【发布时间】:2018-04-04 11:32:36
【问题描述】:
Terraform 新手,我正在尝试在创建实例后将节点引导至主厨。
这是文件:
resource "aws_instance" "jenkinsNode" {
provisioner "remote-exec" {
connection {
user = "ubuntu"
private_key = "${file("~/key/mykey.pem")}"
host = "${aws_instance.jenkinsNode.public_ip}"
}
inline = [
"sudo mkdir -p /etc/chef/trusted_certs",
"sudo curl --silent --show-error --retry 3 --location --output
\"/etc/chef/trusted_certs/opsworks-cm-ca-2016-root.pem\"
\"https://opsworks-cm-us-assets.s3.amazonaws.com/misc/opsworks-cm-ca-2016-root.pem\""
]
}
provisioner "chef" {
environment = "_default"
run_list = ["android-aws-nodes::updateAndroidSdk"]
node_name = "jenkinsNodeOnDemandUpdate"
secret_key = "${file("~/chef/mobile-chef-aws/.chef/private.pem")}"
server_url = "https://my-opsworks-server.io/organizations/default"
recreate_client = true
user_name = "delivery"
user_key = "${file("~/chef/mobile-chef-aws/.chef/private.pem")}"
version = "12.8.1"
}
connection {
user = "ubuntu"
private_key = "${file("~/key/jenkins-main.pem")}"
}
count = 1
instance_type = "c4.8xlarge"
ami = "ami-0000000"
key_name = "mykey"
subnet_id = "subnet-00000000"
vpc_security_group_ids = ["sg-00000000"]
}
我在尝试应用上述代码时运行时收到以下错误。我连接并启动了引导过程,但它一直抱怨它找不到私有的(我相信它是在运行“客户端创建”时创建的。我 ssh 进入了实例,但我没有看到 ubuntu.pem /etc/chef/ 目录:
已更新 aws_instance.jenkinsNode(厨师):错误:无法通过密钥 /etc/chef/delivery.pem 验证 https://mobile-b9oer25dyrts1qor.us-east-1.opsworks-cm.io/organizations/default/ 作为交付 aws_instance.jenkinsNode(厨师):响应:用户或客户端“交付”的签名无效 aws_instance.jenkinsNode(厨师):清理用户密钥...
Error applying plan:
1 error(s) occurred:
* aws_instance.jenkinsNode: 1 error(s) occurred:
* Command "sudo knife client create jenkinsNodeOnDemandUpdate -d -f /etc/chef/client.pem -c /etc/chef/client.rb -u ubuntu --key /etc/chef/ubuntu.pem" exited with non-zero exit status: 100
【问题讨论】:
标签: amazon-web-services chef-infra terraform aws-opsworks