Packer Image for Windows using GCP

Creating Packer Windows Image in GCP but facing WinRM timeout error and image creation is failing. Require help on the below issue.

Below is the Packer file.

packer {

  required_plugins {

    googlecompute = {

      version = ">= 0.0.1"

      source  = "github.com/hashicorp/googlecompute"

    }

  }

}

variable "region" {

  type    = string

  default = "asia-south1-a"

}

variable "winrm_password" {

  type        = string

  sensitive   = true

  description = "WinRM user password"

  default     = "SuperSecr3t!!!!"

}

variable "skip_create_image" {

  type        = bool

  description = "To skip AMI creation, helpful in testing"

  default     = false

}

locals { timestamp = regex_replace(timestamp(), "[- TZ:]", "") }

# source blocks are generated from your builders; a source can be referenced in

# build blocks. A build block runs provisioner and post-processors on a

# source.

source "googlecompute" "google-windows" {

  project_id   = "mt5-loadtesting"

  source_image = "windows-server-2019-dc-v20200813"

  machine_type = "n1-standard-2"

  zone         = "${var.region}"

  #skip_create_image = "${var.skip_create_image}"

  disk_size = "50"

  user_data_file = "./Bootstrap/bootstrap_win.txt"

  winrm_password = "${var.winrm_password}"

  winrm_username = "packer_user"

  metadata = {

    #windows-startup-script-cmd = "winrm quickconfig -quiet & winrm set winrm/config/service/auth @{Basic=\"true\"}"

    windows-startup-script-cmd = "winrm quickconfig -quiet & net user /add packer_user & net localgroup administrators packer_user /add & net user packer_user ${var.winrm_password} & winrm set winrm/config/service/auth @{Basic=\"true\"}"

  }

}

# a build block invokes sources and runs provisioning steps on them.

build {

  name    = "learn-packer"

  sources = ["source.googlecompute.google-windows"]

  provisioner "windows-shell" {

    inline = [

      "Write-Host \"Testing GCP\""

    ]

  }

  # Running  test PowerShell Script

  provisioner "powershell" {

    script = "./PowerShell/test.ps1"

  }

}

I’m going to be a bit of the blind leading the blind here, but if you have not reviewed these articles they might be of help:

• Configuring WinRM with Powershell
• Vagrant Base WinRM Configuration

What jumps out at me is those example have the following which yours does not have, though I don’t know if they will matter, I am new to this and just recently set up my first Windows Packer script; trying to learn myself:

winrm set winrm/config/winrs @{MaxMemoryPerShellMB="512"}
winrm set winrm/config @{MaxTimeoutms="1800000"}
winrm set winrm/config/service @{AllowUnencrypted="true"}

And:

winrm set "winrm/config/service/auth" '@{CredSSP="true"}'
winrm set "winrm/config/listener?Address=*+Transport=HTTPS" "@{Port=`"5986`";Hostname=`"packer`";CertificateThumbprint=`"$($Cert.Thumbprint)`"}"

Add:

rem update firewall rules to open the right port and to allow remote administration
cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes

rem restart winrm
cmd.exe /c net stop winrm
cmd.exe /c net start winrm

There’s also this example which shows how to configure WinRM in an unattend.xml file

Hope this helps.

Also, it will be great if you can post the solution once you find one. Thanks in advance.

-Mike

Thanks Mike for the information, I have tried Packer with AWS and was successful but I’m facing timeout issue when using GCP only.

Not sure where the issue or any parameters missing while working with GCP.

I have no experience with GCP, so can’t help. Good luck though.

check firewall rule for window port (tcp:5986) open or not
and add role in service account i.e. service account user and compute instance admin v1
thats enough to create image for windows