Packer
Azure
@hashicorp
Packer can create Azure virtual machine images through variety of ways depending on the strategy that you want to use for building the images.
- Official
- HCP Ready
Updated 2 years ago
- GitHub(opens in new tab)
DTL
Type: azure-dtl
Artifact BuilderId: Azure.ResourceManagement.VMImage
The Azure DevTest Labs builder builds custom images and uploads them to an existing DevTest Lab image repository automatically. For more information on crating an Azure DevTest Lab see the Configuring a Lab How-to guide.
Configuration Reference
There are many configuration options available for the builder. We'll start with authentication parameters, then go over the Azure ARM builder specific options. In addition to the options listed here, a communicator can be configured for this builder.
Azure DevTest Labs builder specific options
Required:
managed_image_resource_group_name
(string) - Specify the managed image resource group name where the result of the Packer build will be saved. The resource group must already exist. If this value is set, the value managed_image_name must also be set. See documentation to learn more about managed images.managed_image_name
(string) - Specify the managed image name where the result of the Packer build will be saved. The image name must not exist ahead of time, and will not be overwritten. If this value is set, the value managed_image_resource_group_name must also be set. See documentation to learn more about managed images.lab_name
(string) - Name of the existing lab where the virtual machine will be created.lab_subnet_name
(string) - Name of the subnet being used in the lab, if not the default.lab_resource_group_name
(string) - Name of the resource group where the lab exist.
Optional:
capture_name_prefix
(string) - Capturecapture_container_name
(string) - Capture Container Nameshared_image_gallery
(SharedImageGallery) - Use a Shared Gallery image as the source for this build. VHD targets are incompatible with this build type - the target must be a Managed Image.shared_image_gallery_destination
(SharedImageGalleryDestination) - The name of the Shared Image Gallery under which the managed image will be published as Shared Gallery Image version.Following is an example.
shared_image_gallery_timeout
(duration string | ex: "1h5m2s") - How long to wait for an image to be published to the shared image gallery before timing out. If your Packer build is failing on the Publishing to Shared Image Gallery step with the errorOriginal Error: context deadline exceeded
, but the image is present when you check your Azure dashboard, then you probably need to increase this timeout from its default of "60m" (valid time units includes
for seconds,m
for minutes, andh
for hours.)custom_image_capture_timeout
(duration string | ex: "1h5m2s") - How long to wait for an image to be captured before timing out If your Packer build is failing on the Capture Image step with the errorOriginal Error: context deadline exceeded
, but the image is present when you check your custom image repository, then you probably need to increase this timeout from its default of "30m" (valid time units includes
for seconds,m
for minutes, andh
for hours.)image_publisher
(string) - PublisherName for your base image. See documentation for details.CLI example
az vm image list-publishers --location westus
image_offer
(string) - Offer for your base image. See documentation for details.CLI example
az vm image list-offers --location westus --publisher Canonical
image_sku
(string) - SKU for your base image. See documentation for details.CLI example
az vm image list-skus --location westus --publisher Canonical --offer UbuntuServer
image_version
(string) - Specify a specific version of an OS to boot from. Defaults tolatest
. There may be a difference in versions available across regions due to image synchronization latency. To ensure a consistent version across regions set this value to one that is available in all regions where you are deploying.CLI example
az vm image list --location westus --publisher Canonical --offer UbuntuServer --sku 16.04.0-LTS --all
image_url
(string) - Specify a custom VHD to use. If this value is set, do not set image_publisher, image_offer, image_sku, or image_version.custom_managed_image_resource_group_name
(string) - Specify the source managed image's resource group used to use. If this value is set, do not set image_publisher, image_offer, image_sku, or image_version. If this value is set, the valuecustom_managed_image_name
must also be set. See documentation to learn more about managed images.custom_managed_image_name
(string) - Specify the source managed image's name to use. If this value is set, do not set image_publisher, image_offer, image_sku, or image_version. If this value is set, the valuecustom_managed_image_resource_group_name
must also be set. See documentation to learn more about managed images.location
(string) - Locationvm_size
(string) - Size of the VM used for building. This can be changed when you deploy a VM from your VHD. See pricing information. Defaults toStandard_A1
.CLI example
az vm list-sizes --location westus
managed_image_storage_account_type
(string) - Specify the storage account type for a managed image. Valid values are Standard_LRS and Premium_LRS. The default is Standard_LRS.azure_tags
(map[string]string) - the user can define up to 15 tags. Tag names cannot exceed 512 characters, and tag values cannot exceed 256 characters. Tags are applied to every resource deployed by a Packer build, i.e. Resource Group, VM, NIC, VNET, Public IP, KeyVault, etc.plan_id
(string) - Used for creating images from Marketplace images. Please refer to Deploy an image with Marketplace terms for more details. Not all Marketplace images support programmatic deployment, and support is controlled by the image publisher. Plan_id is a string with unique identifier for the plan associated with images. Ex plan_id="1-12ab"polling_duration_timeout
(duration string | ex: "1h5m2s") - The default PollingDuration for azure is 15mins, this property will override that value. If your Packer build is failing on the ARM deployment step with the errorOriginal Error: context deadline exceeded
, then you probably need to increase this timeout from its default of "15m" (valid time units includes
for seconds,m
for minutes, andh
for hours.)os_type
(string) - If either Linux or Windows is specified Packer will automatically configure authentication credentials for the provisioned machine. For Linux this configures an SSH authorized key. For Windows this configures a WinRM certificate.os_disk_size_gb
(int32) - Specify the size of the OS disk in GB (gigabytes). Values of zero or less than zero are ignored.disk_additional_size
([]int32) - For Managed build the final artifacts are included in the managed image. The additional disk will have the same storage account type as the OS disk, as specified with themanaged_image_storage_account_type
setting.disk_caching_type
(string) - Specify the disk caching type. Valid values are None, ReadOnly, and ReadWrite. The default value is ReadWrite.storage_type
(string) - DTL valueslab_virtual_network_name
(string) - Name of the virtual network used for communicating with the lab vms.dtl_artifacts
([]DtlArtifact) - One or more Artifacts that should be added to the VM at start.vm_name
(string) - Name for the virtual machine within the DevTest lab.disallow_public_ip
(bool) - DisallowPublicIPAddress - Indicates whether the virtual machine is to be created without a public IP address.skip_sysprep
(bool) - SkipSysprep - Indicates whether SysPrep is to be requested to the DTL or if it should be skipped because it has already been applied. Defaults to false.
cloud_environment_name
(string) - One of Public, China, or USGovernment. Defaults to Public. Long forms such as USGovernmentCloud and AzureUSGovernmentCloud are also supported.metadata_host
(string) - The Hostname of the Azure Metadata Service (for example management.azure.com), used to obtain the Cloud Environment when using a Custom Azure Environment. This can also be sourced from the ARM_METADATA_HOST Environment Variable. Note: CloudEnvironmentName must be set to the requested environment name in the list of available environments held in the metadata_host.client_id
(string) - The application ID of the AAD Service Principal. Requires eitherclient_secret
,client_cert_path
orclient_jwt
to be set as well.client_secret
(string) - A password/secret registered for the AAD SP.client_cert_path
(string) - The path to a PKCS#12 bundle (.pfx file) to be used as the client certificate that will be used to authenticate as the specified AAD SP.client_cert_password
(string) - The password for decrypting the client certificate bundle.client_jwt
(string) - A JWT bearer token for client auth (RFC 7523, Sec. 2.2) that will be used to authenticate the AAD SP. Provides more control over token the expiration when using certificate authentication than when usingclient_cert_path
.object_id
(string) - The object ID for the AAD SP. Optional, will be derived from the oAuth token if left empty.tenant_id
(string) - The Active Directory tenant identifier with which yourclient_id
andsubscription_id
are associated. If not specified,tenant_id
will be looked up usingsubscription_id
.subscription_id
(string) - The subscription to use.oidc_request_token
(string) - OIDC Request Token is used for GitHub Actions OIDC, this token is used with oidc_request_url to fetch access tokens to Azure Value in GitHub Actions can be extracted from theACTIONS_ID_TOKEN_REQUEST_TOKEN
variable Refer to Configure a federated identity credential on an app for details on how setup GitHub Actions OIDC authenticationoidc_request_url
(string) - OIDC Request URL is used for GitHub Actions OIDC, this token is used with oidc_request_url to fetch access tokens to Azure Value in GitHub Actions can be extracted from theACTIONS_ID_TOKEN_REQUEST_URL
variableuse_azure_cli_auth
(bool) - Flag to use Azure CLI authentication. Defaults to false. CLI auth will use the information from an activeaz login
session to connect to Azure and set the subscription id and tenant id associated to the signed in account. If enabled, it will use the authentication provided by theaz
CLI. Azure CLI authentication will use the credential marked asisDefault
and can be verified usingaz account show
. Works with normal authentication (az login
) and service principals (az login --service-principal --username APP_ID --password PASSWORD --tenant TENANT_ID
). Ignores all other configurations if enabled.
skip_create_image
(bool) - Skip creating the image. Useful for setting totrue
during a build test stage. Defaults tofalse
.
DtlArtifact
artifact_name
(string) - Artifact Nameartifact_id
(string) - Artifact Idparameters
([]ArtifactParameter) - Parameters
ArtifactParmater
name
(string) - Namevalue
(string) - Valuetype
(string) - Type
Basic Example
variable "client_id" {
type = string
default = "${env("ARM_CLIENT_ID")}"
}
variable "client_secret" {
type = string
default = "${env("ARM_CLIENT_SECRET")}"
}
variable "subscription_id" {
type = string
default = "${env("ARM_SUBSCRIPTION_ID")}"
}
locals { timestamp = regex_replace(timestamp(), "[- TZ:]", "") }
source "azure-dtl" "example" {
subscription_id = "${var.subscription_id}"
client_id = "${var.client_id}"
client_secret = "${var.client_secret}"
disallow_public_ip = true
dtl_artifacts {
artifact_name = "linux-apt-package"
parameters {
name = "packages"
value = "vim"
}
parameters {
name = "update"
value = "true"
}
parameters {
name = "options"
value = "--fix-broken"
}
}
image_offer = "UbuntuServer"
image_publisher = "Canonical"
image_sku = "16.04-LTS"
lab_name = "packer-test"
lab_resource_group_name = "packer-test"
lab_virtual_network_name = "dtlpacker-test"
location = "South Central US"
managed_image_name = "ManagedDiskLinux-${local.timestamp}"
managed_image_resource_group_name = "packer-test"
os_type = "Linux"
vm_size = "Standard_DS2_v2"
}
build {
sources = ["source.azure-dtl.example"]
}