Building a bakery of Windows servers with Packer - London WinOps


Nobody likes patching servers. Specially not Windows servers. And the problem becomes even worse with hybrid infrastructures where you have servers running both in AWS and in a datacenter.

Packer is a tool for creating machine and container images for multiple platforms from a single source configuration.

In this session we will talk about how we are trying to sort this problem at Wonga, using Packer to create a bakery of Windows servers which allows us to build up-to-date AMIs and VMWare templates from the same set of provisioning scripts.

  1. 1. BUILDING AN IMAGE BAKERY WITH PACKER.IO Ricard Clau - London WinOps - February 2016
  2. 2. PROBLEMSTRIEDTO SOLVE • Need to automate creation of servers both Windows (2008 & 2012) and Linux (mostly Ubuntu 14.04) • Hybrid infrastructure AWS / Datacenter • Provisioning tools work well but a reliable and reproducible common initial state is useful
  4. 4. EXTRA BENEFITS • Massive boost at spinning servers • Easy to share provisioning scripts • Easier to understand than Chef / Puppet / Ansible (different domain) • Works on Windows, Mac and Linux! • Significantly reduce manual patching
  5. 5. NO MORE PATCHING??? • You should create stateless applications so that replacing servers by patched ones is not an issue • Subscribe to these 2 AWS SNS topics: • arn:aws:sns:us-east-1:801119661308:ec2-windows-ami-update • arn:aws:sns:us-east-1:801119661308:ec2-windows-ami-private • In VMWare, you can start from updated ISOs or other existingVMWare machines
  6. 6. AWS EBS BUILDER • Start from an existing patched AMI • Initial userdata to allow WinRM and remote PS • Packer can retrieve the random Admin password! • Provision your box (and tag your final AMI) • Sysprep to allow new userdata in EC2 instances
  9. 9. VMWARE BUILDER (I) • Start from an ISO or an existingVMWare box • autounattend.xml files to automate installation, Administrator password, initial PowerShell and WinRM config, Power plan… • You can add other initial provisioning scripts (before 1st reboot) in the floppy_files array
  10. 10. VMWARE BUILDER (II) • You need to install VMWare Fusion (MacOSx) or Workstation (Linux / Windows) • disk_type_id for differentVMDK options • After reboot, you can use the same provisioners we had in the AWS builder
  12. 12. WONGA BAKERY MODEL Automation Team Development Team
  13. 13. STILL ITERATING • Feedback from different dev teams • Spawn scripts / more automation around the bakery • Add some CI/CD tools around it • Using generated AMIs /VMWare boxes in a Terraform setup • Trying to find out the best way to generate and use the VMWare images in the datacenter
  14. 14. GIVE PACKER ATRY! • Before 2016, I had never written any PS • I had never used Packer before either • In fact, I did not even know all this was possible! • We produced working images in a week spike!
  15. 15. SPECIALTHANKS • Mitchell Hashimoto for building Packer and the rest of the HashiCorp stack • Andrew Hardie for his talk “Don't go Packer in anger” at London DevOps last October • Peter Mounce for sharing his experiences automating Windows at Just Eat
  16. 16. BTW… INCIDENTALLY • We are hiring, like everybody else :) • Does the HashiCorp toolset sound interesting? • Do you like automating all-the-things? • Do you want to work with us in these offices?
  17. 17. QUESTIONS? • Twitter: @ricardclau • E-mail: • Github: demos