This issue was originally opened by @bg2s0r as hashicorp/packer#8806. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview of the Issue

I set the "cloud_environment_name": "china" in my builders, but packer still request the wrong ResourceManagerEndpoint

I can get token when I do this

curl 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.chinacloudapi.cn/' -H Metadata:true

Packer version

tested most versions

Operating system and Environment details

Ubuntu 18.04 amd64

Log Fragments and crash.log files

Build 'azure-chroot' errored: error retieving latest version of "credativ:Debian:9:latest": compute.VirtualMachineImagesClient#List: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code="SubscriptionNotFound" Message="The subscription 'dc6f24f5-ff36-4029-b603-ddb144490348' could not be found."

This issue was originally opened by @jasonzio as hashicorp/packer#7531. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

The Azure builder can timeout with "Waiting for SSH to become available", but there's no way to investigate what caused the timeout. By enabling "boot diagnostics" in the building VM, at the very lease one could "Connect to serial console" to see if the log spew explained the problem.

This issue was originally opened by @jbinko as hashicorp/packer#5269. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Extend the packer tool with service principle authentication via. Certificate.
Bigger customers are worried to use Packer with the name/password only. Especially when service principle requires to be owner of full subscription.
Certificates as authentication mechanisms are enterprise standard and are resonating with enterprise customers and with their security departments.
Scenario is:

• Customer will create selfsigned certificate public/private key
• They will install certificate with private key to local machine to user’s store without export option to protect the private key
• They will adjust packer json file with identity of service principle and identification of certificate (perhaps thumbprint, issuer)
• New authentication feature of packer.exe should find the certificate with private key in the local certificate store and authenticate against AAD as service principle
  All this behavior is quite standard in Azure world for enterprises and current source code should be quite easy to change to support it.

This issue was originally opened by @neil-yechenwei as hashicorp/packer#8334. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

I tried to deploy spinnaker v1.16.5 to AKS with distributed mode. However, after deployed spinnaker successfully, it failed to bake image and threw below error message "ui error: Build 'azure-arm' errored: unexpected EOF" while running pipeline. After investigated, it can bake image successfully after reverted the packer version from 1.4.2 to 1.3.1. So I think the current packer version 1.4.2 is incompatible with spinnaker 1.16.x. After further investigation, I found the issue occurred since version 1.4.2 and it got fixed since version 1.4.3. However, by default, spinnaker would use packer v1.4.2 when you choose the spinnaker v1.16.5 to deploy. So maybe the bits of spinnaker v1.16.5 need to be updated against the reference of packer. This is a blocking issue.. Please have a look and fix it. Thanks.

Reproduction Steps

1. hal version list
2. export version=1.16.5
3. hal config version edit --version $version
4. sudo hal deploy apply
5. Configure new pipeline
6. Add bake stage
7. Add deploy stage
8. Click "start manual execution"

Packer version

1.4.2

Operating system and Environment details

OS env: ubuntu 1604

Pipeline configuration for bake stage:

Entire error message:

==> azure-arm: Deleting resource group ...
==> azure-arm: -> ResourceGroupName : 'packer-Resource-Group-xxxx'
==> azure-arm:
==> azure-arm: The resource group was created by Packer, deleting ...
==> azure-arm: Deleting the temporary OS disk ...
==> azure-arm: -> OS Disk : skipping, managed disk was used...
==> azure-arm: Deleting the temporary Additional disk ...
==> azure-arm: -> Additional Disk : skipping, managed disk was used...
Build 'azure-arm' errored: unexpected EOF

==> Some builds didn't complete successfully and had errors:
--> azure-arm: unexpected EOF

==> Builds finished but no artifacts were created.
panic: interface conversion: interface {} is nil, not string
2019/11/06 01:35:53 packer:
2019/11/06 01:35:53 packer: goroutine 156 [running]:
2019/11/06 01:35:53 packer: github.com/hashicorp/packer/builder/azure/arm.(*Builder).Run(0xc000312db0, 0x3c5b160, 0xc000a90140, 0x3c732a0, 0xc00052e860, 0x3bfaf00, 0xc0005fca00, 0x0, 0x0, 0x0, ...)
2019/11/06 01:35:53 packer: /Users/mmarsh/Projects/packer/builder/azure/arm/builder.go:305 +0x4384
2019/11/06 01:35:53 packer: github.com/hashicorp/packer/packer/rpc.(*BuilderServer).Run(0xc00042a7e0, 0x1, 0xc00052a020, 0x0, 0x0)
2019/11/06 01:35:53 packer: /Users/mmarsh/Projects/packer/packer/rpc/builder.go:109 +0x231
2019/11/06 01:35:53 packer: reflect.Value.call(0xc00045b1a0, 0xc00000e1a8, 0x13, 0x36aa961, 0x4, 0xc0000b4f18, 0x3, 0x3, 0xc000090400, 0x662cd00, ...)
2019/11/06 01:35:53 packer: /usr/local/go/src/reflect/value.go:447 +0x461
2019/11/06 01:35:53 packer: reflect.Value.Call(0xc00045b1a0, 0xc00000e1a8, 0x13, 0xc00006f718, 0x3, 0x3, 0x710cf6, 0xc0000a80a8, 0xc00006f701)
2019/11/06 01:35:53 packer: /usr/local/go/src/reflect/value.go:308 +0xa4
2019/11/06 01:35:53 packer: net/rpc.(*service).call(0xc000331a00, 0xc0000a83c0, 0xc0000585b0, 0xc0000585c0, 0xc0000fe980, 0xc0002440c0, 0x2c84720, 0xc00052a01c, 0x18a, 0x2be05c0, ...)
2019/11/06 01:35:53 packer: /usr/local/go/src/net/rpc/server.go:384 +0x14e
2019/11/06 01:35:53 packer: created by net/rpc.(*Server).ServeCodec
2019/11/06 01:35:53 packer: /usr/local/go/src/net/rpc/server.go:481 +0x42b
2019/11/06 01:35:53 /packer/packer: plugin process exited
2019/11/06 01:35:53 [INFO] (telemetry) ending azure-arm
2019/11/06 01:35:53 ui error: Build 'azure-arm' errored: unexpected EOF
2019/11/06 01:35:53 machine readable: error-count []string{"1"}
2019/11/06 01:35:53 ui error:
==> Some builds didn't complete successfully and had errors:
2019/11/06 01:35:53 machine readable: azure-arm,error []string{"unexpected EOF"}
2019/11/06 01:35:53 ui error: --> azure-arm: unexpected EOF
2019/11/06 01:35:53 ui:
==> Builds finished but no artifacts were created.
2019/11/06 01:35:53 [INFO] (telemetry) Finalizing.
2019/11/06 01:35:53 waiting for all plugin processes to complete...
2019/11/06 01:35:53 /packer/packer: plugin process exited
2019/11/06 01:35:53 /packer/packer: plugin process exited

Failed to create crash log file: open crash.log: permission denied

Packer template:

v-cheye@devopsVM:~$ cat ./.hal/default/staging/rosco/packer/azure-linux.json
{
"variables": {
"azure_client_id": "",
"azure_client_secret": "",
"azure_resource_group": "",
"azure_storage_account": "",
"azure_subscription_id": "",
"azure_tenant_id": "",
"azure_image_publisher": "",
"azure_image_offer": "",
"azure_image_sku": "",
"azure_location": "",
"azure_image_name": "",

"appversion": "",
"build_host": "",
"repository": "",
"package_type": "",
"packages": "",
"upgrade": "",
"configDir": null

},
"builders": [{
"type": "azure-arm",

"client_id": "{{user `azure_client_id`}}",
"client_secret": "{{user `azure_client_secret`}}",
"managed_image_resource_group_name": "{{user `azure_resource_group`}}",
"managed_image_name": "{{user `azure_managed_image_name`}}",
"subscription_id": "{{user `azure_subscription_id`}}",
"tenant_id": "{{user `azure_tenant_id`}}",

"os_type": "Linux",
"image_publisher": "{{user `azure_image_publisher`}}",
"image_offer": "{{user `azure_image_offer`}}",
"image_sku": "{{user `azure_image_sku`}}",

"location": "{{user `azure_location`}}",
"vm_size": "Standard_DS2_v2"

}],
"provisioners": [{
"type": "shell",
"script": "{{user configDir}}/install_packages.sh",
"environment_vars": [
"repository={{user repository}}",
"package_type={{user package_type}}",
"packages={{user packages}}",
"upgrade={{user upgrade}}"
],
"pause_before": "30s"
},
{
"execute_command": "chmod +x {{ .Path }}; {{ .Vars }} sudo -E sh '{{ .Path }}'",
"inline": [
"apt-get update",
"apt-get upgrade -y",

  "/usr/sbin/waagent -force -deprovision+user && export HISTSIZE=0 && sync"
],
"inline_shebang": "/bin/sh -x",
"type": "shell"

}
]
}

This issue was originally opened by @Marcus-James-Adams as hashicorp/packer#8803. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Following on from hashicorp/packer#7809

Packer should be self-contained and be able to do everything required within a builder without outside assistance.

currently, we have to do the following before running packer

Use az cli or PowerShell to create a shared image definition, e.g. for a customised Ubuntu 18.04-LTS image: az sig image-definition create --resource-group --gallery-name <my_shared_image_gallery> --gallery-image-definition --publisher --offer UbuntuServer --sku 18.04-LTS --os-type linux

It would be good if packer could create the definition automatically as part of the builder process.

This issue was originally opened by @flamarion as hashicorp/packer#6281. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Hi,

I am a daily user of Packer and I'd like to ask you guys to try implement some post-processors for Azure like we have for AWS.

Currently, after all my builds (virtualbox-iso, for example) which I need to push the result to Azure, I need to do it using a post-processor shell and wrap Python + Virtualenv + AzureCLI.

To use these tools is not a problem at all, but the post-processor is being really big and complex due the nature of build (We need to do some conversions and resizes to be accepted by Azure) so the part to push the result of all those complexity could be facilitated with a post-processor able to create a managed image and VHD.

Thank you,

Flamarion Jorge

This issue was originally opened by @cage200 as hashicorp/packer#8988. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview of the Issue

Packer had an error cleaning the created temporary OS disk.
The deletion of deployments also has errors but they were cleaned due to the Resource group.
It looks like a race condition.

Thanks.

Reproduction Steps

Run the packer build to create a standard 2019 VM in Azure DevOps.

Packer version

Packer v1.5.5

Simplified Packer Buildfile

Minimal build file

Operating system and Environment details

Run from Windows 10 x64 -> Creating a Windows VM 2019.

Log Fragments and crash.log files

==> vhd: Deleting resource group ...
==> vhd: -> ResourceGroupName : 'packer-Resource-Group-m6jbweak46'
==> vhd:
==> vhd: The resource group was created by Packer, deleting ...
==> vhd: Deleting the temporary OS disk ...
==> vhd: -> OS Disk : 'https://imagestorageagents.blob.core.windows.net/images/pkrosm6jbweak46.vhd'
==> vhd: Deleting the temporary Additional disk ...
==> vhd: Removing the created Deployment object: 'pkrdpm6jbweak46'
==> vhd: ERROR: -> ResourceGroupNotFound : Resource group 'packer-Resource-Group-m6jbweak46' could not be found.
==> vhd:
==> vhd: Removing the created Deployment object: 'kvpkrdpm6jbweak46'
==> vhd: ERROR: -> ResourceGroupNotFound : Resource group 'packer-Resource-Group-m6jbweak46' could not be found.
==> vhd:
Build 'vhd' finished.

==> Builds finished. The artifacts of successful builds are:
--> vhd: Azure.ResourceManagement.VMImage:

Didn't have the full log activated.

This issue was originally opened by @DixonDs as hashicorp/packer#6296. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

It would be great to have an option not to delete the existing managed VM image but rather rename it to some other name. Then in case packer succeeds, remove the old image; otherwise rename it back to the original name.

That would allow safer packer executions when it is better to have older VM images at least, rather than none in case of failure.

This issue was originally opened by @rajeeshkumarkk as hashicorp/packer#8381. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Feature Description: I am not sure if the latest version of Packer is capable of building an Azure image with accelerated networking enabled. When I build Azure image and launch an Azure VM from the custom image it says "The selected image does not support accelerated networking.

I couldn't find a Optional builder to specify accelerated networking true in Packer template. Could you please help me with this ?

A written overview of the feature.: Accelerated networking enables single root I/O virtualization (SR-IOV) to a VM, greatly improving its networking performance. This high-performance path bypasses the host from the datapath, reducing latency, jitter, and CPU utilization, for use with the most demanding network workloads on supported VM types. Packer needs to have a optional builder parameters to enable the accelerated networking for the image it is building so the custom image can be used with accelerated networking enabled.

Use Case(s) Packer built custom image can be use to create VM with accelerated networking enabled.

Any relevant use-cases that you see. Production Apps VM needs to be with accelerated networking enabled.

This issue was originally opened by @Kannancsq as hashicorp/packer#7644. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

We are using Azure with Packer, and custom our VNET, Subnet and resource group for generating image instead of temporary resources by Packer.

We Created VNET, Subnet and NSG. In NSG we have enabled Internet in Inbound.

For some reason , we are not sucessfull in generating image. We tried both Windows Image and Ubuntu in both scenarios getting SSH / WinRM time out.

Attached the Script & Log file.
win_template.txt

Error from Log File
2019/05/14 19:27:13 packer.exe: 2019/05/14 19:27:13 [INFO] Waiting for SSH, up to timeout: 20m0s
2019/05/14 19:27:13 ui: ==> azure-arm: Waiting for SSH to become available...
2019/05/14 19:27:28 packer.exe: 2019/05/14 19:27:28 [DEBUG] TCP connection to SSH ip/port failed: dial tcp 10.1.0.5:22: i/o timeout

This issue was originally opened by @sireliah as hashicorp/packer#7766. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Is there a plan to introduce disk encryption support for Azure? Could you please give me a roadmap for that if there is one?

Azure added ability to encrypt disks in some distros of Linux (Ubuntu, RHEL, CentOS) and in Windows couple of years ago.

https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/azure-disk-enc-linux
https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/azure-disk-enc-windows

It would be great to support at least Linux ones, similarly as we do it in AWS builders.

This issue was originally opened by @alexsab1 as hashicorp/packer#6071. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview

Since version 1.2.2 packer supports building with additional disks.

I tested this new feature by creating a template that creates additional 127GB managed data disk. After I ran the template I found out that packer defaults certain values for data disks:

1. LUN is defaulted to 0. I assume that adding more disks will increment LUN to 1, 2, etc.
2. Caching is set to Read/Write on attached disks.

Problem

Once Azure Manager disk is created, it is not possible to change properties of the attached disk in the managed image. For example, Azure CLI does not offer commands to change property of data disk in managed image. Likewise, Azure Powershell, does not offer cmd-lets to change properties of data disk in managed image. I tired changing Lun via powershell in Azure Cloud Shell and received the following error

1. I need to change LUN from 0 to 1 on a single data disk created with the managed disk using packer version 1.2.2. This is the requirement of the Azure Scale Set infrastructure we run.
2. I also need to set caching to Read-only according to recommendations: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/premium-storage-performance#disk-caching

Feature Requested

Enhance packer to allow setting LUN and cache value for data disks before creating managed image.

This issue was originally opened by @danmanrique as hashicorp/packer#10526. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

When filing a bug, please include the following headings if possible. Any
example text in this template can be deleted.

Overview of the Issue

Setting the property in the builders part of the json file for "managed_image_zone_resilient": "false" for a Azure Image is not setting properly. I am building a WindowsClient image in Packer. After the build, I import the image via Terraform to subsequently store the image in a Gallery. When I run Terraform Plan after the import for the rest of the deployment, I get "+zone_resilient = false # forces replacement". In Azure, the state on the Image shows "ZONE RESILIENCY: Disabled."

I checked the Terraform State file and the property is null. I think the issue is in the Terraform import process of this property or the interrupt between the two.

I did find a workaround. I ignored the zone-resilient attribute, and I am able to move forward with the workaround.

  lifecycle {
    ignore_changes = [
      zone_resilient,
      source_virtual_machine_id,
    ]
  }

Reproduction Steps

Create a deployment.json.
In the deployment json:
First, without setting the property.
Second, setting the managed_image_zone_resilient = false property
On an outer script in Powershell:
Create RG
Run Packer
Import the RG
Import the Image
Run Terraform Plan
Notice Destroy Message

Packer version

Packer v1.6.6

Simplified Packer Buildfile

{
  "variables": {
    "tenant_id": "{{env `tenant_id`}}",
    "subscription_id": "{{env `subscription_id`}}",
    "client_id": "{{env `client_id`}}",
    "client_secret": "{{env `client_secret`}}",
    "resource_group_name": "{{env `resource_group_name`}}",
    "vm-size": "{{env `vm-size`}}",
    "gitpath": "{{env `gitpath`}}",
    "global_image_name": "{{env `global_image_name`}}"
  },
  "builders": [
    {
      "type": "azure-arm",
      "client_id": "{{user `client_id`}}",
      "client_secret": "{{user `client_secret`}}",
      "subscription_id": "{{user `subscription_id`}}",
      "build_resource_group_name": "{{user `resource_group_name`}}",
      "managed_image_resource_group_name": "{{user `resource_group_name`}}",
      "managed_image_name": "{{user `global_image_name`}}",
      "managed_image_zone_resilient": "false",
      "os_type": "Windows",
      "image_publisher": "MicrosoftWindowsDesktop",
      "image_offer": "Windows-10",
      "image_sku": "20h2-pro",
      "communicator": "winrm",
      "winrm_use_ssl": "true",
      "winrm_insecure": "true",
      "winrm_timeout": "3m",
      "winrm_username": "packeradmin",
      "vm_size": "{{user `vm-size`}}"
    }
  ],
  "provisioners": [
    {
      "type": "powershell",
      "inline": [
        " while ((Get-Service RdAgent).Status -ne 'Running') { Start-Sleep -s 5 }",
        " while ((Get-Service WindowsAzureTelemetryService) -and ((Get-Service WindowsAzureTelemetryService).Status -ne 'Running')) { Start-Sleep -s 5 }",
        " while ((Get-Service WindowsAzureGuestAgent).Status -ne 'Running') { Start-Sleep -s 5 }",
        " & $env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /quiet /quit",
        " while($true) { $imageState = Get-ItemProperty HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\State | Select ImageState; if($imageState.ImageState -ne 'IMAGE_STATE_GENERALIZE_RESEAL_TO_OOBE') { Write-Output $imageState.ImageState; Start-Sleep -s 10  } else { break } }"
      ]
    }
  ]
}

Operating system and Environment details

Windows 10 Enterprise

Log Fragments and crash.log files

2021/01/25 21:27:02 packer.exe plugin: Azure request body="{\"location\":\"eastus\",\"properties\":{\"sourceVirtualMachine\":{\"id\":\"/subscriptions/f8d440ed-264b-4a91-8ab9-0b1694914abf/resourceGroups/central-services/providers/Microsoft.Compute/virtualMachines/pkrvm25tuzfeo88\"},\"storageProfile\":{\"zoneResilient\":false}},\"tags\":{}}" method="PUT" request="https://management.azure.com/subscriptions/f8d440ed-264b-4a91-8ab9-0b1694914abf/resourceGroups/central-services/providers/Microsoft.Compute/images/VMSSImage?api-version=2018-04-01"
2021/01/25 21:27:04 packer.exe plugin: Azure response status="201 Created" method="PUT" request="https://management.azure.com/subscriptions/f8d440ed-264b-4a91-8ab9-0b1694914abf/resourceGroups/central-services/providers/Microsoft.Compute/images/VMSSImage?api-version=2018-04-01" x-ms-request-id="4fb61c46-8fe2-4ec2-8e6b-9cee91cd1ce4" body="{\r\n  \"name\": \"VMSSImage\",\r\n  \"id\": \"/subscriptions/f8d440ed-264b-4a91-8ab9-0b1694914abf/resourceGroups/central-services/providers/Microsoft.Compute/images/VMSSImage\",\r\n  \"type\": \"Microsoft.Compute/images\",\r\n  \"location\": \"eastus\",\r\n  \"tags\": {},\r\n  \"properties\": {\r\n    \"sourceVirtualMachine\": {\r\n      \"id\": \"/subscriptions/f8d440ed-264b-4a91-8ab9-0b1694914abf/resourceGroups/central-services/providers/Microsoft.Compute/virtualMachines/pkrvm25tuzfeo88\"\r\n    },\r\n    \"storageProfile\": {\r\n      \"osDisk\": {\r\n        \"osType\": \"Windows\",\r\n        \"osState\": \"Generalized\",\r\n        \"managedDisk\": {\r\n          \"id\": \"/subscriptions/f8d440ed-264b-4a91-8ab9-0b1694914abf/resourceGroups/central-services/providers/Microsoft.Compute/disks/pkros25tuzfeo88\"\r\n        },\r\n        \"caching\": \"ReadWrite\",\r\n        \"storageAccountType\": \"Standard_LRS\"\r\n      },\r\n      \"dataDisks\": [],\r\n      \"zoneResilient\": false\r\n    },\r\n    \"provisioningState\": \"Creating\"\r\n  }\r\n}"
2021/01/25 21:27:04 packer.exe plugin: Azure request method="GET" request="https://management.azure.com/subscriptions/f8d440ed-264b-4a91-8ab9-0b1694914abf/providers/Microsoft.Compute/locations/eastus/operations/4fb61c46-8fe2-4ec2-8e6b-9cee91cd1ce4?api-version=2018-04-01" body=""
2021/01/25 21:27:04 packer.exe plugin: Azure response method="GET" request="https://management.azure.com/subscriptions/f8d440ed-264b-4a91-8ab9-0b1694914abf/providers/Microsoft.Compute/locations/eastus/operations/4fb61c46-8fe2-4ec2-8e6b-9cee91cd1ce4?api-version=2018-04-01" x-ms-request-id="af35ae29-17a8-4610-88b9-cfe5193785dd" body="{\r\n  \"startTime\": \"2021-01-26T02:27:08.2734903+00:00\",\r\n  \"status\": \"InProgress\",\r\n  \"name\": \"4fb61c46-8fe2-4ec2-8e6b-9cee91cd1ce4\"\r\n}" status="200 OK"
2021/01/25 21:28:04 packer.exe plugin: Azure request method="GET" request="https://management.azure.com/subscriptions/f8d440ed-264b-4a91-8ab9-0b1694914abf/providers/Microsoft.Compute/locations/eastus/operations/4fb61c46-8fe2-4ec2-8e6b-9cee91cd1ce4?api-version=2018-04-01" body=""
2021/01/25 21:28:04 packer.exe plugin: Azure response status="200 OK" method="GET" request="https://management.azure.com/subscriptions/f8d440ed-264b-4a91-8ab9-0b1694914abf/providers/Microsoft.Compute/locations/eastus/operations/4fb61c46-8fe2-4ec2-8e6b-9cee91cd1ce4?api-version=2018-04-01" x-ms-request-id="7ff66f4e-2ddd-4ef2-a3b0-7216c26c1ab6" body="{\r\n  \"startTime\": \"2021-01-26T02:27:08.2734903+00:00\",\r\n  \"endTime\": \"2021-01-26T02:27:13.4297193+00:00\",\r\n  \"status\": \"Succeeded\",\r\n  \"name\": \"4fb61c46-8fe2-4ec2-8e6b-9cee91cd1ce4\"\r\n}"

This issue was originally opened by @Catfoodman as hashicorp/packer#8667. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Feature Description

The ability of having the new image version placed in the shared image galley be marked as "Exclude from latest" would be helpful. While this can be done after deployment to the gallery there will be a short period where an unwanted image version may be deployed.

Use Case(s)

In some environments deploying an image from a gallery before it's gone through an acceptance process is undesirable. Having the tick box "Exclude from latest" checked at gallery deployment would be essential - that property could then be changed after any testing or other approval criteria has been met.

This issue was originally opened by @aswinrajamannar as hashicorp/packer#7469. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Today Packer supports specifying certificate-based bearer JWT assertion through client_jwt parameter, or automatically getting it from the IMDS endpoint available for IaaS VMs. But in scenarios like App Service Web Jobs, neither of these are an option.

In App Service for instance, there is a REST endpoint to get the token which is different from the IMDS endpoint.
https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity#using-the-rest-protocol

Ability to either specify the exact access token to use, or to use the REST protocol specified above would help to run Packer in these environments.

This issue was originally opened by @alexvy86 as hashicorp/packer#10358. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview of the Issue

I'm trying to run Packer with interactive authentication but after I input the code in the device login screen and select the account to use (which has Owner role on the Azure subscription specified in my Packer template), I get the screen below, which suggests Packer is trying to do something in AzureAD. But my user is not allowed to register applications there, and I don't see why Packer would need to do anything in AureAD to work when using interactive authentication (in fact the same template works in the nightly build of Packer 1.6.6 if I add "use_azure_cli_auth": true and remove the "subscription_id" property in the builder).

Reproduction Steps

(These instructions are for Powershell, minor adjustments might be required for other environments)

1. Run packer build -var 'subscription_id=<your-subscription-id>' .\<template-file-name>.json with the template file below.
2. When prompted, navigate to https://microsoft.com/devicelogin and enter the code.
3. When prompted for which account to log in as, select one that has Owner role on the Azure subscription, but no permissions to register applications in AzureAD.
4. See the prompt shown above.

At this point I can make no more progress and have to let Packer timeout. Ctrl-C will make the "Cancelling build after receiving interrupt" message appear, but it doesn't stop it until the natural timeout occurs.

Packer version

1.6.5 and 1.6.6

Simplified Packer Buildfile

{
    "variables": {
        "subscription_id": ""
      },
      "builders": [
            {
                "type": "azure-arm",
            
                "subscription_id": "{{user `subscription_id`}}",
            
                "build_resource_group_name": "preexisting-resource-group",
            
                "os_type": "Windows",
                "image_publisher": "MicrosoftWindowsServer",
                "image_offer": "WindowsServer",
                "image_sku": "2019-Datacenter",
            
                "vm_size": "Standard_B2ms",
                
                "virtual_network_name": "my-vnet-name",
                "virtual_network_subnet_name": "my-subnet-name",
                "virtual_network_resource_group_name": "my-network-resourcegroup",
            
                "managed_image_name": "test-image",
                "managed_image_resource_group_name": "preexisting-resource-group"
            }
      ]
}

Operating system and Environment details

Windows 10 Enterprise build 18363 (64 bit)

Log Fragments and crash.log files

N/A

• Packer v1.3.5
• Linux 4.4.0-1065-aws, Ubuntu 16.04.6 LTS

Running packer -force via shell build step in Jenkins

packer build -force -var-file=conf/azure.json -only=azure-arm packer.json

failure RC is existing disk 'datadisk-1'

However, I'm reporting this since I got the below message:

16:32:48 !!!!!!!!!!!!!!!!!!!!!!!!!!! PACKER CRASH !!!!!!!!!!!!!!!!!!!!!!!!!!!!
16:32:48 
16:32:48 Packer crashed! This is always indicative of a bug within Packer.
16:32:48 A crash log has been placed at "crash.log" relative to your current
16:32:48 working directory. It would be immensely helpful if you could please
16:32:48 report the crash with Packer[1] so that we can fix this.
16:32:48 
16:32:48 [1]: https://github.com/hashicorp/packer/issues
16:32:48 
16:32:48 !!!!!!!!!!!!!!!!!!!!!!!!!!! PACKER CRASH !!!!!!!!!!!!!!!!!!!!!!!!!!!!

• packer.json here
• azure.json here
• crash.log here

This issue was originally opened by @scott-gilchrist as hashicorp/packer#10810. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Issue

When using the "file" provisioner to copy a file to an Azure Windows VM packer fails to connect giving a CertificateImproperlyFormatted error. This happens even when an ssh username and password are provided.

Packer JSON file

{
"builders" : [{
	"type": "azure-arm",
	"client_id": "<id>",
	"client_secret": "<secret>",
	"tenant_id": "<id>",
	"subscription_id": "<id>",

	"managed_image_resource_group_name": "packerOutput",
	"managed_image_name": "Image2021Win10",

	"os_type": "Windows",
	"image_publisher": "MicrosoftWindowsDesktop",
	"image_offer": "windows-10",
	"image_sku": "20h1-pro-g2", 

	"communicator": "ssh",
	"ssh_port": "22",

	"location": "uksouth",
	"vm_size": "Standard_DS4_v2"
    }],

   "provisioners": [
	{
	    "type" : "file",
	    "source" : "files/file.zip",
	    "destination" : "C:\\tmp\\file.zip"
	}
    ]
}

Error Output

The following build log is output by packer:

==> azure-arm: Code="DeploymentFailed" Message="At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details." Details=[{"code":"Conflict","message":"{\r\n "status": "Failed",\r\n "error": {\r\n "code": "ResourceDeploymentFailure",\r\n "message": "The resource operation completed with terminal provisioning state 'Failed'.",\r\n "details": [\r\n {\r\n "code": "CertificateImproperlyFormatted",\r\n "message": "The secret retrieved from https://pkrkvyeatfcs2q3.vault.azure.net/secrets/packerKeyVaultSecret/4h294bf7v61e4d4b8b854f0a462fac20 is empty string."\r\n }\r\n ]\r\n }\r\n}"}]
==> azure-arm: Removing the created Deployment object: 'pkrdpyeatfcs2q3'
==> azure-arm: Removing the created Deployment object: 'kvpkrdpyeatfcs2q3'
==> azure-arm: ==> azure-arm: Cleanup requested, deleting resource group ...
==> azure-arm: Resource group has been deleted.
Build 'azure-arm' errored after 4 minutes 20 seconds: Code="DeploymentFailed" Message="At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details." Details=[{"code":"Conflict","message":"{\r\n "status": "Failed",\r\n "error": {\r\n "code": "ResourceDeploymentFailure",\r\n "message": "The resource operation completed with terminal provisioning state 'Failed'.",\r\n "details": [\r\n {\r\n "code": "CertificateImproperlyFormatted",\r\n "message": "The secret retrieved from https://pkrkvyeatfcs2q3.vault.azure.net/secrets/packerKeyVaultSecret/4h294bf7v61e4d4b8b854f0a462fac20 is empty string."\r\n }\r\n ]\r\n }\r\n}"}]

WinRM alternative

I can't use WinRM as the file I'm copying to Azure is abysmally slow and takes over 16hours to copy a 1.5GB file. The only other option I have is using SSH unless there's another workaround for this issue?

Thanks.

This issue was originally opened by @alex-aosys as hashicorp/packer#8802. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview of the Issue

We are trying to deploy our Windows 10 1809 64-bit image into our shared image gallery and whilst trying to deploy it is failing with the following error message:

2020-02-26T17:39:58Z: ==> azure-arm: Future#WaitForCompletion: context has been cancelled: StatusCode=200 -- Original Error: context deadline exceeded

Reproduction Steps

Deploy a customised Windows 10 1809 image into a shared image gallery within the same region

Packer version

1.5.3 (also tested in 1.5.1, 1.4.5 and 1.4.3)

Simplified Packer Buildfile

gist

Operating system and Environment details

Packer runner server: CentOS Linux release 7.7.1908 3.10.0-1062.12.1.el7.x86_64
Image: Windows 10 1809 64-bit
Cloud provider: Microsoft Azure

Log Fragments and crash.log files

2020-02-26T17:39:58Z: ==> azure-arm: Future#WaitForCompletion: context has been cancelled: StatusCode=200 -- Original Error: context deadline exceeded 2020-02-26T17:39:58Z: ==> azure-arm: Future#WaitForCompletion: context has been cancelled: StatusCode=200 -- Original Error: context deadline exceeded 2020-02-26T17:39:58Z: ==> azure-arm: Step "StepPublishToSharedImageGallery" failed

If you need any more detail please let me know!

This issue was originally opened by @lukasmrtvy as hashicorp/packer#7606. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Why Packer does not respect ~/.azure/azureProfile.json file for authentication to Azure Active Directory ?
Its really shame, because Terraform can handle it, also Ansible -> I can build unified flow, but here comes Packer and I am screwed.
Or is possible to somehow convert ~/.azure/azureProfile.json to Packer Azure "special" credentials format?
Thanks

This issue was originally opened by @cloudbooster as hashicorp/packer#6008. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Azure packer builder temp VM doesnt have bootdiagnostics enabled by default. So if there are provisioning issues its very hard to debug. Its a simple option to enable this at the VM create time.

This issue was originally opened by @babu2082 as hashicorp/packer#9010. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Storage Account type of Images generated through Packer is always Standard HDD.

Is there any possibilities to generate the Image with SDD storage account type ?

If so which attribute, do I need to use in Packer Template ?

I have already tried with the below attribute, but its still generated as Standard HDD.

"managed_image_storage_account_type": "Premium_LRS",

Let me know the possibilities on this.

This issue was originally opened by @johnmccrae as hashicorp/packer#8653. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

When filing a bug, please include the following headings if possible. Any
example text in this template can be deleted.

Overview of the Issue

Packer was in the process of finishing off an image it had just created on Azure.
==> azure-arm: Capturing image ...
==> azure-arm: -> Compute ResourceGroupName : 'packer-Resource-Group-z6dqvedmpb'
==> azure-arm: -> Compute Name : 'pkrvmz6dqvedmpb'
==> azure-arm: -> Compute Location : 'West US 2'
==> azure-arm: -> Image ResourceGroupName : 'EDM_Master_Storage_Resource_Group'
==> azure-arm: -> Image Name : 'buildkite-windows-10'
==> azure-arm: -> Image Location : 'westus2'
==> azure-arm: ERROR: -> PropertyChangeNotAllowed : Changing property 'sourceVirtualMachine' is not allowed.
==> azure-arm:
==> azure-arm:
==> azure-arm: Cleanup requested, deleting resource group ...
==> azure-arm: Resource group has been deleted.
Build 'azure-arm' errored: unexpected EOF

Reproduction Steps

I don't know if I can reproduce it. But I will add that i was chasing a bug and had 2 instances of packer running at the same time. This one that crashed would be trying to write the same image name to disk, in the same location as the other instance. This instance would not be expecting an existing image.

Packer version

From packer version
1.4.4

Simplified Packer Buildfile

gist

Operating system and Environment details

windows 10 build 1909, Lenovo P1 laptop

Log Fragments and crash.log files

crash.log

Set the env var PACKER_LOG=1 for maximum log detail.

This issue was originally opened by @Dilergore as hashicorp/packer#8658. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Please refer the end of this thread to see other users complaining that this is not working.
MicrosoftDocs/azure-docs#31188

Issue:

Started: December, 2019.
Packer cannot connect with WinRM to machines provisioned from Windows 2016 (2016-Datacenter) Marketplace image in Azure.

Further details:

WinRM timeout increase is not working. It seems the last image working is version: "14393.3326.1911120150" (Released 12th of Nov). It stopped working with "14393.3384.1912042333" (Released 10th of Dec).

This issue is only impacting 2016-Datacenter. 2019 is working properly.

To get image Details for a Region:

az vm image list --location northeurope --offer WindowsServer --publisher MicrosoftWindowsServer --sku 2016-Datacenter --all

URL to the Last Working Image:

https://support.microsoft.com/en-us/help/4525236/windows-10-update-kb4525236

URL to the Image where something went wrong:

https://support.microsoft.com/en-us/help/4530689/windows-10-update-kb4530689

Notes:

This is currently applying to North EU. I had no time to investigate in other regions but I believe the same images getting distributed to every region.

I am opening a Microsoft case and planning to update the thread with the progress.

This issue was originally opened by @mginster as hashicorp/packer#9208. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Since azure-arm vhd support is going away eventually, will you be investigating a way to still get a managed disk or vhd output? Currently the only output is a managed image and going from that to a vhd is a few unnecessary steps.

Or can we just extend vhd to vhd support? :)

This issue was originally opened by @ampc as hashicorp/packer#8925. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview of the Issue

Hello, I'm trying to build a image with additional disks but packer returns an error about blob based disk to VM with managed disks is not supported.

Reproduction Steps

Create a managed image with additional disks

Packer version

1.5.4

Simplified Packer Buildfile

https://gist.github.com/ampc/28f6d91a9409fb1d2808f5f7ea7ff654#file-packer-json

Operating system and Environment details

Ubuntu 16.04

Log Fragments and crash.log files

https://gist.github.com/ampc/28f6d91a9409fb1d2808f5f7ea7ff654#file-packer-log

This issue was originally opened by @ngeegoh as hashicorp/packer#6291. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Packer failed to continue running the template with http response error: 401 - invalid content type after the PowerShell domain join command was executed.

As I need to add the temporary VM which is generated by Packer during the build into the domain, I have added a Domain join PowerShell script into the template which looks like this (I have tested this script several times in a fresh VM and it got no errors with it - it will add the VM to the domain):

$domain = "xxxxx" $password = "xxxxx" | ConvertTo-SecureString -asPlainText -Force
$username = "$domain\aaa.bbb"
$credential = New-Object System.Management.Automation.PSCredential($username,$password)
Add-Computer -DomainName $domain -Credential $credential

This is the Azure Packer template that I ran:
https://gist.github.com/ngeegoh/369b3dac2d8e4f5661a5e7d2754c7bd3
(The reason why I put 2 window-restart before running PS domain join script was just to make sure the windows-restart is working in Packer.)

Additionally, if I replace the "Domain join" with other normal PS scripts, they just work normally and Packer will generate the build artifact at the end. Not sure what happened with the Packer after the Domain join script was executed, nothing after could run and kept throwing error 401: Invalid content. I tried to debug it but still did not see anything and did not have enough information as well.

I have talked to several Packer contributors and even posted it in the mailing list but no one could really resolve this issue which I am not sure if it is the Packer bug or not as if it is good, Packer is supposed to run the Domain join script and then continue running the template without throwing errors right. Hope you guys could help or maybe just try to run the above template and PS script to see if you got the same error as mine! Thanks

I have attached the log for the packer build of the above template below.

Info:
Azure packer
Packer version from 1.2.3
Host platform: Windows10
Debug log output from PACKER_LOG=1 packer build template.json.
https://gist.github.com/ngeegoh/4fc8ceecd68335d872aead39c859db20

This issue was originally opened by @jasonzio as hashicorp/packer#7532. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

If the region targeted by Packer is capacity-constrained for the chose SKU, or if the subscription used by Packer has exhausted allocation for that SKU in that region, packer will just timeout while "Waiting for SSH to become available..." instead of issuing a helpful error message.

This issue was originally opened by @postmart as hashicorp/packer#8181. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Feature Description

Add disable_stop_instance functionality for builder/azure

Use Case(s)

For some cases we need to keep VM running, we would like to use disable_stop_instancefor that, since where is no any similar functionality enabled in builder/azure at the moment.

This issue was originally opened by @MrCaedes as hashicorp/packer#10761. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview of the Issue

Per the documentation, it's possible to set the source image to an image published in a Shared Image Gallery. However, when attempting to use this functionality to retrieve an image in another subscription, an error is yielded as the subscriptionId in the request given is being rewritten to the context of where the VM resides.

As you'll see in the buildfile below, the source resourceId has the subscription as 8a9e52d5-7368-4b94-85f0-10e112fa0d68 - however, in the 403 error returned by Azure, Packer appears to be substituting this with the subscriptionId of where the build agent resides (bf875851-8d25-4c5a-82aa-ca16eaabe260).

The MSI attached to the build agent has the requisite permissions on the build agent's resource group - as well as 'Reader' over the SIG being referenced. When querying the same endpoint via curl, I'm able to get the required information about the images, as well as list both subscriptions the MSI has access to.

Reproduction Steps

Attempt to utilise any image from a SIG located in a subscription other than the one in which the VM resides.

Packer version

Appears this occurs in every version since SIGs were allowed as source (~1.5.6), up until the latest release.

Simplified Packer Buildfile

{
    "description": "DNS Resolver Image",
    "builders": [{
      "type": "azure-chroot",
      "image_resource_id": "/subscriptions/{{vm `subscription_id`}}/resourceGroups/{{vm `resource_group`}}/providers/Microsoft.Compute/images/DnsImage-{{timestamp}}",
      "source": "/subscriptions/8a9e52d5-7368-4b94-85f0-10e112fa0d68/resourceGroups/InfrastructureProvisioning/providers/Microsoft.Compute/galleries/GoldenImages/images/CentOS/versions/latest",
      "mount_options": ["nouuid"],
      "copy_files": ["/etc/resolv.conf"],
      "os_disk_size_gb": 30,
      "mount_partition": 2
    }],
    "provisioners": []
}

Log Fragments and crash.log files

2021/03/13 07:49:11 Waiting on builds to complete...
2021/03/13 07:49:11 ui: 
==> Wait completed after 154 milliseconds 22 microseconds
2021/03/13 07:49:11 machine readable: error-count []string{"1"}
2021/03/13 07:49:11 ui error: 
==> Some builds didn't complete successfully and had errors:
2021/03/13 07:49:11 machine readable: azure-chroot,error []string{"Error retrieving shared image version \"/subscriptions/8a9e52d5-7368-4b94-85f0-10e112fa0d68/resourceGroups/InfrastructureProvisioning/providers/Microsoft.Compute/galleries/GoldenImages/images/CentOS/versions/latest\": compute.GalleryImageVersionsClient#Get: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code=\"AuthorizationFailed\" Message=\"The client 'REDACTED' with object id 'REDACTED' does not have authorization to perform action 'Microsoft.Compute/galleries/images/versions/read' over scope '/subscriptions/bf875851-8d25-4c5a-82aa-ca16eaabe260/resourceGroups/InfrastructureProvisioning/providers/Microsoft.Compute/galleries/GoldenImages/images/CentOS/versions/latest' or the scope is invalid. If access was recently granted, please refresh your credentials.\" "}
2021/03/13 07:49:11 ui error: --> azure-chroot: Error retrieving shared image version "/subscriptions/8a9e52d5-7368-4b94-85f0-10e112fa0d68/resourceGroups/InfrastructureProvisioning/providers/Microsoft.Compute/galleries/GoldenImages/images/CentOS/versions/latest": compute.GalleryImageVersionsClient#Get: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="AuthorizationFailed" Message="The client 'REDACTED' with object id 'REDACTED' does not have authorization to perform action 'Microsoft.Compute/galleries/images/versions/read' over scope '/subscriptions/bf875851-8d25-4c5a-82aa-ca16eaabe260/resourceGroups/InfrastructureProvisioning/providers/Microsoft.Compute/galleries/GoldenImages/images/CentOS/versions/latest' or the scope is invalid. If access was recently granted, please refresh your credentials." 
2021/03/13 07:49:11 ui: 
==> Builds finished but no artifacts were created.
2021/03/13 07:49:11 [INFO] (telemetry) Finalizing.
2021/03/13 07:49:11 Cancelling builder after context cancellation context canceled
2021/03/13 07:49:11 waiting for all plugin processes to complete...
2021/03/13 07:49:11 /usr/bin/packer-io: plugin process exited

This issue was originally opened by @NickLarsenNZ as hashicorp/packer#10535. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.

Description

Using the azure-arm builder, a Disk is created with "Public Endpoint" enabled, even when building on a private network.

It would be great to have a config option to make it private (and make that the default).

Use Case(s)

Organisations with controls to prevent public disks being created.

Potential configuration

Either add an option to allow the disk to be public, but default to private:

   "builders": [
        {
            "type": "azure-arm",
            ...
            "pubic_disk_access": true
        }
   ]

Or, hard code it to private (I can't think of a case where it would need to be public).

Maybe even the "Deny All" option would work, I'm not quite sure if private access is even required for mounting the disk to a VM.

Potential References

• https://docs.microsoft.com/en-us/azure/virtual-machines/disks-enable-private-links-for-import-export-portal

This issue was originally opened by @pravindahal as hashicorp/packer#10781. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview of the Issue

The documentation suggests that directory upload is possible, however, in my tests, it is not. It fails with Upload failed: scp: /home/ubuntu/: Is a directory, where /home/ubuntu/ is the destination directory.

Reproduction Steps

mkdir data
echo test > data/test
packer build azure.pkr.hcl # see below for azure.pkr.hcl file used

Packer version

1.7.0

Simplified Packer Buildfile

azure.pkr.hcl

variable "image_name" {
  type    = string
  default = "name"
}

locals { timestamp = regex_replace(timestamp(), "[- TZ:]", "") }

source "azure-arm" "main" {
  subscription_id           = "XXX"
  tenant_id                 = "XXX"

  location                  = "North Europe"

  os_type                   = "Linux"
  image_publisher           = "Canonical"
  image_offer               = "UbuntuServer"
  image_sku                 = "18.04-LTS"
  image_version             = "latest"

  os_disk_size_gb           = 128

  resource_group_name       = "XXX"
  storage_account           = "XXX"

  capture_container_name    = "images"
  capture_name_prefix       = "packer"
}


build {
  sources                   = ["sources.azure-arm.main"]

  provisioner "file" {
    source                  = "./data/"
    destination             = "/home/ubuntu/"
  }

}

Operating system and Environment details

Tested on Windows 10 and Ubuntu 20.04 on WSL 2.0.

Log Fragments and crash.log files

azure-arm.main: output will be in this color.

==> azure-arm.main: Running builder ...
==> azure-arm.main: Getting tokens using device flow
==> azure-arm.main: Getting token for https://management.azure.com/
==> azure-arm.main: Loading auth token from file: /home/pravin/.azure/packer/oauth-d23844a4-14b7-4e42-9e3a-be7fcb83625bmgmt.json
==> azure-arm.main: Auth token found in file: /home/pravin/.azure/packer/oauth-d23844a4-14b7-4e42-9e3a-be7fcb83625bmgmt.json
==> azure-arm.main: Getting tokens using device flow
==> azure-arm.main: Getting token for Vault resource
==> azure-arm.main: Loading auth token from file: /home/pravin/.azure/packer/oauth-d23844a4-14b7-4e42-9e3a-be7fcb83625bvault.json
==> azure-arm.main: Auth token found in file: /home/pravin/.azure/packer/oauth-d23844a4-14b7-4e42-9e3a-be7fcb83625bvault.json
    azure-arm.main: Creating Azure Resource Manager (ARM) client ...
==> azure-arm.main: Warning: You are using Azure Packer Builder to create VHDs which is being deprecated, consider using Managed Images. Learn more https://www.packer.io/docs/builders/azure/arm#azure-arm-builder-specific-options
==> azure-arm.main: WARNING: Zone resiliency may not be supported in North Europe, checkout the docs at https://docs.microsoft.com/en-us/azure/availability-zones/
==> azure-arm.main: Creating resource group ...
==> azure-arm.main:  -> ResourceGroupName : 'pkr-Resource-Group-xjmbretprf'
==> azure-arm.main:  -> Location          : 'North Europe'
==> azure-arm.main:  -> Tags              :
==> azure-arm.main: Validating deployment template ...
==> azure-arm.main:  -> ResourceGroupName : 'pkr-Resource-Group-xjmbretprf'
==> azure-arm.main:  -> DeploymentName    : 'pkrdpxjmbretprf'
==> azure-arm.main: Deploying deployment template ...
==> azure-arm.main:  -> ResourceGroupName : 'pkr-Resource-Group-xjmbretprf'
==> azure-arm.main:  -> DeploymentName    : 'pkrdpxjmbretprf'
==> azure-arm.main:
==> azure-arm.main: Getting the VM's IP address ...
==> azure-arm.main:  -> ResourceGroupName   : 'pkr-Resource-Group-xjmbretprf'
==> azure-arm.main:  -> PublicIPAddressName : 'pkripxjmbretprf'
==> azure-arm.main:  -> NicName             : 'pkrnixjmbretprf'
==> azure-arm.main:  -> Network Connection  : 'PublicEndpoint'
==> azure-arm.main:  -> IP Address          : '13.74.132.127'
==> azure-arm.main: Waiting for SSH to become available...
==> azure-arm.main: Connected to SSH!
==> azure-arm.main: Uploading ./data/ => /home/ubuntu/
==> azure-arm.main: Upload failed: scp: /home/ubuntu/: Is a directory
==> azure-arm.main: Provisioning step had errors: Running the cleanup provisioner, if present...
==> azure-arm.main: Removing the created Deployment object: 'pkrdpxjmbretprf'
==> azure-arm.main:
==> azure-arm.main: Cleanup requested, deleting resource group ...
==> azure-arm.main: Azure token expired. Saving the refreshed token...
==> azure-arm.main: Resource group has been deleted.
Build 'azure-arm.main' errored after 6 minutes 57 seconds: scp: /home/ubuntu/: Is a directory

==> Wait completed after 6 minutes 57 seconds

==> Some builds didn't complete successfully and had errors:
--> azure-arm.main: scp: /home/ubuntu/: Is a directory

==> Builds finished but no artifacts were created.

This issue was originally opened by @Boriszn as hashicorp/packer#9004. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Hey Team.

Could you please help or suggest workaround. I've noticed that packer builders always removes attached disk after image creation.

In our product we are using azure image copy extension which requires this disk to be attached otherwise it will not copy the image and throws error like below:

Also you could please suggest some quick fix in the source code, so I can clone it and use my version of packer.
Or any other option/link etc are welcome. We really need this fix

Many Thanks in advance,
Boris

This issue was originally opened by @gargamelss as hashicorp/packer#10940. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Due to lags on azure and bug in ver. 1.7.2 with incorrectly clearing network resources, we want to shutdown VM manually as the last step of building the image.

This issue was originally opened by @riweston as hashicorp/packer#8626. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Feature Description

Use of 'custom_data_file' property in the Azure / azure-arm builder on Windows VM's

Use Case(s)

This is creating a blocker for us using the Windows CIS marketplace image which has WinRM disabled by default preventing us using the hardened image.

Example

Builder: "type": "amazon-ebs"

Link: https://blog.petegoo.com/2016/05/10/packer-aws-windows/

Following the steps in this blog post it's possible to workaround these issues on AWS with a Windows AMI, the same steps don't seem to work on Azure

This issue was originally opened by @atakacs90 as hashicorp/packer#9261. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview of the Issue

The deprovision step gets stuck in an infinte loop with the following error:

1589606815,,ui,error,==> azure-arm: Get-Service : Cannot find any service with service name 'WindowsAzureTelemetryService'. 

1589606815,,ui,error,==> azure-arm: At C:\Windows\Temp\script-5ebf7849-741e-b3ca-88f5-82f1f7d320aa.ps1:3 char:11 

1589606815,,ui,error,==> azure-arm: + while ((Get-Service WindowsAzureTelemetryService).Status -ne 'Runni ... 

Reproduction Steps

Run a packer with azure-arm builder.

Packer version

1.5.6

Simplified Packer Buildfile

    {
    "provisioners": [
        {
        "type": "powershell",
        "inline": [
            " # NOTE: the following *3* lines are only needed if the you have installed the Guest Agent.",
            "  while ((Get-Service RdAgent).Status -ne 'Running') { Start-Sleep -s 5 }",
            "  while ((Get-Service WindowsAzureTelemetryService).Status -ne 'Running') { Start-Sleep -s 5 }",
            "  while ((Get-Service WindowsAzureGuestAgent).Status -ne 'Running') { Start-Sleep -s 5 }",
    
            "& $env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /quiet /quit /mode:vm",
            "while($true) { $imageState = Get-ItemProperty HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\State | Select ImageState; if($imageState.ImageState -ne 'IMAGE_STATE_GENERALIZE_RESEAL_TO_OOBE') { Write-Output $imageState.ImageState; Start-Sleep -s 10  } else { break } }"
        ]
        }
    ]
    }

Operating system and Environment details

Windows

This issue was originally opened by @shriganeshs as hashicorp/packer#5731. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Similar to the following way provided for amazon_ebs builder

"source_ami_filter": {
    "filters": {
        "name": "*custom_centos7_python36*"
    }, 
    "most_recent": "true"
} 

How can I get the latest source image custom_managed_image_name for Azure?

I will be storing images with name as custom_centos7_python36_{{timestamp}}, and I want to use the latest image as source image for new Packer build.

• Packer version 1.1.1

This issue was originally opened by @loibpet as hashicorp/packer#7042. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

packer -v: 1.3.2

We are using for our images a "chained" process for on-premis and for all cloud providers, i.e. we create one basis containing all required hardening, company specific setup and cloud specific configuration. Then we use this basis in another step and create the intended image flavor. In step one, we create one additional disk to separate the /var/log tree to a separate disk (company way of doing things which cannot be changed). For certain use cases, we need to use one more data disk in the image (e.g. for local data storage).

Our templates look like this:

Step 1:

    "builders": [
        {
            "type": "azure-arm",
            "client_id": "{{user `client_id`}}",
            "client_secret": "{{user `client_secret`}}",
            "subscription_id": "{{user `subscription_id`}}",
            "tenant_id": "{{user `tenant_id`}}",
            "ssh_username": "azure",
            "ssh_password": "MySecretPassword",
            "os_type": "Linux",
            "image_publisher": "OpenLogic",
            "image_offer": "CentOS",
            "image_sku": "7.5",
            "image_version": "latest",
            "ssh_pty": "true",
            "vm_size": "Standard_B1s",
            "disk_additional_size": [
                5
            ],
            "managed_image_name": "packer-test-step1",
            "managed_image_resource_group_name": "my-rg",
            "location": "West Europe",
            "virtual_network_name": "my-vnet",
            "virtual_network_resource_group_name": "my-rg",
            "virtual_network_subnet_name": "private"
        }

This works fine and the image is created as needed.

Step 2 - Version 1:

    "builders": [
        {
            "type": "azure-arm",
            "client_id": "{{user `client_id`}}",
            "client_secret": "{{user `client_secret`}}",
            "subscription_id": "{{user `subscription_id`}}",
            "tenant_id": "{{user `tenant_id`}}",
            "ssh_username": "azure",
            "ssh_password": "MySecretPassword",
            "os_type": "Linux",
            "custom_managed_image_name": "packer-test-step1",
            "custom_managed_image_resource_group_name": "my-rg",
            "ssh_pty": "true",
            "vm_size": "Standard_B1s",
            "disk_additional_size": [
                10
            ],
            "managed_image_name": "packer-test-step2a",
            "managed_image_resource_group_name": "my-rg",
            "location": "West Europe",
            "virtual_network_name": "my-vnet",
            "virtual_network_resource_group_name": "my-rg",
            "virtual_network_subnet_name": "private"
        }

This one fails with:

==> azure-arm: ERROR: -> BadRequest

==> azure-arm: ERROR: -> InvalidParameter : Cannot specify user image overrides for a disk already defined in the specified image reference.

Step 2 - Version 2:

    "builders": [
        {
            "type": "azure-arm",
            "client_id": "{{user `client_id`}}",
            "client_secret": "{{user `client_secret`}}",
            "subscription_id": "{{user `subscription_id`}}",
            "tenant_id": "{{user `tenant_id`}}",
            "ssh_username": "azure",
            "ssh_password": "MySecretPassword",
            "os_type": "Linux",
            "custom_managed_image_name": "packer-test-step1",
            "custom_managed_image_resource_group_name": "my-rg",
            "ssh_pty": "true",
            "vm_size": "Standard_B1s",
            "disk_additional_size": [
                5, 10
            ],
            "managed_image_name": "packer-test-step2b",
            "managed_image_resource_group_name": "my-rg",
            "location": "West Europe",
            "virtual_network_name": "my-vnet",
            "virtual_network_resource_group_name": "my-rg",
            "virtual_network_subnet_name": "private"
        }

Adding the size of the user disk of step 1 fails as well:

==> azure-arm: ERROR: -> BadRequest

==> azure-arm: ERROR: -> InvalidParameter : Cannot specify user image overrides for a disk already defined in the specified image reference.

This issue was originally opened by @yellowhat as hashicorp/packer#8776. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Hi,
is it possible to use packer on Azure using spot instances?

Feature Description

Use spot instances on Azure

Use Case(s)

For devops purpose, spot instance can be a good way to reduce costs.

Thanks

This issue was originally opened by @Rudikza as hashicorp/packer#10600. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview of the Issue

When trying to build an Azure Machine Image I receive the following error message:

{"status"=>"Failed",
 "error"=>
  {"code"=>"ResourceDeploymentFailure",
   "message"=>"The resource operation completed with terminal provisioning state 'Failed'.",
   "details"=>
    [{"code"=>"PlatformImageNotFound",
      "message"=>
       "The platform image 'redhat:RHEL:7-LVM:7.9.2020100116' is not available. Verify that all fields in the storage profile are correct. For more details about storage profile information, please refer to https://aka.ms/storageprofile"}]}}

Reproduction Steps

Here is my config:

{
  "variables": {
    "client_id": "{{env `AZURE_CLIENT_ID`}}",
    "client_secret": "{{env `AZURE_CLIENT_SECRET`}}",
    "resource_group_name": "{{env `AZURE_RESOURCE_GROUP_NAME`}}",
    "build_resource_group_name": "{{env `AZURE_BUILD_RESOURCE_GROUP_NAME`}}",
    "storage_account": "{{env `AZURE_STORAGE_ACCOUNT`}}",
    "subscription_id": "{{env `AZURE_SUBSCRIPTION_ID`}}",
    "virtual_network_name": "{{env `AZURE_VIRTUAL_NETWORK_NAME`}}",
    "virtual_network_subnet_name": "{{env `AZURE_VIRTUAL_NETWORK_SUBNET_NAME`}}"
  },
  "builders": [
    {
        "type": "azure-arm",

        "client_id": "{{user `client_id`}}",
        "client_secret": "{{user `client_secret`}}",
        "resource_group_name": "{{user `resource_group_name`}}",
        "build_resource_group_name": "{{user `build_resource_group_name`}}",
        "storage_account": "{{user `storage_account`}}",
        "subscription_id": "{{user `subscription_id`}}",
        "virtual_network_name": "{{user `virtual_network_name`}}",
        "virtual_network_subnet_name": "{{user `virtual_network_subnet_name`}}",

        "capture_container_name": "images",
        "capture_name_prefix": "packer",

        "os_type": "Linux",
        "image_publisher": "RedHat",
        "image_offer": "RHEL",
        "image_sku": "7.4",
        "vm_size": "Standard_D2s_v3"
      }
  ]
}

Packer version

1.6.6

More details

When I use the azure cli I can find the image:

$ az vm image show --location southafricanorth --urn redhat:RHEL:7-LVM:7.9.2020100116
{
  "automaticOsUpgradeProperties": {
    "automaticOsUpgradeSupported": false
  },
  "dataDiskImages": [],
  "disallowed": {
    "vmDiskType": "None"
  },
  "hyperVGeneration": "V1",
  "id": "/Subscriptions/5543d9ea-2506-47d5-bd8b-921260849a0f/Providers/Microsoft.Compute/Locations/SouthAfricaNorth/Publishers/redhat/ArtifactTypes/VMImage/Offers/RHEL/Skus/7-LVM/Versions/7.9.2020100116",
  "location": "SouthAfricaNorth",
  "name": "7.9.2020100116",
  "osDiskImage": {
    "operatingSystem": "Linux",
    "sizeInBytes": 68719477248,
    "sizeInGb": 64
  },
  "plan": null,
  "tags": null
}

Any ideas what could be causing this issue?

This issue was originally opened by @Dilergore as hashicorp/packer#8352. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Feature Description

Support to create Gen2 Managed Images as Managed Image output.

Use Case(s)

Required to be able to build Gen2 VMs which went GA during the Ignite event. Also required to be able to upload into Gen2 Azure Image Gallery Image Definition.

azure-arm: ERROR: -> Conflict : The resource with id '/subscriptions/SUBID/resourceGroups/RGNAME/providers/Microsoft.Compute/images/IMAGENAME' has a different Hypervisor generation ['V1'] than the parent gallery image Hypervisor generation ['V2'].

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/generation-2
https://docs.microsoft.com/en-us/azure/virtual-machines/linux/generation-2

This issue was originally opened by @ptveite as hashicorp/packer#5477. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

I'm using the Hyper-V iso builder to make a base image for use with Azure BYOL, and would like to have a post-processor that will convert my vhdx output to vhd and upload it to an Azure storage container.

This issue was originally opened by @feiyushi as hashicorp/packer#7702. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

The printout is missing the source shared_image_gallery information, as shown below. I'd love to see that in there.
Thanks.

packer version: 1.4.0
Host platform: Ubuntu 16.04
Debug log (partial):

2019/05/30 13:08:15 Running builder: azure-arm
2019/05/30 13:08:15 [INFO] (telemetry) Starting builder azure-arm
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 :: Configuration
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 CaptureNamePrefix=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 CaptureContainerName=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ImagePublisher=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ImageOffer=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ImageSku=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ImageVersion=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ImageUrl=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 CustomManagedImageResourceGroupName=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 CustomManagedImageName=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 Location=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 VMSize=Standard_D1_v2
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ManagedImageResourceGroupName=2o2kg2yipin
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ManagedImageName=packerImg
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ManagedImageStorageAccountType=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ManagedImageOSDiskSnapshotName=packerImg_os_disk
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ManagedImageDataDiskSnapshotPrefix=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 ResourceGroupName=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 StorageAccount=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 TempComputeName=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 TempResourceGroupName=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 BuildResourceGroupName=2o2kg2yipin
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 VirtualNetworkName=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 VirtualNetworkSubnetName=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 VirtualNetworkResourceGroupName=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 CustomDataFile=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 OSType=Linux
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 DiskCachingType=
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 UserName=packer
2019/05/30 13:08:15 packer: 2019/05/30 13:08:15 Password=********************************

This issue was originally opened by @achilu as hashicorp/packer#6410. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Packer 1.2.4 azure runs into
[ERR] yamux: keepalive failed: i/o deadline reached
Packer 1.2.3 azure is successfull with same template

There is a close to 2 minute delay between deletion of Microsoft.Network/publicIPAddresses and when the error occurs. The log does not print "azure-arm: Deleting the temporary OS disk ..." which may mean that the step arm/step_delete_os_disk.go hasn't started to execute.

Default config vendor/github.com/hashicorp/yamux/mux.go , is setting EnableKeepAlive to "true", which is the case with packer 1.2.3 as well.
Azure SDK upgrade to v15.0.0 on 1.2.4 may be causing this.

Reproducible Steps:
-Packer version: 1.2.4
-Packer Target OS/Arch: darwin amd64
-Built with Go Version: go1.10.1
-Packer log:
https://gist.github.com/achilu/7c0aadd2c3d3949ab46f1bd8ad70bba9
-Template:
{
"variables": {
"client_id": "{{env ARM_CLIENT_ID}}",
"client_secret": "{{env ARM_CLIENT_SECRET}}",
"subscription_id": "{{env ARM_SUBSCRIPTION_ID}}",
"tenant_id": "{{env ARM_TENANT_ID}}",
"ssh_user": "centos",
"ssh_pass": null
},
"builders": [{
"type": "azure-arm",

"client_id": "{{user `client_id`}}",
"client_secret": "{{user `client_secret`}}",
"subscription_id": "{{user `subscription_id`}}",
"tenant_id": "{{user `tenant_id`}}",

"managed_image_resource_group_name": "HANARG",
"managed_image_name": "packer",     
"build_resource_group_name": "HANARG",

"ssh_username": "{{user `ssh_user`}}",
"ssh_password": "{{user `ssh_pass`}}",

"os_type": "Linux",
"image_publisher": "RedHat",
"image_offer": "RHEL",
"image_sku": "7.2",
"image_version": "latest",
"ssh_pty": "true",

"vm_size": "Standard_A2"

}]
}

This issue was originally opened by @miketimofeev as hashicorp/packer#10648. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.

Description

Recently we've started experiencing issues during VM creation in Azure without specifying availability zone:
azure-arm: resources.DeploymentsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="InvalidTemplateDeployment" Message="The template deployment failed with error: 'The resource with id: '/subscriptions/***/resourceGroups/99275_ubuntu1604/providers/Microsoft.Compute/virtualMachines/pkrvmkeubkm2jhf' failed validation with message: 'The requested size for resource '/subscriptions/***/resourceGroups/99275_ubuntu1604/providers/Microsoft.Compute/virtualMachines/pkrvmkeubkm2jhf' is currently not available in location '***' zones '' for subscription '***'. Please try another size or deploy to a different location or zones. See https://aka.ms/azureskunotavailable for details.'.'."

The same happens when trying to create VM through the Azure portal with the following settings:

However, VM creates just fine using any available zone:

In the azure deploying template it looks like this:

            "zones": [
                "[parameters('zone')]"
            ]

Unfortunately, we can't find such parameter in packer templates so our VM generation is blocked and we're trying to solve the issue through Azure support.

Use Case(s)

See above

Potential configuration

"type": "azure-arm",
"location": "westus2",
"az": "1",

Potential References

This issue was originally opened by @rohrerb as hashicorp/packer#6192. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Hello,

Is there any chance that we could get the same functionality that is offered with ami_regions added into packer-azure? https://www.packer.io/docs/builders/amazon-ebs.html#ami_regions

Customers that are in multiple regions on azure today have to build a image in each region and update images in each region which is a extreme amount of overhead. Having the ability to create the image once and then having packer copy that image would be HUGE!

Thank you,
Brandon

This issue was originally opened by @msftkenneth as hashicorp/packer#10449. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Follow-up for hashicorp/packer#7460

May I know if it supports custom Key Vault URI as it is possible that cross-subscription Key Vault has to be leveraged as some enterprises may use the centralized secret store?

This issue was originally opened by @dougbw as hashicorp/packer#9140. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Overview of the Issue

Currently it is impossible to specify a subscription_id when using managed identity authentication, as when only subscription_id is provided packer assumes an interactive login is desired.

In our case we need the base images to be stored in a different subscription to on running our CI/CD pipeline build agents. A single managed identity can have access to many Azure subscriptions.

Reproduction Steps

• Create a user assigned managed identity
• Grant the identity Azure RBAC permissions to multiple subscriptions
• Assign the managed identity to a vm
• On the vm execute az login --identity and you should see output for multiple subscriptions
• Provide a subscription_id to the azure-arm builder in packer and you will be stuck on an interactive login

This issue was originally opened by @VladimirKhvostov as hashicorp/packer#8340. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Feature Description

First of all, documentation for client_cert_path should be updated. Unfortunately, client_cert_path needs to point to .pem, which is not clear from the documentation. .pfx files are not supported.

For Windows users, it would be great to have client_cert_thumbprint property, which would allow us to reference cert stored in certificate store.

Use Case(s)

Using packer on Windows

This issue was originally opened by @Dilergore as hashicorp/packer#8352. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Feature Description

Support to create Gen2 Managed Images as Managed Image output.

Use Case(s)

Required to be able to build Gen2 VMs which went GA during the Ignite event. Also required to be able to upload into Gen2 Azure Image Gallery Image Definition.

azure-arm: ERROR: -> Conflict : The resource with id '/subscriptions/SUBID/resourceGroups/RGNAME/providers/Microsoft.Compute/images/IMAGENAME' has a different Hypervisor generation ['V1'] than the parent gallery image Hypervisor generation ['V2'].

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/generation-2
https://docs.microsoft.com/en-us/azure/virtual-machines/linux/generation-2