fix relying on cinder attachment deletion

[felixhuettner]

Previously the rough flow of building an image was as follows (if using a volume):

1. create a volume
2. create a server
3. do things on the server
4. send a detach call for the volume to cinder
5. upload the volume as an image
6. delete the server

However in step 4 the volume was never actually detached from the server. Using this call cinder just thought that the volume is now detached. In 1 this functionallity was removed from cinder as a security vulnerability. Now such call can only be made from nova (or if the server is already deleted).

In order for packer to still work we need to actually detach the volume from the server. As it is the root volume this is only possible if we delete the server.

So if we use a blockstorage backend we now delete the server before uploading the volume. If we do not use a blockstorage backend then the logic is not altered.

[hashicorp-cla]

All committers have signed the CLA.

[paulojmdias]

Any news on this? We are hitting this issue

[MuriloKomirchuk]

We're also being impacted by this and really need this fix.

Thanks.

[lbajolet-hashicorp]

Hi @felixhuettner,

Sorry for letting this one open for so long, I just reviewed the code, and it looks good to me, thanks for the contribution!

I just left one comment regarding the code to delete the server, since it's functionally equivalent to the code in another step, I believe we can factorise this, but no stress if that's complex, we can merge this as-is I think.

Let me know if you can make it work by factorising this part, and I'll revisit this PR then.

I'm pre-approving this PR in the meantime.

Thanks again!

[lbajolet-hashicorp]

Hi @felixhuettner,

Thanks for rerolling this so quickly, much appreciated.

With the factorised code, this looks ripe for merging in my opinion, I'll do this now, thanks again for the PR!