From de15d45aa01b01e6ac10ebcb8add58c558638c58 Mon Sep 17 00:00:00 2001 From: Mrugesh Mohapatra Date: Sun, 20 Oct 2024 20:25:27 +0530 Subject: [PATCH] feat(packer): add configs for DigitalOcean --- .../scripts/ansible/install-common.yml | 67 ++++++++++ .../scripts/ansible/install-docker.yml | 85 +++++++++++++ .../digitalocean/scripts/ansible/reboot.yml | 13 ++ packer/digitalocean/ubuntu.pkr.hcl | 116 ++++++++++++++++++ 4 files changed, 281 insertions(+) create mode 100644 packer/digitalocean/scripts/ansible/install-common.yml create mode 100644 packer/digitalocean/scripts/ansible/install-docker.yml create mode 100644 packer/digitalocean/scripts/ansible/reboot.yml create mode 100644 packer/digitalocean/ubuntu.pkr.hcl diff --git a/packer/digitalocean/scripts/ansible/install-common.yml b/packer/digitalocean/scripts/ansible/install-common.yml new file mode 100644 index 00000000..2ef69b80 --- /dev/null +++ b/packer/digitalocean/scripts/ansible/install-common.yml @@ -0,0 +1,67 @@ +--- +- name: Install common packages on Ubuntu + hosts: all + become: true + + tasks: + - name: Wait for apt locks to be released + ansible.builtin.shell: while fuser /var/lib/{{ item }}/lock >/dev/null 2>&1; do sleep 5; done + loop: + - dpkg + - apt/lists + - dpkg/lock-frontend + register: apt_lock_wait + changed_when: false + retries: 60 + delay: 5 + until: apt_lock_wait.rc == 0 + + - name: Remove unattended-upgrades + ansible.builtin.apt: + name: unattended-upgrades + state: absent + lock_timeout: 600 + register: remove_unattended + retries: 5 + delay: 20 + until: remove_unattended is success + + - name: Update apt package index and install common packages + ansible.builtin.apt: + name: + - build-essential + - software-properties-common + - curl + - git + - tar + - unzip + - zip + - vim + - neovim + - htop + - glances + - ncdu + state: present + lock_timeout: 600 + update_cache: true + register: install_packages + retries: 5 + delay: 20 + until: install_packages is success + + - name: Upgrade all packages + ansible.builtin.apt: + upgrade: full + autoremove: true + autoclean: true + lock_timeout: 600 + register: upgrade_packages + retries: 5 + delay: 20 + until: upgrade_packages is success + + - name: Clean up apt cache + ansible.builtin.apt: + autoclean: true + autoremove: true + changed_when: false diff --git a/packer/digitalocean/scripts/ansible/install-docker.yml b/packer/digitalocean/scripts/ansible/install-docker.yml new file mode 100644 index 00000000..d55488e5 --- /dev/null +++ b/packer/digitalocean/scripts/ansible/install-docker.yml @@ -0,0 +1,85 @@ +--- +- name: Install Docker and Docker Compose on Ubuntu + hosts: all + become: true + + vars: + docker_gpg_key_url: "https://download.docker.com/linux/ubuntu/gpg" + docker_repo_base_url: "https://download.docker.com/linux/ubuntu" + docker_arch: "{{ 'amd64' if ansible_architecture == 'x86_64' else 'arm64' if ansible_architecture == 'aarch64' else ansible_architecture }}" + docker_release: "{{ ansible_distribution_release }}" + + tasks: + - name: Wait for apt locks to be released + ansible.builtin.shell: while fuser /var/lib/{{ item }}/lock >/dev/null 2>&1; do sleep 5; done + loop: + - dpkg + - apt/lists + - dpkg/lock-frontend + register: apt_lock_wait + changed_when: false + retries: 60 + delay: 5 + until: apt_lock_wait.rc == 0 + + - name: Install prerequisites + ansible.builtin.apt: + name: + - apt-transport-https + - ca-certificates + - curl + - gnupg + - lsb-release + - python3-pip + - python3-setuptools + - software-properties-common + - virtualenv + state: present + lock_timeout: 600 + update_cache: true + register: install_prerequisites + retries: 5 + delay: 20 + until: install_prerequisites is success + + - name: Ensure /etc/apt/keyrings directory exists + ansible.builtin.file: + path: /etc/apt/keyrings + state: directory + mode: "0755" + + - name: Download Docker's GPG key + ansible.builtin.get_url: + url: "{{ docker_gpg_key_url }}" + dest: /etc/apt/keyrings/docker.asc + mode: "0644" + + - name: Add Docker repository + ansible.builtin.apt_repository: + repo: "deb [arch={{ docker_arch }} signed-by=/etc/apt/keyrings/docker.asc] {{ docker_repo_base_url }} {{ docker_release }} stable" + state: present + filename: docker + + - name: Update apt cache (after adding Docker repository) + ansible.builtin.apt: + update_cache: true + + - name: Install Docker packages + ansible.builtin.apt: + name: + - docker-ce + - docker-ce-cli + - containerd.io + - docker-buildx-plugin + - docker-compose-plugin + state: present + + # - name: Install Docker Module for Python + # ansible.builtin.pip: + # name: docker + + - name: Clean up apt cache + ansible.builtin.apt: + autoclean: true + autoremove: true + changed_when: false diff --git a/packer/digitalocean/scripts/ansible/reboot.yml b/packer/digitalocean/scripts/ansible/reboot.yml new file mode 100644 index 00000000..2feff6ea --- /dev/null +++ b/packer/digitalocean/scripts/ansible/reboot.yml @@ -0,0 +1,13 @@ +--- +- name: Reboot + hosts: all + become: true + + tasks: + - name: Reboot + ansible.builtin.reboot: + connect_timeout: 5 + reboot_timeout: 300 + pre_reboot_delay: 30 + post_reboot_delay: 180 + test_command: uptime diff --git a/packer/digitalocean/ubuntu.pkr.hcl b/packer/digitalocean/ubuntu.pkr.hcl new file mode 100644 index 00000000..77d6f65a --- /dev/null +++ b/packer/digitalocean/ubuntu.pkr.hcl @@ -0,0 +1,116 @@ +packer { + required_plugins { + digitalocean = { + version = ">= 1.4.0" + source = "github.com/digitalocean/digitalocean" + } + ansible = { + source = "github.com/hashicorp/ansible" + version = ">= 1.1.0" + } + } +} + +variable "scripts_dir" { default = "digitalocean/scripts" } + +locals { image_version = "${formatdate("YYYYMMDD.hhmm", timestamp())}" } + +variable "do_api_token" { + type = string + default = env("DO_API_TOKEN") + + validation { + condition = length(var.do_api_token) > 0 + error_message = "The DO_API_TOKEN environment variable must be set or the -var do_api_token=xxxxx must be used to set the token value." + } +} + +variable "do_size" { default = "s-2vcpu-2gb" } +variable "do_region" { default = "nyc3" } +variable "do_image" { default = "ubuntu-24-04-x64" } +variable "do_image_description" { default = "Ubuntu 24.04 LTS" } +variable "do_os_version" { default = "24.04" } +variable "do_os_flavor" { default = "ubuntu" } + +source "digitalocean" "ubuntu" { + api_token = "${var.do_api_token}" + image = var.do_image + region = var.do_region + size = var.do_size + snapshot_name = "ami-${var.do_os_flavor}-${var.do_os_version}-${local.image_version}" + ssh_username = "root" +} + +build { + name = "ubuntu" + sources = ["source.digitalocean.ubuntu"] + + provisioner "ansible" { + playbook_file = "${var.scripts_dir}/ansible/install-common.yml" + user = "root" + use_proxy = false + ansible_env_vars = [ + "ANSIBLE_HOST_KEY_CHECKING=False", + "ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3", + "ANSIBLE_STDOUT_CALLBACK=yaml" + ] + extra_arguments = [ + "-v" + ] + } + + provisioner "ansible" { + playbook_file = "${var.scripts_dir}/ansible/reboot.yml" + user = "root" + use_proxy = false + ansible_env_vars = [ + "ANSIBLE_HOST_KEY_CHECKING=False", + "ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3", + "ANSIBLE_STDOUT_CALLBACK=yaml" + ] + extra_arguments = [ + "-v" + ] + } + + provisioner "ansible" { + playbook_file = "${var.scripts_dir}/ansible/install-docker.yml" + user = "root" + use_proxy = false + ansible_env_vars = [ + "ANSIBLE_HOST_KEY_CHECKING=False", + "ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3", + "ANSIBLE_STDOUT_CALLBACK=yaml" + ] + extra_arguments = [ + "-v" + ] + } + + post-processor "manifest" { + output = "manifest.json" + strip_path = true + } + + hcp_packer_registry { + bucket_name = "digitalocean-ubuntu" + + description = <