Running packer via pipeline script

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Running packer via pipeline script

zil...@gmail.com
I'm trying to create an AMI (for Jenkins master in this case), and I have the following Packer template, which as you see needs an SSH_PRIVATE_KEY.

{

  "variables" : {

    "aws_access_key" : "{{ env `AWS_ACCESS_KEY` }}",

    "aws_secret_key" : "{{ env `AWS_SECRET_KEY` }}",

    "ssh_private_key" : "{{ env `SSH_PRIVATE_KEY` }}",

    "aws_ami_us_east_1" : "{{ env `AWS_BASE_AMI` }}",

    "jenkins_master_image_version" : "{{ env `JENKINS_MASTER_IMAGE_VERSION` }}"

  },

  "builders" : [...],

  "provisioners" : [...]

}

I invoke packer in a pipeline, like this

    stage("Create Jenkins AMI") { 

      steps { 

        script { 

          withCredentials([sshUserPrivateKey(credentialsId: "ec2-user-ssh", keyFileVariable: "SSH_PRIVATE_KEY")]) { 

            dir("$env.WORKSPACE/deployment/jenkins/packer") { 

              sh """ 

                 export AWS_BASE_AMI=`aws ec2 describe-images \ 

                   --owners amazon \ 

                   --filters "Name=name,Values=amzn2-ami-hvm-2.0.*.?-x86_64-gp2" "Name=state,Values=available" \ 

                   --query "reverse(sort_by(Images, &CreationDate))[:1].ImageId" \ 

                   --output text` \ 

                   && export JENKINS_MASTER_IMAGE_VERSION=$env.JENKINS_VERSION \

                   && packer build jenkins-ami-master.json 

              """ 

            } 

          } 

        } 

      } 

    } 

Packer builds the temporary instance but fails to ssh to it, and hence can't run my provisioners. what am i missing?


--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/a6e8e440-5426-42e6-9ee5-53785b40fc6cn%40googlegroups.com.
Reply | Threaded
Open this post in threaded view
|

Re: Running packer via pipeline script

zil...@gmail.com
It turns out my builder block was set up with the wrong security group. Once I set this up correctly, the above configuration worked.

On Wednesday, January 13, 2021 at 4:06:35 PM UTC-5 [hidden email] wrote:
I'm trying to create an AMI (for Jenkins master in this case), and I have the following Packer template, which as you see needs an SSH_PRIVATE_KEY.

{

  "variables" : {

    "aws_access_key" : "{{ env `AWS_ACCESS_KEY` }}",

    "aws_secret_key" : "{{ env `AWS_SECRET_KEY` }}",

    "ssh_private_key" : "{{ env `SSH_PRIVATE_KEY` }}",

    "aws_ami_us_east_1" : "{{ env `AWS_BASE_AMI` }}",

    "jenkins_master_image_version" : "{{ env `JENKINS_MASTER_IMAGE_VERSION` }}"

  },

  "builders" : [...],

  "provisioners" : [...]

}

I invoke packer in a pipeline, like this

    stage("Create Jenkins AMI") { 

      steps { 

        script { 

          withCredentials([sshUserPrivateKey(credentialsId: "ec2-user-ssh", keyFileVariable: "SSH_PRIVATE_KEY")]) { 

            dir("$env.WORKSPACE/deployment/jenkins/packer") { 

              sh """ 

                 export AWS_BASE_AMI=`aws ec2 describe-images \ 

                   --owners amazon \ 

                   --filters "Name=name,Values=amzn2-ami-hvm-2.0.*.?-x86_64-gp2" "Name=state,Values=available" \ 

                   --query "reverse(sort_by(Images, &CreationDate))[:1].ImageId" \ 

                   --output text` \ 

                   && export JENKINS_MASTER_IMAGE_VERSION=$env.JENKINS_VERSION \

                   && packer build jenkins-ami-master.json 

              """ 

            } 

          } 

        } 

      } 

    } 

Packer builds the temporary instance but fails to ssh to it, and hence can't run my provisioners. what am i missing?


--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/f15f1276-5f1b-4e29-b30b-98ce1740721cn%40googlegroups.com.