Building Windows images with Packer

Hi, folks!

Sometimes you need to create a base or custom image to use one in any kind of automated deployments (CD pipelines, Dev, QA  and etc.) in cloud or on-premises environments. Then, you might start searching for a good solution to make your task easier. Built-in sysprep?  Well, it’s a classic way for Windows without any additional functionality that might be required especially for clouds. So, what can be used for such task?  Definitely, Packer from HashiCorp would be one of the best tool. It allows you to build your custom image from Marketplace image (as for example) and place that image to the Azure Images for further usage.

In the JSON-example below, Packer uses provided options for authentication (variable section) and passes them to the Azure Resource Manager builder section. Packer supports a bunch of builders such as Azure, Hyper-V, VMware or AWS . In my case, Packer uses Azure RM and it’s Windows Server 2019-Datacenter marketplace image, creates a VM, connects to the VM via communicator (see communicator subsection), and then prepares image by running scripts and actions defined in the provisioners section.  I’m using here two PowerShell scripts for installing IIS role and OS sysprepping at the end of customization. Also, packer automatically updates OS and restarts it if necessary (custom windows-update and built-in windows-restart provisioners)

{
    "variables": {
        "client_id": "service principal|id here",
        "client_secret": "service principal| secret here",
        "tenant_id": "AD tenant's id here",
        "subscription_id": "subscription's id here"
    },
    "builders": [
        {
            "type": "azure-arm",
            "client_id": "{{user `client_id`}}",
            "client_secret": "{{user `client_secret`}}",
            "tenant_id": "{{user `tenant_id`}}",
            "subscription_id": "{{user `subscription_id`}}",
            "os_type": "Windows",
            "image_publisher": "MicrosoftWindowsServer",
            "image_offer": "WindowsServer",
            "image_sku": "2019-Datacenter",
            "image_version": "latest",
            "managed_image_resource_group_name": "TestRG",
            "managed_image_name": "ws2019-iis",
            "disk_caching_type": "ReadWrite",
            "communicator": "winrm",
            "winrm_use_ssl": true,
            "winrm_insecure": true,
            "winrm_timeout": "20m",
            "winrm_username": "packer",
            "location": "West Europe",
            "vm_size": "Standard_A2_v2",
            "azure_tags": {
                "dept": "IT"
            }
        }
    ],
    "provisioners": [
        {
            "type": "powershell",
            "inline": [
                "Write-Host 'Configuring IIS Role and sysprepping...'"
            ]
        },
        {
            "type": "powershell",
            "script": "./scripts/iis-install.ps1"
        },
        {
            "type": "windows-update"
        },
        {
            "type": "windows-restart"
        },
        {
            "type": "powershell",
            "script": "./scripts/iis-sysprep.ps1"
        }
    ]
}

When you end up with the configuration file, run packer build and wait while customization steps finish. Packer’s basic steps for a build are:

  • Create a resource group.
  • Validate and deploy a VM template.
  • Execute provision – defined by the user; typically shell commands.
  • Power off and capture the VM.
  • Delete the resource group.
  • Delete the temporary VM’s OS disk.

As a result, image with the name defined in the managed_image_name option will be added to Azure Images service:

packer azure images

Scripts and other stuff will be available on my GitHub soon. Stay tuned.

Public preview of Azure Cloud Shell

At the recent Build conference, Microsoft officially announced public preview of Azure Cloud Shell browser-accessible, pre-configured shell experience for managing Azure resources without the overhead of installing, versioning, and maintaining a machine yourself.

Cloud Shell runs entirely on containers orchestrated by Kubernetes and shows us just another example of how container technology can revolutionize solutions built on Azure.

Machine for Cloud Shell is not persistent and temporary provided on a per-request basis (1 machine per 1 user, permissions are set as a regular Linux user). That machine’s hosting is free. You just need to pay for storage that it consumes (file share –> described later in this post).

Cloud Shell comes with the support of well known tools and languages:

Category Name
Azure Tools Azure CLI 2.0 and 1.0
Linux shell interpreter Bash,sh
Text editors vim,nano,emacs
Containers Docker,Kubectl, DC/OS CLI
Language Version
.NET 1.01
Go 1.7
Node.js 6.9.4
Python 2.7 and 3.5
More: use this link

It supports Bash experience so far. Everyone’s favorite PowerShell is coming soon. You can try the new shell today by pressing the special icon at the top navigation bar of the Azure portal.

azure

The new storage account (LRS), resources group and file share will be created during one-time setup.

  • Resource group is named: cloud-shell-storage-
  • Storage Account: cs-uniqueGuid
  • File Share: cs—com-uniqueGuid

As Cloud Shell’s machine is temporary, file share makes possible to persist your bash $Home directory. This file share will mount as clouddrive under your $Home directory and it’s also used to store a 5 GB image created for you that automatically updates and persists your $Home directory as well (see the pic below, acc_<username>.img).

Note: you pay only for this file share. There are no any  additional compute costs.

SNAGHTML5a54f4

To download/upload files you can use portal as usual. For example, I created txt-file in my clouddrive and would like to download it to my local machine. So, I need to open the file share associated with cloud shell, locate the file “text.txt” and just hit “Download”.

To add some files from local machine to clouddrive, use the “Upload” button and then check result by running cd clouddrive and  ls in the cloud shell session

SNAGHTML7097ce

As you may noticed, Cloud Shell automatically authenticates on each session for instant access to your resources through the Azure CLI 2.0. You can even use the interactive mode for Azure CLI 2.0 to ease scripting and save a lot of time

azure shell

Each cloud shell session times out after 10 minutes without any activities

image

That’s great, but that is not the whole news

Cloud Shell is also embedded directly in docs.microsoft.com and it makes Azure CLI samples in documentation fully interactive. To evaluate this new functionality, go to Azure CLI 2.0 documentation, log in to Cloud Shell by clicking “Try it” and start learning in just a new way.

azure cloud shell and docs

Some more examples

Creating VM in the cloud shell

SNAGHTMLa23890

List of VMs in the resource group with customized output

SNAGHTMLb64914