Creating a Base Image from Azure Marketplace and storing to Azure Compute Gallery using Packer

Avatar
Mahima Sharma
  • Updated

Introduction: This Knowledge Base (KB) article provides a comprehensive guide on using Packer to create a custom base image from an Azure Marketplace VM image and subsequently storing it in the Azure Compute Gallery. This process enables efficient deployment and management of standardized virtual machine images across your Azure environment.

Prerequisites: Before proceeding, ensure you have completed the following prerequisites:

  • Azure subscription with sufficient permissions to create Azure resources.
  • Azure CLI installed on your local machine or Azure Cloud Shell access.
  • Basic familiarity with Azure Resource Manager (ARM) templates and Packer configuration.
  • Packer installed

Steps to Create and Store a Base Image:

1. Prepare Azure Resources: Ensure the required Azure resources are provisioned:

  • Resource Groups:

    • rg-packer: Used for Packer configuration and resource management.
    • rg-prod-imagegallery-001: Hosts the Azure Compute Gallery where the image will be stored.
    • rg-devops-eastus2-001: Used to define the virtual network (vnet-devops-eastus2-001) and subnet (snet-eastus2-003) where the Packer build process will take place.

  • Compute Gallery:

    • Create a Shared Image Gallery prod-imagegallery-001  in the resource group rg-prod-imagegallery-001 
  • Service Principal and Role Assignments:
    • Create a service principal in Azure AD and assign the Contributor role to necessary resource groups (rg-packer, rg-prod-imagegallery-001 and rg-devops-eastus2-001

  • Key Vault:

    • Create an Azure Key Vault (kvhcprgpacker) in rg-packer to securely store sensitive information such as passwords.

  • Virtual Network and Subnet:

    • Set up a Virtual Network (vnet-devops-eastus2-001) and Subnet (snet-eastus2-003) in rg-devops-eastus2-001 for Packer to use.

2. Configure Packer Build Configuration (packer.pkr.hcl):

packer {
  required_plugins {
    azure = {
      source  = "github.com/hashicorp/azure"
      version = "~> 2"
    }
  }
}
variable "azure_tenant_id" {
  default = "<your tenant id>"
}
 variable "azure_subscription_id" {
  default = "<your subscription id>"
} 
variable "azure_client_id" {
  default = "<your client id>"
}
variable "azure_client_secret" {
  default = "<your client secret>"
}
variable "os_type" {
  default = "<your preferred OS type>"
}
 variable "image_version" {
  default = "latest"
}
 variable "image_sku" {
  default = "<your preferred image sku>"
}
 variable "location" {
  default = "<your preferred location>"
}
 variable "image_publisher" {
  default = "<your preferred image publisher>"
}
 variable "image_offer" {
  default = "<your preferred image offer>"
}
 variable "azure_vm_size" {
  default = "<your preferred vm size>"
}
 variable "image_name" {
  default = "packer-build-windows-image"
}
 source "azure-arm" "windows" {
  tenant_id                         = var.azure_tenant_id
  subscription_id                   = var.azure_subscription_id
  client_id                         = var.azure_client_id
  client_secret                     = var.azure_client_secret
  os_type                           = var.os_type
  image_version                     = var.image_version
  image_sku                         = var.image_sku
  image_publisher                   = var.image_publisher
  image_offer                       = var.image_offer
  vm_size                           = var.azure_vm_size
  build_key_vault_name              = "kvhcprgpacker"
  build_key_vault_secret_name       = "secret-packer-build"
  build_key_vault_sku               = "standard"
  build_resource_group_name         = "rg-packer"
  virtual_network_name              = "vnet-devops-eastus2-001"
  virtual_network_subnet_name       = "snet-eastus2-003"
  virtual_network_resource_group_name = "rg-devops-eastus2-001"
  private_virtual_network_with_public_ip = true
  communicator                      =   "winrm"  
  winrm_insecure                    = true
  winrm_timeout                     = "5m"
  winrm_use_ssl                     = true
  winrm_username                    = "packer"

  shared_image_gallery_destination {
    subscription   = "<your subscription id or name>"
    resource_group = "rg-prod-imagegallery-001"
    gallery_name   = "prod-imagegallery-001"
    image_name     = "Win2019BaseImage"
    image_version  = "1.0.0"
  }
}
build {
  sources = ["source.azure-arm.windows"]
}

3. Create an image Definition:

$az sig image-definition create --resource-group rg-prod-imagegallery-001 --gallery-name prod-imagegallery-001 --gallery-image-definition Win2019BaseImage --publisher MicrosoftWindowsServer  --offer WindowsServer --sku 2016-datacenter-smalldisk-g2 --os-type Windows

4. Execute the Packer build process using the configured hcl file:

$packer init packer.pkr.hcl
 $packer build packer.pkr.hcl

Please note: Feel free to adjust configurations and scripts as per your specific requirements and organizational policies.

Additional Resources:

Articles in this section

Related articles