open-nomad/e2e/terraform/packer
Tim Gross e012c2b5bf
Infrastructure for Windows e2e testing (#6584)
Includes:
* baseline Windows AMI
* initial pass at Terraform configurations
* OpenSSH for Windows

Using OpenSSH is a lot nicer for Nomad developers than winrm would be,
plus it lets us avoid passing around the Windows password in the
clear.

Note that now we're copying up all the provisioning scripts and
configs as a zipped bundle because TF's file provisioner dies in the
middle of pushing up multiple files (whereas `scp -r` works fine).

We're also running all the provisioning scripts inside the userdata by
polling for the zip file to show up (gross!). This is because
`remote-exec` provisioners are failing on Windows with the same symptoms as:

https://github.com/hashicorp/terraform/issues/17728

If we can't fix this, it'll prevent us from having multiple Windows
clients running until TF supports count interpolation in the
`template_file`, which is planned for a later 0.12 release.
2019-11-19 11:06:10 -05:00
..
linux update vagrant & packer consul versions 2019-11-07 10:13:14 -05:00
windows Infrastructure for Windows e2e testing (#6584) 2019-11-19 11:06:10 -05:00
packer-windows.json Infrastructure for Windows e2e testing (#6584) 2019-11-19 11:06:10 -05:00
packer.json
README.md Infrastructure for Windows e2e testing (#6584) 2019-11-19 11:06:10 -05:00

Packer Builds

These builds are run as-needed to update the AMIs used by the end-to-end test infrastructure.

What goes here?

  • steps that aren't specific to a given Nomad build: ex. all Linux instances need jq and awscli.
  • steps that aren't specific to a given EC2 instance: nothing that includes an IP address.
  • steps that infrequently change: the version of Consul or Vault we ship.

Running Packer builds

$ packer --version
1.4.4

# build linux AMI
$ packer build packer.json

# build Windows AMI
$ packer build packer-windows.json

Debugging Packer Builds

You'll need the Windows administrator password in order to access Windows machines via winrm as Packer does. You can get this by enabling -debug on your Packer build.

packer build -debug -on-error=abort packer-windows.json
...
==> amazon-ebs: Pausing after run of step 'StepRunSourceInstance'. Press enter to continue.
==> amazon-ebs: Waiting for auto-generated password for instance...
    amazon-ebs: Password (since debug is enabled): <redacted>

Alternately, you can follow the steps in the AWS documentation. Note that you'll need the ec2_amazon-ebs.pem file that Packer drops in this directory.

Then in powershell (note the leading $ here indicate variable declarations, not shell prompts!):

$username = "Administrator"
$password = "<redacted>"
$securePassword = ConvertTo-SecureString -AsPlainText -Force $password
$remoteHostname = "54.x.y.z"
$port = 5986
$cred = New-Object System.Management.Automation.PSCredential ($username, $securePassword)
$so = New-PSSessionOption -SkipCACheck -SkipCNCheck

Enter-PsSession `
    -ComputerName $remoteHostname `
    -Port $port `
    -Credential $cred `
    -UseSSL `
    -SessionOption $so `
    -Authentication Basic

Packer doesn't have a cleanup command if you've run -on-error=abort. So when you're done, clean up the machine by looking for "Packer" in the AWS console: