SSH timeout when

[Arunkumar Janarthanan]

I run Packer 1.2.5 on OSX, I have been trying to create encrypted volume AMI with CIS security hardened script enabled and facing numerous problems with it.

Problem #1. 

I am getting SSH timeout upon adding the below section, however without the below section AMI provisioning looks good except the root volume size always 2 gig. 

Error: 

2018/08/30 13:11:18 packer: 2018/08/30 13:11:18 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:11:38 packer: 2018/08/30 13:11:38 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:11:58 packer: 2018/08/30 13:11:58 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:12:18 packer: 2018/08/30 13:12:18 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:12:38 packer: 2018/08/30 13:12:38 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:12:58 packer: 2018/08/30 13:12:58 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:13:18 packer: 2018/08/30 13:13:18 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:13:38 packer: 2018/08/30 13:13:38 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:13:58 packer: 2018/08/30 13:13:58 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:14:18 packer: 2018/08/30 13:14:18 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:14:38 packer: 2018/08/30 13:14:38 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:14:58 packer: 2018/08/30 13:14:58 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

2018/08/30 13:15:06 packer: 2018/08/30 13:15:06 No AWS timeout and polling overrides have been set. Packer will defalt to waiter-specific delays and timeouts. If you would like to customize the length of time between retries and max number of retries you may do so by setting the environment variables AWS_POLL_DELAY_SECONDS and AWS_MAX_ATTEMPTS to your desired values.

2018/08/30 13:15:18 packer: 2018/08/30 13:15:18 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 54.190.59.198:22: i/o timeout

// -----------

  "ami_block_device_mappings": [ {

            "device_name": "/dev/sda1",

            "volume_size": 64,

            "delete_on_termination": true

        } ],

        "launch_block_device_mappings": [ {

            "device_name": "/dev/sda1",

            "volume_size": 64,

            "delete_on_termination": true

        } ],

// -----

Full json file: this works except it only creates 3 gig root volume. 

=======

{

    "variables" : {

        "region" : "us-west-2"

    },

    "builders" : [

        {

            "type" : "amazon-ebs",

            "profile" : "default",

            "region" : "{{user `region`}}",

            "instance_type" : "t2.micro",

            "source_ami" : "ami-37efa14f",

            "ssh_username" : "ec2-user",

            "ami_name" : "docker-17.12.1-ce",

            "ami_description" : "Amazon Linux Image with Docker-CE",

            "ami_block_device_mappings": [{

            "delete_on_termination": "true",

            "device_name": "/dev/sda1"

            }],

            "run_tags" : {

                "Name" : "AE-Plain",

                "Tool" : "Packer",

                "Author" : "AJ"

            }

        }

    ],

    "provisioners" : [

        {

            "type" : "shell",

            "script" : "./setup.sh"

        },

    {

      "type": "shell",

      "execute_command": "sudo -S bash '{{ .Path }}'",

      "scripts": [

        "amazonlinux-hardening.sh",

        "docker-secure.sh"

      ]

    }

    ]

}

Kindly advise.

Thanks,

AJ 

[Arunkumar Janarthanan]

Apologize for the short subject line and the missing salutations. 

[Rickard von Essen]

It looks like you are using the wrong device_name:

$ AWS_PROFILE=admin aws --region us-west-2 ec2 describe-images --image-ids ami-37efa14f                                                              {

    "Images": [

        {

            "Architecture": "x86_64",

            "CreationDate": "2018-06-22T23:29:16.000Z",

            "ImageId": "ami-37efa14f",

            "ImageLocation": "amazon/amzn2-ami-minimal-hvm-2.0.20180622.1-x86_64-ebs",

            "ImageType": "machine",

            "Public": true,

            "OwnerId": "137112412989",

            "State": "available",

            "BlockDeviceMappings": [

                {

                    "DeviceName": "/dev/xvda",

                    "Ebs": {

                        "Encrypted": false,

                        "DeleteOnTermination": true,

                        "SnapshotId": "snap-04e358335dc927649",

                        "VolumeSize": 2,

                        "VolumeType": "standard"

                    }

                }

            ],

            "Description": "Amazon Linux 2 AMI 2.0.20180622.1 x86_64 Minimal HVM ebs",

            "EnaSupport": true,

            "Hypervisor": "xen",

            "ImageOwnerAlias": "amazon",

            "Name": "amzn2-ami-minimal-hvm-2.0.20180622.1-x86_64-ebs",

            "RootDeviceName": "/dev/xvda",

            "RootDeviceType": "ebs",

            "SriovNetSupport": "simple",

            "VirtualizationType": "hvm"

        }

    ]

}

This thread contains more information:

https://groups.google.com/d/msgid/packer-tool/ea501630-7e60-43aa-a543-cb60f90cbaa5%40googlegroups.com

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/4883a996-6688-4afd-aa29-34d87e8f7a3b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Arunkumar Janarthanan]

Thanks Rickard, I wanted to have the root volume encrypted, for now I had to run another script after provisioning the image to encrypt the AMI through AWS cli. 

Best Regards,
Arun Janarthanan

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/4883a996-6688-4afd-aa29-34d87e8f7a3b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt920KL0a8FpeD3WEJTR-mzH6y2VzAsrOoBDJEauATP7Qw%40mail.gmail.com.

[Rickard von Essen]

Just set encrypt_boot to true.

https://www.packer.io/docs/builders/amazon-ebs.html#encrypt_boot

Best Regards,
Arun Janarthanan

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/4883a996-6688-4afd-aa29-34d87e8f7a3b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt920KL0a8FpeD3WEJTR-mzH6y2VzAsrOoBDJEauATP7Qw%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALJ%2BeNLYoUAQwG2jWKULEnMbW8XZn7f0Oh54VJ3iN1%3DQtkkGTw%40mail.gmail.com.

[Arunkumar Janarthanan]

Thanks, do I not need to mention the KMS id ? 

Best Regards,
Arun Janarthanan

Best Regards,
Arun Janarthanan

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/4883a996-6688-4afd-aa29-34d87e8f7a3b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt920KL0a8FpeD3WEJTR-mzH6y2VzAsrOoBDJEauATP7Qw%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALJ%2BeNLYoUAQwG2jWKULEnMbW8XZn7f0Oh54VJ3iN1%3DQtkkGTw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--

This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt-k%2B1esM8Qc0FwJVqPm%3DSLuTRFeF%3DUO7p%3DWeW461t6QBg%40mail.gmail.com.

[Rickard von Essen]

If you don't set the kms_id you get the default kms key for EBS created by AWS for your account. Which is probably fine unless you have specific security requirements or need to share the underlying snapshots with other accounts.

Best Regards,
Arun Janarthanan

Best Regards,
Arun Janarthanan

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/4883a996-6688-4afd-aa29-34d87e8f7a3b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt920KL0a8FpeD3WEJTR-mzH6y2VzAsrOoBDJEauATP7Qw%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALJ%2BeNLYoUAQwG2jWKULEnMbW8XZn7f0Oh54VJ3iN1%3DQtkkGTw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt-k%2B1esM8Qc0FwJVqPm%3DSLuTRFeF%3DUO7p%3DWeW461t6QBg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALJ%2BeN%2BLKdPaw7BKbkCx1xt6hCPztUPd5RGivLsmZVmCh%3D5s0g%40mail.gmail.com.

[Arunkumar Janarthanan]

That should absolutely be fine for me. Thanks a ton ! 

Best Regards,
Arun Janarthanan

Best Regards,
Arun Janarthanan

Best Regards,
Arun Janarthanan

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/4883a996-6688-4afd-aa29-34d87e8f7a3b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt920KL0a8FpeD3WEJTR-mzH6y2VzAsrOoBDJEauATP7Qw%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALJ%2BeNLYoUAQwG2jWKULEnMbW8XZn7f0Oh54VJ3iN1%3DQtkkGTw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt-k%2B1esM8Qc0FwJVqPm%3DSLuTRFeF%3DUO7p%3DWeW461t6QBg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALJ%2BeN%2BLKdPaw7BKbkCx1xt6hCPztUPd5RGivLsmZVmCh%3D5s0g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--

This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt_3_UFyCZ9n%3DDBJaPnTV0avEQjP12Usqn8_3n8y7ppt4A%40mail.gmail.com.