The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,224 other followers

Packer template for Alpine Linux on Hyper-V and Azure; GitHub – tomconte/packer-alpine-azure

Posted by jpluimers on 2020/10/05

Cool: a Packer template for Alpine Linux on Hyper-V and Azure: [WayBack] GitHub – tomconte/packer-alpine-azure

I like Alpine Linux because it is lightweight and the focus of being very secure, how popular it is in the Docker scene where it replaced Ubuntu and is now the standar package at [Archive.is/A2] library/alpine – Docker Hub and the motto [WayBack] Alpine Linux; Small. Simple. Secure. Alpine Linux is a security-oriented, lightweight Linux distribution based on musl libc and busybox.

Alpine is not yet out of of the box endorsed by Azure ([WayBack] Endorsed distributions of Linux | Microsoft Docs) so this is a very welcome tool.

From the readme:

Packer template for Alpine Linux on Hyper-V and Azure

This Packer template will generate a VHD suitable for use in Hyper-V or Azure.

How it works

  • The Packer template downloads the Alpine 3.6 ISO from the official download site.
  • It then uses setup-alpine to perform an installation to disk.
  • The answers file is served using Packer’s built-in HTTP server.
  • It also installs the hvtools package and enables the hv_kvp_daemon service so Hyper-V can detect the VM is running and retrieve its IP address. (Read more about Hyper-V Integration Services.)

Software installed

The Packer provisioning step performs the following actions in order to prepare a proper Azure image:

  • Installs Python and OpenSSL, plus sudo and bash
  • Installs the shadow package (for useradd)
  • Installs the Azure Linux Agent
  • Adds recommended boot parameters
  • Sets the ssh client interval to 180
  • Enables the Azure Agent to start at boot

The template also installs a custom useradd script (in /usr/local/sbin) that changes the behavior of adding password-less accounts (i.e. accounts that log in using SSH keys). By default useradd locks the password-less account, preventing it from logging in. The custom script forces an illegal password, so that the password cannot be used to log in, but leaves the account unlocked so it can be access via SSH.

How to use the template

On Linux, using qemu

Check out the packer-qemu branch for a WIP version that builds the Alpine image using qemu, allowing you to generate the image from a Linux machine.

Detailed docs TBD, but the Windows instructions below should help.

On Windows, using Hyper-V

The commands need to be run from an elevated PowerShell prompt so that they can interact with Hyper-V.

First run the template. This will generate a VHDX file locally, in output-hyperv-iso.

packer build alpinehv.json

To use the image in Azure, you need to convert the image to VHD using convert.ps1.

The deploy.cmd script will upload the VHD to Azure and start a VM based on the image. Please amend the script variables as necessary.

Once the VM is started, you can log on via ssh and make any additional changes. Then deprovision the VM to get it ready to be used as an image:

waagent -deprovision

Finally, makeimage.cmd will deallocate the VM, capture it as an image, and start another VM based on that image.

TODO

  • Review/tweak boot command based on ladar’s comment
  • Investigate iptables error messages

Used tooling:

If you are Dutch, or you are fine with a Google translate, then read this background info:

Endorsed version combinations grouped by heritance:

A few others covered in [WayBack] Review: The best Linux distros for Docker and containers | InfoWorld:

and [WayBackLinux Distributions Optimized for Hosting Docker · Sweetcode.io:

  • Alpine Linux,
  • Container Linux,
  • RancherOS,
  • Atomic Host,
  • Boot2Docker,
  • Ubuntu Core

–jeroen

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

 
%d bloggers like this: