Hi,
I am currently running into an issue that my Terraform could not connect
back to the VM it provisioned in order to connect to Chef server (via chef
provisioner) because it could not establish a connection to the VM. I think
it might be because the Packer image that I used in Terraform has not been
enabled for the winrm. I have looked around on the internet, but still
could not find out a good way to enable winrm in the packer.
I have tried to call a powershell file in the Packer template. The PS
script has a bunch of PS commands that enable winrm. But it didnt work when
I ran Packer build.
What I have tried:
#bootstrap-winrm.ps1
# Set administrator password
net user admin admin12
wmic useraccount where "name='admin'" set PasswordExpires=FALSE
# First, make sure WinRM can't be connected to
netsh advfirewall firewall set rule name="Windows Remote Management
(HTTP-In)" new enable=yes action=block
# Delete any existing WinRM listeners
winrm delete winrm/config/listener?Address=*+Transport=HTTP 2>$Null
winrm delete winrm/config/listener?Address=*+Transport=HTTPS 2>$Null
# Create a new WinRM listener and configure
winrm create winrm/config/listener?Address=*+Transport=HTTP
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="0"}'
winrm set winrm/config '@{MaxTimeoutms="7200000"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service '@{MaxConcurrentOperationsPerUser="12000"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/client/auth '@{Basic="true"}'
# Configure UAC to allow privilege elevation in remote shells
$Key = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System'
$Setting = 'LocalAccountTokenFilterPolicy'
Set-ItemProperty -Path $Key -Name $Setting -Value 1 -Force
# Configure and restart the WinRM Service; Enable the required firewall
exception
Stop-Service -Name WinRM
Set-Service -Name WinRM -StartupType Automatic
netsh advfirewall firewall set rule name="Windows Remote Management
(HTTP-In)" new action=allow localip=any remoteip=any
Start-Service -Name WinRM
Packer template
{
"variables": {
"client_id": "",
"client_secret": "",
"tenant_id": "",
"subscription_id": "",
"object_id": "",
"managed_image_resource_group_name": "",
"managed_image_name": "",
"virtual_network_name": "",
"virtual_network_subnet_name": "",
"virtual_network_resource_group_name": "",
"file_source": "",
"packer_ado_pat": ""
},
"builders": [{
"type": "azure-arm",
"client_id": "{{user `client_id`}}",
"client_secret": "{{user `client_secret`}}",
"tenant_id": "{{user `tenant_id`}}",
"subscription_id": "{{user `subscription_id`}}",
"object_id": "{{user `object_id`}}",
"managed_image_resource_group_name": "{{user
`managed_image_resource_group_name`}}",
"managed_image_name": "{{user `managed_image_name`}}",
"virtual_network_name": "{{user `virtual_network_name`}}",
"virtual_network_subnet_name": "{{user
`virtual_network_subnet_name`}}",
"virtual_network_resource_group_name": "{{user
`virtual_network_resource_group_name`}}",
"os_type": "Windows",
"image_publisher": "MicrosoftWindowsServer",
"image_offer": "WindowsServer",
"image_sku": "2016-Datacenter",
"user_data_file": "{{user `file_source`}}/Bootstrap-Winrm.ps1",
"communicator": "winrm",
"winrm_use_ssl": "true",
"winrm_insecure": "true",
"winrm_timeout": "5m",
"winrm_username": "admin",
"winrm_password": "admin12",
"location": "australiasoutheast",
"vm_size": "Standard_A4m_v2"
}],
"provisioners": [
{
"type": "powershell",
"inline": ["mkdir c:\\Packer"]
},{
"type": "file",
"source": "{{user `file_source`}}",
"destination": "c:\\Packer"
},{
"type": "powershell",
"scripts": "{{user `file_source`}}/Bootstrap-winrm.ps1"
},{
"type": "powershell",
"inline": [
"Add-WindowsFeature Web-Server",
"if( Test-Path $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml
){ rm $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml -Force}",
"& $Env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize
/quiet /quit"
]
}]
}
Could anyone please link me or give me any better suggestions of what
should I do to achieve this? if winrm seems to be so difficult, would ssh
another better approach (but again I am not sure how could packer set up
ssh and generate the key here in the image again, that can be used later in
the Terraform template).
Thanks.
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/packer-tool/c7ee9f2a-f4ca-41c1-875c-62da2b9a06f2%40googlegroups.com.
