Azure VM Image Builder is a new tool for Microsoft’s cloud that lets you provision ISO or Azure Marketplace images with your own customizations, like security settings or installed software.
Again, I’m talking Linux in today’s Ask the Admin. Not because I’ve moved over to the dark side but because Microsoft says Azure VM Image Builder will be made available for Windows Server at some point in the future, so it’s interesting to talk about it today. And let’s face it, Linux is everywhere and in many cases it is the best choice.
Until now, if you wanted to customize an image deployed to a virtual machine in the Azure cloud, you’d have to perform some post processing to make any changes. As I’ve showed you on Petri before, there are several ways of doing that, including Azure Automation DSC and Azure infrastructure-as-a-service JSON templates, or plain old PowerShell after the fact. None of these solutions are ideal however. Either because they are Windows-centric or don’t integrate properly into an image building pipeline. Azure Resource Manager (ARM) JSON templates come somewhere close, but it’s unique to Azure and is far from a simple exercise.
For more information on Azure Automation DSC, see Introduction to Azure Automation Desired State Configuration and Getting Started with Azure Automation Desired State Configuration on the Petri IT Knowledgebase. And here is the first part of my series on deploying Active Directory with Certificate Services in Azure using infrastructure-as-code.
Back in September, Microsoft announced a private preview of Azure VM Image Builder, which you can register for here. Image Builder lets you provision Ubuntu 16.04 or 18.04 ISO or Marketplace images and then customize them using your own shell scripts without requiring any additional infrastructure or setup in the cloud. Image Builder is based on HashiCorp Packer, so you can also import existing Packer scripts. Once customizations have been specified, you choose where to store the image, either in an Azure Image Shared Gallery or as an Azure Managed Image.
In the preview, Microsoft is supporting the following features:
If you have an existing tool for building images, you can call the Image Builder API to integrate into your current process. During the preview, Microsoft isn’t supporting updating of existing custom images, but it is on the roadmap. And apart from the need to pay for any storage you use, Image Builder is free for the duration of the preview.
Microsoft has based Azure VM Image Builder on HashiCorp Packer, which is an open source tool for creating identical images on different cloud platforms, meaning Packer scripts work on Azure as well as they do on Amazon. Packer uses Builders, Provisioners, and Post-Processors to create and provision custom images. Builders deploy images on different cloud platforms, like Azure and OpenStack. Provisioners configure VMs after they have booted, performing tasks like installing packages, patching the kernel, and creating users. A Provisioner might be a built-in technology, like PowerShell in the case of Windows Server, or a third-party tool like Puppet. Post-processors are optional and can be used to upload artifacts, re-package, or perform other tasks.
Simplifying image customization and integrating an open source solution is a good move on Microsoft’s part. While Image Builder is unlikely to be a free service once it reaches general availability, it looks like it will be easier to use than trying to deploy and configure VMs using ARM templates. As soon as support for Windows Server is added, I will provide a more detailed look at Image Builder on Petri.