Hi, I am using packer version 1.2.4
Sagar On Tuesday, 28 April 2020 13:59:20 UTC+5:30, Sylvia Moss wrote: > > Hi! Which Packer version are you using? > > segunda-feira, 27 de Abril de 2020 às 16:57:17 UTC+2, Sagar Jadhav > escreveu: >> >> Hi, >> >> I am trying to build a packer using CIS Benchmark 2016 hardened windows >> image from AWS market place using docker container running ansible >> integrated with CircleCi tool. I had referred the code >> https://gist.github.com/SwampDragons/a0044e88c614a507a533ee9323cf8e0c >> provided >> here https://github.com/hashicorp/packer/issues/9003 >> >> I tested this code locally on Macbook and found it is working where WinRM >> is able to established a connection with packer however, when I run the >> same code using my github account which is integrated with CircleCi running >> on docker container, WinRM is just simply failed to connect to packer >> instance with an error "*WinRM connection err: http response error: 401 >> - invalid content type*" . >> Also I wondered when i had built packer using below packer userdata >> locally on my macbook and ran "winrm get winrm/config" it doesn't even >> make any changes to "AllowUnencrypted" and "basic" auth for client and >> service config. The winrm output shows those parameters are blocked by >> [Source="GPO"]. I am not sure how it works locally but it works? >> >> Well, my problem is WinRM failed to connect on docker container using >> ansible which is integrated with CirccleCi. >> >> *Eg:- WinRM Output of packer instance ran locally on machine:-* >> Client >> NetworkDelayms = 5000 >> URLPrefix = wsman >> *AllowUnencrypted = false [Source="GPO"]* >> Auth >> *Basic = false [Source="GPO"]* >> >> *Note:- The above output can been seen on packer instance built by >> CircleCi docker container.* >> >> *packer userdata is :-* >> >> <powershell> >> >> # MAKE SURE IN YOUR PACKER CONFIG TO SET: >> >> # "winrm_username": "Administrator", >> # "winrm_insecure": true, >> # "winrm_use_ssl": true, >> # >> >> write-output "Running User Data Script" >> write-host "(host) Running User Data Script" >> >> Set-ExecutionPolicy Unrestricted -Scope LocalMachine -Force -ErrorAction >> Ignore >> >> # Don't set this before Set-ExecutionPolicy as it throws an error >> $ErrorActionPreference = "stop" >> >> # Remove HTTP listener >> Remove-Item -Path WSMan:\Localhost\listener\listener* -Recurse >> >> # Create a self-signed certificate to let ssl work >> $Cert = New-SelfSignedCertificate -CertstoreLocation >> Cert:\LocalMachine\My -DnsName "packer" >> New-Item -Path WSMan:\LocalHost\Listener -Transport HTTPS -Address * >> -CertificateThumbPrint $Cert.Thumbprint -Force >> >> # WinRM >> write-output "Setting up WinRM" >> write-host "(host) setting up WinRM" >> >> winrm quickconfig -q >> winrm set "winrm/config" '@{MaxTimeoutms="1800000"}' >> winrm set "winrm/config/winrs" '@{MaxMemoryPerShellMB="1024"}' >> winrm set "winrm/config/service" '@{AllowUnencrypted="true"}' >> winrm set "winrm/config/client" '@{AllowUnencrypted="true"}' >> winrm set "winrm/config/service/auth" '@{Basic="true"}' >> winrm set "winrm/config/client/auth" '@{Basic="true"}' >> winrm set "winrm/config/service/auth" '@{CredSSP="true"}' >> winrm set "winrm/config/listener?Address=*+Transport=HTTPS" >> "@{Port=`"5986`";Hostname=`"packer`";CertificateThumbprint=`"$($Cert.Thumbprint)`"}" >> netsh advfirewall firewall set rule group="remote administration" new >> enable=yes >> netsh firewall add portopening TCP 5986 "Port 5986" >> stop-service winrm >> set-service -name winrm -startuptype Automatic >> start-service winrm >> >> </powershell> >> >> I have also attached *packer.json and packer *inventory file which is >> being referred by an ansible. Can someone review the attached files and let >> me know if I am missing something here? >> >> Appreciate your inputs. Thanks. >> >> Regards, >> Sagar >> >> >> >> -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/c7760648-1548-406d-9312-6d14140fff41%40googlegroups.com.
