我在使用 Packer 从 Google Cloud Platform 中的自定义图像运行实例时遇到问题。半小时后,我遇到了 WinRM 超时问题)
==> image-ami-win: Waiting for the instance to become running...
image-ami-win: Internal IP: 10.154.21.203
image-ami-win: IP: 10.154.21.203
==> image-ami-win: Using winrm communicator to connect: 10.154.21.203
==> image-ami-win: Waiting for WinRM to become available...
==> image-ami-win: Timeout waiting for WinRM.
==> image-ami-win: Deleting instance...
image-ami-win: Instance has been deleted!
==> image-ami-win: Deleting disk...
image-ami-win: Disk has been deleted!
Build 'image-ami-win' errored: Timeout waiting for WinRM.
如果我使用基本的 Windows-2016 映像 - 一切都以正确的方式工作。
{
"builders": [
{
"type": "googlecompute",
"account_file": "account.json",
"project_id": "my project",
"source_image_family": "windows-2016",
"image_family": "my-image"
"disk_size": "50",
"machine_type": "n1-standard-1",
"communicator": "winrm",
"winrm_username": "packer_user",
"winrm_insecure": true,
"winrm_use_ssl": true,
"metadata": {
"windows-startup-script-cmd": "winrm quickconfig -quiet & net user /add packer_user & net localgroup administrators packer_user /add & winrm set winrm/config/service/auth @{Basic=\"true\"}"
},
"zone": "us-central1-a"
}
]
}
起初我使用“Administrator”用户名而不是 packer_user - 它不起作用(在 Google Cloud Platform 中使用不同于“packer_user”的 winrm 用户的问题)
目前,如果我从自定义映像(从 windows-2016 gcp 映像成功创建)运行实例,它会向我显示一个错误:“Build 'image-ami-win' errored: Timeout waiting for WinRM。”
我不运行任何可能影响防火墙或访问的自定义配置程序。只需从基本 windows-2016 映像创建实例 - 关闭,创建映像并使用打包程序构建它:
{
"variables": {
"zone": "us-east1-b",
"winrm_user" : "packer_user",
"builder_name": ""
},
"builders": [
{
"name": "image-ami-win",
"type": "googlecompute",
"project_id": "{{user `project_id`}}",
"zone": "{{user `zone`}}",
"source_image_family": "my-family"
"communicator": "winrm",
"winrm_username": "{{user `winrm_user`}}",
"image_name": "{{user `project`}}{{user `env`}}-{{build_name}}-{{user `team`}}-{{timestamp}}",
"machine_type": "n1-standard-4",
"disk_size": 50,
"network_project_id": "{{user `network_project_id`}}",
"subnetwork": "{{user `subnetwork`}}",
"omit_external_ip": false,
"use_internal_ip": false,
"tags": [
"project-{{user `project`}}",
"branch-{{user `branch`}}",
"commit-{{user `commit_id`}}",
],
"winrm_insecure": true,
"winrm_use_ssl": true,
"metadata": {
"windows-startup-script-cmd": "winrm quickconfig -quiet & net user /add {{user `winrm_user`}} & net localgroup administrators {{user `winrm_user`}} /add & winrm set winrm/config/service/auth @{Basic=\"true\"} & powershell -Command \"& {Set-ExecutionPolicy AllSigned -Force}\""
}
}
],
"provisioners": []
}
我已经尝试运行启动脚本:
<powershell>
Enter-PSSession -ComputerName server.domain.local -Credential domain\administrator
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
</powershell>
它没有帮助解决这个问题。此外,我无法通过 RDP 从 Google Cloud Console (UI) 连接到此实例,但同时我可以在从 Windows-2016 Google Cloud 映像创建实例期间轻松连接。
我还注意到从 Google Cloud Windows-2016 映像和自定义映像构建实例之间的区别:
如果我从 Windows-2016 Google Cloud Image 运行实例,我会收到以下消息:
2019/10/21 12:22:38 packer: 2019/10/21 12:22:38 [INFO] Attempting WinRM connection...
2019/10/21 12:22:38 packer: 2019/10/21 12:22:38 [DEBUG] connecting to remote shell using WinRM
2019/10/21 12:23:08 packer: 2019/10/21 12:23:08 [ERROR] connection error: unknown error Post https://10.154.21.219:5986/wsman: dial tcp 10.154.21.219:5986: i/o timeout
2019/10/21 12:23:08 packer: 2019/10/21 12:23:08 [ERROR] WinRM connection err: unknown error Post https://10.154.21.219:5986/wsman: dial tcp 10.154.21.219:5986: i/o timeout
2019/10/21 12:23:08 packer: 2019/10/21 12:23:08 [INFO] Attempting WinRM connection...
2019/10/21 12:23:08 packer: 2019/10/21 12:23:08 [DEBUG] connecting to remote shell using WinRM
2019/10/21 12:23:38 packer: 2019/10/21 12:23:38 [ERROR] connection error: unknown error Post https://10.154.21.219:5986/wsman: dial tcp 10.154.21.219:5986: i/o timeout
2019/10/21 12:23:38 packer: 2019/10/21 12:23:38 [ERROR] WinRM connection err: unknown error Post https://10.154.21.219:5986/wsman: dial tcp 10.154.21.219:5986: i/o timeout
2019/10/21 12:23:38 packer: 2019/10/21 12:23:38 [INFO] Attempting WinRM connection...
但是,如果我从自定义图像运行实例,我会收到下一条消息:
2019/10/21 10:46:08 packer: 2019/10/21 10:46:08 [INFO] Attempting WinRM connection...
2019/10/21 10:46:08 packer: 2019/10/21 10:46:08 [DEBUG] connecting to remote shell using WinRM
2019/10/21 10:46:08 packer: 2019/10/21 10:46:08 [ERROR] connection error: unknown error Post https://10.154.21.203:5986/wsman: read tcp 10.147.84.31:48984->10.154.21.203:5986: read: connection reset by peer
2019/10/21 10:46:08 packer: 2019/10/21 10:46:08 [ERROR] WinRM connection err: unknown error Post https://10.154.21.203:5986/wsman: read tcp 10.147.84.31:48984->10.154.21.203:5986: read: connection reset by peer
2019/10/21 10:46:08 packer: 2019/10/21 10:46:08 [INFO] Attempting WinRM connection...
2019/10/21 10:46:08 packer: 2019/10/21 10:46:08 [DEBUG] connecting to remote shell using WinRM
2019/10/21 10:46:08 packer: 2019/10/21 10:46:08 [ERROR] connection error: unknown error Post https://10.154.21.203:5986/wsman: read tcp 10.147.84.31:48988->10.154.21.203:5986: read: connection reset by peer
2019/10/21 10:46:08 packer: 2019/10/21 10:46:08 [ERROR] WinRM connection err: unknown error Post https://10.154.21.203:5986/wsman: read tcp 10.147.84.31:48988->10.154.21.203:5986: read: connection reset by peer
差异
/wsman:拨号tcp 10.154.21.219:5986: i/o 超时
和
10.147.84.31:48988->10.154.21.203:5986:阅读:
. 看起来有些转发正在工作,但我不明白为什么,因为除了图像名称之外,打包程序生成器相同。
实例应该从自定义映像成功运行,就像我从 Google Cloud Windows-2016 基础映像构建实例一样。
我正在使用 Packer v. 1.4.4
有人可以帮我吗?