Ari Aviran
46f217f255
amazon - Snapshot permissions correctly applied
...
Fixes #3344
2016-12-04 16:03:01 +01:00
Rickard von Essen
d7a7d8c852
It's not possible to share encrypted AMI's
2016-12-04 15:52:23 +01:00
poida
8b13b75097
Updated documentation and error messages
...
The docs for kms_key_id needed to be next to encrypt_boot.
Shortened some of the kms_key_id error messages.
2016-12-03 07:49:54 +11:00
poida
7ea17e1630
Allow custom encrypted AMIs to be shared
...
When using a custom KMS key to encrypt the boot volume of an AMI, packer should allow it to be shared with other users.
2016-12-03 07:49:54 +11:00
poida
3eed6fd508
Added KMS CMK support to EBS builder
...
Added the 'kms_key_id' parameter. This supports supplying a customer master key (CMK) when encrypting the EBS volume.
The parameter is optional and only takes effect when 'encrypted' is true. When 'encrypted' is true but 'kms_key_id' is missing the 'aws/ebs' key will be used.
2016-12-03 07:49:34 +11:00
Rickard von Essen
8d2ceea5f1
builder/amazon: crash on tagging snapshot when snapshot_tags is unset
...
Closes #4238
2016-12-01 20:43:15 +01:00
Rickard von Essen
bcc7f455b3
amazon: Fix source_ami_filter ignores owners
2016-12-01 14:29:31 +01:00
Matthew Hooker
832de2104b
Revert "Merge pull request #4230 from mitchellh/revert-4223-closes_3320"
...
This reverts commit bda89b0c42
, reversing
changes made to f9f9d82419
.
2016-11-30 13:28:34 -08:00
Matthew Hooker
f5c3c25d2b
Revert "Adds `force_delete_snapshot` flag"
2016-11-30 13:10:22 -08:00
Matthew Hooker
f9f9d82419
Merge pull request #4223 from artburkart/closes_3320
...
Adds `force_delete_snapshot` flag
2016-11-30 12:53:34 -08:00
Arthur Burkart
5b59f56cdb
Adds `force_delete_snapshot` flag
...
This PR adds the ability for Packer to clean up snapshots in addition to
deregistering AMIs at build time.
To test this, I used the following `test.json` file:
```json
{
"builders": [
{
"type": "amazon-ebs",
"region": "us-east-1",
"source_ami": "ami-fce3c696",
"ami_name": "packer-test",
"instance_type": "m3.medium",
"ssh_username": "ubuntu",
"vpc_id": "some-vpc-id",
"subnet_id": "some-subnet-routed-through-igw",
"security_group_id": "some-security-group-with-port-22-access",
"force_delete_snapshot": true
}
],
"provisioners": [
{
"type": "shell-local",
"command": "echo 'hello'"
}
]
}
```
I appreciate any constructive feedbakc that can be given. Cheers!
2016-11-29 23:39:36 -05:00
Rickard von Essen
99ee610afa
builder/amazon: Fix SSH Agent
...
Closes #4220
2016-11-29 22:33:53 +01:00
Matthew Hooker
6c546d4d1f
Merge pull request #3982 from artburkart/close_1195
...
Support remote ova downloads
2016-11-28 18:49:50 -08:00
Matthew Hooker
aedf4ca465
Merge pull request #4141 from mitchellh/ebsvoluemartifact
...
add ebsvolume artifact
2016-11-28 15:50:03 -08:00
Matthew Hooker
50267572a4
add ebsvolume artifact
2016-11-28 15:26:09 -08:00
Arthur Burkart
337856811e
Implements OVA downloads w/local checksum support
...
Presumably, it is convention to store a manifest file with checksums
inside the OVA, so remote checksum support was not implemented.
2016-11-28 15:01:37 -05:00
Rickard von Essen
e36b98ecd5
Merge pull request #4202 from nervo/docker-commit-changes
...
Introduce docker commit changes
2016-11-26 18:40:08 +01:00
Rickard von Essen
a09f20f996
Merge pull request #4015 from artburkart:closes_3908
...
Closes #3908 : Adds snapshot tag overrides
2016-11-26 17:54:00 +01:00
Arthur Burkart
0c7e73b1cf
Implements Snapshot tagging
...
While implementing my acceptance test, I stumbled upon a comment stating
that snapshot deletion should also be implemented, so I snuck that in. I
can't help but wonder if there is some generic logic that is implemented
a few times throughout the packer code base that could maybe better serve
us if it were abstracted to the common package.
2016-11-26 17:48:26 +01:00
Rickard von Essen
6947a74151
Merge pull request #4162 from classmarkets/google-source-image-family
...
builder/googlecompute: support source image family
2016-11-26 17:26:47 +01:00
Rickard von Essen
d18da5e679
Added printout of select source_image
2016-11-26 15:06:43 +01:00
Rickard von Essen
17eda06d61
Fixed formatting
2016-11-24 21:12:20 +01:00
ephemeralsnow
e53f4be005
Fix 'The AssociatePublicIpAddress parameter is only supported for VPC launches.'
2016-11-24 17:01:32 +01:00
Florian Rey
73c5eac4f0
Handle commit author & message the same way
2016-11-24 13:33:42 +01:00
Florian Rey
06bebb63d0
Add log
2016-11-24 13:07:01 +01:00
Florian Rey
c925acf502
Introduce docker commit changes
2016-11-24 11:42:34 +01:00
Rickard von Essen
8257c2dabd
Merge pull request #4172 from rickard-von-essen/default-ssh-user
...
ssh: Remove ssh_username default values
2016-11-17 22:40:09 +01:00
Rickard von Essen
96e9a8e6e9
Removed default value for ssh_username
2016-11-17 22:30:34 +01:00
Sander van Harmelen
285ff6940e
Revert some changes made in #4149 ( #4175 )
...
After some more research and testing it turns out we can support the use case where you want to reuse an associated IP address that already has port 22 or 5985 forwarded, by using a random public port.
The correct port to open in the firewall is different for the type of firewall used. The standard firewall requires the public port to be opened and the network ACL requires the private port to be opened.
So by partially reverting this code and updating which ports to open in which cases, we can support all use cases again.
2016-11-16 10:30:32 +01:00
Arthur Burkart
2e65867cba
Closes #3908 : Adds snapshot tag overrides
...
This commit adds the ability to configure unique tags on snapshots
that are separate from the tags defined on the AMI. Anything applied
to the AMI will also be applied to the snapshots, but `snapshot_tags`
will override and append tags to the tags already applied to the snapshots
2016-11-15 23:16:27 -05:00
Matthew Hooker
9a91ae4e8f
fix new session error when creating cred chain.
...
the old and deprecated method won't error and so is safe to use
even if we're not in amazon.
2016-11-14 11:39:22 -08:00
Peter Schultz
bcb319640e
builder/googlecompute: support source image family
...
Closes #4100
2016-11-13 16:54:04 +01:00
Sander van Harmelen
68c6835bb5
Do not create a random public port ( #4149 )
...
This is meant to be a gentle solution for a very specific use case, but is causing more issues then it solves.
If you have a port conflict when trying to use an already associated public IP, the easiest way around it is to let the builder associate a new temporary public IP address.
2016-11-10 13:59:58 +01:00
nyankichi820
d1eadd91bb
Fix cloudstack builder ( #4139 )
...
* add zone id when associate ip address in cloudstack
* configure keypair
* fix bug firewall port
2016-11-10 13:21:08 +01:00
Matthew Hooker
d81c06765d
fix go vet issue.
...
closes #4130
2016-11-07 10:17:53 -08:00
febc.yamamoto
6088c1887c
Fix keycodes for ctrl,shift and alt key when sending over VNC
2016-11-04 19:26:14 +09:00
Sander van Harmelen
33f430bf25
Use the private port for the firewall rules ( #4114 )
...
Because of how CloudStack configures the firerwall on the router VM, you need to allow traffic to the private port instead of the public port.
2016-11-04 09:56:49 +01:00
Matthew Hooker
5d0892bd37
Merge pull request #4101 from lwander/f-googlecompute-ssh-private-key-file
...
builder/googlecompute: Use ssh_private_key_file if provided
2016-11-03 11:04:02 -07:00
Lars Wander
583e341ae7
builder/googlecompute: Store empty public_key
2016-11-03 12:49:09 -04:00
Lars Wander
7f474d8f78
builder/googlecompute: Tests added
2016-11-03 12:45:52 -04:00
Scott Crunkleton
85210afe92
googlecompute: conditionally omit the wait for startup script step if no startup script is provided.
2016-11-02 15:20:21 -07:00
Lars Wander
d70e783455
builder/googlecompute: Use ssh_private_key_file if provided
...
This seemed to be missing from the googlecompute provider. Now if the
ssh_private_key_file is provided, that will be used in place of a temporary
key. I didn't update the googlecompute specific docs under `./website/`, since
this parameter is already documented under the communicators templates page.
2016-11-02 17:04:34 -04:00
Matthew Hooker
f3f5f89fe6
Merge pull request #4096 from mitchellh/filterday
...
builder/amazon-ebs: show ami id found from filter
2016-11-02 12:25:46 -07:00
Matthew Hooker
60c459d6c8
Merge pull request #4098 from mitchellh/newsession
...
aws-sdk: use session.NewSession
2016-11-02 12:25:14 -07:00
Matthew Hooker
9bc23ea512
Merge pull request #4099 from mitchellh/waitfail
...
Waitfail
2016-11-02 12:21:51 -07:00
James Nugent
36c09af992
builder/amazon: Add tests for the `ebs-volume` builder
...
These smoke tests are effectively a mirror of the EBS builder tests.
2016-11-02 12:56:39 -04:00
James Nugent
b1ff8c3bfc
builder/amazon: Add `ebs-volume` builder
...
This commit adds a builder that works like EBS builders, except does not
create an AMI, and instead is intended to create EBS volumes in an
initialized state. For example, the following template can be used to
create and export a set of 3 EBS Volumes in a ZFS zpool named `data` for
importing by instances running production systems:
```
{
"variables": {
"aws_access_key_id": "{{ env `AWS_ACCESS_KEY_ID` }}",
"aws_secret_access_key": "{{ env `AWS_SECRET_ACCESS_KEY` }}",
"region": "{{ env `AWS_REGION` }}",
"source_ami": "{{ env `PACKER_SOURCE_AMI` }}",
"vpc_id": "{{ env `PACKER_VPC_ID` }}",
"subnet_id": "{{ env `PACKER_SUBNET_ID` }}"
},
"builders": [{
"type": "amazon-ebs-volume",
"access_key": "{{ user `aws_access_key_id` }}",
"secret_key": "{{ user `aws_secret_access_key` }}",
"region": "{{user `region`}}",
"spot_price_auto_product": "Linux/UNIX (Amazon VPC)",
"ssh_pty": true,
"instance_type": "t2.medium",
"vpc_id": "{{user `vpc_id` }}",
"subnet_id": "{{user `subnet_id` }}",
"associate_public_ip_address": true,
"source_ami": "{{user `source_ami` }}",
"ssh_username": "ubuntu",
"ssh_timeout": "5m",
"ebs_volumes": [
{
"device_name": "/dev/xvdf",
"delete_on_termination": false,
"volume_size": 10,
"volume_type": "gp2",
"tags": {
"Name": "TeamCity-Data1",
"zpool": "data",
"Component": "TeamCity"
}
},
{
"device_name": "/dev/xvdg",
"delete_on_termination": false,
"volume_size": 10,
"volume_type": "gp2",
"tags": {
"Name": "TeamCity-Data2",
"zpool": "data",
"Component": "TeamCity"
}
},
{
"device_name": "/dev/xvdh",
"delete_on_termination": false,
"volume_size": 10,
"volume_type": "gp2",
"tags": {
"Name": "TeamCity-Data3",
"zpool": "data",
"Component": "TeamCity"
}
}
]
}],
"provisioners": [
{
"type": "shell",
"start_retry_timeout": "10m",
"inline": [
"DEBIAN_FRONTEND=noninteractive sudo apt-get update",
"DEBIAN_FRONTEND=noninteractive sudo apt-get install -y zfs",
"lsblk",
"sudo parted /dev/xvdf --script mklabel GPT",
"sudo parted /dev/xvdg --script mklabel GPT",
"sudo parted /dev/xvdh --script mklabel GPT",
"sudo zpool create -m none data raidz xvdf xvdg xvdh",
"sudo zpool status",
"sudo zpool export data",
"sudo zpool status"
]
}
]
}
```
StepModifyInstance and StepStopInstance are now shared between EBS and
EBS-Volume builders - move them into the AWS common directory and rename
them to indicate that they only apply to EBS-backed builders.
2016-11-02 12:56:39 -04:00
Matthew Hooker
d47e47cf1f
rewrite to not use private aws package
2016-11-01 18:29:18 -07:00
Matthew Hooker
c4c46c349e
implement security group waiter
2016-11-01 18:10:42 -07:00
Matthew Hooker
970b37077e
Merge pull request #4050 from jen20/ssh-agent
...
builder/amazon: Allow use of local SSH Agent
2016-11-01 17:27:37 -07:00