Back to Details

azure-image-builder

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Azure Image Builder

Azure Image Builder

Build Azure managed images and Azure Compute Gallery images using Packer's 
azure-arm
builder.
Reference: Azure ARM Builder
Note: Building Azure images incurs costs (compute, storage, data transfer). Builds typically take 15-45 minutes depending on provisioning and OS.
使用Packer的
azure-arm
构建器构建Azure托管镜像和Azure Compute Gallery镜像。
参考文档: Azure ARM Builder
注意: 构建Azure镜像会产生费用(计算、存储、数据传输)。构建时间通常为15-45分钟,具体取决于配置和操作系统。

Basic Managed Image

基础托管镜像

hcl
packer {
  required_plugins {
    azure = {
      source  = "github.com/hashicorp/azure"
      version = "~> 2.0"
    }
  }
}

variable "client_id" {
  type      = string
  sensitive = true
}

variable "client_secret" {
  type      = string
  sensitive = true
}

variable "subscription_id" {
  type = string
}

variable "tenant_id" {
  type = string
}

variable "resource_group" {
  type    = string
  default = "packer-images-rg"
}

locals {
  timestamp = regex_replace(timestamp(), "[- TZ:]", "")
}

source "azure-arm" "ubuntu" {
  client_id       = var.client_id
  client_secret   = var.client_secret
  subscription_id = var.subscription_id
  tenant_id       = var.tenant_id

  managed_image_resource_group_name = var.resource_group
  managed_image_name                = "my-app-${local.timestamp}"

  os_type         = "Linux"
  image_publisher = "Canonical"
  image_offer     = "0001-com-ubuntu-server-jammy"
  image_sku       = "22_04-lts-gen2"

  location = "East US"
  vm_size  = "Standard_B2s"

  azure_tags = {
    Name      = "my-app"
    BuildDate = local.timestamp
  }
}

build {
  sources = ["source.azure-arm.ubuntu"]

  provisioner "shell" {
    inline = [
      "sudo apt-get update",
      "sudo apt-get upgrade -y",
    ]
  }
}
hcl
packer {
  required_plugins {
    azure = {
      source  = "github.com/hashicorp/azure"
      version = "~> 2.0"
    }
  }
}

variable "client_id" {
  type      = string
  sensitive = true
}

variable "client_secret" {
  type      = string
  sensitive = true
}

variable "subscription_id" {
  type = string
}

variable "tenant_id" {
  type = string
}

variable "resource_group" {
  type    = string
  default = "packer-images-rg"
}

locals {
  timestamp = regex_replace(timestamp(), "[- TZ:]", "")
}

source "azure-arm" "ubuntu" {
  client_id       = var.client_id
  client_secret   = var.client_secret
  subscription_id = var.subscription_id
  tenant_id       = var.tenant_id

  managed_image_resource_group_name = var.resource_group
  managed_image_name                = "my-app-${local.timestamp}"

  os_type         = "Linux"
  image_publisher = "Canonical"
  image_offer     = "0001-com-ubuntu-server-jammy"
  image_sku       = "22_04-lts-gen2"

  location = "East US"
  vm_size  = "Standard_B2s"

  azure_tags = {
    Name      = "my-app"
    BuildDate = local.timestamp
  }
}

build {
  sources = ["source.azure-arm.ubuntu"]

  provisioner "shell" {
    inline = [
      "sudo apt-get update",
      "sudo apt-get upgrade -y",
    ]
  }
}

Azure Compute Gallery

Azure Compute Gallery

hcl
source "azure-arm" "ubuntu" {
  client_id       = var.client_id
  client_secret   = var.client_secret
  subscription_id = var.subscription_id
  tenant_id       = var.tenant_id

  os_type         = "Linux"
  image_publisher = "Canonical"
  image_offer     = "0001-com-ubuntu-server-jammy"
  image_sku       = "22_04-lts-gen2"

  location = "East US"
  vm_size  = "Standard_B2s"

  shared_image_gallery_destination {
    resource_group       = "gallery-rg"
    gallery_name         = "myImageGallery"
    image_name           = "ubuntu-webapp"
    image_version        = "1.0.${formatdate("YYYYMMDD", timestamp())}"
    replication_regions  = ["East US", "West US 2"]
    storage_account_type = "Standard_LRS"
  }
}
hcl
source "azure-arm" "ubuntu" {
  client_id       = var.client_id
  client_secret   = var.client_secret
  subscription_id = var.subscription_id
  tenant_id       = var.tenant_id

  os_type         = "Linux"
  image_publisher = "Canonical"
  image_offer     = "0001-com-ubuntu-server-jammy"
  image_sku       = "22_04-lts-gen2"

  location = "East US"
  vm_size  = "Standard_B2s"

  shared_image_gallery_destination {
    resource_group       = "gallery-rg"
    gallery_name         = "myImageGallery"
    image_name           = "ubuntu-webapp"
    image_version        = "1.0.${formatdate("YYYYMMDD", timestamp())}"
    replication_regions  = ["East US", "West US 2"]
    storage_account_type = "Standard_LRS"
  }
}

Authentication

身份验证

Service Principal

服务主体

bash
undefined
bash
undefined

Create service principal

创建服务主体

az ad sp create-for-rbac
--name "packer-sp"
--role Contributor
--scopes /subscriptions/<subscription-id>
az ad sp create-for-rbac
--name "packer-sp"
--role Contributor
--scopes /subscriptions/<subscription-id>

Set environment variables

设置环境变量

export ARM_CLIENT_ID="<client-id>" export ARM_CLIENT_SECRET="<client-secret>" export ARM_SUBSCRIPTION_ID="<subscription-id>" export ARM_TENANT_ID="<tenant-id>"
undefined
export ARM_CLIENT_ID="<client-id>" export ARM_CLIENT_SECRET="<client-secret>" export ARM_SUBSCRIPTION_ID="<subscription-id>" export ARM_TENANT_ID="<tenant-id>"
undefined

Managed Identity

托管标识

hcl
source "azure-arm" "ubuntu" {
  use_azure_cli_auth = true
  subscription_id    = var.subscription_id
  # ... rest of configuration
}
hcl
source "azure-arm" "ubuntu" {
  use_azure_cli_auth = true
  subscription_id    = var.subscription_id
  # ... 其余配置
}

Build Commands

构建命令

bash
undefined
bash
undefined

Set authentication

设置身份验证信息

export ARM_CLIENT_ID="your-client-id" export ARM_CLIENT_SECRET="your-client-secret" export ARM_SUBSCRIPTION_ID="your-subscription-id" export ARM_TENANT_ID="your-tenant-id"
export ARM_CLIENT_ID="your-client-id" export ARM_CLIENT_SECRET="your-client-secret" export ARM_SUBSCRIPTION_ID="your-subscription-id" export ARM_TENANT_ID="your-tenant-id"

Initialize plugins

初始化插件

packer init .
packer init .

Validate template

验证模板

packer validate .
packer validate .

Build image

构建镜像

packer build .
undefined
packer build .
undefined

Common Issues

常见问题

Authentication Failed
  • Verify service principal credentials
  • Ensure Contributor role on resource group
  • Check subscription and tenant IDs
Compute Gallery Version Exists
  • Image versions are immutable
  • Use unique version numbers with date/build number
  • Cannot overwrite existing versions
Timeout During Provisioning
  • Check network connectivity from build VM
  • Verify NSG rules allow required traffic
  • Increase timeout if needed
身份验证失败
  • 验证服务主体凭据
  • 确保资源组拥有Contributor角色权限
  • 检查订阅和租户ID
计算库版本已存在
  • 镜像版本是不可变的
  • 使用包含日期/构建编号的唯一版本号
  • 无法覆盖现有版本
配置过程中超时
  • 检查构建虚拟机的网络连接
  • 验证NSG规则是否允许所需流量
  • 必要时增加超时时间

References

参考资料