Packer Operations

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

Internal

Build an Amazon EC2 AMI

Credentials

Amazon credentials can be provided in the template (not recommended) or as environment variables in the context packer is executed:

export AWS_ACCESS_KEY_ID="anaccesskey"
$ export AWS_SECRET_ACCESS_KEY="asecretkey"
$ export AWS_DEFAULT_REGION="us-west-2"

or in ~/.aws/credentials file. To specify a specific profile in the file, set "AWS_PROFILE" environment variable or use insert this in the template, in the corresponding builder block:

{
  "profile": "customprofile",
  ...
}

then

packer build ...

Build

packer build [-machine-readable] <template-name>.json

Debug

-debug

Public Subnet Considerations

Unless specified otherwise, Packer will attempt to connect to the default VPC and will need a public subnet to start its temporary EC2 instance. If the subnet is not public, Packer will not be able to connect with SSH:

1593707769,,ui,say,==> infra-worker: Waiting for instance (i-99999999999999999) to become ready...
1593707787,,ui,say,==> infra-worker: Using ssh communicator to connect: 1.2.3.4
1593707787,,ui,say,==> infra-worker: Waiting for SSH to become available...
1593708087,,ui,error,==> infra-worker: Timeout waiting for SSH.
1593708087,,ui,say,==> infra-worker: Terminating the source AWS instance...

Pre-defined Public IP Address Considerations

There are situations when the Packer VM needs to reach out to a repository that whitelist addresses. In this case, we need determinism in associating the public IP address to the Packer instance: the IP address must be either stable, or be part of a small, know pool of addresses, so we can whitelist.