I currently have a packer file configured to build a vmware image (vmx) using the vmware-iso builder Will the Azure Image Builder work with this?

In addition, I am using the windows-update provisioner found at https://github.com/rgl/packer-provisioner-windows-update. Is there a way to add custom provisioners to the Azure Image Builder?

Here is my packer.json:

{
  "builders": [{
    "type": "vmware-iso",
    "vm_name": "{{ user `vm_name` }}",
    "vmdk_name": "{{ user `vm_name` }}",
    "output_directory": "{{ user `output_directory`}}",
    "iso_url": "{{ user `iso_url` }}",
    "iso_checksum": "{{user `iso_checksum`}}",
    "iso_checksum_type": "{{ user `iso_checksum_type` }}",
    "communicator": "winrm",
    "winrm_username": "administrator",
    "winrm_password": "password",
    "winrm_timeout": "12h",
    "winrm_port": "5985",
    "vnc_port_min": 5900,
    "vnc_port_max": 5980,
    "shutdown_command": "a:/Start-Shutdown.bat",
    "shutdown_timeout": "15m",
    "headless": "{{ user `vmWareBuilder_headless` }}",
    "guest_os_type": "{{ user `guest_os_type` }}",
    "disk_size": "50000",
    "keep_registered": false,
    "skip_validate_credentials": true,
    "version": "14",
    "floppy_files": [
      "extra/files/win2016/autounattend.xml",
      "extra/scripts/bootstrap.ps1",
      "extra/scripts/Start-Shutdown.bat"
    ],
    "floppy_dirs": [
      "extra/files/vmwareTools/drivers"
    ],
    "network": "{{ user `vmWareBuilder_network` }}",
    "cpus": 2,
    "memory": 4096,
    "boot_wait": "10s",
    "vmx_data": {
      "scsi0.virtualDev": "pvscsi",
      "annotation": "{{ user `vmWareBuilder_annotation` }}"
    }
  }],
  "provisioners": [{
    "type": "powershell",
    "elevated_user": "Administrator",
    "elevated_password": "password",
    "script": "./extra/scripts/disable-windows-updates.ps1"
    },
    {
      "type": "windows-restart"
    },
    {
      "type": "windows-update",
      "filters": [
          "include:$_.Title -like '*Servicing Stack Update for Windows*'"
      ]
    },
    {
      "type": "windows-update"
    },
    {
      "type": "powershell",
      "inline": [
        "Write-Output Phase-5-Deprovisioning",
        "if( Test-Path $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml ){ rm $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml -Force}"
      ]
    },
    {
      "type": "windows-restart",
      "restart_timeout": "2h",
      "pause_before": "30s",
      "restart_check_command": "powershell -command \"& {Write-Output 'restarted.'}\""
    }
  ]
}

Hi @danielsollondon,
I was checking AAD login option by creating VM from the win 2019 image built using image builder and I see the warning message "This image does not support Login with AAD." As per the MS docs, AAD login is supported for windows 2019 data center edition: https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows#enabling-azure-ad-login-in-for-windows-vm-in-azure

I noticed the same warning message for Rhel 7..
Is this a bug? Can you please check this by creating VM from 2019 datacenter image from your side?

In preparation for GA, the AIB team is now releasing more features, starting with a new API version.

Actions Required
Please review the documentation for the latest API version, and take action for these breaking changes:

1. identity is a mandatory requirement, please review the May Service Update document, on how to add this to your templates.
2. vnetConfig - this specification is changing, from providing, name, subnetName, resourceGroupName to just subnetId, you will need to update you JSON template and create a new AIB template.
3. Review steps for operating and maintaining image templates created with the previous API version, and what will happen with new templates created.

For details see here

FAQs
• What about the AIB Azure DevOps? - The DevOps task is hard coded to use an API version, this will be updated, but continue to work without interuption.
• When will we announce the new functionality? - The new features will be documented by 28th May
• Can I use existing documentation? - Yes, examples that have breaking changes will be updated.

Hello, I'm distributing from Image Builder to a Shared Image Gallery. The Image name seems is not possible to be set. Currently, the image is named with something like "0.24254.42935" or "0.24254.53522".
To have proper versioning, it is needed to be able to set the name, so to name each version like "0.0.1".
I have checked the latest version of the schema here (https://github.com/Azure/azure-rest-api-specs/blob/master/specification/imagebuilder/resource-manager/Microsoft.VirtualMachineImages/stable/2020-02-14/imagebuilder.json) but also there I do not see a way, inside the "SharedImage" item of the "distribute" section, a property to set to configure this value.

Here an example of the bad naming on how images end up inside the Image definition.

Hi, there is misstake in:
https://github.com/danielsollondon/azvmimagebuilder/blob/master/quickquickstarts/0_Creating_a_Custom_Windows_Managed_Image/readme.md

is:

remove definitions

Remove-AzRoleDefinition -Name "$idenityNamePrincipalId" -Force -Scope "/subscriptions/$subscriptionID/resourceGroups/$imageResourceGroup"

should be:

remove definitions

Remove-AzRoleDefinition -Name "$imageRoleDefName" -Force -Scope "/subscriptions/$subscriptionID/resourceGroups/$imageResourceGroup"

Don't know if the is the correct place to put this. I've been trying to use the imageBuilder. I've written a script based on your quick quickStarts. I am trying to delete the created imageTemplate but it refuses. There are no other resources other than his template and resource group.

Remove-AzResource : {
  "code": "OperationNotAllowed",
  "message": "Operation 'Microsoft.VirtualMachineImages/imageTemplates/delete' is not allowed in provisioningState: 'provisioned', runState: 'running'"
 }
CorrelationId: {redacted}
At line:1 char:1
+ Remove-AzResource -ResourceId "/subscriptions/{redacted} ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : CloseError: (:) [Remove-AzResource], ErrorResponseMessageException
    + FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.RemoveAzureResourceCmdlet

I have attempted to distribute a Windows Image which has been heavily customised (customisation takes about 2 hours). I have attempted to distribute via both a Managed Image and a Shared Image Gallery, I am using West US for the build process (as it is not available in the EU yet) but I need the images available in North Europe for deployment.

Managed Image

Code

{ "type": "ManagedImage", "imageId": "[concat(subscription().id,'/resourceGroups/',parameters('imageGalleryResourceGroup'),'/providers/Microsoft.Compute/images/',parameters('imageTemplateName'))]", "location": "[resourceGroup().location]", "runOutputName": "[concat('MI-',parameters('imageTemplateName'))]", "artifactTags": { "source": "azVmImageBuilder", "baseosimg": "[concat('Windows10EVD',parameters('OSVersion'))]" } }

Error

"statusMessage": "{\"status\":\"Failed\",\"error\":{\"code\":\"ResourceOperationFailure\",\"message\":\"The resource operation completed with terminal provisioning state 'Failed'.\",\"details\":[{\"code\":\"InternalOperationError\",\"message\":\"Failed in distributing 1 images out of total 1: {[Error 0] [Distribute 0] Error copying VHD blob to 'northeurope': Failed while waiting for blob copy: Error getting blob copy status: Failed executing Get Blob Properties request: Head https://pa6aagol7g08o9jnklbzk77i.blob.core.windows.net/vhds/6c8bdd50-dde0-42c7-a5b9-6ace352b723e.vhd?se=2019-11-08T22%3A28%3A58Z&sig=mZPZRP%2F5pDlXQyaTvwAZScPM3KHaGjywK7VPy%2FEgo18%3D&sp=rw&spr=https&sr=b&sv=2016-05-31&timeout=1: context deadline exceeded}\"}]}}"

Shared Image Gallery

Code

{ "type": "SharedImage", "galleryImageId": "[concat(subscription().id,'/resourceGroups/',parameters('imageGalleryResourceGroup'),'/providers/Microsoft.Compute/galleries/',parameters('imageGalleryName'),'/images/',parameters('imageTemplateName'))]", "location": "[resourceGroup().location]", "runOutputName": "[concat('SIG-',parameters('imageTemplateName'))]", "artifactTags": { "source": "azVmImageBuilder", "baseosimg": "[concat('Windows10EVD',parameters('OSVersion'))]" }, "replicationRegions": [ "[resourceGroup().location]" ] }

Error

Unable permission denied when attempting to access the Gallery Image despite adding owner rights to the Managed Identity

Any thoughts or suggestions would be appreciated

I have managed identity with owner permission set, I have had the template configured perfectly including adding the correct identity block, subscription ID, api version...etc, I have zero custom configurations set. I'm in the correct region ("us west 2", the only thing it has to do is build an ubuntu 18.04 image. While the template successfully uploads, it NEVER executes. It simply repeats the same useless msg:
"statusMessage": "{"status":"Failed","error":{"code":"ResourceOperationFailure","message":"The resource operation completed with terminal provisioning state 'Failed'.","details":[{"code":"InternalOperationError","message":"Failed in distributing 1 images out of total 1: Some error happened, please check the error details.","details":[{"code":"InternalOperationError","message":"Internal error occurred. This is a generic error. To identify possible causes, go to https://aka.ms/azvmimagebuilderts."}]}]}}",

my json

{
    "type": "Microsoft.VirtualMachineImages/imageTemplates",
    "apiVersion": ""2020-02-14"",
    "location": "westus2",
    "dependsOn": [],
    "tags": {
        "imagebuilderTemplate": "ubuntu1804",
        "userIdentity": "enabled"
            },
        "identity": {
            "type": "UserAssigned",
                    "userAssignedIdentities": {
                        "/subscriptions/<subId>/resourcegroups/<rg>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azureimagebuilder": {}
                        
                }
                },
    "properties": {

        "buildTimeoutInMinutes" : 80,
        
        "vmProfile": 
            {
            "vmSize": "Standard_D1_v2",
            "osDiskSizeGB": 40
            },

        "source": {
            "type": "PlatformImage",
                "publisher": "Canonical",
                "offer": "UbuntuServer",
                "sku": "18.04-LTS", 
                "version": "18.04.201903060"
            
        },
        "customize": [
            {
                "type": "Shell",
                "name": "RunScriptFromSource",
                "scriptUri": "https://raw.githubusercontent.com/danielsollondon/azvmimagebuilder/master/quickquickstarts/customizeScript.sh"
            },

            {
                "type": "Shell",
                "name": "CheckSumCompareShellScript",
                "scriptUri": "https://raw.githubusercontent.com/danielsollondon/azvmimagebuilder/master/quickquickstarts/customizeScript2.sh",
                "sha256Checksum": "ade4c5214c3c675e92c66e2d067a870c5b81b9844b3de3cc72c49ff36425fc93"
            },
            
            {
                "type": "File",
                "name": "downloadBuildArtifacts",
                "sourceUri": "https://raw.githubusercontent.com/danielsollondon/azvmimagebuilder/master/quickquickstarts/exampleArtifacts/buildArtifacts/index.html",
                "destination":"/tmp/index.html"
            },

            {
                "type": "Shell",
                "name": "setupBuildPath",
                "inline": [
                    "sudo mkdir /buildArtifacts",
                    "sudo cp /tmp/index.html /buildArtifacts/index.html"
                ]
            },

            {
                "type": "Shell",
                "name": "InstallUpgrades",
                "inline": [
                    "sudo apt install unattended-upgrades"
                ]
            }

        ],
        "distribute": 
            [
                {   "type":"ManagedImage",
                    "imageId": "/subscriptions/<subsctID>/resourceGroups/<RG>/providers/Microsoft.Compute/images/shouldwork",
                    "location": "westus",
                    "runOutputName": "shouldwork",
                    "artifactTags": {
                        "source": "azVmImageBuilder",
                        "baseosimg": "ubuntu1804"
                    }
                }
            ]
        }
    }

Hello. I have been exploring the AIB service for the past week or so, having no issues via the ARM template method but now looking at the DevOps based deployment but running into an issue.

The image build process seems to run properly via DevOps (template uploads, IT_* resource group created, customization.log looks clean) however the build errors during deployment of the Managed Image:

Error: post template call failed for template t_******* with error: Failed in distributing 1 images out of total 1: Some error happened, please check the error details. (CODE: 200)

I cannot seem to find any further details on the error.

On the DevOps task, the type is "ManagedImage" and the Image ID is:

/subscriptions/<sub>/resourceGroups/<targetRG>/providers/Microsoft.Compute/images/<imagename>

The Devops/Azure authorization is scoped to the AIB targeted resource group and has the Contributor role on the RG.

EDIT: Also created a new DevOps service connection at the Subscription level and experiencing the same error.

Changing the type to VHD, the release runs properly. It feels like permissions but I can't seem to isolate where. Any advice would be appreciated.

Thanks!

Receiving this error when trying to deploy a AIB Template......this was working without issue last week. Any ideas? Nothing else to go on.

{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"BadRequest","message":"{\r\n "error": {\r\n "code": "BadRequest",\r\n "message": "\r\n<title>400 The SSL certificate error</title>\r\n<body bgcolor=\"white\">\r\n

400 Bad Request

when I run the following, it come back with the return error , I have verified all resource providers are registered and the AZ module is the latest, please assist

Returned error
New-AzRoleAssignment : Principal cf32a0cc373c47c991560db11f6a6dfc does not exist in the directory f32b97f0-efb8-4bc3-91ee-18a6e5f635c9.

Command executed
PS C:\GitHub\AIS\AFC> New-AzRoleAssignment `

-ObjectId cf32a0cc-373c-47c9-9156-0db11f6a6dfc -Scope /subscriptions/$subscriptionID/resourceGroups/$imageResourceGroup
-RoleDefinitionName Contributor

After creating more samples, running the code in AZ CLI or AZ PS quick starts, when you create the role definition fails:
A role definition cannot be updated with a name that already exists.

Even if you try to delete it, or assign it, it fails, it is suspected (not confined yet) this is because it may already exist in the AD tenant, because another user in your organization has created it, but not deleted it.

I will be updating the samples to ensure role definition names are unique. If you encounter this now, just edit the role definition. We have planned to release public Azure VM Image Builder Roles.

Hello,
I'm able to specify a different source (see below excerpt) as the base image. However, I would like to customize the base image to enable certain features. For example, I want to allow SQL authentication and create an SA account. How can I accomplish this?

       "source": {
            "type": "PlatformImage",
            "publisher": "MicrosoftSQLServer",
            "offer": "sql2019-ws2019",
            "sku": "sqldev",
            "version": "15.0.200114"
        },

I would like to let AIB use files which are currently access limited via the Azure Storage Firewall. This has an option for Microsoft Trusted services to bypass the firewall to continue to work as expected however AIB isn't on this list. Would it be possible to add AIB to this list of trusted services?

When I run the example(I missed the role assignment part), I got the below error. After contacting with Azure help desk, I found that the client object ID mentioned ending with d911 is actually the Azure VirtualMachine Image Builder app's principle ID.

After seeing this error, I have successfully created my custom image by adding creating role assignment for this id to my resource group then try again.

So I think the principle ID of image builder app might have changed?

Deployment failed. Correlation ID: 2354bbd8-1d32-4d43-8106-bfad77f2d8b7. Failed in distributing 1 images out of total 1: 
{[Error 0] [Distribute 0] Error publishing VHD to managed image:/subscriptions/********/resourceGroups/********/providers/Microsoft.Compute/images/********, 
Location:WestUS2. 
Error: Creating image from VHD 'https://********.blob.core.windows.net/vhds/51d64cfd-f31f-43cd-95fd-********.vhd' [with 10 retries] reported non-success status 
(Timedout [compute.ImagesClient#Delete: Failure sending request: 
StatusCode=403 -- 
Original Error: Code="AuthorizationFailed" 
Message="The client '53c21081-626a-4ba0-9b76-ff5739b2d911' with object id '53c21081-626a-4ba0-9b76-ff5739b2d911' does not have authorization to perform action 'Microsoft.Compute/images/delete' over scope '/subscriptions/********/resourceGroups/********/providers/Microsoft.Compute/images/********' or the scope is invalid. 
If access was recently granted, please refresh your credentials."])}

Also, try to create role assignment with the xx6dfc mentioned in this repo's doc will get a result returned by azure that contains a principle ID of xxd911, this is strange. I can only guess that xx6dfc was replaced by xxd911.

az role assignment create --assignee cf32a0cc-373c-47c9-9156-0db11f6a6dfc  --role Contributor --scope /subscriptions/********/resourceGroups/********
{
  "canDelegate": null,
  "id": "/subscriptions/********/resourceGroups/********/providers/Microsoft.Authorization/roleAssignments/ae5d9fe7-68f6-4b5f-9985-6097a61ab3bb",
  "name": "ae5d9fe7-68f6-4b5f-9985-6097a61ab3bb",
  "principalId": "53c21081-626a-4ba0-9b76-ff5739b2d911",
  "principalType": "ServicePrincipal",
  "resourceGroup": "svpc_image_rg",
  "roleDefinitionId": "/subscriptions/********/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c",
  "scope": "/subscriptions/********/resourceGroups/********",
  "type": "Microsoft.Authorization/roleAssignments"
}

This is seen when running:
az feature show --namespace Microsoft.KeyVault --name VirtualMachineTemplatePreview | grep state

This is a doc bug and can be safely ignored, this will be removed.

Full Error Message:
Deployment failed. Correlation ID: ba81a3e2-119e-4992-bd4a-95281cb5d177. Failed in building/customizing image: Failed in customizing image: Failed while waiting for packerizer: Microservice has failed: Failed while processing request: Error when executing packerizer: Packer build command has failed: exit status 1. During the image build, a failure has occurred, please review the build log to identify which build/customization step failed. For more troubleshooting steps go to https://aka.ms/azvmimagebuilderts. Image Build log location: https://xkzlyccln2x4qrzk8r60s8oc.blob.core.windows.net/packerlogs/*************************/customization.log. OperationId: 019d793b-66fc-480f-9b5f-6de798958520. Use this operationId to search packer logs.

In the customization.log file i see below error:

[019d793b-66fc-480f-9b5f-6de798958520] PACKER OUT ==> azure-arm: ERROR: -> InvalidTemplateDeployment : The template deployment failed because of policy violation. Please see details for more information.
[019d793b-66fc-480f-9b5f-6de798958520] PACKER ERR 2019/11/06 08:38:20 packer: 2019/11/06 08:38:20 Packer config: &{DisableCheckpoint:false DisableCheckpointSignature:false PluginMinPort:10000 PluginMaxPort:25000 Builders:map[] PostProcessors:map[] Provisioners:map[]}

i have provide Image builder as contributor role to the resource group. please suggest

I've included the WindowsUpdate provisioner for patching a Windows 10 multisession 1909 virtual machine. Of the ten launches I've done, only once it finished successfully, all the other times it goes into a loop. See the attached extract of the customization.

customization - extract.log
log

Please review the May 2020 Service Update

I am considering using Azure Image Builder to build images that can be used both in Azure and on-premise. However the generated VHD physical size is large, as it is a fully expanded disk image. This means effectively downloading a large file (e.g. 127gb) from the internet which is mostly unused space.

It would be great if we could have an added property to the "VHD" distribute type that runs the "Compact" operation if set to true, so that the generated VHD is significantly smaller for download.

So for example the VHD distribute section of the AIB ARM template might look like:

"distribute": 
[
    { 
        "type": "VHD",
        "runOutputName": "aibTemplate",
        "compact": true
    } 
    
]

The Powershell commands required to compact a VHD are:

Mount-VHD .\aibImage.vhd -ReadOnly
Optimize-VHD .\aibImage.vhd -Mode Pretrimmed
Dismount-VHD .\aibImage.vhd

# Pretrimmed: Utilizes information from the trim/unmap commands to detect unused blocks.
# Does not look for empty blocks and does not query the contained file system for unused blocks.

This site contains a nice powershell function to do this.

Many thanks
Tim

This is the error i'm getting on starting the image build for Create a Windows Custom Image from an Azure Platform Vanilla OS Image

When revisiting this after some time, to see if progress had been made, we are receiving the issue below :-

[error]Error: put template call failed for template t_1583248310130 with error: The subscription is not registered for the resource type 'imageTemplates'. Please check that the resource type exists and re-register for this provider in order to have access to this resource type. (CODE: 409)

Hi,
was wondering if the Azure image builder PowerShell provisioner provides the means to inject 'parameters' to further use in the scripts.

In packer one can use environment vars to inject values before script execution.

I did not find any example in the repo or in the docs online.

The following ARM template provides a workaround, but this isn't suitable when using a script ref?

could you provide any guidance?

Thanks,
Stijn

The source Image is 20h1 Multi-user from the azure gallery.

                {
                    "type": "PowerShell",
                    "name": "RSAT",
                    "inline": [
                        "Get-WindowsCapability -Online |where Name -like rsat.* | Add-WindowsCapability -Online",
                        "Enable-WindowsOptionalFeature -Online -FeatureName  Microsoft-Hyper-V-Management-PowerShell -all"
                    ]
                },

give me the error

[b3a6c657-91b6-4bad-a395-24b80f735fb3] PACKER OUT ==> azure-arm: Add-WindowsCapability : Access is denied.
[b3a6c657-91b6-4bad-a395-24b80f735fb3] PACKER OUT ==> azure-arm: At C:\Windows\Temp\script-5eff3928-bf58-637e-f14f-4c41596bf9d8.ps1:1 char:58
[b3a6c657-91b6-4bad-a395-24b80f735fb3] PACKER OUT ==> azure-arm: + ... lity -Online |where Name -like rsat.* | Add-WindowsCapability -Online
[b3a6c657-91b6-4bad-a395-24b80f735fb3] PACKER OUT ==> azure-arm: +                                             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Image build is not available in any region currently, from 10am 1/31 Pacific, team working to resolve, see here and teams channel for updates.

Due to limited permission, can't create new Resource group while building image.
how can use - build_resource_group_name as we can use in packer ?

Hello,

I would like to create image with RHEL7.5, template that previously worked, but I got error in CLI:
Deployment failed. Correlation ID: 22bfe2f3-5aa7-4aa8-9d25-f9f78c50fedf. Failed in building/customizing image: Failed in customizing image: Failed while waiting for packerizer: Microservice has failed: Failed while processing request: Error when executing packerizer: Packer build command has failed: exit status 1. During the image build, a failure has occurred, please review the build log to identify which build/customization step failed. For more troubleshooting steps go to https://aka.ms/azvmimagebuilderts. Image Build log location: https://xXxxXxx.blob.core.windows.net/packerlogs/01a41885-d410-465a-8699-0a33d67cd257/customization.log. OperationId: a7623644-74cb-4c88-b8c5-88c2b3386080. Use this operationId to search packer logs.

In customization.log, I found some errors:
[a7623644-74cb-4c88-b8c5-88c2b3386080] PACKER OUT ==> azure-arm: -> image : 'https://xXxxXxx.blob.core.windows.net/images/pkroslomoirwt95.vhd' [a7623644-74cb-4c88-b8c5-88c2b3386080] PACKER OUT ==> azure-arm: Error deleting resource. Please delete manually. [a7623644-74cb-4c88-b8c5-88c2b3386080] PACKER ERR 2019/09/22 22:10:00 ui error: ==> azure-arm: Error deleting resource. Please delete manually. [a7623644-74cb-4c88-b8c5-88c2b3386080] PACKER OUT ==> azure-arm: [a7623644-74cb-4c88-b8c5-88c2b3386080] PACKER ERR ==> azure-arm: [a7623644-74cb-4c88-b8c5-88c2b3386080] PACKER OUT ==> azure-arm: Name: https://xXxxXxx.blob.core.windows.net/images/pkroslomoirwt95.vhd [a7623644-74cb-4c88-b8c5-88c2b3386080] PACKER ERR ==> azure-arm: Name: https://xXxxXxx.blob.core.windows.net/images/pkroslomoirwt95.vhd [a7623644-74cb-4c88-b8c5-88c2b3386080] PACKER OUT ==> azure-arm: Error: storage: service returned error: StatusCode=404, ErrorCode=BlobNotFound, ErrorMessage=The specified blob does not exist. [a7623644-74cb-4c88-b8c5-88c2b3386080] PACKER ERR ==> azure-arm: Error: storage: service returned error: StatusCode=404, ErrorCode=BlobNotFound, ErrorMessage=The specified blob does not exist.

Example my properties:
https://gist.github.com/aszykm/2f5ce1f1dbe3005047f73255dd70d64c

Hello,
Thanks for the sample for using azure VM image builder. I tried few of them and it worked for me.. I am facing problem when using User identity while building windows 2019 image. I tried with various 2019 version from Marketplace but no luck. Also, Windows Update goes into infinite loop with RPC communication failure.

Here is what i am trying to do with your existing template:
Stage file from storage container to VM drive and have noticed the entire packer process crashes when trying to build image at the very end after waiting for hour. Also, when I use windows-update, RPC communication fails. I noticed this when using user identity.

Do you have some samples for Windows 2016 or 2019 image build using user identity?

Here are the sample i am trying to use in customize?

{
                        "type": "PowerShell",
                        "name": "buildArtifactsdir",
                        "runElevated": false,
                        "inline": [
                            "mkdir c:\\buildArtifacts"
                        ]
                    },
                    {
                        "type": "File",
                        "name": "postConfig",
                        "sourceUri": "https://storageaccount.blob.core.windows.net/container/win2019.ps1",
                        "destination": "c:\\buildArtifacts\\win2019.ps1"
                    }

We are seeing build failures issue with the latest MicrosoftWindowsServer:WindowsServer:2016-Datacenter source image, version: 14393.3326.1911120150

If you look in the customization.log, you will see this error:
[9bd218e8-11c5-4820-87a8-c5f667c41c7d] PACKER OUT Build 'azure-arm' errored: Timeout waiting for WinRM.
[9bd218e8-11c5-4820-87a8-c5f667c41c7d] PACKER ERR 2019/11/26 06:54:32 machine readable: azure-arm,error []string{"Timeout waiting for WinRM."}

This has just started happening with this image version, if we rollback to the previous version, there is no issue.

MicrosoftWindowsServer:WindowsServer:2016-Datacenter: 14393.3274.1910061629

We are investigating this with the Windows team, updates will be posted here.

I get this error trying to setup our tenant.

New-AzRoleAssignment: Principal ef5111396170438ea6e1763dc31bdf74 does not exist in the directory

I get the feeling I'm missing some pre-req not in the docs

Some of the Azure Docs examples are broken, this because the backend templates in this repo have been updated, and using "identity", the Azure docs are being updated now, apologies.

Note, these GitHub docs were updated to support "identity".

Hi, in the documentation there are links to videos stored on teams and also a reference to a teams channel for Q&A, however both are not public links.

Hey guys,

Running into an issue running this task in Azure DevOps. I have followed this setup guide and when I try to run the task with a Shared Image Library. It fails with the error Error: put template call failed for template t_1578507314769 with error: Internal error occurred. (CODE: 200)

I have attached my logs.

Thanks!
az-devops-log.txt

If you are using managed identity to access azure storage (similar to this Quickstart) we have an issue with the service that is causing builds to fail, this is agnostic of source OS.

I will test, and update the docs, please give me 24hrs.

Apologies for the inconvenience here.

Thanks,

Following your quickstart documentation, I made the necessary modifications to the scripts to use my existing vnet name etc, but every time I get to the "Build the image" step (where you're supposed to run Invoke-AzResourceAction) it always fails to build.

If I try to proceed to the VM deployment step anyways, it fails there too, indicating that the image is definitely not getting built successfully.

I'm running this in a Trial Azure subscription. I can provide all my source code (modified copies of the scripts from the quickstart), just let me know what's needed.

Hi, I have issues using Your example:
https://github.com/danielsollondon/azvmimagebuilder/blob/master/quickquickstarts/0_Creating_a_Custom_Windows_Managed_Image/helloImageTemplateWin.json

but I'm changing source for windows 10 enterprise (as documentation says it is supported)

                "source": {
                    "type": "PlatformImage",
                    "publisher": "MicrosoftWindowsDesktop",
                    "offer": "Windows-10",
                    "sku": "19h2-evd",
                    "version": "latest"

But when I’m trying to deploy template there is error:

New-AzResourceGroupDeployment -ResourceGroupName $imageResourceGroup -TemplateFile $templateFilePath -api-version "2019-05-01-preview" -imageTemplateName $imageTemplateName -svclocation $location
New-AzResourceGroupDeployment: 19:04:30 - The deployment 'helloImageTemplateWin' failed with error(s). Showing 1 out of 1 error(s).
Status Message: The resource operation completed with terminal provisioning state 'Failed'. (Code: ResourceDeploymentFailure)
 - Internal error occurred. (Code:InternalOperationError)
CorrelationId: 70f100f0-20eb-42df-a2db-b675b6fd4b20

In portal.azure.com there is new empty resource group IT_*
After that I have to remove that template and I can start over but after 2 days with no luck I have out of new ideas to solve this.

trying to delete my template.
first did a cancel command. but now its stuck.

Operation Microsoft.VirtualMachineImages/imageTemplates/delete is not allowed in provisioning state: provisioned or run state: canceling.

its in this state for about 19 hours.

Does the canceling timeout? so i can delete the template. or can i force delete it?

Hi Daniel,

I am trying to use an existing virtual network rather than setup a new when creating my image template, but am unsure of the network parameter/property names to use in my template file.

For example, when creating a template with packer, I use the following parameter names under builders:

"virtual_network_name"
"virtual_network_resource_group_name"
"virtual_network_subnet_name"

Do you happen to know the equivalent parameter names to use under properties in an AIB template file?

Any help would be gratefully appreciated.

Thanks in advance for your support,

Terry

You will start seeing this error from the 26th May, if your templates do not include 'identity'.

Please review the May 2020 Service Update

hi

I am trying the example on

1_Azure_DevOps

the release pipeline Succeeded, then vm image is created, files are baked in but looks like the PowerShell-customize inline scripts do not get executed at all!

am i missing some step?

any help will be very much appreciated.

Thank you and regards
ehab

Hi,
I am using multiple File customizer to place certain artifacts on the image.
But once i create a VM from created image, I could not find the artifact at destination location.
{
"type": "File",
"name": "downloadBuildArtifacts",
"sourceUri": "https://raw.githubusercontent.com/danielsollondon/azvmimagebuilder/master/quickquickstarts/exampleArtifacts/buildArtifacts/index.html",
"destination":"/tmp/index.html"
},
{
"type": "File",
"name": "sparkArtifact",
"sourceUri": "https://xyz.blob.core.windows.net/imageartifact/abc.jar",
"destination":"/tmp/abc.jar"
},

Hi Daniel, could you move this repository to Microsoft organization so that it can be found easily and trusted by users?

This is a new issue, but the deprovisioning script appears to be a constant loop.

[d50d81fb-d7cd-4094-9715-e11e39eda8ef] PACKER OUT ==> azure-arm: At C:\DeprovisioningScript.ps1:3 char:9
[d50d81fb-d7cd-4094-9715-e11e39eda8ef] PACKER OUT ==> azure-arm: + while ((Get-Service WindowsAzureTelemetryService).Status -ne 'Running ...
[d50d81fb-d7cd-4094-9715-e11e39eda8ef] PACKER OUT ==> azure-arm: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[d50d81fb-d7cd-4094-9715-e11e39eda8ef] PACKER OUT ==> azure-arm: + CategoryInfo : ObjectNotFound: (WindowsAzureTelemetryService:String) [Get-Service], ServiceCommandExcep
[d50d81fb-d7cd-4094-9715-e11e39eda8ef] PACKER OUT ==> azure-arm: tion
[d50d81fb-d7cd-4094-9715-e11e39eda8ef] PACKER OUT ==> azure-arm: + FullyQualifiedErrorId : NoServiceFoundForGivenName,Microsoft.PowerShell.Commands.GetServiceCommand
[d50d81fb-d7cd-4094-9715-e11e39eda8ef] PACKER OUT ==> azure-arm:
[d50d81fb-d7cd-4094-9715-e11e39eda8ef] PACKER OUT ==> azure-arm: Get-Service : Cannot find any service with service name 'WindowsAzureTelemetryService'.

We have tried a few ways to update the timezone, but it keeps defaulting back to UTC.
We even tried the following customizer.

{
“type”: “PowerShell”,
“name”: “settingUpMgmtAgtPath”,
“runElevated”: true,
“inline”: [
“mkdir c:\buildActions1”,
“Set-TimeZone -Id ‘US Mountain Standard Time’“,
“echo Azure-Image-Builder-Was-Here > c:\buildActions1\buildActionsOutput.txt”
]
}

Running through samples (great work by the way), and found some typo's in executing some of the steps in "Create a Custom Windows Image from an Azure Platform Vanilla OS Image"

Revised README.md lines below, or have updated copy in a fork https://github.com/timstockford/azvmimagebuilder/blob/sample-runthrough/quickquickstarts/0_Creating_a_Custom_Windows_Managed_Image/readme.md or I can submit a pull request, whichever method preferred.

Step 2 : Modify HelloImage Example

curl https://raw.githubusercontent.com/danielsollondon/azvmimagebuilder/master/quickquickstarts/0_Creating_a_Custom_Windows_Managed_Image/helloImageTemplateWin.json -o helloImageTemplateWin.json

Step 3 : Create the Image

az resource create \
    --resource-group $imageResourceGroup \
    --properties @helloImageTemplateWin.json \
    --is-full-object \
    --resource-type Microsoft.VirtualMachineImages/imageTemplates \
    -n helloImageTemplateWin02

az resource invoke-action \
     --resource-group $imageResourceGroup \
     --resource-type  Microsoft.VirtualMachineImages/imageTemplates \
     -n helloImageTemplateWin02 \
     --action Run 

Clean Up

az resource delete \
    --resource-group $imageResourceGroup \
    --resource-type Microsoft.VirtualMachineImages/imageTemplates \
    -n helloImageTemplateWin02

Next Steps

If you loved or hated Image Builder, please go to next steps to leave feedback, contact dev team, more documentation, or try more examples [here](../nextSteps.md)]

Hi,

It looks like some part of the packaging process tries to spin up a Dv2 family VM.

Right now I'm at my max quota for this - I know how to request an increase in quota.

What I'd like to know is where in the process is the Dv2 being called and is there a configuration option to specify a different VM class.

Thanks!

fddf68f1-6605-432d-9e8f-abf25c3f8059] PACKER ERR 2019/10/08 20:42:05 packer: 2019/10/08 20:42:05 Azure response status="400 Bad Request" method="POST"  
body="{\"error\":{\"code\":\"InvalidTemplateDeployment\",\"message\":\"The template deployment 'pkrdpyew5c23775' is not valid according to the validation procedure. The tracking id is 'a5935223-a591-4e73-b9db-5a1aefc6e9d2'. See inner errors for details.\",
\"details\":[{\"code\":\"QuotaExceeded\",\"message\":\"The operation couldn't be completed as it results in exceeding quota limit of standardDv2Family Cores. Maximum allowed: 10, Current in use: 22, Additional requested: 1. Read more about quota limits at https://aka.ms/AzurePerVMQuotaLimits.

• Jack

We are finding that image builder builds are hanging when configuring rs5-enterprisen sku and rs5-pro sku, this is when the PowerShell customizer is running commands as an elevated user, in my repro, just creating directories. This does not happen with rs5-evd.

We are investigating what is happening here.

This section mentions granting access but not the recipient. An objectId is provided in the command but it is not clear who it belongs to, the user? managed Identity?

https://github.com/danielsollondon/azvmimagebuilder/tree/master/quickquickstarts/7_Creating_Custom_Image_using_MSI_to_Access_Storage#step-2-assign-permissions-for-the-resource-group-where-the-image-will-be-created

customization 5.log
I created a project in devops and use the image builder agent task to integrate with azure image builder. The project works fine with the Windows10-Ehv master image. But when I tick the windows update checkbox the build fails with a timeout. Tried multiple times but that checkbox makes it fail.