So, I am creating an Azure image using Packer.
{
"builders": [{
"type": "azure-arm",
"client_id" : "{{user `client_id`}}",
"client_secret" : "{{user `client_secret`}}",
"subscription_id": "{{user `subscription_id`}}",
"tenant_id" : "{{user `tenant_id`}}",
"managed_image_resource_group_name": "{{user `resource_group`}}",
"managed_image_name": "CentOS7_w_GitlabCE_{{timestamp}}",
"os_type" : "Linux",
"image_publisher": "OpenLogic",
"image_offer" : "CentOS",
"image_sku" : "7.3",
"image_version" : "latest",
"location": "{{user `location`}}",
"vm_size" : "Standard_DS2_v2"
}],
"provisioners": [
{
"type": "ansible",
"playbook_file": "./gitlab/ansible/install-gitlab.yml",
"extra_arguments": [
"-vvvv"
]
}
]
}
The image is created nicely and lives inside my resource group in Azure.
Then, I feed its details in Terraform to create a Scale Set.
data "azurerm_image" "image" {
count = "${var.create_gitlab ? 1 : 0}"
//notice: the image must have been created beforehand by Packer (inside the specific resource group)
name = "${var.vm_img_built_via_packer}"
resource_group_name = "${var.resource_group}"
}
resource "azurerm_virtual_machine_scale_set" "vmss" {
...other stuff....
storage_profile_image_reference {
// reference the id of the custom image created with Packer
id = "${data.azurerm_image.image.id}"
}
os_profile {
computer_name_prefix = "${var.prefix}-vm"
admin_username = "someuser"
}
os_profile_linux_config {
disable_password_authentication = true
ssh_keys {
path = "/home/someuser/.ssh/authorized_keys"
key_data = "${file(var.someuser_ssh_pubkey)}"
}
}
...other stuff...
}
When I launch the VMSS I get Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
when I try to SSH in a VM.
However, if I use the same Centos image but directly from Azure, I can SSH in a VM.
Also, what makes me mad is that when I create a Centos image via Packer, without provisioning it with Ansible (really just a Centos image), and use it with the scale set ... I also CANNOT SSH in it.
Feels like Packer makes something nasty.
Looks like you are skipping deprovision step https://packer.io/docs/builders/azure-arm.html#deprovision which is mandatory to empty network and local accounts configurations and to reuse image after.
For Linux you need to execute this command:
/usr/sbin/waagent -force -deprovision+user && export HISTSIZE=0 && sync
Look on example here : https://github.com/hashicorp/packer/blob/master/examples/azure/linux_custom_image.json
Azure docs: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/capture-image#step-1-deprovision-the-vm
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.