Compare commits

...

24 Commits

Author SHA1 Message Date
Arkady L. Shane 1e4cb8ad4a
Fix builds for MSVSphere 9.5
1 week ago
Arkady L. Shane 3762083786
Do not install nfs-utils
3 months ago
Arkady L. Shane 5733756773
Revert Qemu changes
4 months ago
Arkady L. Shane 0df66bbd35
Run ovftool from packer build
4 months ago
Arkady L. Shane 4fb5123a21
Change URLs
4 months ago
Arkady L. Shane 5968f8787a
Use $Path to fine packer
4 months ago
Arkady L. Shane 6d5df6599c Merge pull request 'bug fixes' (#5) from samoylikdv/cloud-images:master into master
4 months ago
Dmitry Samoylik 63596b617d bug fixes
4 months ago
Arkady L. Shane 4e82c20900 Merge pull request 'Adding build of images for VMware vSphere environments' (#4) from samoylikdv/cloud-images:master into master
4 months ago
Dmitry Samoylik ad326bbe18 Added common script
4 months ago
Dmitry Samoylik fed5a87ab5 changed msvsphere version in url
5 months ago
Dmitry Samoylik ffd8b04b23 Adding build of images for VMware vSphere environments
5 months ago
Arkady L. Shane d7f867bb29 Merge pull request 'Various improvements for Vagrant images' (#3) from ezamriy/cloud-images:vagrant_fixes into master
5 months ago
Arkady L. Shane 4353cf0791 Merge pull request 'Freezes Packer environment configuration' (#2) from ezamriy/cloud-images:packer-1.10.0 into master
5 months ago
Arkady L. Shane 191cf6ddaf
Added unified_boot role
5 months ago
Arkady L. Shane f985a485d9
Debranding
5 months ago
Arkady L. Shane 3eaa415999
Update kickstart
5 months ago
Arkady L. Shane e362d41997
Added unified_boot role
5 months ago
Arkady L. Shane 6884e279dd
Rebase on 8.10 and 9.4
8 months ago
Arkady L. Shane 0f176bc310
Rebase on 8.10 and 9.4
8 months ago
Arkady L. Shane dcbc398e81
Added MSVSphere 8 support
10 months ago
Eugene Zamriy 1dc1b102d1
Sets anaconda language to en_US.UTF-8 in Vagrant boot command
1 year ago
Eugene Zamriy 3fef66091b
Various improvements for Vagrant images
1 year ago
Eugene Zamriy 56c7b7253a
Freezes Packer environment configuration
1 year ago

@ -18,6 +18,8 @@ $ dnf install ansible-core
```
Then follow the Packer installation [instructions](https://developer.hashicorp.com/packer/downloads?product_intent=packer).
Check the [packer-environment.pkr.hcl](packer-environment.pkr.hcl) file
for the required Packer version.
Alternatively, you can install a Packer binary from a Yandex
[mirror](https://hashicorp-releases.yandexcloud.net/packer/): just download a
@ -27,7 +29,7 @@ Verify that Packer works:
```shell
$ packer version
1.9.4
1.10.0
```
In order to install required Packer plugins run the following command in the

@ -4,5 +4,7 @@
become: true
roles:
- role: unified_boot
when: is_unified_boot is defined
- gencloud_guest
- cleanup_vm

@ -0,0 +1,9 @@
---
- name: MSVSphere OVF image
hosts: default
become: true
roles:
- upgrade_and_reboot
- role: vmware_guest
- cleanup_vm_ovf

@ -0,0 +1,3 @@
# cleanup_vm_ovf
An Ansible role that cleans-up and deprovisions a virtual machine.

@ -0,0 +1,14 @@
galaxy_info:
role_name: cleanup_vm_ovf
author: Eugene Zamriy
description: Cleans-up and deprovisions a VM
license: MIT
min_ansible_version: '2.5'
platforms:
- name: EL
versions:
- '8'
- '9'
galaxy_tags: []
dependencies: []

@ -0,0 +1,151 @@
---
- name: Remove old kernels
ansible.builtin.shell: dnf remove -y $(dnf repoquery --installonly --latest-limit=-1 -q)
- name: Delete DNF cache
ansible.builtin.command: dnf clean all
- name: Find DNF history files
ansible.builtin.find:
paths: /var/lib/dnf
patterns: "history*"
register: dnf_history
- name: Reset DNF history
ansible.builtin.file:
path: "{{ item.path }}"
state: absent
loop: "{{ dnf_history.files }}"
- name: Find temporary files
ansible.builtin.find:
file_type: any
paths:
- /tmp
- /var/tmp
patterns: '*'
register: tmp_files
- name: Remove temporary files
ansible.builtin.file:
path: "{{ item.path }}"
state: absent
loop: "{{ tmp_files.files }}"
- name: Find SSH host keys
ansible.builtin.find:
paths: /etc/ssh
patterns: '*host*key*'
register: host_keys
- name: Remove SSH host keys
ansible.builtin.file:
path: "{{ item.path }}"
state: absent
loop: "{{ host_keys.files }}"
- name: Remove kickstart files
ansible.builtin.file:
path: "{{ item }}"
state: absent
loop:
- /root/anaconda-ks.cfg
- /root/original-ks.cfg
- name: Truncate files
ansible.builtin.command: "truncate -s 0 {{ item }}"
loop:
- /etc/machine-id
- /etc/resolv.conf
- /var/log/audit/audit.log
- /var/log/wtmp
- /var/log/lastlog
- /var/log/btmp
- /var/log/cron
- /var/log/maillog
- /var/log/messages
- /var/log/secure
- /var/log/spooler
- name: Remove log folders.
ansible.builtin.file:
path: "{{ item }}"
state: absent
loop:
- /var/log/anaconda
- /var/log/qemu-ga
- /var/log/tuned
- /var/lib/cloud
- /etc/hostname
- /etc/machine-info
- /var/lib/systemd/credential.secret
- name: Find log files.
ansible.builtin.find:
paths:
- /var/log
- /var/log/sssd
patterns: '*log,*.old,*.log.gz,*.[0-9],*.gz,*-????????'
register: log_files
- name: Remove log files
ansible.builtin.file:
path: "{{ item.path }}"
state: absent
loop: "{{ log_files.files }}"
- name: Remove random-seed
ansible.builtin.file:
path: /var/lib/systemd/random-seed
state: absent
- name: Disable root SSH login via password
ansible.builtin.file:
path: /etc/ssh/sshd_config.d/01-permitrootlogin.conf
state: absent
when: ansible_facts['distribution_major_version'] == '9'
- name: Fill free space with zeroes
ansible.builtin.shell: dd if=/dev/zero of=/zeroed_file bs=1M oflag=direct || rm -f /zeroed_file
- name: Detect swap partition
ansible.builtin.command: grep -oP '^/dev/[\w-]+' /proc/swaps
register: swaps
ignore_errors: true
- name: Wipe out swap data
block:
- name: Get swap partition UUID
ansible.builtin.command: "blkid {{ swaps.stdout }} -s UUID -o value"
register: swap_blkid
- name: Unmount swap partition
ansible.builtin.command: "swapoff {{ swaps.stdout }}"
- name: Fill swap partition with zeroes
ansible.builtin.shell: "dd if=/dev/zero of={{ swaps.stdout }} bs=1M oflag=direct || /bin/true"
- name: Format swap partition
ansible.builtin.command: "mkswap -U {{ swap_blkid.stdout }} -f {{ swaps.stdout }}"
- name: Mount swap partition
ansible.builtin.command: "swapon {{ swaps.stdout }}"
when: swaps.rc == 0
- name: Sync disc
ansible.builtin.command: sync
- name: Clear shell history
ansible.builtin.shell: history -c
- name: Check if WALinuxAgent is installed
ansible.builtin.stat:
path: /usr/sbin/waagent
register: cleanup_vm_waagent
- name: Deprovision WALinuxAgent
ansible.builtin.command: waagent -deprovision+user -force
when: cleanup_vm_waagent.stat.exists
- name: Remove root password
ansible.builtin.shell: "echo root: | chpasswd"

@ -1,6 +1,7 @@
---
- name: Remove firewalld and linux-firmware
ansible.builtin.dnf:
# releasever: 9.5
name:
- firewalld
- firewalld-filesystem
@ -16,12 +17,12 @@
- name: Install additional software
ansible.builtin.dnf:
# releasever: 9.5
name:
- cockpit-system
- cockpit-ws
- dnf-utils
- gdisk
- nfs-utils
- rsync
- tar
- tuned

@ -1,5 +1,6 @@
---
- name: Install nfs-utils
ansible.builtin.dnf:
# releasever: 9.5
name: nfs-utils
state: present

@ -1,5 +1,6 @@
---
- name: Install qemu-guest-agent
ansible.builtin.dnf:
# releasever: 9.5
name: qemu-guest-agent
state: present

@ -1,5 +1,6 @@
- name: Install cloud-init
ansible.builtin.dnf:
# releasever: 9.5
name:
- cloud-init
- cloud-utils-growpart

@ -0,0 +1,44 @@
Unify Bootloader Configuration
=========
Unify bootloader configuration to support BIOS and UEFI boot at the same time.
Requirements
------------
None
Role Variables
--------------
None
Dependencies
------------
None
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- name: AlmaLinux Generic Cloud
hosts: all
become: true
roles:
- role: unified_boot
when: is_unified_boot is defined
- gencloud_guest
- cleanup_vm
License
-------
GPL-3.0-only
Author Information
------------------
Cloud Special Interest Group (Cloud SIG) of AlmaLinux OS Foundation

@ -0,0 +1,2 @@
---
unified_boot_kernel_opts: console=tty0 console=ttyS0,115200n8 no_timer_check biosdevname=0 net.ifnames=0

@ -0,0 +1,11 @@
---
galaxy_info:
author: AlmaLinux OS Cloud SIG
description: Unify bootloader configuration for BIOS and UEFI support
company: AlmaLinux OS Foundation
license: GPL-3.0-only
min_ansible_version: 2.13.9
galaxy_tags:
- unifiedboot
- bios
- uefi

@ -0,0 +1,115 @@
---
# We do this as a part on kickstart files
# - name: Install GRUB for BIOS
# ansible.builtin.dnf:
# name: grub2-pc
# state: present
# - name: Find root disk
# ansible.builtin.command:
# cmd: grub2-probe --target=disk /boot/grub2
# register: root_disk
# changed_when: false
#
# - name: Install GRUB for BIOS
# ansible.builtin.command:
# cmd: grub2-install --target=i386-pc {{ root_disk.stdout }}
# creates: /boot/grub2/i386-pc
- name: Get UUID of boot partition
ansible.builtin.command:
cmd: grub2-probe --target=fs_uuid /boot/grub2
register: boot_uuid
changed_when: false
- name: Get UUID of root partition
ansible.builtin.command:
cmd: findmnt -n -o UUID /
register: root_uuid
changed_when: false
- name: Generate GRUB2 stub configuration
ansible.builtin.template:
src: grub_cfg_stub.j2
dest: /boot/efi/EFI/msvsphere/grub.cfg
mode: "0700"
- name: Generate GRUB2 main configuration
ansible.builtin.template:
src: grub_cfg_main.j2
dest: /boot/grub2/grub.cfg
mode: "0600"
- name: Remove symlink of GRUB2 environment block
ansible.builtin.file:
path: /boot/grub2/grubenv
state: absent
- name: Remove old GRUB2 environment block on ESP
ansible.builtin.file:
path: /boot/efi/EFI/msvsphere/grubenv
state: absent
- name: Get version of installed kernel # noqa: command-instead-of-module
ansible.builtin.command:
cmd: rpm -qa --queryformat "%{VERSION}-%{RELEASE}.%{ARCH}" kernel
register: kernel_ver
changed_when: false
- name: Read machine ID
ansible.builtin.slurp:
src: /etc/machine-id
register: machine_id_base64
- name: Store machine ID
ansible.builtin.set_fact:
machine_id: "{{ machine_id_base64['content'] | b64decode | trim }}"
- name: Remove old GRUB2 environment block
ansible.builtin.file:
path: /boot/grub2/grubenv
state: absent
# The kernelopts is only needed for AlmaLinux OS 8
- name: Generate new GRUB2 environment block
ansible.builtin.command:
cmd: >
grub2-editenv -v - set
kernelopts="root=UUID={{ root_uuid.stdout }}
{{ unified_boot_kernel_opts }}"
saved_entry={{ machine_id }}-{{ kernel_ver.stdout }}
creates: /boot/grub2/grubenv
- name: Set permissions of new GRUB2 environment block
ansible.builtin.file:
path: /boot/grub2/grubenv
owner: root
group: root
mode: "0600"
# Test if the size of GRUB2 environment block is correct
- name: Get size of GRUB2 environment block
ansible.builtin.stat:
path: /boot/grub2/grubenv
register: grubenv
- name: Check if file size of GRUB2 environment block is 1024 bytes
ansible.builtin.assert:
that:
- grubenv.stat.size == 1024
fail_msg: The file size of GRUB2 environment block is not 1024 bytes
success_msg: The file size of GRUB2 environment block is 1024 bytes
# Test if grubby is able to identify absolute path of default kernel
- name: Get absolute path of default kernel using grubby
ansible.builtin.command:
cmd: grubby --default-kernel
register: default_kernel_path
changed_when: false
- name: Check if grubby can correctly identify the default kernel
ansible.builtin.assert:
that:
- default_kernel_path.stdout == "/boot/vmlinuz-" ~ kernel_ver.stdout
fail_msg: Grubby could not found the absolute path of default kernel
success_msg: Grubby correctly identify the absolute path of default kernel

@ -0,0 +1,25 @@
set timeout=0
# load the grubenv file
load_env
# selection of the next boot entry via variables 'next_entry' and
# `saved_entry` present in the 'grubenv' file. Both variables are
# set by grub tools, like grub2-reboot, grub2-set-default
if [ "${next_entry}" ] ; then
set default="${next_entry}"
set next_entry=
save_env next_entry
set boot_once=true
else
set default="${saved_entry}"
fi
search --no-floppy --set=root --fs-uuid {{ boot_uuid.stdout }}
set boot=${root}
function load_video {
insmod all_video
}
${serial}${terminal_input}${terminal_output}
blscfg

@ -0,0 +1,4 @@
search --no-floppy --fs-uuid --set=dev {{ boot_uuid.stdout }}
set prefix=($dev)/grub2
export $prefix
configfile $prefix/grub.cfg

@ -1,6 +1,7 @@
---
- name: Upgrade packages
ansible.builtin.dnf:
# releasever: 9.5
name: '*'
state: latest
register: system_upgrade

@ -1,5 +1,6 @@
---
- name: Install open-vm-tools
ansible.builtin.dnf:
# releasever: 9.5
name: open-vm-tools
state: present

@ -1,6 +1,7 @@
---
- name: Remove firewalld and linux-firmware
ansible.builtin.dnf:
# releasever: 9.5
name:
- firewalld
- firewalld-filesystem
@ -16,12 +17,12 @@
- name: Install additional software
ansible.builtin.dnf:
# releasever: 9.5
name:
- cockpit-system
- cockpit-ws
- dnf-utils
- gdisk
- nfs-utils
- rsync
- tar
- tuned

@ -9,6 +9,5 @@
when: packer_provider == 'virtualbox-iso'
- role: vmware_guest
when: packer_provider == 'vmware-iso'
- nfs_client
- vagrant_pubkey
- cleanup_vm

@ -4,5 +4,7 @@
become: true
roles:
- role: unified_boot
when: is_unified_boot is defined
- yandexcloud_guest
- cleanup_vm

@ -0,0 +1,69 @@
#!/bin/bash
PACKER_LOG_FILE='./packer.log'
SOURCES="$(for FILE in *.pkr.hcl; do cat $FILE | awk 'BEGIN{f=0} {if($1 ~ /build/ && $2 ~ /{/){f=1};if(f == 1){if($1 ~ /sources/ && $2 ~ /=/ && $3 ~ /\[/){f=2;next}};if(f == 2){if($1 ~ /\]/) {f=0}};if(f == 2){print $0}}' | sed -E 's/"//g;s/,//g;s/sources\.//g'; done)"
SOURCE=''
NO_PAKER_INIT=''
NO_PKG_INSTALL=''
# Use $PATH to find packer
PACKER='packer'
# ------------------------------------------------------------------------------
Usage()
{
cat <<EOF
Usage:
$0 -s <source name> [option]
source name:
EOF
for SRC in $SOURCES; do
echo -e "\t$SRC"
done
cat <<EOF
option:
-n - Do not run packer init;
-p - Do not packages install;
Display this help and exit:
$0 -h
EOF
}
# ------------------------------------------------------------------------------
CheckSource()
{
local INSOURCE="$1"
for SRC in $SOURCES; do
[ "X$SRC" = "X$INSOURCE" ] && return 0
done
return 1
}
while getopts "s:hnp" OPTION; do
case $OPTION in
's') SOURCE="$OPTARG" ;;
'n') NO_PAKER_INIT='Y' ;;
'p') NO_PKG_INSTALL='Y' ;;
'h') Usage; exit 0 ;;
esac
done
shift $(($OPTIND-1))
OPTIND=1
[ -z "$SOURCE" ] && { Usage; exit 1; }
CheckSource "$SOURCE" || { echo "Unknown source: $SOURCE"; exit 1; }
if [ -z "$NO_PKG_INSTALL" ]; then
if which dnf &>/dev/null; then
sudo dnf install edk2-ovmf libvirt libvirt-daemon-kvm ansible-core libnsl
fi
fi
[ -z "$NO_PAKER_INIT" ] && $PACKER init -upgrade . || exit 1
PACKER_LOG=1 $PACKER build -only=$SOURCE . 2>$PACKER_LOG_FILE || exit 1

@ -0,0 +1,73 @@
# MSVSphere OS 8 Packer template for building Generic Cloud (OpenStack compatible) images.
url --url https://rsync.inferitos.ru/msvsphere/8/BaseOS/x86_64/kickstart/
repo --name=BaseOS --baseurl=https://rsync.inferitos.ru/msvsphere/8/BaseOS/x86_64/os/
repo --name=AppStream --baseurl=https://rsync.inferitos.ru/msvsphere/8/AppStream/x86_64/os/
text
skipx
eula --agreed
firstboot --disabled
lang en_US.UTF-8
keyboard us
timezone UTC --isUtc
network --bootproto=dhcp
firewall --disabled
services --disabled="kdump" --enabled="chronyd,rsyslog,sshd"
selinux --enforcing
bootloader --timeout=1 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
%pre --erroronfail
parted -s -a optimal /dev/sda -- mklabel gpt
parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
%end
part biosboot --fstype=biosboot --onpart=sda1
part /boot/efi --fstype=efi --onpart=sda2
part /boot --fstype=xfs --onpart=sda3
part / --fstype=xfs --onpart=sda4
rootpw --plaintext msvsphere
reboot --eject
%packages
@core
grub2-pc
-biosdevname
-open-vm-tools
-plymouth
-dnf-plugin-spacewalk
-rhn*
-iprutils
-iwl*-firmware
sphere-release-identity-server
sphere-release-server
sphere-release
%end
# disable kdump service
%addon com_redhat_kdump --disable
%end
%post --erroronfail
EX_NOINPUT=66
root_disk=$(grub2-probe --target=disk /boot/grub2)
if [[ "$root_disk" =~ ^"/dev/" ]]; then
grub2-install --target=i386-pc "$root_disk"
else
exit "$EX_NOINPUT"
fi
%end

@ -0,0 +1,57 @@
# MSVSphere 8 Vagrant boxes kickstart file
# TODO: change url to the kickstart one when we have it
url --url https://rsync.inferitos.ru/msvsphere/8/BaseOS/x86_64/kickstart/
repo --name=BaseOS --baseurl=https://rsync.inferitos.ru/msvsphere/8/BaseOS/x86_64/os/
repo --name=AppStream --baseurl=https://rsync.inferitos.ru/msvsphere/8/AppStream/x86_64/os/
text
skipx
eula --agreed
firstboot --disabled
lang en_US.UTF-8
keyboard us
timezone UTC --isUtc
network --bootproto=dhcp
firewall --disabled
services --enabled=sshd
selinux --enforcing
bootloader --location=mbr
zerombr
clearpart --all --initlabel
autopart --type=plain --nohome --noboot --noswap
rootpw vagrant
user --name=vagrant --plaintext --password vagrant
reboot --eject
%packages --ignoremissing --excludedocs --instLangs=en_US.UTF-8
bzip2
tar
-microcode_ctl
-iwl*-firmware
sphere-release-identity-server
sphere-release-server
sphere-release
%end
# disable kdump service
%addon com_redhat_kdump --disable
%end
%post
# allow passwordless sudo for the vagrant user
echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
# see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
# for details about the requiretty.
sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
yum clean all
%end

@ -1,8 +1,8 @@
# MSVSphere 9 Generic Cloud image kickstart file
url --url https://repo1.msvsphere-os.ru/msvsphere/9.3/BaseOS/x86_64/kickstart/
repo --name=BaseOS --baseurl=https://repo1.msvsphere-os.ru/msvsphere/9.3/BaseOS/x86_64/os/
repo --name=AppStream --baseurl=https://repo1.msvsphere-os.ru/msvsphere/9.3/AppStream/x86_64/os/
url --url https://repo1.msvsphere-os.ru/msvsphere/9/BaseOS/x86_64/kickstart/
repo --name=BaseOS --baseurl=https://repo1.msvsphere-os.ru/msvsphere/9/BaseOS/x86_64/os/
repo --name=AppStream --baseurl=https://repo1.msvsphere-os.ru/msvsphere/9/AppStream/x86_64/os/
text
skipx
@ -25,8 +25,8 @@ bootloader --timeout=1 --location=mbr --append="console=tty0 console=ttyS0,11520
parted -s -a optimal /dev/sda -- mklabel gpt
parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 714MiB
parted -s -a optimal /dev/sda -- mkpart root xfs 714MiB 100%
parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
%end
@ -55,6 +55,8 @@ usermode
-open-vm-tools
-plymouth
-rhn*
-nfs-utils
-rpcbind
sphere-release-identity-server
sphere-release-server
sphere-release

@ -0,0 +1,65 @@
# MSVSphere 9 OVF kickstart file
# TODO: change url to the kickstart one when we have it
url --url https://repo1.msvsphere-os.ru/msvsphere/9/BaseOS/x86_64/kickstart/
repo --name=BaseOS --baseurl=https://repo1.msvsphere-os.ru/msvsphere/9/BaseOS/x86_64/os/
repo --name=AppStream --baseurl=https://repo1.msvsphere-os.ru/msvsphere/9/AppStream/x86_64/os/
text
skipx
eula --agreed
firstboot --disabled
lang C.UTF-8
keyboard us
timezone UTC --utc
network --bootproto=dhcp
firewall --enabled --service=ssh
services --disabled="kdump" --enabled="chronyd,rsyslog,sshd"
selinux --enforcing
bootloader --location=mbr
zerombr
clearpart --all --initlabel
autopart --type=plain --nohome --noboot --noswap
rootpw --plaintext msvsphere
reboot --eject
%packages --inst-langs=en
@core
bzip2
dracut-config-generic
tar
usermode
-biosdevname
-dnf-plugin-spacewalk
-dracut-config-rescue
-iprutils
-iwl*-firmware
-langpacks-*
-mdadm
-open-vm-tools
-plymouth
-rhn*
sphere-release-identity-server
sphere-release-server
sphere-release
perl
%end
# disable kdump service
%addon com_redhat_kdump --disable
%end
%post
yum clean all
# permit root login via SSH with password authentication
echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
%end

@ -1,9 +1,8 @@
# MSVSphere 9 Vagrant boxes kickstart file
# TODO: change url to the kickstart one when we have it
url --url https://rsync.inferitos.ru/msvsphere/9.3/BaseOS/x86_64/kickstart/
repo --name=BaseOS --baseurl=https://rsync.inferitos.ru/msvsphere/9.3/BaseOS/x86_64/kickstart/
repo --name=AppStream --baseurl=https://rsync.inferitos.ru/msvsphere/9.3/AppStream/x86_64/kickstart/
url --url https://repo1.msvsphere-os.ru/msvsphere/9/BaseOS/x86_64/kickstart/
repo --name=BaseOS --baseurl=https://repo1.msvsphere-os.ru/msvsphere/9/BaseOS/x86_64/os/
repo --name=AppStream --baseurl=https://repo1.msvsphere-os.ru/msvsphere/9/AppStream/x86_64/os/
text
skipx

@ -0,0 +1,58 @@
/*
* MSVSphere OS 8 Packer template for building Generic Cloud (OpenStack compatible) images.
*/
source "qemu" "msvsphere-8-gencloud-x86_64" {
iso_url = var.iso_url_8_x86_64
iso_checksum = var.iso_checksum_8_x86_64
shutdown_command = var.root_shutdown_command
accelerator = "kvm"
http_directory = var.http_directory
ssh_username = var.gencloud_ssh_username
ssh_password = var.gencloud_ssh_password
ssh_timeout = var.ssh_timeout
vnc_bind_address = var.vnc_bind_address
vnc_port_min = var.vnc_port_min
vnc_port_max = var.vnc_port_max
cpus = var.cpus
efi_firmware_code = var.uefi_ovmf_code
efi_firmware_vars = var.uefi_ovmf_vars
disk_interface = "virtio-scsi"
disk_size = var.gencloud_disk_size
disk_cache = "unsafe"
disk_discard = "unmap"
disk_detect_zeroes = "unmap"
disk_compression = true
format = "qcow2"
headless = var.headless
machine_type = "q35"
memory = var.memory
net_device = "virtio-net"
qemu_binary = var.qemu_binary
vm_name = "MSVSphere-${var.os_version_8}-${formatdate("YYYYMMDD", timestamp())}.gencloud.x86_64.qcow2"
boot_wait = var.boot_wait
boot_command = var.gencloud_boot_cmd_8_x86_64_uefi
}
build {
sources = [
"qemu.msvsphere-8-gencloud-x86_64"
]
provisioner "ansible" {
playbook_file = "ansible/gencloud.yml"
galaxy_file = "ansible/requirements.yml"
roles_path = "ansible/roles"
collections_path = "ansible/collections"
ansible_env_vars = [
"ANSIBLE_PIPELINING=True",
"ANSIBLE_REMOTE_TEMP=/tmp",
"ANSIBLE_SCP_EXTRA_ARGS=-O",
"ANSIBLE_SSH_ARGS='-o ControlMaster=no -o ControlPersist=180s -o ServerAliveInterval=120s -o TCPKeepAlive=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa'"
]
extra_arguments = [
"--extra-vars",
"is_unified_boot=true",
]
}
}

@ -0,0 +1,85 @@
/**
* Packer template for building MSVSphere 8 Vagrant boxes.
*/
source "virtualbox-iso" "msvsphere-8-vagrant-x86_64" {
iso_url = var.iso_url_8_x86_64
iso_checksum = var.iso_checksum_8_x86_64
boot_command = var.vagrant_boot_cmd_8_x86_64_bios
boot_wait = var.boot_wait
cpus = var.cpus
memory = var.memory
disk_size = var.vagrant_disk_size
headless = var.headless
http_directory = var.http_directory
guest_os_type = "RedHat_64"
shutdown_command = var.vagrant_shutdown_command
ssh_username = var.vagrant_ssh_username
ssh_password = var.vagrant_ssh_password
ssh_timeout = var.ssh_timeout
hard_drive_interface = "sata"
iso_interface = "sata"
vboxmanage = [
["modifyvm", "{{.Name}}", "--nat-localhostreachable1", "on"],
]
vboxmanage_post = [
["modifyvm", "{{.Name}}", "--memory", var.post_memory],
["modifyvm", "{{.Name}}", "--cpus", var.post_cpus]
]
}
source "vmware-iso" "msvsphere-8-vagrant-x86_64" {
iso_url = var.iso_url_8_x86_64
iso_checksum = var.iso_checksum_8_x86_64
boot_command = var.vagrant_boot_cmd_8_x86_64_bios
boot_wait = var.boot_wait
cpus = var.cpus
memory = var.memory
disk_size = var.vagrant_disk_size
headless = var.headless
http_directory = var.http_directory
guest_os_type = "centos-64"
shutdown_command = var.vagrant_shutdown_command
ssh_username = var.vagrant_ssh_username
ssh_password = var.vagrant_ssh_password
ssh_timeout = var.ssh_timeout
vmx_data = {
"cpuid.coresPerSocket" : "1"
}
vmx_data_post = {
"memsize" : var.post_memory
"numvcpus" : var.post_cpus
}
vmx_remove_ethernet_interfaces = true
}
build {
sources = [
"sources.virtualbox-iso.msvsphere-8-vagrant-x86_64",
"sources.vmware-iso.msvsphere-8-vagrant-x86_64"
]
provisioner "ansible" {
playbook_file = "ansible/vagrant.yml"
galaxy_file = "ansible/requirements.yml"
roles_path = "ansible/roles"
collections_path = "ansible/collections"
ansible_env_vars = [
"ANSIBLE_PIPELINING=True",
"ANSIBLE_REMOTE_TEMP=/tmp",
"ANSIBLE_SSH_ARGS='-o ControlMaster=no -o ControlPersist=180s -o ServerAliveInterval=120s -o TCPKeepAlive=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa'"
]
extra_arguments = [
"--extra-vars",
"packer_provider=${source.type}"
]
}
post-processors {
post-processor "vagrant" {
compression_level = "8"
output = "MSVSphere-${var.os_version_8}-${formatdate("YYYYMMDD", timestamp())}.{{.Provider}}.x86_64.box"
}
}
}

@ -0,0 +1,58 @@
/*
* MSVSphere OS 8 Packer template for building Generic Cloud (OpenStack compatible) images.
*/
source "qemu" "msvsphere-8-yandexcloud-x86_64" {
iso_url = var.iso_url_8_x86_64
iso_checksum = var.iso_checksum_8_x86_64
shutdown_command = var.root_shutdown_command
accelerator = "kvm"
http_directory = var.http_directory
ssh_username = var.gencloud_ssh_username
ssh_password = var.gencloud_ssh_password
ssh_timeout = var.ssh_timeout
vnc_bind_address = var.vnc_bind_address
vnc_port_min = var.vnc_port_min
vnc_port_max = var.vnc_port_max
cpus = var.cpus
efi_firmware_code = var.uefi_ovmf_code
efi_firmware_vars = var.uefi_ovmf_vars
disk_interface = "virtio-scsi"
disk_size = var.gencloud_disk_size
disk_cache = "unsafe"
disk_discard = "unmap"
disk_detect_zeroes = "unmap"
disk_compression = true
format = "qcow2"
headless = var.headless
machine_type = "q35"
memory = var.memory
net_device = "virtio-net"
qemu_binary = var.qemu_binary
vm_name = "MSVSphere-${var.os_version_8}-${formatdate("YYYYMMDD", timestamp())}.yandexcloud.x86_64.qcow2"
boot_wait = var.boot_wait
boot_command = var.gencloud_boot_cmd_8_x86_64_uefi
}
build {
sources = [
"qemu.msvsphere-8-yandexcloud-x86_64"
]
provisioner "ansible" {
playbook_file = "ansible/yandexcloud.yml"
galaxy_file = "ansible/requirements.yml"
roles_path = "ansible/roles"
collections_path = "ansible/collections"
ansible_env_vars = [
"ANSIBLE_PIPELINING=True",
"ANSIBLE_REMOTE_TEMP=/tmp",
"ANSIBLE_SCP_EXTRA_ARGS=-O",
"ANSIBLE_SSH_ARGS='-o ControlMaster=no -o ControlPersist=180s -o ServerAliveInterval=120s -o TCPKeepAlive=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa'"
]
extra_arguments = [
"--extra-vars",
"is_unified_boot=true",
]
}
}

@ -0,0 +1,59 @@
/**
* Packer template for building MSVSphere 9 ovf image.
*/
source "vmware-iso" "msvsphere-9-ovf-x86_64" {
vm_name = "MSVSphere-${var.os_version_9}-${formatdate("YYYYMMDD", timestamp())}.ovf.x86_64"
iso_url = var.iso_url_9_x86_64
iso_checksum = var.iso_checksum_9_x86_64
boot_command = var.ovf_boot_cmd_9_x86_64_bios
boot_wait = var.boot_wait
cpus = var.cpus
memory = var.memory
disk_size = var.vmware_disk_size
headless = var.headless
http_directory = var.http_directory
guest_os_type = "centos-64"
shutdown_command = var.root_shutdown_command
ssh_username = var.ovf_ssh_username
ssh_password = var.ovf_ssh_password
ssh_timeout = var.ssh_timeout
version = 15
vmx_data = {
"cpuid.coresPerSocket" : "1"
}
vmx_data_post = {
"memsize" : var.post_memory
"numvcpus" : var.post_cpus
}
vmx_remove_ethernet_interfaces = true
}
build {
sources = [
"sources.vmware-iso.msvsphere-9-ovf-x86_64"
]
provisioner "ansible" {
playbook_file = "ansible/ovf.yml"
galaxy_file = "ansible/requirements.yml"
roles_path = "ansible/roles"
collections_path = "ansible/collections"
ansible_env_vars = [
"ANSIBLE_PIPELINING=True",
"ANSIBLE_REMOTE_TEMP=/tmp",
"ANSIBLE_SSH_ARGS='-o ControlMaster=no -o ControlPersist=180s -o ServerAliveInterval=120s -o TCPKeepAlive=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa'"
]
extra_arguments = [
"--extra-vars",
"packer_provider=${source.type}"
]
}
post-processor "shell-local"{
inline = ["rm -rf vmware-iso.msvsphere-9-ovf-x86_64_ovf",
"mkdir vmware-iso.msvsphere-9-ovf-x86_64_ovf",
"/usr/lib/vmware-ovftool/ovftool --machineOutput --X:logFile=./ovftool.log --X:logLevel=verbose --exportFlags=extraconfig --allowExtraConfig --X:vCloudEnableGuestCustomization ./output-msvsphere-9-ovf-x86_64/MSVSphere-${var.os_version_9}-${formatdate("YYYYMMDD", timestamp())}.ovf.x86_64.vmx ./vmware-iso.msvsphere-9-ovf-x86_64_ovf"
]
}
}

@ -0,0 +1,30 @@
packer {
required_version = "= 1.11.2"
required_plugins {
ansible = {
version = "= 1.1.1"
source = "github.com/hashicorp/ansible"
}
qemu = {
version = "= 1.0.10"
source = "github.com/hashicorp/qemu"
}
vagrant = {
version = "= 1.1.1"
source = "github.com/hashicorp/vagrant"
}
virtualbox = {
version = "= 1.0.5"
source = "github.com/hashicorp/virtualbox"
}
vmware = {
version = "= 1.0.8"
source = "github.com/hashicorp/vmware"
}
}
}

@ -5,20 +5,38 @@
variable "os_version_9" {
description = "The target MSVSphere 9 version"
type = string
default = "9.3"
default = "9.5"
}
variable "os_version_8" {
description = "The target MSVSphere 8 version"
type = string
default = "8.10"
}
// TODO: switch to the boot ISO on production
variable "iso_url_9_x86_64" {
description = "MSVSphere 9 x86_64 installation ISO URL"
type = string
default = "https://repo1.msvsphere-os.ru/msvsphere/9/isos/x86_64/MSVSphere-9.3-x86_64-netinstall.iso"
default = "https://repo1.msvsphere-os.ru/msvsphere/9/isos/x86_64/MSVSphere-9.5-x86_64-netinstall.iso"
}
variable "iso_url_8_x86_64" {
description = "MSVSphere 8 x86_64 installation ISO URL"
type = string
default = "https://rsync.inferitos.ru/msvsphere/8/isos/x86_64/MSVSphere-8.10-x86_64-netinstall.iso"
}
variable "iso_checksum_9_x86_64" {
description = "MSVSphere 9 x86_64 installation ISO checksum"
type = string
default = "file:https://repo1.msvsphere-os.ru/msvsphere/9/isos/x86_64/MSVSphere-9.3-x86_64-netinstall.iso.CHECKSUM"
default = "file:https://repo1.msvsphere-os.ru/msvsphere/9/isos/x86_64/MSVSphere-9.5-x86_64-netinstall.iso.CHECKSUM"
}
variable "iso_checksum_8_x86_64" {
description = "MSVSphere 8 x86_64 installation ISO checksum"
type = string
default = "file:https://rsync.inferitos.ru/msvsphere/8/isos/x86_64/MSVSphere-8.10-x86_64-netinstall.iso.CHECKSUM"
}
variable "headless" {
@ -109,12 +127,22 @@ variable "vagrant_boot_cmd_9_x86_64_bios" {
description = "The boot command for x86_64 VMs in a BIOS mode"
type = list(string)
default = [
"<tab> inst.text inst.gpt ",
"<up><wait><tab> inst.text inst.gpt inst.lang=en_US.UTF-8 ",
"inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/msvsphere-9-vagrant.x86_64.ks",
"<enter><wait>"
]
}
variable "vagrant_boot_cmd_8_x86_64_bios" {
description = "The boot command for x86_64 VMs in a BIOS mode"
type = list(string)
default = [
"<tab> inst.text inst.gpt ",
"inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/msvsphere-8-vagrant.x86_64.ks",
"<enter><wait>"
]
}
variable "vagrant_ssh_username" {
description = "A login to use for SSH authentication"
type = string
@ -157,7 +185,7 @@ variable "vnc_port_max" {
variable "gencloud_disk_size" {
description = "The VM disk size"
type = string
default = "10G"
default = "11G"
}
variable "gencloud_boot_cmd_9_x86_64_uefi" {
@ -167,7 +195,7 @@ variable "gencloud_boot_cmd_9_x86_64_uefi" {
"c<wait>",
"linuxefi",
" /images/pxeboot/vmlinuz",
" inst.stage2=hd:LABEL=MSVSphere-9-3-BaseOS-x86_64 ro",
" inst.stage2=hd:LABEL=MSVSphere-9-5-BaseOS-x86_64 ro",
" inst.text biosdevname=0 net.ifnames=0",
" inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/msvsphere-9-gencloud.x86_64.ks",
"<enter>",
@ -177,6 +205,23 @@ variable "gencloud_boot_cmd_9_x86_64_uefi" {
]
}
variable "gencloud_boot_cmd_8_x86_64_uefi" {
description = "The boot command for x86_64 VMs in UEFI mode"
type = list(string)
default = [
"c<wait>",
"linuxefi",
" /images/pxeboot/vmlinuz",
" inst.stage2=hd:LABEL=MSVSphere-8-10-BaseOS-x86_64 ro",
" inst.text biosdevname=0 net.ifnames=0",
" inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/msvsphere-8-gencloud.x86_64.ks",
"<enter>",
"initrdefi /images/pxeboot/initrd.img",
"<enter>",
"boot<enter><wait>"
]
}
variable "gencloud_ssh_username" {
description = "A login to use for SSH authentication"
type = string
@ -188,3 +233,35 @@ variable "gencloud_ssh_password" {
type = string
default = "msvsphere"
}
/**
* OVF-specific settings.
*/
variable "vmware_disk_size" {
description = "The VM disk size in megabytes"
type = number
default = 20000
}
variable "ovf_boot_cmd_9_x86_64_bios" {
description = "The boot command for x86_64 VMs in a BIOS mode"
type = list(string)
default = [
"<tab> inst.text inst.gpt ",
"inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/msvsphere-9-ovf.x86_64.ks",
"<enter><wait>"
]
}
variable "ovf_ssh_username" {
description = "A login to use for SSH authentication"
type = string
default = "root"
}
variable "ovf_ssh_password" {
description = "A password to use for SSH authentication"
type = string
default = "msvsphere"
}

Loading…
Cancel
Save