From a0e3b6b7641835ccbe64c6bb04d8d0af30f34004 Mon Sep 17 00:00:00 2001 From: jayfranco999 Date: Tue, 15 Oct 2024 12:34:02 +0530 Subject: [PATCH 1/4] feat!(aws):Add Amazon-ebs builder for Windows AMIs Signed-off-by: jayfranco999 --- Jenkinsfile_k8s | 31 +++++++++++- datasources.pkr.hcl | 42 ++++++++++++++++ locals.pkr.hcl | 12 +++++ main.pkr.hcl | 4 ++ .../updatecli.d/packer-plugins/amazon.yaml | 50 +++++++++++++++++++ variables.pkr.hcl | 14 +++++- 6 files changed, 151 insertions(+), 2 deletions(-) create mode 100644 datasources.pkr.hcl create mode 100644 updatecli/updatecli.d/packer-plugins/amazon.yaml diff --git a/Jenkinsfile_k8s b/Jenkinsfile_k8s index d591160de..f0a58ce62 100644 --- a/Jenkinsfile_k8s +++ b/Jenkinsfile_k8s @@ -107,10 +107,36 @@ pipeline { axis { name 'compute_type' // "azure-arm" stands for "Azure Resource Manager", unrelated to arm64 CPU - values 'azure-arm', 'docker' + values 'amazon-ebs', 'azure-arm', 'docker' } } excludes { + // Only build Ubuntu images for arm64 CPU in AWS (notValues) + exclude { + axis { + name 'cpu_architecture' + values 'arm64' + } + axis { + name 'agent_type' + notValues 'ubuntu-22.04' + } + axis { + name 'compute_type' + values 'amazon-ebs' + } + } + // Exclude 'amazon-ebs' Ubuntu builds + exclude { + axis { + name 'agent_type' + values 'ubuntu-22.04' + } + axis { + name 'compute_type' + values 'amazon-ebs' + } + } // Only build Ubuntu images for arm64 CPU in Azure (notValues) exclude { axis { @@ -149,6 +175,9 @@ pipeline { } } environment { + // Defines the following environment variables: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY + AWS_ACCESS_KEY_ID = credentials('packer-aws-access-key-id') + AWS_SECRET_ACCESS_KEY = credentials('packer-aws-secret-access-key') // Defines the following environment variables: AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_TENANT_ID, AZURE_SUBSCRIPTION_ID // Ref. https://plugins.jenkins.io/azure-credentials/#plugin-content-declarative-pipeline AZURE = credentials('packer-azure-serviceprincipal-sponsorship') diff --git a/datasources.pkr.hcl b/datasources.pkr.hcl new file mode 100644 index 000000000..59486503b --- /dev/null +++ b/datasources.pkr.hcl @@ -0,0 +1,42 @@ +//datasources for Linux AMI commented for later use + +# # # Data sources are always treated BEFORE locals and sources. +# data "amazon-ami" "ubuntu-22_04" { +# access_key = var.aws_access_key_id +# secret_key = var.aws_secret_access_key +# filters = { +# name = format("ubuntu/images/hvm-ssd/ubuntu-*-22.04-%s-server-*", var.architecture) +# root-device-type = "ebs" +# virtualization-type = "hvm" +# } +# most_recent = true +# # owners = ["326712726440"] +# owners = ["amazon"] +# region = var.aws_region +# } +data "amazon-ami" "windows-2019" { + access_key = var.aws_access_key_id + secret_key = var.aws_secret_access_key + filters = { + # https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2launch-v2.html + name = "EC2LaunchV2-Windows_Server-2019-English-Core-Base-*" + root-device-type = "ebs" + virtualization-type = "hvm" + } + most_recent = true + owners = ["amazon"] + region = var.aws_region +} + +data "amazon-ami" "windows-2022" { + access_key = var.aws_access_key_id + secret_key = var.aws_secret_access_key + filters = { + name = "Windows_Server-2022-English-Core-Base-*" + root-device-type = "ebs" + virtualization-type = "hvm" + } + most_recent = true + owners = ["amazon"] + region = var.aws_region +} diff --git a/locals.pkr.hcl b/locals.pkr.hcl index 2ee93addb..7e086bf4c 100644 --- a/locals.pkr.hcl +++ b/locals.pkr.hcl @@ -4,6 +4,18 @@ locals { agent_os_version_safe = replace(var.agent_os_version, ".", "_") image_name = format("jenkins-agent-%s-%s-%s", var.agent_os_type, var.agent_os_version, var.architecture) unique_image_name = format("%s-%s", local.image_name, local.now_unix_timestamp) + + # aws_spot_instance_types = { // for spot instances + # # 4 vCPU x86 / 16 GB / $0.1670 - https://aws.amazon.com/en/ec2/instance-types/t3/#Product_Details + # "amd64" = ["t3.xlarge", "t3a.xlarge", "t2.xlarge", "m6a.xlarge"] + # # 4 vCPU ARM64 (Gravitnb)/ 16 GB / $0.1344 - https://aws.amazon.com/en/ec2/instance-types/t4/#Product_Details + # "arm64" = ["t4g.xlarge", "m7g.xlarge"] + # } + aws_instance_types = { + "amd64" = "t3.xlarge" + "arm64" = "t4g.xlarge" + } + # List available SKUs with the command `az vm image list-skus --offer 0001-com-ubuntu-server-jammy --location eastus --publisher canonical --output table` az_instance_image_sku = { "amd64" = "${local.agent_os_version_safe}-lts-gen2" diff --git a/main.pkr.hcl b/main.pkr.hcl index 533b5872a..bddb93856 100644 --- a/main.pkr.hcl +++ b/main.pkr.hcl @@ -1,6 +1,10 @@ packer { required_version = ">= 1.7.2, < 2" required_plugins { + amazon = { + version = "1.3.3" + source = "github.com/hashicorp/amazon" + } windows-update = { version = "0.16.8" source = "github.com/rgl/windows-update" diff --git a/updatecli/updatecli.d/packer-plugins/amazon.yaml b/updatecli/updatecli.d/packer-plugins/amazon.yaml new file mode 100644 index 000000000..c02b03f20 --- /dev/null +++ b/updatecli/updatecli.d/packer-plugins/amazon.yaml @@ -0,0 +1,50 @@ +--- +name: Bump packer amazon plugin version + +scms: + default: + kind: github + spec: + user: "{{ .github.user }}" + email: "{{ .github.email }}" + owner: "{{ .github.owner }}" + repository: "{{ .github.repository }}" + token: "{{ requiredEnv .github.token }}" + username: "{{ .github.username }}" + branch: "{{ .github.branch }}" + +sources: + lastReleaseVersion: + kind: githubrelease + name: Get the latest packer's amazon plugin version + spec: + owner: "hashicorp" + repository: "packer-plugin-amazon" + token: "{{ requiredEnv .github.token }}" + username: "{{ .github.username }}" + versionfilter: + kind: semver + transformers: + - trimprefix: v + +targets: + updateVersion: + name: "Update the amazon plugin version in main.pkr.hcl" + sourceid: lastReleaseVersion + kind: file + spec: + file: main.pkr.hcl + matchpattern: 'amazon = \{((\r\n|\r|\n)(\s+))version = ".*"' + replacepattern: >- + amazon = {${1}version = "{{ source "lastReleaseVersion" }}" + scmid: default + +actions: + default: + kind: github/pullrequest + title: Bump packer amazon plugin version to {{ source "lastReleaseVersion" }} + scmid: default + spec: + labels: + - dependencies + - packer-amazon-plugin diff --git a/variables.pkr.hcl b/variables.pkr.hcl index f3116ff3d..092d4d1cd 100644 --- a/variables.pkr.hcl +++ b/variables.pkr.hcl @@ -13,6 +13,18 @@ variable "architecture" { description = "CPU architecture ID of the build with the following possible values: [amd64 (default), arm64]" default = "amd64" } +variable "aws_region" { + type = string + default = "us-east-2" +} +variable "aws_access_key_id" { + type = string + default = env("AWS_ACCESS_KEY_ID") +} +variable "aws_secret_access_key" { + type = string + default = env("AWS_SECRET_ACCESS_KEY") +} variable "azure_client_id" { type = string default = env("AZURE_CLIENT_ID") @@ -35,7 +47,7 @@ variable "image_version" { } variable "image_type" { type = string - description = "Which kind of Packer builder to use (e.g. cloud platform): [azure-arm (default), docker]" + description = "Which kind of Packer builder to use (e.g. cloud platform): [amazon-ebs, azure-arm (default), docker]" default = "azure-arm" } variable "build_type" { From 30dfb5123a773b4259b2ad227d28408dfe1a96d4 Mon Sep 17 00:00:00 2001 From: jayfranco999 Date: Tue, 15 Oct 2024 12:38:07 +0530 Subject: [PATCH 2/4] feat!(aws):Add Amazon-ebs builder for Windows AMIs Signed-off-by: jayfranco999 --- build-jenkins-agent-windows.pkr.hcl | 21 +++++++++++++++++++++ locals.pkr.hcl | 3 ++- 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/build-jenkins-agent-windows.pkr.hcl b/build-jenkins-agent-windows.pkr.hcl index 45f8f7f6d..bb59c61ea 100644 --- a/build-jenkins-agent-windows.pkr.hcl +++ b/build-jenkins-agent-windows.pkr.hcl @@ -1,4 +1,14 @@ build { + source "amazon-ebs.base" { + name = "windows" + communicator = "winrm" + user_data_file = "./provisioning/setupWinRM.ps1" + winrm_insecure = true + winrm_timeout = "20m" + winrm_use_ssl = true + winrm_username = local.windows_winrm_user[var.image_type] + } + source "azure-arm.base" { name = "windows" communicator = "winrm" @@ -132,3 +142,14 @@ build { ] } } +# This provisioner must be the last for AWS EBS builds, after reboots + provisioner "powershell" { + only = ["amazon-ebs.windows"] + elevated_user = local.windows_winrm_user[var.image_type] + elevated_password = build.Password + + inline = [ + "& 'C:/Program Files/Amazon/EC2Launch/ec2launch' reset --block", + "& 'C:/Program Files/Amazon/EC2Launch/ec2launch' sysprep --block", + ] + } diff --git a/locals.pkr.hcl b/locals.pkr.hcl index 7e086bf4c..dc8dd78dd 100644 --- a/locals.pkr.hcl +++ b/locals.pkr.hcl @@ -15,7 +15,7 @@ locals { "amd64" = "t3.xlarge" "arm64" = "t4g.xlarge" } - + # List available SKUs with the command `az vm image list-skus --offer 0001-com-ubuntu-server-jammy --location eastus --publisher canonical --output table` az_instance_image_sku = { "amd64" = "${local.agent_os_version_safe}-lts-gen2" @@ -24,6 +24,7 @@ locals { windows_winrm_user = { "azure-arm" = "packer" "docker" = "packer" + "amazon-ebs" = "Administrator" # In AWS EC2, WinRM super admin must be the "Administrator" account } # List available images `az vm image list --location eastus --publisher MicrosoftWindowsServer --offer WindowsServer --sku 2022-datacenter-core-g2 --all --output table` From 7dc215f9eefc8d68097ac76a100495121b7bf63c Mon Sep 17 00:00:00 2001 From: jayfranco999 Date: Tue, 15 Oct 2024 12:54:48 +0530 Subject: [PATCH 3/4] fixup Signed-off-by: jayfranco999 --- sources.pkr.hcl | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/sources.pkr.hcl b/sources.pkr.hcl index bfb2a9adc..e3b07ea31 100644 --- a/sources.pkr.hcl +++ b/sources.pkr.hcl @@ -1,3 +1,47 @@ +# This source defines all the common settings for any AWS AMI (whatever Operating System) +source "amazon-ebs" "base" { + # profile = "terraform-developer" + + # AWS API connection + access_key = var.aws_access_key_id + secret_key = var.aws_secret_access_key + + ami_name = "${local.image_name}-${var.architecture}-${local.now_unix_timestamp}" + # spot_instance_types = local.aws_spot_instance_types[var.architecture] // if spot instances is used + # spot_price = "auto" + instance_type = local.aws_instance_types[var.architecture] + # instance_type = "t2.xlarge" + + + # Define custom rootfs for build to avoid later filesystem extension during agent startups + launch_block_device_mappings { + delete_on_termination = true + device_name = "/dev/sda1" + volume_size = local.windows_disk_size_gb + volume_type = "gp2" + } + + # Where to build the VM + region = var.aws_region + + # Where to export the AMI + ami_regions = [ + var.aws_region + ] + + # Egg-and-chicken: what is the base image to start from (eg. what is my egg)? + source_ami = data.amazon-ami["${var.agent_os_type}-${local.agent_os_version_safe}"].id + # To improve audit and garbage collecting, we provide tags + tags = { + imageplatform = var.architecture + imagetype = local.image_name + timestamp = local.now_unix_timestamp + version = var.image_version + scm_ref = var.scm_ref + build_type = var.build_type + } +} + # This source defines all the common settings for any Azure image (whatever Operating System) source "azure-arm" "base" { managed_image_resource_group_name = local.azure_destination_resource_group From d6ecb931ee89688c1223fbe655b1e47df12ee223 Mon Sep 17 00:00:00 2001 From: jayfranco999 Date: Tue, 15 Oct 2024 13:07:04 +0530 Subject: [PATCH 4/4] fixup Signed-off-by: jayfranco999 --- datasources.pkr.hcl | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/datasources.pkr.hcl b/datasources.pkr.hcl index 59486503b..595690f64 100644 --- a/datasources.pkr.hcl +++ b/datasources.pkr.hcl @@ -1,19 +1,18 @@ -//datasources for Linux AMI commented for later use +# # Data sources are always treated BEFORE locals and sources. +data "amazon-ami" "ubuntu-22_04" { + access_key = var.aws_access_key_id + secret_key = var.aws_secret_access_key + filters = { + name = format("ubuntu/images/hvm-ssd/ubuntu-*-22.04-%s-server-*", var.architecture) + root-device-type = "ebs" + virtualization-type = "hvm" + } + most_recent = true + # owners = ["326712726440"] + owners = ["amazon"] + region = var.aws_region +} -# # # Data sources are always treated BEFORE locals and sources. -# data "amazon-ami" "ubuntu-22_04" { -# access_key = var.aws_access_key_id -# secret_key = var.aws_secret_access_key -# filters = { -# name = format("ubuntu/images/hvm-ssd/ubuntu-*-22.04-%s-server-*", var.architecture) -# root-device-type = "ebs" -# virtualization-type = "hvm" -# } -# most_recent = true -# # owners = ["326712726440"] -# owners = ["amazon"] -# region = var.aws_region -# } data "amazon-ami" "windows-2019" { access_key = var.aws_access_key_id secret_key = var.aws_secret_access_key