Brief instructions for using Packer

Article Directory

Official website: https://developer.hashicorp.com/packer

Documentation: https://developer.hashicorp.com/packer/docs

公司现有构建镜像代码库地址：https://gitlab.ushareit.me/sre/packer.git

Introduction

Define configuration through templates, use plug-ins to build open source tools for AWS, Azure, GCP, Alibaba Cloud, Huawei Cloud, Tencent Cloud and other cloud or Saas platform system images, and use external plug-ins to configure documents: https://developer.hashicorp.com /packer/plugins

Install

Download address, the page already contains various system installation instructions: https://developer.hashicorp.com/packer/downloads

brew install packer
packer -autocomplete-install

CentOS/RHEL

sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
sudo yum -y install packer
packer -autocomplete-install

Amazon Linux

sudo yum install -y yum-utils shadow-utils
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo
sudo yum -y install packer
packer -autocomplete-install

Packer Notes

Write the image definition template file. Packer 1.5 and above versions support and recommend using the HCL2 (HashiCorp Configuration Language) template. Files with the suffix of .pkr.hcl or .pkr.json are parsed in HCL2 mode, and in other cases, the old JSON mode is used for parsing.

HCL specific instructions: https://developer.hashicorp.com/packer/docs/templates/hcl_templates

Brief description of common commands

Detailed instructions: https://developer.hashicorp.com/packer/docs/commands

注意事项：命令后[]及包含的内容代表可选项

Format the configuration file, .which is the current directory, -checkonly check whether it has been formatted, do not modify the file, specific instructions: https://www.terraform.io/cli/commands/fmt

packer fmt [-check] [文件或目录路径]
Verify that the syntax of the configuration file is valid, as detailed in: https://developer.hashicorp.com/packer/docs/commands/validate

packer validate [参数选项]
Escape the JSON configuration template into a formatted HCL2 copy, with the new file name replacing the old file name suffix with .pkr.hcl, as detailed here: https://developer.hashicorp.com/packer/docs/commands/hcl2_upgrade

packer hcl2_upgrade [文件路径]
Build the image, for specific instructions: https://developer.hashicorp.com/packer/docs/commands/build

packer build [参数选项] [文件或目录路径]

AWS EC2 example

This time, the AWS master account is used as an example.

1. Install the Packer CLI program.

2. Create a new AWS program key and grant permissions as follows:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:AttachVolume",
        "ec2:AuthorizeSecurityGroupIngress",
        "ec2:CopyImage",
        "ec2:CreateImage",
        "ec2:CreateKeypair",
        "ec2:CreateSecurityGroup",
        "ec2:CreateSnapshot",
        "ec2:CreateTags",
        "ec2:CreateVolume",
        "ec2:DeleteKeyPair",
        "ec2:DeleteSecurityGroup",
        "ec2:DeleteSnapshot",
        "ec2:DeleteVolume",
        "ec2:DeregisterImage",
        "ec2:DescribeImageAttribute",
        "ec2:DescribeImages",
        "ec2:DescribeInstances",
        "ec2:DescribeInstanceStatus",
        "ec2:DescribeRegions",
        "ec2:DescribeSecurityGroups",
        "ec2:DescribeSnapshots",
        "ec2:DescribeSubnets",
        "ec2:DescribeTags",
        "ec2:DescribeVolumes",
        "ec2:DescribeVpcs",
        "ec2:DetachVolume",
        "ec2:GetPasswordData",
        "ec2:ModifyImageAttribute",
        "ec2:ModifyInstanceAttribute",
        "ec2:ModifySnapshotAttribute",
        "ec2:RegisterImage",
        "ec2:RunInstances",
        "ec2:StopInstances",
        "ec2:TerminateInstances"
      ],
      "Resource": "*"
    }
  ]
}

3. Set the environment variable associated with the AWS program key or run the command to `aws configure`directly and permanently save the key configuration:

export AWS_ACCESS_KEY_ID=申请的AK
export AWS_SECRET_ACCESS_KEY=申请的SK

4. Create a new template configuration file: `aws.pkr.hcl`:

variable "ImageVersion" {
  type    = string
}

data "amazon-ami" "main" {
  filters = {
    name                = "amzn2-ami-kernel-*-hvm-*-x86_64-gp2"
    root-device-type    = "ebs"
    virtualization-type = "hvm"
  }
  most_recent = true
  owners      = ["137112412989"]
  region      = "ap-southeast-1"
}

source "amazon-ebs" "main" {
  ami_block_device_mappings {
    delete_on_termination = true
    device_name           = "/dev/xvda"
    volume_type           = "gp3"
  }
  ami_description           = "awscli lrzsz node_exporter obsutil openssh tmux"
  ami_name                  = "dongsong-test-v${var.ImageVersion}"
  ami_regions               = ["ap-south-1"]
  ami_users                 = ["404486105145"]
  instance_type             = "t3.medium"
  region                    = "ap-southeast-1"
  source_ami                = "${data.amazon-ami.main.id}"
  ssh_clear_authorized_keys = true
  ssh_username              = "ec2-user"
  subnet_id                 = "subnet-0a95dbf475604da5d"
  tags = {
    "sgt:env"      = "prod"
    "sgt:group"    = "SGT"
    "sgt:project"  = "image"
    "sgt:subgroup" = "SRE"
  }
}

build {
  sources = ["source.amazon-ebs.main"]

  provisioner "shell" {
    scripts = ["image-init.sh", "aws-init.sh"]
  }

}

5. Format configuration:

packer fmt aws.pkr.hcl

6. Check the syntax:

packer validate -var "ImageVersion=1" aws.pkr.hcl

7. Build the image:

packer build -var "ImageVersion=1" aws.pkr.hcl