Building Windows images with Packer

Hi, folks!

Sometimes you need to create a base or custom image to use one in any kind of automated deployments (CD pipelines, Dev, QA  and etc.) in cloud or on-premises environments. Then, you might start searching for a good solution to make your task easier. Built-in sysprep?  Well, it’s a classic way for Windows without any additional functionality that might be required especially for clouds. So, what can be used for such task?  Definitely, Packer from HashiCorp would be one of the best tool. It allows you to build your custom image from Marketplace image (as for example) and place that image to the Azure Images for further usage.

In the JSON-example below, Packer uses provided options for authentication (variable section) and passes them to the Azure Resource Manager builder section. Packer supports a bunch of builders such as Azure, Hyper-V, VMware or AWS . In my case, Packer uses Azure RM and it’s Windows Server 2019-Datacenter marketplace image, creates a VM, connects to the VM via communicator (see communicator subsection), and then prepares image by running scripts and actions defined in the provisioners section.  I’m using here two PowerShell scripts for installing IIS role and OS sysprepping at the end of customization. Also, packer automatically updates OS and restarts it if necessary (custom windows-update and built-in windows-restart provisioners)

    "variables": {
        "client_id": "service principal|id here",
        "client_secret": "service principal| secret here",
        "tenant_id": "AD tenant's id here",
        "subscription_id": "subscription's id here"
    "builders": [
            "type": "azure-arm",
            "client_id": "{{user `client_id`}}",
            "client_secret": "{{user `client_secret`}}",
            "tenant_id": "{{user `tenant_id`}}",
            "subscription_id": "{{user `subscription_id`}}",
            "os_type": "Windows",
            "image_publisher": "MicrosoftWindowsServer",
            "image_offer": "WindowsServer",
            "image_sku": "2019-Datacenter",
            "image_version": "latest",
            "managed_image_resource_group_name": "TestRG",
            "managed_image_name": "ws2019-iis",
            "disk_caching_type": "ReadWrite",
            "communicator": "winrm",
            "winrm_use_ssl": true,
            "winrm_insecure": true,
            "winrm_timeout": "20m",
            "winrm_username": "packer",
            "location": "West Europe",
            "vm_size": "Standard_A2_v2",
            "azure_tags": {
                "dept": "IT"
    "provisioners": [
            "type": "powershell",
            "inline": [
                "Write-Host 'Configuring IIS Role and sysprepping...'"
            "type": "powershell",
            "script": "./scripts/iis-install.ps1"
            "type": "windows-update"
            "type": "windows-restart"
            "type": "powershell",
            "script": "./scripts/iis-sysprep.ps1"

When you end up with the configuration file, run packer build and wait while customization steps finish. Packer’s basic steps for a build are:

  • Create a resource group.
  • Validate and deploy a VM template.
  • Execute provision – defined by the user; typically shell commands.
  • Power off and capture the VM.
  • Delete the resource group.
  • Delete the temporary VM’s OS disk.

As a result, image with the name defined in the managed_image_name option will be added to Azure Images service:

packer azure images

Scripts and other stuff will be available on my GitHub soon. Stay tuned.

Multibranch pipeline: Jenkinsfile not found

I have been working with Windows-environments for more than 11 years so far and never really thought much  about case-sensitivity (PowerShell, cmd and other tools are case-agnostic, for example, Get-Verb or get-VerB both will work fine). However, today I faced with a little issue while configuring multibranch pipeline in Jenkins:

jenkins multibranch pipeline issue

I use the same paths for my jenkinsfile as for other pipelines (that are not multibranched) and that path is consisted of lowercase letters. In fact, if we open an explorer and check the path, my folder is named as “HelloWorld” plus other directories also have uppercase letters. And once I changed the script path to “HelloWorld/Scripts/Jenkinsfile“, the pipeline successfully checked all branches. The possible reason – multibranch pipelines are provided by completely different and apparently case-sensitive plugin. Looks like we should always use case-sensitive values for everything in order to avoid any strange issues. Ok. New rules, new habits 🙂

jenkins multibranch pipeline issue solution