-
-
Notifications
You must be signed in to change notification settings - Fork 352
/
hcloud-microos-snapshots.pkr.hcl
164 lines (143 loc) · 4.95 KB
/
hcloud-microos-snapshots.pkr.hcl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
/*
* Creates a MicroOS snapshot for Kube-Hetzner
*/
packer {
required_plugins {
hcloud = {
version = ">= 1.0.5"
source = "github.com/hashicorp/hcloud"
}
}
}
variable "hcloud_token" {
type = string
default = env("HCLOUD_TOKEN")
sensitive = true
}
# We download the OpenSUSE MicroOS x86 image from an automatically selected mirror.
variable "opensuse_microos_x86_mirror_link" {
type = string
default = "https://download.opensuse.org/tumbleweed/appliances/openSUSE-MicroOS.x86_64-ContainerHost-OpenStack-Cloud.qcow2"
}
# We download the OpenSUSE MicroOS ARM image from an automatically selected mirror.
variable "opensuse_microos_arm_mirror_link" {
type = string
default = "https://download.opensuse.org/ports/aarch64/tumbleweed/appliances/openSUSE-MicroOS.aarch64-ContainerHost-OpenStack-Cloud.qcow2"
}
# If you need to add other packages to the OS, do it here in the default value, like ["vim", "curl", "wget"]
# When looking for packages, you need to search for OpenSUSE Tumbleweed packages, as MicroOS is based on Tumbleweed.
variable "packages_to_install" {
type = list(string)
default = []
}
locals {
needed_packages = join(" ", concat(["restorecond policycoreutils policycoreutils-python-utils setools-console audit bind-utils wireguard-tools open-iscsi nfs-client xfsprogs cryptsetup lvm2 git cifs-utils bash-completion mtr tcpdump"], var.packages_to_install))
# Add local variables for inline shell commands
download_image = "wget --timeout=5 --waitretry=5 --tries=5 --retry-connrefused --inet4-only "
write_image = <<-EOT
set -ex
echo 'MicroOS image loaded, writing to disk... '
qemu-img convert -p -f qcow2 -O host_device $(ls -a | grep -ie '^opensuse.*microos.*qcow2$') /dev/sda
echo 'done. Rebooting...'
sleep 1 && udevadm settle && reboot
EOT
install_packages = <<-EOT
set -ex
echo "First reboot successful, installing needed packages..."
transactional-update --continue pkg install -y ${local.needed_packages}
transactional-update --continue shell <<- EOF
setenforce 0
rpm --import https://rpm.rancher.io/public.key
zypper install -y https://github.com/k3s-io/k3s-selinux/releases/download/v1.4.stable.1/k3s-selinux-1.4-1.sle.noarch.rpm
zypper addlock k3s-selinux
restorecon -Rv /etc/selinux/targeted/policy
restorecon -Rv /var/lib
setenforce 1
EOF
sleep 1 && udevadm settle && reboot
EOT
clean_up = <<-EOT
set -ex
echo "Second reboot successful, cleaning-up..."
rm -rf /etc/ssh/ssh_host_*
echo "Make sure to use NetworkManager"
touch /etc/NetworkManager/NetworkManager.conf
sleep 1 && udevadm settle
EOT
}
# Source for the MicroOS x86 snapshot
source "hcloud" "microos-x86-snapshot" {
image = "ubuntu-22.04"
rescue = "linux64"
location = "fsn1"
server_type = "cx22" # disk size of >= 40GiB is needed to install the MicroOS image
snapshot_labels = {
microos-snapshot = "yes"
creator = "kube-hetzner"
}
snapshot_name = "OpenSUSE MicroOS x86 by Kube-Hetzner"
ssh_username = "root"
token = var.hcloud_token
}
# Source for the MicroOS ARM snapshot
source "hcloud" "microos-arm-snapshot" {
image = "ubuntu-22.04"
rescue = "linux64"
location = "fsn1"
server_type = "cax11" # disk size of >= 40GiB is needed to install the MicroOS image
snapshot_labels = {
microos-snapshot = "yes"
creator = "kube-hetzner"
}
snapshot_name = "OpenSUSE MicroOS ARM by Kube-Hetzner"
ssh_username = "root"
token = var.hcloud_token
}
# Build the MicroOS x86 snapshot
build {
sources = ["source.hcloud.microos-x86-snapshot"]
# Download the MicroOS x86 image
provisioner "shell" {
inline = ["${local.download_image}${var.opensuse_microos_x86_mirror_link}"]
}
# Write the MicroOS x86 image to disk
provisioner "shell" {
inline = [local.write_image]
expect_disconnect = true
}
# Ensure connection to MicroOS x86 and do house-keeping
provisioner "shell" {
pause_before = "5s"
inline = [local.install_packages]
expect_disconnect = true
}
# Ensure connection to MicroOS x86 and do house-keeping
provisioner "shell" {
pause_before = "5s"
inline = [local.clean_up]
}
}
# Build the MicroOS ARM snapshot
build {
sources = ["source.hcloud.microos-arm-snapshot"]
# Download the MicroOS ARM image
provisioner "shell" {
inline = ["${local.download_image}${var.opensuse_microos_arm_mirror_link}"]
}
# Write the MicroOS ARM image to disk
provisioner "shell" {
inline = [local.write_image]
expect_disconnect = true
}
# Ensure connection to MicroOS ARM and do house-keeping
provisioner "shell" {
pause_before = "5s"
inline = [local.install_packages]
expect_disconnect = true
}
# Ensure connection to MicroOS ARM and do house-keeping
provisioner "shell" {
pause_before = "5s"
inline = [local.clean_up]
}
}