Book Image

HashiCorp Packer in Production

By : John Boero
Book Image

HashiCorp Packer in Production

By: John Boero

Overview of this book

Creating machine images can be time-consuming and error-prone when done manually. HashiCorp Packer enables you to automate this process by defining the configuration in a simple, declarative syntax. This configuration is then used to create machine images for multiple environments and cloud providers. The book begins by showing you how to create your first manifest while helping you understand the available components. You’ll then configure the most common built-in builder options for Packer and use runtime provisioners to reconfigure a source image for desired tasks. You’ll also learn how to control logging for troubleshooting errors in complex builds and explore monitoring options for multiple logs at once. As you advance, you’ll build on your initial manifest for a local application that’ll easily migrate to another builder or cloud. The chapters also help you get to grips with basic container image options in different formats while scaling large builds in production. Finally, you’ll develop a life cycle and retention policy for images, automate packer builds, and protect your production environment from nefarious plugins. By the end of this book, you’ll be equipped to smoothen collaboration and reduce the risk of errors by creating machine images consistently and automatically based on your defined configuration.
Table of Contents (18 chapters)
1
Part 1: Packer’s Beginnings
7
Part 2: Managing Large Environments
11
Part 3: Advanced Customized Packer

Managing the Image Lifecycle

In the previous chapter, we covered compression and strategies for minimizing image storage requirements and producing small lean images. Remember that compression, image layering, and container images can be used to save costs on storage for large image libraries. Storing container images as raw archives is highly inefficient and negates the deduplication advantage of container image layers. At some point, it makes the most sense to retire and decommission images altogether. Implementing a standard lifecycle management strategy can save storage waste with older unused image builds and also prevent old unpatched images and artifacts from being deployed in your environments, which might pose security risks. The final stage of lifecycle management is often the most important and involves ensuring no existing systems continue to use decommissioned images.

First, we need to establish some basics of image lifecycle management.

Figure 9.1 – Image lifecycle from release to deprecation

Figure...