Click "Add Tag" to add a tag and fill the tag data. Extra EC2 tags can be assigned to the new image. When enabled, any EC2 resource tags associated with the source AMI image will be copied to the new AMI image. Indicates what should happen if an AMI image with the same name is found in the target region. Macros can be used to include run-time data. Specify the new description in this field. When copying the image, the new image will have a new description applied. When copying the image, the new image will have a new name applied. Indicates the region in which a new AMI image should be created which is a copy of the original. Indicates the number of days back from the execution time of the action in which any images created will be copied. Required if Image Identification Method is "New Than". The AMI image must reside in the source region. Indicates the ID of the AMI Image to be copied. Required if Image Identification Method is "By Image Id". Newer Than - Copies images that are newer than an indicated number of days. Valid options are:īy Image ID - Copies a single image by it's ID Indicates the method with which to identify which AMI images is to be copied. Please see Common Action Settings for a description of settings common to all action types. For example, using this action, all images newer than 3 days can be copied from Oregon to Ireland. # source.The Copy AMI Images action will copy one or more AMI images within a single region, or from one region to another. A build block runs provisioner and post-processors on a # source blocks are generated from your builders a source can be referenced in Specifically I run the recommended tasks to set a random password on next boot and sysprep the image so it looks like a new machine everytime something is spun up from this AMI. Provisioner powershell: This runs after the instance is up, but before it is turned into an AMI.WinRM options: you’ll see those are required in the WinRM enabling script, ez.user_data_file: the LOCAL path to your WinRM enabling script.I am sure I could figure that out eventually, but the string works, and I am lazy. In the old JSON format for Packer, you could just write amazon. most_recent: This is just below the filter for your AMI, but it says if the filter returns multiple results, use the latest one.The options in the filter match what you’d select in the AMIs sub-selection of the EC2 area of AWS. In our case I want a Windows 2019 image, Full experience, with Container Support. Source AMI Filter: This is how you set the different filter options to autoselect your AMI based on that query.force_deregister: set this to true to overwrite your existing AMI when you rebuild (great for images you plan to keep up to date automatically).Variables: Set your subnet ID, VPC ID, region, etc… in the file.What follows is my packer script for setting up a Windows 2019 Server with the Desktop Experience and Container support. It’s pretty slick, only requiring the powershell to enable winrm to be present when you’re doing the packer build. Packer provides a pretty solid starting point: and for our purposes we are going to use WinRM to communicate. With those in place, you’re ready to get cracking. In my example, that would look something like:Įxport PKR_VAR_SKEY=0101MADEUPSECRETKEY42069 Packer uses specific environment variable notation: and It’s inherently a little insecure, but the more limited permissions make it a little more safe than having admin rights or something. You can set your aws access key ID, and secret key as environment variables. Store those somewhere secure, since you can only see them once, and you’ll need them later.Īlso, if you want to start with an AMI that isn’t the latest windows server 2019 with container support, now’s the time to hop into the “AMIs” function of EC2 and play with the filters until you find something you like. This will give you an Access Key ID, and a Secret Key. Once you’ve got your policy created (name it something you can track down), make a new IAM User for running automated tasks. Using Packer’s documentation here: we can arrive at something like the following: In your AWS Account, start by making a policy for Packer to use. Have an idea of what windows AMI you want to start with.Have an AWS Account and VPC to spin stuff up in.
0 Comments
Leave a Reply. |