Article Directory
-
-
- Introduction
- Install
- Packer Notes
- Brief description of common commands
- AWS
- google cloud
- Huawei Cloud
- AWS EC2 example
-
- 1. Install the Packer CLI program.
- 2. Create a new AWS program key and grant permissions as follows:
- 3. Set the environment variable associated with the AWS program key or run the command `aws configure` to directly and permanently save the key configuration:
- 4. Create a new template configuration file: `aws.pkr.hcl`:
- 5. Format configuration:
- 6. Check the syntax:
- 7. Build the image:
-
Official website: https://developer.hashicorp.com/packer
Documentation: https://developer.hashicorp.com/packer/docs
公司现有构建镜像代码库地址:https://gitlab.ushareit.me/sre/packer.git
Introduction
Define configuration through templates, use plug-ins to build open source tools for AWS, Azure, GCP, Alibaba Cloud, Huawei Cloud, Tencent Cloud and other cloud or Saas platform system images, and use external plug-ins to configure documents: https://developer.hashicorp.com /packer/plugins
Install
Download address, the page already contains various system installation instructions: https://developer.hashicorp.com/packer/downloads
- Mac
brew install packer
packer -autocomplete-install
- CentOS/RHEL
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
sudo yum -y install packer
packer -autocomplete-install
- Amazon Linux
sudo yum install -y yum-utils shadow-utils
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo
sudo yum -y install packer
packer -autocomplete-install
Packer Notes
Write the image definition template file. Packer 1.5 and above versions support and recommend using the HCL2 (HashiCorp Configuration Language) template. Files with the suffix of .pkr.hcl or .pkr.json are parsed in HCL2 mode, and in other cases, the old JSON mode is used for parsing.
HCL specific instructions: https://developer.hashicorp.com/packer/docs/templates/hcl_templates
Brief description of common commands
Detailed instructions: https://developer.hashicorp.com/packer/docs/commands
注意事项:命令后[]及包含的内容代表可选项
-
Format the configuration file,
.
which is the current directory,-check
only check whether it has been formatted, do not modify the file, specific instructions: https://www.terraform.io/cli/commands/fmtpacker fmt [-check] [文件或目录路径]
-
Verify that the syntax of the configuration file is valid, as detailed in: https://developer.hashicorp.com/packer/docs/commands/validate
packer validate [参数选项]
-
Escape the JSON configuration template into a formatted HCL2 copy, with the new file name replacing the old file name suffix with .pkr.hcl, as detailed here: https://developer.hashicorp.com/packer/docs/commands/hcl2_upgrade
packer hcl2_upgrade [文件路径]
-
Build the image, for specific instructions: https://developer.hashicorp.com/packer/docs/commands/build
packer build [参数选项] [文件或目录路径]
AWS
Detailed documentation: https://developer.hashicorp.com/packer/plugins/builders/amazon
google cloud
Detailed documentation: https://developer.hashicorp.com/packer/plugins/builders/googlecompute
Huawei Cloud
Detailed documentation: https://developer.hashicorp.com/packer/plugins/builders/openstack
AWS EC2 example
This time, the AWS master account is used as an example.
1. Install the Packer CLI program.
2. Create a new AWS program key and grant permissions as follows:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:AttachVolume",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CopyImage",
"ec2:CreateImage",
"ec2:CreateKeypair",
"ec2:CreateSecurityGroup",
"ec2:CreateSnapshot",
"ec2:CreateTags",
"ec2:CreateVolume",
"ec2:DeleteKeyPair",
"ec2:DeleteSecurityGroup",
"ec2:DeleteSnapshot",
"ec2:DeleteVolume",
"ec2:DeregisterImage",
"ec2:DescribeImageAttribute",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:DescribeInstanceStatus",
"ec2:DescribeRegions",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSnapshots",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVolumes",
"ec2:DescribeVpcs",
"ec2:DetachVolume",
"ec2:GetPasswordData",
"ec2:ModifyImageAttribute",
"ec2:ModifyInstanceAttribute",
"ec2:ModifySnapshotAttribute",
"ec2:RegisterImage",
"ec2:RunInstances",
"ec2:StopInstances",
"ec2:TerminateInstances"
],
"Resource": "*"
}
]
}
3. Set the environment variable associated with the AWS program key or run the command to aws configure
directly and permanently save the key configuration:
export AWS_ACCESS_KEY_ID=申请的AK
export AWS_SECRET_ACCESS_KEY=申请的SK
4. Create a new template configuration file: aws.pkr.hcl
:
variable "ImageVersion" {
type = string
}
data "amazon-ami" "main" {
filters = {
name = "amzn2-ami-kernel-*-hvm-*-x86_64-gp2"
root-device-type = "ebs"
virtualization-type = "hvm"
}
most_recent = true
owners = ["137112412989"]
region = "ap-southeast-1"
}
source "amazon-ebs" "main" {
ami_block_device_mappings {
delete_on_termination = true
device_name = "/dev/xvda"
volume_type = "gp3"
}
ami_description = "awscli lrzsz node_exporter obsutil openssh tmux"
ami_name = "dongsong-test-v${var.ImageVersion}"
ami_regions = ["ap-south-1"]
ami_users = ["404486105145"]
instance_type = "t3.medium"
region = "ap-southeast-1"
source_ami = "${data.amazon-ami.main.id}"
ssh_clear_authorized_keys = true
ssh_username = "ec2-user"
subnet_id = "subnet-0a95dbf475604da5d"
tags = {
"sgt:env" = "prod"
"sgt:group" = "SGT"
"sgt:project" = "image"
"sgt:subgroup" = "SRE"
}
}
build {
sources = ["source.amazon-ebs.main"]
provisioner "shell" {
scripts = ["image-init.sh", "aws-init.sh"]
}
}
5. Format configuration:
packer fmt aws.pkr.hcl
6. Check the syntax:
packer validate -var "ImageVersion=1" aws.pkr.hcl
7. Build the image:
packer build -var "ImageVersion=1" aws.pkr.hcl