With the arrival of the cloud native era, user applications and cloud migration have more diverse needs. Different business scenarios have different requirements for container platforms, one of which is the ability to create clusters by using custom images.

Background information

Container Service allows you to create clusters by using custom images. However, you may encounter the following situations when you create custom images:
  • It is not efficient to manually create images.
  • The change history is not well recorded, making it different to troubleshoot faults.
  • It is difficult to verify whether custom images meet the requirements of the nodes in the cluster.
To solve the above issues, we have started the open source project ack-image-builder to help you create custom images that meet node requirements.

The ack-image-builder project is based on the open source tool HashiCorp Packer, which provides default configuration templates and verification scripts.

To create a custom image based on ack-image-builder, perform the following steps:

Procedure

  1. Install Packer.
    On the Official download page, select the software version that suits your operating system, and follow Installation instructions to install and verify Packer.

    Run the following command. If the output is as follows, it indicates that Packer is successfully installed.

    $ packer version
    Packer v1.4.1
  2. Define a Packer template.
    To create a custom image by using Packer, you need to create a JSON template file first. In the template, specify the Alibaba Cloud Image Builder and Provisioners that are used to create the custom image.
    {
      "variables": {
        "region": "cn-hangzhou",
        "image_name": "test_image{{timestamp}}",
        "source_image": "centos_7_06_64_20G_alibase_20190711.vhd",
        "instance_type": "ecs.n1.large",
        "access_key": "{{env `ALICLOUD_ACCESS_KEY`}}",
        "secret_key": "{{env `ALICLOUD_SECRET_KEY`}}"
      },
      "builders": [
        {
          "type": "alicloud-ecs",
          "access_key": "{{user `access_key`}}",
          "secret_key": "{{user `secret_key`}}",
          "region": "{{user `region`}}",
          "image_name": "{{user `image_name`}}",
          "source_image": "{{user `source_image`}}",
          "ssh_username": "root",
          "instance_type": "{{user `instance_type`}}",
          "io_optimized": "true"
        }
      ],
      "provisioners": [
        {
          "type": "shell",
          "scripts": [
            "scripts/updateKernel.sh",
            "scripts/reboot.sh",
            "scripts/cleanUpKerneles.sh",
            "config/default.sh",
            "scripts/updateDNS.sh",
            "scripts/verify.sh"
          ],
          "expect_disconnect": true
        }
      ]
    }
    Parameter Description
    access_key Your AccessKey ID.
    secret_key Your AccessKey Secret.
    region The region of the temporary instance that is used to create the custom image.
    image_name The name of the custom image.
    source_image The name of the source image, which can be obtained from the Alibaba Cloud public image list.
    instance_type The type of the temporary instance that is generated to create the custom image.
    provisioners The type of the Packer provisioner that is used to create the custom image.
  3. Create a RAM user account and generate an AccessKey.
    To meet the permission requirements for custom image creation, we recommend that you create a RAM user account, grant it the RAM Policy required by Packer, and Create an AccessKey.
  4. Import the AccessKey and create an custom image.
    1. Run the following command to import the AccessKey.
      export ALICLOUD_ACCESS_KEY=XXXXXX
      export ALICLOUD_SECRET_KEY=XXXXXX
    2. Run the following command to create a custom image.
      $ packer build alicloud.json
      alicloud-ecs output will be in this color.
      
      ==> alicloud-ecs: Prevalidating source region and copied regions...
      ==> alicloud-ecs: Prevalidating image name...
          alicloud-ecs: Found image ID: centos_7_06_64_20G_alibase_20190711.vhd
      ==> alicloud-ecs: Creating temporary keypair: xxxxxx
      ==> alicloud-ecs: Creating vpc...
          alicloud-ecs: Created vpc: xxxxxx
      ==> alicloud-ecs: Creating vswitch...
          alicloud-ecs: Created vswitch: xxxxxx
      ==> alicloud-ecs: Creating security group...
          alicloud-ecs: Created security group: xxxxxx
      ==> alicloud-ecs: Creating instance...
          alicloud-ecs: Created instance: xxxxxx
      ==> alicloud-ecs: Allocating eip...
          alicloud-ecs: Allocated eip: xxxxxx
          alicloud-ecs: Attach keypair xxxxxx to instance: xxxxxx
      ==> alicloud-ecs: Starting instance: xxxxxx
      ==> alicloud-ecs: Using ssh communicator to connect: 47.111.127.54
      ==> alicloud-ecs: Waiting for SSH to become available...
      ==> alicloud-ecs: Connected to SSH!
      ==> alicloud-ecs: Provisioning with shell script: scripts/verify.sh
          alicloud-ecs: [20190726 11:04:10]: Check if kernel version >= 3.10.  Verify Passed!
          alicloud-ecs: [20190726 11:04:10]: Check if systemd version >= 219.  Verify Passed!
          alicloud-ecs: [20190726 11:04:10]: Check if sshd is running and listen on port 22.  Verify Passed!
          alicloud-ecs: [20190726 11:04:10]: Check if cloud-init is installed.  Verify Passed!
          alicloud-ecs: [20190726 11:04:10]: Check if wget is installed.  Verify Passed!
          alicloud-ecs: [20190726 11:04:10]: Check if curl is installed.  Verify Passed!
          alicloud-ecs: [20190726 11:04:10]: Check if kubeadm is cleaned up.  Verify Passed!
          alicloud-ecs: [20190726 11:04:10]: Check if kubelet is cleaned up.  Verify Passed!
          alicloud-ecs: [20190726 11:04:10]: Check if kubectl is cleaned up.  Verify Passed!
          alicloud-ecs: [20190726 11:04:10]: Check if kubernetes-cni is cleaned up.  Verify Passed!
      ==> alicloud-ecs: Stopping instance: xxxxxx
      ==> alicloud-ecs: Waiting instance stopped: xxxxxx
      ==> alicloud-ecs: Creating image: test_image1564110199
          alicloud-ecs: Detach keypair xxxxxx from instance: xxxxxxx
      ==> alicloud-ecs: Cleaning up 'EIP'
      ==> alicloud-ecs: Cleaning up 'instance'
      ==> alicloud-ecs: Cleaning up 'security group'
      ==> alicloud-ecs: Cleaning up 'vSwitch'
      ==> alicloud-ecs: Cleaning up 'VPC'
      ==> alicloud-ecs: Deleting temporary keypair...
      Build 'alicloud-ecs' finished.
      
      ==> Builds finished. The artifacts of successful builds are:
      --> alicloud-ecs: Alicloud images were created:
      
      cn-hangzhou: m-bp1aifbnupnaktj00q7s
      scripts/verify.sh is used to verify the check items.
  5. Use the custom image to create a Kubernetes cluster.
    1. Log on to the Container Service console.
    2. In the left-side navigation pane, choose Clusters > Clusters to go to the Clusters page.
    3. In the upper-right corner, click Create Kubernetes Cluster. In the Select Cluster Template dialog box that appears, select Standard Dedicated Cluster and click Create. For more information, see Create a Kubernetes cluster.
    4. After you configure the basic options, click Show Advanced Options. In the Custom Image field, click Select to select a custom image to create the cluster.
    5. When the configuration is complete, click Create Cluster.