Skip to content

Latest commit

 

History

History
40 lines (24 loc) · 3.99 KB

README.md

File metadata and controls

40 lines (24 loc) · 3.99 KB

packer-proxmox-ubuntu2004

Github Actions

Packer files to build Ubuntu 20.04 (subiquity-based) images on Proxmox. Ansible is used for 'pre' and 'post' provisioning tasks. Intended to be used in combination with this Terraform module.

Pre-provisioning tasks are used to dynamically generated local files such as the cloud-init user-data. This allows you to easily change the username/password used for the initial user created by cloud-init. SSH keys for the initial account are also generated and stored in the output/ssh_keys folder. This behavior can be changed by using the template_ssh_key_* variables.

Post-provisioning tasks currently disable password based authentication in the sshd_config. This is enabled by cloud-init during the provisioning. The current packer proxmox provider does not support key based authentication and needs to connect with ssh during the provisioning to verify if cloud-init has finished.

Since the cloud-init template adds a public key to authorized_keys file password based authentication is not needed after image creation and thus disabled once packer verifies that cloud-init has finished.

Another post-provisioning is to ensure the template is 'cloud-init ready'. This is added so Terraform can setup the new networking configuration (for example: correct bridge/vlan + static ip). In order for this to work properly cloud-init must be 'enabled/in unfinished state' when Terraform first boots the cloned image. Besides enabling/placing cloud-init in a unfinished state, files added by subiquity should also be removed in order for cloud-init to manage netplan. This way cloud-init can create a new netplan configuration during the initial boot of the cloned image.

The idea is to add a provisioner to the Terraform code that disables cloud-init after the deployment. The Terraform code/cloud-init should not manage netplan from that point onward. The current provider I use also doesn't support this (errors out) and if enforced sometimes breaks the password of the cloud-init created user.

Initial code is based on prior work by Julien Brochet. Link to his blog post.

Usage

  • git clone https://github.com/justin-p/packer-proxmox-ubuntu2004
  • cd packer-proxmox-ubuntu2004
  • cp secrets.auto.pkrvars.hcl.example secrets.auto.pkrvars.hcl
  • Overwrite desired variables in secrets.auto.pkrvars.hcl. See variables.pkr.hcl for all variables, most have sane defaults. The secrets.auto.pkrvars.hcl.example file includes most variables you want to overwrite.
  • packer build .
    Ensure the machine you are running packer from can be reached by the guest VM. Packer spins up a HTTP server to transmit the cloud-init template. Using template_network_bridge might help you.

License

MIT

Author Information

Contributing

Feel free to open issues, contribute and submit your Pull Requests. You can also ping me on Twitter (@JustinPerdok).