背景
通过历史模版克隆,再进行调整,虽然时间上节约了一些,但是依然存在以下的挑战:
- 虚拟机磁盘分区的调整难,这会导致大量的磁盘资源浪费;
- 模版补丁更新不及时,管理员很难做到每周/月更新一次模版,导致模版克隆出来的机器存在大量漏洞;
- 模版包含大量无用组件,为适应多种应用的环境,一般模版中会包含大量各应用无关的组件,带来潜在的风险;
- 二次修改带来的不稳定性,如果在克隆后的模版中再进行修改,稳定性会产生影响;
- 在“自动化”的背景下,CI/CD会基于模版进行自动化部署或伸缩,模版的更新不仅仅包含操作系统,还包含应用在内。
- 基于以上的分析,企业需要具备一个“自动化”的模版管理工具,实现模版自动化构建和声明式定义,以释放管理员的重复性工作,同时,也是企业向DevOps转型的储备,进而加速企业信息化建设步伐。
Packer是HashiCorp推出的一款工具,旨在提供简易的方式自动化构建镜像。通过Packer,你只需要在配置文件中指明镜像构建所需的基本信息及期望安装到镜像中的软件及配置,即可通过自动化脚本构建所需的镜像。由于构建镜像的过程被固化成了配置文件,每一个步骤都清晰可见易于回溯,无需担心多次构建得到的镜像存在不一致。且镜像构建配置化后,将为测试和更新镜像带来极大的便利,大大降低运维和管理镜像的成本。
Packer是一个从单一的模板文件来创建多平台一致性镜像的轻量级开源工具,它能够运行在常用的主流操作系统如Windows、Linux和Mac os上,能够高效的并行创建多平台例如AWS、Azure和Alicloud的镜像,它的目的并不是取代Puppet/Chef等配置管理工具,实际上,当制作镜像的时候,Packer可以使用Chef或者Puppet等工具来安装镜像所需要的软件。
概念
Builders
https://www.packer.io/docs/builders
Builders are responsible for creating machines and generating images from them for various platforms. For example, there are separate builders for EC2, VMware, VirtualBox, etc. Packer comes with many builders by default, and can also be extended to add new builders.
Provisioners
https://www.packer.io/docs/provisioners
Provisioners use builtin and third-party software to install and configure the machine image after booting. Provisioners prepare the system for use, so common use cases for provisioners include:
installing packages
patching the kernel
creating users
downloading application code
Post-processors
https://www.packer.io/docs/post-processors
Post-processors run after the image is built by the builder and provisioned by the provisioner(s). Post-processors are optional, and they can be used to upload artifacts, re-package, or more.
执行步骤
https://hub.fastgit.org/boxcutter 这里的centos的一个概要分析
明细的例子在这基础上注释的在vmware workstation上安装centos的例子
https://gitee.com/wushifeng/devops/blob/master/packer/vmware/centos7/centos7.pkr.hcl
kickstart
https://www.packer.io/docs/builders/vmware/iso
Packer will create an http server serving http_directory when it is set, a random free port will be selected and the architecture of the directory referenced will be available in your builder.
Example usage from a builder:
wget http://{{ .HTTPIP }}:{{ .HTTPPort }}/foo/bar/preseed.cfg
启动通过boot_command传入kickstart
source “vmware-iso” “vmware” {
boot_command = [“
【 https://blog.csdn.net/weixin_42758707/article/details/94738936 可以参考这个文档中说的GUI界面上生成个这个kickstart文件 】
主要是这一节
%packages —ignoremissing
@core 软件包组
nfs-utils 软件包
-fprintd-pam 不安装的软件包
provisioner “shell”
post-processor “vagrant”
参考日志
export PACKER_LOG=1
export PACKER_LOG_PATH=packer.log
packer build -force -only vmware-iso.vmware -var vagrantfile_template=”” -var headless=true centos7.pkr.hcl
如何找kickstart
2021/03/02 13:52:18 packer-builder-vmware-iso plugin: Executing: /usr/bin/vmrun -T ws start output-centos7-vmware-iso/centos7.vmx nogui
2021/03/02 13:52:19 packer-builder-vmware-iso plugin: stdout:
2021/03/02 13:52:19 packer-builder-vmware-iso plugin: stderr:
2021/03/02 13:52:19 ui: [1;32m==> vmware-iso.vmware: Connecting to VNC…[0m
2021/03/02 13:52:19 ui: [1;32m==> vmware-iso.vmware: Waiting 10s for boot…[0m
2021/03/02 13:52:29 ui: [1;32m==> vmware-iso.vmware: Typing the boot command over VNC…[0m
2021/03/02 13:52:29 packer-builder-vmware-iso plugin: Special code ‘
2021/03/02 13:52:29 packer-builder-vmware-iso plugin: [INFO] Waiting 1s
2021/03/02 13:52:30 packer-builder-vmware-iso plugin: Special code ‘
2021/03/02 13:52:30 packer-builder-vmware-iso plugin: Sending char ‘ ‘, code 0x20, shift false
2021/03/02 13:52:30 packer-builder-vmware-iso plugin: Sending char ‘t’, code 0x74, shift false
2021/03/02 13:52:30 packer-builder-vmware-iso plugin: Sending char ‘e’, code 0x65, shift false
2021/03/02 13:52:31 packer-builder-vmware-iso plugin: Sending char ‘x’, code 0x78, shift false
2021/03/02 13:52:31 packer-builder-vmware-iso plugin: Sending char ‘t’, code 0x74, shift false
2021/03/02 13:52:31 packer-builder-vmware-iso plugin: Sending char ‘ ‘, code 0x20, shift false
2021/03/02 13:52:31 packer-builder-vmware-iso plugin: Sending char ‘k’, code 0x6B, shift false
2021/03/02 13:52:31 packer-builder-vmware-iso plugin: Sending char ‘s’, code 0x73, shift false
2021/03/02 13:52:32 packer-builder-vmware-iso plugin: Sending char ‘=’, code 0x3D, shift false
2021/03/02 13:52:32 packer-builder-vmware-iso plugin: Sending char ‘h’, code 0x68, shift false
网络和ssh/scp
2021/03/02 13:52:38 packer-builder-vmware-iso plugin: GuestIP discovered device matching nat: vmnet8
2021/03/02 13:56:41 packer-builder-vmware-iso plugin: Located networkmapper configuration file using Workstation: /etc/vmware/netmap.conf
2021/03/02 13:56:41 packer-builder-vmware-iso plugin: GuestIP discovered device matching nat: vmnet8
2021/03/02 13:56:41 packer-builder-vmware-iso plugin: Lookup up IP information…
2021/03/02 13:56:41 packer-builder-vmware-iso plugin: GuestAddress found MAC address in VMX: 00:0c:29:b7:8c:bf
2021/03/02 13:56:41 packer-builder-vmware-iso plugin: Trying DHCP leases path: /etc/vmware/vmnet8/dhcpd/dhcpd.leases
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: Detected IP: 172.16.37.129
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [INFO] Attempting SSH connection to 172.16.37.129:22…
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [DEBUG] reconnecting to TCP connection for SSH
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [DEBUG] handshaking with SSH
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [DEBUG] handshake complete!
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [DEBUG] Opening new ssh session
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [INFO] agent forwarding enabled
2021/03/02 13:56:57 ui: [1;32m==> vmware-iso.vmware: Connected to SSH![0m
2021/03/02 13:56:57 ui: [1;32m==> vmware-iso.vmware: Uploading the ‘linux’ VMware Tools[0m
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [DEBUG] Opening new ssh session
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [DEBUG] Starting remote scp process: scp -vt .
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [DEBUG] Started SCP session, beginning transfers…
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [DEBUG] Copying input data into temporary file so we can read the length
2021/03/02 13:56:57 packer-builder-vmware-iso plugin: [DEBUG] scp: Uploading linux.iso: perms=C0644 size=57602048
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] SCP session complete, closing stdin pipe.
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] Waiting for SSH session to complete.
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] scp stderr (length 31): Sink: C0644 57602048 linux.iso
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: Running the provision hook
2021/03/02 13:56:58 [INFO] (telemetry) Starting provisioner shell
2021/03/02 13:56:58 ui: [1;32m==> vmware-iso.vmware: Provisioning with shell script: script/update.sh[0m
2021/03/02 13:56:58 packer-provisioner-shell plugin: Opening script/update.sh for reading
2021/03/02 13:56:58 packer-provisioner-shell plugin: [INFO] 211 bytes written for ‘uploadData’
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] Opening new ssh session
2021/03/02 13:56:58 [INFO] 211 bytes written for ‘uploadData’
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] Starting remote scp process: scp -vt /tmp
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] Started SCP session, beginning transfers…
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] Copying input data into temporary file so we can read the length
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] scp: Uploading script_4481.sh: perms=C0644 size=211
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] SCP session complete, closing stdin pipe.
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] Waiting for SSH session to complete.
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] scp stderr (length 31): Sink: C0644 211 script_4481.sh
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] Opening new ssh session
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] starting remote command: chmod 0755 /tmp/script_4481.sh
2021/03/02 13:56:58 [INFO] RPC client: Communicator ended with: 0
2021/03/02 13:56:58 [INFO] RPC endpoint: Communicator ended with: 0
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [INFO] RPC endpoint: Communicator ended with: 0
2021/03/02 13:56:58 packer-provisioner-shell plugin: [INFO] RPC client: Communicator ended with: 0
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] Opening new ssh session
2021/03/02 13:56:58 packer-builder-vmware-iso plugin: [DEBUG] starting remote command: echo ‘vagrant’ | CLEANUP_BUILD_TOOLS=’false’ DESKTOP=’false’ INSTALL_VAGRANT_KEY=’true’ PACKER_BUILDER_TYPE=’vmware-iso’ PACKER_BUILD_NAME=’vmware’ PACKER_HTTP_ADDR=’172.16.37.1:8595’ PACKER_HTTP_IP=’172.16.37.1’ PACKER_HTTP_PORT=’8595’ SSH_PASSWORD=’vagrant’ SSH_USERNAME=’vagrant’ UPDATE=’false’ ftp_proxy=’’ http_proxy=’’ https_proxy=’’ no_proxy=’’ rsync_proxy=’’ sudo -E -S bash ‘/tmp/script_4481.sh’
2021/03/02 13:56:59 packer-builder-vmware-iso plugin: [DEBUG] starting remote command: echo ‘vagrant’ | CLEANUP_BUILD_TOOLS=’false’ DESKTOP=’false’ INSTALL_VAGRANT_KEY=’true’ PACKER_BUILDER_TYPE=’vmware-iso’ PACKER_BUILD_NAME=’vmware’ PACKER_HTTP_ADDR=’172.16.37.1:8595’ PACKER_HTTP_IP=’172.16.37.1’ PACKER_HTTP_PORT=’8595’ SSH_PASSWORD=’vagrant’ SSH_USERNAME=’vagrant’ UPDATE=’false’ ftp_proxy=’’ http_proxy=’’ https_proxy=’’ no_proxy=’’ rsync_proxy=’’ sudo -E -S bash ‘/tmp/script_2201.sh’
参考地址
https://www.packer.io/docs
https://github.com/hashicorp/packer
https://hub.fastgit.org/boxcutter
Tip
文件扩展名 pkr.hcl https://marketplace.visualstudio.com/items?itemName=4ops.packer 这个vscode扩展可以高亮编辑
json转换成hcl格式
#升级下hcl格式的更可读 需要人工核对下,有的不兼容性需要调整
packer hcl2_upgrade -output-file=centos7/centos7.pkr.hcl boxcutter/centos.json
启用日志构建镜像
export PACKER_LOG=1
export PACKER_LOG_PATH=packer.log
packer build -force -only vmware-iso.vmware -var vagrantfile_template=”” -var headless=true centos7.pkr.hcl
若有收获,就点个赞吧
0 人点赞
