Testing HashiCorp's Packer - a tool for building Golden Images.
- Create golden images across platforms and environments
- Automate patching for workloads
- Creating immutable infrastructure
# First prettify packer files
packer fmt Jenkins-AMI/
# Validate that the syntax is correct
packer validate Jenkins-AMI/
# Start the build
packer build Jenkins-AMI/
# Build all templates in a directory
packer build <directory>
# Convert old JSON format packer files to new HCL format
packer hcl2_upgrade <file># Select whether it's a client or server machine
packer build -var is_server=true consul/- Responsible for creating machines and generating images from them for various platforms
- One or more builder blocks can be specified in a template
- Each builder block can specify one or more
source blocks
- Metadata about the build that was executed
- All special build variables are stored in the
buildvariable
- Used for copying files from local machine to the machine being built by Packer
- Common pattern is to copy files to
/tmpdirectory in the Packer machine as it can be freely modified
- Some issues were faced as a result of running as
ec2-userinstead ofroot
- To become root
execute_commandis used with the provisioner
Becoming root with shell provisioner
// Configure AMI as NAT Instance
provisioner "shell" {
/*
- execute_command changes the default user from ec2-user to root
- sysctl commands aren't allowed to be run under the default ec2-user as they modify the kernel
*/
execute_command = "echo 'packer' | sudo -S env {{ .Vars }} {{ .Path }}"
inline = [
# https://www.kabisa.nl/tech/cost-saving-with-nat-instances/
"sysctl -w net.ipv4.ip_forward=1 >> /etc/sysctl.conf",
"/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE",
"iptables-save > /etc/iptables.conf",
"echo 'iptables-restore < /etc/iptables.conf' >> /etc/rc.local"
]
}