AWS Cloudformation:创建了cli creds文件,但在以后的configsets中找不到

时间:2016-05-04 03:57:43

标签: ruby amazon-web-services amazon-ec2 chef amazon-cloudformation

我有一个AWS Cloudformation模板,除其他外,它以Metadata configsets的形式创建一个公共EC2实例,其中包含一些AWS::Cloudformation::Init。运行时,这些配置集旨在1)安装chef-solo,2)在credentials中创建AWS /home/ec2-user/.aws/credentials文件,3)使用带有aws cli的2)中的凭据从AWS S3检索厨师食谱,4)运行食谱。

3)之前,一切正常。这打破了,根据cfn-init日志,问题是无法找到aws cli的凭据。但是,步骤2)成功完成,当我手动登录服务器时,我可以在正确的位置看到credentials文件,并从提示符中成功运行aws s3命令(相同的那些命令)应该作为模板的一部分自动运行。

以下是日志中的错误:

2016-05-04 04:03:14,950 P2482 [INFO] Command 2_fetch-cookbook
2016-05-04 04:03:15,977 P2482 [INFO] -----------------------Command Output-----------------------
2016-05-04 04:03:15,977 P2482 [INFO]    Unable to locate credentials
2016-05-04 04:03:15,977 P2482 [INFO]    Completed 1 part(s) with ... file(s) remaining

...这是我登录时的样子:

ec2-user@ip-10-0-1-243 ~]$ ls .aws
credentials
[ec2-user@ip-10-0-1-243 ~]$ aws s3 ls s3://my-bucket
2016-05-04 00:27:43      41472 kitchen.tar.gz

我已经花了很长一段时间摆弄这个并且似乎无法得到它,所以我希望这里的某个人能够提供帮助。 =)您可以在下面找到EC2实例的相关代码。请注意,我必须在安装sudo su之前使用chef-solo,因为该脚本会下载并解压缩rpm。然后我切换回ec2-user以获取其他所有内容。

"EC2Instance" : {
  "Type" : "AWS::EC2::Instance",
  "Description" : "EC2 Instance",
  "Metadata" : {
    "AWS::CloudFormation::Init" : {
      "configSets" : {
        "Setup" : [ "InstallChef", "SetAWSCreds", "Cook" ]
      },

      "InstallChef" : {
        "commands" : {
          "1_sudo" : {
            "command" : "sudo su"
          },
          "2_install-chef" : {
            "cw": "/home/ec2-user",
            "command" : "curl -L https://www.opscode.com/chef/install.sh | bash"
          },
          "3_su" : {
            "command" : "su ec2-user"
          }
        }
      },

      "SetAWSCreds" : {
        "files" : {
          "/home/ec2-user/.aws/credentials" : {
            "content" : { "Fn::Join" : [ "", [
              "[default]\n",
              "aws_access_key_id = ",
              { "Ref" : "AwsAccessKeyId" },
              "\n",
              "aws_secret_access_key = ",
              { "Ref" : "AwsSecretAccessKey" },
              "\n"
            ]]},
            "owner" : "ec2-user",
            "group" : "ec2-user"
          }
        }
      },

      "Cook" : {
        "commands" : {
          "1_ensure_ec2-user" : {
            "command" : "su ec2-user"
          },
          "2_fetch-cookbook" : {
            "cw" : "/home/ec2-user",
            "command" : "aws s3 cp s3://my-bucket/kitchen.tar.gz ."
          },
          "3_unzip-cookbook" : {
            "cw" : "/home/ec2-user",
            "command" : "tar xvf kitchen.tar.gz"
          },
          "4_cook" : {
            "cw" : "/home/ec2-user/kitchen",
            "command" : "sudo chef-solo -c solo.rb -j web.json"
          }
        }
      }
    }
  },
  "Properties" : {
    "ImageId" : "ami-08111162",
    "KeyName" : { "Ref" : "KeyPairName" },
    "InstanceType" : "t2.micro",
    "SubnetId" : { "Ref" : "PublicSubnet" },
    "SecurityGroupIds" : [ { "Ref" : "SecurityGroup" } ],
    "UserData" : {
      "Fn::Base64" : {
        "Fn::Join" : ["", [
          "#!/bin/bash -xe\n",

          "/opt/aws/bin/cfn-init -s ", { "Ref" : "AWS::StackName" },
          "                      -r EC2Instance",
          "                      -c Setup"
        ]]
      }
    }
  }

0 个答案:

没有答案
相关问题
最新问题