320 lines
12 KiB
Go
320 lines
12 KiB
Go
//go:generate struct-markdown
|
|
//go:generate mapstructure-to-hcl2 -type Config,BlockDevice
|
|
|
|
// The ebsvolume package contains a packer.Builder implementation that builds
|
|
// EBS volumes for Amazon EC2 using an ephemeral instance,
|
|
package ebsvolume
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/aws/aws-sdk-go/service/ec2"
|
|
"github.com/aws/aws-sdk-go/service/iam"
|
|
"github.com/hashicorp/hcl/v2/hcldec"
|
|
"github.com/hashicorp/packer/builder"
|
|
awscommon "github.com/hashicorp/packer/builder/amazon/common"
|
|
"github.com/hashicorp/packer/common"
|
|
"github.com/hashicorp/packer/hcl2template"
|
|
"github.com/hashicorp/packer/helper/communicator"
|
|
"github.com/hashicorp/packer/helper/config"
|
|
"github.com/hashicorp/packer/helper/multistep"
|
|
"github.com/hashicorp/packer/packer"
|
|
"github.com/hashicorp/packer/template/interpolate"
|
|
)
|
|
|
|
const BuilderId = "mitchellh.amazon.ebsvolume"
|
|
|
|
type Config struct {
|
|
common.PackerConfig `mapstructure:",squash"`
|
|
awscommon.AccessConfig `mapstructure:",squash"`
|
|
awscommon.RunConfig `mapstructure:",squash"`
|
|
|
|
// Enable enhanced networking (ENA but not SriovNetSupport) on
|
|
// HVM-compatible AMIs. If set, add `ec2:ModifyInstanceAttribute` to your
|
|
// AWS IAM policy. Note: you must make sure enhanced networking is enabled
|
|
// on your instance. See [Amazon's documentation on enabling enhanced
|
|
// networking](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enhanced-networking.html#enabling_enhanced_networking).
|
|
AMIENASupport config.Trilean `mapstructure:"ena_support" required:"false"`
|
|
// Enable enhanced networking (SriovNetSupport but not ENA) on
|
|
// HVM-compatible AMIs. If true, add `ec2:ModifyInstanceAttribute` to your
|
|
// AWS IAM policy. Note: you must make sure enhanced networking is enabled
|
|
// on your instance. See [Amazon's documentation on enabling enhanced
|
|
// networking](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enhanced-networking.html#enabling_enhanced_networking).
|
|
// Default `false`.
|
|
AMISriovNetSupport bool `mapstructure:"sriov_support" required:"false"`
|
|
|
|
// Add the block device mappings to the AMI. If you add instance store
|
|
// volumes or EBS volumes in addition to the root device volume, the
|
|
// created AMI will contain block device mapping information for those
|
|
// volumes. Amazon creates snapshots of the source instance's root volume
|
|
// and any other EBS volumes described here. When you launch an instance
|
|
// from this new AMI, the instance automatically launches with these
|
|
// additional volumes, and will restore them from snapshots taken from the
|
|
// source instance. See the [BlockDevices](#block-devices-configuration)
|
|
// documentation for fields.
|
|
VolumeMappings BlockDevices `mapstructure:"ebs_volumes" required:"false"`
|
|
// Key/value pair tags to apply to the volumes of the instance that is
|
|
// *launched* to create EBS Volumes. These tags will *not* appear in the
|
|
// tags of the resulting EBS volumes unless they're duplicated under `tags`
|
|
// in the `ebs_volumes` setting. This is a [template
|
|
// engine](/docs/templates/engine), see [Build template
|
|
// data](#build-template-data) for more information.
|
|
//
|
|
// Note: The tags specified here will be *temporarily* applied to volumes
|
|
// specified in `ebs_volumes` - but only while the instance is being
|
|
// created. Packer will replace all tags on the volume with the tags
|
|
// configured in the `ebs_volumes` section as soon as the instance is
|
|
// reported as 'ready'.
|
|
VolumeRunTags map[string]string `mapstructure:"run_volume_tags"`
|
|
// Same as [`run_volume_tags`](#run_volume_tags) but defined as a singular
|
|
// repeatable block containing a `key` and a `value` field. In HCL2 mode
|
|
// the
|
|
// [`dynamic_block`](/docs/configuration/from-1.5/expressions#dynamic-blocks)
|
|
// will allow you to create those programatically.
|
|
VolumeRunTag hcl2template.KeyValues `mapstructure:"run_volume_tag"`
|
|
|
|
launchBlockDevices BlockDevices
|
|
|
|
ctx interpolate.Context
|
|
}
|
|
|
|
type Builder struct {
|
|
config Config
|
|
runner multistep.Runner
|
|
}
|
|
|
|
type EngineVarsTemplate struct {
|
|
BuildRegion string
|
|
SourceAMI string
|
|
}
|
|
|
|
func (b *Builder) ConfigSpec() hcldec.ObjectSpec { return b.config.FlatMapstructure().HCL2Spec() }
|
|
|
|
func (b *Builder) Prepare(raws ...interface{}) ([]string, []string, error) {
|
|
b.config.ctx.Funcs = awscommon.TemplateFuncs
|
|
// Create passthrough for {{ .BuildRegion }} and {{ .SourceAMI }} variables
|
|
// so we can fill them in later
|
|
b.config.ctx.Data = &EngineVarsTemplate{
|
|
BuildRegion: `{{ .BuildRegion }}`,
|
|
SourceAMI: `{{ .SourceAMI }} `,
|
|
}
|
|
err := config.Decode(&b.config, &config.DecodeOpts{
|
|
Interpolate: true,
|
|
InterpolateContext: &b.config.ctx,
|
|
}, raws...)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// Accumulate any errors
|
|
var errs *packer.MultiError
|
|
var warns []string
|
|
errs = packer.MultiErrorAppend(errs, b.config.VolumeRunTag.CopyOn(&b.config.VolumeRunTags)...)
|
|
errs = packer.MultiErrorAppend(errs, b.config.AccessConfig.Prepare(&b.config.ctx)...)
|
|
errs = packer.MultiErrorAppend(errs, b.config.RunConfig.Prepare(&b.config.ctx)...)
|
|
errs = packer.MultiErrorAppend(errs, b.config.launchBlockDevices.Prepare(&b.config.ctx)...)
|
|
|
|
for _, d := range b.config.VolumeMappings {
|
|
if err := d.Prepare(&b.config.ctx); err != nil {
|
|
errs = packer.MultiErrorAppend(errs, fmt.Errorf("AMIMapping: %s", err.Error()))
|
|
}
|
|
}
|
|
|
|
b.config.launchBlockDevices = b.config.VolumeMappings
|
|
if err != nil {
|
|
errs = packer.MultiErrorAppend(errs, err)
|
|
}
|
|
|
|
if b.config.IsSpotInstance() && ((b.config.AMIENASupport.True()) || b.config.AMISriovNetSupport) {
|
|
errs = packer.MultiErrorAppend(errs,
|
|
fmt.Errorf("Spot instances do not support modification, which is required "+
|
|
"when either `ena_support` or `sriov_support` are set. Please ensure "+
|
|
"you use an AMI that already has either SR-IOV or ENA enabled."))
|
|
}
|
|
|
|
if b.config.RunConfig.SpotPriceAutoProduct != "" {
|
|
warns = append(warns, "spot_price_auto_product is deprecated and no "+
|
|
"longer necessary for Packer builds. In future versions of "+
|
|
"Packer, inclusion of spot_price_auto_product will error your "+
|
|
"builds. Please take a look at our current documentation to "+
|
|
"understand how Packer requests Spot instances.")
|
|
}
|
|
|
|
if errs != nil && len(errs.Errors) > 0 {
|
|
return nil, warns, errs
|
|
}
|
|
|
|
packer.LogSecretFilter.Set(b.config.AccessKey, b.config.SecretKey, b.config.Token)
|
|
|
|
generatedData := awscommon.GetGeneratedDataList()
|
|
return generatedData, warns, nil
|
|
}
|
|
|
|
func (b *Builder) Run(ctx context.Context, ui packer.Ui, hook packer.Hook) (packer.Artifact, error) {
|
|
session, err := b.config.Session()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
ec2conn := ec2.New(session)
|
|
iam := iam.New(session)
|
|
|
|
// Setup the state bag and initial state for the steps
|
|
state := new(multistep.BasicStateBag)
|
|
state.Put("config", &b.config)
|
|
state.Put("access_config", &b.config.AccessConfig)
|
|
state.Put("ec2", ec2conn)
|
|
state.Put("iam", iam)
|
|
state.Put("hook", hook)
|
|
state.Put("ui", ui)
|
|
generatedData := &builder.GeneratedData{State: state}
|
|
|
|
var instanceStep multistep.Step
|
|
|
|
if b.config.IsSpotInstance() {
|
|
instanceStep = &awscommon.StepRunSpotInstance{
|
|
PollingConfig: b.config.PollingConfig,
|
|
AssociatePublicIpAddress: b.config.AssociatePublicIpAddress,
|
|
LaunchMappings: b.config.launchBlockDevices,
|
|
BlockDurationMinutes: b.config.BlockDurationMinutes,
|
|
Comm: &b.config.RunConfig.Comm,
|
|
Ctx: b.config.ctx,
|
|
Debug: b.config.PackerDebug,
|
|
EbsOptimized: b.config.EbsOptimized,
|
|
ExpectedRootDevice: "ebs",
|
|
InstanceInitiatedShutdownBehavior: b.config.InstanceInitiatedShutdownBehavior,
|
|
InstanceType: b.config.InstanceType,
|
|
SourceAMI: b.config.SourceAmi,
|
|
SpotInstanceTypes: b.config.SpotInstanceTypes,
|
|
SpotPrice: b.config.SpotPrice,
|
|
SpotTags: b.config.SpotTags,
|
|
Tags: b.config.RunTags,
|
|
UserData: b.config.UserData,
|
|
UserDataFile: b.config.UserDataFile,
|
|
VolumeTags: b.config.VolumeRunTags,
|
|
}
|
|
} else {
|
|
instanceStep = &awscommon.StepRunSourceInstance{
|
|
PollingConfig: b.config.PollingConfig,
|
|
AssociatePublicIpAddress: b.config.AssociatePublicIpAddress,
|
|
LaunchMappings: b.config.launchBlockDevices,
|
|
Comm: &b.config.RunConfig.Comm,
|
|
Ctx: b.config.ctx,
|
|
Debug: b.config.PackerDebug,
|
|
EbsOptimized: b.config.EbsOptimized,
|
|
EnableT2Unlimited: b.config.EnableT2Unlimited,
|
|
ExpectedRootDevice: "ebs",
|
|
InstanceInitiatedShutdownBehavior: b.config.InstanceInitiatedShutdownBehavior,
|
|
InstanceType: b.config.InstanceType,
|
|
IsRestricted: b.config.IsChinaCloud() || b.config.IsGovCloud(),
|
|
SourceAMI: b.config.SourceAmi,
|
|
Tags: b.config.RunTags,
|
|
UserData: b.config.UserData,
|
|
UserDataFile: b.config.UserDataFile,
|
|
VolumeTags: b.config.VolumeRunTags,
|
|
}
|
|
}
|
|
|
|
// Build the steps
|
|
steps := []multistep.Step{
|
|
&awscommon.StepSourceAMIInfo{
|
|
SourceAmi: b.config.SourceAmi,
|
|
EnableAMISriovNetSupport: b.config.AMISriovNetSupport,
|
|
EnableAMIENASupport: b.config.AMIENASupport,
|
|
AmiFilters: b.config.SourceAmiFilter,
|
|
},
|
|
&awscommon.StepNetworkInfo{
|
|
VpcId: b.config.VpcId,
|
|
VpcFilter: b.config.VpcFilter,
|
|
SecurityGroupIds: b.config.SecurityGroupIds,
|
|
SecurityGroupFilter: b.config.SecurityGroupFilter,
|
|
SubnetId: b.config.SubnetId,
|
|
SubnetFilter: b.config.SubnetFilter,
|
|
AvailabilityZone: b.config.AvailabilityZone,
|
|
},
|
|
&awscommon.StepKeyPair{
|
|
Debug: b.config.PackerDebug,
|
|
Comm: &b.config.RunConfig.Comm,
|
|
DebugKeyPath: fmt.Sprintf("ec2_%s.pem", b.config.PackerBuildName),
|
|
},
|
|
&awscommon.StepSecurityGroup{
|
|
SecurityGroupFilter: b.config.SecurityGroupFilter,
|
|
SecurityGroupIds: b.config.SecurityGroupIds,
|
|
CommConfig: &b.config.RunConfig.Comm,
|
|
TemporarySGSourceCidrs: b.config.TemporarySGSourceCidrs,
|
|
SkipSSHRuleCreation: b.config.SSMAgentEnabled(),
|
|
},
|
|
&awscommon.StepIamInstanceProfile{
|
|
IamInstanceProfile: b.config.IamInstanceProfile,
|
|
SkipProfileValidation: b.config.SkipProfileValidation,
|
|
TemporaryIamInstanceProfilePolicyDocument: b.config.TemporaryIamInstanceProfilePolicyDocument,
|
|
},
|
|
instanceStep,
|
|
&stepTagEBSVolumes{
|
|
VolumeMapping: b.config.VolumeMappings,
|
|
Ctx: b.config.ctx,
|
|
},
|
|
&awscommon.StepGetPassword{
|
|
Debug: b.config.PackerDebug,
|
|
Comm: &b.config.RunConfig.Comm,
|
|
Timeout: b.config.WindowsPasswordTimeout,
|
|
BuildName: b.config.PackerBuildName,
|
|
},
|
|
&awscommon.StepCreateSSMTunnel{
|
|
AWSSession: session,
|
|
Region: *ec2conn.Config.Region,
|
|
LocalPortNumber: b.config.SessionManagerPort,
|
|
RemotePortNumber: b.config.Comm.Port(),
|
|
SSMAgentEnabled: b.config.SSMAgentEnabled(),
|
|
},
|
|
&communicator.StepConnect{
|
|
Config: &b.config.RunConfig.Comm,
|
|
Host: awscommon.SSHHost(
|
|
ec2conn,
|
|
b.config.SSHInterface,
|
|
b.config.Comm.Host(),
|
|
),
|
|
SSHPort: awscommon.Port(
|
|
b.config.SSHInterface,
|
|
b.config.Comm.Port(),
|
|
),
|
|
SSHConfig: b.config.RunConfig.Comm.SSHConfigFunc(),
|
|
},
|
|
&awscommon.StepSetGeneratedData{
|
|
GeneratedData: generatedData,
|
|
},
|
|
&common.StepProvision{},
|
|
&common.StepCleanupTempKeys{
|
|
Comm: &b.config.RunConfig.Comm,
|
|
},
|
|
&awscommon.StepStopEBSBackedInstance{
|
|
PollingConfig: b.config.PollingConfig,
|
|
Skip: b.config.IsSpotInstance(),
|
|
DisableStopInstance: b.config.DisableStopInstance,
|
|
},
|
|
&awscommon.StepModifyEBSBackedInstance{
|
|
EnableAMISriovNetSupport: b.config.AMISriovNetSupport,
|
|
EnableAMIENASupport: b.config.AMIENASupport,
|
|
},
|
|
}
|
|
|
|
// Run!
|
|
b.runner = common.NewRunner(steps, b.config.PackerConfig, ui)
|
|
b.runner.Run(ctx, state)
|
|
|
|
// If there was an error, return that
|
|
if rawErr, ok := state.GetOk("error"); ok {
|
|
return nil, rawErr.(error)
|
|
}
|
|
|
|
// Build the artifact and return it
|
|
artifact := &Artifact{
|
|
Volumes: state.Get("ebsvolumes").(EbsVolumes),
|
|
BuilderIdValue: BuilderId,
|
|
Conn: ec2conn,
|
|
StateData: map[string]interface{}{"generated_data": state.Get("generated_data")},
|
|
}
|
|
ui.Say(fmt.Sprintf("Created Volumes: %s", artifact))
|
|
return artifact, nil
|
|
}
|