b23150057a
This changeset moves the installation of Nomad binaries out of the provisioning framework and into scripts that are installed on the remote host during AMI builds. This provides a few advantages: * The provisioning framework can be reduced in scope (with the goal of moving most of it into the Terraform stack entirely). * The scripts can be arbitrarily complex if we don't have to stuff them into ssh commands, so it's easier to make them idempotent. In this changeset, the scripts check the version of the existing binary and don't re-download when using the `--nomad_sha` or `--nomad_version` flags. * The scripts can be OS/distro specific, which helps in building new test targets. |
||
|---|---|---|
| .. | ||
| disable-windows-updates.ps1 | ||
| fix-tls.ps1 | ||
| install-consul.ps1 | ||
| install-docker.ps1 | ||
| install-nomad.ps1 | ||
| install-nuget.ps1 | ||
| install-openssh.ps1 | ||
| install-tools.ps1 | ||
| install-vault.ps1 | ||
| README.md | ||
| setup-directories.ps1 | ||
| setupwinrm.ps1 | ||
Windows Packer Build
There are a few boilerplate items in the Powershell scripts, explained below.
The default TLS protocol in the version of .NET that our Powershell cmdlets are built in it 1.0, which means plenty of properly configured HTTP servers will reject requests. The boilerplate snippet below sets this for the current script:
# Force TLS1.2
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
We need to run some of the scripts as an administrator role. The following is a safety check that we're doing so:
$RunningAsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")
if (!$RunningAsAdmin) {
Write-Error "Must be executed in Administrator level shell."
exit 1
}