bin/condor-boot.sh

[Install]
WantedBy=multi-user.target
20 changes: 20 additions & 0 deletions files/condor-boot.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
#!/usr/bin/env bash

set -euxo pipefail

METADATA=$(curl --silent 169.254.169.254/v1.json)
MD_PUBLIC_KEYS=$(echo $METADATA | jq '."public-keys"')

ssh_keys(){
if [[ $(echo $MD_PUBLIC_KEYS | jq '.|length') -gt 0 ]]; then
echo $MD_PUBLIC_KEYS | jq -r '.' >> /root/.ssh/authorized_keys
else
echo "No SSH Public keys to add."
fi
}

main(){
ssh_keys
}

main
32 changes: 32 additions & 0 deletions main.pkr.hcl
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
source "vultr" "debian_10" {
api_key = var.vultr_api_key
os_id = var.os_id
plan_id = var.machine_type
region_id = var.region_id
snapshot_description = "${var.description}-${var.condor_image_version}"
ssh_username = "root"
ssh_clear_authorized_keys = var.ssh_clear_authorized_keys
state_timeout = var.state_timeout
}

build {
sources = ["source.vultr.debian_10"]

provisioner "file" {
source = "files/condor-boot.service"
destination = "/etc/systemd/system/condor-boot.service"
}

provisioner "file" {
source = "files/condor-boot.sh"
destination = "/usr/local/bin/condor-boot.sh"
}

provisioner "shell" {
script = "scripts/condor-provision.sh"
environment_vars = [
"CONTAINERD_RELEASE=${var.containerd_release}",
"K8_VERSION=${var.k8_version}"
]
}
}
87 changes: 87 additions & 0 deletions scripts/condor-provision.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
#!/usr/bin/env bash
set -euxo posix

apt -y update
apt -y install jq gnupg2

INSTANCE_METADATA=$(curl --silent http://169.254.169.254/v1.json)
PUBLIC_MAC=$(echo $INSTANCE_METADATA | jq -r '.interfaces[] | select(.["network-type"]=="public") | .mac')

system_config(){
cat <<-EOF > /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF

cat <<-EOF > /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF

modprobe overlay
modprobe br_netfilter
sysctl --system
}

network_config(){
cat <<-EOF > /etc/systemd/network/public.network
[Match]
Name=ens3
[Network]
DHCP=yes
EOF

systemctl enable systemd-networkd systemd-resolved
systemctl disable networking
}

install_containerd(){
apt -y update
apt -y install apt-transport-https ca-certificates curl software-properties-common

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key --keyring /etc/apt/trusted.gpg.d/docker.gpg add -

add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"

apt -y update
apt -y install containerd.io=$CONTAINERD_RELEASE
}

install_k8(){
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -

cat <<-EOF > /etc/apt/sources.list.d/kubernetes.list
deb https://apt.kubernetes.io/ kubernetes-xenial main
EOF

apt -y update
apt -y install kubelet=$K8_VERSION kubeadm=$K8_VERSION kubectl=$K8_VERSION
apt-mark hold kubelet kubeadm kubectl

cat <<-EOF > /etc/default/kubelet
KUBELET_EXTRA_ARGS="--cloud-provider=external"
EOF
}

zerodisk(){
dd if=/dev/zero of=/EMPTY bs=1M | true
rm -f /EMPTY
sync
}

condor_boot_service(){
systemctl enable condor-boot.service
}

main(){
system_config
network_config
install_containerd
install_k8
condor_boot_service
zerodisk
}

main
60 changes: 60 additions & 0 deletions variables.pkr.hcl
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
variable "vultr_api_key" {
type = string
default = env("VULTR_API_KEY")
sensitive = true
}

variable "os_id" {
type = number
default = 352
description = "Vultr OS ID for base image."
}

variable "machine_type" {
type = string
default = "vc2-1c-1gb"
description = "Vultr Machine type to build the snapshot on."
}

variable "region_id" {
type = string
default = "ewr"
description = "Vultr region id to deploy build server."
}

variable "hostname" {
type = string
default = "condor"
}

variable "description" {
type = string
default = "condor"
}

variable "containerd_release" {
description = "Version of Containerd runtime package to install via APT to use on cluster instances. Format should be in APT package version string format: x.y.z-00"
type = string
default = "1.4.3-1"
}

variable "k8_version" {
description = "Version of Kubernetes packages to install via APT. Format should be in APT package version string format: x.y.z-00"
type = string
default = "1.20.2-00"
}

variable "condor_image_version" {
type = string
default = "v1.0.0-1"
}

variable "state_timeout" {
type = string
default = "10m"
}

variable "ssh_clear_authorized_keys" {
type = bool
default = true
}

0 comments on commit e6f49bd

Please sign in to comment.