This Packer configuration will generate Ubuntu images with Elasticsearch, Kibana and other important tools for deploying and managing Elasticsearch clusters on the cloud.
The output of running Packer here would be two machine images, as below:
- elasticsearch node image, containing latest Elasticsearch installed (latest version 7.x) and configured with best-practices.
- kibana node image, based on the elasticsearch node image, and with Kibana (7.x, latest).
Using the AWS builder will create the two images and store them as AMIs.
As a convention the Packer builders will use a dedicated IAM roles, which you will need to have present.
aws iam create-role --role-name packer --assume-role-policy-document '{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Principal": {"Service": "ec2.amazonaws.com"},
"Action": "sts:AssumeRole",
"Sid": ""
}
}'
Response will look something like this:
{
"Role": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": {
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
}
}
},
"RoleId": "AROAJ7Q2L7NZJHZBB6JKY",
"CreateDate": "2016-12-16T13:22:47.254Z",
"RoleName": "packer",
"Path": "/",
"Arn": "arn:aws:iam::611111111117:role/packer"
}
}
Follow up by execting the following
aws iam create-instance-profile --instance-profile-name packer
aws iam add-role-to-instance-profile --instance-profile-name packer --role-name packer
By default, AWS builder will pick a subnet from the default VPC for running the builder instance. It is required for that subnet to have Public IPs auto-assignment enabled. Otherwise, packer won't be able to make a SSH connection to the instance and will hang on Waiting for SSH to become available...
If you don't want to enable public IPs auto-assignment on your default VPC subnets, you can explicitly set the subnet by setting vpc_id
and subnet_id
keys in *.packer.json files amazon-ebs
builder definitions.
Before running Packer for the first time you will need to do a one-time initial setup.
Use PowerShell, and login to AzureRm. See here for more details: https://docs.microsoft.com/en-us/powershell/azure/authenticate-azureps. Once logged in, take note of the subscription and tenant IDs which will be printed out. Alternatively, you can retrieve them by running Get-AzureRmSubscription
once logged-in.
$rgName = "packer-elasticsearch-images"
$location = "East US"
New-AzureRmResourceGroup -Name $rgName -Location $location
$Password = ([char[]]([char]33..[char]95) + ([char[]]([char]97..[char]126)) + 0..9 | sort {Get-Random})[0..8] -join ''
"Password: " + $Password
$sp = New-AzureRmADServicePrincipal -DisplayName "Azure Packer IKF" -Password $Password
New-AzureRmRoleAssignment -RoleDefinitionName Contributor -ServicePrincipalName $sp.ApplicationId
$sp.ApplicationId
Note the resource group name, location, password, sp.ApplicationId as used in the script and emitted as output and update variables.json
.
To learn more about using Packer on Azure see https://docs.microsoft.com/en-us/azure/virtual-machines/windows/build-image-with-packer
Similarly, using the Azure CLI is going to look something like below:
export rgName=packer-elasticsearch-images
az group create -n ${rgName} -l eastus
az ad sp create-for-rbac --query "{ client_id: appId, client_secret: password, tenant_id: tenant }"
# outputs client_id, client_secret and tenant_id
az account show --query "{ subscription_id: id }"
# outputs subscription_id
Install packer. https://developer.hashicorp.com/packer/tutorials/docker-get-started/get-started-install-cli Alternatively, install pkenv which allows better control over the installed version, and then install packer. https://github.com/iamhsa/pkenv
Install the relevant plugin by running one of the following:
packer plugins install github.com/hashicorp/amazon
packer plugins install github.com/hashicorp/googlecompute
packer plugins install github.com/hashicorp/azure
Building the AMIs is done using the following commands:
packer build -only=aws -var-file=variables.json elasticsearch7-node.packer.json
packer build -only=aws -var-file=variables.json kibana7-node.packer.json
Replace the -only
parameter to azure
to build images for Azure instead of AWS.
For creating the Kibana image in azure, make sure you update "azure_elasticsearch_image_name" in variables.json. You can see the value in the output for the creation of the Elasticsearch image.