Windows Builder
Modèles agnostiques de plateforme pour construire des images Windows avec Packer.
Référence: Windows Builders
Note: Les builds Windows entraînent des coûts et des temps significatifs. Comptez 45-120 minutes par build en raison des Windows Updates. Les builds échoués peuvent laisser des ressources en cours d'exécution - vérifiez toujours le nettoyage.
Configuration du communicateur WinRM
Windows nécessite WinRM pour la communication Packer.
Exemple AWS
source "amazon-ebs" "windows" {
region = "us-west-2"
instance_type = "t3.medium"
source_ami_filter {
filters = {
name = "Windows_Server-2022-English-Full-Base-*"
}
most_recent = true
owners = ["amazon"]
}
ami_name = "windows-server-2022-${local.timestamp}"
communicator = "winrm"
winrm_username = "Administrator"
winrm_use_ssl = true
winrm_insecure = true
winrm_timeout = "15m"
user_data_file = "scripts/setup-winrm.ps1"
}Script de configuration WinRM (scripts/setup-winrm.ps1)
<powershell>
# Configure WinRM
winrm quickconfig -q
winrm set winrm/config '@{MaxTimeoutms="1800000"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
# Configure firewall
netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow
netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow
# Restart WinRM
net stop winrm
net start winrm
</powershell>Exemple Azure
source "azure-arm" "windows" {
client_id = var.client_id
client_secret = var.client_secret
subscription_id = var.subscription_id
tenant_id = var.tenant_id
managed_image_resource_group_name = "images-rg"
managed_image_name = "windows-${local.timestamp}"
os_type = "Windows"
image_publisher = "MicrosoftWindowsServer"
image_offer = "WindowsServer"
image_sku = "2022-datacenter-g2"
location = "East US"
vm_size = "Standard_D2s_v3"
# Azure auto-configures WinRM
communicator = "winrm"
winrm_use_ssl = true
winrm_insecure = true
winrm_timeout = "15m"
winrm_username = "packer"
}Provisionneurs PowerShell
Installer des logiciels
build {
sources = ["source.amazon-ebs.windows"]
# Install Chocolatey
provisioner "powershell" {
inline = [
"Set-ExecutionPolicy Bypass -Scope Process -Force",
"iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))"
]
}
# Install applications
provisioner "powershell" {
inline = [
"choco install -y googlechrome",
"choco install -y 7zip",
]
}
# Install IIS
provisioner "powershell" {
inline = [
"Install-WindowsFeature -Name Web-Server -IncludeManagementTools"
]
}
}Windows Updates
provisioner "powershell" {
inline = [
"Install-PackageProvider -Name NuGet -Force",
"Install-Module -Name PSWindowsUpdate -Force",
"Import-Module PSWindowsUpdate",
"Get-WindowsUpdate -Install -AcceptAll -AutoReboot",
]
timeout = "2h"
}
# Wait for reboots
provisioner "windows-restart" {
restart_timeout = "30m"
}Nettoyage
provisioner "powershell" {
inline = [
"# Clear temp files",
"Remove-Item -Path 'C:\\Windows\\Temp\\*' -Recurse -Force -ErrorAction SilentlyContinue",
"# Clear Windows Update cache",
"Stop-Service -Name wuauserv -Force",
"Remove-Item -Path 'C:\\Windows\\SoftwareDistribution\\*' -Recurse -Force -ErrorAction SilentlyContinue",
"Start-Service -Name wuauserv",
]
}Problèmes courants
Délai d'attente WinRM
- Augmentez
winrm_timeoutà 15m ou plus - Vérifiez que le groupe de sécurité autorise les ports 5985/5986
- Vérifiez que le script user data s'est exécuté avec succès
Politique d'exécution PowerShell
provisioner "powershell" {
inline = [
"Set-ExecutionPolicy Bypass -Scope Process -Force",
"# Your commands here",
]
}Temps de build longs
- Windows Updates peuvent prendre 1-2 heures
- Utilisez des images de base pré-patchées quand disponibles
- Définissez le
timeout = "2h"du provisionneur