Provision infrastructure with Packer
Packer is HashiCorp's tool for creating machine images from source configuration. You can configure Packer images with an operating system and software for your specific use-case.
Terraform configuration for a compute instance can use a Packer image to provision your instance without manual configuration.
In this tutorial, you will create a Packer image with a user group, a new user with authorized SSH keys, and a Go web app. Then, you will deploy this image using Terraform. Finally, you will access the instance via SSH to deploy the Go web app.
Prerequisites
To follow along with this tutorial, you will need:
- Packer 1.6.6 or later
- Terraform
- An AWS account
- Local environment variables for your AWS account.
Clone the example repository here.
Change into your cloned repo directory.
Create a local SSH key
For this tutorial, create a local SSH key to pair with the new terraform
user you create on this instance.
Generate a new SSH key called tf-packer
. The argument provided with the -f
flag creates the key in the current directory and creates two files called tf-packer
and tf-packer.pub
. Change the placeholder email address to your email address.
When prompted, press enter to leave the passphrase blank on this key.
Review the shell script
Packer's configuration will pass it a shell script to run when it builds the image. For more information on the other methods of delivering provisioning instructions to your image, visit the Packer provisioners documentation.
The script for this tutorial updates the default instance software, installs necessary apps, and creates a user with your SSH key created above.
Change directories into the scripts
directory.
Open setup.sh
in your file editor and review the provisioning instructions. This script installs the necessary dependencies, adds the terraform
user to the sudo group, installs the previously created SSH key, and downloads
the sample GoLang webapp. Use the comments in setup.sh
to verify these steps before building the image.
Warning
Never pass unverified scripts into your Packer images.
Review the Packer image
Your Packer configuration defines the parameters of the image you want to build.
Change directories into images
.
Open the image.pkr.hcl
file in your file editor.
Review the variables
block. This region must match the region where Terraform will build your AMI. If you customize it, you will need to customize the sample Terraform configuration to match (later on in the tutorial). The locals
block creates a formatted timestamp to keep your AMI name unique.
The source
block generates a template for your AMI. The source amazon-ebs
declares this image will be created in AWS and uses Elastic Block Storage. This ami_name
names the AMI learn-terraform-packer
and searches for a base AMI in the source_ami_filter
that matches your criteria of a t2.micro
Ubuntu image with Elastic Block Storage (EBS) in your declared region.
Finally, the build
block builds out your instances with specific scripts or files. Your build is based on the previously declared source
as the type of AMI.
Next, the provisioner
blocks copy your key to the image and run your setup script.
Build your Packer image
First, initialize your Packer configuration.
Run the Packer build command providing your image template file.
The final line of the output is the AMI ID you will pass into your Terraform configuration in the next step.
Deploy your Packer image with Terraform
The AMI is your artifact from the Packer run and is available in your AWS account in the EC2 Images section. You can visit the AWS Web Console to view this AMI ID again.
To use this AMI in your Terraform environment, navigate to the instances
directory.
Open the main.tf
file and navigate to the aws_instance
resource. Edit the ami
attribute with the AMI ID you received from your Packer build.
Save your configuration.
Create a new file called terraform.tfvars
and add the Packer image's region as the variable definition. If you customized the region you gave to Packer you must change this region to match, or Terraform won't be able to access your image.
Save this file and then initialize and apply your configuration.
Type yes
when prompted to create your instance. Your final output is your instance IP address. In the next section, you will SSH into this instance with your local key.
Your instance in this tutorial already contains the preferred SSH key because it uses the AMI you previously packaged with Packer. Using a Packer-packaged AMI makes deploying mass instances faster and more consistent than configuring the instances manually.
Verify your instance
Connect to your instance via SSH.
Now you have SSH access to your AWS instances without creating an SSH key in AWS. This is useful if your organization maintains keypairs outside of AWS.
Navigate to the Go directory.
Launch the demo webapp.
In your web browser, navigate your instance's IP address and port 8080
to see the app you deployed.
Destroy your instance
Avoid unnecessary charges in your AWS account by destroying your instance in Terraform.
Type yes
when you are prompted in your terminal to delete your infrastructure.
This will not destroy your Packer image. Your Packer image will not incur costs in your AWS account. Most base Linux distributions have free image versions, but be sure to check on the cost of deploying and maintaining your images.
Next Steps
In this tutorial, you created a Packer image with your desired configuration and deployed it using Terraform.
- To learn about creating deployment scripts for Terraform, visit the cloud-init tutorial.
- For more information about creating images with Packer, visit the Packer tutorials.