ezamriy
/
cloud-images
forked from msvsphere/cloud-images
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added configuration for Yandex Cloud

Browse Source 
We should add /etc/cloud/cloud.cfg.d/00_Ec2.cfg:

  ---
  datasource:
   Ec2:
    strict_id: false
  ---

  This will fix cloud-init start:
  https://cloud.yandex.ru/docs/compute/operations/image-create/custom-image#ec2
netinst-debug-docs
Arkady L. Shane 1 year ago
parent 3654dd02f2
commit 38c6161ee2
Signed by untrusted user: tigro
GPG Key ID: 9C7900103E1C4F8B
7 changed files with 218 additions and 0 deletions
Show Stats Download Patch File Download Diff File

3
ansible/roles/yandexcloud_guest/README.md
Unescape View File

@ -0,0 +1,3 @@
# yandexcoud_guest
An Ansible role that configures an MSVSphere Yandex Cloud image system.

3
ansible/roles/yandexcloud_guest/files/00_Ec2.cfg
Unescape View File

@ -0,0 +1,3 @@
datasource:
Ec2:
strict_id: false

9
ansible/roles/yandexcloud_guest/files/ifcfg-eth0
Unescape View File

@ -0,0 +1,9 @@
TYPE=Ethernet
DEVICE=eth0
BOOTPROTO=dhcp
PERSISTENT_DHCLIENT=1
IPV6INIT=yes
IPV6_FAILURE_FATAL=no
PEERDNS=yes
USERCTL=yes
ONBOOT=yes

7
ansible/roles/yandexcloud_guest/meta/main.yml
Unescape View File

@ -0,0 +1,7 @@
---
dependencies:
- role: disable_firstboot
- role: setup_cloud_init
cloud_init_user: 'msvsphere'
- role: pvgrub_config
- role: qemu_guest_agent

132
ansible/roles/yandexcloud_guest/tasks/main.yml
Unescape View File

@ -0,0 +1,132 @@
---
- name: Remove firewalld and linux-firmware
ansible.builtin.dnf:
name:
- firewalld
- firewalld-filesystem
- ipset
- ipset-libs
- iptables
- python3-firewall
- python3-slip
- libnftnl
- libnfnetlink
- linux-firmware
state: absent
- name: Install additional software
ansible.builtin.dnf:
name:
- cockpit-system
- cockpit-ws
- dnf-utils
- gdisk
- nfs-utils
- rsync
- tar
- tuned
- tcpdump
state: present
- name: Find persistent-net.rules
ansible.builtin.find:
paths: /etc/udev/rules.d
patterns: 70*
register: net_rules
- name: Delete persistent-net.rules
ansible.builtin.file:
path: "{{ item.path }}"
state: absent
with_items: "{{ net_rules.files }}"
- name: Configure /etc/sysconfig/network
ansible.builtin.lineinfile:
path: /etc/sysconfig/network
line: "{{ item }}"
with_items:
- NETWORKING=yes
- NOZEROCONF=yes
- name: Configure /etc/sysconfig/network-scripts/ifcfg-eth0
ansible.builtin.copy:
src: ifcfg-eth0
dest: /etc/sysconfig/network-scripts/ifcfg-eth0
owner: root
group: root
mode: 0644
- name: Configure /etc/cloud/cloud.cfg.d/00_Ec2.cfg
ansible.builtin.copy:
src: 00_Ec2.cfg
dest: /etc/cloud/cloud.cfg.d/00_Ec2.cfg
owner: root
group: root
mode: 0644
- name: Disable consistent network device naming
ansible.builtin.file:
src: /dev/null
dest: /etc/udev/rules.d/80-net-name-slot.rules
owner: root
group: root
state: link
- name: Disable virtual terminals allocation by logind
ansible.builtin.replace:
path: '/etc/systemd/logind.conf'
regexp: '^#?NAutoVTs=\d+'
replace: 'NAutoVTs=0'
- name: Configure NetworkManager default DHCP timeout
community.general.ini_file:
path: /etc/NetworkManager/conf.d/dhcp.conf
section: connection
option: ipv4.dhcp-timeout
value: 300
owner: root
group: root
mode: 0644
seuser: system_u
- name: Set default kernel package type to kernel
ansible.builtin.replace:
path: /etc/sysconfig/kernel
regexp: '^(DEFAULTKERNEL=).*$'
replace: '\1kernel'
# https://bugzilla.redhat.com/show_bug.cgi?id=1849082#c7
- name: Enable Xen support
block:
- name: Enable xen drivers in dracut
ansible.builtin.lineinfile:
path: /etc/dracut.conf.d/xen.conf
line: 'add_drivers+=" xen-netfront xen-blkfront "'
create: true
owner: root
group: root
mode: 0644
- name: Upgrade initramfs
ansible.builtin.command: dracut -f --regenerate-all
when: ansible_facts['architecture'] == 'x86_64'
- name: Add msvsphere user to /etc/sudoers
ansible.builtin.lineinfile:
path: /etc/sudoers
line: "msvsphere\tALL=(ALL)\tNOPASSWD: ALL"
state: present
- name: Set virtual-guest as default profile for tuned
ansible.builtin.lineinfile:
path: /etc/tuned/active_profile
line: virtual-guest
create: yes
- name: Regenerate the initramfs
ansible.builtin.command: dracut -f --regenerate-all
- name: Disable root login
ansible.builtin.user:
name: root
password: '!!'

8
ansible/yandexcloud.yml
Unescape View File

@ -0,0 +1,8 @@
---
- name: MSVSphere Yandex Cloud image
hosts: default
become: true
roles:
- yandexcloud_guest
- cleanup_vm

56
msvsphere-9-yandexcloud.pkr.hcl
Unescape View File

@ -0,0 +1,56 @@
/**
* Packer template for building MSVSphere 9 Yandex Cloud images.
*/
source "qemu" "msvsphere-9-yandexcloud-x86_64" {
iso_url = var.iso_url_9_x86_64
iso_checksum = var.iso_checksum_9_x86_64
boot_command = var.gencloud_boot_cmd_9_x86_64_uefi
boot_wait = var.boot_wait
cpus = var.cpus
memory = var.memory
disk_size = var.gencloud_disk_size
headless = var.headless
http_directory = var.http_directory
shutdown_command = var.root_shutdown_command
ssh_username = var.gencloud_ssh_username
ssh_password = var.gencloud_ssh_password
ssh_timeout = var.ssh_timeout
vnc_bind_address = var.vnc_bind_address
accelerator = "kvm"
efi_firmware_code = var.uefi_ovmf_code
efi_firmware_vars = var.uefi_ovmf_vars
disk_interface = "virtio-scsi"
disk_cache = "unsafe"
disk_discard = "unmap"
disk_detect_zeroes = "unmap"
disk_compression = true
format = "qcow2"
machine_type = "q35"
net_device = "virtio-net"
qemu_binary = var.qemu_binary
vm_name = "MSVSphere-${var.os_version_9}-${formatdate("YYYYMMDD", timestamp())}.yandexcloud.x86_64.qcow2"
qemuargs = [
["-cpu", "host"]
]
}
build {
sources = [
"qemu.msvsphere-9-yandexcloud-x86_64"
]
provisioner "ansible" {
playbook_file = "ansible/yandexcloud.yml"
galaxy_file = "ansible/requirements.yml"
roles_path = "ansible/roles"
collections_path = "ansible/collections"
ansible_env_vars = [
"ANSIBLE_PIPELINING=True",
"ANSIBLE_REMOTE_TEMP=/tmp",
"ANSIBLE_SSH_ARGS='-o ControlMaster=no -o ControlPersist=180s -o ServerAliveInterval=120s -o TCPKeepAlive=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa'"
]
extra_arguments = ["--scp-extra-args", "'-O'"]
}
}
Write Preview
Loading…
Cancel
Save