Thanks Rickard, I wanted to have the root volume encrypted, for now I had to run another script after provisioning the image to encrypt the AMI through AWS cli.
Best Regards, Arun Janarthanan On Sat, Sep 1, 2018 at 9:01 AM, Rickard von Essen < [email protected]> wrote: > It looks like you are using the wrong device_name: > > $ AWS_PROFILE=admin aws --region us-west-2 ec2 describe-images --image-ids > ami-37efa14f { > "Images": [ > { > "Architecture": "x86_64", > "CreationDate": "2018-06-22T23:29:16.000Z", > "ImageId": "ami-37efa14f", > "ImageLocation": "amazon/amzn2-ami-minimal-hvm- > 2.0.20180622.1-x86_64-ebs", > "ImageType": "machine", > "Public": true, > "OwnerId": "137112412989", > "State": "available", > "BlockDeviceMappings": [ > { > "DeviceName": "/dev/xvda", > "Ebs": { > "Encrypted": false, > "DeleteOnTermination": true, > "SnapshotId": "snap-04e358335dc927649", > "VolumeSize": 2, > "VolumeType": "standard" > } > } > ], > "Description": "Amazon Linux 2 AMI 2.0.20180622.1 x86_64 > Minimal HVM ebs", > "EnaSupport": true, > "Hypervisor": "xen", > "ImageOwnerAlias": "amazon", > "Name": "amzn2-ami-minimal-hvm-2.0.20180622.1-x86_64-ebs", > "RootDeviceName": "/dev/xvda", > "RootDeviceType": "ebs", > "SriovNetSupport": "simple", > "VirtualizationType": "hvm" > } > ] > } > > This thread contains more information: > https://groups.google.com/d/msgid/packer-tool/ea501630- > 7e60-43aa-a543-cb60f90cbaa5%40googlegroups.com > > On Thu, 30 Aug 2018 at 21:39, Arunkumar Janarthanan < > [email protected]> wrote: > >> Apologize for the short subject line and the missing salutations. >> >> On Thursday, August 30, 2018 at 3:31:42 PM UTC-4, Arunkumar Janarthanan >> wrote: >>> >>> I run Packer 1.2.5 on OSX, I have been trying to create encrypted volume >>> AMI with CIS security hardened script enabled and facing numerous problems >>> with it. >>> >>> Problem #1. >>> >>> I am getting SSH timeout upon adding the below section, however without >>> the below section AMI provisioning looks good except the root volume size >>> always 2 gig. >>> >>> Error: >>> >>> 2018/08/30 13:11:18 packer: 2018/08/30 13:11:18 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:11:38 packer: 2018/08/30 13:11:38 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:11:58 packer: 2018/08/30 13:11:58 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:12:18 packer: 2018/08/30 13:12:18 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:12:38 packer: 2018/08/30 13:12:38 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:12:58 packer: 2018/08/30 13:12:58 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:13:18 packer: 2018/08/30 13:13:18 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:13:38 packer: 2018/08/30 13:13:38 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:13:58 packer: 2018/08/30 13:13:58 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:14:18 packer: 2018/08/30 13:14:18 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:14:38 packer: 2018/08/30 13:14:38 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:14:58 packer: 2018/08/30 13:14:58 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> 2018/08/30 13:15:06 packer: 2018/08/30 13:15:06 No AWS timeout and >>> polling overrides have been set. Packer will defalt to waiter-specific >>> delays and timeouts. If you would like to customize the length of time >>> between retries and max number of retries you may do so by setting the >>> environment variables AWS_POLL_DELAY_SECONDS and AWS_MAX_ATTEMPTS to your >>> desired values. >>> >>> 2018/08/30 13:15:18 packer: 2018/08/30 13:15:18 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout >>> >>> >>> >>> // ----------- >>> >>> "ami_block_device_mappings": [ { >>> >>> "device_name": "/dev/sda1", >>> >>> "volume_size": 64, >>> >>> "delete_on_termination": true >>> >>> } ], >>> >>> "launch_block_device_mappings": [ { >>> >>> "device_name": "/dev/sda1", >>> >>> "volume_size": 64, >>> >>> "delete_on_termination": true >>> >>> } ], >>> >>> >>> // ----- >>> >>> >>> Full json file: this works except it only creates 3 gig root volume. >>> >>> >>> ======= >>> >>> >>> { >>> >>> "variables" : { >>> >>> "region" : "us-west-2" >>> >>> }, >>> >>> "builders" : [ >>> >>> { >>> >>> "type" : "amazon-ebs", >>> >>> "profile" : "default", >>> >>> "region" : "{{user `region`}}", >>> >>> "instance_type" : "t2.micro", >>> >>> "source_ami" : "ami-37efa14f", >>> >>> "ssh_username" : "ec2-user", >>> >>> "ami_name" : "docker-17.12.1-ce", >>> >>> "ami_description" : "Amazon Linux Image with Docker-CE", >>> >>> "ami_block_device_mappings": [{ >>> >>> "delete_on_termination": "true", >>> >>> "device_name": "/dev/sda1" >>> >>> }], >>> >>> "run_tags" : { >>> >>> "Name" : "AE-Plain", >>> >>> "Tool" : "Packer", >>> >>> "Author" : "AJ" >>> >>> } >>> >>> } >>> >>> ], >>> >>> "provisioners" : [ >>> >>> { >>> >>> "type" : "shell", >>> >>> "script" : "./setup.sh" >>> >>> }, >>> >>> { >>> >>> "type": "shell", >>> >>> "execute_command": "sudo -S bash '{{ .Path }}'", >>> >>> "scripts": [ >>> >>> "amazonlinux-hardening.sh", >>> >>> "docker-secure.sh" >>> >>> ] >>> >>> } >>> >>> ] >>> >>> } >>> >>> >>> Kindly advise. >>> >>> Thanks, >>> AJ >>> >> -- >> This mailing list is governed under the HashiCorp Community Guidelines - >> https://www.hashicorp.com/community-guidelines.html. Behavior in >> violation of those guidelines may result in your removal from this mailing >> list. >> >> GitHub Issues: https://github.com/mitchellh/packer/issues >> IRC: #packer-tool on Freenode >> --- >> You received this message because you are subscribed to the Google Groups >> "Packer" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit https://groups.google.com/d/ >> msgid/packer-tool/4883a996-6688-4afd-aa29-34d87e8f7a3b%40googlegroups.com >> <https://groups.google.com/d/msgid/packer-tool/4883a996-6688-4afd-aa29-34d87e8f7a3b%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- > This mailing list is governed under the HashiCorp Community Guidelines - > https://www.hashicorp.com/community-guidelines.html. Behavior in > violation of those guidelines may result in your removal from this mailing > list. > > GitHub Issues: https://github.com/mitchellh/packer/issues > IRC: #packer-tool on Freenode > --- > You received this message because you are subscribed to the Google Groups > "Packer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/packer-tool/CALz9Rt920KL0a8FpeD3WEJTR-mzH6y2VzAsrOoBDJEauATP7Qw% > 40mail.gmail.com > <https://groups.google.com/d/msgid/packer-tool/CALz9Rt920KL0a8FpeD3WEJTR-mzH6y2VzAsrOoBDJEauATP7Qw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALJ%2BeNLYoUAQwG2jWKULEnMbW8XZn7f0Oh54VJ3iN1%3DQtkkGTw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
