search

hashicorp / packer-plugin-amazon

Packer plugin for Amazon AMI Builder
https://www.packer.io/docs/builders/amazon
Mozilla Public License 2.0
69 stars 104 forks source link

Enabling fast_launch on Windows AMI does not work #445

Closed tivanov-qb closed 5 months ago

tivanov-qb commented 6 months ago

Overview of the Issue

After adding fast_launch to my packer builders block, AMIs I'm generating do not have the fast launch enabled. "builders": [ { "fast_launch": { "enable_fast_launch": true, "target_resource_count": 1, "max_parallel_launches": 6 } }

I'm using latest packer and plugin versions. hashicorp/packer and github.com/hashicorp/amazon v1.2.8 The AMI is created successfully, however the fast launch is not enabled.

tivanov-qb commented 6 months ago

@lbajolet-hashicorp

lbajolet-hashicorp commented 6 months ago

Hi @tivanov-qb,

Thanks for reporting this, could I ask you to share logs of what happens when creating the image? Normally with fast launch enabled, there should be a step that creates the launch template, and enables fast launch for them, and this step has a few logs that can help understanding what goes wrong here.

We wait until the state of the image changes to either enabled, enabled-failed, or enabling-failed, but I do see that we don't check for the state of the fast-launch after it's done waiting on the snapshots' creation. In your case I suspect this could be due to a problem here. Have you sysprep'd the image by any chance? This is required to enable fast-launch.

I'll see to add this warning/error when we try to enable fast-launch. Maybe we should fail the build if that doesn't work.

lbajolet-hashicorp commented 6 months ago

Also, IIRC you can get information about what failed regarding the fast-launch enablement on the AWS console for the attempt, I'd suggest taking a look over there (sorry I haven't worked on this in a while so my memory's a bit nebulous)

tivanov-qb commented 6 months ago

hey @lbajolet-hashicorp ! thank you so much for the swift response! The logs are not indicating anything regarding the fast launch and I'm running the packer build with debug. I do not see any errors at the time of building the AMI. Unfortunately, after the AMI is ready, the fast launch is shown as disabled and I can enable it manually from the AWS console :( So no enabled, enabled-failed, or enabling-failed statuses or indication for such. I do use sysprep for each AMI that I create. I wonder what I'm doing wrong and why this change is not reflected into my AMI creation :(

lbajolet-hashicorp commented 6 months ago

@tivanov-qb if you don't sysprep your instances then this is likely why fast-launch fails to enable, it's likely you end-up in one of the other states and why the snapshots aren't created for launching your instances later.

The sysprep requirement is not on Packer unfortunately, that's an AWS limitation, please take a look at their docs for information on this.

I'll try to open a PR to add checks on the state so at least we don't silently ignore failure states, and report the errors from AWS to you if/when it fails to enable fast launch, but from our side that's probably the best we can do for now.

tivanov-qb commented 6 months ago

@lbajolet-hashicorp I DO use sysprep for each AMI that I create

Here is snipped from one of my AMI templates

{
  "inline": [
    "\"%programfiles%\\amazon\\ec2Launch\\ec2launch.exe\" sysprep --shutdown=false"
  ],
  "only": [
    "amazon-ebs"
  ],
  "type": "windows-shell"
}
lbajolet-hashicorp commented 6 months ago

Just to be sure regarding fast launch, you don't see a Skipping fast-launch setup... or Enabling fast boot for AMI anywhere in the logs/UI? These two I shared shouldn't even be in the verbose logs only, they should be visible in normal usage

tivanov-qb commented 6 months ago

No, nothing like this in the logs

lbajolet-hashicorp commented 6 months ago

@lbajolet-hashicorp I DO use sysprep for each AMI that I create

Here is snipped from one of my AMI templates

{
  "inline": [
    "\"%programfiles%\\amazon\\ec2Launch\\ec2launch.exe\" sysprep --shutdown=false"
  ],
  "only": [
    "amazon-ebs"
  ],
  "type": "windows-shell"
}

Oh, my bad, I thought you did not sysprep your instances; in the docs AWS does mention that they need to be sysprepped with the shutdown option, so I believe you need to set shutdown=true here?

I'm surprised you don't see either of the logs I shared, if the step is executed (and it should always be since it's always added to the list of steps to run), there should be one of these messages, unless there's no AMI propagated to the step, so that's either because of the AMI not being created (typically through skip_create_ami), or because there's a bug in the plugin.

I presume this could also be a version problem, the verbose logs should be able to let you know which plugin is being executed. Though if you were running a version of the plugin that doesn't support those attributes, you would get an error.

If possible, would you be able to share your logs and full config? I'd like to take a deeper look into this issue.

lbajolet-hashicorp commented 6 months ago

Hey @tivanov-qb,

FYI I've just pushed a few changes to the step that enables fast-launch so there's more information on what the step does, and it should now fail if the AMI doesn't transition to enabled, with a reason (if available).

The plugin should release within the hour, at this point you'll be able to update and test it out on your configuration, hopefully we can get to the bottom of this soon!

tivanov-qb commented 6 months ago

hey @lbajolet-hashicorp thank you so much for handling this!!! I can confirm I now see more information regarding fast-launch. Here is a snipped from my logging

10:07:40  1703146060,,ui,message,    amazon-ebs: C:\Users\Administrator>"C:\Program Files\amazon\ec2Launch\ec2launch.exe" sysprep --shutdown=true
10:07:40  1703146060,,ui,message,    amazon-ebs: agent ran successfully
10:07:40  1703146060,,ui,message,    amazon-ebs: Sysprep sub-command: shutdown: true clean: false
10:07:40  1703146060,,ui,message,    amazon-ebs: 2023-12-21 08:07:39 Info: Preparing items to run Sysprep.
10:07:40  1703146060,,ui,message,    amazon-ebs: 2023-12-21 08:07:39 Console: Message: Successfully disabled hibernation
10:07:40  1703146060,,ui,message,    amazon-ebs: 2023-12-21 08:07:39 Info: Run sysprep
10:07:40  1703146060,,ui,message,    amazon-ebs: 2023-12-21 08:07:39 Info: Sysprep command: C:\Windows\System32\Sysprep\Sysprep.exe /oobe /shutdown /generalize /unattend:C:\ProgramData\Amazon\EC2Launch\sysprep\unattend.xml
`10:32:25  1703147543,,ui,say,==> amazon-ebs: No fast-launch template specified
10:32:25  1703147543,,ui,say,==> amazon-ebs: Enabling fast boot for AMI ami-0920d3ad6635d8597
10:32:25  1703147544,,ui,say,==> amazon-ebs: Waiting for fast launch to become ready...
10:40:31  1703148026,,ui,say,==> amazon-ebs: Copying/Encrypting AMI (ami-0920d3ad6635d8597) to other regions...
10:40:31  1703148026,,ui,message,    amazon-ebs: Copying to: us-west-2
10:40:31  1703148026,,ui,message,    amazon-ebs: Waiting for all copies to complete...
10:50:38  1703148627,,ui,say,==> amazon-ebs: Skipping Enable AMI deprecation...
10:50:38  1703148627,,ui,say,==> amazon-ebs: Adding tags to AMI (ami-006a5d33ab2affddd)...
10:50:38  1703148627,,ui,say,==> amazon-ebs: Tagging snapshot: snap-058c4a28023658054
10:50:38  1703148627,,ui,say,==> amazon-ebs: Creating AMI tags
10:50:38  1703148627,,ui,message,    amazon-ebs: Adding tag: "Name": "changed_the_name_on_purpose"
10:50:38  1703148627,,ui,message,    amazon-ebs: Adding tag: "Version": "7"
10:50:38  1703148627,,ui,message,    amazon-ebs: Adding tag: "Branch": "changed_the_name_on_purpose"
10:50:38  1703148627,,ui,message,    amazon-ebs: Adding tag: "Layer": "1"
10:50:38  1703148627,,ui,say,==> amazon-ebs: Creating snapshot tags
10:50:38  1703148627,,ui,say,==> amazon-ebs: Deregistering the AMI and deleting unencrypted temporary AMIs and snapshots
10:50:38  1703148627,,ui,say,==> amazon-ebs: Terminating the source AWS instance...
10:52:29  1703148748,,ui,say,==> amazon-ebs: Cleaning up any extra volumes...
10:52:29  1703148748,,ui,say,==> amazon-ebs: No volumes to clean up%!(PACKER_COMMA) skipping
10:52:29  1703148748,,ui,say,==> amazon-ebs: Deleting temporary keypair...`

I wonder now.. the final AMI - ami-006a5d33ab2affddd, was generated with no fast launched disabled.. while the previous one -> ami-0920d3ad6635d8597 (that was indicating it's enabling fast launch) was deregistered and seems ami-006a5d33ab2affddd was copied from ami-0920d3ad6635d8597

Here is a screenshot from cloudtrail logs

image

please correct me if I'm wrong but does it mean we cannot copy the AMI with fast launch enabled ?

lbajolet-hashicorp commented 6 months ago

Hi @tivanov-qb,

Thanks for the follow-up.

It does seem that the final AMI in your case does not have fast launch enabled because we enable fast-launch before we trigger the copy. Arguably that should be done once we've copied the AMIs, not before, since fast launch is not among the copied attributes.

This will make builds slower when copying the AMI to multiple regions, as they each will need to enable fast launch. I'll see if we can run this in parallel to speed that up. I'll also add some acceptance test to make sure this works.

I can't promise to get this done before the holidays, but I'll see what I can do.

tivanov-qb commented 5 months ago

@lbajolet-hashicorp happy new year! Sorry for the delay in my response, I was also off during the holidays. Happy to continue testing once you have changes in place. Cheers!

tivanov-qb commented 5 months ago

hey @lbajolet-hashicorp do you have any update on this one ?

lbajolet-hashicorp commented 5 months ago

Hi @tivanov-qb,

Happy new year to you too! I just came back from the holidays, so still playing catch-up a bit, but thanks for the reminder!

I'll block some time to work on this ASAP, likely next week, hopefully we can fix that soon.