From 4491b3047dad1de8b293cfd30758222e2e1677bb Mon Sep 17 00:00:00 2001 From: phuhung273 Date: Sat, 30 Nov 2024 17:31:57 +0700 Subject: [PATCH] AMI support Amazon Linux 2023 --- images/capi/Makefile | 6 +++-- .../capi/ansible/roles/node/defaults/main.yml | 18 +++++++++++++-- images/capi/ansible/roles/node/meta/main.yml | 8 ++++++- .../{amazonLinux2.yml => amazonLinux.yml} | 0 images/capi/ansible/roles/node/tasks/main.yml | 2 +- .../ansible/roles/providers/tasks/aws.yml | 9 -------- .../ansible/roles/sysprep/tasks/redhat.yml | 8 +++++++ images/capi/packer/ami/amazon-2.json | 1 + images/capi/packer/ami/amazon-2023.json | 14 ++++++++++++ images/capi/packer/goss/goss-vars.yaml | 22 +++++++++++++++---- 10 files changed, 69 insertions(+), 19 deletions(-) rename images/capi/ansible/roles/node/tasks/{amazonLinux2.yml => amazonLinux.yml} (100%) create mode 100644 images/capi/packer/ami/amazon-2023.json diff --git a/images/capi/Makefile b/images/capi/Makefile index ecfec48e98..b26d76c691 100644 --- a/images/capi/Makefile +++ b/images/capi/Makefile @@ -356,7 +356,7 @@ NODE_OVA_VSPHERE_BUILD_NAMES := $(addprefix node-ova-vsphere-,$(PLATFORMS_AND_V NODE_OVA_VSPHERE_BASE_BUILD_NAMES := $(addprefix node-ova-vsphere-base-,$(PLATFORMS_AND_VERSIONS)) NODE_OVA_VSPHERE_CLONE_BUILD_NAMES := $(addprefix node-ova-vsphere-clone-,$(PLATFORMS_AND_VERSIONS)) -AMI_BUILD_NAMES ?= ami-centos-7 ami-ubuntu-2004 ami-ubuntu-2204 ami-ubuntu-2404 ami-amazon-2 ami-flatcar ami-windows-2019 ami-rockylinux-8 ami-rhel-8 +AMI_BUILD_NAMES ?= ami-centos-7 ami-ubuntu-2004 ami-ubuntu-2204 ami-ubuntu-2404 ami-amazon-2 ami-amazon-2023 ami-flatcar ami-windows-2019 ami-rockylinux-8 ami-rhel-8 GCE_BUILD_NAMES ?= gce-ubuntu-2004 gce-ubuntu-2204 gce-ubuntu-2404 gce-rhel-8 # Make needs these lists to be space delimited, no quotes @@ -646,6 +646,7 @@ $(RAW_CLEAN_TARGETS): ## -------------------------------------- ##@ Builds build-ami-amazon-2: ## Builds Amazon-2 Linux AMI +build-ami-amazon-2023: ## Builds Amazon-2023 Linux AMI build-ami-centos-7: ## Builds CentOS 7 AMI build-ami-ubuntu-2004: ## Builds Ubuntu 20.04 AMI build-ami-ubuntu-2204: ## Builds Ubuntu 22.04 AMI @@ -877,7 +878,8 @@ build-vultr-ubuntu-2204: ## Builds Ubuntu 22.04 Vultr Snapshot ## -------------------------------------- ##@ Validate packer config validate-ami-amazon-2: ## Validates Amazon-2 Linux AMI Packer config -validate-ami-centos-7: ## Validates CentOS 7 AMI Packer config +validate-ami-amazon-2023: ## Validates Amazon-2023 Linux AMI Packer config +validate-ami-centos-7: ## Validates CentOS 7 AMI Packer c`onfig validate-ami-rockylinux-8: ## Validates RockyLinux 8 AMI Packer config validate-ami-rhel-8: ## Validates RHEL-8 AMI Packer config validate-ami-flatcar: ## Validates Flatcar AMI Packer config diff --git a/images/capi/ansible/roles/node/defaults/main.yml b/images/capi/ansible/roles/node/defaults/main.yml index b4654674f0..f51a0c4069 100644 --- a/images/capi/ansible/roles/node/defaults/main.yml +++ b/images/capi/ansible/roles/node/defaults/main.yml @@ -17,31 +17,45 @@ common_rpms: - ca-certificates - conntrack-tools - chrony - - curl - jq - python3-pip - socat - sysstat - - yum-utils # Used for AmazonLinux-2 distributions al2_rpms: + - curl + - yum-utils - ebtables - python-netifaces - python-requests + - amazon-ssm-agent + - awscli + +# Used for AmazonLinux-2023 distributions +al2023_rpms: + - unzip + - amazon-ssm-agent + - awscli-2 # Used for Azure Linux distributions azurelinux_rpms: + - curl + - yum-utils - lsof # Used for RedHat based distributions == 7 (ex. RHEL-7, CentOS-7 etc.) rh7_rpms: + - curl + - yum-utils - ebtables - python-netifaces - python-requests # Used for RedHat based distributions =! 7 (ex. RHEL-8, RockyLinux-8, RockyLinux-9 etc.) rh8_rpms: + - curl + - yum-utils - nftables - python3-netifaces - python3-requests diff --git a/images/capi/ansible/roles/node/meta/main.yml b/images/capi/ansible/roles/node/meta/main.yml index 5e5a0cd175..f32b7f265a 100644 --- a/images/capi/ansible/roles/node/meta/main.yml +++ b/images/capi/ansible/roles/node/meta/main.yml @@ -17,7 +17,13 @@ dependencies: vars: rpms: "{{ common_rpms + al2_rpms + lookup('vars', 'common_' + build_target + '_rpms') }}" debs: "{{ common_debs }}" - when: ansible_distribution == "Amazon" + when: ansible_distribution == "Amazon" and ansible_distribution_version == "2" + + - role: setup + vars: + rpms: "{{ common_rpms + al2023_rpms + lookup('vars', 'common_' + build_target + '_rpms') }}" + debs: "{{ common_debs }}" + when: ansible_distribution == "Amazon" and ansible_distribution_version == "2023" - role: setup vars: diff --git a/images/capi/ansible/roles/node/tasks/amazonLinux2.yml b/images/capi/ansible/roles/node/tasks/amazonLinux.yml similarity index 100% rename from images/capi/ansible/roles/node/tasks/amazonLinux2.yml rename to images/capi/ansible/roles/node/tasks/amazonLinux.yml diff --git a/images/capi/ansible/roles/node/tasks/main.yml b/images/capi/ansible/roles/node/tasks/main.yml index 408c9d769c..28e23f67ac 100644 --- a/images/capi/ansible/roles/node/tasks/main.yml +++ b/images/capi/ansible/roles/node/tasks/main.yml @@ -15,7 +15,7 @@ - ansible.builtin.import_tasks: photon.yml when: ansible_os_family == "VMware Photon OS" -- ansible.builtin.import_tasks: amazonLinux2.yml +- ansible.builtin.import_tasks: amazonLinux.yml when: ansible_distribution == "Amazon" # This is required until https://github.com/ansible/ansible/issues/77537 is fixed and used. diff --git a/images/capi/ansible/roles/providers/tasks/aws.yml b/images/capi/ansible/roles/providers/tasks/aws.yml index 72c64abc9f..15570ee879 100644 --- a/images/capi/ansible/roles/providers/tasks/aws.yml +++ b/images/capi/ansible/roles/providers/tasks/aws.yml @@ -27,15 +27,6 @@ - ansible_os_family == "RedHat" - ansible_distribution != "Amazon" -- name: Install aws agents RPM - ansible.builtin.package: - name: "{{ item }}" - state: present - with_items: - - amazon-ssm-agent - - awscli - when: ansible_distribution == "Amazon" - - name: Ensure ssm agent is running RPM ansible.builtin.service: name: amazon-ssm-agent diff --git a/images/capi/ansible/roles/sysprep/tasks/redhat.yml b/images/capi/ansible/roles/sysprep/tasks/redhat.yml index 0ec89322d8..a41689f265 100644 --- a/images/capi/ansible/roles/sysprep/tasks/redhat.yml +++ b/images/capi/ansible/roles/sysprep/tasks/redhat.yml @@ -29,6 +29,14 @@ path: /etc/yum.conf regexp: ^exclude= line: exclude={{ package_list }} + when: ansible_distribution != "Amazon" or ansible_distribution_version != "2023" + +- name: Exclude packages from upgrade + ansible.builtin.lineinfile: + path: /etc/dnf/dnf.conf + regexp: ^excludepkgs= + line: excludepkgs={{ package_list }} + when: ansible_distribution == "Amazon" and ansible_distribution_version == "2023" - ansible.builtin.import_tasks: rpm_repos.yml diff --git a/images/capi/packer/ami/amazon-2.json b/images/capi/packer/ami/amazon-2.json index 1fb106e896..8d38ff8336 100644 --- a/images/capi/packer/ami/amazon-2.json +++ b/images/capi/packer/ami/amazon-2.json @@ -5,6 +5,7 @@ "distribution": "Amazon Linux", "distribution_release": "Amazon Linux 2", "distribution_version": "2", + "distro_version": "2", "root_device_name": "/dev/xvda", "source_ami": "", "ssh_username": "ec2-user" diff --git a/images/capi/packer/ami/amazon-2023.json b/images/capi/packer/ami/amazon-2023.json new file mode 100644 index 0000000000..61fc42afd8 --- /dev/null +++ b/images/capi/packer/ami/amazon-2023.json @@ -0,0 +1,14 @@ +{ + "ami_filter_name": "al2023-ami-minimal-2023.*-kernel-6.1*", + "ami_filter_owners": "amazon", + "build_name": "amazon-2023", + "distribution": "Amazon Linux", + "distribution_release": "Amazon Linux 2023", + "distribution_version": "2023", + "distro_version": "2023", + "epel_rpm_gpg_key": "", + "redhat_epel_rpm": "", + "root_device_name": "/dev/xvda", + "source_ami": "", + "ssh_username": "ec2-user" +} diff --git a/images/capi/packer/goss/goss-vars.yaml b/images/capi/packer/goss/goss-vars.yaml index 4ed9bcce11..a7fe7007ce 100644 --- a/images/capi/packer/goss/goss-vars.yaml +++ b/images/capi/packer/goss/goss-vars.yaml @@ -6,24 +6,33 @@ common_rpms: &common_rpms cloud-utils-growpart: conntrack-tools: chrony: - curl: jq: python3-pip: socat: sysstat: - yum-utils: al2_rpms: &al2_rpms + curl: + yum-utils: ebtables: python-netifaces: python-requests: + awscli: + +al2023_rpms: &al2023_rpms + unzip: + awscli-2: rh7_rpms: &rh7_rpms + curl: + yum-utils: ebtables: python-netifaces: python-requests: rh8_rpms: &rh8_rpms + curl: + yum-utils: nftables: python3-netifaces: python3-requests: @@ -136,9 +145,14 @@ amazon linux: enabled: true running: true package: - awscli: amazon-ssm-agent: - <<: *al2_rpms + os_version: + - distro_version: "2" + package: + <<: *al2_rpms + - distro_version: "2023" + package: + <<: *al2023_rpms centos: common-package: *common_rpms amazon: