-
Notifications
You must be signed in to change notification settings - Fork 0
/
ntnx-centos-79-lvm-x86_64.pkr.hcl
104 lines (97 loc) · 4.23 KB
/
ntnx-centos-79-lvm-x86_64.pkr.hcl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
packer {
required_plugins {
qemu = {
version = ">= 1.0.1"
source = "github.com/hashicorp/qemu"
}
}
}
source "qemu" "centos79-lvm" {
iso_url = "http://centos-distro.cavecreek.net/7.9.2009/isos/x86_64/CentOS-7-x86_64-Minimal-2009.iso"
iso_checksum = "file:http://centos-distro.cavecreek.net/7.9.2009/isos/x86_64/sha256sum.txt"
output_directory = "centos-7.9-x86_64-lvm"
shutdown_command = "sudo -S shutdown -P now"
disk_size = "100G"
format = "qcow2"
accelerator = "kvm"
http_directory = "http"
ssh_username = "root"
ssh_password = "nutanix/4u"
ssh_timeout = "60m"
vm_name = "centos-7.9-x86_64-lvm.qcow2"
net_device = "virtio-net"
disk_interface = "virtio"
boot_wait = "10s"
boot_command = ["<tab> text ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/centos-7.9-ahv-x86_64-lvm.cfg<enter><wait>"]
headless = true
disk_detect_zeroes = "unmap"
skip_compaction = false
disk_compression = true
vnc_bind_address = "0.0.0.0"
}
build {
sources = ["source.qemu.centos79-lvm"]
# Run updates & install packages
provisioner "shell" {
execute_command = "sudo -E bash '{{ .Path }}'"
scripts = [
"scripts/centos/security_updates.sh",
"scripts/centos/packages_yum_tools.sh",
"scripts/centos/packages_net_tools.sh",
"scripts/centos/packages_cloud_init.sh",
]
expect_disconnect = false
}
# Run scripts to apply Nutanix best practices
provisioner "shell" {
execute_command = "sudo -E bash '{{ .Path }}'"
scripts = [
"scripts/nutanix/ntnx_kernel_settings.sh",
"scripts/nutanix/ntnx_set_max_sectors_kb.sh",
"scripts/nutanix/ntnx_set_disk_timeout.sh",
"scripts/nutanix/ntnx_iscsi_settings.sh",
"scripts/nutanix/ntnx_set_noop.sh",
"scripts/nutanix/ntnx_disable_transparent_hugepage.sh",
]
expect_disconnect = false
}
# Run scripts to prepare to seal the OS image
provisioner "shell" {
execute_command = "sudo -E bash '{{ .Path }}'"
scripts = [
"scripts/linux-common/cleanup-disk-space.sh",
"scripts/linux-common/cleanup-rpm-db.sh",
"scripts/linux-common/get_cloud-init_config.sh",
"scripts/linux-common/cleanup-network.sh",
]
expect_disconnect = false
}
provisioner "shell" {
execute_command = "sudo -E bash '{{ .Path }}'"
scripts = [
"scripts/linux-common/cleanup-network.sh",
"scripts/linux-sysprep/sysprep-op-dhcp-client-state.sh",
]
expect_disconnect = true
}
provisioner "shell" {
execute_command = "sudo -E bash '{{ .Path }}'"
scripts = [
"scripts/centos/security_hardening_sshd.sh",
"scripts/linux-sysprep/sysprep-op-cloud-init.sh",
"scripts/linux-sysprep/sysprep-op-crash-data.sh",
"scripts/linux-sysprep/sysprep-op-firewall-rules.sh",
"scripts/centos/security_selinux_set_enforcing.sh",
"scripts/linux-sysprep/sysprep-op-machine-id.sh",
"scripts/linux-sysprep/sysprep-op-package-manager-cache.sh",
"scripts/linux-sysprep/sysprep-op-package-manager-db.sh",
"scripts/linux-sysprep/sysprep-op-ssh-hostkeys.sh",
"scripts/linux-sysprep/sysprep-op-yum-uuid.sh",
"scripts/linux-sysprep/sysprep-op-tmp-files.sh",
"scripts/linux-sysprep/sysprep-op-logfiles.sh",
"scripts/linux-sysprep/sysprep-op-bash-history.sh",
"scripts/linux-common/reset-root-password.sh",
]
expect_disconnect = false
}
}