packer-plugin-amazon icon indicating copy to clipboard operation
packer-plugin-amazon copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

AWS WorkSpaces Image/Bundle Builder

Open ghost opened this issue 4 years ago • 5 comments

This issue was originally opened by @Tensho as hashicorp/packer#9916. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request. Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request. If you are interested in working on this issue or have submitted a pull request, please leave a comment.

Description

AWS workspaces could be run from a bundle. Bundle is a combination of an operating system, storage, compute and software resources. Bundle is based on the image. Image is essentially the same as EC2 AMIs. It would be nice to build them with Packer.

Right now there is no AWS WorkSpace API action to take (create) an image from the workspace. I've submitted a feature request for it in AWS Support.

Use Case

I have a lot of AWS workspaces in my current organization. They have the same Linux baseline (essential system packages, common applications) and deviations depending on the department (some extra configuration tuning or applications installed). It requires a lot of manual actions to introduce any updates to the images. I have to launch a pristine workspace from the baseline image, install the requested software, bake an image, destroy workspace, create a bundle from the new image for a new department or update the existing bundle with the new image for the existing department. AWS proposes to manage Linux workspaces with OpsWorks (Puppet Enterprise). I'd prefer to manage WorkSpaces images with Packer leveraging all the benefits of immutable infrastructure.

ManageWorkspacesImageBundleUpdate

Potential configuration

{
    "builders": [
        {
            "type": "amazon-workspace",
            "image_regions": "us-east-1,eu-central-1",
            "image_users": "111111111111,222222222222",
            "image_name": "acme-linux-{{ isotime \"2006-01-02-15-04-05\" }}",
            "source_bundle_filter": {
                "filters": {
                    "id": "wsb-1wpvxgh6p",
                },
                "owners": [
                    "111111111111"
                ]
            },
            "vpc_filter": {
                "filters": {
                    "tag:Name": "main"
                }
            },
            "subnet_filter": {
                "filters": {
                    "tag:Tier": "private"
                },
                "random": true
            },
            "security_group_filter": {
                "filters": {
                    "tag:Name": "packer"
                }
            },
            "region": "us-east-1",
            "ssh_username": "workspaces\packer",
            "tags": {
                "timestamp": "{{ timestamp }}"
            }
        }
    ],
    "provisioners": [
        {
            "type": "ansible",
            "playbook_file": "ansible/ansible.yml",
            "user": "ec2-user",
            "extra_arguments": [
                "--become",
                "--extra-vars",
                "ami=true"
            ],
            "ansible_env_vars": [
                "ANSIBLE_HOST_KEY_CHECKING=False",
                "ANSIBLE_NOCOLOR=True",
                "ANSIBLE_SSH_ARGS='-o ControlPath=/dev/shm/control:%h:%p:%r'"
            ]
        }
    ]
}

Potential References

ghost avatar Mar 29 '21 12:03 ghost

Bundle Management APIs now generally available for Amazon WorkSpaces https://aws.amazon.com/about-aws/whats-new/2021/03/amazon-workspaces-introduces-bundle-management-apis/

netors avatar Mar 29 '21 14:03 netors

I don't know if they planned to show this or not, but the place that this issue was migrated from had 24 :+1: emojis on it before it was migrated. I don't think very many of those people will know that the issue was migrated, because GH doesn't notify about something unless you are subscribed to it ( which is what I did ), or have commented. An emoji doesn't trigger that response.

So, just to make sure people know this has been a decently requested feature ( 23 + 1 ( mine ( which I did on this issue as well ) ) ). Just wanted to make sure the context carried over :slightly_smiling_face:

elreydetoda avatar Apr 02 '21 02:04 elreydetoda

This is needed; however, I think one of the challenges will be the lack of metadata API or user_data in AWS Workspaces instances. You could workaround this by creating a base image that does some bootstrapping like enable WinRM or SSH, but it's still a manual step, albeit one that scales to produce many images. Another option would be to use the domain join plus group policy to accomplish the same.

bulebuk avatar Apr 14 '21 18:04 bulebuk

Any update on this request? Is there somewhere we can go to see if this is in the pipeline?

Fringe09 avatar Feb 08 '23 17:02 Fringe09

Has anyone attempted to use Packer to create an EC2 AMI like normal, and then workspaces:ImportWorkspaceImage to turn it into a Workspace Image?

lorengordon avatar Jul 25 '23 22:07 lorengordon