Packer proxy settings

Hi all,

I’m actually using Packer to build AWS AMIs and that works perfectly well.
During the lockdown, I had to use a proxy to reach my company network and so had I to set up proxy settings


“builders” : [
“ssh_proxy_host”: “my_ip”,
“ssh_proxy_port”: my_port


This works very well but I have two issues with that :

1/ If my ssh_config contains a “ProxyCommand”, it will conflict with it and does not let packer reach the newly created instance.

2/ this configuration is specific to my own configuration (proxy) and I’m using it only when I’m at home. So I don’t want to commit it in any way.
As it is contained in a non git-ignored file, it happened several times I commited it.

Event it is my own fault (yes, I should review better before commit :slight_smile: ), I’m wondering if there could be a way to specify ssh proxy properties externally ?
I thought about var files, but as it is a communicator properties (and so defined in builders), it seems not eligible to be defined this way (var files don’t allow arrays)

Am I missing something ? Or could that be something that can be improved ?

Thanks !

Hi, I think you’re on the right track with var files.
Your template would look like:

“builders” : [
“ssh_proxy_host”: "{{ user `proxy_host`}}",
“ssh_proxy_port”: "{{ user `proxy_port`}}"

and you’d want to create a variables file, “vars.json”.

	"proxy_host": "my_ip",
	"proxy_port": "my_port"

Then you can add the vars file to your .gitignore, and call your build with packer build --var-file=vars.json mybuild.json. If you run the build without the vars file, e.g.: packer build mybuild.json, then I believe those variables will default to empty strings, and the build will just default to not using a proxy. Yes, this involves committing a small change to your build file, but it seems like an improvement given that I doubt you’re the only dev on your team who has had to set up some kind of proxy to run a build; this allows your whole team to configure how they need, and has a default that will run normally when run from your office.

1 Like

Hi @SwampDragons

Thanks for the hint !
Unfortunately, this does not work in every case.

When I need a proxy, your solution is OK.
But when the proxy is not needed (as in office or in our CI), it does not work.

Not setting vars or setting them to default (host : ‘’ and port : 0) gives the following error :

Errors validating build 'amazon-ebs'. 1 error(s) decoding:
* cannot parse 'ssh_proxy_port' as int: strconv.ParseInt: parsing "null": invalid syntax

When providing followings values
-var 'proxy_host=null' -var 'proxy_port=0'
gives a SSH timeout error.

Ah, the int defaulting makes things a little trickier, it’s true. But I just tested it out and:

packer build -var ssh_proxy_port=0 example.json,

where example.json contains the builder with proxy options set as

            "ssh_proxy_host": "{{ user `proxy_host`}}",
            "ssh_proxy_port": "{{ user `proxy_port` }}"

works for me.

Your explicitly setting the host to “null” isn’t going to work because saying it is “null” tells Packer that the variable is required. Just leaving it unset means it’ll default to an empty string.

You can also use

packer build -var-file varfile.json example.json

where the var-file contains

	"proxy_host": "",
	"proxy_port": "0"

I just noticed my CI was providing null instead of empty string.
As I don’t want to fight with Jenkins escaping, I’ll just remove the proxy_host var from command :slight_smile:
And indeed, this perfectly works !

Thanks a lot !