2019-10-02 18:13:04 -04:00
---
2020-03-18 18:46:47 -04:00
description: >
The azure-chroot Packer builder is able to create Azure Managed Images
leveraging
a VM in Azure.
2019-10-02 18:13:04 -04:00
layout: docs
2020-03-18 18:46:47 -04:00
page_title: Azure chroot - Builders
2020-04-02 19:39:47 -04:00
sidebar_title: chroot
2019-10-02 18:13:04 -04:00
---
# Azure Builder (chroot)
Type: `azure-chroot`
The `azure-chroot` builder is able to build Azure managed disk (MD) images. For
more information on managed disks, see [Azure Managed Disks Overview](https://docs.microsoft.com/en-us/azure/virtual-machines/windows/managed-disks-overview).
The difference between this builder and the `azure-arm` builder is that this
2019-10-15 18:29:09 -04:00
builder is able to build a managed disk image without launching a new Azure VM
for every build, but instead use an already-running Azure VM. This can
dramatically speed up image builds. It also allows for more deterministic image
content and enables some capabilities that are not possible with the
`azure-arm` builder.
2019-10-02 18:13:04 -04:00
> **This is an advanced builder** If you're just getting started with Packer,
2020-03-31 17:40:07 -04:00
> it is recommend to start with the [azure-arm builder](/docs/builders/azure-arm),
2020-03-18 18:46:47 -04:00
> which is much easier to use.
2019-10-02 18:13:04 -04:00
## How Does it Work?
This builder works by creating a new MD from either an existing source or from
2020-03-18 18:46:47 -04:00
scratch and attaching it to the (already existing) Azure VM where Packer is
2019-10-02 18:13:04 -04:00
running. Once attached, a [chroot](https://en.wikipedia.org/wiki/Chroot) is set
2020-03-31 17:17:24 -04:00
up and made available to the [provisioners](/docs/provisioners).
2019-10-02 19:41:22 -04:00
After provisioning, the MD is detached, snapshotted and a MD image is created.
2019-10-02 18:13:04 -04:00
Using this process, minutes can be shaved off the image creation process
because Packer does not need to launch a VM instance.
There are some restrictions however:
2020-03-18 18:46:47 -04:00
- The host system must be a similar system (generally the same OS version,
2019-10-02 18:13:04 -04:00
kernel versions, etc.) as the image being built.
2020-03-18 18:46:47 -04:00
- If the source is a managed disk, it must be made available in the same
2019-10-02 19:41:22 -04:00
region as the host system.
2020-03-18 18:46:47 -04:00
- The host system SKU has to allow for all of the specified disks to be
2019-10-02 18:13:04 -04:00
attached.
## Configuration Reference
There are many configuration options available for the builder. We'll start
2019-10-02 19:41:22 -04:00
with authentication parameters, then go over the Azure chroot builder specific
options.
2019-10-02 18:13:04 -04:00
### Authentication options
2020-03-18 18:46:47 -04:00
2019-10-02 19:41:22 -04:00
None of the authentication options are required, but depending on which
ones are specified a different authentication method may be used. See the
2020-03-31 17:40:07 -04:00
[shared Azure builders documentation](/docs/builders/azure) for more
2019-10-02 19:41:22 -04:00
information.
2019-10-02 18:13:04 -04:00
2020-03-24 19:48:37 -04:00
@include 'builder/azure/common/client/Config-not-required.mdx'
2019-10-02 18:13:04 -04:00
2019-10-15 18:29:09 -04:00
### Azure chroot builder specific options
2019-10-02 18:13:04 -04:00
#### Required:
2020-03-18 18:46:47 -04:00
2020-03-24 19:48:37 -04:00
@include 'builder/azure/chroot/Config-required.mdx'
2019-10-02 18:13:04 -04:00
#### Optional:
2020-03-18 18:46:47 -04:00
2020-03-24 19:48:37 -04:00
@include 'builder/azure/chroot/Config-not-required.mdx'
2019-10-02 18:13:04 -04:00
2020-04-07 18:42:41 -04:00
#### Output options:
2020-05-29 17:12:05 -04:00
2020-04-07 18:42:41 -04:00
At least one of these options needs to be specified:
2020-05-29 17:12:05 -04:00
- `image_resource_id` (string) - The managed image to create using this build.
- `shared_image_destination` (object) - The shared image to create using this build.
2020-04-07 18:42:41 -04:00
Where `shared_image_destination` is an object with the following properties:
2020-05-29 17:17:23 -04:00
@include 'builder/azure/chroot/SharedImageGalleryDestination-required.mdx'
@include 'builder/azure/chroot/SharedImageGalleryDestination-not-required.mdx'
2020-04-07 18:42:41 -04:00
And `target_regions` is an array of objects with the following properties:
2020-05-29 17:17:23 -04:00
@include 'builder/azure/chroot/TargetRegion-required.mdx'
@include 'builder/azure/chroot/TargetRegion-not-required.mdx'
2020-04-07 18:42:41 -04:00
2019-10-02 18:13:04 -04:00
## Chroot Mounts
The `chroot_mounts` configuration can be used to mount specific devices within
the chroot. By default, the following additional mounts are added into the
chroot by Packer:
2020-03-18 18:46:47 -04:00
- `/proc` (proc)
- `/sys` (sysfs)
- `/dev` (bind to real `/dev`)
- `/dev/pts` (devpts)
- `/proc/sys/fs/binfmt_misc` (binfmt_misc)
2019-10-02 18:13:04 -04:00
These default mounts are usually good enough for anyone and are sane defaults.
However, if you want to change or add the mount points, you may using the
`chroot_mounts` configuration. Here is an example configuration which only
mounts `/prod` and `/dev`:
2020-03-12 10:05:08 -04:00
```json
2019-10-02 18:13:04 -04:00
{
"chroot_mounts": [
["proc", "proc", "/proc"],
["bind", "/dev", "/dev"]
]
}
```
`chroot_mounts` is a list of a 3-tuples of strings. The three components of the
3-tuple, in order, are:
2020-03-18 18:46:47 -04:00
- The filesystem type. If this is "bind", then Packer will properly bind the
filesystem to another mount point.
2019-10-02 18:13:04 -04:00
2020-03-18 18:46:47 -04:00
- The source device.
2019-10-02 18:13:04 -04:00
2020-03-18 18:46:47 -04:00
- The mount directory.
2019-10-02 18:13:04 -04:00
2019-10-04 14:59:11 -04:00
## Additional template function
Because this builder runs on an Azure VM, there is an additional template function
available called `vm`, which returns the following VM metadata:
2020-03-18 18:46:47 -04:00
- name
- subscription_id
- resource_group
- location
- resource_id
2019-10-04 14:59:11 -04:00
This function can be used in the configuration templates, for example, use
2020-03-18 18:46:47 -04:00
2020-03-31 18:47:06 -04:00
```text
2019-10-04 14:59:11 -04:00
"{{ vm `subscription_id` }}"
```
2020-03-18 18:46:47 -04:00
2019-10-04 14:59:11 -04:00
to fill in the subscription ID of the VM in any of the configuration options.
## Examples
2020-03-18 18:46:47 -04:00
2019-10-04 14:59:11 -04:00
Here are some examples using this builder.
2019-10-07 17:38:32 -04:00
This builder requires privileged actions, such as mounting disks, running
`chroot` and other admin commands. Usually it needs to be run with root
permissions, for example:
2020-05-29 17:12:05 -04:00
```shell-session
$ sudo -E packer build example.json
2019-10-07 17:38:32 -04:00
```
2019-10-04 14:59:11 -04:00
### Using a VM with a Managed Identity
2020-03-18 18:46:47 -04:00
2019-10-04 14:59:11 -04:00
On a VM with a system-assigned managed identity that has the contributor role
on its own resource group, the following config can be used to create an
updated Debian image:
2019-10-04 15:00:22 -04:00
2020-03-12 10:05:08 -04:00
```json
2019-10-04 14:59:11 -04:00
{
2020-03-18 18:46:47 -04:00
"builders": [
{
"type": "azure-chroot",
"image_resource_id": "/subscriptions/{{vm `subscription_id`}}/resourceGroups/{{vm `resource_group`}}/providers/Microsoft.Compute/images/MyDebianOSImage-{{timestamp}}",
"source": "credativ:Debian:9:latest"
}
],
"provisioners": [
{
"inline": ["apt-get update", "apt-get upgrade -y"],
"inline_shebang": "/bin/sh -x",
"type": "shell"
}
]
2019-10-04 14:59:11 -04:00
}
```
### Using a Service Principal
2020-03-18 18:46:47 -04:00
2019-10-02 19:52:55 -04:00
Here is an example that creates a Debian image with updated packages. Specify
2019-10-15 18:29:09 -04:00
all environment variables (`ARM_CLIENT_ID`, `ARM_CLIENT_SECRET`,
2019-10-04 14:01:02 -04:00
`ARM_SUBSCRIPTION_ID`) to use a service principal.
2019-10-02 19:52:55 -04:00
The identity you choose should have permission to create disks and images and also
to update your VM.
2019-10-04 14:01:02 -04:00
Set the `ARM_IMAGE_RESOURCEGROUP_ID` variable to an existing resource group in the
subscription where the resulting image will be created.
2019-10-02 19:52:55 -04:00
2020-03-12 10:05:08 -04:00
```json
2019-10-02 19:52:55 -04:00
{
"variables": {
"client_id": "{{env `ARM_CLIENT_ID`}}",
"client_secret": "{{env `ARM_CLIENT_SECRET`}}",
2019-10-04 14:01:02 -04:00
"subscription_id": "{{env `ARM_SUBSCRIPTION_ID`}}",
"resource_group": "{{env `ARM_IMAGE_RESOURCEGROUP_ID`}}"
2019-10-02 19:52:55 -04:00
},
2020-03-18 18:46:47 -04:00
"builders": [
{
"type": "azure-chroot",
"client_id": "{{user `client_id`}}",
"client_secret": "{{user `client_secret`}}",
"subscription_id": "{{user `subscription_id`}}",
"image_resource_id": "/subscriptions/{{user `subscription_id`}}/resourceGroups/{{user `resource_group`}}/providers/Microsoft.Compute/images/MyDebianOSImage-{{timestamp}}",
"source": "credativ:Debian:9:latest"
}
],
"provisioners": [
{
"inline": ["apt-get update", "apt-get upgrade -y"],
"inline_shebang": "/bin/sh -x",
"type": "shell"
}
]
2019-10-02 19:52:55 -04:00
}
2020-03-18 18:46:47 -04:00
```