rancher · richardcase · Apr 24, 2023 · Apr 20, 2023 · Apr 20, 2023 · Apr 20, 2023
@@ -0,0 +1,77 @@
+# /*
+# Copyright 2022 SUSE.
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+#     http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# */
+
+.DEFAULT_GOAL := help
+
+CONTAINERD_VERSION?=1.5.9
+RKE2_VERSION?=1.26.0+rke2r1
+
+## --------------------------------------
+## Help
+## --------------------------------------
+
+##@ Helpers
+help: ## Display this help
+	@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n  make \033[36m<target>\033[0m\n"} /^[a-zA-Z0-9_-]+:.*?##/ { printf "  \033[36m%-35s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
+
+## --------------------------------------
+## Packer flags
+## --------------------------------------
+
+# Set Packer color to true if not already set in env variables
+# Only valid for builds
+ifneq (,$(findstring build-, $(MAKECMDGOALS)))
+	# A build target
+	PACKER_COLOR ?= true
+	PACKER_FLAGS += -color=$(PACKER_COLOR)
+endif
+
+# If ON_ERROR_ASK=1 then Packer will set -on-error to ask, causing the Packer
+# build to pause when any error happens, instead of simply exiting. This is
+# useful when debugging unknown issues logging into the remote machine via ssh.
+ifeq (1,$(strip $(ON_ERROR_ASK)))
+	PACKER_FLAGS += -on-error=ask
+endif
+
+# If DEBUG=1 then Packer will set -debug, enabling debug mode for builds, providing
+# more verbose logging
+ifeq (1,$(strip $(DEBUG)))
+	PACKER_FLAGS += -debug
+endif
+
+## --------------------------------------
+## Platform and version combinations
+## --------------------------------------
+
+AWS_BUILD_NAMES ?= aws-opensuse-1504 aws-ubuntu-2204
+
+## --------------------------------------
+## Dynamic build targets
+## --------------------------------------
+
+AWS_BUILD_TARGETS := $(addprefix build-,$(AWS_BUILD_NAMES))
+
+.PHONY: $(AWS_BUILD_TARGETS)
+$(AWS_BUILD_TARGETS):
+	packer build $(PACKER_FLAGS) -var-file="$(abspath aws/$(subst build-aws-,,$@).json)" -var "containerd_version=$(CONTAINERD_VERSION)" -var "rke2_semver=$(RKE2_VERSION)" aws/packer.json
+
+## --------------------------------------
+## Document dynamic build targets
+## --------------------------------------
+##@ Builds
+build-aws-opensuse-1504: ## Builds an AMI for OpenSUSE 15.04
+build-aws-ubuntu-2204: ## Builds an AMI for Ubuntu 22.04
+build-aws-all: $(AWS_BUILD_TARGETS) ## Builds all AMIs
@@ -0,0 +1,33 @@
+# RKE2 CAPI image builder
+
+## Description
+
+This directory contains the scripts and configuration files to build the images used by the RKE2 CAPI provider. It relies on the [packer](https://www.packer.io/) tool to build the images.
+
+We are using bash scripts to provision images with required dependencies, scripts for each platform are located in the `scripts` directory.
+
+## AWS
+
+### Requirements
+
+- Your AWS account must have the following permissions: https://developer.hashicorp.com/packer/plugins/builders/amazon#iam-task-or-instance-role
+
+- You must a default VPC in your AWS account. If you don't have one, you can create one using the following command:
+
+```bash
+aws ec2 create-default-vpc
+```
+
+### Steps
+
+For building the AWS AMIs, you can run the following command:
+
+```bash
+make build-aws-all
+```
+or 
+
+```bash
+make help
+```
+and it will show you the available options.
@@ -0,0 +1,12 @@
+{
+    "ami_filter_name": "openSUSE-Leap*",
+    "ami_filter_owners": "431331376479",
+    "build_name": "openSUSE-15.4-rke2",
+    "distribution": "openSUSE",
+    "distribution_release": "Leap",
+    "distribution_version": "15.4",
+    "root_device_name": "/dev/sda1",
+    "source_ami": "",
+    "ssh_username": "ec2-user",
+    "bootstrap_script_path": "./scripts/opensuse/bootstrap.sh"
+}
@@ -0,0 +1,120 @@
+{
+    "builders": [
+        {
+            "access_key": "{{user `aws_access_key`}}",
+            "ami_description": "{{user `ami_description`}}",
+            "ami_groups": "{{user `ami_groups`}}",
+            "ami_name": "capa-ami-{{user `build_name`}}-{{user `rke2_semver` | clean_resource_name}}-{{user `build_timestamp`}}",
+            "ami_product_codes": "",
+            "ami_regions": "{{user `ami_regions`}}",
+            "ami_users": "{{user `ami_users`}}",
+            "encrypt_boot": "{{user `encrypted`}}",
+            "iam_instance_profile": "{{user `iam_instance_profile`}}",
+            "instance_type": "{{user `builder_instance_type`}}",
+            "kms_key_id": "{{user `kms_key_id`}}",
+            "launch_block_device_mappings": [
+                {
+                    "delete_on_termination": true,
+                    "device_name": "{{ user `root_device_name` }}",
+                    "iops": "{{ user `iops`}}",
+                    "throughput": "{{ user `throughput` }}",
+                    "volume_size": "{{ user `volume_size` }}",
+                    "volume_type": "{{ user `volume_type` }}"
+                }
+            ],
+            "name": "{{user `build_name`}}",
+            "profile": "{{ user `aws_profile`}}",
+            "region": "{{ user `aws_region` }}",
+            "secret_key": "{{user `aws_secret_key`}}",
+            "security_group_ids": "{{user `aws_security_group_ids`}}",
+            "skip_create_ami": "{{ user `skip_create_ami`}}",
+            "skip_profile_validation": "{{user `skip_profile_validation`}}",
+            "snapshot_groups": "{{user `snapshot_groups`}}",
+            "snapshot_users": "{{user `snapshot_users`}}",
+            "source_ami": "{{user `source_ami`}}",
+            "source_ami_filter": {
+                "filters": {
+                    "architecture": "x86_64",
+                    "name": "{{user `ami_filter_name`}}",
+                    "root-device-type": "ebs",
+                    "virtualization-type": "hvm"
+                },
+                "most_recent": true,
+                "owners": "{{user `ami_filter_owners`}}"
+            },
+            "ssh_keypair_name": "{{user `ssh_keypair_name`}}",
+            "ssh_username": "{{user `ssh_username`}}",
+            "subnet_id": "{{ user `subnet_id` }}",
+            "tags": {
+                "build_date": "{{isotime}}",
+                "build_timestamp": "{{user `build_timestamp`}}",
+                "containerd_version": "{{user `containerd_version`}}",
+                "distribution": "{{user `distribution`}}",
+                "distribution_release": "{{user `distribution_release`}}",
+                "distribution_version": "{{user `distribution_version`}}",
+                "kubernetes_cni_version": "{{user `kubernetes_cni_semver`}}",
+                "kubernetes_version": "{{user `rke2_semver`}}",
+                "source_ami": "{{user `source_ami`}}"
+            },
+            "temporary_security_group_source_cidrs": "{{ user `temporary_security_group_source_cidrs` }}",
+            "token": "{{ user `aws_session_token` }}",
+            "type": "amazon-ebs",
+            "user_data": "{{ user `user_data` }}",
+            "vpc_id": "{{ user `vpc_id` }}"
+        }
+    ],
+    "provisioners": [
+        {
+            "type": "file",
+            "source": "{{ user `bootstrap_script_path` }}",
+            "destination": "~/bootstrap.sh"
+        },
+        {
+            "environment_vars": [
+                "BUILD_NAME={{user `build_name`}}",
+                "CONTAINERD_VERSION={{user `containerd_version`}}",
+                "ARCH=amd64",
+                "RKE2_VERSION={{user `rke2_semver`}}"
+            ],
+            "type": "shell",
+            "remote_folder": "~",
+            "inline": [
+                "sudo bash ~/bootstrap.sh $CONTAINERD_VERSION $ARCH $RKE2_VERSION",
+                "rm ~/bootstrap.sh"
+            ]
+        }
+    ],
+    "variables": {
+        "ami_description": "Cluster API base image designed for RKE2 {{user `rke2_semver`}}",
+        "ami_groups": "all",
+        "ami_regions": "ap-south-1,eu-west-3,eu-west-2,eu-west-1,ap-northeast-2,ap-northeast-1,sa-east-1,ca-central-1,ap-southeast-1,ap-southeast-2,eu-central-1,us-east-1,us-east-2,us-west-1,us-west-2",
+        "ami_users": "",
+        "aws_access_key": "",
+        "aws_profile": "",
+        "aws_region": "us-east-1",
+        "aws_secret_key": "",
+        "aws_security_group_ids": "",
+        "aws_session_token": "",
+        "build_timestamp": "{{timestamp}}",
+        "builder_instance_type": "t3.small",
+        "containerd_version": null,
+        "encrypted": "false",
+        "iam_instance_profile": "",
+        "iops": "3000",
+        "kms_key_id": "",
+        "rke2_semver": null,
+        "skip_create_ami": "false",
+        "skip_profile_validation": "false",
+        "snapshot_groups": "all",
+        "snapshot_users": "",
+        "ssh_keypair_name": "",
+        "subnet_id": "",
+        "temporary_security_group_source_cidrs": "",
+        "throughput": "125",
+        "user_data": "#cloud-config\nrepo_upgrade: none",
+        "volume_size": "10",
+        "volume_type": "gp3",
+        "vpc_id": "",
+        "bootstrap_script_path": ""
+    }
+}
@@ -0,0 +1,12 @@
+{
+    "ami_filter_name": "ubuntu/images/*ubuntu-jammy-22.04-amd64-server-*",
+    "ami_filter_owners": "099720109477",
+    "build_name": "ubuntu-22.04-rke2",
+    "distribution": "Ubuntu",
+    "distribution_release": "jammy",
+    "distribution_version": "22.04",
+    "root_device_name": "/dev/sda1",
+    "source_ami": "",
+    "ssh_username": "ubuntu",
+    "bootstrap_script_path": "./scripts/ubuntu/bootstrap.sh"
+}
@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+set -o errexit
+set -o nounset
+set -o pipefail
+
+echo "Install required packages"
+zypper --gpg-auto-import-keys ref && \
+zypper --gpg-auto-import-keys --non-interactive install \
+        curl \
+        openssh-server \
+        cloud-init \
+        systemd \
+
+echo "Install RKE2 components"
+mkdir -p /opt/rke2-artifacts
+curl -sfL -o /opt/rke2-artifacts/rke2-images.linux-amd64.tar.zst https://github.com/rancher/rke2/releases/download/v${3}/rke2-images.linux-amd64.tar.zst
+curl -sfL -o /opt/rke2-artifacts/rke2.linux-amd64.tar.gz https://github.com/rancher/rke2/releases/download/v${3}/rke2.linux-amd64.tar.gz
+curl -sfL -o /opt/rke2-artifacts/sha256sum-amd64.txt https://github.com/rancher/rke2/releases/download/v${3}/sha256sum-amd64.txt
+curl -sfL -o /opt/install.sh https://get.rke2.io
+
+echo "Done"
@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+set -o errexit
+set -o nounset
+set -o pipefail
+
+echo "Install required packages"
+apt-get update && \
+apt-get install -y \
+        curl \
+        openssh-server \
+        cloud-init \
+        systemd \
+
+echo "Install RKE2 components"
+mkdir -p /opt/rke2-artifacts
+curl -sfL -o /opt/rke2-artifacts/rke2-images.linux-amd64.tar.zst https://github.com/rancher/rke2/releases/download/v${3}/rke2-images.linux-amd64.tar.zst
+curl -sfL -o /opt/rke2-artifacts/rke2.linux-amd64.tar.gz https://github.com/rancher/rke2/releases/download/v${3}/rke2.linux-amd64.tar.gz
+curl -sfL -o /opt/rke2-artifacts/sha256sum-amd64.txt https://github.com/rancher/rke2/releases/download/v${3}/sha256sum-amd64.txt
+curl -sfL -o /opt/install.sh https://get.rke2.io
+
+echo "Done"