mirror of
https://github.com/jbowdre/vsphere-k8s.git
synced 2024-12-22 03:42:18 +00:00
script cleanup, shift to using dynamically-generated SSH keys for Packer
This commit is contained in:
parent
0a699fb499
commit
340cb8e895
6 changed files with 25 additions and 36 deletions
|
@ -183,7 +183,9 @@ autoinstall:
|
|||
lock-passwd: false
|
||||
sudo: ALL=(ALL) NOPASSWD:ALL
|
||||
shell: /bin/bash
|
||||
%{ if length( build_key ) > 0 ~}
|
||||
%{ if length( ssh_keys ) > 0 ~}
|
||||
ssh_authorized_keys:
|
||||
- ${ build_key }
|
||||
%{ for ssh_key in ssh_keys ~}
|
||||
- ${ ssh_key }
|
||||
%{ endfor ~}
|
||||
%{ endif ~}
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
|
||||
QyNTUxOQAAACDqS76cYpT46QmoQEMbOEUIL/i2+cTm1C17cBKIphAaQAAAAJC/ririv64q
|
||||
4gAAAAtzc2gtZWQyNTUxOQAAACDqS76cYpT46QmoQEMbOEUIL/i2+cTm1C17cBKIphAaQA
|
||||
AAAECBctr1BYu+QL8D8IFHQ8uN/Us4X9xkj9HYf1hQjqrXCupLvpxilPjpCahAQxs4RQgv
|
||||
+Lb5xObULXtwEoimEBpAAAAADGpvaG5AcGVuZ3VpbgE=
|
||||
-----END OPENSSH PRIVATE KEY-----
|
|
@ -30,6 +30,9 @@ sudo rm -rf /var/tmp/*
|
|||
echo '>> Clearing host keys...'
|
||||
sudo rm -f /etc/ssh/ssh_host_*
|
||||
|
||||
echo '>> Removing Packer SSH key...'
|
||||
sed -i '/packer_key/d' ~/.ssh/authorized_keys
|
||||
|
||||
echo '>> Clearing machine-id...'
|
||||
sudo truncate -s 0 /etc/machine-id
|
||||
if [ -f /var/lib/dbus/machine-id ]; then
|
||||
|
|
|
@ -77,10 +77,13 @@ communicator_port = 22
|
|||
communicator_timeout = "20m"
|
||||
common_ip_wait_timeout = "20m"
|
||||
common_shutdown_timeout = "15m"
|
||||
build_remove_keys = false
|
||||
vm_shutdown_command = "sudo /usr/sbin/shutdown -P now"
|
||||
build_remove_keys = true
|
||||
build_username = "admin"
|
||||
build_password = "VMware1!"
|
||||
build_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOpLvpxilPjpCahAQxs4RQgv+Lb5xObULXtwEoimEBpA builder"
|
||||
ssh_keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOpLvpxilPjpCahAQxs4RQgv+Lb5xObULXtwEoimEBpA builder"
|
||||
]
|
||||
|
||||
// Provisioner Settings
|
||||
post_install_scripts = [
|
||||
|
|
|
@ -5,7 +5,6 @@
|
|||
|
||||
// BLOCK: packer
|
||||
// The Packer configuration.
|
||||
|
||||
packer {
|
||||
required_version = ">= 1.8.2"
|
||||
required_plugins {
|
||||
|
@ -20,18 +19,21 @@ packer {
|
|||
}
|
||||
}
|
||||
|
||||
// BLOCK: locals
|
||||
// Defines the local variables.
|
||||
// BLOCK: data
|
||||
// Defines data sources.
|
||||
data "sshkey" "install" {
|
||||
type = "ed25519"
|
||||
name = "packer_key"
|
||||
}
|
||||
|
||||
// BLOCK: locals
|
||||
// Defines local variables.
|
||||
locals {
|
||||
ssh_public_key = data.sshkey.install.public_key
|
||||
ssh_private_key_file = data.sshkey.install.private_key_path
|
||||
build_tool = "HashiCorp Packer ${packer.version}"
|
||||
build_date = formatdate("YYYY-MM-DD hh:mm ZZZ", timestamp())
|
||||
build_description = "Kubernetes Ubuntu 20.04 Node template\nBuild date: ${local.build_date}\nBuild tool: ${local.build_tool}"
|
||||
shutdown_command = "sudo -S -E shutdown -P now"
|
||||
iso_paths = ["[${var.common_iso_datastore}] ${var.iso_path}/${var.iso_file}"]
|
||||
iso_checksum = "${var.iso_checksum_type}:${var.iso_checksum_value}"
|
||||
data_source_content = {
|
||||
|
@ -39,7 +41,7 @@ locals {
|
|||
"/user-data" = templatefile("data/user-data.pkrtpl.hcl", {
|
||||
build_username = var.build_username
|
||||
build_password = bcrypt(var.build_password)
|
||||
build_key = var.build_key
|
||||
ssh_keys = concat([local.ssh_public_key], var.ssh_keys)
|
||||
vm_guest_os_language = var.vm_guest_os_language
|
||||
vm_guest_os_keyboard = var.vm_guest_os_keyboard
|
||||
vm_guest_os_timezone = var.vm_guest_os_timezone
|
||||
|
@ -52,7 +54,6 @@ locals {
|
|||
|
||||
// BLOCK: source
|
||||
// Defines the builder configuration blocks.
|
||||
|
||||
source "vsphere-iso" "ubuntu-k8s" {
|
||||
|
||||
// vCenter Server Endpoint Settings and Credentials
|
||||
|
@ -106,13 +107,12 @@ source "vsphere-iso" "ubuntu-k8s" {
|
|||
boot_wait = var.vm_boot_wait
|
||||
boot_command = var.vm_boot_command
|
||||
ip_wait_timeout = var.common_ip_wait_timeout
|
||||
shutdown_command = local.shutdown_command
|
||||
shutdown_command = var.vm_shutdown_command
|
||||
shutdown_timeout = var.common_shutdown_timeout
|
||||
|
||||
// Communicator Settings and Credentials
|
||||
communicator = "ssh"
|
||||
ssh_username = var.build_username
|
||||
ssh_password = var.build_password
|
||||
ssh_private_key_file = local.ssh_private_key_file
|
||||
ssh_clear_authorized_keys = var.build_remove_keys
|
||||
ssh_port = var.communicator_port
|
||||
|
@ -151,7 +151,6 @@ source "vsphere-iso" "ubuntu-k8s" {
|
|||
|
||||
// BLOCK: build
|
||||
// Defines the builders to run, provisioners, and post-processors.
|
||||
|
||||
build {
|
||||
sources = [
|
||||
"source.vsphere-iso.ubuntu-k8s"
|
||||
|
@ -173,6 +172,7 @@ build {
|
|||
|
||||
provisioner "shell" {
|
||||
execute_command = "bash {{ .Path }}"
|
||||
expect_disconnect = true
|
||||
scripts = var.pre_final_scripts
|
||||
}
|
||||
}
|
|
@ -7,7 +7,6 @@
|
|||
// Defines the input variables.
|
||||
|
||||
// vSphere Credentials
|
||||
|
||||
variable "vsphere_endpoint" {
|
||||
type = string
|
||||
description = "The fully qualified domain name or IP address of the vCenter Server instance. ('vcenter.lab.local')"
|
||||
|
@ -32,7 +31,6 @@ variable "vsphere_insecure_connection" {
|
|||
}
|
||||
|
||||
// vSphere Settings
|
||||
|
||||
variable "vsphere_datacenter" {
|
||||
type = string
|
||||
description = "The name of the target vSphere datacenter. ('Lab Datacenter')"
|
||||
|
@ -59,7 +57,6 @@ variable "vsphere_folder" {
|
|||
}
|
||||
|
||||
// Virtual Machine Settings
|
||||
|
||||
variable "vm_name" {
|
||||
type = string
|
||||
description = "Name of the new VM to create."
|
||||
|
@ -175,7 +172,6 @@ variable "common_remove_cdrom" {
|
|||
}
|
||||
|
||||
// Template and Content Library Settings
|
||||
|
||||
variable "common_template_conversion" {
|
||||
type = bool
|
||||
description = "Convert the virtual machine to template. Must be 'false' for content library."
|
||||
|
@ -207,7 +203,6 @@ variable "common_content_library_skip_export" {
|
|||
}
|
||||
|
||||
// Snapshot Settings
|
||||
|
||||
variable "common_snapshot_creation" {
|
||||
type = bool
|
||||
description = "Create a snapshot for Linked Clones."
|
||||
|
@ -221,7 +216,6 @@ variable "common_snapshot_name" {
|
|||
}
|
||||
|
||||
// OVF Export Settings
|
||||
|
||||
variable "common_ovf_export_enabled" {
|
||||
type = bool
|
||||
description = "Enable OVF artifact export."
|
||||
|
@ -240,7 +234,6 @@ variable "common_ovf_export_path" {
|
|||
}
|
||||
|
||||
// Removable Media Settings
|
||||
|
||||
variable "common_iso_datastore" {
|
||||
type = string
|
||||
description = "The name of the source vSphere datastore for ISO images. ('datastore-iso-01')"
|
||||
|
@ -278,7 +271,6 @@ variable "cd_label" {
|
|||
}
|
||||
|
||||
// Boot Settings
|
||||
|
||||
variable "vm_boot_order" {
|
||||
type = string
|
||||
description = "The boot order for virtual machines devices. ('disk,cdrom')"
|
||||
|
@ -313,11 +305,9 @@ variable "common_shutdown_timeout" {
|
|||
}
|
||||
|
||||
// Communicator Settings and Credentials
|
||||
|
||||
variable "build_username" {
|
||||
type = string
|
||||
description = "The username to login to the guest operating system. ('admin')"
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "build_password" {
|
||||
|
@ -333,10 +323,11 @@ variable "build_password_encrypted" {
|
|||
default = null
|
||||
}
|
||||
|
||||
variable "build_key" {
|
||||
type = string
|
||||
description = "The public key to login to the guest operating system."
|
||||
variable "ssh_keys" {
|
||||
type = list(string)
|
||||
description = "List of public keys to be added to ~/.ssh/authorized_keys."
|
||||
sensitive = true
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "build_remove_keys" {
|
||||
|
@ -346,7 +337,6 @@ variable "build_remove_keys" {
|
|||
}
|
||||
|
||||
// Communicator Settings
|
||||
|
||||
variable "communicator_port" {
|
||||
type = string
|
||||
description = "The port for the communicator protocol."
|
||||
|
@ -370,7 +360,6 @@ variable "communicator_ssl" {
|
|||
}
|
||||
|
||||
// Provisioner Settings
|
||||
|
||||
variable "cloud_init_apt_packages" {
|
||||
type = list(string)
|
||||
description = "A list of apt packages to install during the subiquity cloud-init installer."
|
||||
|
@ -396,7 +385,6 @@ variable "pre_final_scripts" {
|
|||
}
|
||||
|
||||
// Kubernetes Settings
|
||||
|
||||
variable "k8s_version" {
|
||||
type = string
|
||||
description = "Kubernetes version to be installed. Latest stable is listed at https://dl.k8s.io/release/stable.txt"
|
||||
|
|
Loading…
Reference in a new issue