2015-06-23 17:39:29 -04:00
|
|
|
---
|
2017-06-14 21:04:16 -04:00
|
|
|
description: |
|
|
|
|
Communicators are the mechanism Packer uses to upload files, execute scripts,
|
|
|
|
etc. with the machine being created.
|
2017-03-25 18:13:52 -04:00
|
|
|
layout: docs
|
2017-06-14 21:04:16 -04:00
|
|
|
page_title: 'Communicators - Templates'
|
|
|
|
sidebar_current: 'docs-templates-communicators'
|
2015-06-23 17:39:29 -04:00
|
|
|
---
|
|
|
|
|
2017-03-25 18:13:52 -04:00
|
|
|
# Template Communicators
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
Communicators are the mechanism Packer uses to upload files, execute scripts,
|
|
|
|
etc. with the machine being created.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
Communicators are configured within the
|
|
|
|
[builder](/docs/templates/builders.html) section. Packer currently supports
|
|
|
|
three kinds of communicators:
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2017-06-14 21:04:16 -04:00
|
|
|
- `none` - No communicator will be used. If this is set, most provisioners
|
|
|
|
also can't be used.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2017-06-14 21:04:16 -04:00
|
|
|
- `ssh` - An SSH connection will be established to the machine. This is
|
|
|
|
usually the default.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2017-06-14 21:04:16 -04:00
|
|
|
- `winrm` - A WinRM connection will be established.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
In addition to the above, some builders have custom communicators they can use.
|
|
|
|
For example, the Docker builder has a "docker" communicator that uses
|
2015-06-23 17:39:29 -04:00
|
|
|
`docker exec` and `docker cp` to execute scripts and copy files.
|
|
|
|
|
|
|
|
## Using a Communicator
|
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
By default, the SSH communicator is usually used. Additional configuration may
|
|
|
|
not even be necessary, since some builders such as Amazon automatically
|
2015-06-23 17:39:29 -04:00
|
|
|
configure everything.
|
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
However, to specify a communicator, you set the `communicator` key within a
|
|
|
|
build. Multiple builds can have different communicators. Example:
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2017-06-14 21:04:16 -04:00
|
|
|
``` json
|
2015-06-23 17:39:29 -04:00
|
|
|
{
|
2017-03-25 18:13:52 -04:00
|
|
|
"builders": [
|
|
|
|
{
|
|
|
|
"type": "amazon-ebs",
|
|
|
|
"communicator": "ssh"
|
|
|
|
}
|
|
|
|
]
|
2015-06-23 17:39:29 -04:00
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
After specifying the `communicator`, you can specify a number of other
|
|
|
|
configuration parameters for that communicator. These are documented below.
|
|
|
|
|
|
|
|
## SSH Communicator
|
|
|
|
|
2017-11-06 15:37:41 -05:00
|
|
|
The SSH communicator connects to the host via SSH. If you have an SSH agent
|
|
|
|
configured on the host running Packer, and SSH agent authentication is enabled
|
2018-10-26 20:02:51 -04:00
|
|
|
in the communicator config, Packer will automatically forward the SSH agent to
|
|
|
|
the remote host.
|
2015-06-23 17:49:36 -04:00
|
|
|
|
2015-06-23 17:39:29 -04:00
|
|
|
The SSH communicator has the following options:
|
|
|
|
|
2018-04-21 20:50:40 -04:00
|
|
|
- `ssh_agent_auth` (boolean) - If `true`, the local SSH agent will be used to
|
|
|
|
authenticate connections to the remote host. Defaults to `false`.
|
2017-11-06 15:37:41 -05:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `ssh_bastion_agent_auth` (boolean) - If `true`, the local SSH agent will be
|
|
|
|
used to authenticate with the bastion host. Defaults to `false`.
|
2017-05-28 08:05:03 -04:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `ssh_bastion_host` (string) - A bastion host to use for the actual SSH
|
|
|
|
connection.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `ssh_bastion_password` (string) - The password to use to authenticate with
|
|
|
|
the bastion host.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `ssh_bastion_port` (number) - The port of the bastion host. Defaults to
|
|
|
|
`22`.
|
2016-02-19 09:46:24 -05:00
|
|
|
|
2019-01-11 17:06:15 -05:00
|
|
|
- `ssh_bastion_private_key_file` (string) - Path to a PEM encoded private key
|
|
|
|
file to use to authenticate with the bastion host. The `~` can be used in
|
|
|
|
path and will be expanded to the home directory of current user.
|
2016-02-19 09:46:24 -05:00
|
|
|
|
2017-06-14 21:04:16 -04:00
|
|
|
- `ssh_bastion_username` (string) - The username to connect to the bastion
|
2016-02-19 09:46:24 -05:00
|
|
|
host.
|
|
|
|
|
2018-09-14 14:03:23 -04:00
|
|
|
- `ssh_clear_authorized_keys` (boolean) - If true, Packer will attempt to
|
|
|
|
remove its temporary key from `~/.ssh/authorized_keys` and
|
2018-10-26 20:02:51 -04:00
|
|
|
`/root/.ssh/authorized_keys`. This is a mostly cosmetic option, since
|
|
|
|
Packer will delete the temporary private key from the host system
|
|
|
|
regardless of whether this is set to true (unless the user has set the
|
|
|
|
`-debug` flag). Defaults to "false"; currently only works on guests with
|
|
|
|
`sed` installed.
|
2018-09-14 14:03:23 -04:00
|
|
|
|
2017-06-19 10:21:33 -04:00
|
|
|
- `ssh_disable_agent_forwarding` (boolean) - If true, SSH agent forwarding
|
2018-04-21 20:50:40 -04:00
|
|
|
will be disabled. Defaults to `false`.
|
2016-02-19 09:46:24 -05:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `ssh_file_transfer_method` (`scp` or `sftp`) - How to transfer files,
|
|
|
|
Secure copy (default) or SSH File Transfer Protocol.
|
2016-02-19 09:46:24 -05:00
|
|
|
|
2017-10-16 14:23:33 -04:00
|
|
|
- `ssh_handshake_attempts` (number) - The number of handshakes to attempt
|
2018-04-21 20:50:40 -04:00
|
|
|
with SSH once it can connect. This defaults to `10`.
|
2016-02-19 09:46:24 -05:00
|
|
|
|
2017-06-14 21:04:16 -04:00
|
|
|
- `ssh_host` (string) - The address to SSH to. This usually is automatically
|
2016-02-19 09:46:24 -05:00
|
|
|
configured by the builder.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `ssh_keep_alive_interval` (string) - How often to send "keep alive"
|
2018-04-21 20:50:40 -04:00
|
|
|
messages to the server. Set to a negative value (`-1s`) to disable. Example
|
|
|
|
value: `10s`. Defaults to `5s`.
|
2018-01-31 01:00:37 -05:00
|
|
|
|
2019-07-26 17:11:52 -04:00
|
|
|
- `ssh_local_tunnels` (array of strings) - An array of OpenSSH-style tunnels to
|
|
|
|
create. The port is bound on the *local packer host* and connections are
|
2019-08-20 14:55:54 -04:00
|
|
|
forwarded to the remote destination. Note unless `GatewayPorts=yes` is set
|
|
|
|
in SSHD daemon, the target *must* be `localhost`. Example value:
|
|
|
|
`3306:localhost:3306`
|
2019-07-26 17:11:52 -04:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `ssh_password` (string) - A plaintext password to use to authenticate with
|
|
|
|
SSH.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-04-21 20:50:40 -04:00
|
|
|
- `ssh_port` (number) - The port to connect to SSH. This defaults to `22`.
|
2016-02-19 09:46:24 -05:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `ssh_private_key_file` (string) - Path to a PEM encoded private key file to
|
2018-11-06 15:13:31 -05:00
|
|
|
use to authenticate with SSH. The `~` can be used in path and will be
|
|
|
|
expanded to the home directory of current user.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-04-21 20:50:40 -04:00
|
|
|
- `ssh_proxy_host` (string) - A SOCKS proxy host to use for SSH connection
|
|
|
|
|
|
|
|
- `ssh_proxy_password` (string) - The password to use to authenticate with
|
|
|
|
the proxy server. Optional.
|
|
|
|
|
|
|
|
- `ssh_proxy_port` (number) - A port of the SOCKS proxy. Defaults to `1080`.
|
|
|
|
|
|
|
|
- `ssh_proxy_username` (string) - The username to authenticate with the proxy
|
|
|
|
server. Optional.
|
|
|
|
|
|
|
|
- `ssh_pty` (boolean) - If `true`, a PTY will be requested for the SSH
|
|
|
|
connection. This defaults to `false`.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `ssh_read_write_timeout` (string) - The amount of time to wait for a remote
|
|
|
|
command to end. This might be useful if, for example, packer hangs on a
|
|
|
|
connection after a reboot. Example: `5m`. Disabled by default.
|
2018-01-31 02:09:12 -05:00
|
|
|
|
2019-07-26 17:11:52 -04:00
|
|
|
- `ssh_remote_tunnels` (array of strings) - An array of OpenSSH-style tunnels
|
2019-08-20 14:55:54 -04:00
|
|
|
to create. The port is bound on the *remote build host* and connections to it are
|
2019-07-26 17:11:52 -04:00
|
|
|
forwarded to the packer host's network. Non-localhost destinations may be set here.
|
|
|
|
Example value: `8443:git.example.com:443`
|
|
|
|
|
2017-06-14 21:04:16 -04:00
|
|
|
- `ssh_timeout` (string) - The time to wait for SSH to become available.
|
2015-07-19 10:56:00 -04:00
|
|
|
Packer uses this to determine when the machine has booted so this is
|
2018-04-21 20:50:40 -04:00
|
|
|
usually quite long. Example value: `10m`.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `ssh_username` (string) - The username to connect to SSH with. Required if
|
|
|
|
using SSH.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-10-25 03:16:36 -04:00
|
|
|
### SSH Communicator Details
|
|
|
|
|
|
|
|
Packer will only use one authentication method, either `publickey` or if
|
|
|
|
`ssh_password` is used packer will offer `password` and `keyboard-interactive`
|
2018-10-26 20:02:51 -04:00
|
|
|
both sending the password. In other words Packer will not work with *sshd*
|
2018-10-25 03:16:36 -04:00
|
|
|
configured with more than one configured authentication method using
|
|
|
|
`AuthenticationMethods`.
|
|
|
|
|
|
|
|
Packer supports the following ciphers:
|
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- aes128-ctr
|
|
|
|
- aes192-ctr
|
|
|
|
- aes256-ctr
|
|
|
|
- arcfour128
|
|
|
|
- arcfour256
|
|
|
|
- arcfour
|
2019-01-25 15:32:44 -05:00
|
|
|
- `es128-gcm@openssh.com`
|
|
|
|
- `acha20-poly1305@openssh.com`
|
2018-10-25 03:16:36 -04:00
|
|
|
|
|
|
|
And the following MACs:
|
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- hmac-sha1
|
|
|
|
- hmac-sha1-96
|
|
|
|
- hmac-sha2-256
|
2019-01-25 15:32:44 -05:00
|
|
|
- `hmac-sha2-256-etm@openssh.com`
|
2018-10-25 03:16:36 -04:00
|
|
|
|
2015-06-23 17:39:29 -04:00
|
|
|
## WinRM Communicator
|
|
|
|
|
|
|
|
The WinRM communicator has the following options.
|
|
|
|
|
2017-06-14 21:04:16 -04:00
|
|
|
- `winrm_host` (string) - The address for WinRM to connect to.
|
2019-01-11 17:06:15 -05:00
|
|
|
|
|
|
|
NOTE: If using an Amazon EBS builder, you can specify the interface WinRM
|
|
|
|
connects to via
|
|
|
|
[`ssh_interface`](https://www.packer.io/docs/builders/amazon-ebs.html#ssh_interface)
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-04-21 20:50:40 -04:00
|
|
|
- `winrm_insecure` (boolean) - If `true`, do not check server certificate
|
|
|
|
chain and host name.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2017-06-14 21:04:16 -04:00
|
|
|
- `winrm_password` (string) - The password to use to connect to WinRM.
|
2015-06-23 17:39:29 -04:00
|
|
|
|
2018-04-21 20:50:40 -04:00
|
|
|
- `winrm_port` (number) - The WinRM port to connect to. This defaults to
|
|
|
|
`5985` for plain unencrypted connection and `5986` for SSL when
|
|
|
|
`winrm_use_ssl` is set to true.
|
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `winrm_timeout` (string) - The amount of time to wait for WinRM to become
|
|
|
|
available. This defaults to `30m` since setting up a Windows machine
|
|
|
|
generally takes a long time.
|
2016-01-12 21:28:20 -05:00
|
|
|
|
2018-10-26 20:02:51 -04:00
|
|
|
- `winrm_use_ntlm` (boolean) - If `true`, NTLMv2 authentication (with session
|
|
|
|
security) will be used for WinRM, rather than default (basic
|
|
|
|
authentication), removing the requirement for basic authentication to be
|
|
|
|
enabled within the target guest. Further reading for remote connection
|
|
|
|
authentication can be found
|
2018-10-05 01:21:44 -04:00
|
|
|
[here](https://msdn.microsoft.com/en-us/library/aa384295(v=vs.85).aspx).
|
2018-04-21 20:50:40 -04:00
|
|
|
|
|
|
|
- `winrm_use_ssl` (boolean) - If `true`, use HTTPS for WinRM.
|
|
|
|
|
|
|
|
- `winrm_username` (string) - The username to use to connect to WinRM.
|
2019-02-15 18:05:29 -05:00
|
|
|
|
|
|
|
## Pausing Before Connecting
|
|
|
|
We recommend that you enable SSH or WinRM as the very last step in your
|
|
|
|
guest's bootstrap script, but sometimes you may have a race condition where
|
|
|
|
you need Packer to wait before attempting to connect to your guest.
|
|
|
|
|
|
|
|
If you end up in this situation, you can use the template option
|
|
|
|
`pause_before_connecting`. By default, there is no pause. For example:
|
|
|
|
|
2019-04-29 02:20:13 -04:00
|
|
|
```
|
2019-02-15 18:05:29 -05:00
|
|
|
{
|
2019-04-29 02:20:13 -04:00
|
|
|
"communicator": "ssh",
|
2019-02-15 18:05:29 -05:00
|
|
|
"ssh_username": "myuser",
|
|
|
|
"pause_before_connecting": "10m"
|
|
|
|
}
|
2019-04-29 02:20:13 -04:00
|
|
|
```
|
2019-02-15 18:05:29 -05:00
|
|
|
|
2019-04-11 18:26:16 -04:00
|
|
|
In this example, Packer will check whether it can connect, as normal. But once
|
|
|
|
a connection attempt is successful, it will disconnect and then wait 10 minutes
|
|
|
|
before connecting to the guest and beginning provisioning.
|
2019-02-15 18:05:29 -05:00
|
|
|
|
|
|
|
|