Error creating AMI: InvalidBlockDeviceMapping: the encrypted flag cannot be specified since device
39 views
Skip to first unread message
Frank Dias
Dec 17, 2018, 12:54:31 AM12/17/18
to Packer
I am erroring out at the end of the build.
template:
| { | |
| "description": "Copy the centos.org CentOS 6 AMI into our account so that we can add boot volume encryption.", | |
| "min_packer_version": "0.11.0", | |
| "variables": { | |
| "aws_region": "us-east-1", | |
| "aws_vpc": null, | |
| "aws_subnet": null, | |
| "ssh_username": "centos" | |
| }, | |
| "builders": [ | |
| { | |
| "type": "amazon-ebs", | |
| "ami_name": "CentOS Linux 6 x86_64 HVM EBS (encrypted) {{isotime \"20060102\"}}", | |
| "ami_description": "CentOS Linux 6 x86_64 HVM EBS (encrypted) {{isotime \"20060102\"}}", | |
| "instance_type": "t2.micro", | |
| "region": "{{user `aws_region`}}", | |
| "vpc_id": "{{user `aws_vpc`}}", | |
| "subnet_id": "{{user `aws_subnet`}}", | |
| "source_ami_filter": { | |
| "filters": { | |
| "owner-alias": "aws-marketplace", | |
| "product-code": "6x5jmcajty9edm3f211pqjfn2", | |
| "virtualization-type": "hvm" | |
| }, "owners": [ "679593333241" ], | |
| "most_recent": true | |
| }, | |
| "ami_virtualization_type": "hvm", | |
| "ssh_username": "{{user `ssh_username`}}", | |
| "associate_public_ip_address": true, | |
| "tags": { | |
| "Name": "CentOS 6", | |
| "OS": "CentOS", | |
| "OSVER": "6" | |
| }, | |
| "encrypt_boot": true, | |
| "ami_block_device_mappings": [ | |
| { | |
| "device_name": "/dev/sda1", | |
| "volume_type": "gp2", | |
| "volume_size": 8, | |
| "encrypted": true, | |
| "delete_on_termination": true | |
| } | |
| ], | |
| "communicator": "ssh", | |
| "ssh_pty": true | |
| } | |
| ], | |
| "provisioners": [ | |
| { | |
| "type": "shell", | |
| "execute_command": "sudo -S sh '{{.Path}}'", | |
| "inline_shebang": "/bin/sh -e -x", | |
| "inline": [ | |
| "echo '** Shreding sensitive data ...'", | |
| "shred -u /etc/ssh/*_key /etc/ssh/*_key.pub", | |
| "shred -u /root/.*history /home/{{user `ssh_username`}}/.*history", | |
| "shred -u /root/.ssh/authorized_keys /home/{{user `ssh_username`}}/.ssh/authorized_keys", | |
| "sync; sleep 1; sync" | |
| ] | |
| } | |
| ] | |
| } Error: packer build encrypt-centos.org-6-ami.json amazon-ebs output will be in this color. ==> amazon-ebs: Prevalidating AMI Name: CentOS Linux 6 x86_64 HVM EBS (encrypted) 20181217 amazon-ebs: Found Image ID: ami-1585c46a ==> amazon-ebs: Creating temporary keypair: packer_5c1738eb-820f-a61a-b9a1-2b92719d9d70 ==> amazon-ebs: Creating temporary security group for this instance: packer_5c1738ed-c4e0-a8ec-3f59-26250a9d6731 ==> amazon-ebs: Authorizing access to port 22 from 0.0.0.0/0 in the temporary security group... ==> amazon-ebs: Launching a source AWS instance... ==> amazon-ebs: Adding tags to source instance amazon-ebs: Adding tag: "Name": "Packer Builder" amazon-ebs: Instance ID: i-054aa39be987b978d ==> amazon-ebs: Waiting for instance (i-054aa39be987b978d) to become ready... ==> amazon-ebs: Using ssh communicator to connect: 54.174.45.106 ==> amazon-ebs: Waiting for SSH to become available... ==> amazon-ebs: Connected to SSH! ==> amazon-ebs: Provisioning with shell script: /tmp/packer-shell065867417 amazon-ebs: ** Shreding sensitive data ... amazon-ebs: shred: /root/.*history: failed to open for writing: No such file or directory amazon-ebs: shred: /home/centos/.*history: failed to open for writing: No such file or directory ==> amazon-ebs: Stopping the source instance... amazon-ebs: Stopping instance, attempt 1 ==> amazon-ebs: Waiting for the instance to stop... ==> amazon-ebs: Creating unencrypted AMI by83mJV from instance i-054aa39be987b978d ==> amazon-ebs: Error creating AMI: InvalidBlockDeviceMapping: the encrypted flag cannot be specified since device /dev/sda1 has a conflicting encryption setting. ==> amazon-ebs: status code: 400, request id: 1629781b-5404-43a5-9e8b-be562eaef8e4 ==> amazon-ebs: Terminating the source AWS instance... ==> amazon-ebs: Cleaning up any extra volumes... ==> amazon-ebs: Destroying volume (vol-04942687a8fb4c7fa)... ==> amazon-ebs: Deleting temporary security group... ==> amazon-ebs: Deleting temporary keypair... Build 'amazon-ebs' errored: Error creating AMI: InvalidBlockDeviceMapping: the encrypted flag cannot be specified since device /dev/sda1 has a conflicting encryption setting. status code: 400, request id: 1629781b-5404-43a5-9e8b-be562eaef8e4 ==> Some builds didn't complete successfully and had errors: --> amazon-ebs: Error creating AMI: InvalidBlockDeviceMapping: the encrypted flag cannot be specified since device /dev/sda1 has a conflicting encryption setting. status code: 400, request id: 1629781b-5404-43a5-9e8b-be562eaef8e4 |
Rickard von Essen
Dec 17, 2018, 1:08:32 AM12/17/18
to packe...@googlegroups.com
This issue looks similar
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/e417cc09-4bb3-4fb9-957f-a08181666949%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Frank Dias
Dec 17, 2018, 9:01:13 AM12/17/18
to Packer
Thanks, that helped.
how does one create an image with boot and a second volume encrypted when the source image only has one volume (boot)?
Rickard von Essen
Dec 22, 2018, 7:16:45 AM12/22/18
to packe...@googlegroups.com
You add additional EBS volumes with ami_block_device_mappings or launch_block_device_mappings. See
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/eae788a1-2bc8-49a4-8678-eaca531c4065%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages