当前位置: 首页 > DevOps > [模版自动化系列]一、使用Packer自动化构建vSphere虚拟机模版—CentOS7.x

[模版自动化系列]一、使用Packer自动化构建vSphere虚拟机模版—CentOS7.x

DevOps 2条评论 2020-2-16 3,871 views

最近我在与客户探讨DevOps转型的相关规划和设计,当我们统计现有虚拟化管理员工作量的时候,发现大部分时间用在为应用部门准备各种虚拟机,由于每个应用对虚拟机的要求不同(CPU、内存、硬盘、硬盘分区、系统参数配置等),最后管理员不得不每次都全新安装虚拟机,这就产生了大量重复性工作,无法学习新技术和业务创建。

很多时候管理员会直接通过历史模版克隆,再进行调整,虽然时间上节约了一些,但是依然存在以下的挑战:

  1. 虚拟机磁盘分区的调整难,这会导致大量的磁盘资源浪费;
  2. 模版补丁更新不及时,管理员很难做到每周/月更新一次模版,导致模版克隆出来的机器存在大量漏洞;
  3. 模版包含大量无用组件,为适应多种应用的环境,一般模版中会包含大量各应用无关的组件,带来潜在的风险;
  4. 二次修改带来的不稳定性,如果在克隆后的模版中再进行修改,稳定性会产生影响;
  5. 在“自动化”的背景下,CI/CD会基于模版进行自动化部署或伸缩,模版的更新不仅仅包含操作系统,还包含应用在内。

基于以上的分析,企业需要具备一个“自动化”的模版管理工具,实现模版自动化构建和声明式定义,以释放管理员的重复性工作,同时,也是企业向DevOps转型的储备,进而加速企业信息化建设步伐。

Update 2020.06.12:Packer 1.6.0版本变更了部分参数,使用如下命令修复

packer fix centos-vsphere.json > centos-vsphere-new.json
rm -rf centos-vsphere.json
mv centos-vsphere-new.json centos-vsphere.json

本系列一共分为四部分:
一、使用Packer自动化构建vSphere虚拟机模版——CentOS 7.x
二、使用Packer自动化构建vSphere虚拟机模版——Windows Server 2016
三、使用Terraform结合Packer批量部署虚拟机
四、使用GitLab CI/CD实现虚拟机声明式管理和自动化集成


相关工具:

Packer是一个开源的自动化虚拟机模版构建工具,支持私有云和公有云,几乎涵盖所有的环境。 vSphere是VMware企业级虚拟化软件,被企业客户广泛使用,具备稳定性高、性能好、安全性高和易使用的特点。

相关代码中包含Packer所需的json文件和CentOS7的kickstart文件

kickstart语法参考中详细说明了kickstart的语法

VMware虚拟机硬件版本中详细列出了vSphere对虚拟机硬件版本的支持

使用时请根据实际环境进行修改



环境需求:


  1. 一台Windows/Linux/MacOS电脑,能够连接vCenter Server;
  2. Packer程序:https://packer.io/downloads.html
  3. CentOS 7.x ISO:https://wiki.centos.org/Download


Packer安装

Packer采用GO语言编写,安装非常简单,只需要将解压后的packer文件拷贝到系统bin目录下即可,下面是在Linux下的安装方式:

wget https://releases.hashicorp.com/packer/1.5.4/packer_1.5.4_linux_amd64.zip
unzip packer_1.5.4_linux_amd64.zip
cp packer /usr/loca/bin
chmod +x /usr/local/bin/packer
export PATH=/usr/local/bin:$PATH
packer version


CentOS 7的Packer模版

我们需要两个基础文件,用于使用Packer在vSphere环境中构建CentOS 7.x模版:

  1. centos-vsphere.json文件(Packer模版);
  2. ks.cfg文件()

推荐下载仓库的文件,避免拷贝粘贴可能造成的字符问题;packer-vsphere


centos-vsphere.json文件说明

variables段落,用于定义vCenter的相关信息和虚拟机配置,其会在Builders段落引用,注意虚拟机文件夹需要预先创建好。

  1. vm-name:定义虚拟机模版基础名称,在build阶段会自己增加日期后缀,以方便却别版本;
  2. vm-version:定义虚拟机使用什么硬件版本,当前vSphere6.7U3使用15,其他版本请查询相关工具中心的VMware虚拟机硬件版本
  3. vm-folder:定义虚拟机模版保存在哪个文件夹中;
  4. vm-cpu-num:定义虚拟机模版配置的CPU数量,通过模版再进行部署时可以修改;
  5. vm-mem-size:定义虚拟机模版配置的内存容量(MB单位),通过模版再进行部署时可以修改;
  6. vm-disk-size:定义虚拟机磁盘容量(MB单位),后续的kickstart会基于此容量进行分区,/boot、swap、/var/log、/分区是固定的配置(通过修改ks.cfg更改),/app-date用于存放应用,会使用所有剩余空间;
  7. iso_url:指定系统安装光盘位置,本示例使用vSphere环境构建,所以指定共享存储的路径;

提示1:为保证ISO文件有效,可以通过参数(iso_checksum、iso_checksum_type和iso_checksum_url)验证ISO是否完成; 提示2:变量部分可以独立为var.json文件,在build时单独指定;

  "variables": {
    "vsphere-server": "vcenter.corp.local",
    "vsphere-user": "administrator@vsphere.local",
    "vsphere-password": "VMware1!",
    "vsphere-datacenter": "Labs-DC02",
    "vsphere-cluster": "DC02-Cluster",
    "vsphere-network": "vlan100",
    "vsphere-datastore": "SSD_DATASTORE",
    "vm-name": "CentOS7-T",
    "vm-version": "15",
    "vm-folder": "Templates",
    "vm-cpu-num": "1",
    "vm-mem-size": "1024",
    "vm-disk-size": "81920",
    "iso_url": "[SSD_DATASTORE] 0-ISO/CentOS-7-x86_64-DVD-1908.iso",
    "magic_reference_date": "2006-01-02 15-04-05+0800"
  },

builders段落,用于真正的构建配置,本示例中将经常需要改变的部分通过variables定义,并在此阶段引用。

  1. vm_name:我们采用variables中的名字和日期进行组合,isotime会获取当前日期;
  2. notes:显示在虚拟机的备注属性中,用于查看模版具体的构建时间;
  3. guest_os_type:定义虚拟机客户机操作系统,可以通VMware官方文档或者创建虚拟机后查询.vmx文件获得正确的客户机操作系统代码;
  4. ssh_username:定义provisioners阶段连接模版虚拟机的口令,此口令来自ks.cfg中的配置;
  5. disk_controller_type:定义虚拟机的SCSI控制器类型,这里采用更高性能的VMware准虚拟;
  6. disk_thin_provisioned:定义虚拟机是否使用精简磁盘;
  7. network_card:网卡类型,这里选择了性能最好的vmxnet3;
  8. convert_to_template:定义是否自动转换成模版,请根据需要选择,如果虚拟机部署编排工具不支持从模版克隆,就需要配置为false;
  9. floppy_files:定义CentOS无人值守安装的kickstart文件;
  "builders": [
    {
      "type": "vsphere-iso",
      "vcenter_server": "{{user `vsphere-server`}}",
      "username": "{{user `vsphere-user`}}",
      "password": "{{user `vsphere-password`}}",
      "insecure_connection": "true",
      "datacenter": "{{user `vsphere-datacenter`}}",
      "cluster": "{{user `vsphere-cluster`}}",
      "network": "{{user `vsphere-network`}}",
      "datastore": "{{user `vsphere-datastore`}}",
      "vm_name": "{{user `vm-name`}}-{{isotime \"2006-01-02\"}}",
      "vm_version": "{{user `vm-version`}}",
      "folder": "{{user `vm-folder`}}",
      "notes": "Build via Packer in {{ (isotime | (user `magic_reference_date`)) }}",
      "boot_wait": "10s",
      "boot_order": "disk,cdrom,floppy",
      "guest_os_type": "centos7_64Guest",
      "ssh_username": "root",
      "ssh_password": "VMware1!",
      "CPUs": "{{user `vm-cpu-num`}}",
      "RAM": "{{user `vm-mem-size`}}",
      "RAM_reserve_all": false,
      "disk_controller_type": "pvscsi",
      "disk_size": "{{user `vm-disk-size`}}",
      "disk_thin_provisioned": true,
      "network_card": "vmxnet3",
      "convert_to_template": true,
      "iso_paths": ["{{user `iso_url`}}"],
      "floppy_files": ["ks.cfg"],
      "boot_command": [
        "<esc><wait>",
        "linux ks=hd:fd0:/ks.cfg<enter>"
      ]
    }
  ],

provissioners段落,用于系统自动化安全完成后的自定义操作,例如:更新系统补丁,清理模版等,本示例中进行了系统更新。

  "provisioners": [
    {
      "type": "shell",
      "inline": [
        "rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7",
        "yum install deltarpm -y",
        "yum update -y",
        "yum clean all"
      ]
    }
  ]
}


ks.cfg文件说明

kickstart文件的介绍很多,这里不进行详细介绍,可以参考官方文档说明,下面仅针对我定制化的内容进行说明;

  1. 第9行rootpw,定义root密码,--plainetext参数表示不会在部署目标系统中记录密码;
  2. 第20行bootloader,更改默认网卡名为eth0,禁用ipv6;
  3. 第26行network,设定虚拟机网络和主机名,本示例采用dhcp,如果使用静态IP地址请参考上一行;
  4. 第33行lang,设定语言支持,添加简体中文;
  5. 第39行timezone,设定亚洲/上海时区;
  6. 第47-63行,定义磁盘分区,按照企业生产规范进行分区,采用xfs文件系统,采用lvm以便后期扩展;
  7. 第145-151行,删除系统无用用户,减少风险;
  8. 第158-160行,创建本地用户ops,用于应用用户登陆,请根据实际情况定义;
  9. 第166-169行,授权ops用户sudo权限,请根据实际情况定义;
  10. 第176-197行,更新ntp;
  11. 第202-205行,优化SSH登录速度;
  12. 第210-229行,优化系统最大打开文件参数;请根据实际情况定义;
  13. 第235-246行,清理模版中的网卡UUID和更改ifcfg-eth0参数;此示例采用DHCP;
  14. 第252-291行,用于静态IP地址配置和禁用NetworkManager管理DNS;
  15. 第334-403行,更改系统默认yum源为aliyun;请根据企业环境进行修改,一般内网使用yum私服(例如:nexus3);

本示例中的密码均为VMware1!,请注意自行修改。

# Base CentOS 7.x install

firewall --disabled
selinux --disabled

#--------------------------------------------------------------------------
# set password for root
#--------------------------------------------------------------------------
rootpw --plaintext VMware1!

#--------------------------------------------------------------------------
# set bootloader and use eth0
#--------------------------------------------------------------------------
## bootloader
# elevator=noop - Use a simple FIFO queue for I/O algorithm since hypervisor will also manage this
# pci=bfsort    - Breadth-first pci order for NIC enumeration
# net.ifnames=0 - Disable predictable network interface naming
# biosdevname=0 - Disables consistent network interface naming
bootloader --location=mbr --append="elevator=noop pci=bfsort net.ifnames=0 biosdevname=0 ipv6.disable=1"

#--------------------------------------------------------------------------
# Config network use dhcp
#--------------------------------------------------------------------------
# network --bootproto=static --ip=192.168.10.100 --netmask=255.255.255.0 --gateway=192.168.10.1 --nameserver 192.168.10.1,192.168.10.2
network --bootproto=dhcp --device=eth0 --noipv6 --onboot=yes --device=eth0 --hostname=CentOS7Template --activate

authconfig --enableshadow --passalgo=sha512

keyboard --vckeymap=us --xlayouts='us'

# Set language to use during installation and the default language to use on the installed system (required)
lang en_US.UTF-8 --addsupport=zh_CN.UTF-8
skipx
install
#--------------------------------------------------------------------------
# set timezone
#--------------------------------------------------------------------------
timezone Asia/Shanghai --ntpservers=3.centos.pool.ntp.org,0.centos.pool.ntp.org
eula --agreed
services --enabled=NetworkManager,sshd

#--------------------------------------------------------------------------
# Setup disk and LVM
#--------------------------------------------------------------------------
zerombr

# Only partition sda, leave other disks unpartitioned
ignoredisk --only-use=sda
clearpart --all --drives=sda

part /boot --fstype=xfs --size=512
part pv.01 --grow --size=1

volgroup sys_vg pv.01
logvol / --fstype=xfs --name=root --vgname=sys_vg --size=10240
logvol swap --name=swap --vgname=sys_vg --size=4096
logvol /tmp --fstype=xfs --name=tmp --vgname=sys_vg --size=4096
logvol /usr --fstype=xfs --name=usr --vgname=sys_vg --size=3072
logvol /var --fstype=xfs --name=var --vgname=sys_vg --size=2048
logvol /var/log --fstype=xfs --name=var_log --vgname=sys_vg --size=4096
logvol /app-data --fstype=xfs --name=app-data --vgname=sys_vg --size=1 --grow

#--------------------------------------------------------------------------
# Select packages for installation
#--------------------------------------------------------------------------
%packages --ignoremissing
Require @Base
@Base
@core
biosdevname
sed
perl
less
dmidecode
bzip2
iproute
iputils
sysfsutils
rsync
nano
mdadm
setserial
man-pages.noarch
findutils
tar
net-tools
tmpwatch
lsof
python
screen
lvm2
curl
ypbind
yp-tools
smartmontools
openssh-clients
acpid
irqbalance
which
bind-utils
ntsysv
ntp
man
open-vm-tools
vim
lrzsz
wget
tree
screen
tcpdump
#mysql
#postfix
chkconfig
gzip
%end 
# End of %packages section

#--------------------------------------------------------------------------
# Run post installation script
#--------------------------------------------------------------------------
%post --log=/root/ks-post.log
#!/bin/sh
(
set -x

#--------------------------------------------------------------------------
# Disable the tiered-progress bar during boot
#--------------------------------------------------------------------------
/bin/sed -i -e 's/ rhgb//' -e 's/ quiet//'  /boot/grub2/grub.cfg
/bin/sed -i -e 's/ rhgb//' -e 's/ quiet//'  /etc/grub2.cfg
/bin/sed -i -e 's/ rhgb//' -e 's/ quiet//'  /etc/default/grub

plymouth-set-default-theme text
/usr/libexec/plymouth/plymouth-update-initrd

#--------------------------------------------------------------------------
# Remove default user/group accounts that are not needed
#--------------------------------------------------------------------------
/usr/sbin/userdel operator
/usr/sbin/userdel games
/usr/sbin/userdel lp
/usr/sbin/userdel sync
/usr/sbin/userdel shutdown
/usr/sbin/userdel halt
/usr/sbin/groupdel games

#--------------------------------------------------------------------------
# Create local ops user with password "VMware1!"
#--------------------------------------------------------------------------

/usr/sbin/useradd ops; echo 'VMware1!' | passwd --stdin ops
/usr/sbin/usermod -a -G wheel ops
/usr/bin/chage -M -1 -E -1 ops

#--------------------------------------------------------------------------
# Add local ops user to sudoers
#--------------------------------------------------------------------------
/bin/cat <<'EOF'>> /etc/sudoers

Defaults:ops !requiretty
ops ALL=(ALL) NOPASSWD: ALL
EOF

#--------------------------------------------------------------------------
# sync hardware clock
#--------------------------------------------------------------------------
/usr/sbin/ntpdate 192.168.10.1
/sbin/hwclock --systohc --utc

#--------------------------------------------------------------------------
# configure NTP
#--------------------------------------------------------------------------
/bin/cat <<'EOF'> /etc/ntp.conf
restrict default ignore
restrict 127.0.0.1
driftfile /var/lib/ntp/drift
logfile /var/log/ntpd
broadcastdelay 0.008
server 192.168.10.1
restrict 192.16.10.1 mask 255.255.255.255 nomodify notrap noquery
EOF

/bin/cat <<'EOF'> /etc/ntp/step-tickers
192.168.10.1
EOF

/bin/touch /var/log/ntpd

#--------------------------------------------------------------------------
# SSHD setup
#--------------------------------------------------------------------------
/bin/sed -i /etc/ssh/sshd_config \
         -e 's/^#UseDNS yes$/UseDNS no/' \
         -e 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' \
         # -e 's/^#PermitRootLogin yes/PermitRootLogin no/'

#--------------------------------------------------------------------------
# Increase open file limmits
#--------------------------------------------------------------------------
/bin/cat <<'EOF'>> /etc/sysctl.conf

# Increases maximum open file limmit
fs.file-max = 65536

EOF

/bin/cat <<'EOF'>> /etc/security/limits.conf
# Custom configuration files in /etc/security/limits.d
EOF

/bin/cat <<'EOF'> /etc/security/limits.d/10-nofile.conf
*       soft    nofile      65535
*       hard    nofile      65535
EOF

/bin/cat <<'EOF'> /etc/security/limits.d/11-stack.conf
*       soft    stack       65535
*       hard    stack       65535
EOF

#--------------------------------------------------------------------------
# Remove hard coded UUID + MAC from network device configs and DNS/Gateway information
#--------------------------------------------------------------------------
/bin/sed -i '/^DNS1*..*$/d' /etc/sysconfig/network-scripts/ifcfg-e*
/bin/sed -i '/^DNS2*..*$/d' /etc/sysconfig/network-scripts/ifcfg-e*
/bin/sed -i '/^GATEWAY*..*$/d' /etc/sysconfig/network-scripts/ifcfg-e*
/bin/sed -i '/^HOSTNAME*..*$/d' /etc/sysconfig/network-scripts/ifcfg-e*
/bin/sed -i '/^HWADDR*..*$/d' /etc/sysconfig/network-scripts/ifcfg-e*
/bin/sed -i '/^NM_CONTROLLED*..*$/d' /etc/sysconfig/network-scripts/ifcfg-e*
/bin/sed -i '/^UUID*..*$/d' /etc/sysconfig/network-scripts/ifcfg-e*

/bin/mv /etc/sysconfig/network-scripts/ifcfg-e* /etc/sysconfig/network-scripts/ifcfg-eth0
/bin/sed -i 's/ens192/eth0/g' /etc/sysconfig/network-scripts/ifcfg-eth0
/bin/sed -i "s\ONBOOT=no\ONBOOT=yes\g" /etc/sysconfig/network-scripts/ifcfg-eth0
/bin/sed -i "s\IPV6INIT=yes\IPV6INIT=no\g" /etc/sysconfig/network-scripts/ifcfg-eth0

#--------------------------------------------------------------------------
# Update ifcfg-eth0 to use static ip address
#--------------------------------------------------------------------------
#/bin/rm -rf /etc/sysconfig/network-scripts/ifcfg-eth*
#/bin/cat <<'EOF'>> /etc/sysconfig/network-scripts/ifcfg-eth0
#TYPE=Ethernet
#PROXY_METHOD=none
#BROWSER_ONLY=no
#BOOTPROTO=static
#DEFROUTE=yes
#IPV4_FAILURE_FATAL=no
#IPV6INIT=no
#IPV6_AUTOCONF=no
#IPV6_DEFROUTE=no
#IPV6_FAILURE_FATAL=no
#IPV6_ADDR_GEN_MODE=stable-privacy
#NAME=eth0
#DEVICE=eth0
#ONBOOT=yes
#IPADDR=192.168.10.100
#NETMASK=255.255.255.0
#GATEWAY=192.168.10.1
#DNS1=192.168.10.1
#DOMAIN=corp.local
#EOF

#--------------------------------------------------------------------------
# Configure NetworkManager
#--------------------------------------------------------------------------
#/bin/cat <<'EOF'> /etc/NetworkManager/conf.d/11-corp.conf
#[main]
#no-auto-default=*
#dns=none
#EOF

#--------------------------------------------------------------------------
# Configure DNS
#--------------------------------------------------------------------------
#/bin/cat <<'EOF'> /etc/resolv.conf
#nameserver 10.208.10.1
#EOF

#--------------------------------------------------------------------------
# For root, disable color "ls", and use old style sorting order.
#--------------------------------------------------------------------------
touch /root/.dir_colors

/bin/cat <<'EOF'>> /root/.i18n
LC_COLLATE=C
EOF

#--------------------------------------------------------------------------
# Setup logrotate configuration
#--------------------------------------------------------------------------
/bin/cat <<'EOF'> /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files monthly
monthly

# keep 12 months worth of backlogs
rotate 12

# create new (empty) log files after rotating old ones
create

# uncomment this if you want your log files compressed
compress

# RPM packages drop log rotation information into this directory
include /etc/logrotate.d

# no packages own wtmp -- we'll rotate them here
/var/log/wtmp {
    create 0664 root utmp
}
EOF

#--------------------------------------------------------------------------
# Setup default yum repos
#--------------------------------------------------------------------------

/bin/rm -f /etc/yum.repos.d/CentOS-*

/bin/cat <<'EOF'> /etc/yum.repos.d/CentOS-Base.repo
[base]
name=CentOS-$releasever - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

#released updates 
[updates]
name=CentOS-$releasever - Updates - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
EOF

/bin/cat <<'EOF'> /etc/yum.repos.d/epel-7.repo
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://mirrors.aliyun.com/epel/7/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
baseurl=http://mirrors.aliyun.com/epel/7/$basearch/debug
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0

[epel-source]
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
baseurl=http://mirrors.aliyun.com/epel/7/SRPMS
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0
EOF

#--------------------------------------------------------------------------
# Remove UUID for /boot in fstab
#--------------------------------------------------------------------------
/bin/sed -i "s/UUID*..*\/boot/\/dev\/sda1\t\t\/boot/" /etc/fstab

#--------------------------------------------------------------------------
# Symlink /var/tmp to /tmp
#--------------------------------------------------------------------------
/bin/rm -rf /var/tmp
/bin/ln -s /tmp /var/tmp

#--------------------------------------------------------------------------
# Enable or Disable Specific OS Services/Daemons
#--------------------------------------------------------------------------
/usr/bin/systemctl enable autofs
/usr/bin/systemctl enable ntpd
/usr/bin/systemctl disable firewalld.service
/usr/bin/systemctl disable auditd
/usr/bin/systemctl disable mdmonitor
/usr/bin/systemctl disable postfix
/usr/bin/systemctl disable abrt-ccpp.service
/usr/bin/systemctl disable abrt-oops.service
/usr/bin/systemctl disable abrt-vmcore.service
/usr/bin/systemctl disable abrt-xorg.service
/usr/bin/systemctl disable abrtd.service
/usr/bin/systemctl disable iscsi.service
/usr/bin/systemctl disable iscsid.socket
/usr/bin/systemctl disable iscsiuio.socket
/usr/bin/systemctl disable libstoragemgmt.service
/usr/bin/systemctl disable multipathd.service
/usr/bin/systemctl disable wpa_supplicant.service

#--------------------------------------------------------------------------
# End of post
#--------------------------------------------------------------------------
) 2>&1
%end

# Reboot after the installation is complete (optional)
# --eject   attempt to eject CD or DVD media before rebooting
reboot --eject


Packer验证配置

完成配置文件的准备后,我们需要验证packer的配置文件是否正确,使用一下命令:

可以增加-timestamp-ui参数显示时间(timestamp)

packer validate centos-vsphere.json


Packer执行构建

packer build centos-vsphere.json

如果第一次构建成功,并且虚拟机名称是固定的(本示例是基于日期的)下一次构建时可以增加-force参数覆盖上一次模版;

packer build -froce centos-vsphere.json


检查构建结果

构建完成后,命令行如下提示;

登陆到vSpehre中可以看到模版:


完成

至此我们通过Packer实现了vSphere环境下虚拟机模版的自动构建,如果希望构建其他环境可以参考官方文档。下一章我会带来通过Packer构建Windows Server 2016虚拟机模版。


标签: , ,

2 条评论 “[模版自动化系列]一、使用Packer自动化构建vSphere虚拟机模版—CentOS7.x”

  1. dc说道:

    这个还需要搭建KS、PXE、TFTP服务器这些吗,还是集成在Packer里面了?

    1. liguoqiang说道:

      不需要搭建KS、PXE、TFTP服务,Packer实现了这些功能。

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注