# Simple Makefile to build base VM images using packer and ansible
# TODO
# * support ssh as user instead of root
# * testing target
PACKER ?= packer
ANSIBLE_DIR_CORE ?= ansible-dracut
ANSIBLE_DIR_PROV ?= ansible-roles-prov
HASHER ?= sha256sum
SHELL := /usr/bin/env bash
ARCH := $(shell uname -m | sed 's/i686/i386/')
BUILDER_QEMU_EXE := qemu-system-$(ARCH)
BUILDER_QEMU_NAME := qemu
BUILDER_QEMU_PROV := $(BUILDER_QEMU_NAME)
BUILDER_VMWARE_EXE := vmware
BUILDER_VMWARE_NAME := vmware-iso
BUILDER_VMWARE_PROV := vmware-vmx
BUILDER_VIRTUALBOX_EXE := virtualbox
BUILDER_VIRTUALBOX_NAME := virtualbox-iso
BUILDER_VIRTUALBOX_PROV := virtualbox-ovf
BUILDERS := QEMU VMWARE VIRTUALBOX
$(foreach cur, $(BUILDERS),\
$(if $(shell command -v $(BUILDER_$(cur)_EXE)),\
$(eval AVAILABLE_BUILDERS += $(cur))))
# If now BUILDER or PROVISIONER was specified on the command line, take the
# first available one; otherwise use that specified one.
BUILDER_SELECTED := $(strip $(if $(filter $(BUILDER),$(AVAILABLE_BUILDERS)),\
$(BUILDER),\
$(firstword $(AVAILABLE_BUILDERS))))
PROVISIONER_SELECTED := $(strip $(if $(filter $(PROVISIONER),$(AVAILABLE_BUILDERS)),\
$(PROVISIONER),\
$(BUILDER_SELECTED)))
override BUILDER = $(BUILDER_$(BUILDER_SELECTED)_NAME)
override PROVISIONER = $(BUILDER_$(PROVISIONER_SELECTED)_PROV)
# The packer templates, detected as *.json (excluding base.json)
TEMPLATES := $(basename $(filter-out base.json ansible-provisioner.json,$(wildcard *.json)))
# The provisioning flavors, detected as ansible-roles/setup-<flavor>.yml
FLAVORS := $(patsubst $(ANSIBLE_DIR_PROV)/setup-%.yml,%, $(wildcard $(ANSIBLE_DIR_PROV)/setup-*.yml))
BASETARGETS := $(foreach template, $(TEMPLATES), $(template)/base)
PROVTARGETS := $(foreach template, $(TEMPLATES), $(foreach flavor, $(FLAVORS), $(template)/$(flavor)))
REPROVTARGETS := $(foreach template, $(TEMPLATES), $(foreach flavor, $(FLAVORS), $(filter-out $(template)/$(flavor).latest,$(wildcard $(template)/$(flavor).*))))
COMPRESSPOSSIBLE := $(foreach template, $(TEMPLATES), $(foreach flavor, $(FLAVORS), $(wildcard $(template)/$(flavor).*)))
COMPRESSTARGETS := $(foreach possible, $(COMPRESSPOSSIBLE), $(possible)/compress)
BOOTTARGETS := $(foreach template, $(TEMPLATES), $(template)/base/boot)
BOOTTARGETS += $(foreach prov, $(PROVTARGETS), $(prov)/boot)
CURBOOTTARGETS := $(foreach prov, $(REPROVTARGETS), $(prov)/boot)
BASERMTARGETS := $(foreach target, $(BASETARGETS), rm/$(target))
PROVRMTARGETS := $(foreach target, $(REPROVTARGETS), rm/$(target))
ifndef ANSIBLE_PROV_EXTRA_ARGS
ANSIBLE_PROV_EXTRA_ARGS :=
endif
#override ANSIBLE_PROV_EXTRA_ARGS += --scp-extra-args,"-O"
override PACKER_OPTS += -var-file=base.json
ifdef DEBUG
VERBOSE := 1
ifeq ($(DEBUG),STEP)
override PACKER_OPTS += -debug
else
override PACKER_OPTS += -on-error=ask
endif
endif
ifdef WINDOW
override PACKER_OPTS += -var='headless=false'
endif
# We support parallel Provisioning packer builds.
# To ensure data consistency we save the used ansible roles before executing in
# its own environment, tagged by the current date & time.
TIMESTAMP := $(shell date "+%Y-%m-%d_%H-%M-%S")
# The ROOTPW is only needed for the base, boot and provisioning targets.
# In every other case it must not be checked as it should be possible to call
# help or cleanup without the need of defining the password.
PW_NEEDED := $(filter $(strip $(BASETARGETS) $(PROVTARGETS) $(BOOTTARGETS)),$(MAKECMDGOALS))
ifneq ($(PW_NEEDED),)
ifeq ($(strip $(ROOTPW)),)
$(error No root password is set, set it as ROOTPW in your environment.)
else
$(foreach cur,$(PW_NEEDED),\
$(eval cur_dir := $(firstword $(subst /, ,$(cur)))/base)\
$(if $(shell test -d "$(cur_dir)" && echo yes),\
$(shell echo "$(ROOTPW)" | $(HASHER) --check --status "$(cur_dir)/rootpw.$(HASHER)")\
$(if $(filter 1,$(.SHELLSTATUS)),\
$(error The wrong ROOTPW is set. Please correct it))))
endif
endif
ifdef VERBOSE
$(info root password: $(ROOTPW))
$(info hasher: $(HASHER))
$(info )
$(info timestamp: $(TIMESTAMP))
$(info )
$(info packer: executable: $(PACKER))
$(info packer: options: $(PACKER_OPTS))
$(info )
$(info ansible: core: $(ANSIBLE_DIR_CORE))
$(info ansible: flavors: $(ANSIBLE_DIR_PROV))
$(info )
$(info builder: available: $(AVAILABLE_BUILDERS))
$(info builder: chosen: $(BUILDER))
$(info )
$(info targets: base: $(strip $(BASETARGETS)))
$(info targets: boot: $(strip $(BOOTTARGETS)))
$(info targets: provision: $(strip $(PROVTARGETS)))
$(info )
endif
.PHONY: help clean_except_last clean_bases clean_all clean_failed backinglock $(REPROVTARGETS)
help:
# Creating base images. When DRACUT_INIT is specified, the dracut module
# repository will be initially cloned and its required components (dnbd3,
# xmount, libxmount-qemu) will be pre-build to accelerate subsequent builds.
$(BASETARGETS):
$(info ** Building template '$(@D)' using '$(BUILDER)' **)
$(eval INIT_TAG := $(if $(DRACUT_INIT),\
install,\
untagged))
$(PACKER) build -only=$(BUILDER) \
$(PACKER_OPTS) \
-var='vm_name=rootfs-image' \
-var='output_directory=$(@D)/base' \
-var='playbook=$(ANSIBLE_DIR_CORE)/slx-builder.yml' \
-var='extra_ansible_args=-t,$(INIT_TAG)' \
$(@D).json
@echo "$(ROOTPW)" | $(HASHER) > $(@D)/base/rootpw.$(HASHER)
# Provisioning images
$(PROVTARGETS): $(foreach flav, $(FLAVORS), %/$(flav)): %/base
$(PROVTARGETS) $(REPROVTARGETS):
$(eval FLAVOR := $(basename $(@F)))
$(eval VERSION := $(if $(suffix $(@)), $(subst .,,$(suffix $(@))), 0))
$(eval BASE_IMAGE := $(if $(wildcard $(@)/build/rootfs-image),\
$(@)/build/rootfs-image,\
$(@D)/base/rootfs-image))
$(eval BUILD_DIR := $(@D)/$(FLAVOR).$(TIMESTAMP))
$(info ** Provisioning '$(@D)' with '$(FLAVOR)' **)
@mkdir -p $(BUILD_DIR)
@cp -r `readlink -f $(ANSIBLE_DIR_PROV)` $(BUILD_DIR)/$(ANSIBLE_DIR_PROV)
@ln -sfn $(FLAVOR).$(TIMESTAMP) $(@D)/$(FLAVOR).latest
@ln -sfr $(BUILD_DIR) $(dir $(BASE_IMAGE))/$(TIMESTAMP).backinglock
@-cp -r $@/$(ANSIBLE_DIR_PROV) $(BUILD_DIR)/$(ANSIBLE_DIR_PROV).$(VERSION)
@-cp -r $@/$(ANSIBLE_DIR_PROV).* $(BUILD_DIR)
$(PACKER) build -only=$(PROVISIONER) \
$(PACKER_OPTS) \
-var='vm_name=rootfs-image' \
-var='output_directory=$(BUILD_DIR)/build' \
-var='base_image=$(BASE_IMAGE)' \
-var='playbook=$(BUILD_DIR)/$(ANSIBLE_DIR_PROV)/setup-$(FLAVOR).yml' \
-var='extra_ansible_args=$(ANSIBLE_PROV_EXTRA_ARGS)' \
ansible-provisioner.json
# Generating boot files
$(BOOTTARGETS): %/boot: %
$(BOOTTARGETS) $(CURBOOTTARGETS):
$(eval BASE_DIR := $(if $(filter base,$(notdir $(@D))),\
,\
$(if $(wildcard $(@D)/build/.),\
$(@D),\
$(@D).$(TIMESTAMP))))
$(eval BUILD_DIR := $(if $(BASE_DIR),\
$(BASE_DIR)/build,\
$(@D)))
$(eval BUILD_DIR := $(if $(filter $(@), $(CURBOOTTARGETS)),\
$(BASE_DIR)/build,\
$(BUILD_DIR)))
$(eval ANSIBLE_DIR_CUR := $(if $(BASE_DIR),\
$(BASE_DIR)/$(ANSIBLE_DIR_PROV),\
$(ANSIBLE_DIR_PROV)))
$(info ** Generating boot files for '$(BUILD_DIR)')
$(PACKER) build -only=$(PROVISIONER) \
$(PACKER_OPTS) \
-var='vm_name=rootfs-image.tmp' \
-var='output_directory=$(BUILD_DIR)/tmp' \
-var='base_image=$(BUILD_DIR)/rootfs-image' \
-var='playbook=$(ANSIBLE_DIR_CORE)/slx-builder.yml' \
-var='extra_ansible_args=-t,install,-t,build' \
-var='extra_ansible_args=$(ANSIBLE_PROV_EXTRA_ARGS)' \
ansible-provisioner.json
@mkdir -p $(BUILD_DIR)/boot
@mv -f $(ANSIBLE_DIR_CORE)/boot_files/* $(BUILD_DIR)/boot
$(if $(DEBUG),,@rm -rf $(BUILD_DIR)/tmp)
$(COMPRESSTARGETS):
$(info ** Commiting and Compressing all changes to the image **)
$(eval IMAGE_NAME := $(@D)/build/rootfs-image)
@virt-sparsify --compress --verbose $(IMAGE_NAME) $(IMAGE_NAME).tmp
@rm -f $(IMAGE_NAME)
@mv $(IMAGE_NAME).tmp $(IMAGE_NAME)
# Safe removal of images
$(BASERMTARGETS):
rm/%: %/*.backinglock
$(eval BUILD_DIR := $(subst rm/,,$(@)))
@rm -rf $(BUILD_DIR)
$(PROVRMTARGETS):
rm/%: %/build/*.backinglock
$(eval BUILD_DIR := $(subst rm/,,$(@))/build)
$(eval FATHER_BUILD := $(dir $(shell qemu-img info $(BUILD_DIR)/rootfs-image | grep "backing file" | cut -d\ -f3-)))
$(eval BUILD_TIME := $(subst .,,$(suffix $(@))))
@rm -rf $(FATHER_BUILD)/$(BUILD_TIME).backinglock
@rm -rf $(BUILD_DIR)
%.backinglock: backinglock
@qemu-img convert -f qcow2 $(@)/build/rootfs-image -O qcow2 $(@)/build/rootfs-image.tmp
@rm $(@)/build/rootfs-image
@mv $(@)/build/rootfs-image.tmp $(@)/build/rootfs-image
@rm $(@)
backinglock:
clean_except_last:
@-$(foreach template,$(TEMPLATES),\
$(eval exclusions := $(shell test -d $(template) && \
find $(template) \
-maxdepth 1 \
-type l \
-print0 \
| xargs -r -0 -n1 readlink))\
test -d $(template) && \
find $(template)/* \
-maxdepth 0 \
-type d \
$(foreach file,$(exclusions),-not -name $(file) ) \
-not -name base \
-print0 \
| xargs -r -0 -n1 rm -rf; )
clean_failed:
@-$(foreach template,$(TEMPLATES),\
test -d $(template) && \
find $(template)/* \
-maxdepth 0 \
-type d \
-not -name base \
-print0 \
| xargs -r -0 -n1 -i \
$(SHELL) -c 'test -d "{}/build" || rm -rf "{}"'; )
clean_bases:
@-$(foreach template,$(TEMPLATES),\
test -d $(template) && rm -rf $(template)/base;)
clean_all:
@-$(foreach template,$(TEMPLATES),\
test -d $(template) && rm -rf $(template);)
help:
@printf "Usage:\n\tmake <template>/<flavor>[/boot]\n"
@echo
@echo "Base images targets:"
@for T in $(BASETARGETS); do printf "\t%s\n" "$$T"; done
@echo
@echo "Provisioning images targets: "
@for P in $(PROVTARGETS); do printf "\t%s\n" "$$P"; done
@for P in $(REPROVTARGETS); do printf "\t%s\n" "$$P"; done
@echo
@echo "Generate boot files targets:"
@printf "\t<{base,provisioning}_target>/boot\n"
@echo
@echo "Commiting backing files and Compressing targets:"
@for C in $(COMPRESSTARGETS); do printf "\t%s\n" "$$C"; done
@echo
@echo "For safely removing targets:"
@printf "\trm/<target>\n"
@echo
@echo "Available options are:"
@printf "\tANSIBLE_DIR_CORE: Set directory with ansible roles for building initramfs (def: ansible-dracut)\n"
@printf "\tANSIBLE_DIR_PROV: Set directory with ansible roles for provisioning (def: ansible-roles-prov)\n"
@printf "\tBUILDER: Set an ISO builder, do not autodetect\n"
@printf "\tPROVISIONER: Set a provisioning builder, do not autodetect\n"
@printf "\tDEBUG: Enable debug mode in packer (includes VERBOSE)\n"
@printf "\t DEBUG= Enable enhanced on-error handling\n"
@printf "\t DEBUG=STEP Enable step by step debugging in packer\n"
@printf "\tHASHER: Set wanted hasher (def: sha256sum)\n"
@printf "\tPACKER: Set packer executable (def: packer)\n"
@printf "\tPACKER_OPTS: Set packer options\n"
@printf "\tROOTPW: Set root password for output image\n"
@printf "\tVERBOSE: Enable verbose output\n"
@printf "\tWINDOW: Disable headless mode\n"
@echo
@echo "Clean targets are:"
@printf "\tclean_except_last\n"
@printf "\tclean_failed\n"
@printf "\tclean_bases\n"
@printf "\tclean_all\n"
