Build automated Machine Images using Packer

1. Packer
Introduction and usage
Beginners level

2. Why packer?
 No specific and powerful tool to create images for multiple platforms like
AWS, Azure, Google Cloud, Vagrant, virtual-box etc.
 Various tools for creating images for different platforms
 Packer is easy to use tool and automates the creation of any type of machine
image.
 It embraces modern configuration management by encouraging you to use a
framework such as Chef or Puppet to install and configure the software within
your Packer-made images

4. What is packer
 Packer is an open source tool for creating machine images for multiple
platforms from a single source configuration.
 Packer can run on every major operating system, creating machine images for
multiple platforms in parallel.
 Packer does not replace configuration management like Chef or Puppet. In
fact, when building images, Packer is able to use tools like Chef or Puppet to
install software onto the image.

5. Advantages of packer
 Super fast infrastructure deployment
 Multi provider support
 Improved stability
 Greater testability

6. Packer Installation
 Using a precompiled binary
 Installing from source
 An unofficial alternative installation method
Reference - https://www.packer.io/intro/getting-started/install.html

7. Packer Template
Templates are JSON files that configure the various components of Packer in
order to create one or more machine images.
 Builders (required parameter)
 Communicators (optional parameter)
 Engine
 Post processors (optional parameter)
 Provisioners (optional parameter)
 User variables (optional parameter)

8. Packer template explained
 builders - array of objects used to create the machine image
 description - string to provide the description of what template does
 post processor - array of objects defining various steps to take once builder
part is complete.
 Provisioners - It will be used to install and configure software for the
machines created by the builders.
 Variables - key/value strings that defines user variables contained in the
template.

9. Builders
 Some examples of builders are
 Amazon EC2
 Docker
 Azure
 Alicloud ECS
 Digital ocean
 Google cloud

10. Communicator
 Every build is associated with a single communicator, communicators are used
to establish a connection for provisioning a remote machine e.g.
ssh for linux box
winrm for window box

11. Template Engine
All strings within templates are processed by a common Packer templating
engine, where variables and functions can be used to modify the value of a
configuration parameter at runtime.
 The syntax of templates uses the following conventions:
 Anything template related happens within double-braces: {{ }}.
 Functions are specified directly within the braces, such as {{timestamp}}.
 Template variables are prefixed with a period and capitalized, such as
{{.Variable}}.

12. Provisioner
Provisioners use built-in and third-party software to install and configure the
machine image after booting. Provisioners prepare the system for use, so
common use cases for provisioners include:
 installing packages
 patching the kernel
 creating users
 downloading application code

13. Examples of provisioner
 Ansible (local and remote)
 Chef (client and solo)
 File
 Shell
 Salt
 Puppet

14. Post processor
Post-processors run after the image is built by the builder and provisioned by the
provisioner(s). Post-processors are optional, and they can be used to upload
artifacts, re-package, or more
 Import - alicloud/amazon
 Compress
 Checksum
 Docker - import/push/save/tag
 Google compute
 Shell
 Vagrant and vsphere

16. Packer commands
 packer build
 packer inspect
 packer validate
 packer fix
 packer build (-color -debug -force -except -on-error)

17. Builders sample code
 {
"builders": [
{
"type": "amazon-ebs",
"access_key": "...",
"secret_key": "...",
"region": "us-east-1",
"source_ami": "ami-fce3c696",
"instance_type": "t2.micro",
"ssh_username": ”ec2-user",
}
],

18. Provisioners sample code
"provisioners": [{
"type": "shell",
"inline": [
"sudo yum update -y",
"sudo yum install curl wget vim git mlocate zip unzip dstat jq ruby telnet nc bind-utils -y",
]
},
{
"type": "file",
"source": ”/tmp/dummy.tar.gz",
"destination": "/tmp/dummy.tar.gz"
}
]

19. Post processor sample code
"post-processors" : [
[
{
"type": "shell-local",
"inline": [ "/usr/bin/ovftool <packer-output-directory>/<vmware-name>.vmx <packer-out-directory>/<vmware-name>.ova" ]
}
{
"type": "amazon-import",
"access_key": "YOUR KEY HERE",
"secret_key": "YOUR SECRET KEY HERE",
"region": "us-east-1",
"s3_bucket_name": "importbucket",
"license_type": "BYOL"
}
}
]]

20. Simplest working code
cat sample1.json
{
"builders": [{
"type": "amazon-ebs",
"region": "us-east-1",
"source_ami": "ami-af22d9b9",
"instance_type": "t2.micro",
"ssh_username": "ubuntu",
"ami_name": "packer-example {{timestamp}}"
}]
}

21. Running your sample packer code
$packer validate sample1.json
Template validated successfully.
$packer inspect sample1.json
Variables:
<No variables>
Builders:
amazon-ebs
Provisioners:
<No provisioners>
$packer build sample1.json

22. Main steps executed in background
 Pre validating AMI Name
 Creating temporary keypair:
 Creating temporary security group for this instance:
 Authorizing access to port 22 from 0.0.0.0/0 in the temporary security group
 Launching a source AWS instance
 Adding tags to source instance
 Waiting for SSH to become available and connect to ssh
 Stopping the source instance
 Creating the AMI: packer-example
 Terminating the source AWS instance
 Deleting temporary security group.
 Deleting temporary keypair
 Build 'amazon-ebs' finished.

23. Packer code with variables

24. Use of variables in packer
 Defining dynamically by passing parameters
packer build -var ‘aws_access_key=XXXXXXX ’ -var ‘aws_secret_key=test-packer’
We can define all the variables in a file and parse the file while running packer
packer build -var-file=vars.json
cat var.json
{
"aws_access_key": “XXXXXXX”,
"aws_secret_key": “XXXXXXX”,
}
 Define inside the variable block (main file) – not recommended

25. Packer code with provisioners type shell-1

26. Packer code with provisioners shell-2

27. Packer inspect shows type of provisioners used
Note: shell-1 and shell-2 in above examples will return the same output

28. Provisioners Advanced
 type - ansible-local
Runs playbook on remote machine in local mode and playbooks needs to be uploaded from your build
machine
{
"type": "ansible-local",
"playbook_file": "local.yml"
}
 type – ansible
It dynamically creates an Ansible inventory file configured to use SSH to the machine being provisioned
by Packer, executes ansible-playbook.
{
"type": "ansible",
"extra_arguments": [ "-vvvv" ],
"playbook_file": "./playbook.yml"
}

29.  type - chef-client
It installs and configures software on machines built by Packer using chef-client. Packer configures a
Chef client to talk to a remote Chef Server to provision the machine. The provisioner will even install
Chef onto your machine if it isn't already installed, using the official Chef installers provided by Chef.
{
"type": "chef-client",
"server_url": "https://mychefserver.com/"
}
 type – chef-solo
The Chef solo Packer provisioner installs and configures software on machines built by Packer using chef-
solo. Cookbooks can be uploaded from your local machine to the remote machine or remote paths can
be used.
{
"type": "chef-solo",
"cookbook_paths": ["cookbooks"]
}

30.  type - file
uploads files to machines built by Packer. The recommended usage of the file provisioner is to use it to
upload files, and then use shell provisioner to move them to the proper place, set permissions, etc.
{
"type": "file",
"source": "app.tar.gz",
"destination": "/tmp/app.tar.gz"
}
 type – puppet-server
provisions Packer machines with Puppet by connecting to a Puppet master.
{
"type": "puppet-server",
"extra_arguments": "--test --pluginsync",
"facter": {
"server_role": "webserver"
}
}

31.  type – puppet-masterless
It configures Puppet to run on the machines by Packer from local modules and manifest files. Modules
and manifests can be uploaded from your local machine to the remote machine. Puppet runs in
masterless mode, meaning it never communicates to a Puppet master.
{
"type": "puppet-masterless",
"manifest_file": "site.pp"
}
 type – shell
The shell Packer provisioner provisions machines built by Packer using shell scripts. Shell provisioning is
the easiest way to get software installed and configured on a machine.
{
"type": "shell",
"inline”, “script”, “scripts”
}

32.  type – shell-local
shell-local will run the shell script on your build server
{
"type": "shell-local",
"environment_vars": ["PROVISIONERTEST=ProvisionerTest1"],
"scripts": ["./scripts/dummy.sh"]
}
 type – custom
that install and configure software into a running machine prior to turning that machine into an image.
An example of a provisioner is the shell provisioner, which runs shell scripts within the machines.

33. References
 https://www.packer.io