azure-arm Windows VM provisioning with Ansible

Question

Is it possible to use Packer on a Mac to create a Windows VM on azure-arm with Ansible as provisioner? I am looking for a working example.

Packer documentation mentions that winrm communicator needs a connection_plugin for Packer, but it has not been updated since Ansible 2.6.

ansible_playbook.sh runs ansible-playbook using these libraries with python 3.6

pywinrm[kerberos]==0.2.2
ansible[azure]

    #!/bin/bash
    source /usr/local/miniconda3/etc/profile.d/conda.sh && conda activate ${CONDA_ENV} && ANSIBLE_FORCE_COLOR=1 PYTHONUNBUFFERED=1 /usr/local/miniconda3/envs/py36_64/bin/ansible-playbook "$@"

My ansible-playbook packer.yml is simple:

    ---
    - name: setup new Azure box
      hosts: default
      gather_facts: no

      vars_files:
        - dependencies.yml

      roles:
        - {role: ansible-windows-java, tags: java}
        - {role: itigoag.chrome, tags: chrome}

My packer.json for Azure looks like this:

{
  "builders": [
    {
      "client_id": "{{user `arm_client_id`}}",
      "client_secret": "{{user `arm_client_secret`}}",
      "communicator": "winrm",
      "image_offer": "VisualStudio",
      "image_publisher": "MicrosoftVisualStudio",
      "image_sku": "VS-2017-Comm-Latest-WS2016",
      "image_version": "latest",
      "location": "{{user `arm_location`}}",
      "managed_image_name": "windows2016-vsc",
      "managed_image_resource_group_name": "{{user `arm_resource_group`}}",
      "os_type": "Windows",
      "subscription_id": "{{user `arm_subscription_id`}}",
      "tenant_id": "{{user `arm_tenant_id`}}",
      "type": "azure-arm",
      "winrm_insecure": "true",
      "winrm_timeout": "3m",
      "winrm_use_ssl": "true",
      "winrm_username": "packer",
      "vm_size": "Standard_D8_v3"
    }
  ],
  "provisioners": [
    {
      "command": "/usr/local/bin/ansible_playbook.sh",
      "extra_arguments": [
        "--connection", "packer",
        "--extra-vars", "ansible_shell_type=powershell ansible_shell_executable=None"
      ],
      "playbook_file": "packer.yml",
      "type": "ansible"
    }
  ],
  "variables": {
    "arm_client_id": "{{env `ARM_CLIENT_ID`}}",
    "arm_client_secret": "{{env `ARM_CLIENT_SECRET`}}",
    "arm_location": "{{env `ARM_LOCATION`}}",
    "arm_resource_group": "{{env `ARM_RESOURCE_GROUP`}}",
    "arm_storage_account": "{{env `ARM_STORAGE_ACCOUNT`}}",
    "arm_subscription_id": "{{env `ARM_SUBSCRIPTION_ID`}}",
    "arm_tenant_id": "{{env `ARM_TENNANT_ID`}}"
  }
}

A VM is created, but the process stops after a while with the following errors in the log, pointing to use of ssh, but winrm is mentioned too! Unclear how this is supposed to work.

==> azure-arm: Waiting for WinRM to become available...
==> azure-arm: #< CLIXML
    azure-arm: WinRM connected.
==> azure-arm: <Objs Version="1.1.0.1" xmlns="http://schemas.microsoft.com/powershell/2004/04"><Obj S="progress" RefId="0"><TN RefId="0"><T>System.Management.Automation.PSCustomObject</T><T>System.Object</T></TN><MS><I64 N="SourceId">1</I64><PR N="Record"><AV>Preparing modules for first use.</AV><AI>0</AI><Nil /><PI>-1</PI><PC>-1</PC><T>Completed</T><SR>-1</SR><SD> </SD></PR></MS></Obj><Obj S="progress" RefId="1"><TNRef RefId="0" /><MS><I64 N="SourceId">1</I64><PR N="Record"><AV>Preparing modules for first use.</AV><AI>0</AI><Nil /><PI>-1</PI><PC>-1</PC><T>Completed</T><SR>-1</SR><SD> </SD></PR></MS></Obj></Objs>
==> azure-arm: Connected to WinRM!
==> azure-arm: Provisioning with Ansible...
==> azure-arm: Executing Ansible: /usr/local/bin/ansible_playbook.sh --extra-vars packer_build_name=azure-arm packer_builder_type=azure-arm -o IdentitiesOnly=yes -i /var/folders/hs/b03p_c310l70v6zx1byb4l0r0000gp/T/packer-provisioner-ansible072959676 /Users/bas/code/vd/azure-win2016/packer.yml -e ansible_ssh_private_key_file=/var/folders/hs/b03p_c310l70v6zx1byb4l0r0000gp/T/ansible-key860669585 --connection packer --extra-vars ansible_shell_type=powershell ansible_shell_executable=None
    azure-arm:
    azure-arm: PLAY [setup new Azure box] *****************************************************
    azure-arm:
    azure-arm: TASK [ansible-windows-java : Install Java] *************************************
    azure-arm: Saturday 29 June 2019  20:58:35 +0200 (0:00:00.155)       0:00:00.155 *********
    azure-arm: fatal: [default]: FAILED! => changed=false
    azure-arm:   module_stderr: |-
    azure-arm:     Warning: Permanently added '[127.0.0.1]:54679' (RSA) to the list of known hosts.
    azure-arm:     Parameter format not correct - ;
    azure-arm:   module_stdout: ''
    azure-arm:   msg: |-
    azure-arm:     MODULE FAILURE
    azure-arm:     See stdout/stderr for the exact error
    azure-arm:   rc: 1
    azure-arm:
    azure-arm: PLAY RECAP *********************************************************************
    azure-arm: default                    : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0
    azure-arm:
    azure-arm: Saturday 29 June 2019  20:58:36 +0200 (0:00:00.726)       0:00:00.881 *********
    azure-arm: ===============================================================================
    azure-arm: ansible-windows-java : Install Java ------------------------------------- 0.73s
    azure-arm: Playbook run took 0 days, 0 hours, 0 minutes, 0 seconds
==> azure-arm:
==> azure-arm: Cleanup requested, deleting resource group ...

This is too broad, and would be closed if it did not have a bounty on it. Please edit it to show what research/code you have now. — halfer, Jun 29 '19 at 16:35

score 0 · Answer 1 · answered Jun 24 '19 at 05:44

0

Is it possible to use Packer on a Mac to create a Windows VM on azure-arm with Ansible as provisioner?

You just can create a Windows VM image through the Packer with Ansible provisioner and then create the Windows VM from the image that you create.

For the Ansible provisioner in Packer, you can take a look at Ansible Provisioner. And for Windows VM image, you can take a look at How to use Packer to create Windows virtual machine images in Azure. Create the Ansible file as you want to execute inside the VM and use it.

When the VM image is created, then you can create the Windows VM from the image.

answered Jun 24 '19 at 05:44

Charles Xu

29,862
2
22
39

Did you try to actually do it? – bbaassssiiee Jun 24 '19 at 13:30
@bbaassssiiee No, I have no experience with the Ansible. – Charles Xu Jun 24 '19 at 13:31
1

Then why do you answer? – bbaassssiiee Jun 24 '19 at 13:33
@bbaassssiiee I have the experience with Packer. So the part about the Packer is right. And I find the example of the Packer with Ansible provisioner. What do you mean when say this? I do not need to answer you? – Charles Xu Jun 24 '19 at 13:36
As stated in the question, I am looking for a working example of the combination. – bbaassssiiee Jun 24 '19 at 13:42
@bbaassssiiee The Ansible provisioner in the answer does not show the combination to you? – Charles Xu Jun 24 '19 at 13:44
It needs more config than that – bbaassssiiee Jun 24 '19 at 13:48
1

@bbaassssiiee It's too broad. You need to specialize your goal and what is the exact you want. – Charles Xu Jun 24 '19 at 13:51
@bbaassssiiee Why do you use the bash in Windows VM? I think PowerShell is more appropriate for Windows. And can you provide the content of your ansible_playbook.sh and packer.yaml? – Charles Xu Jul 02 '19 at 07:26
ansible_playbook.sh runs on the Mac to provision the windows machine using winrm. It wraps a python3 virtualenv with appropriate libraries. – bbaassssiiee Jul 02 '19 at 11:03
@bbaassssiiee What about the ansible yaml file? – Charles Xu Jul 03 '19 at 09:08
I edited the question, but there is no working answer yet unfortunately... – bbaassssiiee Jul 05 '19 at 12:15

score 0 · Accepted Answer · answered Jan 25 '20 at 09:42

With the kind help of Microsoft I found a solution for the packer.json:

{
  "builders": [
    {
      "client_id": "{{user `arm_client_id`}}",
      "client_secret": "{{user `arm_client_secret`}}",
      "communicator": "winrm",
      "image_offer": "{{user `image_offer`}}",
      "image_publisher": "{{user `image_publisher`}}",
      "image_sku": "{{user `image_sku`}}",
      "image_version": "latest",
      "location": "{{user `arm_location`}}",
      "managed_image_name": "{{user `managed_image_name`}}",
      "managed_image_resource_group_name": "{{user `arm_resource_group`}}",
      "os_type": "Windows",
      "subscription_id": "{{user `arm_subscription_id`}}",
      "tenant_id": "{{user `arm_tenant_id`}}",
      "type": "azure-arm",
      "vm_size": "Standard_D8_v3",
      "winrm_insecure": true,
      "winrm_timeout": "1h",
      "winrm_use_ssl": true,
      "winrm_username": "packer"
    }
  ],
  "provisioners": [
    {
      "type": "powershell",
      "inline": "Invoke-RestMethod -Headers @{\"Metadata\"=\"true\"} -URI 'http://169.254.169.254/metadata/instance/network/interface/0/ipv4/ipAddress/0/publicIpAddress?api-version=2017-08-01&format=text' | Out-File -Append -Encoding utf8 C:/Windows/Temp/ip-address"
    },
    {
      "type": "file",
      "direction": "download",
      "source": "C:/Windows/Temp/ip-address",
      "destination": "./ansible/hosts"
    },
    {
      "type": "shell-local",
      "inline": [
        "IP=`cut -b 4- ansible/hosts`",
        "echo \"[default]\\n${IP}\" > ansible/hosts"
      ]
    },
    {
      "type": "shell-local",
      "environment_vars": "WINRMPASS={{.WinRMPassword}}",
      "command": "ansible-playbook -vv -i ./ansible/hosts packer.yml"
    },
    {
    "type": "powershell",
    "inline": [
      "(gcim win32_service | ? { $_.name -match 'WindowsAzureGuestAgent' }).PathName",
      "get-service WindowsAzureGuestAgent | ft -autosize"
      ]
    },
    {
      "type": "powershell",
      "inline": [
        " # NOTE: the following *3* lines are only needed if the you have installed the Guest Agent.",
        "  while ((Get-Service RdAgent).Status -ne 'Running') { Start-Sleep -s 5 }",
        "  while ((Get-Service WindowsAzureTelemetryService).Status -ne 'Running') { Start-Sleep -s 5 }",
        "  while ((Get-Service WindowsAzureGuestAgent).Status -ne 'Running') { Start-Sleep -s 5 }",
        "if( Test-Path $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml ){ rm $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml -Force}",
        "& $env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /quiet /quit",
        "while($true) { $imageState = Get-ItemProperty HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\State | Select ImageState; if($imageState.ImageState -ne 'IMAGE_STATE_GENERALIZE_RESEAL_TO_OOBE') { Write-Output $imageState.ImageState; Start-Sleep -s 10  } else { break } }"
      ]
    }
  ],
  "variables": {
    "arm_client_id": "{{env `ARM_CLIENT_ID`}}",
    "arm_client_secret": "{{env `ARM_CLIENT_SECRET`}}",
    "arm_location": "{{env `ARM_LOCATION`}}",
    "arm_resource_group": "{{env `ARM_RESOURCE_GROUP`}}images",
    "arm_subscription_id": "{{env `ARM_SUBSCRIPTION_ID`}}",
    "arm_tenant_id": "{{env `ARM_TENNANT_ID`}}",
    "image_offer": "{{env `ARM_IMAGE_OFFER`}}",
    "image_publisher": "{{env `ARM_IMAGE_PUBLISHER`}}",
    "image_sku": "{{env `ARM_IMAGE_SKU`}}",
    "managed_image_name": "{{env `ARM_MANAGED_IMAGE_NAME`}}"
  }
}

azure-arm Windows VM provisioning with Ansible

2 Answers2