我想实现以下目标:
麻烦开始于从S3存储桶中提取文件,在这里我需要设置变量以使bash脚本连接到AWS并传输提到的文件。
以下是打包程序代码:
{
"variables": {
"aws_access_key": "{{env `AWS_ACCESS_KEY_ID`}}",
"aws_secret_key": "{{env `AWS_SECRET_ACCESS_KEY`}}",
"aws_default_region": "{{env `AWS_DEFAULT_REGION`}}",
"aws_source_ami": "{{env `AWS_SOURCE_AMI`}}",
"aws_ssh_user": "{{env `AWS_SSH_USER`}}",
"script_aws_access": "{{env `SCRIPT_AWS_ACCESS_KEY`}}",
"script_aws_secret_access": "{{env `SCRIPT_AWS_SECRET_ACCESS_KEY`}}"
},
"builders": [
{
"type": "amazon-ebs",
"access_key": "{{user `aws_access_key`}}",
"secret_key": "{{user `aws_secret_key`}}",
"region": "eu-west-1",
"vpc_id": "vpc-0816d88cdecb1438a",
"subnet_id": "subnet-07e30b1ad80f0c4a8",
"security_group_id": "sg-098ff42f1bdaf7183",
"associate_public_ip_address": "true",
"instance_type": "t2.micro",
"ami_name": "myLinuxPackerImage",
"source_ami": "ami-0ff760d16d9497662",
"ssh_username": "{{user `aws_ssh_user`}}"
}
],
"provisioners": [
{
"type": "file",
"source": "./welcome.txt",
"destination": "/home/centos/"
},
{
"type": "shell",
"inline":[
"ls -al /home/centos",
"cat /home/centos/welcome.txt",
"sleep 30",
"sudo yum update -y"
]
},
{
"type": "shell",
"script": "./example.sh",
"environment_vars": [
"AWS_ACCESS_KEY={{user `script_aws_access`}}",
"AWS_SECRET_ACCESS_KEY={{user `script_aws_secret_access`}}"
],
"pause_before": "10s"
}
]
}
环境变量:
export AWS_ACCESS_KEY_ID="mykey"
export AWS_SECRET_ACCESS_KEY="mysecret"
export AWS_DEFAULT_REGION="eu-west-1"
export AWS_SOURCE_AMI="ami-0ff760d16d9497662"
export AWS_SSH_USER="centos"
export SCRIPT_AWS_ACCESS_KEY="my-SCRIPT-key"
export SCRIPT_AWS_SECRET_ACCESS_KEY="my-secret-SCRIPT-key"
供应商的实际bash脚本(example.sh):
#!/bin/bash
AWS_ACCESS_KEY=${1}
AWS_SECRET_ACCESS_KEY=${2}
sudo yum install epel-release -y
sudo yum install nano wget htop telnet strongswan quagga iptables-services iptables python-pip -y
sudo systemctl stop firewalld && systemctl disable firewalld
sudo systemctl enable iptables && systemctl start iptables
sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc
sh -c 'echo -e "[azure-cli]\nname=Azure CLI\nbaseurl=https://packages.microsoft.com/yumrepos/azure-cli\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" > /etc/yum.repos.d/azure-cli.repo'
sudo yum install azure-cli -y
sudo yum update -y && easy_install pip
sudo pip install awscli
sudo yum install keepalived -y && sudo systemctl enable keepalived
sudo useradd keepalived_script
export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY
export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
export AWS_DEFAULT_REGION=eu-west-1
# Copy BGPD files
aws s3 cp --recursive s3://<s3-url>/azure_vpn_server_primary/quagga/ /etc/quagga/
#Copy StrongSwan files
aws s3 cp --recursive s3://<s3-url>/azure_vpn_server_primary/strongswan/ /etc/strongswan/
# In Azure, the instance should have IP Forwarding enabled on its network interface
# Copy keepalived files
aws s3 cp --recursive s3://<s3-url>/azure_vpn_server_primary/keepalived/ /etc/keepalived/
错误:
amazon-ebs: Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
amazon-ebs: fatal error: An error occurred (AuthorizationHeaderMalformed) when calling the ListObjectsV2 operation: The authorization header is malformed; a non-empty Access Key (AKID) must be provided in the credential.
amazon-ebs: fatal error: An error occurred (AuthorizationHeaderMalformed) when calling the ListObjectsV2 operation: The authorization header is malformed; a non-empty Access Key (AKID) must be provided in the credential.
答案 0 :(得分:1)
找到解决方案。
已删除>
AWS_ACCESS_KEY = $ {1} AWS_SECRET_ACCESS_KEY = $ {2}
来自bash脚本。 现在工作!