We should add /etc/cloud/cloud.cfg.d/00_Ec2.cfg: --- datasource: Ec2: strict_id: false --- This will fix cloud-init start: https://cloud.yandex.ru/docs/compute/operations/image-create/custom-image#ec2pull/1/head
parent
3654dd02f2
commit
38c6161ee2
@ -0,0 +1,3 @@
|
||||
# yandexcoud_guest
|
||||
|
||||
An Ansible role that configures an MSVSphere Yandex Cloud image system.
|
@ -0,0 +1,3 @@
|
||||
datasource:
|
||||
Ec2:
|
||||
strict_id: false
|
@ -0,0 +1,9 @@
|
||||
TYPE=Ethernet
|
||||
DEVICE=eth0
|
||||
BOOTPROTO=dhcp
|
||||
PERSISTENT_DHCLIENT=1
|
||||
IPV6INIT=yes
|
||||
IPV6_FAILURE_FATAL=no
|
||||
PEERDNS=yes
|
||||
USERCTL=yes
|
||||
ONBOOT=yes
|
@ -0,0 +1,7 @@
|
||||
---
|
||||
dependencies:
|
||||
- role: disable_firstboot
|
||||
- role: setup_cloud_init
|
||||
cloud_init_user: 'msvsphere'
|
||||
- role: pvgrub_config
|
||||
- role: qemu_guest_agent
|
@ -0,0 +1,132 @@
|
||||
---
|
||||
- name: Remove firewalld and linux-firmware
|
||||
ansible.builtin.dnf:
|
||||
name:
|
||||
- firewalld
|
||||
- firewalld-filesystem
|
||||
- ipset
|
||||
- ipset-libs
|
||||
- iptables
|
||||
- python3-firewall
|
||||
- python3-slip
|
||||
- libnftnl
|
||||
- libnfnetlink
|
||||
- linux-firmware
|
||||
state: absent
|
||||
|
||||
- name: Install additional software
|
||||
ansible.builtin.dnf:
|
||||
name:
|
||||
- cockpit-system
|
||||
- cockpit-ws
|
||||
- dnf-utils
|
||||
- gdisk
|
||||
- nfs-utils
|
||||
- rsync
|
||||
- tar
|
||||
- tuned
|
||||
- tcpdump
|
||||
state: present
|
||||
|
||||
- name: Find persistent-net.rules
|
||||
ansible.builtin.find:
|
||||
paths: /etc/udev/rules.d
|
||||
patterns: 70*
|
||||
register: net_rules
|
||||
|
||||
- name: Delete persistent-net.rules
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.path }}"
|
||||
state: absent
|
||||
with_items: "{{ net_rules.files }}"
|
||||
|
||||
- name: Configure /etc/sysconfig/network
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/sysconfig/network
|
||||
line: "{{ item }}"
|
||||
with_items:
|
||||
- NETWORKING=yes
|
||||
- NOZEROCONF=yes
|
||||
|
||||
- name: Configure /etc/sysconfig/network-scripts/ifcfg-eth0
|
||||
ansible.builtin.copy:
|
||||
src: ifcfg-eth0
|
||||
dest: /etc/sysconfig/network-scripts/ifcfg-eth0
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Configure /etc/cloud/cloud.cfg.d/00_Ec2.cfg
|
||||
ansible.builtin.copy:
|
||||
src: 00_Ec2.cfg
|
||||
dest: /etc/cloud/cloud.cfg.d/00_Ec2.cfg
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Disable consistent network device naming
|
||||
ansible.builtin.file:
|
||||
src: /dev/null
|
||||
dest: /etc/udev/rules.d/80-net-name-slot.rules
|
||||
owner: root
|
||||
group: root
|
||||
state: link
|
||||
|
||||
- name: Disable virtual terminals allocation by logind
|
||||
ansible.builtin.replace:
|
||||
path: '/etc/systemd/logind.conf'
|
||||
regexp: '^#?NAutoVTs=\d+'
|
||||
replace: 'NAutoVTs=0'
|
||||
|
||||
- name: Configure NetworkManager default DHCP timeout
|
||||
community.general.ini_file:
|
||||
path: /etc/NetworkManager/conf.d/dhcp.conf
|
||||
section: connection
|
||||
option: ipv4.dhcp-timeout
|
||||
value: 300
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
seuser: system_u
|
||||
|
||||
- name: Set default kernel package type to kernel
|
||||
ansible.builtin.replace:
|
||||
path: /etc/sysconfig/kernel
|
||||
regexp: '^(DEFAULTKERNEL=).*$'
|
||||
replace: '\1kernel'
|
||||
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1849082#c7
|
||||
- name: Enable Xen support
|
||||
block:
|
||||
- name: Enable xen drivers in dracut
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/dracut.conf.d/xen.conf
|
||||
line: 'add_drivers+=" xen-netfront xen-blkfront "'
|
||||
create: true
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Upgrade initramfs
|
||||
ansible.builtin.command: dracut -f --regenerate-all
|
||||
when: ansible_facts['architecture'] == 'x86_64'
|
||||
|
||||
- name: Add msvsphere user to /etc/sudoers
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/sudoers
|
||||
line: "msvsphere\tALL=(ALL)\tNOPASSWD: ALL"
|
||||
state: present
|
||||
|
||||
- name: Set virtual-guest as default profile for tuned
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/tuned/active_profile
|
||||
line: virtual-guest
|
||||
create: yes
|
||||
|
||||
- name: Regenerate the initramfs
|
||||
ansible.builtin.command: dracut -f --regenerate-all
|
||||
|
||||
- name: Disable root login
|
||||
ansible.builtin.user:
|
||||
name: root
|
||||
password: '!!'
|
@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: MSVSphere Yandex Cloud image
|
||||
hosts: default
|
||||
become: true
|
||||
|
||||
roles:
|
||||
- yandexcloud_guest
|
||||
- cleanup_vm
|
@ -0,0 +1,56 @@
|
||||
/**
|
||||
* Packer template for building MSVSphere 9 Yandex Cloud images.
|
||||
*/
|
||||
|
||||
source "qemu" "msvsphere-9-yandexcloud-x86_64" {
|
||||
iso_url = var.iso_url_9_x86_64
|
||||
iso_checksum = var.iso_checksum_9_x86_64
|
||||
boot_command = var.gencloud_boot_cmd_9_x86_64_uefi
|
||||
boot_wait = var.boot_wait
|
||||
cpus = var.cpus
|
||||
memory = var.memory
|
||||
disk_size = var.gencloud_disk_size
|
||||
headless = var.headless
|
||||
http_directory = var.http_directory
|
||||
shutdown_command = var.root_shutdown_command
|
||||
ssh_username = var.gencloud_ssh_username
|
||||
ssh_password = var.gencloud_ssh_password
|
||||
ssh_timeout = var.ssh_timeout
|
||||
vnc_bind_address = var.vnc_bind_address
|
||||
accelerator = "kvm"
|
||||
efi_firmware_code = var.uefi_ovmf_code
|
||||
efi_firmware_vars = var.uefi_ovmf_vars
|
||||
disk_interface = "virtio-scsi"
|
||||
disk_cache = "unsafe"
|
||||
disk_discard = "unmap"
|
||||
disk_detect_zeroes = "unmap"
|
||||
disk_compression = true
|
||||
format = "qcow2"
|
||||
machine_type = "q35"
|
||||
net_device = "virtio-net"
|
||||
qemu_binary = var.qemu_binary
|
||||
vm_name = "MSVSphere-${var.os_version_9}-${formatdate("YYYYMMDD", timestamp())}.yandexcloud.x86_64.qcow2"
|
||||
qemuargs = [
|
||||
["-cpu", "host"]
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
build {
|
||||
sources = [
|
||||
"qemu.msvsphere-9-yandexcloud-x86_64"
|
||||
]
|
||||
|
||||
provisioner "ansible" {
|
||||
playbook_file = "ansible/yandexcloud.yml"
|
||||
galaxy_file = "ansible/requirements.yml"
|
||||
roles_path = "ansible/roles"
|
||||
collections_path = "ansible/collections"
|
||||
ansible_env_vars = [
|
||||
"ANSIBLE_PIPELINING=True",
|
||||
"ANSIBLE_REMOTE_TEMP=/tmp",
|
||||
"ANSIBLE_SSH_ARGS='-o ControlMaster=no -o ControlPersist=180s -o ServerAliveInterval=120s -o TCPKeepAlive=yes -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa'"
|
||||
]
|
||||
extra_arguments = ["--scp-extra-args", "'-O'"]
|
||||
}
|
||||
}
|
Loading…
Reference in new issue