我愿与Ansible的帮助下创建和提供Amazon EC2的机器。现在,我得到以下错误:
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "Instance creation failed => InvalidKeyPair.NotFound: The key pair '~/.keys/EC2-Kibi-Enterprise-Deployment.pem' does not exist"}
但.PEM项是否存在:
$ ls -lh ~/.keys/EC2-Kibi-Enterprise-Deployment.pem
-r-------- 1 sergey sergey 1.7K Apr 6 09:56 /home/sergey/.keys/EC2-Kibi-Enterprise-Deployment.pem
而且它是在欧盟(爱尔兰)区创建。
这里是我的剧本:
--
- name: Setup servers on Amazon EC2 machines
hosts: localhost
gather_facts: no
tasks:
- include_vars: group_vars/all/ec2_vars.yml
### Create Amazon EC2 instances
- name: Amazon EC2 | Create instances
ec2:
count: "{{ count }}"
key_name: "{{ key }}"
region: "{{ region }}"
zone: "{{ zone }}"
group: "{{ group }}"
instance_type: "{{ machine }}"
image: "{{ image }}"
wait: true
wait_timeout: 500
#vpc_subnet_id: "{{ subnet }}"
#assign_public_ip: yes
register: ec2
- name: Amazon EC2 | Wait for SSH to come up
wait_for:
host: "{{ item.public_ip }}"
port: 22
delay: 10
timeout: 60
state: started
with_items: "{{ ec2.instances }}"
- name: Amazon EC2 | Add hosts to the kibi_servers in-memory inventory group
add_host: hostname={{ item.public_ip }} groupname=kibi_servers
with_items: "{{ ec2.instances }}"
### END
### Provision roles
- name: Amazon EC2 | Provision new instances
hosts: kibi_servers
become: yes
roles:
- common
- java
- elasticsearch
- logstash
- nginx
- kibi
- supervisor
### END
而我var文件:
count: 2
region: eu-west-1
zone: eu-west-1a
group: default
image: ami-d1ec01a6
machine: t2.medium
subnet: subnet-3a2aa952
key: ~/.keys/EC2-Kibi-Enterprise-Deployment.pem
什么是错在这里.pem文件?
对于key
的ec2 module参数寻找那已被上传到AWS,不是本地密钥的密钥对名称。
如果你想获得Ansible上传您可以使用ec2_key module公钥。
所以,你的剧本是这样的:
--
- name: Setup servers on Amazon EC2 machines
hosts: localhost
gather_facts: no
tasks:
- include_vars: group_vars/all/ec2_vars.yml
### Create Amazon EC2 key pair
- name: Amazon EC2 | Create Key Pair
ec2_key:
name: "{{ key_name }}"
region: "{{ region }}"
key_material: "{{ item }}"
with_file: /path/to/public_key.id_rsa.pub
### Create Amazon EC2 instances
- name: Amazon EC2 | Create instances
ec2:
count: "{{ count }}"
key_name: "{{ key_name }}"
...
该解决方案已被发现。当你把一个完整路径的.pem密钥文件EC2不喜欢。
所以,我搬到EC2-Kibi-Enterprise-Deployment.pem
到~/.ssh
,把它添加到使用ssh-add
认证代理:
ssh-add ~/.ssh/EC2-Kibi-Enterprise-Deployment.pem
并纠正了重点线,我var文件到
key: EC2-Kibi-Enterprise-Deployment.pem
同样的,如果你使用EC2 CLI工具,不指定完整路径的密钥文件。
ec2-run-instances ami-d1ec01a6 -t t2.medium --region eu-west-1 --key EC2-Kibi-Enterprise-Deployment.pem
不要指定扩展的关键。这样关键的名称应该是“EC2-吉备-企业部署”而已。 Ansible不关心,如果你的关键是你的本地计算机上,在这个阶段。它验证,如果它存在于您的AWS账户。转到“EC2>密钥对”一节中您的AWS帐号,你会看到键没有文件扩展名上市。