Commit d62e7490 authored by Walter Heck's avatar Walter Heck Committed by GitHub

Merge pull request #18 from walterheck/walter/features/packer

First stab at a packer build. So far only builds an empty vm with pup…
parents c5669737 a797a500
modules
deploy/vagrant-oscar/.pe_build
deploy/vagrant-oscar/.vagrant
vendor/bundle
terraform.tfstate
Gemfile.lock
modules/
!deploy/packer/manifests/modules
......@@ -11,8 +11,18 @@ end
PuppetLint.configuration.send('disable_documentation')
PuppetLint.configuration.send('disable_80chars')
PuppetSyntax.exclude_paths = [ "vendor/**/*.*" ]
PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp", "vendor/**/*.pp"]
PuppetSyntax.exclude_paths = [
"vendor/**/*.*",
"modules/**/*.pp",
"deploy/packer/manifests/modules/**/**/*.pp"
]
PuppetLint.configuration.ignore_paths = [
"spec/**/*.pp",
"pkg/**/*.pp",
"vendor/**/*.pp",
"modules/**/*.pp",
"deploy/packer/manifests/modules/**/**/*.pp"
]
# Alternative configuration until https://github.com/rodjek/puppet-lint/pull/397 gets merged
Rake::Task[:lint].clear
......
{
"variables":
{
"template_name": "centos-7.2-x86_64-base",
"template_os": "RedHat_64",
"iso_url": "http://mirror.nl.leaseweb.net/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-1511.iso",
"iso_checksum": "907e5755f824c5848b9c8efbb484f3cd945e93faa024bad6ba875226f9683b16",
"iso_checksum_type": "sha256",
"memory_size": "512",
"cpu_count": "1",
"provisioner": "virtualbox",
"required_modules": "puppetlabs-stdlib saz-ssh",
"puppet_repo": "http://yum.puppetlabs.com/el/7/PC1/x86_64/puppetlabs-release-pc1-1.0.0-2.el7.noarch.rpm"
},
"builders": [
{
"name": "{{user `template_name`}}-{{user `provisioner`}}",
"type": "virtualbox-iso",
"boot_command": [
"<tab> <wait>",
"text <wait>",
"ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/x86_64.ks <wait>",
"<enter>"
],
"boot_wait": "10s",
"disk_size": 10240,
"guest_os_type": "{{user `template_os`}}",
"http_directory": "files",
"iso_checksum": "{{user `iso_checksum`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_url": "{{user `iso_url`}}",
"ssh_username": "root",
"ssh_password": "puppet",
"ssh_port": 22,
"ssh_wait_timeout": "10000s",
"shutdown_command": "/sbin/halt -h -p",
"virtualbox_version_file": ".vbox_version",
"vboxmanage": [
[
"modifyvm",
"{{.Name}}",
"--memory",
"{{user `memory_size`}}"
],
[
"modifyvm",
"{{.Name}}",
"--cpus",
"{{user `cpu_count`}}"
],
[
"modifyvm",
"{{.Name}}",
"--ioapic",
"off"
]
]
}
],
"provisioners": [
{
"type": "shell",
"execute_command": "{{.Vars}} bash '{{.Path}}' {{user `required_modules`}}",
"environment_vars": [
"TEMPLATE={{user `template_name`}}",
"PC_REPO={{user `puppet_repo`}}"
],
"scripts": [
"scripts/bootstrap-aio.sh"
]
},
{
"type": "puppet-masterless",
"execute_command": "{{.FacterVars}} PATH=$PATH:/opt/puppetlabs/puppet/bin /opt/puppetlabs/puppet/bin/puppet apply --verbose --detailed-exitcodes --modulepath='/tmp/packer-puppet-masterless/manifests/modules' {{.ManifestFile}}",
"facter": {
"provisioner": "{{user `provisioner`}}"
},
"manifest_dir": "manifests",
"manifest_file": "manifests/base.pp"
},
{
"type": "shell",
"environment_vars": [
"TEMPLATE={{user `template_name`}}",
"PC_REPO={{user `puppet_repo`}}"
],
"scripts": [
"scripts/cleanup-scrub.sh"
]
}
]
}
install
cdrom
lang en_US.UTF-8
keyboard us
network --bootproto=dhcp
rootpw --iscrypted $1$v4K9E8Wj$gZIHJ5JtQL5ZGZXeqSSsd0
firewall --enabled --service=ssh
authconfig --enableshadow --passalgo=sha512
selinux --disabled
timezone UTC
bootloader --location=mbr
text
skipx
zerombr
clearpart --all --initlabel
autopart
auth --useshadow --enablemd5
firstboot --disabled
reboot --eject
%packages --ignoremissing
@core
bzip2
kernel-devel
kernel-headers
gcc
make
net-tools
patch
perl
curl
wget
nfs-utils
-ipw2100-firmware
-ipw2200-firmware
-ivtv-firmware
%end
include packer::updates
include packer::sshd
include packer::networking
unless $::provisioner == 'ec2' {
include packer::vmtools
}
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/T0ADg8YIX6C9OvDK8V3O4m2KKTaTcShuAfdhSP8/E6w2SUWwLZVGHM8bD65SnDwXnVo89+La2Yn/7QmJyqZO31LVPh2sMzGFmw57a/s06h2ujkWE3jOL5w9cUBWrrkdP7xbUXFWi6fi+PjSi9/vI1IpBi3X7EmI3mC9ftV9QZbj2wQclhpTNsGaCSJA3ye7G/+7XNWXwaMsPxmTYqD4PBZlbVXQ4dqR3oObkZ8wNWd+qmMvxeSuJ69rSGWTeIqwdGpm2vfcIqn1GM2r+lcCBIB+VXoLDN0zNia2+j5KItVHMyDU+/lQS3oYGdejM2cd6fDBcW1AiSijUbQr0d+fR ci+enterprise@puppetlabs.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIrRlZ7kz3U/uOjiXrmJpumRHo8fDWBo+AOCSdqokqNRcALUrpNr6iHRR68Ki1EzPRSvGsdqrh9riStAlJxVroLZt8t2Mt+McydxdvHwJcDSWpZ+UZ1KGXUS1vg4569JZjdi+Gl70WAzJqTxhqIogwcNuZbMMBvJe9oAMCXS1TYMXfPiEcw/hQD/kBNvkSMGTn/siMlNPtaCF+rzlarzUqkEpUnsHmGwqFVHLeVFZ94+2ZD3CzBeJ6m3Ke9IA5ytzOYyPuFP/NVNnEnSrwwe7GSjnxZWT2dzjUrqMgGphWFmeU35oz7r+HxRXsugbMUyN3HEudU268ciYeAvG4xMY3 sqa+ci@puppetlabs.com
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsMvODgIqL1NoUgP65qmgf0sJjQy78QdA5rHw9tIwK5KstVSh+0w4TLHJq8Jz8E4UeXhx0NioP3kE3otjCC8kSM5y99QOs4qQh7q6cLN9hQpXMQUD9UnJMP0b5agd0PdErH0ML9hnWfsZX707v31VSIbco+X6Kg9wN8WJhlTXgbbrJTUIPnMzNXrN7Z5/jY6Vss7NTCVI7OxUbIna37l5y8s4jxViaXjoVEXP8e4QtTX8p0BYc2vgerI04ZilhbIe4KEcHiR+n/GUr6MmkY5qtLum/7IZLHbHfWha1q7VaPnz/CHmlDySxxq4sF81N4x2V7d0+x8/wNZx2d+duJmV0Q== jenkins/hudson@puppetlabs.com
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxPfb1yjRU7E5cQG9+Eq55WWCsLTRmd/tjv/Ym0Sm+3bsoayfKkd7irZEKlyUlgfNx9IkW45E3o8O+LR2+91U4H+Ao6cxLqyXg/5tqLUyyThkS+KBns7HyxC24nnO3h/84mzC1BCO6p3UAwF4gDtYv1LCxshWuwd0dEUTZFTP8E7Xz6dgKnza0745QnRf4xhx3zRwbjW2iJ97bePNZaZf+EgIDPYcjxqUNr69oCfcC0K11oKuqLpu8pmP4rGC/MxqgadGINEJfP+Y14szE/nIjoEJ71IhP9TEDfEAArPMopqed65xOgo/GVFk8Olhi2+xd2JysiVb6dS5BjjFZpBjuw== jenkins/jetty@enkal.puppetlabs.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDlFK/6B43EQWBR5C6Oe3yFnmjlVGgE1LXQuvpUS1SYR0jIYAGpK6X/4NwTNniwaRQrklE9dlAoDrWB3VxbczuysKNslwE64refp53A933/PV25QY3jx8vlOgi3ri7Aj/Jk+PpBIHsedLzYYOrD/s7xZ5LZ+8bsjolK8+YZnQcBy7sOpGQYUyP4EHQI91jhigjIwzf6/rhVWsKEHDF2v0RnnP+BjbRlYyG0HOGMwbGqg33Pr5QiTfJQWkYl3JCWB5OGnlRq5xiTvB1nyRMC550dgKjVyRtANk/aZVGsC7aC5EGe0qekBCUvctTqXbNR5N2ek54XHhReUqm0PiImLFXT sqa+builders@puppetlabs.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsFUzpOJRglp/6/nEzkRriTuKfc+OcAyfFhgGx2lR+CR2pzGYus5VrcHalT/lHphbc5NGMXGa6tVYNkMPXNvrThlBwHhh9FFx5/6LRXbq8/LD2tDAW1tyPU04Qk0LNvoq+GSX/QPdumgwThlSEqkdBO0EQIR2CR8XYWIytFcYolPoozrolFoaiDyymZCJE4CaPi3TFTb1DIBm4i0VrHFXvdeAsMAe9J5x4wAd14UjDjghYNN/0GnoYxzDk6JnKX00Hvs3AriPJrW5Y7UBA6eGdISsLZRtOw5NKdiTEGH3VWwupIUc049FFpa83V0ySX0YwqGLhClTjk8ltMulcqF0J sqa+shipper@puppetlabs.com
send host-name = pick-first-value(gethostname(), "ISC-dhclient");
\ No newline at end of file
class packer::networking inherits packer::networking::params {
if ( $udev_rule != undef ) {
file { $udev_rule:
ensure => absent,
}
}
if ( $udev_rule_gen != undef ) {
file { $udev_rule_gen:
ensure => link,
target => '/dev/null',
}
}
if ( $interface_script != undef ) {
file_line { "remove ${interface_script} hwaddr":
path => $interface_script,
line => '#HWADDR withheld',
match => 'HWADDR',
}
}
}
class packer::networking::params {
case $::osfamily {
debian: {
$udev_rule = '/etc/udev/rules.d/70-persistent-net.rules'
$udev_rule_gen = '/lib/udev/rules.d/75-persistent-net-generator.rules'
}
redhat: {
case $::operatingsystemrelease {
'7.0.1406', '7.1.1503', '7.2.1511', '7.2': {
case $::provisioner {
'virtualbox': { $interface_script = '/etc/sysconfig/network-scripts/ifcfg-enp0s3' }
'vmware': { $interface_script = '/etc/sysconfig/network-scripts/ifcfg-ens33' }
}
$udev_rule = '/etc/udev/rules.d/70-persistent-net.rules'
$udev_rule_gen = '/lib/udev/rules.d/75-persistent-net-generator.rules'
}
'5.11': {
$interface_script = '/etc/sysconfig/network-scripts/ifcfg-eth0'
$udev_rule = '/etc/udev/rules.d/70-persistent-net.rules'
}
/2\d/: {
case $::provisioner {
'virtualbox': { $interface_script = '/etc/sysconfig/network-scripts/ifcfg-enp0s3' }
'vmware': { $interface_script = '/etc/sysconfig/network-scripts/ifcfg-ens33' }
}
}
default: {
$interface_script = '/etc/sysconfig/network-scripts/ifcfg-eth0'
$udev_rule = '/etc/udev/rules.d/70-persistent-net.rules'
$udev_rule_gen = '/lib/udev/rules.d/75-persistent-net-generator.rules'
}
}
}
default: {
fail( "Unsupported platform: ${::osfamily}/${::operatingsystem}" )
}
}
}
class packer::puppet {
case $::osfamily {
debian: {
include apt
apt::source { 'puppetlabs-pc1':
location => 'http://apt.puppetlabs.com',
repos => 'PC1',
key => '4BD6EC30',
key_server => 'pgp.mit.edu',
}
package { 'puppet-agent':
ensure => present,
require => Apt::Source[ 'puppetlabs-pc1' ],
}
}
redhat: {
if $operatingsystem == "Fedora" {
$ostype = 'fedora'
$prefix = 'f'
} elsif $osfamily == "RedHat" {
$ostype = 'el'
$prefix = ''
}
else {
err("Unable to determine operating system information to assign yum repo.")
}
yumrepo { 'puppetlabs-pc1':
baseurl => "http://yum.puppetlabs.com/${ostype}/${prefix}\$releasever/PC1/\$basearch",
descr => "Puppet Labs PC1 Repository ${ostype} $releasever - \$basearch",
gpgkey => 'http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs',
enabled => '1',
gpgcheck => '1',
}
package { 'puppet-agent':
ensure => present,
require => Yumrepo[ 'puppetlabs-pc1' ],
}
}
default: {
fail( "Unsupported platform: ${::osfamily}/${::operatingsystem}" )
}
}
file { '/etc/profile.d/append-puppetlabs-path.sh':
mode => '0644',
content => 'PATH=$PATH:/opt/puppetlabs/bin',
}
}
class packer::sshd {
class { 'ssh::server':
storeconfigs_enabled => false,
options => {
'PermitRootLogin' => 'yes',
'UseDNS' => 'no',
'GSSAPIAuthentication' => 'no',
},
}
}
class packer::updates {
$linux_pkgs = [
'bash',
'openssl',
]
$debian_pkgs = [
'libc6',
'openssh-client',
'openssh-server',
]
$redhat_pkgs = [
'glibc',
'openssh',
]
if $::osfamily == 'Debian' {
$pkgs_to_update = $linux_pkgs + $debian_pkgs
} elsif $::osfamily == 'Redhat' {
$pkgs_to_update = $linux_pkgs + $redhat_pkgs
}
package { $pkgs_to_update: ensure => latest; }
}
class packer::vagrant inherits packer::vagrant::params {
group { 'vagrant':
ensure => present,
}
user { 'vagrant':
ensure => present,
home => "${home_base}/vagrant",
managehome => true,
gid => 'vagrant',
groups => [ 'vagrant', ],
shell => '/bin/bash',
require => Group[ 'vagrant' ],
}
file { "${home_base}/vagrant/.ssh":
ensure => directory,
owner => 'vagrant',
group => 'vagrant',
mode => '0600',
require => User[ 'vagrant' ],
}
ssh_authorized_key { 'vagrant':
ensure => present,
user => 'vagrant',
key => 'AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ==',
type => 'ssh-rsa',
}
class { 'sudo': }
sudo::conf { 'vagrant':
content => '%vagrant ALL=(ALL) NOPASSWD: ALL',
}
file_line { "allow ${sudoers_file} notty":
path => $sudoers_file,
line => '#Defaults requiretty',
match => 'Defaults\s+requiretty',
}
}
class packer::vagrant::params {
case $::osfamily {
debian, redhat: {
$home_base = '/home'
$sudoers_file = '/etc/sudoers'
}
default: {
fail( "Unsupported platform: ${::osfamily}/${::operatingsystem}" )
}
}
}
class packer::vmtools inherits packer::vmtools::params {
if ( $required_packages != undef ) {
package { $required_packages:
ensure => installed,
before => File[ '/tmp/vmtools' ],
}
}
file { '/tmp/vmtools':
ensure => directory,
}
mount { '/tmp/vmtools':
ensure => mounted,
device => "${root_home}/${tools_iso}",
fstype => 'iso9660',
options => 'ro,loop',
require => File[ '/tmp/vmtools' ],
}
exec { 'install vmtools':
command => $install_cmd,
path => [ '/bin', '/usr/bin', ],
require => Mount[ '/tmp/vmtools' ],
}
exec { 'remove /tmp/vmtools':
command => 'umount /tmp/vmtools ; rmdir /tmp/vmtools',
path => [ '/bin', '/usr/bin', ],
onlyif => 'test -d /tmp/vmtools',
require => Exec[ 'install vmtools' ],
}
case $::operatingsystemrelease {
default: {
file { "${root_home}/${tools_iso}":
ensure => absent,
require => Exec[ 'remove /tmp/vmtools' ],
}
}
}
file_line { "remove /etc/fstab /tmp/vmtools":
path => '/etc/fstab',
line => '#/tmp/vmtools removed',
match => '/tmp/vmtools',
require => Exec[ 'remove /tmp/vmtools' ],
}
}
class packer::vmtools::params {
case $::osfamily {
'Redhat' : {
$root_home = '/root'
$required_packages = [ 'kernel-devel', 'gcc' ]
}
'Debian' : {
$root_home = '/root'
$required_packages = [ "linux-headers-${::kernelrelease}" ]
}
default : {
fail( "Unsupported platform: ${::osfamily}/${::operatingsystem}" )
}
}
case $::provisioner {
virtualbox: {
$tools_iso = 'VBoxGuestAdditions.iso'
$install_cmd = 'sh /tmp/vmtools/VBoxLinuxAdditions.run --nox11 ; true'
}
vmware: {
$tools_iso = 'linux.iso'
$install_cmd = 'tar zxf /tmp/vmtools/VMwareTools-*.tar.gz -C /tmp/ ; /tmp/vmware-tools-distrib/vmware-install.pl --force-install ; rm -rf /tmp/vmware-tools-distrib'
}
default: {
fail( "Unsupported provisioner: ${::provisioner}" )
}
}
}
class packer::vsphere inherits packer::vsphere::params {
include packer::vsphere::repos
include packer::vsphere::networking
include packer::vsphere::fw
user { root:
ensure => present,
password => "$qa_root_passwd"
}
case $::osfamily {
redhat: {
if $::operatingsystemrelease in ['24', '25'] {
Package {
provider => 'dnf',
}
file { '/etc/dhclient.conf':
owner => 'root',
group => 'root',
mode => '0644',
source => 'puppet:///modules/packer/vsphere/dhclient.conf',
}
}
}
}
package { $ruby_package:
ensure => present,
}
file { $bootstrap_file:
owner => 'root',
group => 'root',
mode => '0755',
content => template("packer/vsphere/${bootstrap_file_source}"),
}
file { $startup_file:
owner => 'root',
group => 'root',
mode => '0755',
content => template("packer/vsphere/${startup_file_source}"),
}
file { '/root/.ssh':
owner => 'root',
group => 'root',
mode => '0755',
ensure => directory,
}
file { '/root/.ssh/authorized_keys':
owner => 'root',
group => 'root',
mode => '0755',
source => 'puppet:///modules/packer/vsphere/authorized_keys',
require => File[ '/root/.ssh' ]
}
}
class packer::vsphere::fw {
if ($::osfamily == 'RedHat')
and ($::operatingsystemmajrelease == '7') {
class { 'firewall':
ensure => stopped,
}
}
}
class packer::vsphere::networking inherits packer::networking::params {
class { 'network':
config_file_notify => '',
}
case $::osfamily {
debian: {
if $::operatingsystemrelease in ['15.10', '16.04'] {
network::interface { 'ens32':
enable_dhcp => true,
}
}
}
redhat: {
if ($::operatingsystemmajrelease == '7') {
if ( $interface_script != undef ) {
file { $interface_script:
ensure => absent,
}
}
network::interface { 'ens32':
enable_dhcp => true,
}
}
if ($::operatingsystem == 'Fedora') {
if ( $interface_script != undef ) {
file { $interface_script:
ensure => absent,
}
}
}
}
}
}
class packer::vsphere::params {
$repo_mirror = 'http://osmirror.delivery.puppetlabs.net'
$loweros = downcase($::operatingsystem)
case $::operatingsystem {
'Ubuntu': {
$startup_file = '/etc/rc.local'
$startup_file_source = 'rc.local'
$bootstrap_file = '/etc/vsphere-bootstrap.rb'
$bootstrap_file_source = 'ubuntu.rb.erb'
if $::operatingsystemrelease in ['10.04', '12.04'] {
$ruby_package = [ 'ruby', 'rubygems' ]
}
else {
$ruby_package = [ 'ruby', 'rubygems-integration' ]
}
$repo_name = 'ubuntu'
$repo_list = 'main restricted universe multiverse'
$security_repo_name = 'ubuntu'
$security_release = "${lsbdistcodename}-security"
$updates_release = "${lsbdistcodename}-updates"
}
'Debian': {
$startup_file = '/etc/rc.local'
$startup_file_source = 'rc.local'
$bootstrap_file = '/etc/vsphere-bootstrap.rb'
$bootstrap_file_source = 'debian.rb.erb'
$ruby_package = [ 'ruby' ]
$repo_name = 'debian'
$repo_list = 'main contrib non-free'
$security_repo_name = 'debian-security'
$security_release = "${lsbdistcodename}/updates"
$updates_release = "${lsbdistcodename}-updates"
}
'CentOS', 'Redhat', 'Scientific': {
$startup_file = '/etc/rc.d/rc.local'
$startup_file_source = 'rc.local'
$bootstrap_file = '/etc/vsphere-bootstrap.rb'
$bootstrap_file_source = 'redhat.rb.erb'
$ruby_package = [ 'ruby' ]
$gpgkey = "RPM-GPG-KEY-${::operatingsystem}-${::operatingsystemmajrelease}"
}
'Fedora': {
$startup_file = '/etc/rc.d/rc.local'
$startup_file_source = 'rc.local'
$bootstrap_file = '/etc/vsphere-bootstrap.rb'
$bootstrap_file_source = 'redhat.rb.erb'
$ruby_package = [ 'ruby', 'rubygems' ]
$gpgkey = "RPM-GPG-KEY-${::operatingsystemmajrelease}-${loweros}"
}
default: {
fail( "Unsupported platform: ${::osfamily}/${::operatingsystem}" )
}
}
}
class packer::vsphere::repos inherits packer::vsphere::params {
case $::osfamily {