Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(packer): add configs for DigitalOcean #912

Merged
merged 1 commit into from
Oct 21, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
67 changes: 67 additions & 0 deletions packer/digitalocean/scripts/ansible/install-common.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
---
- name: Install common packages on Ubuntu
hosts: all
become: true

tasks:
- name: Wait for apt locks to be released
ansible.builtin.shell: while fuser /var/lib/{{ item }}/lock >/dev/null 2>&1; do sleep 5; done
loop:
- dpkg
- apt/lists
- dpkg/lock-frontend
register: apt_lock_wait
changed_when: false
retries: 60
delay: 5
until: apt_lock_wait.rc == 0

- name: Remove unattended-upgrades
ansible.builtin.apt:
name: unattended-upgrades
state: absent
lock_timeout: 600
register: remove_unattended
retries: 5
delay: 20
until: remove_unattended is success

- name: Update apt package index and install common packages
ansible.builtin.apt:
name:
- build-essential
- software-properties-common
- curl
- git
- tar
- unzip
- zip
- vim
- neovim
- htop
- glances
- ncdu
state: present
lock_timeout: 600
update_cache: true
register: install_packages
retries: 5
delay: 20
until: install_packages is success

- name: Upgrade all packages
ansible.builtin.apt:
upgrade: full
autoremove: true
autoclean: true
lock_timeout: 600
register: upgrade_packages
retries: 5
delay: 20
until: upgrade_packages is success

- name: Clean up apt cache
ansible.builtin.apt:
autoclean: true
autoremove: true
changed_when: false
85 changes: 85 additions & 0 deletions packer/digitalocean/scripts/ansible/install-docker.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
---
- name: Install Docker and Docker Compose on Ubuntu
hosts: all
become: true

vars:
docker_gpg_key_url: "https://download.docker.com/linux/ubuntu/gpg"
docker_repo_base_url: "https://download.docker.com/linux/ubuntu"
docker_arch: "{{ 'amd64' if ansible_architecture == 'x86_64' else 'arm64' if ansible_architecture == 'aarch64' else ansible_architecture }}"
docker_release: "{{ ansible_distribution_release }}"

tasks:
- name: Wait for apt locks to be released
ansible.builtin.shell: while fuser /var/lib/{{ item }}/lock >/dev/null 2>&1; do sleep 5; done
loop:
- dpkg
- apt/lists
- dpkg/lock-frontend
register: apt_lock_wait
changed_when: false
retries: 60
delay: 5
until: apt_lock_wait.rc == 0

- name: Install prerequisites
ansible.builtin.apt:
name:
- apt-transport-https
- ca-certificates
- curl
- gnupg
- lsb-release
- python3-pip
- python3-setuptools
- software-properties-common
- virtualenv
state: present
lock_timeout: 600
update_cache: true
register: install_prerequisites
retries: 5
delay: 20
until: install_prerequisites is success

- name: Ensure /etc/apt/keyrings directory exists
ansible.builtin.file:
path: /etc/apt/keyrings
state: directory
mode: "0755"

- name: Download Docker's GPG key
ansible.builtin.get_url:
url: "{{ docker_gpg_key_url }}"
dest: /etc/apt/keyrings/docker.asc
mode: "0644"

- name: Add Docker repository
ansible.builtin.apt_repository:
repo: "deb [arch={{ docker_arch }} signed-by=/etc/apt/keyrings/docker.asc] {{ docker_repo_base_url }} {{ docker_release }} stable"
state: present
filename: docker

- name: Update apt cache (after adding Docker repository)
ansible.builtin.apt:
update_cache: true

- name: Install Docker packages
ansible.builtin.apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
state: present

# - name: Install Docker Module for Python
# ansible.builtin.pip:
# name: docker

- name: Clean up apt cache
ansible.builtin.apt:
autoclean: true
autoremove: true
changed_when: false
13 changes: 13 additions & 0 deletions packer/digitalocean/scripts/ansible/reboot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
---
- name: Reboot
hosts: all
become: true

tasks:
- name: Reboot
ansible.builtin.reboot:
connect_timeout: 5
reboot_timeout: 300
pre_reboot_delay: 30
post_reboot_delay: 180
test_command: uptime
116 changes: 116 additions & 0 deletions packer/digitalocean/ubuntu.pkr.hcl
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@
packer {
required_plugins {
digitalocean = {
version = ">= 1.4.0"
source = "github.com/digitalocean/digitalocean"
}
ansible = {
source = "github.com/hashicorp/ansible"
version = ">= 1.1.0"
}
}
}

variable "scripts_dir" { default = "digitalocean/scripts" }

locals { image_version = "${formatdate("YYYYMMDD.hhmm", timestamp())}" }

variable "do_api_token" {
type = string
default = env("DO_API_TOKEN")

validation {
condition = length(var.do_api_token) > 0
error_message = "The DO_API_TOKEN environment variable must be set or the -var do_api_token=xxxxx must be used to set the token value."
}
}

variable "do_size" { default = "s-2vcpu-2gb" }
variable "do_region" { default = "nyc3" }
variable "do_image" { default = "ubuntu-24-04-x64" }
variable "do_image_description" { default = "Ubuntu 24.04 LTS" }
variable "do_os_version" { default = "24.04" }
variable "do_os_flavor" { default = "ubuntu" }

source "digitalocean" "ubuntu" {
api_token = "${var.do_api_token}"
image = var.do_image
region = var.do_region
size = var.do_size
snapshot_name = "ami-${var.do_os_flavor}-${var.do_os_version}-${local.image_version}"
ssh_username = "root"
}

build {
name = "ubuntu"
sources = ["source.digitalocean.ubuntu"]

provisioner "ansible" {
playbook_file = "${var.scripts_dir}/ansible/install-common.yml"
user = "root"
use_proxy = false
ansible_env_vars = [
"ANSIBLE_HOST_KEY_CHECKING=False",
"ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3",
"ANSIBLE_STDOUT_CALLBACK=yaml"
]
extra_arguments = [
"-v"
]
}

provisioner "ansible" {
playbook_file = "${var.scripts_dir}/ansible/reboot.yml"
user = "root"
use_proxy = false
ansible_env_vars = [
"ANSIBLE_HOST_KEY_CHECKING=False",
"ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3",
"ANSIBLE_STDOUT_CALLBACK=yaml"
]
extra_arguments = [
"-v"
]
}

provisioner "ansible" {
playbook_file = "${var.scripts_dir}/ansible/install-docker.yml"
user = "root"
use_proxy = false
ansible_env_vars = [
"ANSIBLE_HOST_KEY_CHECKING=False",
"ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3",
"ANSIBLE_STDOUT_CALLBACK=yaml"
]
extra_arguments = [
"-v"
]
}

post-processor "manifest" {
output = "manifest.json"
strip_path = true
}

hcp_packer_registry {
bucket_name = "digitalocean-ubuntu"

description = <<EOT
An Ubuntu LTS - Server image with Docker installed.
EOT

bucket_labels = {
"do_size" = var.do_size
"do_region" = var.do_region
"os_flavor" = var.do_os_flavor
"os_version" = var.do_os_version
}

build_labels = {
"os_ami_id" = "ami-${var.do_os_flavor}-${var.do_os_version}-${local.image_version}"
"os_base_image" = var.do_image
"os_flavor" = var.do_os_flavor
"os_version" = var.do_os_version
}
}
}