|
| 1 | +# Building Ubuntu 24.04 GCP Images with Kubernetes for CAPI |
| 2 | + |
| 3 | +This guide walks you through building GCP images for Cluster API with Ubuntu 24.04 and any Kubernetes version you need. |
| 4 | + |
| 5 | +## Getting Started |
| 6 | + |
| 7 | +### 1. Clone the Repository |
| 8 | + |
| 9 | +First, clone the image-builder repo: |
| 10 | + |
| 11 | +```bash |
| 12 | +git clone [email protected]:kubernetes-sigs/image-builder.git |
| 13 | +cd image-builder/images/capi |
| 14 | +``` |
| 15 | + |
| 16 | +### 2. GCP Prerequisites |
| 17 | + |
| 18 | +You'll need: |
| 19 | +- `gcloud` CLI installed and configured |
| 20 | +- A service account with appropriate permissions |
| 21 | + |
| 22 | +#### Set Up Service Account |
| 23 | + |
| 24 | +If needed, create a service account with the necessary permissions. We'll assume there is already one called `capg-packer-service-account` with the required roles. |
| 25 | + |
| 26 | +Create a key for your service account: |
| 27 | + |
| 28 | +```bash |
| 29 | +export GCP_PROJECT_ID="your-project-id" |
| 30 | +export SERVICE_ACCOUNT_NAME="capg-packer-service-account" |
| 31 | + |
| 32 | +gcloud iam service-accounts keys create capg-packer-key.json \ |
| 33 | + --iam-account=${SERVICE_ACCOUNT_NAME}@${GCP_PROJECT_ID}.iam.gserviceaccount.com |
| 34 | +``` |
| 35 | + |
| 36 | +### 3. Set Environment Variables |
| 37 | + |
| 38 | +```bash |
| 39 | +export GCP_PROJECT_ID="your-project-id" |
| 40 | +export GOOGLE_APPLICATION_CREDENTIALS="$(pwd)/capg-packer-key.json" |
| 41 | +``` |
| 42 | + |
| 43 | +### 4. Create Firewall Rule for Packer SSH Access |
| 44 | + |
| 45 | +Packer needs SSH access to the temporary build instance. Create a firewall rule: |
| 46 | + |
| 47 | +```bash |
| 48 | +gcloud compute firewall-rules create allow-packer-ssh \ |
| 49 | + --project=${GCP_PROJECT_ID} \ |
| 50 | + --network=default \ |
| 51 | + --allow=tcp:22 \ |
| 52 | + --source-ranges=0.0.0.0/0 \ |
| 53 | + --target-tags=packer |
| 54 | +``` |
| 55 | + |
| 56 | +This rule only applies to instances tagged with `packer`, which we'll add to the build instance later. |
| 57 | + |
| 58 | +## Building GCP Image |
| 59 | + |
| 60 | +### Step 1: Install Dependencies |
| 61 | + |
| 62 | +The build process needs Packer and Ansible. Install them with: |
| 63 | + |
| 64 | +```bash |
| 65 | +make deps-ami |
| 66 | +``` |
| 67 | + |
| 68 | +This installs Python, Ansible, Packer, and initializes Packer plugins. If you're on macOS, the tools get installed to `.local/bin` in the current directory. Add them to your PATH: |
| 69 | + |
| 70 | +```bash |
| 71 | +export PATH="$(pwd)/.local/bin:$PATH" |
| 72 | +``` |
| 73 | + |
| 74 | +### Step 2: Choose Your Kubernetes Version |
| 75 | + |
| 76 | +Create a config file with the Kubernetes version you want: |
| 77 | + |
| 78 | +**For Kubernetes v1.33.5:** |
| 79 | +```bash |
| 80 | +cat > my-k8s-config.json <<EOF |
| 81 | +{ |
| 82 | + "zone": "europe-west2-a", |
| 83 | + "kubernetes_deb_version": "1.33.5-1.1", |
| 84 | + "kubernetes_rpm_version": "1.33.5", |
| 85 | + "kubernetes_semver": "v1.33.5", |
| 86 | + "kubernetes_series": "v1.33" |
| 87 | +} |
| 88 | +EOF |
| 89 | +``` |
| 90 | + |
| 91 | +### Step 3: Build the GCP Image |
| 92 | + |
| 93 | +Build Ubuntu 24.04 with your chosen Kubernetes version: |
| 94 | + |
| 95 | +```bash |
| 96 | +PACKER_VAR_FILES="$(pwd)/my-k8s-config.json" make build-gce-ubuntu-2404 |
| 97 | +``` |
| 98 | + |
| 99 | +**Important:** If the build gets stuck at "Waiting for SSH to become available...", you need to add the `packer` tag to the build instance: |
| 100 | + |
| 101 | +1. Find the instance name: |
| 102 | +```bash |
| 103 | +gcloud compute instances list \ |
| 104 | + --project=${GCP_PROJECT_ID} \ |
| 105 | + --filter="name:packer* AND zone:europe-west2-a" |
| 106 | +``` |
| 107 | + |
| 108 | +2. Add the packer tag: |
| 109 | +```bash |
| 110 | +gcloud compute instances add-tags INSTANCE_NAME \ |
| 111 | + --project=${GCP_PROJECT_ID} \ |
| 112 | + --zone=europe-west2-a \ |
| 113 | + --tags=packer |
| 114 | +``` |
| 115 | + |
| 116 | +Replace `INSTANCE_NAME` with the actual instance name from step 1. |
| 117 | + |
| 118 | +What happens during the build: |
| 119 | +1. Packer launches a temporary GCP instance |
| 120 | +2. Installs Kubernetes and dependencies |
| 121 | +3. Runs Ansible playbooks to configure everything |
| 122 | +4. Creates a GCP image snapshot |
| 123 | +5. Cleans up the temporary instance |
| 124 | + |
| 125 | +Build time is usually 10-20 minutes. |
| 126 | + |
| 127 | +### Step 4: Verify Your Image |
| 128 | + |
| 129 | +When the build finishes, check that your image was created: |
| 130 | + |
| 131 | +```bash |
| 132 | +gcloud compute images list \ |
| 133 | + --project=${GCP_PROJECT_ID} \ |
| 134 | + --no-standard-images \ |
| 135 | + --filter="family:capi-ubuntu-2404-k8s-v1-33" |
| 136 | +``` |
| 137 | + |
| 138 | +You'll see output like: |
| 139 | + |
| 140 | +``` |
| 141 | +NAME PROJECT FAMILY CREATION_TIMESTAMP |
| 142 | +cluster-api-ubuntu-2404-v1.33.5-1234567890 your-project capi-ubuntu-2404-k8s-v1-33 2024-11-04T10:00:00.000-00:00 |
| 143 | +``` |
| 144 | + |
| 145 | +Save the image name - you'll need it for your CAPI clusters. |
| 146 | + |
| 147 | +### Step 5: Clean Up Firewall Rule |
| 148 | + |
| 149 | +After the build completes, remove the temporary firewall rule: |
| 150 | + |
| 151 | +```bash |
| 152 | +gcloud compute firewall-rules delete allow-packer-ssh \ |
| 153 | + --project=${GCP_PROJECT_ID} \ |
| 154 | + --quiet |
| 155 | +``` |
0 commit comments