diff --git a/.gitignore b/.gitignore index 69743da..a68e2fe 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,7 @@ **/terraform.tfvars **/.terraform.lock.hcl **/http/user-data +**/variables.yaml # Local Python Directories **/Testing*/* diff --git a/NOTICE.txt b/NOTICE.txt index 5c9db58..021787a 100644 --- a/NOTICE.txt +++ b/NOTICE.txt @@ -1,3 +1,3 @@ -imm-toolkit +intersight-toolkit Copyright (c) 2023 Cisco Systems, Inc. and/or its affiliates This project includes software developed at Cisco Systems, Inc. and/or its affiliates. diff --git a/README.md b/README.md index 1835fbb..b8431db 100644 --- a/README.md +++ b/README.md @@ -1,194 +1,83 @@ -# IMM Toolkit Setup Instructions +# Intersight Toolkit Setup Instructions -## Updates/News - -05-04-2023 -* Initial Release - -## Setup NGINX - -Install NGINX and NetTools - -```bash -sudo apt install net-tools -``` - -```bash -sudo apt install nginx -``` - -Configure Security Settings for nginx. - -```bash -sudo vim /etc/nginx/nginx.conf -``` - -* Copy the contents of the nginx.conf file - -Generate the Certificate and Private Key - -```bash -cd /etc/nginx -sudo mkdir ssl -cd ssl -sudo openssl req -new -newkey rsa:2048 -days 1095 -nodes -x509 -keyout nginx.key -out nginx.crt -``` - - -```bash -sudo chown www-data:www-data nginx.key -sudo chown www-data:www-data nginx.crt -sudo chmod 400 nginx.crt -sudo chmod 400 nginx.key -``` - -Setup default site for File Services over HTTPS - -```bash -cd /var/www/ -sudo mkdir upload -cd upload/ -sudo touch test.txt -cd /etc/nginx/sites-enabled -sudo vim default -``` - -* Copy the contents of nginx-sites-default into the above file - -```bash -sudo systemctl restart nginx -sudo systemctl status nginx.service -netstat -tulpn -``` - -## Setup NTP - -* Install NTP - -```bash -sudo apt install ntp -``` - -## Setup OVF Customization Script - -```bash -sudo vim /usr/local/bin/ovf_network_config.sh -``` +The purpose of this packer example is to build an automation platform to manage Cisco Intersight. The current example deployes a template in a VMware environment, which then can be used to create an OVA for distribution. -* Copy the contents of ovf_network_config.sh +## Updates/News -```bash -sudo vim /etc/systemd/system/ovf-network-config.service -``` +* 2023-11-18 - v2.0 - Moving to HashiCorp Packer - Guidance from https://tekanaid.com/posts/hashicorp-packer-build-ubuntu22-04-vmware +* 2023-05-04 - Initial Release -* Copy the contents of ovf-network-config.service +## Setup Environment -* Change the Permissions on the Files +Install the following packages for Packer. -```bash -sudo chmod 744 /usr/local/bin/ovf_network_config.sh -sudo chmod 664 /etc/systemd/system/ovf-network-config.service -sudo systemctl daemon-reload -sudo systemctl enable ovf-network-config.service +```sh +sudo apt install mkisofs whois -y ``` -## Install Python and Modules +## Install Packer ```bash -sudo apt install python3-pip +sudo apt-get update && sudo apt-get install -y gnupg software-properties-common +wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | \ +sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg +echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \ +https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \ +sudo tee /etc/apt/sources.list.d/hashicorp.list +sudo apt update -y +sudo apt-get install packer -y ``` -```bash -cd ~ -mkdir Downloads -chown imm-toolkit:imm-toolkit Downloads -mkdir Logs -chwon imm-toolkit:imm-toolkit Logs -mkdir github -chown imm-toolkit:imm-toolkit github -cd github/ -git clone https://github.com/scotttyso/intersight_iac -``` +## Generate a hashed password for the user-data file -```bash -sudo ln -s /home/imm-toolkit/github/intersight_iac/ezimm.py /usr/bin/ezimm.py -sudo ln -s /home/imm-toolkit/github/intersight_iac/ezci.py /usr/bin/ezci.py -sudo ln -s /home/imm-toolkit/github/intersight_iac/ezvcenter.ps1 /usr/bin/ezvcenter.ps1 -cd intersight_iac/ -sudo pip install -r requirements.txt -``` +Run the command below and when prompted for PASSWORD enter the Password desired for the User Account. ```bash -cd ~ -sudo pip install intersight +mkpasswd -m sha-512 --rounds=4096 ``` -## Install Ansible and Galaxy Modules - -```bash -sudo apt install ansible -y -``` +You will get an encrypted password similar to the following: ```bash -ansible-galaxy collection install cisco.intersight +Password: $6$KU2P9m78xF3n$noEN/CV.0R4qMLdDh/TloUplmJ0DLnqi6/cP7hHgfwUu.D0hMaD2sAfxDT3eHP5BQ3HdgDkKuIk8zBh0mDLzO1 ``` -## Install PowerShell and Modules +* Copy the user-data.example to user-data ```bash -sudo snap install powershell +cd vmware/http/ +cp user-data.example user-data +cd ../ ``` -```bash -pwsh -Command Install-Module -Name Intersight.PowerShell -Force -``` +* Update the hostname, username, password (with the hashed password), +* Uncomment the authorized-keys if you would like to add a valid ssh-rsa public key for cloud deployments. +* Copy the variables.yaml.example to variables.yaml ```bash -pwsh -Command Install-Module -Name VMware.PowerCLI -Force +cp variables.yaml.example to variables.yaml ``` +* Use the defaults.yaml as an example source and make any modifications you would like to the deployment settings in variables.yaml. -## Install Terraform +## Setup Packer Sensitive Variables ```bash -sudo apt-get update && sudo apt-get install -y gnupg software-properties-common -wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | \ -sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg -echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \ -https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \ -sudo tee /etc/apt/sources.list.d/hashicorp.list +export PKR_VAR_virtual_machine_password="same_password_as_mkpasswd_plain_text" +export PKR_VAR_vsphere_password="vcenter_password_plain_text" ``` -```bash -sudo apt update -``` +## Running packer build with hcl -```bash -sudo apt-get install terraform +```sh +packer build -force -on-error=ask vmware.pkr.hcl ``` -```bash -terraform -install-autocomplete -``` +## Troubleshooting -## Install isdk - -```bash -LOCATION=$(curl -s https://api.github.com/repos/cgascoig/isctl/releases/latest \ -| grep "tag_name" \ -| awk '{print "https://github.com/cgascoig/isctl/releases/download/" substr($2, 2, length($2)-3) \ -"/isctl_" substr($2, 2, length($2)-3) "_Linux_x86_64.tar.gz"}' \ -| sed 's/isctl_v/isctl_/'); curl -L -o isctl.tar.gz $LOCATION -``` - -```bash -tar -xvf isctl.tar.gz -rm isctl.tar.gz -sudo mv isctl /usr/local/bin/ -sudo chmod +x /usr/local/bin/isctl -``` +- If packer gets stuck on `Waiting for IP` you may want to check your DHCP server. -## Setup OVF Customization on VM +## Setup OVF Customization on Virtual Machine ![alt text](vApp-Options.png "vApp Options") diff --git a/archive/README.md b/archive/README.md new file mode 100644 index 0000000..1835fbb --- /dev/null +++ b/archive/README.md @@ -0,0 +1,257 @@ +# IMM Toolkit Setup Instructions + +## Updates/News + +05-04-2023 +* Initial Release + +## Setup NGINX + +Install NGINX and NetTools + +```bash +sudo apt install net-tools +``` + +```bash +sudo apt install nginx +``` + +Configure Security Settings for nginx. + +```bash +sudo vim /etc/nginx/nginx.conf +``` + +* Copy the contents of the nginx.conf file + +Generate the Certificate and Private Key + +```bash +cd /etc/nginx +sudo mkdir ssl +cd ssl +sudo openssl req -new -newkey rsa:2048 -days 1095 -nodes -x509 -keyout nginx.key -out nginx.crt +``` + + +```bash +sudo chown www-data:www-data nginx.key +sudo chown www-data:www-data nginx.crt +sudo chmod 400 nginx.crt +sudo chmod 400 nginx.key +``` + +Setup default site for File Services over HTTPS + +```bash +cd /var/www/ +sudo mkdir upload +cd upload/ +sudo touch test.txt +cd /etc/nginx/sites-enabled +sudo vim default +``` + +* Copy the contents of nginx-sites-default into the above file + +```bash +sudo systemctl restart nginx +sudo systemctl status nginx.service +netstat -tulpn +``` + +## Setup NTP + +* Install NTP + +```bash +sudo apt install ntp +``` + +## Setup OVF Customization Script + +```bash +sudo vim /usr/local/bin/ovf_network_config.sh +``` + +* Copy the contents of ovf_network_config.sh + +```bash +sudo vim /etc/systemd/system/ovf-network-config.service +``` + +* Copy the contents of ovf-network-config.service + +* Change the Permissions on the Files + +```bash +sudo chmod 744 /usr/local/bin/ovf_network_config.sh +sudo chmod 664 /etc/systemd/system/ovf-network-config.service +sudo systemctl daemon-reload +sudo systemctl enable ovf-network-config.service +``` + +## Install Python and Modules + +```bash +sudo apt install python3-pip +``` + +```bash +cd ~ +mkdir Downloads +chown imm-toolkit:imm-toolkit Downloads +mkdir Logs +chwon imm-toolkit:imm-toolkit Logs +mkdir github +chown imm-toolkit:imm-toolkit github +cd github/ +git clone https://github.com/scotttyso/intersight_iac +``` + +```bash +sudo ln -s /home/imm-toolkit/github/intersight_iac/ezimm.py /usr/bin/ezimm.py +sudo ln -s /home/imm-toolkit/github/intersight_iac/ezci.py /usr/bin/ezci.py +sudo ln -s /home/imm-toolkit/github/intersight_iac/ezvcenter.ps1 /usr/bin/ezvcenter.ps1 +cd intersight_iac/ +sudo pip install -r requirements.txt +``` + +```bash +cd ~ +sudo pip install intersight +``` + +## Install Ansible and Galaxy Modules + +```bash +sudo apt install ansible -y +``` + +```bash +ansible-galaxy collection install cisco.intersight +``` + +## Install PowerShell and Modules + +```bash +sudo snap install powershell +``` + +```bash +pwsh -Command Install-Module -Name Intersight.PowerShell -Force +``` + +```bash +pwsh -Command Install-Module -Name VMware.PowerCLI -Force +``` + + +## Install Terraform + +```bash +sudo apt-get update && sudo apt-get install -y gnupg software-properties-common +wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | \ +sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg +echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \ +https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \ +sudo tee /etc/apt/sources.list.d/hashicorp.list +``` + +```bash +sudo apt update +``` + +```bash +sudo apt-get install terraform +``` + +```bash +terraform -install-autocomplete +``` + +## Install isdk + +```bash +LOCATION=$(curl -s https://api.github.com/repos/cgascoig/isctl/releases/latest \ +| grep "tag_name" \ +| awk '{print "https://github.com/cgascoig/isctl/releases/download/" substr($2, 2, length($2)-3) \ +"/isctl_" substr($2, 2, length($2)-3) "_Linux_x86_64.tar.gz"}' \ +| sed 's/isctl_v/isctl_/'); curl -L -o isctl.tar.gz $LOCATION +``` + +```bash +tar -xvf isctl.tar.gz +rm isctl.tar.gz +sudo mv isctl /usr/local/bin/ +sudo chmod +x /usr/local/bin/isctl +``` + +## Setup OVF Customization on VM + +![alt text](vApp-Options.png "vApp Options") + +![alt text](vApp-Properties.png "vApp Properties") + +- IP Source + - Category: Networking + - Description: + - Key ID: guestinfo.ip_source + - Label: IP Source + - Type: string choice + - Choice List: "DHCP", "STATIC" + - Default value: STATIC +- Hostname + - Category: Networking + - Description: The Fully Qualified Domain Name + - Key ID: guestinfo.hostname + - Label: Hostname + - Type: string +- IP Address + - Category: Networking + - Description: + - Key ID: guestinfo.ipaddress + - Label: IP Address + - Type: string + - Length: 7 to 15 +- Network Prefix + - Category: Networking + - Description: + - Key ID: guestinfo.prefix + - Label: Network Prefix + - Type: integer + - range: 1 to 30 + - Default value: 24 +- Gateway + - Category: Networking + - Description: + - Key ID: guestinfo.gateway + - Label: Gateway + - Type: string + - Length: 7 to 15 +- DNS Servers + - Category: Networking + - Description: Use a comma to separate multiple servers. i.e. 8.8.4.4,8.8.8.8 + - Key ID: guestinfo.dns + - Label: DNS Servers + - Type: string +- DNS Domains + - Category: Networking + - Description: Use a comma to separate multiple domains. i.e. cisco.com,example.com + - Key ID: guestinfo.domain + - Label: DNS Domains + - Type: string +- NTP Servers + - Category: Networking + - Description: Use a comma to separate multiple servers. i.e. 0.pool.ntp.org,1.pool.ntp.org + - Key ID: guestinfo.ntp + - Label: NTP Servers + - Type: string + +## Create OVA From VM or VM Template + +```powershell +cd %ProgramFiles%\VMware\VMware OVF Tool +ovftool.exe vi:////vm/ %HOMEPATH%\Downloads\imm-toolkitv0.1.ova +``` \ No newline at end of file diff --git a/nginx-sites-default b/archive/nginx-sites-default similarity index 100% rename from nginx-sites-default rename to archive/nginx-sites-default diff --git a/nginx.conf b/archive/nginx.conf similarity index 100% rename from nginx.conf rename to archive/nginx.conf diff --git a/packer_hyperv/README.md b/hyperv/README.md similarity index 100% rename from packer_hyperv/README.md rename to hyperv/README.md diff --git a/packer_hyperv/defaults.yaml b/hyperv/defaults.yaml similarity index 100% rename from packer_hyperv/defaults.yaml rename to hyperv/defaults.yaml diff --git a/packer_hyperv/http/meta-data b/hyperv/http/meta-data similarity index 100% rename from packer_hyperv/http/meta-data rename to hyperv/http/meta-data diff --git a/packer_hyperv/http/user-data.example b/hyperv/http/user-data.example similarity index 100% rename from packer_hyperv/http/user-data.example rename to hyperv/http/user-data.example diff --git a/packer_hyperv/scripts/setup.sh b/hyperv/scripts/setup.sh similarity index 100% rename from packer_hyperv/scripts/setup.sh rename to hyperv/scripts/setup.sh diff --git a/packer_hyperv/vmware.pkr.hcl b/hyperv/vmware.pkr.hcl similarity index 100% rename from packer_hyperv/vmware.pkr.hcl rename to hyperv/vmware.pkr.hcl diff --git a/packer_hyperv/variables.yaml b/packer_hyperv/variables.yaml deleted file mode 100644 index 1b0cc4c..0000000 --- a/packer_hyperv/variables.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -vsphere: - cluster: HX - datacenter: Richfield - esx_host: r142a-2.rich.ciscolabs.com - username: administrator@rich.local - vcenter: vcenter.rich.ciscolabs.com -shell_scripts: - - setup.sh \ No newline at end of file diff --git a/packer_vmware/README.md b/vmware/README.md similarity index 100% rename from packer_vmware/README.md rename to vmware/README.md diff --git a/packer_vmware/defaults.yaml b/vmware/defaults.yaml similarity index 100% rename from packer_vmware/defaults.yaml rename to vmware/defaults.yaml diff --git a/packer_vmware/http/meta-data b/vmware/http/meta-data similarity index 100% rename from packer_vmware/http/meta-data rename to vmware/http/meta-data diff --git a/packer_vmware/http/user-data.example b/vmware/http/user-data.example similarity index 95% rename from packer_vmware/http/user-data.example rename to vmware/http/user-data.example index 5a4090c..8d2ac88 100644 --- a/packer_vmware/http/user-data.example +++ b/vmware/http/user-data.example @@ -16,8 +16,8 @@ autoinstall: ens192: dhcp4: true identity: - hostname: ubuntu - username: ubuntu + hostname: intersight-toolkit + username: toolkit password: "$6$rounds=4096$ntlX/dlo6b$HXaLN4RcLIGaEDdQdR2VTYi9pslSeXWL131MqaakqE285Nv0kW9KRontQYivCbycZerUMcjVsuLl2V8bbdadI1" ssh: install-server: yes diff --git a/packer_vmware/scripts/setup.sh b/vmware/scripts/setup.sh similarity index 91% rename from packer_vmware/scripts/setup.sh rename to vmware/scripts/setup.sh index 0c282cd..f414912 100644 --- a/packer_vmware/scripts/setup.sh +++ b/vmware/scripts/setup.sh @@ -80,6 +80,7 @@ mkdir Logs mkdir github cd github/ git clone https://github.com/scotttyso/intersight_iac +cd intersight_iac sudo pip install -r requirements.txt sudo ln -s /home/toolkit/github/intersight_iac/ezimm.py /usr/bin/ezimm.py sudo ln -s /home/toolkit/github/intersight_iac/ezci.py /usr/bin/ezci.py @@ -93,7 +94,7 @@ sudo pip install intersight ansible-galaxy collection install cisco.intersight ### Install PowerShell ### -sudo snap install powershell +sudo snap install powershell --classic pwsh -Command Install-Module -Name Intersight.PowerShell -Force pwsh -Command Install-Module -Name VMware.PowerCLI -Force @@ -120,8 +121,8 @@ sudo mv isctl /usr/local/bin/ sudo chmod +x /usr/local/bin/isctl ### Copy OVF Template Setup Files ### -wget https://raw.githubusercontent.com/scotttyso/imm-toolkit/main/ovf_network_config.sh -wget https://raw.githubusercontent.com/scotttyso/imm-toolkit/main/ovf-network-config.service +wget https://raw.githubusercontent.com/scotttyso/intersight-toolkit/main/ovf_network_config.sh +wget https://raw.githubusercontent.com/scotttyso/intersight-toolkit/main/ovf-network-config.service sudo chmod 744 ovf_network_config.sh sudo chmod 664 ovf-network-config.service sudo mv ovf_network_config.sh /usr/local/bin/ovf_network_config.sh @@ -129,9 +130,9 @@ sudo mv ovf-network-config.service /etc/systemd/system/ovf-network-config.servic sudo systemctl daemon-reload sudo systemctl enable ovf-network-config.service -### Executes the cleauup script. ### -#echo '> Executing the cleanup script ...' -#sudo /tmp/cleanup.sh +## Executes the cleauup script. ### +echo '> Executing the cleanup script ...' +sudo /tmp/cleanup.sh -### All done. ### -#echo '> Done.' +## All done. ### +echo '> Done.' diff --git a/packer_vmware/variables.yaml b/vmware/variables.yaml.example similarity index 87% rename from packer_vmware/variables.yaml rename to vmware/variables.yaml.example index d99f571..e777771 100644 --- a/packer_vmware/variables.yaml +++ b/vmware/variables.yaml.example @@ -1,7 +1,9 @@ --- +shell_scripts: + - setup.sh virtual_machine: memory: 4096 - name: IMM-TOOLKITv3 + name: intersight-toolkitv2 network: port_group: 10.101.125.0-Mgmt username: toolkit @@ -12,5 +14,3 @@ vsphere: esx_host: r142a-2.rich.ciscolabs.com username: administrator@rich.local vcenter: vcenter.rich.ciscolabs.com -shell_scripts: - - setup.sh \ No newline at end of file diff --git a/packer_vmware/vmware.pkr.hcl b/vmware/vmware.pkr.hcl similarity index 100% rename from packer_vmware/vmware.pkr.hcl rename to vmware/vmware.pkr.hcl