[WIP] hashiagent packer reciepe

client.hcl

@@ -0,0 +1,3 @@
+client {
+  enabled = true
+}

config.pkr.hcl

@@ -0,0 +1,8 @@
+packer {
+  required_plugins {
+    googlecompute = {
+      version = ">= 1.0.13"
+      source  = "github.com/hashicorp/googlecompute"
+    }
+  }
+}

config.yaml

@@ -0,0 +1,25 @@
+logging:
+  receivers:
+    syslog:
+      type: files
+      include_paths:
+      - /var/log/messages
+      - /var/log/syslog
+  service:
+    pipelines:
+      default_pipeline:
+        receivers: [syslog]
+metrics:
+  receivers:
+    hostmetrics:
+      type: hostmetrics
+      collection_interval: 60s
+  processors:
+    metrics_filter:
+      type: exclude_metrics
+      metrics_pattern: []
+  service:
+    pipelines:
+      default_pipeline:
+        receivers: [hostmetrics]
+        processors: [metrics_filter]

consul.hcl

@@ -0,0 +1,12 @@
+datacenter = "dc1"
+data_dir = "/opt/consul"
+encrypt = "needsValue"
+verify_incoming = true
+verify_outgoing = true
+verify_server_hostname = true
+
+ca_file = "/opt/consul/certs/consul-agent-ca.pem"
+
+auto_encrypt {
+  tls = true
+}

consul.service

@@ -0,0 +1,20 @@
+[Unit]
+Description="HashiCorp Consul - A service mesh solution"
+Documentation=https://www.consul.io/
+Requires=network-online.target
+After=network-online.target
+ConditionFileNotEmpty=/etc/consul.d/consul.hcl
+
+[Service]
+EnvironmentFile=-/etc/consul.d/consul.env
+User=consul
+Group=consul
+ExecStart=/usr/bin/consul agent -config-dir=/etc/consul.d/
+ExecReload=/bin/kill --signal HUP $MAINPID
+KillMode=process
+KillSignal=SIGTERM
+Restart=on-failure
+LimitNOFILE=65536
+
+[Install]
+WantedBy=multi-user.target

hashistack-agent.pkr.hcl

@@ -0,0 +1,117 @@
+# bakery reciepe to ensure a fully deployable HashiStack Agent
+# server that relies on GCP Service Accounts for all functions
+# like auto-scaling & auto-healing.
+source "googlecompute" "hashistack-agent" {
+  project_id              = "simplifymycloud-dev"
+  source_image            = "debian-base"
+  source_image_project_id = ["simplifymycloud-dev"]
+  ssh_username            = "packer"
+  use_os_login            = true
+  zone                    = "us-west1-c"
+  subnetwork              = "smc-dev-subnet-01"
+  image_name              = "hashistack-agent"
+  image_description       = "HashiStack Agent, Nomad + Consul"
+  image_storage_locations = ["us-west1"]
+}
+
+build {
+  sources = ["sources.googlecompute.hashistack-agent"]
+  # HashiAgent - nomad agent reciepe
+  provisioner "shell" {
+    inline = [
+      "curl --silent --remote-name https://releases.hashicorp.com/nomad/1.1.0/nomad_1.1.0_linux_amd64.zip",
+      "unzip nomad_1.1.0_linux_amd64.zip",
+      "sudo chown root:root nomad",
+      "sudo mv nomad /usr/local/bin/",
+      "nomad version",
+      "sudo touch /etc/systemd/system/nomad.service",
+      "sudo mkdir --parents /opt/nomad",
+      "sudo mkdir --parents /etc/nomad.d",
+      "sudo useradd --system --home /etc/nomad.d --shell /bin/false nomad",
+      "sudo chmod 700 /etc/nomad.d",
+      "sudo touch /etc/nomad.d/nomad.hcl",
+      "sudo touch /etc/nomad.d/client.hcl",
+    ]
+  }
+  provisioner "file" {
+    source      = "nomad.service"
+    destination = "/tmp/"
+  }
+  provisioner "file" {
+    source      = "nomad.hcl"
+    destination = "/tmp/"
+  }
+  provisioner "file" {
+    source      = "client.hcl"
+    destination = "/tmp/"
+  }
+  provisioner "shell" {
+    inline = [
+      "sudo mv /tmp/nomad.service /etc/systemd/system/nomad.service",
+      "sudo chown root:root /etc/systemd/system/nomad.service",
+      "sudo mv /tmp/nomad.hcl /etc/nomad.d/nomad.hcl",
+      "sudo chown nomad:nomad /etc/nomad.d/nomad.hcl",
+      "sudo mv /tmp/client.hcl /etc/nomad.d/client.hcl",
+      "sudo chown nomad:nomad /etc/nomad.d/client.hcl",
+    ]
+  }
+  # HashiAgent - nomad agent reciepe - END
+  # HashiAgent - consul agent reciepe
+  provisioner "shell" {
+    inline = [
+      "curl --silent --remote-name https://releases.hashicorp.com/consul/1.8.0/consul_1.8.0_linux_amd64.zip",
+      "curl --silent --remote-name https://releases.hashicorp.com/1.8.0/consul_1.8.0_SHA256SUMS",
+      "curl --silent --remote-name https://releases.hashicorp.com/1.8.0/consul_1.8.0_SHA256SUMS.sig",
+      "unzip consul_1.8.0_linux_amd64.zip",
+      "sudo chown root:root consul",
+      "sudo mv consul /usr/bin/",
+      "consul --version",
+      "sudo touch /etc/systemd/system/consul.service",
+      "sudo mkdir --parents /opt/consul",
+      "sudo mkdir --parents /etc/consul.d",
+      "sudo touch /etc/consul.d/consul.hcl",
+      "sudo chmod 640 /etc/consul.d/consul.hcl",
+      "sudo useradd --system --home /etc/consul.d --shell /bin/false consul",
+      "sudo chown --recursive consul:consul /opt/consul",
+      "sudo chown --recursive consul:consul /etc/consul.d",
+    ]
+  }
+  provisioner "file" {
+    source      = "consul.service"
+    destination = "/tmp/"
+  }
+  provisioner "file" {
+    source      = "consul.hcl"
+    destination = "/tmp/"
+  }
+  provisioner "shell" {
+    inline = [
+      "sudo mv /tmp/consul.service /etc/systemd/system/consul.service",
+      "sudo chown root:root /etc/systemd/system/consul.service",
+      "sudo mv /tmp/consul.hcl /etc/consul.d/consul.hcl",
+      "sudo chown consul:consul /etc/consul.d/consul.hcl",
+      "sudo systemctl enable consul",
+      "sudo systemctl start consul",
+      "sudo systemctl status consul",
+    ]
+  }
+  # HashiAgent - consul agent reciepe - END
+  # GCP - ops-agent reciepe
+  provisioner "shell" {
+    inline = [
+      "curl -sSO https://dl.google.com/cloudagents/add-google-cloud-ops-agent-repo.sh",
+      "sudo bash add-google-cloud-ops-agent-repo.sh --also-install",
+      "sudo touch /etc/google-cloud-ops-agent/config.yaml",
+    ]
+  }
+  provisioner "file" {
+    source      = "config.yaml"
+    destination = "/tmp/"
+  }
+  provisioner "shell" {
+    inline = [
+      "sudo mv /tmp/config.yaml /etc/google-cloud-ops-agent/config.yaml",
+    ]
+  }
+  # GCP - ops-agent reciepe - END
+}

nomad.hcl

@@ -0,0 +1,2 @@
+datacenter = "dc1"
+data_dir = "/opt/nomad"

nomad.service

@@ -0,0 +1,48 @@
+[Unit]
+Description=Nomad
+Documentation=https://www.nomadproject.io/docs/
+Wants=network-online.target
+After=network-online.target
+
+# When using Nomad with Consul it is not necessary to start Consul first. These
+# lines start Consul before Nomad as an optimization to avoid Nomad logging
+# that Consul is unavailable at startup.
+#Wants=consul.service
+#After=consul.service
+
+[Service]
+
+# Nomad server should be run as the nomad user. Nomad clients
+# should be run as root
+User=root
+Group=root
+
+ExecReload=/bin/kill -HUP $MAINPID
+ExecStart=/usr/local/bin/nomad agent -config /etc/nomad.d
+KillMode=process
+KillSignal=SIGINT
+LimitNOFILE=65536
+LimitNPROC=infinity
+Restart=on-failure
+RestartSec=2
+
+## Configure unit start rate limiting. Units which are started more than
+## *burst* times within an *interval* time span are not permitted to start any
+## more. Use `StartLimitIntervalSec` or `StartLimitInterval` (depending on
+## systemd version) to configure the checking interval and `StartLimitBurst`
+## to configure how many starts per interval are allowed. The values in the
+## commented lines are defaults.
+
+# StartLimitBurst = 5
+
+## StartLimitIntervalSec is used for systemd versions >= 230
+# StartLimitIntervalSec = 10s
+
+## StartLimitInterval is used for systemd versions < 230
+# StartLimitInterval = 10s
+
+TasksMax=infinity
+OOMScoreAdjust=-1000
+
+[Install]
+WantedBy=multi-user.target

readme.md

@@ -0,0 +1,3 @@
+# HashiStack-Agents-Packer-Bake
+
+_Using Packer to bake a HashiAgent server_