updated

2023-02-09 13:17:35 +01:00 · 2023-02-09 13:17:35 +01:00 · 10e979f595
commit 10e979f595
parent 4a903d5091
2 changed files with 206 additions and 0 deletions
--- a/microshift/inst.ks
+++ b/microshift/inst.ks
@ -0,0 +1,76 @@
+lang en_US.UTF-8
+keyboard us
+timezone UTC
+text
+reboot
+
+# Configure network to use DHCP and activate on boot
+network --bootproto=dhcp --device=link --activate --onboot=on --hostname=microshift-starter.local --noipv6
+
+# Partition disk with a 1GB boot XFS partition and a 10GB LVM volume containing system root
+# The remainder of the volume will be used by the CSI driver for storing data
+zerombr
+clearpart --all --initlabel
+part /boot/efi --fstype=efi --size=200
+part /boot --fstype=xfs --asprimary --size=800
+part pv.01 --grow
+volgroup rhel pv.01
+logvol / --vgname=rhel --fstype=xfs --size=10240 --name=root
+
+# Configure users
+rootpw --lock
+user --plaintext --name=redhat --password=redhat
+
+# Minimal package setup
+cdrom
+%packages
+@^minimal-environment
+bash-completion
+cockpit
+conmon
+conntrack-tools
+containernetworking-plugins
+containers-common
+container-selinux
+criu
+git
+jq
+make
+NetworkManager-ovs
+python36
+selinux-policy-devel
+qemu-guest-agent
+%end
+
+# Post install configuration
+%post --log=/var/log/anaconda/post-install.log --erroronfail
+
+# Allow the default user to run sudo commands without password
+echo -e 'redhat\tALL=(ALL)\tNOPASSWD: ALL' > /etc/sudoers.d/redhat
+
+# Import Red Hat public keys to allow RPM GPG check (not necessary if a system is registered)
+if ! subscription-manager status >& /dev/null ; then
+   rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-*
+fi
+
+tee /etc/yum.repos.d/rhocp-4.12-el8-beta-$(uname -i)-rpms.repo >/dev/null <<EOF
+[rhocp-4.12-el8-beta-$(uname -i)-rpms]
+name=Beta rhocp-4.12 RPMs for RHEL8
+baseurl=https://mirror.openshift.com/pub/openshift-v4/\$basearch/dependencies/rpms/4.12-el8-beta/
+enabled=1
+gpgcheck=1
+skip_if_unavailable=0
+EOF
+
+# Install MicroShift testing package
+dnf copr enable -y @redhat-et/microshift-testing
+dnf install -y microshift
+dnf install -y openshift-clients
+
+# MicroShift service should be enabled later after setting up CRI-O with the pull secret
+
+# Configure firewalld
+firewall-offline-cmd --zone=trusted --add-source=10.42.0.0/16
+firewall-offline-cmd --zone=trusted --add-source=169.254.169.1
+
+%end
--- a/microshift/packer.json.pkr.hcl
+++ b/microshift/packer.json.pkr.hcl
@ -0,0 +1,130 @@
+
+variable "centos_image" {
+  type    = string
+  default = "Rocky-8.7-x86_64-dvd1.iso"
+}
+
+variable "proxmox_iso_pool" {
+  type    = string
+  default = "vmdata1_nas_nfs:iso"
+}
+
+variable "proxmox_node" {
+  type    = string
+  default = "pve2"
+}
+
+variable "proxmox_password" {
+  type    = string
+  default = ""
+}
+
+variable "vm_password" {
+  type    = string
+  default = ""
+}
+
+variable "proxmox_storage_format" {
+  type    = string
+  default = "qcow2"
+}
+
+variable "proxmox_storage_pool" {
+  type    = string
+  default = "vmdata1_nas_nfs"
+}
+
+variable "proxmox_storage_pool_type" {
+  type    = string
+  default = "directory"
+}
+
+variable "proxmox_url" {
+  type    = string
+  default = "https://pve2.lan.alcatrash.net:8006/api2/json"
+}
+
+variable "proxmox_username" {
+  type    = string
+  default = "root@pam"
+}
+
+variable "template_description" {
+  type    = string
+  default = "Rocky Linux 8 Template"
+}
+
+variable "template_name" {
+  type    = string
+  default = "RockyLinux8Template"
+}
+
+variable "version" {
+  type    = string
+  default = ""
+}
+
+source "proxmox" "autogenerated_1" {
+  boot_command = ["<tab> text inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/inst.ks<enter><wait>"]
+  boot_wait    = "10s"
+  cores        = "2"
+  cpu_type     = "host"
+  disks {
+    disk_size               = "8G"
+    format                  = "${var.proxmox_storage_format}"
+    storage_pool            = "${var.proxmox_storage_pool}"
+    storage_pool_type       = "${var.proxmox_storage_pool_type}"
+    type              = "scsi"
+  }
+  http_directory           = "rocky8"
+  insecure_skip_tls_verify = false
+  iso_file                 = "${var.proxmox_iso_pool}/${var.centos_image}"
+  memory                   = "2048"
+  network_adapters {
+    bridge    = "vmbr1"
+    vlan_tag  = "20"
+    model     = "virtio"
+    firewall  = false
+  }
+  vga {
+    type = "std"
+
+  }
+  node                    = "${var.proxmox_node}"
+  os                      = "l26"
+  password                = "${var.proxmox_password}"
+  proxmox_url             = "${var.proxmox_url}"
+  scsi_controller         = "virtio-scsi-single"
+  ssh_password            = "${var.vm_password}"
+  ssh_port                = 22
+  ssh_timeout             = "30m"
+  ssh_username            = "root"
+  template_description    = "${var.template_description}"
+  template_name           = "${var.template_name}"
+  unmount_iso             = true
+  username                = "${var.proxmox_username}"
+  vm_id                   = 517
+  cloud_init              = true
+  cloud_init_storage_pool = "${var.proxmox_storage_pool}"
+}
+
+build {
+  sources = ["source.proxmox.autogenerated_1"]
+
+  provisioner "shell" {
+    inline = [
+    "yum install -y cloud-init qemu-guest-agent cloud-utils-growpart gdisk",
+    "shred -u /etc/ssh/*_key /etc/ssh/*_key.pub",
+    "rm -f /var/run/utmp",
+    ">/var/log/lastlog",
+    ">/var/log/wtmp",
+    ">/var/log/btmp",
+    "rm -rf /tmp/* /var/tmp/*",
+    "unset HISTFILE; rm -rf /home/*/.*history /root/.*history",
+    "rm -f /root/*ks"
+    # "passwd -d root",
+    # "passwd -l root"
+    ]
+  }
+
+}