[英]Build Windows EC2 Image with Packer
運行打包程序構建時,我在Waiting for WinRM to become available...
並在 15 分鍾后失敗。 任何建議,請!
我正在使用packer -version --> 1.5.5
以 packer build 運行packer build packer-aws-windows-ami.json
詳情如下:-
執行日志:
amazon-ebs: output will be in this color.
==> amazon-ebs: Prevalidating any provided VPC information
==> amazon-ebs: Prevalidating AMI Name: Nigam-Packer-Win2016-Test
amazon-ebs: Found Image ID: ami-0b2ce977c1b36856d
==> amazon-ebs: Creating temporary keypair: packer_5ea79a20-dd01-a7d5-6760-xa134e097ff1
==> amazon-ebs: Launching a source AWS instance...
==> amazon-ebs: Adding tags to source instance
amazon-ebs: Adding tag: "Name": "Packer Builder"
amazon-ebs: Instance ID: i-025xebcexa6b7cc28
==> amazon-ebs: Waiting for instance (i-025xebcexa6b7cc28) to become ready...
==> amazon-ebs: Skipping waiting for password since WinRM password set...
==> amazon-ebs: Using winrm communicator to connect: 16.226.144.187
==> amazon-ebs: Waiting for WinRM to become available...
==> amazon-ebs: Timeout waiting for WinRM.
==> amazon-ebs: Terminating the source AWS instance...
==> amazon-ebs: Cleaning up any extra volumes...
==> amazon-ebs: No volumes to clean up, skipping
==> amazon-ebs: Deleting temporary keypair...
Build 'amazon-ebs' errored: Timeout waiting for WinRM.
==> Some builds didn't complete successfully and had errors:
--> amazon-ebs: Timeout waiting for WinRM.
==> Builds finished but no artifacts were created.
打包機-aws-windows-ami.json
{
"variables": {
"build_version": "{{isotime \"2020.04.29.103307\"}}",
"aws_access_key": "{{env `AWS_ACCESS_KEY_ID`}}",
"aws_secret_key": "{{env `AWS_SECRET_ACCESS_KEY`}}",
"region": "us-east-2",
"instance_type": "t3.large",
"vpc_id": "myvpc",
"subnet_id": "mysubnet",
"ssh_keypair_name": "./key.pem",
"security_group_id": "sg-id",
"user_data_file": "userdata.txt",
"name": "Packer_AMI_TEST"
},
"builders": [
{
"type": "amazon-ebs",
"access_key": "{{ user `aws_access_key` }}",
"secret_key": "{{ user `aws_secret_key` }}",
"region": "{{ user `region` }}",
"ami_name": "Test_Packer-Win-{{timestamp}}",
"source_ami_filter": {
"filters": {
"name": "Windows_Server-2016-English-Full-Base-*",
"root-device-type": "ebs",
"virtualization-type": "hvm" },
"most_recent": true,
"owners": ["amazon"]
},
"instance_type": "{{user `instance_type`}}",
"vpc_id": "{{user `vpc_id`}}",
"subnet_id": "{{user `subnet_id`}}",
"security_group_id": "{{user `security_group_id`}}",
"user_data_file": "{{user `user_data_file`}}",
"ami_name": "Nigam-Packer-Win2016-Test",
"ssh_private_key_file": "{{user `ssh_keypair`}}",
"associate_public_ip_address": true,
"communicator": "winrm",
"winrm_username": "Administrator",
"winrm_password": "SuperS3cr3t!",
"winrm_timeout": "15m",
"winrm_use_ssl": true,
"winrm_insecure": true
}
],
"provisioners": [
{
"type": "powershell",
"inline": [
"Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServerRole",
"Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServer"
]
},
{
"type": "windows-restart",
"restart_check_command": "powershell -command \"& {Write-Output 'Machine restarted.'}\""
},
{
"type": "powershell",
"inline": [
"C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeInstance.ps1 -Schedule",
"C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\SysprepInstance.ps1 -NoShutdown"
]
}
]
}
用戶數據.txt
# Create username and password
net user Administrator SuperS3cr3t!!!
wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE
Set-ExecutionPolicy Unrestricted -Scope LocalMachine -Force -ErrorAction Ignore
# Don't set this before Set-ExecutionPolicy as it throws an error
$ErrorActionPreference = "stop"
# Remove HTTP listener
Remove-Item -Path WSMan:\Localhost\listener\listener* -Recurse
# Create a self-signed certificate to let ssl work
$Cert = New-SelfSignedCertificate -CertstoreLocation Cert:\LocalMachine\My -DnsName "packer"
New-Item -Path WSMan:\LocalHost\Listener -Transport HTTPS -Address * -CertificateThumbPrint $Cert.Thumbprint -Force
# WinRM
write-output "Setting up WinRM"
write-host "(host) setting up WinRM"
# Configure WinRM to allow unencrypted communication, and provide the
# self-signed cert to the WinRM listener.
cmd.exe /c winrm quickconfig -q
cmd.exe /c winrm set "winrm/config/service" '@{AllowUnencrypted="true"}'
cmd.exe /c winrm set "winrm/config/client" '@{AllowUnencrypted="true"}'
cmd.exe /c winrm set "winrm/config/service/auth" '@{Basic="true"}'
cmd.exe /c winrm set "winrm/config/client/auth" '@{Basic="true"}'
cmd.exe /c winrm set "winrm/config/service/auth" '@{CredSSP="true"}'
cmd.exe /c winrm set "winrm/config/listener?Address=*+Transport=HTTPS" "@{Port=`"5986`";Hostname=`"packer`";CertificateThumbprint=`"$($Cert.Thumbprint)`"}"
# Make sure appropriate firewall port openings exist
cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes
cmd.exe /c netsh firewall add portopening TCP 5986 "Port 5986"
# Restart WinRM, and set it so that it auto-launches on startup.
cmd.exe /c net stop winrm
cmd.exe /c sc config winrm start= auto
cmd.exe /c net start winrm
我的猜測是打包程序無法連接到在 VPC 中創建的實例,或者用戶數據腳本在啟動時失敗。
要檢查連接性,您可以運行packer build -debug packer.json
它將在每一步停止,因此您可以檢查是否可以從執行 packer 的機器連接到實例。
要檢查第二個猜測,您可以使用相同的基礎 AMI 啟動一個沒有用戶數據的實例。 然后嘗試通過 RDP 連接到它,如果你在,調試腳本。 您可以嘗試使用相同版本的 Windows 在官方 AWS AMI 上對其進行測試。
如果這仍然是一個問題,您可以嘗試使用 PACKER_LOG=1 運行打包程序構建,以了解 winrm 究竟為什么會超時。 我也看到與 winrm 相同的問題,錯誤說
2020/06/18 02:22:37 packer-builder-amazon-ebs plugin: Using host value: 18.191.144.100
2020/06/18 02:22:37 packer-builder-amazon-ebs plugin: [INFO] Attempting WinRM connection...
2020/06/18 02:22:37 packer-builder-amazon-ebs plugin: [DEBUG] connecting to remote shell using WinRM
2020/06/18 02:23:07 packer-builder-amazon-ebs plugin: [ERROR] connection error: unknown error Post "http://18.191.144.100:5986/wsman": dial tcp 18.191.144.100:5986: i/o timeout
就我而言,在aws
中運行良好的代碼今天突然停止運行。 經過大量搜索,我發現這是因為我現在使用的是非默認VPC/SUBNET
,而公共 IP 在該子網上無法連接到winrm
端口。 確保您能夠使用winrm
連接到端口 5986。
刪除密碼
"winrm_password": "SuperS3cr3t,",
我有同樣的問題,出於某種原因,這解決了它。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.