iSharkFly-Docs
/
packer-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Document exception to encryption (#10395) 

* Update docs on ebs encrypt_boot to clarify that packer will not override global account settings

* Update struct-markdown generator and regenerate partials with new website location. This overwrites some linting that got automatically applied when the files got moved
This commit is contained in:
Megan Marsh 2020-12-16 01:35:34 -08:00 committed by GitHub
parent eecac40d77
commit 75803397cb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
63 changed files with 678 additions and 719 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
builder/amazon/common/ami_config.go
View File

@ -87,6 +87,11 @@ type AMIConfig struct {
// key and that key is the same as the one you want the image encrypted with
// at the end, then you don't need to set this field; leaving it empty will
// prevent an unnecessary extra copy step and save you some time.
//
// Please note that if you are using an account with the global "Always
// encrypt new EBS volumes" option set to `true`, Packer will be unable to
// override this setting, and the final image will be encryoted whether
// you set this value or not.
AMIEncryptBootVolume config.Trilean `mapstructure:"encrypt_boot" required:"false"`
// ID, alias or ARN of the KMS key to use for AMI encryption. This
// only applies to the main `region` -- any regions the AMI gets copied to

2
cmd/struct-markdown/main.go
View File

@ -152,7 +152,7 @@ func main() {
}
}
dir := filepath.Join(projectRoot, "website", "pages", "partials", builderName)
dir := filepath.Join(projectRoot, "website", "content", "partials", builderName)
os.MkdirAll(dir, 0755)
for _, str := range []Struct{header, required, notRequired} {

7
website/content/partials/builder/alicloud/ecs/AlicloudDiskDevice-not-required.mdx
View File

@ -3,10 +3,13 @@
- `disk_name` (string) - The value of disk name is blank by default. [2,
128] English or Chinese characters, must begin with an
uppercase/lowercase letter or Chinese character. Can contain numbers,
., \_ and -. The disk name will appear on the console. It cannot
., _ and -. The disk name will appear on the console. It cannot
begin with `http://` or `https://`.
- `disk_category` (string) - Category of the system disk. Optional values are: - cloud - general cloud disk - cloud_efficiency - efficiency cloud disk - cloud_ssd - cloud SSD
- `disk_category` (string) - Category of the system disk. Optional values are:
- cloud - general cloud disk
- cloud_efficiency - efficiency cloud disk
- cloud_ssd - cloud SSD
- `disk_size` (int) - Size of the system disk, measured in GiB. Value
range: [20, 500]. The specified value must be equal to or greater

2
website/content/partials/builder/alicloud/ecs/AlicloudImageConfig-not-required.mdx
View File

@ -17,7 +17,7 @@
- `image_copy_names` ([]string) - The name of the destination image, [2, 128] English or Chinese
characters. It must begin with an uppercase/lowercase letter or a
Chinese character, and may contain numbers, \_ or -. It cannot begin with
Chinese character, and may contain numbers, _ or -. It cannot begin with
`http://` or `https://`.
- `image_encrypted` (boolean) - Whether or not to encrypt the target images, including those

6
website/content/partials/builder/alicloud/ecs/RunConfig-not-required.mdx
View File

@ -34,7 +34,7 @@
- `security_group_name` (string) - The security group name. The default value
is blank. [2, 128] English or Chinese characters, must begin with an
uppercase/lowercase letter or Chinese character. Can contain numbers, .,
\_ or -. It cannot begin with `http://` or `https://`.
_ or -. It cannot begin with `http://` or `https://`.
- `user_data` (string) - User data to apply when launching the instance. Note
that you need to be careful about escaping characters due to the templates
@ -49,7 +49,7 @@
- `vpc_name` (string) - The VPC name. The default value is blank. [2, 128]
English or Chinese characters, must begin with an uppercase/lowercase
letter or Chinese character. Can contain numbers, \_ and -. The disk
letter or Chinese character. Can contain numbers, _ and -. The disk
description will appear on the console. Cannot begin with `http://` or
`https://`.
@ -69,7 +69,6 @@
- `internet_charge_type` (string) - Internet charge type, which can be
`PayByTraffic` or `PayByBandwidth`. Optional values:
- `PayByBandwidth`
- `PayByTraffic`
@ -81,7 +80,6 @@
public network, measured in Mbps (Mega bits per second).
Value range:
- `PayByBandwidth`: \[0, 100\]. If this parameter is not specified, API
automatically sets it to 0 Mbps.
- `PayByTraffic`: \[1, 100\]. If this parameter is not specified, an

6
website/content/partials/builder/amazon/chroot/Config-not-required.mdx
View File

@ -97,11 +97,11 @@
```
This selects the most recent Ubuntu 16.04 HVM EBS AMI from Canonical. NOTE:
This will fail unless _exactly_ one AMI is returned. In the above example,
This will fail unless *exactly* one AMI is returned. In the above example,
`most_recent` will cause this to succeed by selecting the newest image.
- `filters` (map of strings) - filters used to select a `source_ami`.
NOTE: This will fail unless _exactly_ one AMI is returned. Any filter
NOTE: This will fail unless *exactly* one AMI is returned. Any filter
described in the docs for
[DescribeImages](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html)
is valid.
@ -121,7 +121,7 @@
criteria provided in `source_ami_filter`; this pins the AMI returned by the
filter, but will cause Packer to fail if the `source_ami` does not exist.
- `root_volume_tags` (map[string]string) - Key/value pair tags to apply to the volumes that are _launched_. This is
- `root_volume_tags` (map[string]string) - Key/value pair tags to apply to the volumes that are *launched*. This is
a [template engine](/docs/templates/engine), see [Build template
data](#build-template-data) for more information.

12
website/content/partials/builder/amazon/common/AMIConfig-not-required.mdx
View File

@ -70,6 +70,11 @@
at the end, then you don't need to set this field; leaving it empty will
prevent an unnecessary extra copy step and save you some time.
Please note that if you are using an account with the global "Always
encrypt new EBS volumes" option set to `true`, Packer will be unable to
override this setting, and the final image will be encryoted whether
you set this value or not.
- `kms_key_id` (string) - ID, alias or ARN of the KMS key to use for AMI encryption. This
only applies to the main `region` -- any regions the AMI gets copied to
copied will be encrypted by the default EBS KMS key for that region,
@ -85,7 +90,7 @@
potentially many minutes at the end of the build by preventing Packer
from having to copy and re-encrypt the image at the end of the build.
For valid formats see _KmsKeyId_ in the [AWS API docs -
For valid formats see *KmsKeyId* in the [AWS API docs -
CopyImage](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CopyImage.html).
This field is validated by Packer, when using an alias, you will have to
prefix `kms_key_id` with `alias/`.
@ -95,9 +100,10 @@
provided in `ami_regions`. If you just want to encrypt using a default
ID, you can stick with `kms_key_id` and `ami_regions`. If you want a
region to be encrypted with that region's default key ID, you can use an
empty string `""` instead of a key id in this map. (e.g. `"us-east-1": ""`) However, you cannot use default key IDs if you are using this in
empty string `""` instead of a key id in this map. (e.g. `"us-east-1":
""`) However, you cannot use default key IDs if you are using this in
conjunction with `snapshot_users` -- in that situation you must use
custom keys. For valid formats see _KmsKeyId_ in the [AWS API docs -
custom keys. For valid formats see *KmsKeyId* in the [AWS API docs -
CopyImage](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CopyImage.html).
This option supercedes the `kms_key_id` option -- if you set both, and

2
website/content/partials/builder/amazon/common/AWSPollingConfig.mdx
View File

@ -5,7 +5,6 @@ volumes or importing image.
Usage example:
In JSON:
```json
"aws_polling" : {
"delay_seconds": 30,
@ -14,7 +13,6 @@ In JSON:
```
In HCL2:
```hcl
aws_polling {
delay_seconds = 30

13
website/content/partials/builder/amazon/common/AccessConfig-not-required.mdx
View File

@ -47,24 +47,23 @@
generating credentials via the Vault engine, see the [Vault
docs.](https://www.vaultproject.io/api/secret/aws#generate-credentials)
If you set this flag, you must also set the below options:
- `name` (string) - Required. Specifies the name of the role to generate
credentials against. This is part of the request URL.
- `engine_name` (string) - The name of the aws secrets engine. In the
Vault docs, this is normally referred to as "aws", and Packer will
default to "aws" if `engine_name` is not set.
- `role_arn` (string)- The ARN of the role to assume if credential_type
on the Vault role is assumed_role. Must match one of the allowed role
- `role_arn` (string)- The ARN of the role to assume if credential\_type
on the Vault role is assumed\_role. Must match one of the allowed role
ARNs in the Vault role. Optional if the Vault role only allows a single
AWS role ARN; required otherwise.
- `ttl` (string) - Specifies the TTL for the use of the STS token. This
is specified as a string with a duration suffix. Valid only when
credential_type is assumed_role or federation_token. When not
specified, the default_sts_ttl set for the role will be used. If that
credential\_type is assumed\_role or federation\_token. When not
specified, the default\_sts\_ttl set for the role will be used. If that
is also not set, then the default value of 3600s will be used. AWS
places limits on the maximum TTL allowed. See the AWS documentation on
the DurationSeconds parameter for AssumeRole (for assumed_role
credential types) and GetFederationToken (for federation_token
the DurationSeconds parameter for AssumeRole (for assumed\_role
credential types) and GetFederationToken (for federation\_token
credential types) for more details.
JSON example:

36
website/content/partials/builder/amazon/common/RunConfig-not-required.mdx
View File

@ -17,7 +17,7 @@
run. For Windows instances, it is sometimes desirable to [run
Sysprep](http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ami-create-standard.html)
which will stop the instance for you. If this is set to `true`, Packer
_will not_ stop the instance but will assume that you will send the stop
*will not* stop the instance but will assume that you will send the stop
signal yourself through your final provisioner. You can do this with a
[windows-shell provisioner](/docs/provisioners/windows-shell). Note that
Packer will still wait for the instance to be stopped, and failing to
@ -26,17 +26,13 @@
An example of a valid windows shutdown command in a `windows-shell`
provisioner is :
```shell-session
ec2config.exe -sysprep
```
or
```sell-session
"%programfiles%\amazon\ec2configservice\"ec2config.exe -sysprep""
```
-> Note: The double quotation marks in the command are not required if
your CMD shell is already in the
`C:\Program Files\Amazon\EC2ConfigService\` directory.
@ -82,7 +78,9 @@
"Version": "2012-10-17",
"Statement": [
{
"Action": ["logs:*"],
"Action": [
"logs:*"
],
"Effect": "Allow",
"Resource": "*"
}
@ -125,7 +123,7 @@
`security_group_ids` take precedence over this.
- `run_tags` (map[string]string) - Key/value pair tags to apply to the instance that is that is _launched_
- `run_tags` (map[string]string) - Key/value pair tags to apply to the instance that is that is *launched*
to create the EBS volumes. This is a [template
engine](/docs/templates/engine), see [Build template
data](#build-template-data) for more information.
@ -149,13 +147,13 @@
field. JSON Example:
```json
"builders"[
"builders" [
{
"type": "amazon-ebs",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "ubuntu/images/*ubuntu-xenial-16.04-amd64-server-*",
"name": "ubuntu/images/\*ubuntu-xenial-16.04-amd64-server-\*",
"root-device-type": "ebs"
},
"owners": ["099720109477"],
@ -164,7 +162,6 @@
}
]
```
HCL2 example:
```hcl
@ -182,11 +179,11 @@
```
This selects the most recent Ubuntu 16.04 HVM EBS AMI from Canonical. NOTE:
This will fail unless _exactly_ one AMI is returned. In the above example,
This will fail unless *exactly* one AMI is returned. In the above example,
`most_recent` will cause this to succeed by selecting the newest image.
- `filters` (map of strings) - filters used to select a `source_ami`.
NOTE: This will fail unless _exactly_ one AMI is returned. Any filter
NOTE: This will fail unless *exactly* one AMI is returned. Any filter
described in the docs for
[DescribeImages](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html)
is valid.
@ -244,7 +241,7 @@
JSON Example:
```json
"builders"[
"builders" [
{
"type": "amazon-ebs",
"subnet_filter": {
@ -257,7 +254,6 @@
}
]
```
HCL2 example:
```hcl
@ -273,12 +269,12 @@
```
This selects the Subnet with tag `Class` with the value `build`, which has
the most free IP addresses. NOTE: This will fail unless _exactly_ one
the most free IP addresses. NOTE: This will fail unless *exactly* one
Subnet is returned. By using `most_free` or `random` one will be selected
from those matching the filter.
- `filters` (map of strings) - filters used to select a `subnet_id`.
NOTE: This will fail unless _exactly_ one Subnet is returned. Any
NOTE: This will fail unless *exactly* one Subnet is returned. Any
filter described in the docs for
[DescribeSubnets](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html)
is valid.
@ -320,7 +316,7 @@
JSON Example:
```json
"builders"[
"builders" [
{
"type": "amazon-ebs",
"vpc_filter": {
@ -333,7 +329,6 @@
}
]
```
HCL2 example:
```hcl
@ -350,10 +345,10 @@
This selects the VPC with tag `Class` with the value `build`, which is not
the default VPC, and have a IPv4 CIDR block of `/24`. NOTE: This will fail
unless _exactly_ one VPC is returned.
unless *exactly* one VPC is returned.
- `filters` (map of strings) - filters used to select a `vpc_id`. NOTE:
This will fail unless _exactly_ one VPC is returned. Any filter
This will fail unless *exactly* one VPC is returned. Any filter
described in the docs for
[DescribeVpcs](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html)
is valid.
@ -386,7 +381,6 @@
Connectivity via the `session_manager` interface establishes a secure tunnel
between the local host and the remote host on an available local port to the specified `ssh_port`.
See [Session Manager Connections](#session-manager-connections) for more information.
- Session manager connectivity is currently only implemented for the SSH communicator, not the WinRM communicator.
- Upon termination the secure tunnel will be terminated automatically, if however there is a failure in
terminating the tunnel it will automatically terminate itself after 20 minutes of inactivity.

6
website/content/partials/builder/amazon/ebs/Config-not-required.mdx
View File

@ -16,8 +16,8 @@
from the source instance. See the
[BlockDevices](#block-devices-configuration) documentation for fields.
- `run_volume_tags` (map[string]string) - Tags to apply to the volumes that are _launched_ to create the AMI.
These tags are _not_ applied to the resulting AMI unless they're
- `run_volume_tags` (map[string]string) - Tags to apply to the volumes that are *launched* to create the AMI.
These tags are *not* applied to the resulting AMI unless they're
duplicated in `tags`. This is a [template
engine](/docs/templates/engine), see [Build template
data](#build-template-data) for more information.
@ -34,5 +34,5 @@
For more information, see
https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/InstanceStorage.html.
Because we don't validate the OS type of your guest, it is up to you to
make sure you don't set this for \*nix guests; behavior may be
make sure you don't set this for *nix guests; behavior may be
unpredictable.

4
website/content/partials/builder/amazon/ebssurrogate/Config-not-required.mdx
View File

@ -16,8 +16,8 @@
from the source instance. See the
[BlockDevices](#block-devices-configuration) documentation for fields.
- `run_volume_tags` (map[string]string) - Tags to apply to the volumes that are _launched_ to create the AMI.
These tags are _not_ applied to the resulting AMI unless they're
- `run_volume_tags` (map[string]string) - Tags to apply to the volumes that are *launched* to create the AMI.
These tags are *not* applied to the resulting AMI unless they're
duplicated in `tags`. This is a [template
engine](/docs/templates/engine), see [Build template
data](#build-template-data) for more information.

4
website/content/partials/builder/amazon/ebsvolume/Config-not-required.mdx
View File

@ -24,13 +24,13 @@
documentation for fields.
- `run_volume_tags` (map[string]string) - Key/value pair tags to apply to the volumes of the instance that is
_launched_ to create EBS Volumes. These tags will _not_ appear in the
*launched* to create EBS Volumes. These tags will *not* appear in the
tags of the resulting EBS volumes unless they're duplicated under `tags`
in the `ebs_volumes` setting. This is a [template
engine](/docs/templates/engine), see [Build template
data](#build-template-data) for more information.
Note: The tags specified here will be _temporarily_ applied to volumes
Note: The tags specified here will be *temporarily* applied to volumes
specified in `ebs_volumes` - but only while the instance is being
created. Packer will replace all tags on the volume with the tags
configured in the `ebs_volumes` section as soon as the instance is

18
website/content/partials/builder/azure/arm/Config-not-required.mdx
View File

@ -13,12 +13,11 @@
- `shared_image_gallery` (SharedImageGallery) - Use a [Shared Gallery
image](https://azure.microsoft.com/en-us/blog/announcing-the-public-preview-of-shared-image-gallery/)
as the source for this build. _VHD targets are incompatible with this
build type_ - the target must be a _Managed Image_. When using shared_image_gallery as a source, image_publisher,
as the source for this build. *VHD targets are incompatible with this
build type* - the target must be a *Managed Image*. When using shared_image_gallery as a source, image_publisher,
image_offer, image_sku, image_version, and custom_managed_image_name should not be set.
In JSON
```json
"shared_image_gallery": {
"subscription": "00000000-0000-0000-0000-00000000000",
@ -30,9 +29,7 @@
"managed_image_name": "TargetImageName",
"managed_image_resource_group_name": "TargetResourceGroup"
```
In HCL2
```hcl
shared_image_gallery {
subscription = "00000000-0000-0000-0000-00000000000"
@ -50,7 +47,6 @@
Following is an example.
In JSON
```json
"shared_image_gallery_destination": {
"subscription": "00000000-0000-0000-0000-00000000000",
@ -63,9 +59,7 @@
"managed_image_name": "TargetImageName",
"managed_image_resource_group_name": "TargetResourceGroup"
```
In HCL2
```hcl
shared_image_gallery_destination {
subscription = "00000000-0000-0000-0000-00000000000"
@ -81,7 +75,8 @@
- `shared_image_gallery_timeout` (duration string | ex: "1h5m2s") - How long to wait for an image to be published to the shared image
gallery before timing out. If your Packer build is failing on the
Publishing to Shared Image Gallery step with the error `Original Error: context deadline exceeded`, but the image is present when you check your
Publishing to Shared Image Gallery step with the error `Original Error:
context deadline exceeded`, but the image is present when you check your
Azure dashboard, then you probably need to increase this timeout from
its default of "60m" (valid time units include `s` for seconds, `m` for
minutes, and `h` for hours.)
@ -209,7 +204,7 @@
Not all Marketplace images support programmatic deployment, and support
is controlled by the image publisher.
An example plan_info object is defined below.
An example plan\_info object is defined below.
```json
{
@ -241,7 +236,8 @@
- `polling_duration_timeout` (duration string | ex: "1h5m2s") - The default PollingDuration for azure is 15mins, this property will override
that value. See [Azure DefaultPollingDuration](https://godoc.org/github.com/Azure/go-autorest/autorest#pkg-constants)
If your Packer build is failing on the
ARM deployment step with the error `Original Error: context deadline exceeded`, then you probably need to increase this timeout from
ARM deployment step with the error `Original Error:
context deadline exceeded`, then you probably need to increase this timeout from
its default of "15m" (valid time units include `s` for seconds, `m` for
minutes, and `h` for hours.)

16
website/content/partials/builder/azure/dtl/Config-not-required.mdx
View File

@ -6,8 +6,8 @@
- `shared_image_gallery` (SharedImageGallery) - Use a [Shared Gallery
image](https://azure.microsoft.com/en-us/blog/announcing-the-public-preview-of-shared-image-gallery/)
as the source for this build. _VHD targets are incompatible with this
build type_ - the target must be a _Managed Image_.
as the source for this build. *VHD targets are incompatible with this
build type* - the target must be a *Managed Image*.
```json
"shared_image_gallery": {
@ -39,7 +39,8 @@
- `shared_image_gallery_timeout` (duration string | ex: "1h5m2s") - How long to wait for an image to be published to the shared image
gallery before timing out. If your Packer build is failing on the
Publishing to Shared Image Gallery step with the error `Original Error: context deadline exceeded`, but the image is present when you check your
Publishing to Shared Image Gallery step with the error `Original Error:
context deadline exceeded`, but the image is present when you check your
Azure dashboard, then you probably need to increase this timeout from
its default of "60m" (valid time units include `s` for seconds, `m` for
minutes, and `h` for hours.)
@ -77,14 +78,14 @@
not set image_publisher, image_offer, image_sku, or image_version.
- `custom_managed_image_resource_group_name` (string) - Specify the source managed image's resource group used to use. If this
value is set, do not set image_publisher, image_offer, image_sku, or
image_version. If this value is set, the value
value is set, do not set image\_publisher, image\_offer, image\_sku, or
image\_version. If this value is set, the value
`custom_managed_image_name` must also be set. See
[documentation](https://docs.microsoft.com/en-us/azure/storage/storage-managed-disks-overview#images)
to learn more about managed images.
- `custom_managed_image_name` (string) - Specify the source managed image's name to use. If this value is set, do
not set image_publisher, image_offer, image_sku, or image_version.
not set image\_publisher, image\_offer, image\_sku, or image\_version.
If this value is set, the value
`custom_managed_image_resource_group_name` must also be set. See
[documentation](https://docs.microsoft.com/en-us/azure/storage/storage-managed-disks-overview#images)
@ -130,7 +131,8 @@
- `polling_duration_timeout` (duration string | ex: "1h5m2s") - The default PollingDuration for azure is 15mins, this property will override
that value. See [Azure DefaultPollingDuration](https://godoc.org/github.com/Azure/go-autorest/autorest#pkg-constants)
If your Packer build is failing on the
ARM deployment step with the error `Original Error: context deadline exceeded`, then you probably need to increase this timeout from
ARM deployment step with the error `Original Error:
context deadline exceeded`, then you probably need to increase this timeout from
its default of "15m" (valid time units include `s` for seconds, `m` for
minutes, and `h` for hours.)

3
website/content/partials/builder/digitalocean/Config-not-required.mdx
View File

@ -26,7 +26,8 @@
- `snapshot_timeout` (duration string | ex: "1h5m2s") - How long to wait for an image to be published to the shared image
gallery before timing out. If your Packer build is failing on the
Publishing to Shared Image Gallery step with the error `Original Error: context deadline exceeded`, but the image is present when you check your
Publishing to Shared Image Gallery step with the error `Original Error:
context deadline exceeded`, but the image is present when you check your
Azure dashboard, then you probably need to increase this timeout from
its default of "60m" (valid time units include `s` for seconds, `m` for
minutes, and `h` for hours.)

6
website/content/partials/builder/docker/Config-not-required.mdx
View File

@ -33,8 +33,10 @@
used. This defaults to true if not set.
- `run_command` ([]string) - An array of arguments to pass to docker run in order to run the
container. By default this is set to `["-d", "-i", "-t", "--entrypoint=/bin/sh", "--", "{{.Image}}"]` if you are using a linux
container, and `["-d", "-i", "-t", "--entrypoint=powershell", "--", "{{.Image}}"]` if you are running a windows container. `{{.Image}}` is a
container. By default this is set to `["-d", "-i", "-t",
"--entrypoint=/bin/sh", "--", "{{.Image}}"]` if you are using a linux
container, and `["-d", "-i", "-t", "--entrypoint=powershell", "--",
"{{.Image}}"]` if you are running a windows container. `{{.Image}}` is a
template variable that corresponds to the image template option. Passing
the entrypoint option this way will make it the default entrypoint of
the resulting image, so running docker run -it --rm will start the

11
website/content/partials/builder/googlecompute/Config-not-required.mdx
View File

@ -50,9 +50,8 @@
- `image_description` (string) - The description of the resulting image.
- `image_encryption_key` (\*CustomerEncryptionKey) - Image encryption key to apply to the created image. Possible values:
- kmsKeyName - The name of the encryption key that is stored in Google Cloud KMS.
- RawKey: - A 256-bit customer-supplied encryption key, encodes in RFC 4648 base64.
* kmsKeyName - The name of the encryption key that is stored in Google Cloud KMS.
* RawKey: - A 256-bit customer-supplied encryption key, encodes in RFC 4648 base64.
examples:
@ -88,7 +87,6 @@
"image_storage_locations": ["us"]
}
```
regional example:
```json
@ -131,7 +129,7 @@
- `on_host_maintenance` (string) - Sets Host Maintenance Option. Valid choices are `MIGRATE` and
`TERMINATE`. Please see [GCE Instance Scheduling
Options](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options),
as not all machine_types support `MIGRATE` (i.e. machines with GPUs).
as not all machine\_types support `MIGRATE` (i.e. machines with GPUs).
If preemptible is true this can only be `TERMINATE`. If preemptible is
false, it defaults to `MIGRATE`
@ -165,7 +163,6 @@
under the `"startup_script"` metadata property. See [Providing startup script contents directly](https://cloud.google.com/compute/docs/startupscript#providing_startup_script_contents_directly) for more details.
When using `startup_script_file` the following rules apply:
- The contents of the script file will overwrite the value of the `"startup_script"` metadata property at runtime.
- The contents of the script file will be wrapped in Packer's startup script wrapper, unless `wrap_startup_script` is disabled. See `wrap_startup_script` for more details.
- Not supported by Windows instances. See [Startup Scripts for Windows](https://cloud.google.com/compute/docs/startupscript#providing_a_startup_script_for_windows_instances) for more details.
@ -174,7 +171,6 @@
If "true", the contents of `startup_script_file` or `"startup_script"` in the instance metadata
is wrapped in a Packer specific script that tracks the execution and completion of the provided
startup script. The wrapper ensures that the builder will not continue until the startup script has been executed.
- The use of the wrapped script file requires that the user or service account
running the build has the compute.instance.Metadata role.
@ -216,7 +212,6 @@
```
Or SSH keys can be added to an associated service account
```shell-session
$ gcloud auth activate-service-account --key-file=<path to service account credentials file (e.g account.json)>
$ gcloud compute os-login ssh-keys add --key-file=/home/user/.ssh/my-key.pub

1
website/content/partials/builder/googlecompute/IAPConfig-not-required.mdx
View File

@ -2,7 +2,6 @@
- `use_iap` (bool) - Whether to use an IAP proxy.
Prerequisites and limitations for using IAP:
- You must manually enable the IAP API in the Google Cloud console.
- You must have the gcloud sdk installed on the computer running Packer.
- You must be using a Service Account with a credentials file (using the

6
website/content/partials/builder/hyperv/common/CommonConfig-not-required.mdx
View File

@ -113,17 +113,15 @@
treatment when choosing a boot device.
For Generation 1:
- `IDE`
- `CD` _or_ `DVD`
- `CD` *or* `DVD`
- `Floppy`
- `NET`
For Generation 2:
- `IDE:x:y`
- `SCSI:x:y`
- `CD` _or_ `DVD`
- `CD` *or* `DVD`
- `NET`
- `boot_order` ([]string) - When configured, the boot order determines the order of the devices

2
website/content/partials/builder/openstack/RunConfig-not-required.mdx
View File

@ -92,4 +92,4 @@
- `openstack_provider` (string) - Not really used, but here for BC
- `use_floating_ip` (bool) - _Deprecated_ use `floating_ip` or `floating_ip_pool` instead.
- `use_floating_ip` (bool) - *Deprecated* use `floating_ip` or `floating_ip_pool` instead.

4
website/content/partials/builder/openstack/RunConfig-required.mdx
View File

@ -31,14 +31,14 @@
```
This selects the most recent production Ubuntu 16.04 shared to you by
the given owner. NOTE: This will fail unless _exactly_ one image is
the given owner. NOTE: This will fail unless *exactly* one image is
returned, or `most_recent` is set to true. In the example of multiple
returned images, `most_recent` will cause this to succeed by selecting
the newest image of the returned images.
- `filters` (map of strings) - filters used to select a
`source_image`.
NOTE: This will fail unless _exactly_ one image is returned, or
NOTE: This will fail unless *exactly* one image is returned, or
`most_recent` is set to true. Of the filters described in
[ImageService](https://developer.openstack.org/api-ref/image/v2/), the
following are valid:

11
website/content/partials/builder/qemu/Config-not-required.mdx
View File

@ -43,7 +43,7 @@
^\* Please be aware that use of the `scsi` disk interface has been
disabled by Red Hat due to a bug described
[here](https://bugzilla.redhat.com/show_bug.cgi?id=1019220). If you are
running Qemu on RHEL or a RHEL variant such as CentOS, you _must_ choose
running Qemu on RHEL or a RHEL variant such as CentOS, you *must* choose
one of the other listed interfaces. Using the `scsi` interface under
these circumstances will cause the build to fail.
@ -161,7 +161,6 @@
The following shows a sample usage:
In JSON:
```json
"qemuargs": [
[ "-m", "1024M" ],
@ -177,7 +176,6 @@
```
In HCL2:
```hcl
qemuargs = [
[ "-m", "1024M" ],
@ -217,7 +215,6 @@
template that can be invoked by `make` in parallel:
In JSON:
```json
"qemuargs": [
[ "-netdev", "user,hostfwd=tcp::{{ .SSHHostPort }}-:22,id=forward"],
@ -226,7 +223,6 @@
```
In HCL2:
```hcl
qemuargs = [
[ "-netdev", "user,hostfwd=tcp::{{ .SSHHostPort }}-:22,id=forward"],
@ -243,14 +239,11 @@
`{{ .HTTPIP }}`, `{{ .HTTPPort }}`, `{{ .HTTPDir }}`,
`{{ .OutputDir }}`, `{{ .Name }}`, and `{{ .SSHHostPort }}`
```
- `qemu_img_args` (QemuImgArgs) - A map of custom arguments to pass to qemu-img commands, where the key
is the subcommand, and the values are lists of strings for each flag.
Example:
In JSON:
```json
{
"qemu_img_args": {
@ -258,13 +251,11 @@
"resize": ["-foo", "bar"]
}
```
Please note
that unlike qemuargs, these commands are not split into switch-value
sub-arrays, because the basic elements in qemu-img calls are unlikely
to need an actual override.
The arguments will be constructed as follows:
- Convert:
Default is `qemu-img convert -O $format $sourcepath $targetpath`. Adding
arguments ["-foo", "bar"] to qemu_img_args.convert will change this to

5
website/content/partials/builder/tencentcloud/cvm/TencentCloudRunConfig-not-required.mdx
View File

@ -24,7 +24,6 @@
type for all data disks, and each data disk size will use the origin
value in source image.
The data disks allow for the following argument:
- `disk_type` - Type of the data disk. Valid choices: `CLOUD_BASIC`, `CLOUD_PREMIUM` and `CLOUD_SSD`.
- `disk_size` - Size of the data disk.
- `disk_snapshot_id` - Id of the snapshot for a data disk.
@ -61,8 +60,8 @@
- `host_name` (string) - host name.
- `run_tags` (map[string]string) - Key/value pair tags to apply to the instance that is _launched_ to
create the image. These tags are _not_ applied to the resulting image.
- `run_tags` (map[string]string) - Key/value pair tags to apply to the instance that is *launched* to
create the image. These tags are *not* applied to the resulting image.
- `run_tag` ([]{key string, value string}) - Same as [`run_tags`](#run_tags) but defined as a singular repeatable
block containing a `key` and a `value` field. In HCL2 mode the

1
website/content/partials/builder/ucloud/common/RunConfig-not-required.mdx
View File

@ -39,7 +39,6 @@
- `min_cpu_platform` (string) - Specifies a minimum CPU platform for the the VM instance. (Default: `Intel/Auto`).
You may refer to [min_cpu_platform](https://docs.ucloud.cn/uhost/introduction/uhost/type_new)
- The Intel CPU platform:
- `Intel/Auto` as the Intel CPU platform version will be selected randomly by system;
- `Intel/IvyBridge` as Intel V2, the version of Intel CPU platform selected by system will be `Intel/IvyBridge` and above;

25
website/content/partials/builder/vagrant/Config-not-required.mdx
View File

@ -11,23 +11,22 @@
"md5:{$checksum}", "sha1:{$checksum}", "sha256:{$checksum}",
"sha512:{$checksum}" or "file:{$path}". Here is a list of valid checksum
values:
- md5:090992ba9fd140077b0661cb75f7ce13
- 090992ba9fd140077b0661cb75f7ce13
- sha1:ebfb681885ddf1234c18094a45bbeafd91467911
- ebfb681885ddf1234c18094a45bbeafd91467911
- sha256:ed363350696a726b7932db864dda019bd2017365c9e299627830f06954643f93
- ed363350696a726b7932db864dda019bd2017365c9e299627830f06954643f93
- file:http://releases.ubuntu.com/20.04/MD5SUMS
- file:file://./local/path/file.sum
- file:./local/path/file.sum
- none
* md5:090992ba9fd140077b0661cb75f7ce13
* 090992ba9fd140077b0661cb75f7ce13
* sha1:ebfb681885ddf1234c18094a45bbeafd91467911
* ebfb681885ddf1234c18094a45bbeafd91467911
* sha256:ed363350696a726b7932db864dda019bd2017365c9e299627830f06954643f93
* ed363350696a726b7932db864dda019bd2017365c9e299627830f06954643f93
* file:http://releases.ubuntu.com/20.04/MD5SUMS
* file:file://./local/path/file.sum
* file:./local/path/file.sum
* none
Although the checksum will not be verified when it is set to "none",
this is not recommended since these files can be very large and
corruption does happen from time to time.
- `box_name` (string) - if your source*box is a boxfile that we need to add to Vagrant, this is
the name to give it. If left blank, will default to "packer*" plus your
- `box_name` (string) - if your source_box is a boxfile that we need to add to Vagrant, this is
the name to give it. If left blank, will default to "packer_" plus your
buildname.
- `insert_key` (bool) - If true, Vagrant will automatically insert a keypair to use for SSH,

16
website/content/partials/builder/virtualbox/common/ExportConfig-not-required.mdx
View File

@ -9,25 +9,21 @@
resulting appliance file. Packer JSON configuration file example:
In JSON:
```json
{
"type": "virtualbox-iso",
"export_opts": [
"export_opts":
[
"--manifest",
"--vsys",
"0",
"--description",
"{{user `vm_description`}}",
"--version",
"{{user `vm_version`}}"
"--vsys", "0",
"--description", "{{user `vm_description`}}",
"--version", "{{user `vm_version`}}"
],
"format": "ova"
"format": "ova",
}
```
In HCL2:
```hcl
source "virtualbox-iso" "basic-example" {
export_opts = [

3
website/content/partials/builder/virtualbox/common/RunConfig-not-required.mdx
View File

@ -11,6 +11,7 @@
- `vrdp_port_min` (int) - The minimum and maximum port
to use for VRDP access to the virtual machine. Packer uses a randomly chosen
port in this range that appears available. By default this is 5900 to 6000. The minimum and maximum ports are inclusive.
port in this range that appears available. By default this is 5900 to
6000. The minimum and maximum ports are inclusive.
- `vrdp_port_max` (int) - VRDP Port Max

2
website/content/partials/builder/virtualbox/common/ShutdownConfig-not-required.mdx
View File

@ -20,7 +20,7 @@
- `disable_shutdown` (bool) - Packer normally halts the virtual machine after all provisioners have
run when no `shutdown_command` is defined. If this is set to `true`, Packer
_will not_ halt the virtual machine but will assume that you will send the stop
*will not* halt the virtual machine but will assume that you will send the stop
signal yourself through the preseed.cfg or your final provisioner.
Packer will wait for a default of 5 minutes until the virtual machine is shutdown.
The timeout can be changed using `shutdown_timeout` option.

2
website/content/partials/builder/virtualbox/common/VBoxManageConfig-not-required.mdx
View File

@ -5,7 +5,6 @@
within the virtual machine:
In JSON:
```json
"vboxmanage": [
["modifyvm", "{{.Name}}", "--memory", "1024"],
@ -14,7 +13,6 @@
```
In HCL2:
```hcl
vboxmanage = [
["modifyvm", "{{.Name}}", "--memory", "1024"],

2
website/content/partials/builder/virtualbox/iso/Config-not-required.mdx
View File

@ -24,7 +24,6 @@
and you will need to enable EFI mode for nvme to work, ex:
In JSON:
```json
"vboxmanage": [
[ "modifyvm", "{{.Name}}", "--firmware", "EFI" ],
@ -32,7 +31,6 @@
```
In HCL2:
```hcl
vboxmanage = [
[ "modifyvm", "{{.Name}}", "--firmware", "EFI" ],

21
website/content/partials/builder/virtualbox/ovf/Config-required.mdx
View File

@ -7,17 +7,16 @@
"md5:{$checksum}", "sha1:{$checksum}", "sha256:{$checksum}",
"sha512:{$checksum}" or "file:{$path}". Here is a list of valid checksum
values:
- md5:090992ba9fd140077b0661cb75f7ce13
- 090992ba9fd140077b0661cb75f7ce13
- sha1:ebfb681885ddf1234c18094a45bbeafd91467911
- ebfb681885ddf1234c18094a45bbeafd91467911
- sha256:ed363350696a726b7932db864dda019bd2017365c9e299627830f06954643f93
- ed363350696a726b7932db864dda019bd2017365c9e299627830f06954643f93
- file:http://releases.ubuntu.com/20.04/MD5SUMS
- file:file://./local/path/file.sum
- file:./local/path/file.sum
- none
* md5:090992ba9fd140077b0661cb75f7ce13
* 090992ba9fd140077b0661cb75f7ce13
* sha1:ebfb681885ddf1234c18094a45bbeafd91467911
* ebfb681885ddf1234c18094a45bbeafd91467911
* sha256:ed363350696a726b7932db864dda019bd2017365c9e299627830f06954643f93
* ed363350696a726b7932db864dda019bd2017365c9e299627830f06954643f93
* file:http://releases.ubuntu.com/20.04/MD5SUMS
* file:file://./local/path/file.sum
* file:./local/path/file.sum
* none
Although the checksum will not be verified when it is set to "none",
this is not recommended since these files can be very large and
corruption does happen from time to time.

16
website/content/partials/builder/vmware/common/DiskConfig-not-required.mdx
View File

@ -24,14 +24,14 @@
For desktop VMware clients:
| Type ID | Description |
| ------- | ----------------------------------------------------------------------- |
| `0` | Growable virtual disk contained in a single file (monolithic sparse). |
| `1` | Growable virtual disk split into 2GB files (split sparse). |
| `2` | Preallocated virtual disk contained in a single file (monolithic flat). |
| `3` | Preallocated virtual disk split into 2GB files (split flat). |
| `4` | Preallocated virtual disk compatible with ESX server (VMFS flat). |
| `5` | Compressed disk optimized for streaming. |
Type ID | Description
------- | ---
`0` | Growable virtual disk contained in a single file (monolithic sparse).
`1` | Growable virtual disk split into 2GB files (split sparse).
`2` | Preallocated virtual disk contained in a single file (monolithic flat).
`3` | Preallocated virtual disk split into 2GB files (split flat).
`4` | Preallocated virtual disk compatible with ESX server (VMFS flat).
`5` | Compressed disk optimized for streaming.
The default is `1`.

30
website/content/partials/builder/vmware/common/HWConfig-not-required.mdx
View File

@ -33,57 +33,57 @@
`Type:option1,option2,...`. The field `Type` can be one of the following
values: `FILE`, `DEVICE`, `PIPE`, `AUTO`, or `NONE`.
- `FILE:path(,yield)` - Specifies the path to the local file to be used
* `FILE:path(,yield)` - Specifies the path to the local file to be used
as the serial port.
- `yield` (bool) - This is an optional boolean that specifies
* `yield` (bool) - This is an optional boolean that specifies
whether the vm should yield the cpu when polling the port. By
default, the builder will assume this as `FALSE`.
- `DEVICE:path(,yield)` - Specifies the path to the local device to be
* `DEVICE:path(,yield)` - Specifies the path to the local device to be
  used as the serial port. If `path` is empty, then default to the first
serial port.
- `yield` (bool) - This is an optional boolean that specifies
* `yield` (bool) - This is an optional boolean that specifies
whether the vm should yield the cpu when polling the port. By
default, the builder will assume this as `FALSE`.
- `PIPE:path,endpoint,host(,yield)` - Specifies to use the named-pipe
* `PIPE:path,endpoint,host(,yield)` - Specifies to use the named-pipe
"path" as a serial port. This has a few options that determine how the
VM should use the named-pipe.
- `endpoint` (string) - Chooses the type of the VM-end, which can be
* `endpoint` (string) - Chooses the type of the VM-end, which can be
either a `client` or `server`.
- `host` (string) - Chooses the type of the host-end, which can
* `host` (string) - Chooses the type of the host-end, which can
be either `app` (application) or `vm` (another virtual-machine).
- `yield` (bool) - This is an optional boolean that specifies
* `yield` (bool) - This is an optional boolean that specifies
whether the vm should yield the cpu when polling the port. By
default, the builder will assume this as `FALSE`.
- `AUTO:(yield)` - Specifies to use auto-detection to determine the
* `AUTO:(yield)` - Specifies to use auto-detection to determine the
serial port to use. This has one option to determine how the VM should
support the serial port.
- `yield` (bool) - This is an optional boolean that specifies
* `yield` (bool) - This is an optional boolean that specifies
whether the vm should yield the cpu when polling the port. By
default, the builder will assume this as `FALSE`.
- `NONE` - Specifies to not use a serial port. (default)
* `NONE` - Specifies to not use a serial port. (default)
- `parallel` (string) - This specifies a parallel port to add to the VM. It has the format of
`Type:option1,option2,...`. Type can be one of the following values:
`FILE`, `DEVICE`, `AUTO`, or `NONE`.
- `FILE:path` - Specifies the path to the local file to be used
* `FILE:path` - Specifies the path to the local file to be used
for the parallel port.
- `DEVICE:path` - Specifies the path to the local device to be used
* `DEVICE:path` - Specifies the path to the local device to be used
for the parallel port.
- `AUTO:direction` - Specifies to use auto-detection to determine the
* `AUTO:direction` - Specifies to use auto-detection to determine the
parallel port. Direction can be `BI` to specify bidirectional
communication or `UNI` to specify unidirectional communication.
- `NONE` - Specifies to not use a parallel port. (default)
* `NONE` - Specifies to not use a parallel port. (default)

2
website/content/partials/builder/vmware/common/OutputConfig-not-required.mdx
View File

@ -21,7 +21,7 @@
This option's default value is your `vm_name`, and the final path of your
vm will be vmfs/volumes/$remote_datastore/$vm_name/$vm_name.vmx where
`$remote_datastore`and`$vm_name` match their corresponding template
`$remote_datastore` and `$vm_name` match their corresponding template
options
For example, setting `"remote_output_directory": "path/to/subdir`

5
website/content/partials/builder/vsphere/common/DiskConfig.mdx
View File

@ -5,7 +5,6 @@ Defines the disk storage for a VM.
Example that will create a 15GB and a 20GB disk on the VM. The second disk will be thin provisioned:
In JSON:
```json
"storage": [
{
@ -17,9 +16,7 @@ In JSON:
}
],
```
In HCL2:
```hcl
storage {
disk_size = 15000
@ -33,7 +30,6 @@ In HCL2:
Example that creates 2 pvscsi controllers and adds 2 disks to each one:
In JSON:
```json
"disk_controller_type": ["pvscsi", "pvscsi"],
"storage": [
@ -57,7 +53,6 @@ In JSON:
```
In HCL2:
```hcl
disk_controller_type = ["pvscsi", "pvscsi"]
storage {

12
website/content/partials/builder/vsphere/common/ExportConfig-not-required.mdx
View File

@ -9,25 +9,21 @@
- `manifest` (string) - generate manifest using sha1, sha256, sha512. Defaults to 'sha256'. Use 'none' for no manifest.
- `options` ([]string) - Advanced ovf export options. Options can include:
- mac - MAC address is exported for all ethernet devices
- uuid - UUID is exported for all virtual machines
- extraconfig - all extra configuration options are exported for a virtual machine
- nodevicesubtypes - resource subtypes for CD/DVD drives, floppy drives, and serial and parallel ports are not exported
* mac - MAC address is exported for all ethernet devices
* uuid - UUID is exported for all virtual machines
* extraconfig - all extra configuration options are exported for a virtual machine
* nodevicesubtypes - resource subtypes for CD/DVD drives, floppy drives, and serial and parallel ports are not exported
For example, adding the following export config option would output the mac addresses for all Ethernet devices in the ovf file:
In JSON:
```json
...
"export": {
"options": ["mac"]
},
```
In HCL2:
```hcl
...
export {

4
website/content/partials/builder/vsphere/common/ExportConfig.mdx
View File

@ -5,7 +5,6 @@ You may optionally export an ovf from VSphere to the instance running Packer.
Example usage:
In JSON:
```json
...
"vm_name": "example-ubuntu",
@ -15,9 +14,7 @@ In JSON:
"output_directory": "./output_vsphere"
},
```
In HCL2:
```hcl
# ...
vm_name = "example-ubuntu"
@ -27,7 +24,6 @@ In HCL2:
output_directory = "./output_vsphere"
}
```
The above configuration would create the following files:
```text

2
website/content/partials/builder/vsphere/common/ShutdownConfig-not-required.mdx
View File

@ -10,7 +10,7 @@
- `disable_shutdown` (bool) - Packer normally halts the virtual machine after all provisioners have
run when no `shutdown_command` is defined. If this is set to `true`, Packer
_will not_ halt the virtual machine but will assume that you will send the stop
*will not* halt the virtual machine but will assume that you will send the stop
signal yourself through a preseed.cfg, a script or the final provisioner.
Packer will wait for a default of five minutes until the virtual machine is shutdown.
The timeout can be changed using `shutdown_timeout` option.

6
website/content/partials/builder/vsphere/common/WaitIpConfig-not-required.mdx
View File

@ -15,6 +15,6 @@
- `ip_wait_address` (\*string) - Set this to a CIDR address to cause the service to wait for an address that is contained in
this network range. Defaults to "0.0.0.0/0" for any ipv4 address. Examples include:
- empty string ("") - remove all filters
- `0:0:0:0:0:0:0:0/0` - allow only ipv6 addresses
- `192.168.1.0/24` - only allow ipv4 addresses from 192.168.1.1 to 192.168.1.254
* empty string ("") - remove all filters
* `0:0:0:0:0:0:0:0/0` - allow only ipv6 addresses
* `192.168.1.0/24` - only allow ipv4 addresses from 192.168.1.1 to 192.168.1.254

3
website/content/partials/builder/vsphere/iso/NIC.mdx
View File

@ -5,7 +5,6 @@ Defines a Network Adapter
Example that creates two network adapters:
In JSON:
```json
"network_adapters": [
{
@ -18,9 +17,7 @@ In JSON:
}
],
```
In HCL2:
```hcl
network_adapters {
network = "VM Network"

1
website/content/partials/post-processor/alicloud-import/Config-not-required.mdx
View File

@ -23,7 +23,6 @@
- `image_system_size` (string) - Size of the system disk, in GB, values
range:
- cloud - 5 \~ 2000
- cloud_efficiency - 20 \~ 2048
- cloud_ssd - 20 \~ 2048