Packer Build for Azure VM Image Creation -Fails with Authentication Error
34 views
Skip to first unread message
buvan gandhi
Aug 29, 2018, 3:08:40 AM8/29/18
to Packer
Hello Team,
I am getting authentication (time out error) after running packer build command for running the json file which will create the image of azure VM.
The steps given under the url below exactly followed.
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/build-image-with-packer.
With respect to Service principal creation,
1) I registered application as Web/API type in AD (Pay as you go model, self subscription in azure) and created key for the application under keys.
2) I also add this application as owner under Subscriptions IAM list.
I ran the below commands to get my application id, object id , tenant id and subscription id.
PS C:\packertool> Get-AzureRmADServicePrincipal | ? { $_.DisplayName -like '*Packer*' }
ServicePrincipalNames : {http://packerauth.com, 3bca45c4-8458-4780-84b2-02fa867422a5}
ApplicationId : 3bca45c4-8458-4780-84b2-02fa867422a5
DisplayName : packer
Id : b994ec99-b744-48bd-a569-2c971cc04044
Type : ServicePrincipal
PS C:\packertool> Get-AzureRmSubscription
Name : Pay-As-You-Go
Id : a23f758c-a4e6-421e-bd84-ef12d516a9c7
TenantId : f38a1eb1-ab85-46bb-a02d-195296a118cc
State : Enabled
The below is my json file content given under Packer build command.
{"builders": [
{
"type": "azure-arm",
"client_id": "3bca45c4-8458-4780-84b2-02fa867422a5",
"client_secret":"6357mxW4HB1UxPTKv+0/lLMkjzLgG6GT6kAtl94xRrA=",
"tenant_id": "f38a1eb1-ab85-46bb-a02d-195296a118cc",
"subscription_id": "a23f758c-a4e6-421e-bd84-ef12d516a9c7",
"object_id": "b994ec99-b744-48bd-a569-2c971cc04044",
"managed_image_resource_group_name": "RGPacker",
"managed_image_name":"test",
"os_type": "Windows",
"image_publisher": "MicrosoftWindowsServer",
"image_offer": "WindowsServer",
"image_sku": "2016-Datacenter-with-Containers",
"azure_tags": {
"dept": "Engineering",
"task": "Image deployment"
},
"location": "East US",
"vm_size": "Standard_A2"
}
],
"provisioners": [{
"type": "powershell",
"inline": [
"Add-WindowsFeature Web-Server",
"if( Test-Path $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml ){ rm $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml -Force}",
"& $Env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /shutdown /quiet"
]
}
]
}
I am getting the below error when I run the above json.
C:\PackerTool>packer build vmtestDL.json
azure-arm output will be in this color.
==> azure-arm: Running builder ...
Build 'azure-arm' errored: adal: Failed to execute the refresh request. Error =
'Post https://login.microsoftonline.com/f38a1eb1-ab85-46bb-a02d-195296a118cc/oau
th2/token?api-version=1.0: dial tcp 104.211.216.38:443: i/o timeout'
==> Some builds didn't complete successfully and had errors:
--> azure-arm: adal: Failed to execute the refresh request. Error = 'Post https:
//login.microsoftonline.com/f38a1eb1-ab85-46bb-a02d-195296a118cc/oauth2/token?ap
i-version=1.0: dial tcp 104.211.216.38:443: i/o timeout'
Please advise what is missing. It is critical to solve this.
thanks,
Buvana
==> Builds finished but no artifacts were created.
I am getting authentication (time out error) after running packer build command for running the json file which will create the image of azure VM.
The steps given under the url below exactly followed.
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/build-image-with-packer.
With respect to Service principal creation,
1) I registered application as Web/API type in AD (Pay as you go model, self subscription in azure) and created key for the application under keys.
2) I also add this application as owner under Subscriptions IAM list.
I ran the below commands to get my application id, object id , tenant id and subscription id.
PS C:\packertool> Get-AzureRmADServicePrincipal | ? { $_.DisplayName -like '*Packer*' }
ServicePrincipalNames : {http://packerauth.com, 3bca45c4-8458-4780-84b2-02fa867422a5}
ApplicationId : 3bca45c4-8458-4780-84b2-02fa867422a5
DisplayName : packer
Id : b994ec99-b744-48bd-a569-2c971cc04044
Type : ServicePrincipal
PS C:\packertool> Get-AzureRmSubscription
Name : Pay-As-You-Go
Id : a23f758c-a4e6-421e-bd84-ef12d516a9c7
TenantId : f38a1eb1-ab85-46bb-a02d-195296a118cc
State : Enabled
The below is my json file content given under Packer build command.
{"builders": [
{
"type": "azure-arm",
"client_id": "3bca45c4-8458-4780-84b2-02fa867422a5",
"client_secret":"6357mxW4HB1UxPTKv+0/lLMkjzLgG6GT6kAtl94xRrA=",
"tenant_id": "f38a1eb1-ab85-46bb-a02d-195296a118cc",
"subscription_id": "a23f758c-a4e6-421e-bd84-ef12d516a9c7",
"object_id": "b994ec99-b744-48bd-a569-2c971cc04044",
"managed_image_resource_group_name": "RGPacker",
"managed_image_name":"test",
"os_type": "Windows",
"image_publisher": "MicrosoftWindowsServer",
"image_offer": "WindowsServer",
"image_sku": "2016-Datacenter-with-Containers",
"azure_tags": {
"dept": "Engineering",
"task": "Image deployment"
},
"location": "East US",
"vm_size": "Standard_A2"
}
],
"provisioners": [{
"type": "powershell",
"inline": [
"Add-WindowsFeature Web-Server",
"if( Test-Path $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml ){ rm $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml -Force}",
"& $Env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /shutdown /quiet"
]
}
]
}
I am getting the below error when I run the above json.
C:\PackerTool>packer build vmtestDL.json
azure-arm output will be in this color.
==> azure-arm: Running builder ...
Build 'azure-arm' errored: adal: Failed to execute the refresh request. Error =
'Post https://login.microsoftonline.com/f38a1eb1-ab85-46bb-a02d-195296a118cc/oau
th2/token?api-version=1.0: dial tcp 104.211.216.38:443: i/o timeout'
==> Some builds didn't complete successfully and had errors:
--> azure-arm: adal: Failed to execute the refresh request. Error = 'Post https:
//login.microsoftonline.com/f38a1eb1-ab85-46bb-a02d-195296a118cc/oauth2/token?ap
i-version=1.0: dial tcp 104.211.216.38:443: i/o timeout'
Please advise what is missing. It is critical to solve this.
thanks,
Buvana
==> Builds finished but no artifacts were created.
Alvaro Miranda Aguilera
Sep 5, 2018, 4:54:31 AM9/5/18
to packe...@googlegroups.com
Hello
Please don't share credentials over the internet as people may be tempted to use then and you get a you will be paying the bill
make sure to rotate all the creds, and recreate them
When done
Create a GitHub repo with your code, and share a gist (gist.github.com) for review.
Heres a packer template for azure that works, and here all the variables needed to make it work:
Alvaro.
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/8727d8f1-68b6-4f8a-ad5d-a43be6c935da%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Alvaro
Reply all
Reply to author
Forward
0 new messages