jsathler
commented
1 year ago Hi, I've a similar configuration and it wasn't working neither.
After spending a few hours I found that Ansible provisioner is trying to authenticate to Azure VM (I'm using the azure-arm plugin) using basic authentication but the azure-arm plugin doesn't enable basic authentication.
Using the configuration bellow I was able to bypass this situation.
Versions:
- azure-arm: v1.4.1
-
packer: v1.8.4
provisioner "ansible" { playbook_file = "./windows-play.yml" user = "packer" use_proxy = false
extra_arguments = [ "--extra-vars","ansible_winrm_server_cert_validation=ignore", "--extra-vars","ansible_winrm_transport=ntlm" ]
}
aamir-mansoori
"basic: the specified credentials were rejected by the server", error thrown by the ansible when building an image from windows-2019 data center.
Overview of the Issue
"basic: the specified credentials were rejected by the server", error thrown by the ansible when building an image from windows-2019 data center.
Reproduction Steps
Plugin and Packer version
packer >=1.7.8 using latest azure plugin= 1.4.0 ansible plugin = 1.0.3
powershell script file used in provisioning step net user ansible SuperS3cr3t!!! /add /expires:never net localgroup administrators ansible /add wmic useraccount where "name='ansible'" set PasswordExpires=FALSE winrm quickconfig -quiet winrm enumerate winrm/config/Listener winrm get winrm/config/service winrm set winrm/config/service/auth '@{Basic="true"}' winrm set winrm/config/client/auth '@{Basic="true"}' winrm set winrm/config/service '@{AllowUnencrypted="true"}' winrm set winrm/config/service/auth '@{CbtHardeningLevel="relaxed"}' winrm get winrm/config/Service winrm get winrm/config/Winrs netsh advfirewall firewall add rule name= "Open Port 5985" dir=in action=allow protocol=TCP localport=5985
Write-Output '>>> Waiting for GA Service (RdAgent) to start ...' while ((Get-Service RdAgent).Status -ne 'Running') { Start-Sleep -s 5 } Write-Output '>>> Waiting for GA Service (WindowsAzureTelemetryService) to start ...' while ((Get-Service WindowsAzureTelemetryService) -and ((Get-Service WindowsAzureTelemetryService).Status -ne 'Running')) { Start-Sleep -s 5 } Write-Output '>>> Waiting for GA Service (WindowsAzureGuestAgent) to start ...' while ((Get-Service WindowsAzureGuestAgent).Status -ne 'Running') { Start-Sleep -s 5 } Write-Output '>>> Sysprepping VM ...' if( Test-Path $Env:SystemRoot\system32\Sysprep\unattend.xml ) { Remove-Item $Env:SystemRoot\system32\Sysprep\unattend.xml -Force } & $Env:SystemRoot\System32\Sysprep\Sysprep.exe /oobe /generalize /quiet /quit while($true) { $imageState = (Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\State).ImageState Write-Output $imageState if ($imageState -eq 'IMAGE_STATE_GENERALIZE_RESEAL_TO_OOBE') { break } Start-Sleep -s 5 } Write-Output '>>> Sysprep complete ...'
packer file:
variable "subscription" { type = string }
variable "resource_group" { type = string }
variable "gallery_name" { type = string }
variable "image_name" { type = string }
variable "gallery_image_version" { type = string }
variable "replication_regions" { type = list(string) }
variable "storage_account_type" { type = string }
variable "image_publisher" { type = string }
variable "image_offer" { type = string }
variable "image_sku" { type = string }
variable "image_version" { type = string }
variable "vm_size" { type = string }
variable "vnet_name" { type = string }
variable "subnet_name" { type = string }
variable "vnet_resource_group" { type = string }
variable "gallery_resource_group" { type = string }
variable "images" { type = map(object({ image_publisher = string image_offer = string image_sku = string image_name = string image_version = string })) } source "azure-arm" "windows-image" {
private_virtual_network_with_public_ip = true virtual_network_name = var.vnet_name virtual_network_subnet_name = var.subnet_name virtual_network_resource_group_name = var.vnet_resource_group
os_type = "Windows" build_resource_group_name = "${var.resource_group}" vm_size = "${var.vm_size}"
communicator = "winrm" winrm_use_ssl = true winrm_insecure = true winrm_timeout = "5m" winrm_username = "ansible" winrm_password = "SuperS3cr3t!!!"
managed_image_name = "test-windows" managed_image_resource_group_name = "${var.resource_group}"
use_azure_cli_auth = true }
build {
dynamic "source" { for_each = var.images labels = ["azure-arm.windows-image"] content { name = source.key image_publisher = source.value.image_publisher image_offer = source.value.image_offer image_sku = source.value.image_sku image_version = source.value.image_version
}
provisioner "powershell" { script = "winrmscript.ps1" }
provisioner "ansible" { playbook_file = "playbooks/windows-playbook.yml" roles_path = "playbooks/roles" use_proxy = false user = "ansible" extra_arguments = ["--extra-vars", "ansible_user=ansible ansible_password=SuperS3cr3t!!! ansible_shell_type=powershell ansible_shell_executable=None","-vvvv"] ansible_env_vars = [ "WINRM_PASSWORD={{.WinRMPassword}}"] } }
variables: subscription = "xxxxxxxxxxxxxxxx"
resource_group = "airad-agentinfra"
gallery_resource_group = "airadosimage"
gallery_name = "computegallery1"
image_name = "windows-base-2022"
gallery_image_version = "1.0.0"
replication_regions = ["westeurope"]
storage_account_type = "Standard_LRS"
image_publisher = "MicrosoftWindowsServer"
image_offer = "WindowsServer"
image_sku = "2022-Datacenter"
image_version = "latest"
vm_size = "Standard_B2s"
vnet_name = "packer-vnet"
subnet_name = "packer-subnet"
vnet_resource_group = "agentinfra"
images = { "windows-2022": { "image_publisher" : "MicrosoftWindowsServer", "image_offer" : "WindowsServer", "image_sku" : "2022-Datacenter", "image_version" : "latest" "image_name": "windows-base-2022" } }
Error: