github.com/ratanraj/packer@v1.3.2/website/source/intro/getting-started/build-image.html.md (about) 1 --- 2 layout: intro 3 sidebar_current: intro-getting-started-build-image 4 page_title: Build an Image - Getting Started 5 description: |- 6 With Packer installed, let's just dive right into it and build our first 7 image. Our first image will be an Amazon EC2 AMI with Redis pre-installed. 8 This is just an example. Packer can create images for many platforms with 9 anything pre-installed. 10 --- 11 12 # Build an Image 13 14 With Packer installed, let's just dive right into it and build our first image. 15 Our first image will be an [Amazon EC2 AMI](https://aws.amazon.com/ec2/). 16 This is just an example. Packer can create images for [many platforms][platforms]. 17 18 If you don't have an AWS account, [create one now](https://aws.amazon.com/free/). 19 For the example, we'll use a "t2.micro" instance to build our image, which 20 qualifies under the AWS [free-tier](https://aws.amazon.com/free/), meaning it 21 will be free. If you already have an AWS account, you may be charged some amount 22 of money, but it shouldn't be more than a few cents. 23 24 -> **Note:** If you're not using an account that qualifies under the AWS 25 free-tier, you may be charged to run these examples. The charge should only be a 26 few cents, but we're not responsible if it ends up being more. 27 28 Packer can build images for [many platforms][platforms] other than 29 AWS, but AWS requires no additional software installed on your computer and 30 their [free-tier](https://aws.amazon.com/free/) makes it free to use for most 31 people. This is why we chose to use AWS for the example. If you're uncomfortable 32 setting up an AWS account, feel free to follow along as the basic principles 33 apply to the other platforms as well. 34 35 ## The Template 36 37 The configuration file used to define what image we want built and how is called 38 a *template* in Packer terminology. The format of a template is simple 39 [JSON](http://www.json.org/). JSON struck the best balance between 40 human-editable and machine-editable, allowing both hand-made templates as well 41 as machine generated templates to easily be made. 42 43 We'll start by creating the entire template, then we'll go over each section 44 briefly. Create a file `example.json` and fill it with the following contents: 45 46 ```json 47 { 48 "variables": { 49 "aws_access_key": "", 50 "aws_secret_key": "" 51 }, 52 "builders": [{ 53 "type": "amazon-ebs", 54 "access_key": "{{user `aws_access_key`}}", 55 "secret_key": "{{user `aws_secret_key`}}", 56 "region": "us-east-1", 57 "source_ami_filter": { 58 "filters": { 59 "virtualization-type": "hvm", 60 "name": "ubuntu/images/*ubuntu-xenial-16.04-amd64-server-*", 61 "root-device-type": "ebs" 62 }, 63 "owners": ["099720109477"], 64 "most_recent": true 65 }, 66 "instance_type": "t2.micro", 67 "ssh_username": "ubuntu", 68 "ami_name": "packer-example {{timestamp}}" 69 }] 70 } 71 ``` 72 73 When building, you'll pass in `aws_access_key` and `aws_secret_key` as 74 [user variables](/docs/templates/user-variables.html), keeping your secret keys 75 out of the template. You can create security credentials on [this 76 page](https://console.aws.amazon.com/iam/home?#security_credential). An example 77 IAM policy document can be found in the [Amazon EC2 builder 78 docs](/docs/builders/amazon.html). 79 80 This is a basic template that is ready-to-go. It should be immediately 81 recognizable as a normal, basic JSON object. Within the object, the `builders` 82 section contains an array of JSON objects configuring a specific *builder*. A 83 builder is a component of Packer that is responsible for creating a machine and 84 turning that machine into an image. 85 86 In this case, we're only configuring a single builder of type `amazon-ebs`. This 87 is the Amazon EC2 AMI builder that ships with Packer. This builder builds an 88 EBS-backed AMI by launching a source AMI, provisioning on top of that, and 89 re-packaging it into a new AMI. 90 91 The additional keys within the object are configuration for this builder, 92 specifying things such as access keys, the source AMI to build from and more. 93 The exact set of configuration variables available for a builder are specific to 94 each builder and can be found within the [documentation](/docs/index.html). 95 96 Before we take this template and build an image from it, let's validate the 97 template by running `packer validate example.json`. This command checks the 98 syntax as well as the configuration values to verify they look valid. The output 99 should look similar to below, because the template should be valid. If there are 100 any errors, this command will tell you. 101 102 ```text 103 $ packer validate example.json 104 Template validated successfully. 105 ``` 106 107 Next, let's build the image from this template. 108 109 An astute reader may notice that we said earlier we'd be building an image with 110 Redis pre-installed, and yet the template we made doesn't reference Redis 111 anywhere. In fact, this part of the documentation will only cover making a first 112 basic, non-provisioned image. The next section on provisioning will cover 113 installing Redis. 114 115 ## Your First Image 116 117 With a properly validated template, it is time to build your first image. This 118 is done by calling `packer build` with the template file. The output should look 119 similar to below. Note that this process typically takes a few minutes. 120 121 -> **Note:** For the tutorial it is convenient to use the credentials in the 122 command line. However, it is potentially insecure. See our documentation for 123 other ways to [specify Amazon credentials](/docs/builders/amazon.html#specifying-amazon-credentials). 124 125 -> **Note:** When using packer on Windows, replace the single-quotes in the 126 command below with double-quotes. 127 128 ```text 129 $ packer build \ 130 -var 'aws_access_key=YOUR ACCESS KEY' \ 131 -var 'aws_secret_key=YOUR SECRET KEY' \ 132 example.json 133 ==> amazon-ebs: amazon-ebs output will be in this color. 134 135 ==> amazon-ebs: Creating temporary keypair for this instance... 136 ==> amazon-ebs: Creating temporary security group for this instance... 137 ==> amazon-ebs: Authorizing SSH access on the temporary security group... 138 ==> amazon-ebs: Launching a source AWS instance... 139 ==> amazon-ebs: Waiting for instance to become ready... 140 ==> amazon-ebs: Connecting to the instance via SSH... 141 ==> amazon-ebs: Stopping the source instance... 142 ==> amazon-ebs: Waiting for the instance to stop... 143 ==> amazon-ebs: Creating the AMI: packer-example 1371856345 144 ==> amazon-ebs: AMI: ami-19601070 145 ==> amazon-ebs: Waiting for AMI to become ready... 146 ==> amazon-ebs: Terminating the source AWS instance... 147 ==> amazon-ebs: Deleting temporary security group... 148 ==> amazon-ebs: Deleting temporary keypair... 149 ==> amazon-ebs: Build finished. 150 151 ==> Builds finished. The artifacts of successful builds are: 152 --> amazon-ebs: AMIs were created: 153 154 us-east-1: ami-19601070 155 ``` 156 157 At the end of running `packer build`, Packer outputs the *artifacts* that were 158 created as part of the build. Artifacts are the results of a build, and 159 typically represent an ID (such as in the case of an AMI) or a set of files 160 (such as for a VMware virtual machine). In this example, we only have a single 161 artifact: the AMI in us-east-1 that was created. 162 163 This AMI is ready to use. If you wanted you could go and launch this AMI right 164 now and it would work great. 165 166 -> **Note:** Your AMI ID will surely be different than the one above. If you 167 try to launch the one in the example output above, you will get an error. If you 168 want to try to launch your AMI, get the ID from the Packer output. 169 170 -> **Note:** If you see a `VPCResourceNotSpecified` error, Packer might not be 171 able to determine the default VPC, which the `t2` instance types require. This 172 can happen if you created your AWS account before `2013-12-04`. You can either 173 change the `instance_type` to `m3.medium`, or specify a VPC. Please see 174 http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html for more 175 information. If you specify a `vpc_id`, you will also need to set `subnet_id`. 176 Unless you modify your subnet's [IPv4 public addressing attribute]( 177 http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-ip-addressing.html#subnet-public-ip), 178 you will also need to set `associate_public_ip_address` to `true`, or set up a 179 [VPN](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html). 180 181 ## Managing the Image 182 183 Packer only builds images. It does not attempt to manage them in any way. After 184 they're built, it is up to you to launch or destroy them as you see fit. 185 186 After running the above example, your AWS account now has an AMI associated 187 with it. AMIs are stored in S3 by Amazon, so unless you want to be charged 188 about $0.01 per month, you'll probably want to remove it. Remove the AMI by 189 first deregistering it on the [AWS AMI management 190 page](https://console.aws.amazon.com/ec2/home?region=us-east-1#s=Images). Next, 191 delete the associated snapshot on the [AWS snapshot management 192 page](https://console.aws.amazon.com/ec2/home?region=us-east-1#s=Snapshots). 193 194 Congratulations! You've just built your first image with Packer. Although the 195 image was pretty useless in this case (nothing was changed about it), this page 196 should've given you a general idea of how Packer works, what templates are and 197 how to validate and build templates into machine images. 198 199 ## Some more examples: 200 201 ### Another GNU/Linux Example, with provisioners: 202 Create a file named `welcome.txt` and add the following: 203 204 ``` 205 WELCOME TO PACKER! 206 ``` 207 208 Create a file named `example.sh` and add the following: 209 210 211 ```bash 212 #!/bin/bash 213 echo "hello" 214 ``` 215 216 Set your access key and id as environment variables, so we don't need to pass 217 them in through the command line: 218 219 ``` 220 export AWS_ACCESS_KEY_ID=MYACCESSKEYID 221 export AWS_SECRET_ACCESS_KEY=MYSECRETACCESSKEY 222 ``` 223 224 Now save the following text in a file named `firstrun.json`: 225 226 ```json 227 { 228 "variables": { 229 "aws_access_key": "{{env `AWS_ACCESS_KEY_ID`}}", 230 "aws_secret_key": "{{env `AWS_SECRET_ACCESS_KEY`}}", 231 "region": "us-east-1" 232 }, 233 "builders": [ 234 { 235 "access_key": "{{user `aws_access_key`}}", 236 "ami_name": "packer-linux-aws-demo-{{timestamp}}", 237 "instance_type": "t2.micro", 238 "region": "us-east-1", 239 "secret_key": "{{user `aws_secret_key`}}", 240 "source_ami_filter": { 241 "filters": { 242 "virtualization-type": "hvm", 243 "name": "ubuntu/images/*ubuntu-xenial-16.04-amd64-server-*", 244 "root-device-type": "ebs" 245 }, 246 "owners": ["099720109477"], 247 "most_recent": true 248 }, 249 "ssh_username": "ubuntu", 250 "type": "amazon-ebs" 251 } 252 ], 253 "provisioners": [ 254 { 255 "type": "file", 256 "source": "./welcome.txt", 257 "destination": "/home/ubuntu/" 258 }, 259 { 260 "type": "shell", 261 "inline":[ 262 "ls -al /home/ubuntu", 263 "cat /home/ubuntu/welcome.txt" 264 ] 265 }, 266 { 267 "type": "shell", 268 "script": "./example.sh" 269 } 270 ] 271 } 272 ``` 273 274 and to build, run `packer build firstrun.json` 275 276 Note that if you wanted to use a `source_ami` instead of a `source_ami_filter` 277 it might look something like this: `"source_ami": "ami-fce3c696"`. 278 279 Your output will look like this: 280 281 ``` 282 amazon-ebs output will be in this color. 283 284 ==> amazon-ebs: Prevalidating AMI Name: packer-linux-aws-demo-1507231105 285 amazon-ebs: Found Image ID: ami-fce3c696 286 ==> amazon-ebs: Creating temporary keypair: packer_59d68581-e3e6-eb35-4ae3-c98d55cfa04f 287 ==> amazon-ebs: Creating temporary security group for this instance: packer_59d68584-cf8a-d0af-ad82-e058593945ea 288 ==> amazon-ebs: Authorizing access to port 22 on the temporary security group... 289 ==> amazon-ebs: Launching a source AWS instance... 290 ==> amazon-ebs: Adding tags to source instance 291 amazon-ebs: Adding tag: "Name": "Packer Builder" 292 amazon-ebs: Instance ID: i-013e8fb2ced4d714c 293 ==> amazon-ebs: Waiting for instance (i-013e8fb2ced4d714c) to become ready... 294 ==> amazon-ebs: Waiting for SSH to become available... 295 ==> amazon-ebs: Connected to SSH! 296 ==> amazon-ebs: Uploading ./scripts/welcome.txt => /home/ubuntu/ 297 ==> amazon-ebs: Provisioning with shell script: /var/folders/8t/0yb5q0_x6mb2jldqq_vjn3lr0000gn/T/packer-shell661094204 298 amazon-ebs: total 32 299 amazon-ebs: drwxr-xr-x 4 ubuntu ubuntu 4096 Oct 5 19:19 . 300 amazon-ebs: drwxr-xr-x 3 root root 4096 Oct 5 19:19 .. 301 amazon-ebs: -rw-r--r-- 1 ubuntu ubuntu 220 Apr 9 2014 .bash_logout 302 amazon-ebs: -rw-r--r-- 1 ubuntu ubuntu 3637 Apr 9 2014 .bashrc 303 amazon-ebs: drwx------ 2 ubuntu ubuntu 4096 Oct 5 19:19 .cache 304 amazon-ebs: -rw-r--r-- 1 ubuntu ubuntu 675 Apr 9 2014 .profile 305 amazon-ebs: drwx------ 2 ubuntu ubuntu 4096 Oct 5 19:19 .ssh 306 amazon-ebs: -rw-r--r-- 1 ubuntu ubuntu 18 Oct 5 19:19 welcome.txt 307 amazon-ebs: WELCOME TO PACKER! 308 ==> amazon-ebs: Provisioning with shell script: ./example.sh 309 amazon-ebs: hello 310 ==> amazon-ebs: Stopping the source instance... 311 amazon-ebs: Stopping instance, attempt 1 312 ==> amazon-ebs: Waiting for the instance to stop... 313 ==> amazon-ebs: Creating the AMI: packer-linux-aws-demo-1507231105 314 amazon-ebs: AMI: ami-f76ea98d 315 ==> amazon-ebs: Waiting for AMI to become ready... 316 ``` 317 318 ### A Windows Example 319 320 As with the GNU/Linux example above, should you decide to follow along and 321 build an AMI from the example template, provided you qualify for free tier 322 usage, you should not be charged for actually building the AMI. 323 However, please note that you will be charged for storage of the snapshot 324 associated with any AMI that you create. 325 If you wish to avoid further charges, follow the steps in the [Managing the 326 Image](/intro/getting-started/build-image.html#managing-the-image) section 327 above to deregister the created AMI and delete the associated snapshot once 328 you're done. 329 330 Again, in this example, we are making use of an existing AMI available from 331 the Amazon marketplace as the *source* or starting point for building our 332 own AMI. In brief, Packer will spin up the source AMI, connect to it and then 333 run whatever commands or scripts we've configured in our build template to 334 customize the image. Finally, when all is done, Packer will wrap the whole 335 customized package up into a brand new AMI that will be available from the 336 [AWS AMI management page]( 337 https://console.aws.amazon.com/ec2/home?region=us-east-1#s=Images). Any 338 instances we subsequently create from this AMI will have all of our 339 customizations baked in. This is the core benefit we are looking to 340 achieve from using the [Amazon EBS builder](/docs/builders/amazon-ebs.html) 341 in this example. 342 343 Now, all this sounds simple enough right? Well, actually it turns out we 344 need to put in just a *bit* more effort to get things working as we'd like... 345 346 Here's the issue: Out of the box, the instance created from our source AMI 347 is not configured to allow Packer to connect to it. So how do we fix it so 348 that Packer can connect in and customize our instance? 349 350 Well, it turns out that Amazon provides a mechanism that allows us to run a 351 set of *pre-supplied* commands within the instance shortly after the instance 352 starts. Even better, Packer is aware of this mechanism. This gives us the 353 ability to supply Packer with the commands required to configure the instance 354 for a remote connection *in advance*. Once the commands are run, Packer 355 will be able to connect directly in to the instance and make the 356 customizations we need. 357 358 Here's a basic example of a file that will configure the instance to allow 359 Packer to connect in over WinRM. As you will see, we will tell Packer about 360 our intentions by referencing this file and the commands within it from 361 within the `"builders"` section of our 362 [build template](/docs/templates/index.html) that we will create later. 363 364 Note the `<powershell>` and `</powershell>` tags at the top and bottom of 365 the file. These tags tell Amazon we'd like to run the enclosed code with 366 PowerShell. You can also use `<script></script>` tags to enclose any commands 367 that you would normally run in a Command Prompt window. See 368 [Running Commands on Your Windows Instance at Launch]( 369 http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-windows-user-data.html) 370 for more info about what's going on behind the scenes here. 371 372 ```powershell 373 <powershell> 374 # Set administrator password 375 net user Administrator SuperS3cr3t! 376 wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE 377 378 # First, make sure WinRM can't be connected to 379 netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=block 380 381 # Delete any existing WinRM listeners 382 winrm delete winrm/config/listener?Address=*+Transport=HTTP 2>$Null 383 winrm delete winrm/config/listener?Address=*+Transport=HTTPS 2>$Null 384 385 # Create a new WinRM listener and configure 386 winrm create winrm/config/listener?Address=*+Transport=HTTP 387 winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="0"}' 388 winrm set winrm/config '@{MaxTimeoutms="7200000"}' 389 winrm set winrm/config/service '@{AllowUnencrypted="true"}' 390 winrm set winrm/config/service '@{MaxConcurrentOperationsPerUser="12000"}' 391 winrm set winrm/config/service/auth '@{Basic="true"}' 392 winrm set winrm/config/client/auth '@{Basic="true"}' 393 394 # Configure UAC to allow privilege elevation in remote shells 395 $Key = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System' 396 $Setting = 'LocalAccountTokenFilterPolicy' 397 Set-ItemProperty -Path $Key -Name $Setting -Value 1 -Force 398 399 # Configure and restart the WinRM Service; Enable the required firewall exception 400 Stop-Service -Name WinRM 401 Set-Service -Name WinRM -StartupType Automatic 402 netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new action=allow localip=any remoteip=any 403 Start-Service -Name WinRM 404 </powershell> 405 ``` 406 407 Save the above code in a file named `bootstrap_win.txt`. 408 409 -> **A quick aside/warning:**<br /> 410 Windows administrators in the know might be wondering why we haven't simply 411 used a `winrm quickconfig -q` command in the script above, as this would 412 *automatically* set up all of the required elements necessary for connecting 413 over WinRM. Why all the extra effort to configure things manually?<br /> 414 Well, long and short, use of the `winrm quickconfig -q` command can sometimes 415 cause the Packer build to fail shortly after the WinRM connection is 416 established. How?<br /> 417 1. Among other things, as well as setting up the listener for WinRM, the 418 quickconfig command also configures the firewall to allow management messages 419 to be sent over HTTP.<br /> 420 2. This undoes the previous command in the script that configured the 421 firewall to prevent this access.<br /> 422 3. The upshot is that the system is configured and ready to accept WinRM 423 connections earlier than intended.<br /> 424 4. If Packer establishes its WinRM connection immediately after execution of 425 the 'winrm quickconfig -q' command, the later commands within the script that 426 restart the WinRM service will unceremoniously pull the rug out from under 427 the connection.<br /> 428 5. While Packer does *a lot* to ensure the stability of its connection in to 429 your instance, this sort of abuse can prove to be too much and *may* cause 430 your Packer build to stall irrecoverably or fail! 431 432 Now we've got the business of getting Packer connected to our instance 433 taken care of, let's get on with the *real* reason we're doing all this, 434 which is actually configuring and customizing the instance. Again, we do this 435 with [Provisioners](/docs/provisioners/index.html). 436 437 The example config below shows the two different ways of using the [PowerShell 438 provisioner](/docs/provisioners/powershell.html): `inline` and `script`. 439 The first example, `inline`, allows you to provide short snippets of code, and 440 will create the script file for you. The second example allows you to run more 441 complex code by providing the path to a script to run on the guest VM. 442 443 Here's an example of a `sample_script.ps1` that will work with the environment 444 variables we will set in our build template; copy the contents into your own 445 `sample_script.ps1` and provide the path to it in your build template: 446 447 ```powershell 448 Write-Host "PACKER_BUILD_NAME is an env var Packer automatically sets for you." 449 Write-Host "...or you can set it in your builder variables." 450 Write-Host "The default for this builder is:" $Env:PACKER_BUILD_NAME 451 452 Write-Host "The PowerShell provisioner will automatically escape characters" 453 Write-Host "considered special to PowerShell when it encounters them in" 454 Write-Host "your environment variables or in the PowerShell elevated" 455 Write-Host "username/password fields." 456 Write-Host "For example, VAR1 from our config is:" $Env:VAR1 457 Write-Host "Likewise, VAR2 is:" $Env:VAR2 458 Write-Host "VAR3 is:" $Env:VAR3 459 Write-Host "Finally, VAR4 is:" $Env:VAR4 460 Write-Host "None of the special characters needed escaping in the template" 461 ``` 462 463 Finally, we need to create the actual [build template]( 464 /docs/templates/index.html). 465 Remember, this template is the core configuration file that Packer uses to 466 understand what you want to build, and how you want to build it. 467 468 As mentioned earlier, the specific builder we are using in this example 469 is the [Amazon EBS builder](/docs/builders/amazon-ebs.html). 470 The template below demonstrates use of the [`source_ami_filter`]( 471 /docs/builders/amazon-ebs.html#source_ami_filter) configuration option 472 available within the builder for automatically selecting the *latest* 473 suitable source Windows AMI provided by Amazon. 474 We also use the `user_data_file` configuration option provided by the builder 475 to reference the bootstrap file we created earlier. As you will recall, our 476 bootstrap file contained all the commands we needed to supply in advance of 477 actually spinning up the instance, so that later on, our instance is 478 configured to allow Packer to connect in to it. 479 480 The `"provisioners"` section of the template demonstrates use of the 481 [powershell](/docs/provisioners/powershell.html) and 482 [windows-restart](/docs/provisioners/windows-restart.html) provisioners to 483 customize and control the build process: 484 485 ```json 486 { 487 "variables": { 488 "aws_access_key": "{{env `AWS_ACCESS_KEY_ID`}}", 489 "aws_secret_key": "{{env `AWS_SECRET_ACCESS_KEY`}}", 490 "region": "us-east-1" 491 }, 492 "builders": [ 493 { 494 "type": "amazon-ebs", 495 "access_key": "{{ user `aws_access_key` }}", 496 "secret_key": "{{ user `aws_secret_key` }}", 497 "region": "{{ user `region` }}", 498 "instance_type": "t2.micro", 499 "source_ami_filter": { 500 "filters": { 501 "virtualization-type": "hvm", 502 "name": "*Windows_Server-2012-R2*English-64Bit-Base*", 503 "root-device-type": "ebs" 504 }, 505 "most_recent": true, 506 "owners": "amazon" 507 }, 508 "ami_name": "packer-demo-{{timestamp}}", 509 "user_data_file": "./bootstrap_win.txt", 510 "communicator": "winrm", 511 "winrm_username": "Administrator", 512 "winrm_password": "SuperS3cr3t!" 513 } 514 ], 515 "provisioners": [ 516 { 517 "type": "powershell", 518 "environment_vars": ["DEVOPS_LIFE_IMPROVER=PACKER"], 519 "inline": [ 520 "Write-Host \"HELLO NEW USER; WELCOME TO $Env:DEVOPS_LIFE_IMPROVER\"", 521 "Write-Host \"You need to use backtick escapes when using\"", 522 "Write-Host \"characters such as DOLLAR`$ directly in a command\"", 523 "Write-Host \"or in your own scripts.\"" 524 ] 525 }, 526 { 527 "type": "windows-restart" 528 }, 529 { 530 "script": "./sample_script.ps1", 531 "type": "powershell", 532 "environment_vars": [ 533 "VAR1=A$Dollar", 534 "VAR2=A`Backtick", 535 "VAR3=A'SingleQuote", 536 "VAR4=A\"DoubleQuote" 537 ] 538 } 539 ] 540 } 541 ``` 542 543 Save the build template as `firstrun.json`. 544 545 Next we need to set things up so that Packer is able to access and use our 546 AWS account. Set your access key and id as environment variables, so we 547 don't need to pass them in through the command line: 548 549 ``` 550 export AWS_ACCESS_KEY_ID=MYACCESSKEYID 551 export AWS_SECRET_ACCESS_KEY=MYSECRETACCESSKEY 552 ``` 553 554 Finally, we can create our new AMI by running `packer build firstrun.json` 555 556 You should see output like this: 557 558 ``` 559 amazon-ebs output will be in this color. 560 561 ==> amazon-ebs: Prevalidating AMI Name: packer-demo-1518111383 562 amazon-ebs: Found Image ID: ami-013e197b 563 ==> amazon-ebs: Creating temporary keypair: packer_5a7c8a97-f27f-6708-cc3c-6ab9b4688b13 564 ==> amazon-ebs: Creating temporary security group for this instance: packer_5a7c8ab5-444c-13f2-0aa1-18d124cdb975 565 ==> amazon-ebs: Authorizing access to port 5985 from 0.0.0.0/0 in the temporary security group... 566 ==> amazon-ebs: Launching a source AWS instance... 567 ==> amazon-ebs: Adding tags to source instance 568 amazon-ebs: Adding tag: "Name": "Packer Builder" 569 amazon-ebs: Instance ID: i-0c8c808a3b945782a 570 ==> amazon-ebs: Waiting for instance (i-0c8c808a3b945782a) to become ready... 571 ==> amazon-ebs: Skipping waiting for password since WinRM password set... 572 ==> amazon-ebs: Waiting for WinRM to become available... 573 amazon-ebs: WinRM connected. 574 ==> amazon-ebs: Connected to WinRM! 575 ==> amazon-ebs: Provisioning with Powershell... 576 ==> amazon-ebs: Provisioning with powershell script: /var/folders/15/d0f7gdg13rnd1cxp7tgmr55c0000gn/T/packer-powershell-provisioner943573503 577 amazon-ebs: HELLO NEW USER; WELCOME TO PACKER 578 amazon-ebs: You need to use backtick escapes when using 579 amazon-ebs: characters such as DOLLAR$ directly in a command 580 amazon-ebs: or in your own scripts. 581 ==> amazon-ebs: Restarting Machine 582 ==> amazon-ebs: Waiting for machine to restart... 583 amazon-ebs: WIN-NI8N45RPJ23 restarted. 584 ==> amazon-ebs: Machine successfully restarted, moving on 585 ==> amazon-ebs: Provisioning with Powershell... 586 ==> amazon-ebs: Provisioning with powershell script: ./sample_script.ps1 587 amazon-ebs: PACKER_BUILD_NAME is an env var Packer automatically sets for you. 588 amazon-ebs: ...or you can set it in your builder variables. 589 amazon-ebs: The default for this builder is: amazon-ebs 590 amazon-ebs: The PowerShell provisioner will automatically escape characters 591 amazon-ebs: considered special to PowerShell when it encounters them in 592 amazon-ebs: your environment variables or in the PowerShell elevated 593 amazon-ebs: username/password fields. 594 amazon-ebs: For example, VAR1 from our config is: A$Dollar 595 amazon-ebs: Likewise, VAR2 is: A`Backtick 596 amazon-ebs: VAR3 is: A'SingleQuote 597 amazon-ebs: Finally, VAR4 is: A"DoubleQuote 598 amazon-ebs: None of the special characters needed escaping in the template 599 ==> amazon-ebs: Stopping the source instance... 600 amazon-ebs: Stopping instance, attempt 1 601 ==> amazon-ebs: Waiting for the instance to stop... 602 ==> amazon-ebs: Creating the AMI: packer-demo-1518111383 603 amazon-ebs: AMI: ami-f0060c8a 604 ==> amazon-ebs: Waiting for AMI to become ready... 605 ==> amazon-ebs: Terminating the source AWS instance... 606 ==> amazon-ebs: Cleaning up any extra volumes... 607 ==> amazon-ebs: No volumes to clean up, skipping 608 ==> amazon-ebs: Deleting temporary security group... 609 ==> amazon-ebs: Deleting temporary keypair... 610 Build 'amazon-ebs' finished. 611 612 ==> Builds finished. The artifacts of successful builds are: 613 --> amazon-ebs: AMIs were created: 614 us-east-1: ami-f0060c8a 615 ``` 616 617 And if you navigate to your EC2 dashboard you should see your shiny new AMI 618 listed in the main window of the Images -> AMIs section. 619 620 Why stop there though? 621 622 As you'll see, with one simple change to the template above, it's 623 just as easy to create your own Windows 2008 or Windows 2016 AMIs. Just 624 set the value for the name field within `source_ami_filter` as required: 625 626 For Windows 2008 SP2: 627 628 ``` 629 "name": "*Windows_Server-2008-SP2*English-64Bit-Base*", 630 ``` 631 632 For Windows 2016: 633 634 ``` 635 "name": "*Windows_Server-2016-English-Full-Base*", 636 ``` 637 638 The bootstrapping and sample provisioning should work the same across all 639 Windows server versions. 640 641 [platforms]: /docs/builders/index.html