From 3d084ee83858f7b4869a61b2c762ff4a1c2c4883 Mon Sep 17 00:00:00 2001 From: marosset Date: Thu, 17 Sep 2020 22:14:07 +0000 Subject: [PATCH 1/9] Updating configure-windows-vhd.ps1 to support multiple Windows OS versions --- vhd/packer/configure-windows-vhd.ps1 | 74 ++++++++++++++++++++++------ 1 file changed, 58 insertions(+), 16 deletions(-) diff --git a/vhd/packer/configure-windows-vhd.ps1 b/vhd/packer/configure-windows-vhd.ps1 index fc3b66cee6..afeb91cb9f 100644 --- a/vhd/packer/configure-windows-vhd.ps1 +++ b/vhd/packer/configure-windows-vhd.ps1 @@ -38,14 +38,31 @@ function Disable-WindowsUpdates { function Get-ContainerImages { param ( - $containerRuntime + $containerRuntime, + $windowsServerVersion ) - $imagesToPull = @( - "mcr.microsoft.com/windows/servercore:ltsc2019", - "mcr.microsoft.com/windows/nanoserver:1809", - "mcr.microsoft.com/oss/kubernetes/pause:1.4.0", - "mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.0.1-alpha.1-windows-1809-amd64", - "mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v1.2.1-alpha.1-windows-1809-amd64") + + switch ($windowsServerVersion) + { + '2019' { + $imagesToPull = @( + "mcr.microsoft.com/windows/servercore:ltsc2019", + "mcr.microsoft.com/windows/nanoserver:1809", + "mcr.microsoft.com/oss/kubernetes/pause:1.4.0", + "mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v2.0.1-alpha.1-windows-1809-amd64", + "mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v1.2.1-alpha.1-windows-1809-amd64") + } + '2004' { + $imagesToPull = @( + "mcr.microsoft.com/windows/servercore:2004", + "mcr.microsoft.com/windows/nanoserver:2004", + "mcr.microsoft.com/oss/kubernetes/pause:1.4.0" + } + default { + $imagesToPull = @() + } + } + if ($containerRuntime -eq 'containerd') { foreach ($image in $imagesToPull) { @@ -177,19 +194,36 @@ function Install-Docker { Start-Service docker } - function Install-OpenSSH { Write-Log "Installing OpenSSH Server" Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 } function Install-WindowsPatches { - # Windows Server 2019 update history can be found at https://support.microsoft.com/en-us/help/4464619 - # then you can get download links by searching for specific KBs at http://www.catalog.update.microsoft.com/home.aspx + param ( + $windowsServerVersion + ) + + switch ($windowsServerVersion) + { + '2019' { + # Windows Server 2019 update history can be found at https://support.microsoft.com/en-us/help/4464619 + # then you can get download links by searching for specific KBs at http://www.catalog.update.microsoft.com/home.aspx + + # KB4558998 contains August 11, 2020 cumulative updates for Windows Server 2019 + # https://www.catalog.update.microsoft.com/Search.aspx?q=KB4565349 + $patchUrls = @("http://download.windowsupdate.com/d/msdownload/update/software/secu/2020/08/windows10.0-kb4565349-x64_919b9f31d4ccfa91183fbb9bab8c2975529e66b6.msu") + } + '2004' { + # Windows Server, Version 2004 update history can be found at https://support.microsoft.com/en-us/help/4555932 + # then you can get download links by searching for specific KBs at http://www.catalog.update.microsoft.com/home.aspx - # KB4558998 contains August 11, 2020 cumulative updates for Windows Server 2019 - # https://www.catalog.update.microsoft.com/Search.aspx?q=KB4565349 - $patchUrls = @("http://download.windowsupdate.com/d/msdownload/update/software/secu/2020/08/windows10.0-kb4565349-x64_919b9f31d4ccfa91183fbb9bab8c2975529e66b6.msu") + $patchUrls = @() + } + default { + $patchUrls = @() + } + } foreach ($patchUrl in $patchUrls) { $pathOnly = $patchUrl.Split("?")[0] @@ -209,7 +243,7 @@ function Install-WindowsPatches { Write-Log "Finished install of $fileName" } 3010 { - WRite-Log "Finished install of $fileName. Reboot required" + Write-Log "Finished install of $fileName. Reboot required" } default { Write-Log "Error during install of $fileName. ExitCode: $($proc.ExitCode)" @@ -279,13 +313,21 @@ if (-not ($validContainerRuntimes -contains $containerRuntime)) { exit 1 } +$windowsServerVersion = $env:WindowsServerVersion +$validWindowsServerContainers = @('2019', '2004') +if (-not ($validWindowsServerContainers -contains $windowsServerVersion)) +{ + Write-Host "Unsupported Windows Server version: $windowsServerVersion" + exit 1 +} + switch ($env:ProvisioningPhase) { "1" { Write-Log "Performing actions for provisioning phase 1" Set-WinRmServiceDelayedStart Set-AllowedSecurityProtocols Disable-WindowsUpdates - Install-WindowsPatches + Install-WindowsPatches -WindowsServerVersion $windowsServerVersion Update-DefenderSignatures Install-OpenSSH Update-WindowsFeatures @@ -298,7 +340,7 @@ switch ($env:ProvisioningPhase) { if ($containerRuntime -eq 'containerd') { Install-ContainerD } - Get-ContainerImages -containerRuntime $containerRuntime + Get-ContainerImages -containerRuntime $containerRuntime -WindowsServerVersion $windowsServerVersion Get-FilesToCacheOnVHD (New-Guid).Guid | Out-File -FilePath 'c:\vhd-id.txt' } From c0576b4fcfb33f6789586965a207150519d6d910 Mon Sep 17 00:00:00 2001 From: marosset Date: Thu, 17 Sep 2020 23:06:57 +0000 Subject: [PATCH 2/9] Updating configured-windows-vhd.ps1 to not use containerd from a personal storage account --- vhd/packer/configure-windows-vhd.ps1 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/vhd/packer/configure-windows-vhd.ps1 b/vhd/packer/configure-windows-vhd.ps1 index afeb91cb9f..921adee598 100644 --- a/vhd/packer/configure-windows-vhd.ps1 +++ b/vhd/packer/configure-windows-vhd.ps1 @@ -12,7 +12,7 @@ $ErrorActionPreference = "Stop" filter Timestamp { "$(Get-Date -Format o): $_" } -$global:containerdPackageUrl = "https://marosset.blob.core.windows.net/pub/containerd/containerd-0.0.87-public.zip" +$global:containerdPackageUrl = "https://github.com/containerd/containerd/releases/download/v1.4.1/containerd-1.4.1-windows-amd64.tar.gz" function Write-Log($Message) { $msg = $message | Timestamp @@ -157,13 +157,13 @@ function Install-ContainerD { Write-Log "Getting containerD binaries from $global:containerdPackageUrl" $installDir = "c:\program files\containerd" - $zipPath = [IO.Path]::Combine($installDir, "containerd.zip") + $tarPath = [IO.Path]::Combine($installDir, "containerd.tar.gz") Write-Log "Installing containerd to $installDir" New-Item -ItemType Directory $installDir -Force | Out-Null - Invoke-WebRequest -UseBasicParsing -Uri $global:containerdPackageUrl -OutFile $zipPath - Expand-Archive -Path $zipPath -DestinationPath $installDir - Remove-Item -Path $zipPath | Out-null + Invoke-WebRequest -UseBasicParsing -Uri $global:containerdPackageUrl -OutFile $tarPath + tar -xzf $tarPath --strip=1 -C $installDir + Remove-Item -Path $tarPath | Out-null $newPath = [Environment]::GetEnvironmentVariable("Path", [EnvironmentVariableTarget]::Machine) + ";$installDir" [Environment]::SetEnvironmentVariable("Path", $newPath, [EnvironmentVariableTarget]::Machine) From f8da9223adafa64e042877f6eb8c973a8dbf62ca Mon Sep 17 00:00:00 2001 From: marosset Date: Thu, 17 Sep 2020 23:38:12 +0000 Subject: [PATCH 3/9] Updating windows packer file to take in windows os version specific vars from a file --- vhd/packer/windows-2004-vars.json | 7 +++++++ vhd/packer/windows-2019-vars.json | 7 +++++++ vhd/packer/windows-vhd-builder.json | 24 ++++++++++++++++-------- 3 files changed, 30 insertions(+), 8 deletions(-) create mode 100644 vhd/packer/windows-2004-vars.json create mode 100644 vhd/packer/windows-2019-vars.json diff --git a/vhd/packer/windows-2004-vars.json b/vhd/packer/windows-2004-vars.json new file mode 100644 index 0000000000..bb3a60ad39 --- /dev/null +++ b/vhd/packer/windows-2004-vars.json @@ -0,0 +1,7 @@ +{ + "image_publisher": "MicrosoftWindowsServer", + "image_offer": "WindowsServer", + "image_sku": "datacenter-core-2004-with-containers-smalldisk", + "image_version": "19041.508.2009070256", + "windows_server_version": "2004" +} \ No newline at end of file diff --git a/vhd/packer/windows-2019-vars.json b/vhd/packer/windows-2019-vars.json new file mode 100644 index 0000000000..ed23dbefe6 --- /dev/null +++ b/vhd/packer/windows-2019-vars.json @@ -0,0 +1,7 @@ +{ + "image_publisher": "MicrosoftWindowsServer", + "image_offer": "WindowsServer", + "image_sku": "2019-Datacenter-Core-smalldisk", + "image_version": "17763.1339.2007101755", + "windows_server_version": "2019" +} \ No newline at end of file diff --git a/vhd/packer/windows-vhd-builder.json b/vhd/packer/windows-vhd-builder.json index 696dfa2b1e..8fe7c82ade 100644 --- a/vhd/packer/windows-vhd-builder.json +++ b/vhd/packer/windows-vhd-builder.json @@ -8,10 +8,15 @@ "client_id": "{{env `AZURE_CLIENT_ID`}}", "client_secret": "{{env `AZURE_CLIENT_SECRET`}}", "container_runtime": "{{env `CONTAINER_RUNTIME`}}", + "image_publisher": null, + "image_offer": null, + "image_sku": null, + "image_version": null, "tenant_id": "{{env `AZURE_TENANT_ID`}}", "subscription_id": "{{env `AZURE_SUBSCRIPTION_ID`}}", "location": "{{env `AZURE_LOCATION`}}", - "vm_size": "{{env `AZURE_VM_SIZE`}}" + "vm_size": "{{env `AZURE_VM_SIZE`}}", + "windows_server_version": null }, "builders": [ { @@ -23,12 +28,12 @@ "location": "{{user `location`}}", "vm_size": "{{user `vm_size`}}", "os_type": "Windows", - "image_publisher": "MicrosoftWindowsServer", - "image_offer": "WindowsServer", - "image_sku": "2019-Datacenter-Core-smalldisk", - "image_version": "17763.1339.2007101755", + "image_publisher": "{{user `image_publisher`}}", + "image_offer": "{{user `image_offer`}}", + "image_sku": "{{user `image_sku`}", + "image_version": "{{user `image_version`}}", "resource_group_name": "{{user `resource_group_name`}}", - "capture_container_name": "aksengine-vhds-windows-ws2019", + "capture_container_name": "aksengine-vhds-windows-{{user `windows_server_version`}}", "capture_name_prefix": "aksengine-{{user `create_time`}}", "storage_account": "{{user `storage_account_name`}}", "communicator": "winrm", @@ -38,6 +43,7 @@ "winrm_username": "packer", "azure_tags": { "os": "Windows", + "windowsVersion": "{{user `windows-server-version`}}", "now": "{{user `create_time`}}", "createdBy": "aks-engine-vhd-pipeline" } @@ -49,7 +55,8 @@ "elevated_password": "{{.WinRMPassword}}", "environment_vars": [ "ProvisioningPhase=1", - "ContainerRuntime={{user `container_runtime`}}" + "ContainerRuntime={{user `container_runtime`}}", + "windowsServerVersion={{user `windows_server_version`}}" ], "type": "powershell", "script": "vhd/packer/configure-windows-vhd.ps1" @@ -67,7 +74,8 @@ "elevated_password": "{{.WinRMPassword}}", "environment_vars": [ "ProvisioningPhase=2", - "ContainerRuntime={{user `container_runtime`}}" + "ContainerRuntime={{user `container_runtime`}}", + "windowsServerVersion={{user `windows_server_version`}}" ], "type": "powershell", "script": "vhd/packer/configure-windows-vhd.ps1" From 9e31e77dfda1c2cef627a3d487abd1af1a009898 Mon Sep 17 00:00:00 2001 From: marosset Date: Thu, 17 Sep 2020 23:39:47 +0000 Subject: [PATCH 4/9] updating windows build pipeline/packer.mk to pass new vars file to packer --- packer.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packer.mk b/packer.mk index cb92fb324f..ac0c7f8f7a 100644 --- a/packer.mk +++ b/packer.mk @@ -5,7 +5,7 @@ build-packer-ubuntu-gen2: @packer build -var-file=vhd/packer/settings.json vhd/packer/vhd-image-builder-ubuntu-gen2.json build-packer-windows: - @packer build -var-file=vhd/packer/settings.json vhd/packer/windows-vhd-builder.json + @packer build -var-file=vhd/packer/settings.json -var-file=/vhd/packer/windows-${WINDOWS-SERVER-VERSION}-vars.json vhd/packer/windows-vhd-builder.json init-packer: @./vhd/packer/init-variables.sh From e900e76319a79c43cb8da3ce79787f5e77f75ca4 Mon Sep 17 00:00:00 2001 From: marosset Date: Fri, 18 Sep 2020 10:20:52 -0700 Subject: [PATCH 5/9] formatting configure-windows-vhd-ps1 --- vhd/packer/configure-windows-vhd.ps1 | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/vhd/packer/configure-windows-vhd.ps1 b/vhd/packer/configure-windows-vhd.ps1 index 921adee598..70405cc1fc 100644 --- a/vhd/packer/configure-windows-vhd.ps1 +++ b/vhd/packer/configure-windows-vhd.ps1 @@ -42,8 +42,7 @@ function Get-ContainerImages { $windowsServerVersion ) - switch ($windowsServerVersion) - { + switch ($windowsServerVersion) { '2019' { $imagesToPull = @( "mcr.microsoft.com/windows/servercore:ltsc2019", @@ -56,7 +55,7 @@ function Get-ContainerImages { $imagesToPull = @( "mcr.microsoft.com/windows/servercore:2004", "mcr.microsoft.com/windows/nanoserver:2004", - "mcr.microsoft.com/oss/kubernetes/pause:1.4.0" + "mcr.microsoft.com/oss/kubernetes/pause:1.4.0") } default { $imagesToPull = @() @@ -163,7 +162,7 @@ function Install-ContainerD { New-Item -ItemType Directory $installDir -Force | Out-Null Invoke-WebRequest -UseBasicParsing -Uri $global:containerdPackageUrl -OutFile $tarPath tar -xzf $tarPath --strip=1 -C $installDir - Remove-Item -Path $tarPath | Out-null + Remove-Item -Path $tarPath | Out-Null $newPath = [Environment]::GetEnvironmentVariable("Path", [EnvironmentVariableTarget]::Machine) + ";$installDir" [Environment]::SetEnvironmentVariable("Path", $newPath, [EnvironmentVariableTarget]::Machine) @@ -187,7 +186,7 @@ function Install-Docker { $defaultDockerVersion = "19.03.11" Write-Log "Attempting to install Docker version $defaultDockerVersion" - Install-PackageProvider -Name DockerMsftProvider -Force -ForceBootstrap | Out-null + Install-PackageProvider -Name DockerMsftProvider -Force -ForceBootstrap | Out-Null $package = Find-Package -Name Docker -ProviderName DockerMsftProvider -RequiredVersion $defaultDockerVersion Write-Log "Installing Docker version $($package.Version)" $package | Install-Package -Force | Out-Null @@ -203,9 +202,8 @@ function Install-WindowsPatches { param ( $windowsServerVersion ) - - switch ($windowsServerVersion) - { + + switch ($windowsServerVersion) { '2019' { # Windows Server 2019 update history can be found at https://support.microsoft.com/en-us/help/4464619 # then you can get download links by searching for specific KBs at http://www.catalog.update.microsoft.com/home.aspx @@ -236,7 +234,7 @@ function Install-WindowsPatches { Write-Log "Downloading windows patch from $pathOnly to $fullPath" Invoke-WebRequest -UseBasicParsing $patchUrl -OutFile $fullPath Write-Log "Starting install of $fileName" - $proc = Start-Process -Passthru -FilePath wusa.exe -ArgumentList "$fullPath /quiet /norestart" + $proc = Start-Process -PassThru -FilePath wusa.exe -ArgumentList "$fullPath /quiet /norestart" Wait-Process -InputObject $proc switch ($proc.ExitCode) { 0 { @@ -315,8 +313,7 @@ if (-not ($validContainerRuntimes -contains $containerRuntime)) { $windowsServerVersion = $env:WindowsServerVersion $validWindowsServerContainers = @('2019', '2004') -if (-not ($validWindowsServerContainers -contains $windowsServerVersion)) -{ +if (-not ($validWindowsServerContainers -contains $windowsServerVersion)) { Write-Host "Unsupported Windows Server version: $windowsServerVersion" exit 1 } From 687ca3704370016da3d7fee73e6b92b08c981fe3 Mon Sep 17 00:00:00 2001 From: marosset Date: Fri, 18 Sep 2020 10:53:46 -0700 Subject: [PATCH 6/9] vhd-builder-windows.yaml adding missing WINDOWS_SERVER_VERSION to make run-packer-windows-call and added succeeded condition checks everywher --- .pipelines/vhd-builder-windows.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.pipelines/vhd-builder-windows.yaml b/.pipelines/vhd-builder-windows.yaml index df6797c888..0d307c4a9c 100644 --- a/.pipelines/vhd-builder-windows.yaml +++ b/.pipelines/vhd-builder-windows.yaml @@ -40,6 +40,7 @@ jobs: -e BUILD_ID=$(Build.BuildId) \ -e BUILD_NUMBER=$(Build.BuildNumber) \ -e CONTAINER_RUNTIME=$(CONTAINER_RUNTIME) \ + -e WINDOWS-SERVER-VERSION=2019 \ ${DEIS_GO_DEV_IMAGE} make run-packer-windows displayName: Building windows VHD @@ -49,7 +50,7 @@ jobs: -w /go/src/github.com/Azure/aks-engine \ ${DEIS_GO_DEV_IMAGE} make all displayName: build aks-engine-test - make all - condition: eq(variables.COPY_VHD, 'False') + condition: and(succeeded(), eq(variables.COPY_VHD, 'False')) - script: | OS_DISK_URI="$(cat packer-output | grep "OSDiskUri:" | cut -d " " -f 2)" && \ @@ -68,7 +69,7 @@ jobs: -e WINDOWS_NODE_VHD_URL=${OS_DISK_URI} \ ${DEIS_GO_DEV_IMAGE} make test-kubernetes displayName: run e2e tests - condition: eq(variables.COPY_VHD, 'False') + condition: and(succeeded(), eq(variables.COPY_VHD, 'False')) - task: PublishPipelineArtifact@1 inputs: @@ -90,7 +91,7 @@ jobs: -e VHD_NAME=${VHD_NAME} \ ${DEIS_GO_DEV_IMAGE} make az-copy displayName: Copying resource to Classic Storage Account - condition: eq(variables.COPY_VHD, 'True') + condition: and(succeeded(), eq(variables.COPY_VHD, 'True')) - script: | OS_DISK_SAS="$(cat packer-output | grep "OSDiskUriReadOnlySas:" | cut -d " " -f 2)" && \ @@ -106,13 +107,13 @@ jobs: -e VHD_NAME=${VHD_NAME} \ ${DEIS_GO_DEV_IMAGE} make windows-vhd-publishing-info displayName: Generating publishing info for Windows VHD - condition: eq(variables.COPY_VHD, 'True') + condition: and(succeeded(), eq(variables.COPY_VHD, 'True')) - task: PublishPipelineArtifact@1 inputs: artifact: 'publishing-info' path: 'windows-vhd-publishing-info.json' - condition: eq(variables.COPY_VHD, 'True') + condition: and(succeeded(), eq(variables.COPY_VHD, 'True')) - script: | SA_NAME="$(cat packer-output | grep "storage name:" | cut -d " " -f 3)" && \ From fc8dffe32cb25b7b49e326deb6b85fcbd1e9c9c5 Mon Sep 17 00:00:00 2001 From: marosset Date: Fri, 18 Sep 2020 11:14:17 -0700 Subject: [PATCH 7/9] fixup! updating windows build pipeline/packer.mk to pass new vars file to packer --- packer.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packer.mk b/packer.mk index ac0c7f8f7a..5f60fe5157 100644 --- a/packer.mk +++ b/packer.mk @@ -5,7 +5,7 @@ build-packer-ubuntu-gen2: @packer build -var-file=vhd/packer/settings.json vhd/packer/vhd-image-builder-ubuntu-gen2.json build-packer-windows: - @packer build -var-file=vhd/packer/settings.json -var-file=/vhd/packer/windows-${WINDOWS-SERVER-VERSION}-vars.json vhd/packer/windows-vhd-builder.json + @packer build -var-file=vhd/packer/settings.json -var-file=vhd/packer/windows-${WINDOWS-SERVER-VERSION}-vars.json vhd/packer/windows-vhd-builder.json init-packer: @./vhd/packer/init-variables.sh From 4f7c6a2f52f40431f7fb4f872535db757b6f5b2c Mon Sep 17 00:00:00 2001 From: marosset Date: Fri, 18 Sep 2020 11:20:12 -0700 Subject: [PATCH 8/9] fixup! Updating windows packer file to take in windows os version specific vars from a file --- vhd/packer/windows-vhd-builder.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vhd/packer/windows-vhd-builder.json b/vhd/packer/windows-vhd-builder.json index 8fe7c82ade..f5f1c269ce 100644 --- a/vhd/packer/windows-vhd-builder.json +++ b/vhd/packer/windows-vhd-builder.json @@ -30,7 +30,7 @@ "os_type": "Windows", "image_publisher": "{{user `image_publisher`}}", "image_offer": "{{user `image_offer`}}", - "image_sku": "{{user `image_sku`}", + "image_sku": "{{user `image_sku`}}", "image_version": "{{user `image_version`}}", "resource_group_name": "{{user `resource_group_name`}}", "capture_container_name": "aksengine-vhds-windows-{{user `windows_server_version`}}", From a855d4115bf3f5632f6e82046041e5ee03408def Mon Sep 17 00:00:00 2001 From: marosset Date: Fri, 18 Sep 2020 11:27:58 -0700 Subject: [PATCH 9/9] fixup! Updating windows packer file to take in windows os version specific vars from a file --- vhd/packer/windows-vhd-builder.json | 1 - 1 file changed, 1 deletion(-) diff --git a/vhd/packer/windows-vhd-builder.json b/vhd/packer/windows-vhd-builder.json index f5f1c269ce..924f5cbeae 100644 --- a/vhd/packer/windows-vhd-builder.json +++ b/vhd/packer/windows-vhd-builder.json @@ -43,7 +43,6 @@ "winrm_username": "packer", "azure_tags": { "os": "Windows", - "windowsVersion": "{{user `windows-server-version`}}", "now": "{{user `create_time`}}", "createdBy": "aks-engine-vhd-pipeline" }