我无法通过私人aws密钥对连接到terraform的ssh进行厨师配置 - 错误看起来只是一个超时:
aws_instance.app (chef): Connecting to remote host via SSH...
aws_instance.app (chef): Host: 96.175.120.236:32:
aws_instance.app (chef): User: ubuntu
aws_instance.app (chef): Password: false
aws_instance.app (chef): Private key: true
aws_instance.app (chef): SSH Agent: true
aws_instance.app: Still creating... (5m30s elapsed)
Error applying plan:
1 error(s) occurred:
* dial tcp 96.175.120.236:32: i/o timeout
Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.
这是我的terraform计划 - 请注意ssh设置.. key_name设置设置为我的AWS密钥对名称,ssh_for_chef.pem是私钥
variable "AWS_ACCESS_KEY" {}
variable "AWS_SECRET_KEY" {}
provider "aws" {
region = "us-east-1"
access_key = "${var.AWS_ACCESS_KEY}"
secret_key = "${var.AWS_SECRET_KEY}"
}
resource "aws_instance" "app" {
ami = "ami-88aa1ce0"
count = "1"
instance_type = "t1.micro"
key_name = "ssh_for_chef"
security_groups = ["sg-c43490e1"]
subnet_id = "subnet-75dd96e2"
associate_public_ip_address = true
provisioner "chef" {
server_url = "https://api.chef.io/organizations/xxxxxxx"
validation_client_name = "xxxxxxx-validator"
validation_key = "/home/user01/Documents/Devel/chef-repo/.chef/xxxxxxxx-validator.pem"
node_name = "dubba_u_7"
run_list = [ "motd_rhel" ]
user_name = "user01"
user_key = "/home/user01/Documents/Devel/chef-repo/.chef/user01.pem"
ssl_verify_mode = "false"
}
connection {
type = "ssh"
user = "ubuntu"
private_key = "${file("/home/user01/Documents/Devel/ssh_for_chef.pem")}"
}
}
有任何想法吗?
1 回答
我'm not sure if we had the same problem, since you didn' t指定您是否能够ssh到实例 .
就我而言,我在VPC中运行terraform,并且允许与安全组 Build 连接,这些安全组不能与公共IP一起使用 .
解决方案很简单(但你必须使用terraform v.0.8.0的新条件插值) -
定义此变量 -
variable use_public_ip { default = true }然后,在Chef配置器的连接部分内,添加以下行 -
host = "${var.use_public_ip ? aws_instance.instance.public_ip : aws_instance.instance.private_ip}"如果要使用公共IP,请将变量设置为true,否则将其设置为false .
我用它来做aws -
connection { user = "ubuntu" host = "${var.use_public_ip ? aws_instance.instance.public_ip : aws_instance.instance.private_ip}"," }