Skip to content

Commit c052713

Browse files
martatolosamartatolosa
authored
Merge pull request #2390 from oracle-devrel/oke-packer
oke-node-packer solution implementation
2 parents 74bab63 + faf83ab commit c052713

File tree

5 files changed

+176
-0
lines changed

5 files changed

+176
-0
lines changed

app-dev/devops-and-containers/oke/oke-node-packer/README.md

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
# OKE Custom Node Image Builder
2+
3+
This project uses Packer to create custom images for Oracle Kubernetes Engine (OKE) nodes based on Oracle-provided base images. The customizations include:
4+
1. Updating all packages to their latest versions.
5+
2. Installing `oci-fss-utils` for in-transit encryption support.
6+
3. Upgrading to cgroups v2.
7+
8+
## Prerequisites
9+
- Packer installed (version compatible with the oracle plugin ~>1).
10+
- Oracle Cloud Infrastructure (OCI) CLI configured with necessary credentials.
11+
- Access to an OCI compartment, subnet, and a base OKE node image OCID.
12+
- Only Oracle Linux 8 base images are supported for this Packer build.
13+
- If you're not an administrator, ensure your user group (e.g., PackerGroup) has the following OCI IAM policies:
14+
```
15+
Allow group PackerGroup to manage instance-family in compartment ${COMPARTMENT_NAME}
16+
Allow group PackerGroup to manage instance-images in compartment ${COMPARTMENT_NAME}
17+
Allow group PackerGroup to use virtual-network-family in compartment ${COMPARTMENT_NAME}
18+
Allow group PackerGroup to manage compute-image-capability-schema in tenancy
19+
```
20+
Replace `PackerGroup` with your actual group name and `${COMPARTMENT_NAME}` with your compartment name.
21+
22+
## Setup
23+
1. Clone this repository or copy the files to your local machine.
24+
2. Edit `vars.pkrvars.hcl` to provide your specific OCI details (see below for placeholders).
25+
26+
### Configuring vars.pkrvars.hcl
27+
Update the file with your values:
28+
- `availability_domain`: Your OCI availability domain (e.g., "XXXX:REGION-AD-1").
29+
- `base_image_ocid`: OCID of the Oracle-provided OKE base image. To find the latest base image OCID, refer to the [Oracle Linux 8 OKE Worker Node Images documentation](https://docs.oracle.com/en-us/iaas/images/oke-worker-node-oracle-linux-8x/index.htm).
30+
- `compartment_ocid`: OCID of your OCI compartment.
31+
- `image_prefix`: Prefix for the generated image name (default: "oke-custom-image").
32+
- `shape`: VM shape (e.g., "VM.Standard.E4.Flex").
33+
- `ocpus`: Number of OCPUs (default: 1).
34+
- `memory_in_gbs`: Memory in GB (default: 8).
35+
- `subnet_ocid`: OCID of the subnet for the build instance.
36+
- `region`: OCI region (e.g., "eu-frankfurt-1").
37+
- `skip_create_image`: Set to true to skip image creation (default: false).
38+
39+
## Usage
40+
1. Ensure you're in the project directory.
41+
2. Run the build script:
42+
```
43+
./run-packer.sh
44+
```
45+
3. Packer will provision a temporary instance, apply customizations, and create the custom image in your compartment.
46+
47+
## Files Overview
48+
- `oke-custom-image.pkr.hcl`: Main Packer configuration.
49+
- `variables.pkr.hcl`: Variable definitions.
50+
- `vars.pkrvars.hcl`: User-configurable variables.
51+
- `run-packer.sh`: Script to execute the Packer build.
52+
53+
## Troubleshooting
54+
- If the build fails, check OCI permissions and network access.
55+
- Use the `-debug` flag in run-packer.sh for detailed logs.
56+
- Base images are constantly updated by Oracle, ensure you use the latest OCID.
57+
58+
For more details on Packer and OCI integration, refer to the [Packer OCI Plugin documentation](https://developer.hashicorp.com/packer/integrations/hashicorp/oracle/latest/components/builder/oci).

app-dev/devops-and-containers/oke/oke-node-packer/oke-custom-image.pkr.hcl

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
packer {
2+
required_plugins {
3+
oracle = {
4+
version = "~> 1"
5+
source = "github.com/hashicorp/oracle"
6+
}
7+
}
8+
}
9+
10+
11+
# Packer configuration for building OKE custom image
12+
13+
source "oracle-oci" "oke_builder" {
14+
availability_domain = var.availability_domain
15+
base_image_ocid = var.base_image_ocid
16+
compartment_ocid = var.compartment_ocid
17+
image_name = "${var.image_prefix}${formatdate("YYYY-MM-DD-hh-mm-ss", timestamp())}"
18+
shape = var.shape
19+
20+
shape_config {
21+
ocpus = var.ocpus
22+
memory_in_gbs = var.memory_in_gbs
23+
}
24+
subnet_ocid = var.subnet_ocid
25+
ssh_username = var.ssh_username
26+
region = var.region
27+
28+
skip_create_image = var.skip_create_image
29+
}
30+
31+
build {
32+
sources = ["source.oracle-oci.oke_builder"]
33+
34+
provisioner "shell" {
35+
inline = [
36+
"sudo yum-config-manager --enable ol8_developer",
37+
"sudo dnf update -y",
38+
"sudo dnf upgrade -y"
39+
]
40+
}
41+
42+
provisioner "shell" {
43+
inline = [
44+
"sudo dnf install -y oci-fss-utils"
45+
]
46+
}
47+
48+
provisioner "shell" {
49+
inline = [
50+
"sudo grubby --update-kernel=ALL --args=\"systemd.unified_cgroup_hierarchy=1\"",
51+
"sudo reboot"
52+
]
53+
expect_disconnect = true
54+
pause_before = "10s"
55+
}
56+
}

app-dev/devops-and-containers/oke/oke-node-packer/run-packer.sh

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
#!/bin/bash
2+
3+
# Run Packer build with -on-error=ask so that you can decide what to do in case of an error
4+
# Add the -debug flag in case you want to debug the packer script
5+
packer build -var-file=vars.pkrvars.hcl -on-error=ask .

app-dev/devops-and-containers/oke/oke-node-packer/variables.pkr.hcl

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
variable "availability_domain" {
2+
type = string
3+
}
4+
5+
variable "base_image_ocid" {
6+
type = string
7+
}
8+
9+
variable "compartment_ocid" {
10+
type = string
11+
}
12+
13+
variable "image_prefix" {
14+
type = string
15+
}
16+
17+
variable "shape" {
18+
type = string
19+
}
20+
21+
variable "ocpus" {
22+
type = number
23+
default = 1
24+
}
25+
26+
variable "memory_in_gbs" {
27+
type = number
28+
default = 8
29+
}
30+
31+
variable "subnet_ocid" {
32+
type = string
33+
}
34+
35+
variable "ssh_username" {
36+
type = string
37+
default = "opc"
38+
}
39+
40+
variable "region" {
41+
type = string
42+
}
43+
44+
variable "skip_create_image" {
45+
type = bool
46+
default = false
47+
}

app-dev/devops-and-containers/oke/oke-node-packer/vars.pkrvars.hcl

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
availability_domain = "XXXX:REGION-AD-1" // Replace with your availability domain, e.g., "gqUG:EU-FRANKFURT-1-AD-1"
2+
base_image_ocid = "ocid1.image.oc1.region-name.XXXXXXXXXX" // Replace with the OCID of the Oracle-provided OKE base image
3+
compartment_ocid = "ocid1.compartment.oc1..XXXXXXXXXX" // Replace with your OCI compartment OCID
4+
image_prefix = "oke-custom-image-" // Optional: Change the prefix for the generated image name
5+
shape = "VM.Standard.E4.Flex" // Replace with your desired VM shape
6+
ocpus = 1 // Optional: Number of OCPUs
7+
memory_in_gbs = 8 // Optional: Memory in GB
8+
subnet_ocid = "ocid1.subnet.oc1.region-name.XXXXXXXXXX" // Replace with your subnet OCID
9+
region = "region-name" // Replace with your OCI region, e.g., "eu-frankfurt-1"
10+
skip_create_image = false // Optional: Set to true to skip creating the image

0 commit comments

Comments
 (0)