This guide walks through the process of setting up a virtual machine (VM) with AlmaLinux 9 using HashiCorp Packer and the vSphere ISO plugin. I will create a Packer template, configure a Kickstart file, and automate post-configuration using an Ansible playbook.
With Packer we can create a virtual machine image in a vSphere environment starting from a single source configuration. It has a collection of builders like vSphere ISO that is used to create VMs in vSphere.
Packer vSphere builder build a new virtual machine starting from an ISO image file. It proceeds to the OS installation automatically from the Kickstart file configuration.
A boot command in vSphere builder configuration, is responsible to get kickstart file and start the installation of AlmaLinux. The boot_command specifies the necessary parameters like the keyboard keys should be typed in order to start the isntallation after the first boot.
When installation of operating system is finished, there is another builder plugin that performs a helper task like running an Ansible Packer provisioner.
Prerequisites
Before starting, ensure you have the following:
- Packer: Download and install from HashiCorp’s website.
- Access to a vSphere environment.
- An ISO image of AlmaLinux 9.
- Ansible installed on your local machine.
Directory Structure
Here is an example structure of the project:
almalinux-vm-setup/
├── almalinux_template.pkr.hcl
├── ks_file/
│ └── ks.cfg
├── almalinux_ed25519
├── almalinux_ed25519.pub
└── ansible/
└── playbook.ymlStep 1: Create the Packer Template
The configuration file that determines the Packer’s behavior is the Packer template, which consists of a series of declarations and commands for Packer to follow. This template tells Packer what plugins to use, how to configure each one, and what order to run them in. Packer template uses the HLC2 configuration language used by Terraform and HashiCorp.
The template file has the extension .pkr.hcl that is recognized by packer init, and build commands. On top of the file we define the necessary variables. The variables are accessible directly by giving them the var. prefix. For example vcenter_server = var.vsphere_server.
# almalinux_template.pkr.hcl
variable "vsphere_server" {
type = string
default = "10.3.2.50"
}
variable "vsphere_user" {
type = string
default = "[email protected]"
}
variable "vsphere_password" {
type = string
default = "userpass"
}
variable "datacenter" {
type = string
default = "MainDataCenter"
}
variable "host" {
type = string
default = "esxi.example.com"
}
variable "datastore" {
type = string
default = "MainDataStore"
}
variable "network_name" {
type = string
default = "VM Network"
}
variable "network_card" {
type = string
default = "vmxnet3"
}
variable "ssh_host" {
type = string
default = "10.3.2.5"
}The packer block gathers together a number of settings related to version and plugins.
packer {
required_plugins {
vsphere = {
version = ">= 1.4.2"
source = "github.com/hashicorp/vsphere"
}
ansible = {
version = "~> 1"
source = "github.com/hashicorp/ansible"
}
}
}In the same file, the source block defines the VM parameters like CPU, network, disks and memory size. The http_directory parameter is required. Packer will start a temporary http server to send the Kickstart file in the new VM in order to start the OS installation. If we omit http_directory parameter http server will not start.
The first label “vsphere-iso” is the builder type. The second label “almalinux” is the unique name of the source.
source "vsphere-iso" "almalinux" {
vcenter_server = var.vsphere_server
username = var.vsphere_user
password = var.vsphere_password
datacenter = var.datacenter
datastore = var.datastore
host = var.host
insecure_connection = true # Do not validate the certificate of the vCenter Server instance
# Packer will create an http server serving http_directory when it is set.
# Kickstart file in this directory will be available to virtual machine over HTTP request
http_directory = "ks_file"
# Set VM name, OS type, CPUs, RAM, Hard Disk and Network adapter.
vm_name = var.vm_name
guest_os_type = "rhel9_64Guest"
CPUs = 4
cpu_cores = 2
RAM = 4096
disk_controller_type = ["pvscsi"]
storage {
disk_size = 81920
disk_thin_provisioned = true
}
network_adapters {
network = var.network_name
network_card = var.network_card
}
# Packer will attempt to connect via ssh after setup.
ssh_host = var.vm_ip_address
ssh_username = "almalinux"
ssh_password = "almAl1nux."
ssh_timeout = "60m"
ssh_handshake_attempts = 1000
ssh_private_key_file = "almalinux_ed25519"
# ISO path to find the guest OS image.
iso_paths = ["[ESXNFS] _ISOs/AlmaLinux-9.4-x86_64-minimal.iso"]
# Boot command includes the parameters for the installation.
# When the VM is booted then the escape key is pressed.
# Except of linux kernel and initial RAM disk, the boot option inst.ks is
# provided to give the location of kickstart file.
# Boot loader will request the kickstart file from http server of Packer
boot_command = ["<esc><wait>", "vmlinuz initrd=initrd.img ", "inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ks_preseed.cfg ", "<enter>"]
boot_wait = "3s"
}At the end of the template file, the build block defines the sources are going to build. Also in the same block we define nay provisioners. The build of machine will found in source block will start and when it is done, it will start the Ansible provisioner. The Ansible Packer provisioner runs Ansible playbooks. For the Ansible, if we don’t give a user parameter, and use_proxy is false, Ansible uses the ssh_username and key. If use_proxy is true then Ansible provisioner uses the user run the packer command. In the example below the use_proxy=false will prevent the proxy SSH server to start and Ansible will attempt to connect directly to the new server.
build {
sources = [
"source.vsphere-iso.almalinux"
]
provisioner "ansible" {
playbook_file = "./ansible/playbook.yml"
use_proxy = false
ansible_env_vars = [
"ANSIBLE_HOST_KEY_CHECKING=False"
]
}
}Step 2: Configure the Kickstart File
The kickstart file includes the rules for the OS installation. An easy way to obtain a kickstart file is to get it from a linux machine that you have setup manually. In /root directory you can find the file anaconda-ks.cfg that includes all the necessary directions for the installation you have done manually. You can get the same file and make the appropriate modifications.
This is a simple kickstart file. In %post block I install open-vm-tools and this is necessary because Packer will need them to communicate with the operating system after the installation. Otherwise the process will stuck in “Wainting for IP…” status.
Also in this file I have created the user almalinux that will be used by the SSH Packer communicator. Communicator is the mechanism Packer uses to upload files, execute scripts, etc. with the machine being created. Packer will use the ssh_username and ssh_password that will find in almalinux_template.pkr.hcl file.
# ks.cfg
# Run installation in text mode
text
%addon com_redhat_kdump --disable
%end
# Keyboard layouts
keyboard --vckeymap=gr --xlayouts='us'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=static --device=ens192 --gateway=10.3.2.1 --ip=10.3.2.5 --nameserver=10.3.2.1 --netmask=255.255.255.0 --ipv4-dns-search=example.net --noipv6 --activate
network --hostname=alma.example.net
# Use CDROM installation media
cdrom
%packages
@^minimal-environment
%end
# Run the Setup Agent on first boot
firstboot --enable
# Generated using Blivet version 3.6.0
ignoredisk --only-use=/dev/sda
# Partition clearing information
clearpart --none --initlabel
# Disk partitioning information. Create an ext4 partition 78GB and a swap 2GB.
part / --fstype="ext4" --ondisk=sda --size=79872 --label=SystemHDD
part swap --fstype="swap" --ondisk=sda --size=2047
# System timezone
timezone Europe/Athens --utc
# Root password. Create encrypted password with the command openssl passwd -6 or give the password in plain text without --iscrypted attribute.
rootpw --allow-ssh r00tPass
user --name=almalinux --password=almAl1nux.
# Disable SELinux
selinux --disabled
%post
yum -y install open-vm-tools # This is necessary
mkdir /home/almalinux/.ssh
chmod 700 /home/almalinux/.ssh
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH4KzuyoCJwfiDJS07mcWzPDxhBKhwtZLgrPPX37uU1m root@mtestiv.zulutrade.local' > /home/almalinux/.ssh/authorized_keys
chmod 600 /home/almalinux/.ssh/authorized_keys
chown -R almalinux:almalinux /home/almalinux/.ssh
echo 'almalinux ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/almalinux
chmod 440 /etc/sudoers.d/almalinux
yum -y update
%end
# Reboot when the install is finished.
reboot
Step 3: Create the Ansible Playbook
When the installation of the operating system has finished, the build of the ansible provisioner is starting. In almalinux_template.pkr.hcl we have assigned the local path of playbook.yml file to playbook_file variable. If you do not provide a user to ansible, it will use the user associated with your builder, almalinux in this case, not the user running Packer.
In order for Ansible to connect properly to the new VM, I have added the use_proxy=flase flag in ansible provisioner. Also I have added the private key for the SSH comunicator user in almalinux_template.pkr.hcl file.
I have created a private and public key for user almalinux in the current directory, and I have given the name of private key to ssh_private_key_file flag.
Below is a simple playbook that makes an update of all packages and setup some new packages like nano, nmap and wget.
# playbook.yml
---
- name: Install additional packages and start nginx
hosts: all
become: true
tasks:
- name: Install packages
yum:
name: ["nginx", "git"]
state: present
- name: Enable and start Nginx
service:
name: nginx
state: started
enabled: trueStep 4: Build the VM
1. Firstly we run the packer init command to setup the required plugins.
# packer init .
Installed plugin github.com/hashicorp/vsphere v1.4.2 in "/root/.config/packer/plugins/github.com/hashicorp/vsphere/packer-plugin-vsphere_v1.4.2_x5.0_linux_amd64"
Installed plugin github.com/hashicorp/ansible v1.1.2 in "/root/.config/packer/plugins/github.com/hashicorp/ansible/packer-plugin-ansible_v1.1.2_x5.0_linux_amd64"Then run the packer build command.
$ packer build .2. During the build process, the ISO will boot, install AlmaLinux using the Kickstart file, and execute the Ansible playbook.
3. Once completed, the VM will shutdown. This is the normal process for the Packer. We can boot the VM in order to use it or we can add the convert_to_template: true parameter to convert it to a template in order to make clones from it.
Bellow is the output of the packer command.
# packer build .
vsphere-iso.almalinux: output will be in this color.
==> vsphere-iso.almalinux: Creating virtual machine...
==> vsphere-iso.almalinux: Customizing hardware...
==> vsphere-iso.almalinux: Mounting ISO images...
==> vsphere-iso.almalinux: Adding configuration parameters...
==> vsphere-iso.almalinux: Starting HTTP server on port 8444
==> vsphere-iso.almalinux: Setting temporary boot order...
==> vsphere-iso.almalinux: Powering on virtual machine...
==> vsphere-iso.almalinux: Waiting 3s for boot...
==> vsphere-iso.almalinux: Serving HTTP requests at http://10.3.5.20:8444/.
==> vsphere-iso.almalinux: Typing boot command...
==> vsphere-iso.almalinux: Waiting for IP...
==> vsphere-iso.almalinux: IP address: 10.3.2.5
==> vsphere-iso.almalinux: Using SSH communicator to connect: 10.3.2.5
==> vsphere-iso.almalinux: Waiting for SSH to become available...
==> vsphere-iso.almalinux: Connected to SSH!
==> vsphere-iso.almalinux: Provisioning with Ansible...
vsphere-iso.almalinux: Not using Proxy adapter for Ansible run:
vsphere-iso.almalinux: Using ssh keys from Packer communicator...
==> vsphere-iso.almalinux: Executing Ansible: ansible-playbook -e packer_build_name="almalinux" -e packer_builder_type=vsphere-iso -e packer_http_addr=10.3.5.20:8444 --ssh-extra-args '-o IdentitiesOnly=yes' -e ansible_ssh_private_key_file=almalinux_ed25519 -i /tmp/packer-provisioner-ansible2737930965 /root/almalinux-vm-setup/ansible/playbook.yml
vsphere-iso.almalinux:
vsphere-iso.almalinux: PLAY [Install inst] ************************************************************
vsphere-iso.almalinux:
vsphere-iso.almalinux: TASK [Gathering Facts] *********************************************************
vsphere-iso.almalinux: ok: [default]
vsphere-iso.almalinux:
vsphere-iso.almalinux: TASK [Update yum cache] ********************************************************
vsphere-iso.almalinux: ok: [default]
vsphere-iso.almalinux:
vsphere-iso.almalinux: TASK [Install epel repo] *******************************************************
vsphere-iso.almalinux: changed: [default]
vsphere-iso.almalinux:
vsphere-iso.almalinux: TASK [Upgrade all packages] ****************************************************
vsphere-iso.almalinux: changed: [default]
vsphere-iso.almalinux:
vsphere-iso.almalinux: TASK [Install new packages for AlmaLinux 9] ************************************
vsphere-iso.almalinux: changed: [default]
vsphere-iso.almalinux:
vsphere-iso.almalinux: PLAY RECAP *********************************************************************
vsphere-iso.almalinux: default : ok=5 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
vsphere-iso.almalinux:
==> vsphere-iso.almalinux: Shutting down virtual machine...
==> vsphere-iso.almalinux: Deleting floppy drives...
==> vsphere-iso.almalinux: Ejecting CD-ROM media...
==> vsphere-iso.almalinux: Clearing boot order...
vsphere-iso.almalinux: Closing sessions ....
Build 'vsphere-iso.almalinux' finished after 16 minutes 44 seconds.
==> Wait completed after 16 minutes 44 seconds
==> Builds finished. The artifacts of successful builds are:
--> vsphere-iso.almalinux: Alma