From 1711f8cbbb80ef038881f84ec0de63d4d3baf531 Mon Sep 17 00:00:00 2001 From: havelight-ee Date: Mon, 4 Sep 2023 15:36:46 +0900 Subject: [PATCH] update --- ansible/ansible.cfg | 3 ++ ansible/inventory.ini | 2 +- .../instancegroup_backup/vector.yaml | 27 ++++++++++ packer/build_ami_security/command | 2 +- packer/build_ami_security/kube-amazon.pkr.hcl | 49 +++++++++++++++++++ 5 files changed, 81 insertions(+), 2 deletions(-) create mode 100644 ansible/ansible.cfg create mode 100644 kops/aws_kops_prod/instancegroup_backup/vector.yaml create mode 100644 packer/build_ami_security/kube-amazon.pkr.hcl diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg new file mode 100644 index 0000000..46bb17b --- /dev/null +++ b/ansible/ansible.cfg @@ -0,0 +1,3 @@ +[defaults] +host_key_checking=False + diff --git a/ansible/inventory.ini b/ansible/inventory.ini index 95f3917..8a411ad 100644 --- a/ansible/inventory.ini +++ b/ansible/inventory.ini @@ -1,3 +1,3 @@ [host] 10.10.43.[100:101] ansible_user=root -10.10.43.[110:147] +10.10.43.[110:153] diff --git a/kops/aws_kops_prod/instancegroup_backup/vector.yaml b/kops/aws_kops_prod/instancegroup_backup/vector.yaml new file mode 100644 index 0000000..f70ad2e --- /dev/null +++ b/kops/aws_kops_prod/instancegroup_backup/vector.yaml @@ -0,0 +1,27 @@ +apiVersion: kops.k8s.io/v1alpha2 +kind: InstanceGroup +metadata: + labels: + kops.k8s.io/cluster: k8s-prod.datasaker.io + name: vector +spec: + image: ami-01e58630c6fb43a44 + instanceMetadata: + httpTokens: required + machineType: c6i.2xlarge + manager: CloudGroup + maxSize: 1 + minSize: 1 + mixedInstancesPolicy: + onDemandAboveBase: 0 + onDemandBase: 0 + spotAllocationStrategy: capacity-optimized + nodeLabels: + datasaker/group: vector + kops.k8s.io/instancegroup: vector + role: Node + rootVolumeSize: 100 + subnets: + - ap-northeast-2c + taints: + - prod/vector:NoSchedule diff --git a/packer/build_ami_security/command b/packer/build_ami_security/command index 188a074..882758a 100755 --- a/packer/build_ami_security/command +++ b/packer/build_ami_security/command @@ -1,4 +1,4 @@ -filename="docker-ubuntu.pkr.hcl" +filename="docker-amazon.pkr.hcl" echo "packer init ${filename}" echo "packer fmt ${filename}" diff --git a/packer/build_ami_security/kube-amazon.pkr.hcl b/packer/build_ami_security/kube-amazon.pkr.hcl new file mode 100644 index 0000000..8d296b3 --- /dev/null +++ b/packer/build_ami_security/kube-amazon.pkr.hcl @@ -0,0 +1,49 @@ +packer { + required_plugins { + amazon = { + version = ">= 0.0.2" + source = "github.com/hashicorp/amazon" + } + } +} + +variable "ami_prefix" { + type = string + default = "kubernetes-amazonlinux" +} + +locals { + timestamp = regex_replace(timestamp(), "[- TZ:]", "") +} + +# source 블록에는 실제 빌드할 이미지에 대한 스펙을 정의 +source "amazon-ebs" "kubernetes-amazonlinux" { + ami_name = "${var.ami_prefix}-${local.timestamp}" + instance_type = "t3.small" + region = "ap-northeast-2" + source_ami_filter { + filters = { + image-id = "ami-0eb14fe5735c13eb5" + root-device-type = "ebs" + virtualization-type = "hvm" + } + most_recent = true + owners = ["137112412989"] + } + tags = { + source_ami_name = "{{ .SourceAMIName }}" + } + ssh_username = "ec2-user" +} + +build { + name = "datasaker-packer" + sources = ["source.amazon-ebs.kubernetes-amazonlinux"] + + provisioner "ansible" { + playbook_file = "../ansible/kubernetes_roles.yaml" + user = "ec2-user" + extra_arguments = ["--become"] + ansible_env_vars = ["ANSIBLE_HOST_KEY_CHECKING=False"] + } +}