| description | The openstack Packer builder is able to create new images for use with OpenStack. |
|---|---|
| page_title | OpenStack - Builders |
| nav_title | OpenStack |
Type: openstack
Artifact BuilderId: mitchellh.openstack
The openstack Packer builder is able to create new images for use with
OpenStack. The builder takes a source image, runs
any provisioning necessary on the image after launching it, then creates a new
reusable image. This reusable image can then be used as the foundation of new
servers that are launched within OpenStack. The builder will create temporary
keypairs that provide temporary access to the server while the image is being
created. This simplifies configuration quite a bit.
The builder does not manage images. Once it creates an image, it is up to you to use it or delete it.
~> Note: To use OpenStack builder with the OpenStack Newton (Oct 2016) or earlier, we recommend you use Packer v1.1.2 or earlier version.
~> OpenStack Liberty or later requires OpenSSL! To use the OpenStack
builder with OpenStack Liberty (Oct 2015) or later you need to have OpenSSL
installed if you are using temporary key pairs, i.e. don't use
ssh_keypair_name nor
ssh_password. All major
OS'es have OpenSSL installed by default except Windows. This have been resolved
in OpenStack Ocata(Feb 2017).
~> Note: OpenStack Block Storage volume support is available only for V3 Block Storage API. It's available in OpenStack since Mitaka release (Apr 2016).
There are many configuration options available for the builder. They are segmented below into two categories: required and optional parameters. Within each category, the available configuration keys are alphabetized.
In addition to the options listed here, a communicator can be configured for this builder.
@include 'builder/openstack/AccessConfig-required.mdx'
@include 'builder/openstack/ImageConfig-required.mdx'
@include 'builder/openstack/RunConfig-required.mdx'
@include 'builder/openstack/AccessConfig-not-required.mdx'
@include 'builder/openstack/ImageConfig-not-required.mdx'
@include 'builder/openstack/RunConfig-not-required.mdx'
@include 'packer-plugin-sdk/communicator/Config-not-required.mdx'
@include 'packer-plugin-sdk/communicator/SSH-not-required.mdx'
@include 'packer-plugin-sdk/communicator/SSHTemporaryKeyPair-not-required.mdx'
@include 'packer-plugin-sdk/communicator/SSH-Key-Pair-Name-not-required.mdx'
@include 'packer-plugin-sdk/communicator/SSH-Private-Key-File-not-required.mdx'
@include 'packer-plugin-sdk/communicator/SSH-Agent-Auth-not-required.mdx'
@include 'packer-plugin-sdk/communicator/SSHInterface-not-required.mdx'
Here is a basic example. This is a example to build on DevStack running in a VM.
{
"builders":
[{
"type": "openstack",
"identity_endpoint": "http://<devstack-ip>:5000/v3",
"tenant_name": "admin",
"domain_name": "Default",
"username": "admin",
"password": "<your admin password>",
"region": "RegionOne",
"ssh_username": "root",
"image_name": "Test image",
"source_image": "<image id>",
"flavor": "m1.tiny",
"insecure": "true"
}]
}source "openstack" "example" {
domain_name = "Default"
flavor = "m1.tiny"
identity_endpoint = "http://<devstack-ip>:5000/v3"
image_name = "Test image"
insecure = "true"
password = "<your admin password>"
region = "RegionOne"
source_image = "<image id>"
ssh_username = "root"
tenant_name = "admin"
username = "admin"
}
build {
sources = ["source.openstack.example"]
}
Here is a basic example. This is a working example to build a Ubuntu 12.04 LTS (Precise Pangolin) on Rackspace OpenStack cloud offering.
{
"builders":[{
"type": "openstack",
"username": "foo",
"password": "foo",
"region": "DFW",
"ssh_username": "root",
"image_name": "Test image",
"source_image": "23b564c9-c3e6-49f9-bc68-86c7a9ab5018",
"flavor": "2"
}]
}source "openstack" "example" {
flavor = "2"
image_name = "Test image"
password = "foo"
region = "DFW"
source_image = "23b564c9-c3e6-49f9-bc68-86c7a9ab5018"
ssh_username = "root"
username = "foo"
}
build {
sources = ["source.openstack.example"]
}This example builds an Ubuntu 14.04 image on a private OpenStack cloud, powered by Metacloud.
{
"builders":[{
"type": "openstack",
"ssh_username": "root",
"image_name": "ubuntu1404_packer_test_1",
"source_image": "91d9c168-d1e5-49ca-a775-3bfdbb6c97f1",
"flavor": "2"
}]
}source "openstack" "example" {
flavor = "2"
image_name = "ubuntu1404_packer_test_1"
source_image = "91d9c168-d1e5-49ca-a775-3bfdbb6c97f1"
ssh_username = "root"
}
build {
sources = ["source.openstack.example"]
}In this case, the connection information for connecting to OpenStack doesn't appear in the template. That is because I source a standard OpenStack script with environment variables set before I run this. This script is setting environment variables like:
OS_AUTH_URLOS_TENANT_IDOS_USERNAMEOS_PASSWORD
This is slightly different when identity v3 is used:
OS_AUTH_URLOS_USERNAMEOS_PASSWORDOS_DOMAIN_NAMEOS_TENANT_NAME
This will authenticate the user on the domain and scope you to the project. A
tenant is the same as a project. It's optional to use names or IDs in v3. This
means you can use OS_USERNAME or OS_USERID, OS_TENANT_ID or
OS_TENANT_NAME and OS_DOMAIN_ID or OS_DOMAIN_NAME.
The above example would be equivalent to an RC file looking like this :
export OS_AUTH_URL="https://identity.myprovider/v3"
export OS_USERNAME="myuser"
export OS_PASSWORD="password"
export OS_USER_DOMAIN_NAME="mydomain"
export OS_PROJECT_DOMAIN_NAME="mydomain"A basic example of Instance with a remote root Block Storage service volume. This is a working example to build an image on private OpenStack cloud powered by Selectel VPC.
{
"builders":[{
"type": "openstack",
"identity_endpoint": "https://api.selvpc.com/identity/v3",
"tenant_id": "2e90c5c04c7b4c509be78723e2b55b77",
"username": "foo",
"password": "foo",
"region": "ru-3",
"ssh_username": "root",
"image_name": "Test image",
"source_image": "5f58ea7e-6264-4939-9d0f-0c23072b1132",
"networks": "9aab504e-bedf-48af-9256-682a7fa3dabb",
"flavor": "1001",
"availability_zone": "ru-3a",
"use_blockstorage_volume": true,
"volume_type": "fast.ru-3a"
}]
}source "openstack" "example" {
availability_zone = "ru-3a"
flavor = "1001"
identity_endpoint = "https://api.selvpc.com/identity/v3"
image_name = "Test image"
networks = "9aab504e-bedf-48af-9256-682a7fa3dabb"
password = "foo"
region = "ru-3"
source_image = "5f58ea7e-6264-4939-9d0f-0c23072b1132"
ssh_username = "root"
tenant_id = "2e90c5c04c7b4c509be78723e2b55b77"
use_blockstorage_volume = true
username = "foo"
volume_type = "fast.ru-3a"
}
build {
sources = ["source.openstack.example"]
}
The simplest way to get all settings for authorization against OpenStack is to
go into the OpenStack Dashboard (Horizon) select your Project and navigate
Project, Access & Security, select API Access and Download OpenStack RC
File v3. Source the file, and select your wanted region by setting environment
variable OS_REGION_NAME or OS_REGION_ID and
export OS_TENANT_NAME=$OS_PROJECT_NAME or
export OS_TENANT_ID=$OS_PROJECT_ID.
~> OS_TENANT_NAME or OS_TENANT_ID must be used even with Identity v3,
OS_PROJECT_NAME and OS_PROJECT_ID has no effect in Packer.
To troubleshoot authorization issues test you environment variables with the OpenStack cli. It can be installed with
$ pip install --user python-openstackclient
To authorize with a access token only identity_endpoint and token is
needed, and possibly tenant_name or tenant_id depending on your token type.
Or use the following environment variables:
OS_AUTH_URLOS_TOKEN- One of
OS_TENANT_NAMEorOS_TENANT_ID
To authorize with an application credential, only identity_endpoint,
application_credential_id, and application_credential_secret are needed.
Or use the following environment variables:
OS_AUTH_URLOS_APPLICATION_CREDENTIAL_IDOS_APPLICATION_CREDENTIAL_SECRET