Add ansible provisionning to packer

2020-02-12 07:47:36 +01:00 · 2020-02-12 07:47:36 +01:00 · 6c34a92eeb
commit 6c34a92eeb
parent 66c1f4f841
14 changed files with 105 additions and 23 deletions
--- a/.gitignore
+++ b/.gitignore
@ -4,6 +4,8 @@
 *.tar
 *.bz2
 .env
+*.retry

 packer/assets/id_rsa_qemu*
 packer/assets/packer_cache/
+packer/assets/output_gentoo_qcow2/
--- a/8
+++ b/8
@ -1,13 +1,13 @@
 .PHONY: up


-up: ssh
+up: packer/assets/id_rsa_qemu
 	docker-compose up --build -d

 exec:
 	docker-compose exec gentoo_packer bash

-ssh: packer/assets/id_rsa_qemu packer/assets/id_rsa_qemu.pub
-	@if [ ! -f $< ]; then \
-	    ssh-keygen -a 100 -C antoinroux@hotmail.fr -t ed25519 -N "" -b 2048 -q -f $<; \
+packer/assets/id_rsa_qemu:
+	@if [ ! -f "$@" ]; then \
+	    ssh-keygen -a 100 -C antoinroux@hotmail.fr -t ed25519 -N "" -b 2048 -q -f $@; \
 	fi
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -16,7 +16,7 @@ services:
         - "./packer/assets:/packer/"
      network_mode: "host"
      #ports:
-      #    - "5959:5959"
+      #    - "5900:5900/udp"
      #    - "2222:2229"
-      #    - "8888:10082"
+      #    - "10082:10082"

--- a/.env.sample
+++ b/.env.sample
--- a/packer/Dockerfile
+++ b/packer/Dockerfile
@ -10,7 +10,7 @@ ARG GROUP=packer
 WORKDIR /packer

 RUN apk add --update qemu qemu-system-x86_64 qemu-img \
-        vim htop util-linux gzip sysfsutils openssh-client openssh-keygen sudo
+        vim htop util-linux gzip sysfsutils openssh-client openssh-keygen sudo ansible

 RUN addgroup -g 1000 "${GROUP}" && \
    adduser -u 1000 -D -G "${GROUP}" "${USER}" && \
--- a/packer/assets/ansible/playbook.yml
+++ b/packer/assets/ansible/playbook.yml
@ -0,0 +1,17 @@
+---
+# file: playbook.yml
+
+- hosts: default
+  become: true
+  become_method: su
+  pre_tasks:
+    - name: "check ansible required param"
+      assert:
+        that:
+          - ssh_pub is defined
+          - generated_user is defined 
+          - generated_group is defined 
+        fail_msg: "Pass param ssh_pub, generated_user and generated_group to launch this playbook"
+  roles:
+     - prepare
+
--- a/packer/assets/ansible/roles/prepare/tasks/main.yml
+++ b/packer/assets/ansible/roles/prepare/tasks/main.yml
@ -0,0 +1,8 @@
+---
+# prepare gentoo iso to setup gentoo
+
+- name: "Check if remote had network connection"
+  shell: "ping -c 3 www.google.fr"
+  register: ping_res
+  failed_when: ping_res.rc != 0
+
--- a/packer/assets/ansible/roles/prepare/vars/main.yml
+++ b/packer/assets/ansible/roles/prepare/vars/main.yml
@ -0,0 +1,7 @@
+---
+# ssh variable
+
+
+generated_user: "{{ ansible_user  }}"
+generated_group: ""
+user_home: "{% if generated_user == 'root'  %} /root  {% else %} /home/{{ generated_user }} {% endif %}"
--- a/packer/assets/ansible/roles/setup/tasks/main.yml
+++ b/packer/assets/ansible/roles/setup/tasks/main.yml
@ -0,0 +1,29 @@
+---
+# setup gentoo
+
+- name: "Ensure group {{ generated_group }} exists"
+  group:
+    name: "{{ generated_group }}"
+
+- name: "create {{ generated_user }} user and {{ generated_group }} group"
+  user:
+    name: "{{ generated_user }}"
+    comment: "Login user generate by ansible"
+    group: "{{ generated_group }}"
+
+- name: "copy ssh key to {{ user_home }}/.ssh/authorized_keys"
+  lineinfile:
+    path: "{{ user_home }}/.ssh/authorized_keys"
+    line: "{{ ssh_pub }}"
+    create: yes
+    owner: "{{ generated_user }}"
+    group: "{{ generated_user }}"
+    mode: '0600'
+
+- name: Ensure SELinux is set to permissive mode
+  lineinfile:
+    path: /etc/selinux/config
+    regexp: '^SELINUX='
+    line: SELINUX=permissive
+
+
--- a/packer/assets/ansible/roles/setup/vars/main.yml
+++ b/packer/assets/ansible/roles/setup/vars/main.yml
--- a/packer/assets/gentoo.json
+++ b/packer/assets/gentoo.json
@ -11,13 +11,16 @@
      ],
      "memory": "1024",
      "cpus": "2",
-      "disk_interface": "virtio",
-      "disk_size": "5000M",
-      "disk_image": "true",
      "use_backing_file": "true",
      "format": "qcow2",
      "net_device": "virtio-net",

+      "disk_interface": "virtio",
+      "disk_size": "80g",
+      "disk_image": "true",
+      "disk_compression": "true",
+      "disk_additional_size": [],
+
      "iso_urls": [
        "/packer/install-amd64-minimal-{{user `version`}}.iso",
 	"http://distfiles.gentoo.org/releases/amd64/autobuilds/{{user `version`}}/install-amd64-minimal-{{user `version`}}.iso"
@ -25,7 +28,7 @@
      "iso_checksum_url": "http://distfiles.gentoo.org/releases/amd64/autobuilds/{{user `version`}}/install-amd64-minimal-{{user `version`}}.iso.DIGESTS.asc",
      "iso_checksum_type": "file",

-      "vm_name": "gentoo_packer",
+      "vm_name": "gentoo_packer.qcow2",
      "output_directory": "output_gentoo_qcow2",
      
      "http_directory": "/packer/httpdir",
@ -79,23 +82,19 @@
  "provisioners":
  [
    {
-      "type": "file",
-      "source": "/packer/id_rsa_qemu.pub",
-      "destination": "/root/.ssh/authorized_keys"
-    },
-    {
-     "type": "shell",
-     "inline": [
-	"chown root:root /root/.ssh/authorized_keys",
-	"chmod 600 /root/.ssh/authorized_keys",
-        "sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config",
-	"echo package_upgrade: true >>/etc/cloud/cloud.cfg"
-      ]
+      "type": "ansible",
+      "playbook_file": "/packer/ansible/playbook.yml",
+      "extra_arguments": [ "--extra-vars", "ssh_pub={{user `ssh_pub_key`}} generated_user={{user `generated_user`}} generated_group={{user `generated_group`}}" ],
+      "groups": "default",
+      "user": "root"
    }
  ],
  "variables": {
     "ssh_username": "root",
     "ssh_password": "CHANGEME",
+     "ssh_pub_key": "",
+     "generated_user": "antoine",
+     "generated_group": "antoine",
     "version": "20200205T214502Z"
  }
 }
--- a/packer/assets/httpdir/gentoo_save.json
+++ b/packer/assets/httpdir/gentoo_save.json
@ -123,6 +123,20 @@
        "sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config",
 	"echo package_upgrade: true >>/etc/cloud/cloud.cfg"
      ]
+    },
+    {
+      "type": "file",
+      "source": "/packer/id_rsa_qemu.pub",
+      "destination": "/root/.ssh/authorized_keys"
+    },
+    {
+     "type": "shell",
+     "inline": [
+	"chown root:root /root/.ssh/authorized_keys",
+	"chmod 600 /root/.ssh/authorized_keys",
+        "sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config",
+	"echo package_upgrade: true >>/etc/cloud/cloud.cfg"
+      ]
    }
  ]
 }
--- a/packer/assets/run-packer.sh
+++ b/packer/assets/run-packer.sh
@ -3,9 +3,12 @@

 #packer build --only=qemu --var outfile=boxen/gentoo-minimal-hyperv.box --var headless=true --var hyperv_switchname=Ethernet gentoo-minimal.json

+SSH_PUB=$(cat ./id_rsa_qemu.pub)

 export PACKER_LOG=1; packer build --only=qemu \
 	-var version="20200205T214502Z" \
 	-var ssh_username="root" \
 	-var ssh_password="toor" \
+	-var ssh_pub_key="$SSH_PUB" \
+	-force \
 	/packer/gentoo.json
--- a/test.sh
+++ b/test.sh
@ -0,0 +1,3 @@
+#!/bin/bash
+
+qemu-system-x86_64 -cdrom ./packer/assets/install-amd64-minimal-20200205T214502Z.iso -boot order=b -m 1024 -smp cpus=1,cores=4