Repository files navigation

1. Introduction
2. Requirements
3. Configuration
4. Build
5. Troubleshoot
6. Credits

This repository provides infrastructure-as-code examples to automate the creation of virtual machine images and their guest operating systems on VMware vSphere usingHashiCorp Packer and thePacker Plugin for VMware vSphere (vsphere-iso). All examples are authored in the HashiCorp Configuration Language ("HCL2").

Use of this project is mentioned in theVMware Validated Solution: Private Cloud Automation for VMware Cloud Foundation authored by the maintainer. Learn more about this solution atvmware.com/go/vvs.

By default, the machine image artifacts are transferred to avSphere Content Library as an OVF template and the temporary machine image is destroyed. If an item of the same name exists in the target content library, Packer will update the existing item with the new version of OVF template.

The following builds are available:

• VMware Photon OS 4
• Debian 11
• Ubuntu Server 22.04 LTS (cloud-init)
• Ubuntu Server 20.04 LTS (cloud-init)
• Ubuntu Server 18.04 LTS
• Red Hat Enterprise Linux 9 Server
• Red Hat Enterprise Linux 8 Server
• Red Hat Enterprise Linux 7 Server
• AlmaLinux OS 9
• AlmaLinux OS 8
• Rocky Linux 9
• Rocky Linux 8
• CentOS Stream 9
• CentOS Stream 8
• CentOS Linux 7
• SUSE Linux Enterprise Server 15

• Microsoft Windows Server 2022 - Standard and Datacenter
• Microsoft Windows Server 2019 - Standard and Datacenter
• Microsoft Windows 11
• Microsoft Windows 10

Note

• The Microsoft Windows 11 machine image uses a virtual trusted platform module (vTPM). Refer to the VMware vSphereproduct documenation for requirements and pre-requisites.

• The Microsoft Windows 11 machine image is not transferred to the content library by default. It isnot supported to clone an encrypted virtual machine to the content library as an OVF Template. You can adjust the common content library settings to use VM Templates.

Operating Systems:

Operating systems and versions tested with the project:

• VMware Photon OS 4.0 (x86_64)
• Ubuntu Server 22.04 LTS (x86_64)
• macOS Monterey and Ventura (Intel)

Note

If yourAnsible control node already uses OpenSSH >= 9.0 (e.g., macOS Ventura) you must add an additional option to enable scp.

Update theansible/ansible.cfg to include the following:

[ssh_connection]scp_extra_args = "-O"

Packer:

• HashiCorpPacker 1.8.6 or higher.

  Note

  Click on the operating system name to display the installation steps.

  • Photon OS

    PACKER_VERSION="1.8.6"OS_PACKAGES="wget unzip"if [[$(uname -m)=="x86_64" ]];then  LINUX_ARCH="amd64"elif [[$(uname -m)=="aarch64" ]];then  LINUX_ARCH="arm64"fitdnf install${OS_PACKAGES} -ywget -q https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_${LINUX_ARCH}.zipunzip -o -d /usr/local/bin/ packer_${PACKER_VERSION}_linux_${LINUX_ARCH}.zip

  • Ubuntu

    The Terraform packages are signed using a private key controlled by HashiCorp, so you must configure your system to trust that HashiCorp key for package authentication.

    To configure your repository:

    sudo bash -c'wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor > /usr/share/keyrings/hashicorp-archive-keyring.gpg'

    Verify the key's fingerprint:

    gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint

    The fingerprint must match E8A0 32E0 94D8 EB4E A189 D270 DA41 8C88 A321 9F7B. You can also verify the key onSecurity at HashiCorp under Linux Package Checksum Verification.

    Add the official HashiCorp repository to your system:

    sudo bash -c'echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \https://apt.releases.hashicorp.com $(lsb_release -cs) main" > /etc/apt/sources.list.d/hashicorp.list'

    Install Packer from HashiCorp repository:

    sudo apt update&& sudo apt install packer

  • macOS

    brew tap hashicorp/tapbrew install hashicorp/tap/packer

• Packer plugins:

  Note

  Required plugins are automatically downloaded and initialized when using./build.sh. For dark sites, you may download the plugins and place these same directory as your Packer executable/usr/local/bin or$HOME/.packer.d/plugins.

  • HashiCorpPacker Plugin for VMware vSphere (vsphere-iso) 1.1.1 or higher.
  • Packer Plugin for Git 0.3.3 or higher - a community plugin for HashiCorp Packer.
  • Packer Plugin for Windows Updates 0.14.1 or higher - a community plugin for HashiCorp Packer.

Additional Software Packages:

The following additional software packages must be installed on the operating system running Packer.

Note

Click on the operating system name to display the installation steps for all prerequisites.

• Photon OS

  • git command-line tools.

  • ansible-core 2.13.

  • jq A command-line JSON processor.

  • xorriso - A command-line .iso creator.

    pip3 install --user ansible-core==2.13export PATH="$HOME/.local/bin:$PATH"tdnf -y install git jq xorriso

  • HashiCorpTerraform 1.3.9 or higher.

    TERRAFORM_VERSION="1.3.9"OS_PACKAGES="wget unzip"if [[$(uname -m)=="x86_64" ]];then  LINUX_ARCH="amd64"elif [[$(uname -m)=="aarch64" ]];then  LINUX_ARCH="arm64"fitdnf install${OS_PACKAGES} -ywget -q https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_${LINUX_ARCH}.zipunzip -o -d /usr/local/bin/ terraform_${TERRAFORM_VERSION}_linux_${LINUX_ARCH}.zip

• Ubuntu

  • git command-line tools.

  • ansible-core 2.13.

  • jq A command-line JSON processor.

  • xorriso - A command-line .iso creator.

  • mkpasswd - Password generating utility

  • HashiCorpTerraform 1.3.9 or higher.

    pip3 install --user ansible-core==2.13sudo apt -y install git jq xorriso whois terraform

  • gomplate 3.11.3 or higher.

    GOMPLATE_VERSION="3.11.3"LINUX_ARCH="amd64"sudo curl -o /usr/local/bin/gomplate -sSL https://github.com/hairyhenderson/gomplate/releases/download/v${GOMPLATE_VERSION}/gomplate_linux-${LINUX_ARCH}sudo chmod 755 /usr/local/bin/gomplate

• macOS

  • git command-line tools.

  • ansible-core 2.13.

  • jq A command-line JSON processor.

  • Coreutils

  • HashiCorpTerraform 1.3.9 or higher.

  • gomplate 3.11.3 or higher.

    pip3 install --user ansible-core==2.13brew install git jq coreutils hashicorp/tap/terraform gomplate

  • mkpasswd - Password generating utility

    brew install --cask docker

Platform:

• VMware vSphere 7.0 Update 3D or later.

You can choose between two options to get the source code:

1. Download the Release Archive
2. Clone the Repository

TAG_NAME=$(curl -s https://api.github.com/repos/vmware-samples/packer-examples-for-vsphere/releases | jq  -r '.[0].tag_name')TARBALL_URL=$(curl -s https://api.github.com/repos/vmware-samples/packer-examples-for-vsphere/releases | jq  -r '.[0].tarball_url')mkdir packer-examples-for-vspherecd packer-examples-for-vspherecurl -sL $TARBALL_URL | tar xvfz - --strip-components 1git init -b maingit add .git commit -m "Initial commit"git switch -c $TAG_NAME HEAD

Note

You may also clonemain for the latest prerelease updates.

TAG_NAME=$(curl -s https://api.github.com/repos/vmware-samples/packer-examples-for-vsphere/releases | jq  -r '.[0].tag_name')git clone https://github.com/vmware-samples/packer-examples-for-vsphere.gitcd packer-examples-for-vspheregit switch -c $TAG_NAME $TAG_NAME

Warning

A branch is mandatory because it is used for the build version and the virtual machine name. It does not matter if it is based on the HEAD or a release tag.

The directory structure of the repository.

├── build.sh├── build.tmpl├── build.yaml├── CHANGELOG.md├── CODE_OF_CONDUCT.md├── config.sh├── CONTRIBUTING.md├── LICENSE├── MAINTAINERS.md├── NOTICE├── README.md├── set-envvars.sh├── ansible│   ├── ansible.cfg│   ├── main.yml│   └── roles│       └── <role>│           └── *.yml├── artifacts├── builds│   ├── ansible.pkrvars.hcl.example│   ├── build.pkrvars.hcl.example│   ├── common.pkrvars.hcl.example│   ├── proxy.pkrvars.hcl.example│   ├── rhsm.pkrvars.hcl.example│   ├── scc.pkrvars.hcl.example│   ├── vsphere.pkrvars.hcl.example│   ├── linux│   │   └── <distribution>│   │       └── <version>│   │           ├── *.pkr.hcl│   │           ├── *.auto.pkrvars.hcl│   │           └── data│   │               └── ks.pkrtpl.hcl│   └── windows│       └── <distribution>│           └── <version>│               ├── *.pkr.hcl│               ├── *.auto.pkrvars.hcl│               └── data│                   └── autounattend.pkrtpl.hcl├── manifests├── scripts│   ├── linux│   └── windows│       └── *.ps1└── terraform    ├── vsphere-role    │   └── *.tf    └── vsphere-virtual-machine        ├── content-library-ovf-linux-cloud-init        │   └── *.tf        ├── content-library-ovf-linux-cloud-init-hcp-packer        │   └── *.tf        ├── content-library-ovf-linux-guest-customization        │   └── *.tf        ├── content-library-ovf-linux-guest-customization-hcp-packer        │   └── *.tf        ├── content-library-ovf-windows-guest-customization        │   └── *.tf        ├── content-library-ovf-windows-guest-customization-hcp-packer        │   └── *.tf        ├── content-library-template-linux-guest-customization-hcp-packer        │   └── *.tf        ├── content-library-template-windows-guest-customization-hcp-packer        │   └── *.tf        ├── template-linux-cloud-init        │   └── *.tf        ├── template-linux-cloud-init-hcp-packer        │   └── *.tf        ├── template-linux-guest-customization        │   └── *.tf        ├── template-linux-guest-customization-hcp-packer        │   └── *.tf        ├── template-windows-guest-customization        │   └── *.tf        └── template-windows-guest-customization-hcp-packer            └── *.tf

The files are distributed in the following directories.

• ansible - contains the Ansible roles to prepare Linux machine image builds.
• artifacts - contains the OVF artifacts exported by the builds, if enabled.
• builds - contains the templates, variables, and configuration files for the machine image builds.
• scripts - contains the scripts to initialize and prepare Windows machine image builds.
• manifests - manifests created after the completion of the machine image builds.
• terraform - contains example Terraform plans to create a custom role and test machine image builds.

Warning

When forking the project for upstream contribution, please be mindful not to make changes that may expose your sensitive information, such as passwords, keys, certificates, etc.

Create a custom vSphere role with the required privileges to integrate HashiCorp Packer with VMware vSphere. A service account can be added to the role to ensure that Packer has least privilege access to the infrastructure. Clone the defaultRead-Only vSphere role and add the following privileges:

If you would like to automate the creation of the custom vSphere role, a Terraform example is included in the project.

1. Navigate to the directory for the example.

   cd terraform/vsphere-role

2. Duplicate theterraform.tfvars.example file toterraform.tfvars in the directory.

   cp terraform.tfvars.example terraform.tfvars

3. Open theterraform.tfvars file and update the variables according to your environment.

4. Initialize the current directory and the required Terraform provider for VMware vSphere.

   terraform init

5. Create a Terraform plan and save the output to a file.

   terraform plan -out=tfplan

6. Apply the Terraform plan.

   terraform apply tfplan

Once the custom vSphere role is created, assignGlobal Permissions in vSphere for the service account that will be used for the HashiCorp Packer to VMware vSphere integration in the next step. Global permissions are required for the content library. For example:

1. Log in to the vCenter Server at<management_vcenter_server_fqdn>/ui asadministrator@vsphere.local.
2. SelectMenu >Administration.
3. Create service account in vSphere SSO if it does not exist: In the left pane, selectSingle Sign On >Users and Groups and click onUsers, from the dropdown select the domain in which you want to create the user (e.g., rainpole.io) and clickADD, fill all the username (e.g., svc-packer-vsphere) and all required details, then clickADD to create the user.
4. In the left pane, selectAccess control >Global permissions and click theAdd permissions icon.
5. In theAdd permissions dialog box, enter the service account (e.g.,svc-packer-vsphere@rainpole.io), select the custom role (e.g., Packer to vSphere Integration Role) and thePropagate to children checkbox, and click OK.

In an environment with many vCenter Server instances, such as management and workload domains, you may wish to further reduce the scope of access across the infrastructure in vSphere for the service account. For example, if you do not want Packer to have access to your management domain, but only allow access to workload domains:

1. From theHosts and clusters inventory, select management domain vCenter Server to restrict scope, and click thePermissions tab.

2. Select the service account with the custom role assigned and click theEdit.

3. In theChange role dialog box, from theRole drop-down menu, selectNo Access, select thePropagate to children checkbox, and clickOK.

Thevariables are defined in.pkrvars.hcl files.

Run the config script./config.sh to copy the.pkrvars.hcl.example files to theconfig directory.

Theconfig folder is the default folder, You may override the default by passing an alternate value as the first argument.

./config.sh foo./build.sh foo

For example, this is useful for the purposes of running machine image builds for different environment.

San Francisco: us-west-1

./config.sh config/us-west-1./build.sh config/us-west-1

Los Angeles: us-west-2

./config.sh config/us-west-2./build.sh config/us-west-2

Edit theconfig/build.pkrvars.hcl file to configure the following:

• Credentials for the default account on machine images.

Example:config/build.pkrvars.hcl

build_username="rainpole"build_password="<plaintext_password>"build_password_encrypted="<sha512_encrypted_password>"build_key="<public_key>"

You can also override thebuild_key value with contents of a file, if required.

For example:

build_key=file("${path.root}/config/ssh/build_id_ecdsa.pub")

Generate a SHA-512 encrypted password for thebuild_password_encrypted using tools like mkpasswd.

Example: mkpasswd using Docker on Photon:

rainpole@photon>sudo systemctl start dockerrainpole@photon>sudo docker run -it --rm alpine:latestmkpasswd -m sha512Password: ***************[password hash]rainpole@photon>sudo systemctl stop docker

Example: mkpasswd using Docker on macOS:

rainpole@macos>docker run -it --rm alpine:latestmkpasswd -m sha512Password: ***************[password hash]

Example: mkpasswd on Ubuntu:

rainpole@ubuntu>mkpasswd -m sha-512Password: ***************[password hash]

Generate a public key for thebuild_key for public key authentication.

Example: macOS and Linux.

rainpole@macos>ssh-keygen -t ecdsa -b 521 -C"code@rainpole.io"Generating public/private ecdsa key pair.Enter file in which to save the key (/Users/rainpole/.ssh/id_ecdsa):Enter passphrase (empty for no passphrase): **************Enter same passphrase again: **************Your identification has been saved in /Users/rainpole/.ssh/id_ecdsa.Your public key has been saved in /Users/rainpole/.ssh/id_ecdsa.pub.

The content of the public key,build_key, is added the key to the~/.ssh/authorized_keys file of thebuild_username on the guest operating system.

Warning

Replace the default public keys and passwords.

By default, both Public Key Authentication and Password Authentication are enabled for Linux distributions. If you wish to disable Password Authentication and only use Public Key Authentication, comment or remove the portion of the associated Ansibleconfigure role.

Edit theconfig/ansible.pkrvars.hcl file to configure the following:

• Credentials for the Ansible account on Linux machine images.

Example:config/ansible.pkrvars.hcl

ansible_username="ansible"ansible_key="<public_key>"

Note

A random password is generated for the Ansible user.

You can also override theansible_key value with contents of a file, if required.

For example:

ansible_key=file("${path.root}/config/ssh/ansible_id_ecdsa.pub")

Edit theconfig/common.pkrvars.hcl file to configure the following common variables:

• Virtual Machine Settings
• Template and Content Library Settings
• OVF Export Settings
• Removable Media Settings
• Boot and Provisioning Settings
• HCP Packer Registry

Example:config/common.pkrvars.hcl

// Virtual Machine Settingscommon_vm_version=19common_tools_upgrade_policy=truecommon_remove_cdrom=true// Template and Content Library Settingscommon_template_conversion=falsecommon_content_library_name="sfo-w01-lib01"common_content_library_ovf=truecommon_content_library_destroy=true// OVF Export Settingscommon_ovf_export_enabled=falsecommon_ovf_export_overwrite=true// Removable Media Settingscommon_iso_datastore="sfo-w01-cl01-ds-nfs01"// Boot and Provisioning Settingscommon_data_source="http"common_http_ip=nullcommon_http_port_min=8000common_http_port_max=8099common_ip_wait_timeout="20m"common_shutdown_timeout="15m"// HCP Packercommon_hcp_packer_registry_enabled=false

http is the default provisioning data source for Linux machine image builds.

If iptables is enabled on your Packer host, you will need to opencommon_http_port_min throughcommon_http_port_max ports.

Example: Open a port range in iptables.

iptables -A INPUT -p tcp --match multiport --dports 8000:8099 -j ACCEPT`

You can change thecommon_data_source fromhttp todisk to build supported Linux machine images without the need to use Packer's HTTP server. This is useful for environments that may not be able to route back to the system from which Packer is running.

Thecd_content option is used when selectingdisk unless the distribution does not support a secondary CD-ROM. For distributions that do not support a secondary CD-ROM thefloppy_content option is used.

common_data_source="disk"

If you need to define a specific IPv4 address from your host for Packer's HTTP Server, modify thecommon_http_ip variable fromnull to astring value that matches an IP address on your Packer host. For example:

common_http_ip="172.16.11.254"

Edit theconfig/proxy.pkrvars.hcl file to configure the following:

• SOCKS proxy settings used for connecting to Linux machine images.
• Credentials for the proxy server.

Example:config/proxy.pkrvars.hcl

communicator_proxy_host="proxy.rainpole.io"communicator_proxy_port=8080communicator_proxy_username="rainpole"communicator_proxy_password="<plaintext_password>"

Edit theconfig/redhat.pkrvars.hcl file to configure the following:

• Credentials for your Red Hat Subscription Manager account.

Example:config/redhat.pkrvars.hcl

rhsm_username="rainpole"rhsm_password="<plaintext_password>"

These variables areonly used if you are performing a Red Hat Enterprise Linux Server build and are used to register the image with Red Hat Subscription Manager during the build for system updates and package installation. Before the build completes, the machine image is unregistered from Red Hat Subscription Manager.

Edit theconfig/scc.pkrvars.hcl file to configure the following:

• Credentials for your SUSE Customer Connect account.

Example:config/scc.pkrvars.hcl

scc_email="hello@rainpole.io"scc_code="<plaintext_code>"

These variables areonly used if you are performing a SUSE Linux Enterprise Server build and are used to register the image with SUSE Customer Connect during the build for system updates and package installation. Before the build completes, the machine image is unregistered from SUSE Customer Connect.

Edit thebuilds/vsphere.pkrvars.hcl file to configure the following:

• vSphere Endpoint and Credentials
• vSphere Settings

Example:config/vsphere.pkrvars.hcl

vsphere_endpoint="sfo-w01-vc01.sfo.rainpole.io"vsphere_username="svc-packer-vsphere@rainpole.io"vsphere_password="<plaintext_password>"vsphere_insecure_connection=truevsphere_datacenter="sfo-w01-dc01"vsphere_cluster="sfo-w01-cl01"vsphere_datastore="sfo-w01-cl01-ds-vsan01"vsphere_network="sfo-w01-seg-dhcp"vsphere_folder="sfo-w01-fd-templates"

If you prefer not to save potentially sensitive information in cleartext files, you add the variables to environmental variables using the includedset-envvars.sh script:

rainpole@macos>. ./set-envvars.sh

Note

You need to run the script as source or the shorthand ".".

Edit the*.auto.pkrvars.hcl file in eachbuilds/<type>/<build> folder to configure the following virtual machine hardware settings, as required:

• CPUs(int)

• CPU Cores(int)

• Memory in MB(int)

• Primary Disk in MB(int)

• .iso URL(string)

• .iso Path(string)

• .iso File(string)

• .iso Checksum Type(string)

• .iso Checksum Value(string)

  Note

  Allvariables.auto.pkrvars.hcl default to using theVMware Paravirtual SCSI controller and theVMXNET 3 network card device types.

The project supports using a datastore to store your guest operating system.iso files, you must download and upload these to a datastore path.

1. Download the x64 guest operating system.iso files.

   Linux Distributions:

   • VMware Photon OS 4
     • Download the latest release of theFULL.iso image. (e.g.photon-4.0-xxxxxxxxx.iso)
   • Debian 11
     • Download the latestnetinst release.iso image. (e.g.debian-11.x.0-amd64-netinst.iso)
   • Ubuntu Server 22.04 LTS
     • Download the latestLIVE release.iso image. (e.g.,ubuntu-22.04.x-live-server-amd64.iso)
   • Ubuntu Server 20.04 LTS
     • Download the latestLIVE release.iso image. (e.g.,ubuntu-20.04.x-live-server-amd64.iso)
   • Ubuntu Server 18.04 LTS
     • Download the latest legacyNON-LIVE release.iso image. (e.g.,ubuntu-18.04.x-server-amd64.iso)
   • Red Hat Enterprise Linux 9 Server
     • Download the latest release of theFULL.iso image. (e.g.,rhel-baseos-9.x-x86_64-dvd.iso)
   • Red Hat Enterprise Linux 8 Server
     • Download the latest release of theFULL.iso image. (e.g.,rhel-8.x-x86_64-dvd1.iso)
   • Red Hat Enterprise Linux 7 Server
     • Download the latest release of theFULL.iso image. (e.g.,rhel-server-7.x-x86_64-dvd1.iso)
   • AlmaLinux OS 9
     • Download the latest release of theFULL.iso image. (e.g.,AlmaLinux-9.x-x86_64-dvd1.iso)
   • AlmaLinux OS 8
     • Download the latest release of theFULL.iso image. (e.g.,AlmaLinux-8.x-x86_64-dvd1.iso)
   • Rocky Linux 9
     • Download the latest release of theFULL.iso image. (e.g.,Rocky-9.x-x86_64-dvd1.iso)
   • Rocky Linux 8
     • Download the latest release of theFULL.iso image. (e.g.,Rocky-8.x-x86_64-dvd1.iso)
   • CentOS Stream 9
     • Download the latest release of theFULL.iso image. (e.g.,CentOS-Stream-9-latest-x86_64-dvd1.iso)
   • CentOS Stream 8
     • Download the latest release of theFULL.iso image. (e.g.,CentOS-Stream-8-x86_64-latest-dvd1.iso)
   • CentOS Linux 7
     • Download the latest release of theFULL.iso image. (e.g.,CentOS-7-x86_64-DVD.iso)
   • SUSE Linux Enterprise 15 *Download the latest 15.4 release of theFULL.iso image. (e.g.,SLE-15-SP4-Full-x86_64-GM-Media1.iso)
   Microsoft Windows:

   • Microsoft Windows Server 2022
   • Microsoft Windows Server 2019
   • Microsoft Windows 11
   • Microsoft Windows 10

2. Obtain the checksum type (e.g.,sha256,md5, etc.) and checksum value for each guest operating system.iso from the vendor. This will be use in the build input variables.

3. Upload or your guest operating system.iso files to the datastore and update the configuration variables.

   Example:config/common.pkrvars.hcl

   common_iso_datastore="sfo-w01-cl01-ds-nfs01"

   Example:builds/<type>/<build>/*.auto.pkrvars.hcl

   iso_path="iso/linux/photon"iso_file="photon-4.0-xxxxxxxxx.iso"iso_checksum_type="md5"iso_checksum_value="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

If required, modify the configuration files for the Linux distributions and Microsoft Windows.

Username and password variables are passed into the kickstart orcloud-init files for each Linux distribution as Packer template files (.pkrtpl.hcl) to generate these on-demand. Ansible roles are then used to configure the Linux machine image builds.

Variables are passed into theMicrosoft Windows unattend files (autounattend.xml) as Packer template files (autounattend.pkrtpl.hcl) to generate these on-demand. By default, each unattended file is set to use theKMS client setup keys as theProduct Key.

PowerShell scripts are used to configure the Windows machine image builds.

Need help customizing the configuration files?

• VMware Photon OS - Read thePhoton OS Kickstart Documentation.

• Ubuntu Server - Install and run system-config-kickstart on a Ubuntu desktop.

  sudo apt-get install system-config-kickstartssh -X rainpole@ubuntusudo system-config-kickstart

• Red Hat Enterprise Linux (as well as CentOS Linux/Stream, AlmaLinux OS, and Rocky Linux) - Use theRed Hat Kickstart Generator.

• SUSE Linux Enterprise Server - Use theSUSE Configuration Management System.

• Microsoft Windows - Use the Microsoft WindowsAnswer File Generator if you need to customize the provided examples further.

If you are new to HCP Packer, review the following documentation and video to learn more before enabling an HCP Packer registry:

• What is HCP Packer?
• Introduction to HCP Packer

Before you can use the HCP Packer registry, you need to create it by followingCreate HCP Packer Registry procedure.

Edit theconfig/common.pkrvars.hcl file to enable the HCP Packer registry.

// HCP Packercommon_hcp_packer_registry_enabled=true

Then, export your HCP credentials before building.

rainpole@macos>export HCP_CLIENT_ID=<client_id>rainpole@macos>export HCP_CLIENT_SECRET=<client_secret>

Start a build by running the build script (./build.sh). The script presents a menu the which simply calls Packer and the respective build(s).

You can also start a build based on a specific source for some of the virtual machine images.

For example, if you simply want to build a Microsoft Windows Server 2022 Standard Core, run the following:

Initialize the plugins:

rainpole@macos>packer init builds/windows/server/2022/.

Build a specific machine image:

rainpole@macos>packer build -force \      --only vsphere-iso.windows-server-standard-core \      -var-file="config/vsphere.pkrvars.hcl" \      -var-file="config/build.pkrvars.hcl" \      -var-file="config/common.pkrvars.hcl" \      builds/windows/server/2022

You can set your environment variables if you would prefer not to save sensitive information in cleartext files.

You can add these to environmental variables using the includedset-envvars.sh script.

rainpole@macos>. ./set-envvars.sh

Note

You need to run the script as source or the shorthand ".".

Initialize the plugins:

rainpole@macos>packer init builds/windows/server/2022/.

Build a specific machine image using environmental variables:

rainpole@macos>packer build -force \      --only vsphere-iso.windows-server-standard-core \      builds/windows/server/2022

The build script (./build.sh) can be generated using a template (./build.tmpl) and a configuration file in YAML (./build.yaml).

Generate a custom build script:

rainpole@macos>gomplate -c build.yaml -f build.tmpl -o build.sh

Happy building!!!

• ReadDebugging Packer Builds.

• Owen Reynolds@OVDamn

  VMware Tools for Windows installation PowerShell script.