0
点赞
收藏
分享

微信扫一扫

Packer 简要使用说明

zhaoxj0217 2023-04-21 阅读 104


官网:<https://developer.hashicorp.com/packer>

文档:<https://developer.hashicorp.com/packer/docs>

公司现有构建镜像代码库地址:https://gitlab.ushareit.me/sre/packer.git

简介

通过模板定义配置,使用插件构建 AWS、Azure、GCP、阿里云、华为云、腾讯云等多种云或 Saas 平台系统镜像的开源工具,可用外部插件配置文档:<https://developer.hashicorp.com/packer/plugins>

安装

下载地址,页面已包含各种系统安装说明:<https://developer.hashicorp.com/packer/downloads>

  • Mac

brew install packer
packer -autocomplete-install

  • CentOS/RHEL

sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
sudo yum -y install packer
packer -autocomplete-install

  • Amazon Linux

sudo yum install -y yum-utils shadow-utils
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo
sudo yum -y install packer
packer -autocomplete-install

Packer 注意事项

编写镜像定义模板文件,Packer 1.5及以上版本支持并推荐使用 HCL2(HashiCorp Configuration Language)模板。文件名后缀为 .pkr.hcl 或 .pkr.json 解析为 HCL2 模式,其它情况则使用老版 JSON 模式解析。

HCL 具体说明:<https://developer.hashicorp.com/packer/docs/templates/hcl_templates>

常用命令简单说明

详细说明:<https://developer.hashicorp.com/packer/docs/commands>

注意事项:命令后[]及包含的内容代表可选项

  • 格式化配置文件,. 即为当前目录,-check 只检查是否已经格式化过,不修改文件,具体说明:<https://www.terraform.io/cli/commands/fmt>
    packer fmt [-check] [文件或目录路径]
  • 检验配置文件语法是否有效,具体说明:<https://developer.hashicorp.com/packer/docs/commands/validate>
    packer validate [参数选项]
  • 将 JSON 配置模板转义为格式化 HCL2 副本,新文件名为旧文件名后缀替换为 .pkr.hcl,具体说明:<https://developer.hashicorp.com/packer/docs/commands/hcl2_upgrade>
    packer hcl2_upgrade [文件路径]
  • 构建镜像,具体说明:<https://developer.hashicorp.com/packer/docs/commands/build>
    packer build [参数选项] [文件或目录路径]

AWS

详细文档:<https://developer.hashicorp.com/packer/plugins/builders/amazon>

谷歌云

详细文档:<https://developer.hashicorp.com/packer/plugins/builders/googlecompute>

华为云

详细文档:<https://developer.hashicorp.com/packer/plugins/builders/openstack>

AWS EC2 示例

本次使用 AWS 账号作为示例说明。

1. 安装 Packer CLI 程序。
2. 新建 AWS 程序密钥,授予权限如下:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:AttachVolume",
        "ec2:AuthorizeSecurityGroupIngress",
        "ec2:CopyImage",
        "ec2:CreateImage",
        "ec2:CreateKeypair",
        "ec2:CreateSecurityGroup",
        "ec2:CreateSnapshot",
        "ec2:CreateTags",
        "ec2:CreateVolume",
        "ec2:DeleteKeyPair",
        "ec2:DeleteSecurityGroup",
        "ec2:DeleteSnapshot",
        "ec2:DeleteVolume",
        "ec2:DeregisterImage",
        "ec2:DescribeImageAttribute",
        "ec2:DescribeImages",
        "ec2:DescribeInstances",
        "ec2:DescribeInstanceStatus",
        "ec2:DescribeRegions",
        "ec2:DescribeSecurityGroups",
        "ec2:DescribeSnapshots",
        "ec2:DescribeSubnets",
        "ec2:DescribeTags",
        "ec2:DescribeVolumes",
        "ec2:DescribeVpcs",
        "ec2:DetachVolume",
        "ec2:GetPasswordData",
        "ec2:ModifyImageAttribute",
        "ec2:ModifyInstanceAttribute",
        "ec2:ModifySnapshotAttribute",
        "ec2:RegisterImage",
        "ec2:RunInstances",
        "ec2:StopInstances",
        "ec2:TerminateInstances"
      ],
      "Resource": "*"
    }
  ]
}

3. 设置环境变量关联 AWS 程序密钥或者运行命令 aws configure 直接永久保存密钥配置:

export AWS_ACCESS_KEY_ID=申请的AK
export AWS_SECRET_ACCESS_KEY=申请的SK

4. 新建模板配置文件:aws.pkr.hcl

variable "ImageVersion" {
  type    = string
}

data "amazon-ami" "main" {
  filters = {
    name                = "amzn2-ami-kernel-*-hvm-*-x86_64-gp2"
    root-device-type    = "ebs"
    virtualization-type = "hvm"
  }
  most_recent = true
  owners      = ["137112412989"]
  region      = "ap-southeast-1"
}

source "amazon-ebs" "main" {
  ami_block_device_mappings {
    delete_on_termination = true
    device_name           = "/dev/xvda"
    volume_type           = "gp3"
  }
  ami_description           = "awscli lrzsz node_exporter obsutil openssh tmux"
  ami_name                  = "dongsong-test-v${var.ImageVersion}"
  ami_regions               = ["ap-south-1"]
  ami_users                 = ["404486105145"]
  instance_type             = "t3.medium"
  region                    = "ap-southeast-1"
  source_ami                = "${data.amazon-ami.main.id}"
  ssh_clear_authorized_keys = true
  ssh_username              = "ec2-user"
  subnet_id                 = "subnet-0a95dbf475604da5d"
  tags = {
    "sgt:env"      = "prod"
    "sgt:group"    = "SGT"
    "sgt:project"  = "image"
    "sgt:subgroup" = "SRE"
  }
}

build {
  sources = ["source.amazon-ebs.main"]

  provisioner "shell" {
    scripts = ["image-init.sh", "aws-init.sh"]
  }

}

5. 格式化配置:

packer fmt aws.pkr.hcl

6. 检查语法:

packer validate -var "ImageVersion=1" aws.pkr.hcl

7. 构建镜像:

packer build -var "ImageVersion=1" aws.pkr.hcl

举报

相关推荐

0 条评论