Overview of the Issue Here are my environment details: -Windows Server 2019 LTSC English(This is the system from where the Packer is run) -Packer version: 1.6.0 -Go lang 1.14.4
I would like to know if anyone has been able to successfully use the *ssh* communicator for building *Azure Windows images.* I am trying to create a Windows server 2019 image on Azure using Packer. I have been able to get it working with WinRM. However, my experience has been that WinRM is flaky and I would like to build the image over SSH. We have a large number of chocolatey packages to install (in excess of 50). A lot of them require reboots(we make use of the windows-restart provisioner). All of these packages are installed via PowerShell provisioners. It's been my experience that installing such a large number of packages using WinRM is error-prone. In the past, I have had success using SSH for creating golden images on XenServer. I have successfully used SSH for communication as well as running the provisioners in my XenServer environment. Hence, I am trying to use SSH for initial communication with Azure as well as installing all of the different packages using Powershell provisioners. When I try using SSH communication to build a Windows server 2019 image on Azure, the *ssh_username* and *ssh_password* parameters are being completely ignored by Packer. Ultimately, the packer run terminates with a crash in Packer.exe. In the logs, I see an error of the following nature: *"The secret retrieved from https://pkrkvfxfgy2w60v.vault.azure.net/secrets/packerKeyVaultSecret/b55be864bc3e482cb7e8284b6c63953f <https://pkrkvfxfgy2w60v.vault.azure.net/secrets/packerKeyVaultSecret/b55be864bc3e482cb7e8284b6c63953f> is an empty string* This is happening in spite of specifying a ssh username and ssh password. What I am trying to do is something like this: Step 1: Using Packer, I create an image that has Microsoft port of OpenSSH installed. In this step, I create a windows username and a password for this user name. I add this user to the "Administrators" group on the local system. An image is created. I use WinRM for step 1(i have to use WinRM here as SSH is not enabled by default on Windows servers) Step 2: In step 2, I reference this image built-in step #1 <https://github.com/hashicorp/packer/issues/1> to create another image. I use the .json file pasted earlier for this step. As part of this step, I did like to use SSH. The packer log file can be found at: https://gist.github.com/kirannhegde/4db1296be5bfddcc9823b0d37952196a Here is my .json file used for step 1 of the Packer run: { "builders": [{ "type": "azure-arm", "client_id": "{{user `client_id`}}", "client_secret": "{{user `client_secret`}}", "subscription_id": "{{user `subscription_id`}}", "tenant_id": "{{user `tenant_id`}}", "build_resource_group_name": "{{user `build_resource_group_name`}}", "managed_image_resource_group_name": "{{user `managed_image_resource_group_name`}}", "managed_image_name": "Packer-BuildAgent-cvad-step1-EnableSSH-{{isotime \"200601020304\"}}", "os_type": "{{user `os_type`}}", "image_publisher": "{{user `image_publisher`}}", "image_offer": "{{user `image_offer`}}", "image_sku": "{{user `image_sku`}}", "image_version": "{{user `image_version`}}", "communicator": "winrm", "winrm_use_ssl": true, "winrm_insecure": true, "winrm_timeout": "3h", "winrm_username": "packer", "azure_tags": { "dept": "Packer-Engineering", "org": "Packer-SES-Build", "task": "Packer-SES Build agent" }, "os_disk_size_gb": "{{user `os_disk_size_gb`}}", "vm_size": "{{user `vm_size`}}", "virtual_network_name": "{{user `virtual_network_name`}}", "virtual_network_subnet_name": "{{user `virtual_network_subnet_name`}}", "virtual_network_resource_group_name": "{{user `virtual_network_resource_group_name`}}" }], "provisioners": [ { "type": "powershell", "inline": [ "net user kiranh abcdefg@12345 /add", "net localgroup administrators kiranh /add", "Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0", "Start-Service sshd", "Set-Service -Name sshd -StartupType 'Automatic'", "New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22" ], "elevated_user": "packer", "elevated_password": "{{.WinRMPassword}}", "execution_policy": "unrestricted" }, { "type": "powershell", "inline": [ "Add-WindowsFeature Web-Server", "& $env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /quiet /quit", "while($true) { $imageState = Get-ItemProperty HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\State | Select ImageState; if($imageState.ImageState -ne 'IMAGE_STATE_GENERALIZE_RESEAL_TO_OOBE') { Write-Output $imageState.ImageState; Start-Sleep -s 10 } else { break } }" ] } ] } Here is my .json file used for step 2 of the Packer run: { "builders": [{ "type": "azure-arm", "client_id": "{{user `client_id`}}", "client_secret": "{{user `client_secret`}}", "subscription_id": "{{user `subscription_id`}}", "tenant_id": "{{user `tenant_id`}}", "build_resource_group_name": "{{user `build_resource_group_name`}}", "managed_image_resource_group_name": "{{user `managed_image_resource_group_name`}}", "managed_image_name": "Packer-BuildAgent-cvad-step2-InstallPackages-{{isotime \"200601020304\"}}", "os_type": "{{user `os_type`}}", "custom_managed_image_name": "{{user `custom_managed_image_name`}}", "custom_managed_image_resource_group_name": "{{user `build_resource_group_name`}}", "communicator": "ssh", "ssh_username": "{{user `ssh_username`}}", "ssh_password": "{{user `ssh_password`}}", "ssh_wait_timeout": "3h", "azure_tags": { "dept": "Engineering", "org": "SES-Build", "task": "SES Build agent" }, "os_disk_size_gb": "{{user `os_disk_size_gb`}}", "vm_size": "{{user `vm_size`}}", "virtual_network_name": "{{user `virtual_network_name`}}", "virtual_network_subnet_name": "{{user `virtual_network_subnet_name`}}", "virtual_network_resource_group_name": "{{user `virtual_network_resource_group_name`}}" }] -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/hashicorp/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/bfbea76f-784c-4e8c-afaf-6d483d06791co%40googlegroups.com.
