我试图构建一个针对PowerShell脚本引导的Windows AMI,但我一直收到WinRM的超时错误。
我也试过将通信器切换到SSH,但没有工作,所以我回到了WinRM,因为它更有意义使用这个我试图实现。
这是我的Packer JSON脚本:
{
"builders": [
{
"access_key": "XXXXXXXXXXX",
"secret_key": "XXXXXXXXXXXXXXXXX",
"ami_name": "WINCIS-Hardened-{{timestamp}}",
"instance_type": "t2.micro",
"type": "amazon-ebs",
"source_ami": "ami-016ed249dc46e6b40",
"associate_public_ip_address":"True",
"communicator": "winrm",
"winrm_username": "Administrator",
"winrm_port": "5986",
"winrm_timeout": "15m",
"winrm_use_ssl" :"true",
"winrm_insecure": "true",
"region": "eu-west-2",
"vpc_id": "vpc-XXXXXXXXXXXXX",
"subnet_id": "subnet-XXXXXXXXXXXXXX"
}
],
"provisioners": [
{
"type": "powershell",
"execute_command": "powershell -executionpolicy bypass \"& { if (Test-Path variable:global:ProgressPreference='SilentlyContinue'};. '{{.Path}}'; exit \\$LastExitCode }\"",
"script": "./wincis_hardened.ps1"
}
]
}
字符串
这是我得到的错误:
$ **packer build wincis_hardened_aws.json**
amazon-ebs output will be in this color.
==> amazon-ebs: Prevalidating AMI Name: WINCIS-Hardened-1566374649
amazon-ebs: Found Image ID: ami-016ed249dc46e6b40
==> amazon-ebs: Creating temporary keypair: packer_5d5cfaf9-bd9b-284e-128a-993f4749f7b2
==> amazon-ebs: Creating temporary security group for this instance: packer_5d5cfafa-b6d8-c968-12a3-f293dd2a04e9
==> amazon-ebs: Authorizing access to port 5986 from [0.0.0.0/0] in the temporary security groups...
==> amazon-ebs: Launching a source AWS instance...
==> amazon-ebs: Adding tags to source instance
amazon-ebs: Adding tag: "Name": "Packer Builder"
amazon-ebs: Instance ID: i-08ac611d79b8ecba7
==> amazon-ebs: Waiting for instance (i-08ac611d79b8ecba7) to become ready...
==> amazon-ebs: Waiting for auto-generated password for instance...
amazon-ebs: It is normal for this process to take up to 15 minutes,
amazon-ebs: but it usually takes around 5. Please wait.
amazon-ebs:
amazon-ebs: Password retrieved!
==> amazon-ebs: Using winrm communicator to connect: 35.178.131.180
==> amazon-ebs: Waiting for WinRM to become available...
==> amazon-ebs: Timeout waiting for WinRM.
==> amazon-ebs: Terminating the source AWS instance...
==> amazon-ebs: Cleaning up any extra volumes...
==> amazon-ebs: No volumes to clean up, skipping
==> amazon-ebs: Deleting temporary security group...
==> amazon-ebs: Deleting temporary keypair...
Build 'amazon-ebs' errored: Timeout waiting for WinRM.
==> Some builds didn't complete successfully and had errors:
--> amazon-ebs: Timeout waiting for WinRM.
==> Builds finished but no artifacts were created.
型
1条答案
按热度按时间rdlzhqv91#
在我的情况下,这是一个防火墙问题。端口“5986”在防火墙上被阻止。
确保您可以从PC远程登录WinRM端口!
我设置了“winrm_port”:443,并在下面的user_data.sh中使用。
cmd.exe /c winrm set "winrm/config/listener?Address=*+Transport=HTTPS" "@{Port=
"443";Hostname=
"packer";CertificateThumbprint=
"$($Cert.Thumbprint)"}"
个cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes
个cmd.exe /c netsh firewall add portopening TCP 443 "Port 443"
个