Packer — Automated Machine Image Building for Any Platform

Introduction

Packer is the industry-standard tool for baking machine images — the "golden image" approach of immutable infrastructure. Define an image once, and Packer produces consistent output on AWS, GCP, Azure, VMware, Docker, and more. It's the tool behind most production AMI pipelines.

With over 15,000 GitHub stars, Packer is part of the HashiCorp suite (Terraform, Vault, Consul, Nomad). It's used to build AMIs/VHDs for Terraform to deploy, CI base images for Jenkins/GitHub Actions, and Kubernetes node images.

What Packer Does

Packer reads an HCL (or JSON) template that defines sources (what base OS/platform), provisioners (how to configure it — shell, Ansible, Chef, Puppet, PowerShell), and post-processors (tag, upload, compress). It spins up a temporary instance, provisions it, snapshots it, and cleans up — producing a portable image.

Architecture Overview

Template (.pkr.hcl)
    |
  [Parser + Plugin Loader]
    |
  +-------+-------+
  |       |       |
[Sources]     [Builders]
 AWS EBS, AWS EBS
 GCE, Azure,  Docker, Azure,
 Docker, VMware, Vagrant,
 QEMU, Proxmox, ...
    |
[Temporary build instance]
    |
  [Provisioners]
   shell / Ansible / Chef / Puppet / file / Salt / PowerShell
    |
  [Snapshot / Image]
    |
  [Post-processors]
   vagrant / compress / manifest / googlecompute-import / docker-push
    |
  Output image(s)

Self-Hosting & Configuration

# Multi-cloud build: same app, output AMI + GCE image + Docker image
source "amazon-ebs" "web" {
  ami_name = "web-{{timestamp}}"
  region   = "us-east-1"
  # ... config
}

source "googlecompute" "web" {
  project_id = "my-project"
  image_name = "web-{{timestamp}}"
  zone       = "us-central1-a"
  source_image_family = "ubuntu-2204-lts"
}

source "docker" "web" {
  image   = "ubuntu:22.04"
  commit  = true
  changes = ["CMD ["nginx","-g","daemon off;"]"]
}

build {
  sources = [
    "source.amazon-ebs.web",
    "source.googlecompute.web",
    "source.docker.web",
  ]

  provisioner "ansible" {
    playbook_file = "./provision/site.yml"
  }

  post-processor "manifest" {
    output = "manifest.json"
  }
}

Key Features

• Multi-cloud — one template, many output images
• HCL templates — shared syntax with Terraform
• Any provisioner — shell, Ansible, Chef, Puppet, Salt, PowerShell, files
• Parallel builds — produce multiple images simultaneously
• Post-processors — tagging, compression, uploading, manifest generation
• Plugins — large ecosystem; build for Proxmox, VMware, Hyper-V, Vagrant
• Immutable infra — images are snapshots, deploys just swap them
• HCP integration — optional HCP Packer registry for image governance

Comparison with Similar Tools

FAQ

Q: Why Packer instead of just docker build? A: Docker is great for containers. Packer builds VM images and disk snapshots for long-running workloads (EC2, VMware, bare metal) where containers aren't the target. Many teams use both — containers via Docker, VM base images via Packer.

Q: Packer vs EC2 Image Builder? A: Image Builder is AWS-only and pipeline-focused. Packer is multi-cloud and template-focused. For AWS-only shops with simple needs, Image Builder's managed pipelines can be easier. For multi-cloud, Packer wins.

Q: How does Packer relate to Terraform? A: Packer builds images, Terraform deploys infrastructure using those images. Typical pipeline: Packer produces a new AMI tagged with version; Terraform's data source picks up that AMI and launches instances.

Q: Can Packer run without HashiCorp Cloud Platform? A: Yes. Packer is fully open source and runs locally or in CI. HCP Packer (the registry) is optional and adds image governance features for teams.

Sources

• GitHub: https://github.com/hashicorp/packer
• Docs: https://packer.io
• Company: HashiCorp
• License: BUSL-1.1