Getting "Startup script not finished yet. Waiting..." message from Packer in Google Compute

Dear Team,

I’m trying to create a CentOS 8 image in google compute cloud via packer by provisioning all my tasks through ansible roles.

Actually, internet to external world from a GCE instance is restricted and it is allowed through a proxy channel. So, I tried to update my /etc/yum.conf file using shell provisioner. But it was throwing error that it is unable to write a file under /etc.

So, I created a yum.conf file with proxy entry included in it and inserted it to the target VM via startup_script_file from builder section itself. The file got replaced during the VM boot up and I’m able to reach internet during the provisioning phase (for package installation).

my packer.json file:
“builders”: [
“type”: “googlecompute”,
“account_file”: “service-key.json”,
“project_id”: “xxxxxxx”,
“source_image”: “{{user ami_id}}”,
“source_image_family”: “centos-8”,
“network”: “yyyyyyyy”,
“subnetwork”: “zzzzzzzzzzzzzzz”,
“network_project_id”: “wwwwwwwwww”,
“omit_external_ip”: “true”,
“use_internal_ip”: “true”,
“disk_size”: “30”,
“image_name”: “centos8-std-gcp-temp-image-{{timestamp}}”,
“ssh_username”: “centos”,
“zone”: “xxxxxxxxxx”,
“startup_script_file”: “scripts/”,
“metadata”: {
“startup-script-log-dest”: “/opt/script.log”,
“wrap_startup_script”: “true”,
“startup-script-status”: “done”

But at the end of my provisioning phase, it is throwing the below messages and ended up after waiting for a long time.


Could some one please help me to correct my script if I’m missing here.

Guru Mohan G

Hello there, by default Packer wraps any provided startup scripts in a helper script that requires write access to the instance metadata. The message “Startup script not finished yet. Waiting…” is an indicator that the instance service account may not have compute.instance.setMetadata permissions.

In Packer v1.6.1 we added an option to disable Packer’s wrapper script. By adding "wrap_startup_script": false to your JSON configuration file Packer will run your provided startup script as is with no reliance on the instance metadata. You can read more about this option here.

If you are not running v1.6.1 or later, and can’t updated, please check that the service account attached to the instance has 'compute.instance.setMetadata` permissions.

Dear @nywilken,

Thanks a lot for your help!!!

Yes, you’re right, we are using packer version 1.6.0 in our docker image. I believe that due to lack of the above mentioned permission, we are getting this error. I’ll check into it.

By the way, I managed to overcome this issue by creating a file provisioner and copy the yum.conf file which has proxy channel entry included in it to /tmp. And in the following shell provisioner I copied forcefully to the original path ie., /etc/yum.conf.

Now, using the above method I’m able to create an image without any issue.

Appreciate your timely help!!!

Guru Mohan G